49th week of 2008 patent applcation highlights part 66 |
Patent application number | Title | Published |
20080301719 | Mapping Of Dynamic Link Libraries In Computing Devices - A remapping component is provided for facilitating a link between an executable and a function held in a new dynamic link library (DLL) in a computing device. The remapping component is provided with a relocation instruction arranged to update, upon loading, an export data table entry for the remapping component with the address location of the function in the new dynamic link library. In this way, the executable, when calling for the function at an address location in a known DLL, will automatically jump to the address location for the function in the new DLL. The additional subroutines usually associated with remapping DLLs can therefore be avoided, providing improved operation for the computing device. | 2008-12-04 |
20080301720 | Disc Drive - There is provided a disc drive by which the fluid loss of a disc is reduced and the electric power consumption of a spindle motor can be decreased. In the disc drive according to the present invention, a rotation load reducing member is provided between a top cover and the disc. The rotation load reducing member is movably supported by a clearance adjustment member. While the disc is rotating, the rotation load reducing member is moved in the direction approaching the disc. Thereby, the thickness of an air layer on the upper surface of the disc is decreased. | 2008-12-04 |
20080301721 | INFORMATION PROCESSING APPARATUS AND CONTROL METHOD OF INFORMATION PROCESSING DEVICE - According to one embodiment, a control method of an information processing device, includes measuring a movement amount of a body with a sensor, invalidating an operation of a switch which ejects an optical disc held in an optical disc drive, in a case where the movement amount of the body is a threshold value V1 or more, and validating the operation of the switch in accordance with a measured value of the sensor, after invalidating the operation of the switch. | 2008-12-04 |
20080301722 | Disk Apparatus - In a slot-in type disk apparatus, when a disk is inserted into and ejected from the disk apparatus, it is necessary to provide a certain clearance for lowering a spindle motor supported by a traverse base and inserting the disk, but when the disk apparatus is to be reduced in thickness, it is necessary to minimize a distance for vertically moving the traverse base. | 2008-12-04 |
20080301723 | OPTICAL DISC APPARATUS - An optical disc apparatus includes a cam slider with a rack-gear section. The cam slider includes a first sloping surface that is elastically deformed, generating a force for separating the rack-gear section from the cam slider, when receiving a force that acts in the same direction as to eject an optical disc, and a second sloping surface that generates a force for coupling the rack-gear section to the cam slider again, when pressed with a force that acts in the same direction as the rack-gear section separated from the cam slider ejects an optical disc. The cam slider is moved in the direction opposite to the direction in which first and second guide arms transport the optical disc in order to load or eject the optical disc. The cam slider transmits a drive force provided by a loading motor to the first and second guide arms. | 2008-12-04 |
20080301724 | Disk recording and/or reproducing device - A disk recording and/or reproducing device includes a disk tray having a concave disk housing portion for putting in and taking out a disk-like recording medium; a tray housing case supporting the disk tray so as to be movable in a direction in which the disk tray is inserted and ejected; and a disk cover mounted to the tray housing case and covering over the disk housing portion of the disk tray when the disk tray is housed in the tray housing case. The disk cover includes an annular contact portion at an outer periphery thereof, extending outwardly and continuous in a circumferential direction thereof, a dimension of a width of the annular contact portion is larger than that of a thickness of the disk cover, and the annular contact portion is brought into contact with an entire periphery of the disk housing portion of the disk tray. | 2008-12-04 |
20080301725 | Thermally Enhanced Disk Drive - A disk drive data storage system. The system comprises a data storage disk, a movable member positioned near the data storage disk, and a sensor assembly, supported and movable by the movable member, for writing data to and reading data from the data storage disk. The system also comprises an integrated circuit that is electrically coupled to the sensor assembly and that moves with the movable member when the movable member moves the sensor assembly. The integrated circuit comprises a face and a backside, and the integrated circuit is in a fixed physical position relative to the movable member such that the backside is oriented toward the movable member. | 2008-12-04 |
20080301726 | Apparatus for Centering an Information Medium on a Turntable - A turntable for an optical storage drive comprises a fitting member ( | 2008-12-04 |
20080301727 | INTELLIGENT TARGETING OF TAGS IN A BROADCAST NETWORK - A system and associated methodology are disclosed for targeting tags in a broadcast network. The tags may be associated with an ad or programming. In one implementation, the tags to be delivered at a user equipment device are selected at the user equipment device, for example, based on location or other user classification parameters. In this manner, different user equipment devices that are on the same bandwidth segment in the same network subdivision can receive different tags. | 2008-12-04 |
20080301728 | USER INTERFACE FOR THE IMAGE PROCESSING APPARATUS - An image processing apparatus is provided. The image processing apparatus includes a receiver which receives a broadcasting signal of a program corresponding to at least one of a plurality of categories; a UI generator which generates a UI having at least one of a plurality of attributes and capable of being displayed for the program; an image processing unit which performs image processing for the received broadcasting signal; and a controlling unit which controls the UI generator so that the attribute of the program can correspond to the category of the program. | 2008-12-04 |
20080301729 | REMOTE CONTROL FOR DEVICES WITH CONNECTIVITY TO A SERVER DELIVERY PLATFORM - The present invention relates to a remote control ( | 2008-12-04 |
20080301730 | Method and device for TV channel search - A TV channel search method and device is provided, wherein the method comprises (a) snatching screenshots of real time video signals of frequencies to generate snatched screenshots; (b) establishing and storing correspondence relationship of the snatched screenshots and frequencies; (c) providing the snatched screenshots for user selection and obtaining a snatched screenshot selected by the user; and (d) obtaining a frequency corresponding to the snatched screenshot selected by the user based on the correspondence relation of the snatched screenshots and frequencies, and then performing aimed TV channel switch and play. According to the method and device of the invention, the user can quickly and visually search a TV channel independent on EPG information after the correspondence relationship of images and frequencies has been established by snatching screenshots of real time TV pictures, and the method and device is applicable in both analog TV and digital TV. | 2008-12-04 |
20080301731 | Data Processing Apparatus and Data Processing Method - A data processing apparatus for generating a screen image includes an obtaining section ( | 2008-12-04 |
20080301732 | Systems and methods for personalizing an interactive media guidance application - Systems and methods are provided for the personalization of an interactive media guidance application based on recording-related actions performed by at least one of a first user equipment device and a second user equipment device in a media network. For example, a central data system is used to receive information from the first user equipment device indicating a first action associated with recording a program. The central data system is also adapted to receive information from the second user equipment device indicating a second action associated with recording a program. Subsequently, the system generates a profile based on the received information from the first and second user equipment devices and personalizes an interactive media guidance application implemented on the first and second user equipment devices based on the generated profile. | 2008-12-04 |
20080301733 | Method and system for displaying advertisements between schedule listings - In one embodiment, the invention is a system and method for simultaneously displaying advertisements with an electronic program guide (EPG). The system displays television schedule information in rows of schedule information items including the time and channel for at least a portion of the displayed television schedule information items. An advertisement is selected for display from a plurality of advertisements, and the selected advertisement is displayed between two rows of the schedule information items simultaneously with the displayed television schedule information items. | 2008-12-04 |
20080301734 | Method and User Interface for Accessing Media Assets Over a Network - Improved systems and methods to navigate, browse, search and/or playback digital media assets (e.g., media items) hosted on a media server are disclosed. One embodiment pertains to a user interface arrangement, such as a hierarchical menu system, that facilitates navigation, browsing and playing of media items remotely stored on a media server. The user interface arrangement can present and permit navigation of categorized media items. The user interface arrangement can also present and permit navigation of media items related to another media item (such as a media item that has been selected and played). Another embodiment relates to progressive searching of remote media items from a search user interface. The search user interface can, but need not, be part of the user interface arrangement. The user interface arrangement and/or the search user interface can be presented on a display device associated with a client device. In one embodiment, the display device can be a television and the client device can be an electronic apparatus that can couple to the media server via a network. | 2008-12-04 |
20080301735 | USER INTERFACE SCREEN MAGNIFYING GLASS EFFECT - An electronic program guide (EPG) having a magnifying glass effect to enlarge the font size of a portion of the television program data presented in a grid format. The magnifying glass effect options are selected by the user. The magnifying glass effect can be stationary on the screen and have text scroll underneath it or it can be used in conjunction with the highlighting effect so that every highlighted item is magnified. The magnifying glass effect could always be in use, activated by the amount of time a field is highlighted, or activated by user input. | 2008-12-04 |
20080301736 | Method, System and Apparatus for Conveying Personalized Content to a Viewer - According to embodiments of the present invention a method, system and apparatus for conveying personalized content to a viewer is provided. A method for conveying personalized content comprises obtaining an indication of viewer-selected content and receiving an indication of a viewing time by which a target receiver device is required to have received the viewer-selected content. The method further comprises determining a delivery window based on the viewing time and generating a delivery component including the viewer-selected content and an identifier associated with the target receiver device. The method further comprises causing the delivery component to be delivered to the target receiver device during the delivery window. | 2008-12-04 |
20080301737 | SYSTEM AND METHOD FOR PERSONALIZED TELEVISION VIEWING TRIGGERED BY A PORTABLE COMMUNICATION DEVICE - A portable communication device is equipped with a content and/or channel recommendation function that is configured to provide a user with content recommendations for watching a television program. The portable communication device is used as a remote control to control various aspects of the television. In one embodiment, channel recommendations are made based upon the user's mobile activities. Such activities include: web browsing, web searching, multimedia content rendered and/or downloaded on the portable communications device, contact information, and calendar information stored on the portable communication device. In another embodiment, the user may view television programs previously and/or currently being watched by a contact. | 2008-12-04 |
20080301738 | Access of Stored Video From Peer Devices in a Local Network - A method that communicates a request from a first device to a proximally located second device for a movie residing in storage associated with the second device, the request communicated over a communications network, responsive to the request, receives the movie from the second device over the communications network, presents a menu on a screen corresponding to the first device, the menu comprising playback options to enable a user to manipulate playback and rewind of the movie, and responsive to user selection of one of the playback options, presents the movie on the screen. | 2008-12-04 |
20080301739 | Hierarchical User Interface for Accessing Related Media Assets - Improved systems and methods to navigate, browse, search and/or playback digital media assets (e.g., media items) hosted on a media server are disclosed. One embodiment pertains to a user interface arrangement, such as a hierarchical menu system, that facilitates navigation, browsing and playing of media items remotely stored on a media server. The user interface arrangement can present and permit navigation of media items related to another media item (such as a media item that has been selected and played). The user interface arrangement can also present and permit navigation of categorized media items. Another embodiment relates to progressive searching of remote media items from a search user interface. The search user interface can, but need not, be part of the user interface arrangement. The user interface arrangement and/or the search user interface can be presented on a display device associated with a client device. In one embodiment, the display device can be a television and the client device can be an electronic apparatus that can couple to the media server via a network. | 2008-12-04 |
20080301740 | STORED PROGRAM CONTROLLING APPARATUS AND METHOD OF CONTROLLING STORED PROGRAM - According to one embodiment, a stored program controlling apparatus includes: a program transmitting unit that transmits a program file stored in a first memory to a second memory; and an attribute granting unit that grants a deletion prohibiting attribute to the program file transmitted to the second memory. | 2008-12-04 |
20080301741 | SYSTEM AND METHOD FOR PROVIDING PROGRAM-RELATED CONTENT IN A MULTI-SERVICES DISTRIBUTION SYSTEM - In an embodiment of the present invention, programming content and program-related content (PRC) cues are delivered to a subscriber via an interactive multi-service distribution network. The PRC cues comprise interactive visual elements that may be used to create a PRC object that is selectable by a subscriber. Upon selection of a PRC object, the subscriber receives PRC through a communication service separate from the video programming delivery service, VOD service, PVR service, and NDVR service. | 2008-12-04 |
20080301742 | TIME-INTERLEAVED SIMULCAST FOR TUNE-IN REDUCTION - A system and method for providing faster tuning into a chosen program in a time-sliced multicast and/or broadcast transmission environment. Multimedia data of the same source material but of different transmission and presentation characteristics are coded and compressed. According to various embodiments, simulcast streams of a program are time-sliced, placed maximally apart from each other in terms of transmission time, and sent over the channel. | 2008-12-04 |
20080301743 | Access to Associated Content - A network ( | 2008-12-04 |
20080301744 | Method and Apparatus for Locating Content in an Internet Protocol Television (IPTV) System - A set top box includes a front-end (e.g., a network interface) for receiving programming content over a broadband communication network and a processor operatively associated with the front-end. The set top box also includes a resolver operatively associated with the processor for determining a network-level multicast address corresponding to a domain name of a virtual channel on which the broadcast programming is available. | 2008-12-04 |
20080301745 | System and method of delivering video content - A system and method of delivering video content is disclosed. In a particular embodiment, the method includes storing video data packets of an Internet Protocol Television (IPTV) channel at an access switch/router system that communicates with an IPTV access network. The method also includes receiving data at the access switch/router system indicating a selection of the IPTV channel from a set-top box device via the IPTV access network. Further, the method includes sending copies of the stored video data packets of the IPTV channel to the set-top box device via the IPTV access network. | 2008-12-04 |
20080301746 | PROGRAMMING CONTENT RECONSTRUCTION IN A CONTENT DELIVERY SYSTEM - Methods and apparatuses for programming content reconstruction in a content delivery system are described. In one embodiment, a method to repair programming content at a receiver controller includes receiving a programming content on the receiver controller from a broadcast transmission; identifying, if present, a portion of the programming content received on the receiver controller that is corrupted; determining in a broadband network, other servers and receiver controllers connected to the broadband network that have an uncorrupted version of the corrupted portion of the programming content; sending a request to one of the other servers and receiver controllers for the uncorrupted version of the corrupted portion of the programming content; and receiving the uncorrupted version of the corrupted portion of the programming content from the one of the other servers and receiver controllers. Other embodiments are also described. | 2008-12-04 |
20080301747 | METHOD AND SYSTEM FOR MEDIA RESOURCE SCHEDULING - An IMS-based media resource scheduling method includes: initiating a media resource request by an Application Server (AS) to a media routing functional entity; determining a media server by the media routing functional entity; and routing the media resource request to the determined media server. The disclosure also provides an IMS-based media resource scheduling system, a Media Resource Locating Function (MRLF), a Media Resource Broker Function (MRBF), and a Media Resource Function Controller (MRFC). According to the disclosure, the media resource scheduling process is implemented and the user's QoS requirement is satisfied by selecting a suitable one from at least one media server for providing stream media service to the UE. | 2008-12-04 |
20080301748 | HIGH DEFINITION AND LOW POWER PARTIAL FUNCTIONALITY COMMUNICATION LINK - Communication link including a cable containing four pairs of wires, three transmitters to transmit uncompressed video data and audio data over three of the pairs of wires to three receivers, and two transceivers to form a bidirectional multi data type communication link over the fourth pair of wires. An active mode of operation for transmitting the uncompressed video data and the audio data over the three pairs of wires, and for transmitting bidirectional data over the fourth pair of wires. And a first low power partial functionality mode of operation for transmitting bidirectional system controls. | 2008-12-04 |
20080301749 | SELECTION OF ELECTRONIC CONTENT AND SERVICES - A system and method to facilitating selecting or otherwise providing access to electronic content and services. Access to the content and services may be provided in such as a manner as to facilitate access to higher quality forms of the content. The higher quality forms of the content may be relate to any number of characteristics associated with displaying, transmitting, compressing, securing, and/or otherwise manipulating the content to more suitable forms relative to another form. | 2008-12-04 |
20080301750 | Networked antenna and transport system unit - A networked antenna transport system unit receiving at least broadcast transmissions is described. In one embodiment, an apparatus for redirecting content includes an antenna element array for receiving content from a broadcast transmission. This antenna element array is coupled to receiver electronics via an amplifier and a switch for processing the received content; the receiver electronics is further coupled to a sender module which is remotely coupled to a receiver module in a receiver controller via a local area network; and the sender module is configured to transmit the processed received content via the local area network to the receiver module in the receiver controller for storage and selective display on a display device. Other embodiments are also described. | 2008-12-04 |
20080301751 | Receiver - This receiver includes a first storage portion storing program data allowing the user to watch a television broadcast, a second storage portion storing an operating history of a receiver body including at least a television program watch history, and a control portion updating the program data on the basis of the operating history stored in the second storage portion. | 2008-12-04 |
20080301752 | BROADCASTING RECEIVING APPARATUS AND CONTROL METHOD THEREOF - A broadcasting receiving apparatus includes: a signal receiving unit which receives a first signal and a second signal different from the first signal; a signal processing unit which processes the first and second signals; a communication unit which communicates with an external device to output a sound; and a controller which controls the signal processing unit and the communication unit to process a video signal of the first signal to be displayed and to process an audio signal of the second signal to be transmitted to the external device if the first signals contains the video signal and the second signal contains only the audio signal. | 2008-12-04 |
20080301753 | APPARATUS AND METHOD OF CONTROLLING A CONSUMER PRODUCT - The apparatus and method of controlling a consumer product includes the step of connecting an input device to the consumer product. Also, an input event of the input device is translated into at least one key code, where the key code is recognized by a middleware of the consumer product. Furthermore, the at least one key code is transmitted to the consumer product. In addition, the at least one key code is executed by an application program of the middleware so as to control the consumer product. | 2008-12-04 |
20080301754 | Management of Mandatory Access Control For Graphical User Interface Applications - Granular policy management is provided based upon an active status of a process and the display status of an associated visual display. A policy is constructed and applied to a process by a combination of individual control policy parameters associated with the status of a process or a graphical user interface. Each active policy is dynamically adjusted in response to a change in at least one policy condition. | 2008-12-04 |
20080301755 | Flexible Access Control Policy Enforcement - A method and system for applying access-control policies. In particular implementations, a method includes determining one or more policies, and a prioritization order for the determined policies, based on the one or more parameters; accessing an indirection table to create an entry for the client, wherein the entry indicates the prioritization order of the determined policies; and creating one or more entries in one or more policy data structures for the one or more determined policies. | 2008-12-04 |
20080301756 | Systems and methods for placing holds on enforcement of policies of electronic evidence management on captured electronic - Systems and methods for placing a hold on captured electronic evidence are provided, the captured electronic evidence having one or more associated policies that are applied to the captured electronic evidence. The captured electronic evidence is stored in a repository. The exemplary systems and methods determine whether to place a hold on the captured electronic evidence, and indicate the captured electronic evidence as being on hold. The exemplary systems and methods place the one or more policies of electronic evidence management associated with the captured electronic evidence indicated as being on hold in a pending state. | 2008-12-04 |
20080301757 | Systems and methods for policy enforcement in electronic evidence management - Systems and methods are provided for policy enforcement on electronic evidence captured from at least one source. The contents of the captured electronic evidence are indexed, and the captured electronic evidence is classified based on the indexed contents by associating the electronic evidence with one or more classes. It is determined whether one or more policies apply to the classified captured electronic evidence. When two or more policies apply to the classified captured electronic evidence, a conflict between the two or more policies is resolved to select the one or more policies to enforce. The systems and methods also enforce the selected one or more policies on the classified captured evidence. | 2008-12-04 |
20080301758 | Distributed knowledge access control - Techniques for distributed knowledge access control are disclosed herein. These techniques may enable access control information to be provided in the form of a statement that includes an assertion and a construct that targets the assertion to one or more intended entities. By targeting the statement to intended entities, the construct may help protect resources from unauthorized use and may also help protect the issuer of the statement from accountability resulting from misuse of the statement. | 2008-12-04 |
20080301759 | APPARATUS AND METHOD FOR APPLYING NETWORK POLICY AT VIRTUAL INTERFACES - Methods and apparatus are disclosed for applying network policy to communications originating at operating system virtual interfaces. In an example embodiment, a network device is networked with a switch. The network device may include a first operating system interface, a virtualization adapter, and an input output port. In an example embodiment, the virtualization adapter receives a first frame from the first operating system interface. The virtualization adapter may tag the first frame to indicate an association between the first frame and the first operating system interface. The first frame may then be transmitted with a second frame being associated with a second operating system interface, to the switch via the input output port. In an example embodiment, the switch is configured to receive the frame, examine a tag and then to enforce a network policy upon the first frame, based on the tag. | 2008-12-04 |
20080301760 | Enforcing Universal Access Control in an Information Management System - A method and apparatus for controlling document access and application usage using centrally managed rules. The rules are stored and manipulated in a central rule database via a rule server. Policy enforcers are installed on client systems and/or on servers and perform document access and application usage control for both direct user document accesses and application usage, and application program document accesses by evaluating the rules sent to the policy enforcer. The rule server decides which rules are required by each policy enforcer. A policy enforcer can also perform obligation and remediation operations as a part of rule evaluation. Policy enforcers on client systems and servers can operate autonomously, evaluating policies that have been received, when communications have been discontinued with the rule server. | 2008-12-04 |
20080301761 | Information Management System - An information management system is described comprising one or more workstations running applications to allow a user of the workstation to connect to a network, such as the Internet. Each application has an analyzer, which monitors transmission data that the application is about to transmit to the network or about to receive from the network and which determines an appropriate action to take regarding that transmission data. Such actions may be extracting data from the transmission data, such as passwords and usernames, digital certificates or eCommerce transaction details for storage in a database; ensuring that the transmission data is transmitted at an encryption strength appropriate to the contents of the transmission data; determining whether a check needs to be made as to whether a digital certificate received in transmission data is in force, and determining whether a transaction about to be made by a user of one of the workstations needs third party approval before it is made. The analyzer may consult a policy data containing a policy to govern the workstations in order to make its determination. The information management system provides many advantages in the eCommerce environment to on-line trading companies, who may benefit by being able to regulate the transactions made by their staff according to their instructions in a policy data, automatically maintain records of passwords and business conducted on-line, avoid paying for unnecessary checks on the validity of digital certificates and ensure that transmissions of data made by their staff are always protected at an agreed strength of encryption. | 2008-12-04 |
20080301762 | Information Management System - An information management system is described comprising one or more workstations running applications to allow a user of the workstation to connect to a network, such as the Internet. Each application has an analyzer, which monitors transmission data that the application is about to transmit to the network or about to receive from the network and which determines an appropriate action to take regarding that transmission data. Such actions may be extracting data from the transmission data, such as passwords and usernames, digital certificates or eCommerce transaction details for storage in a database; ensuring that the transmission data is transmitted at an encryption strength appropriate to the contents of the transmission data; determining whether a check needs to be made as to whether a digital certificate received in transmission data is in force, and determining whether a transaction about to be made by a user of one of the workstations needs third party approval before it is made. The analyzer may consult a policy data containing a policy to govern the workstations in order to make its determination. The information management system provides many advantages in the eCommerce environment to on-line trading companies, who may benefit by being able to regulate the transactions made by their staff according to their instructions in a policy data, automatically maintain records of passwords and business conducted on-line, avoid paying for unnecessary checks on the validity of digital certificates and ensure that transmissions of data made by their staff are always protected at an agreed strength of encryption. | 2008-12-04 |
20080301763 | SYSTEM AND METHOD FOR MONITORING COMPUTER SYSTEM RESOURCE PERFORMANCE - According to the present invention, policies are prepared for a plurality of resources residing in a computer system comprising a storage system for copying data from a copy source volume to a copy target volume, and an evaluation is carried out for an evaluation-target resource of the plurality of resources for determining whether or not to execute a predefined action based on the policy of this evaluation-target resource. A policy corresponding to a resource related to copying of the plurality of resources is determined based on a time period related to the copying. | 2008-12-04 |
20080301764 | PORTABLE ELECTRONIC ENTITY, HOST STATION AND ASSOCIATED METHOD - A host station includes:
| 2008-12-04 |
20080301765 | ANALYSIS OF DISTRIBUTED POLICY RULE-SETS FOR COMPLIANCE WITH GLOBAL POLICY - A method for analysis of distributed device rule-sets for compliance with global policies includes enabling an administrator to specify a network topology with intercommunicating elements and parameters required to secure the intercommunication with access control elements of the network topology; establishing connections to the access controls elements to capture a snapshot configuration of device rule-sets of the access control elements; enabling the administrator to specify a set of global access constraints with reference to the access control elements; enabling the administrator to select between exhaustive analysis and statistical analysis; conducting the selected analysis to determine violations by the device rule-sets that fail to comply with the set of global access constraints, wherein statistical analysis quantitatively characterizes a level of compliance without conducting analysis of all potential network paths; and providing results of the selected analysis to the administrator through a graphical user interface (GUI) as the results are obtained. | 2008-12-04 |
20080301766 | CONTENT PROCESSING SYSTEM, METHOD AND PROGRAM - Access control for each part in an HTML document constituting a Web page is performed according to the origin of the part in the document. Thereby, a content provided by a malicious user or server is prevented from fraudulently reading and writing other parts in the HTML document. More precisely, on a server side, each content (including a JavaScript program) is automatically provided with a label indicating the domain that is the origin of the content. Thereby, the control of accesses to multiple domains (cross domain access control) can be performed on a client side. Under this configuration, a combination of the contents, metadata and the access control policy is transmitted from the server side to the client side. | 2008-12-04 |
20080301767 | Techniques for Detecting, Analyzing, and Using Visible Authentication Patterns - Improved techniques for making copy detection patterns and using them to detect copying relationships between digital representations. The techniques include techniques for including a message in a copy detection pattern without altering the copy detection patterns entropy and reading the message, techniques for using a copy detection pattern on an analog form to determine whether the analog form is an original analog form without reference to a digital representation of the original of the analog form's copy detection pattern, techniques for increasing the sensitivity of copy detection using copy detection patterns by modifying one of two copy detection patterns that are being compared to take into account alterations resulting from the copying process, techniques for distributing a copy detection pattern across a document, and techniques for using the entropy of a copy detection pattern to locate the copy detection pattern. Also disclosed are applications of copy detection patterns with copying that involves transformations between the digital and analog forms and with digital-to-digital copying. | 2008-12-04 |
20080301768 | METHOD FOR ISSUING ATTRIBUTE CERTIFICATE FROM AN LDAP ENTRY - A method and apparatus for issuing an attribute certificate for attributes of a Light Weight Directory Access Protocol (LDAP) entry stored in an LDAP repository. In one embodiment, the method includes receiving a request for an attribute of an LDAP entry. The method further includes, in response to the request, sending a reply that includes an attribute value of the requested attribute and a digital signature to authenticate the attribute value. | 2008-12-04 |
20080301769 | LDAP GROUPING FOR DIGITAL SIGNATURE CREATION - A method and apparatus for grouping Light Weight Directory Access Protocol (LDAP) entries for signature generation. In one embodiment, the method includes grouping attributes of one or more repository entries to form a collection of values based on a pre-determined grouping policy. The method further includes generating a digital signature for the collection to authenticate any of the values in the collection. | 2008-12-04 |
20080301770 | Identity based virtual machine selector - A method and apparatus for allowing an authenticated user to select and access a virtual machine (VM) over the network. In one embodiment, the method includes maintaining a map to associate a user with a list of VMs. The VM runs a guest operating system for providing a computing environment for the user when loaded onto a physical machine. The method further includes receiving a request identifying the user, and sending a reply indicating locations of the VMs to the physical machine for selection by the user. | 2008-12-04 |
20080301771 | ELECTRONIC DEVICE, APPLICATION AUTHENTICATION METHOD, APPLICATION EXECUTION SYSTEM, AND COMPUTER READABLE MEDIUM CONTAINING EXECUTABLE PROGRAM INSTRUCTION - The present invention claims and discloses an electronic device comprising a storage part for storing a license check processing program for checking a license in order to execute a processing function of an application program, license setting information containing location information where the license check processing program is executed within the application program; and an application program execution part for executing the application program by associating the license check processing program with a location preset in the application program based on the license setting information stored in the storage part. The present invention further teaches performing a license check processing by the license check processing program associated with the location, and when the license is not properly authenticated, the program in accordance with the present invention will skip the processing function corresponding to the license check processing program to execute a subsequent processing function. | 2008-12-04 |
20080301772 | Authentication system and method, identification information inputting method and apparatus and portable terminal - An authentication system in which unauthorized acquisition of the private information by a third party in the course of authentication of a user by a service provider is rendered difficult. In an authentication system in which a card | 2008-12-04 |
20080301773 | METHOD AND APPARATUS FOR SECURITY CONFIGURATION AND VERIFICATION OF WIRELESS DEVICES IN A FIXED/MOBILE CONVERGENCE ENVIRONMENT - A system and method is described that enables autonomic discovery of wireless network security mechanisms by mobile devices. Stateful monitoring of wireless devices facilitates identification of pending network connectivity loss, enabling a handoff server to proactively advertise new points of access and their associated security mechanisms to devices before connectivity is lost. As a result, devices may seamlessly transition between secure networks. Stateful monitoring of device reachability may be used together with device certificates and/or tokens to decrease the potential of MAC spoofing and further secure the network. Stateful monitoring of device connectivity status during network transitions facilitates the identification of rogue access points. The token or certificate on the device may be used to authenticate the device while transitioning between networks by a centralized entity, managing the initiation and the execution of the handover for the device. | 2008-12-04 |
20080301774 | INFORMATION PROCESSING APPARATUS - An information processing apparatus includes: a processor; a first auxiliary storage device that stores data; a second auxiliary storage device that is provided separate from the first auxiliary storage device at a position inaccessible to a user, the second auxiliary storage device being configured to be rewritable; and a firmware memory that stores a firmware program that is initially executed when a power of the apparatus is turned on, wherein the firmware program causes the apparatus to operate: performing an user authentication; permitting an access to the first auxiliary storage device when the user authentication is successful; and initiating an authentication failure processing program that is stored in the second auxiliary storage device to be performed by the processor when is the user authentication is unsuccessful. | 2008-12-04 |
20080301775 | Method and apparatus for securing data in a memory device - A Method and a terminal intended for securing information in a local memory device which is couplable to a terminal having a data link interface. At the terminal, the method comprises the following steps. The method divides | 2008-12-04 |
20080301776 | System method for providing secure access to a communications network - A system and method for providing secure access to a telecommunications network system. In one embodiment, a cellular device produces a communication session key and utilizes an index and corresponding timing intervals previously provided by the network to the cellular device. The session key is divided into multiple segments that are placed into separate data packets. The data packets, separated by the timing intervals, are sent to the network where a comparison is made between the information in the data packets and the time intervals between the data packets. The timing intervals between the data packets must match an identical set of time intervals stored in the network and if so, the network assembles the data packets to provide a session key for secure communications between the network and the access device. | 2008-12-04 |
20080301777 | Hot standby server system - A server system has servers that can be operated through switching as a primary system and a standby system, and a shared disk unit for storing data accessed by the servers. Each of the servers has a driver that acquires information on a configuration inside the shared disk unit after starting of the system. The driver sets the shared disk unit in an active state in which an access request can be sent to the shared disk unit. Access control determines whether the access request issued by an application should be sent on the basis of a management table indicating inhibited types of access requests for each access destination. The access control sends the access request to the driver when the access request is not inhibited for an access destination of the access request. By this arrangement, hot standby switching processing can be performed at high speed. | 2008-12-04 |
20080301778 | System And Method For Preventing Automated Programs and Unauthorized Users In A Network - A system for preventing an unauthorized user in a networked computing environment includes a client computer provided with a visual test upon a request transmitted through a network by the client computer for a service, wherein the visual test is displayed on a video display, wherein the visual test requires the performance of a predetermined action on a group of images displayed on the video display in order to gain access to the service, wherein the group of images comprises at least two images that are associated with each other. | 2008-12-04 |
20080301779 | Configuring Security Mechanisms Utilizing A Trust System - Implementations of configuring security mechanisms utilizing a trust system are described. In one implementation, a request to communicate is received at a protected device. Before permission to communicate can be granted, a list of trusted devices is accessed. If information, such as an identity or a secret, associated with the device sending the request to communicate correlates to information found on the list of trusted devices, then communication can be allowed. Otherwise, communication between the device and the protected device can be denied. | 2008-12-04 |
20080301780 | ACCESS CONTROL NEGATION USING NEGATIVE GROUPS - The subject disclosure pertains to systems and methods that facilitate managing groups entities for access control. A negative group is defined using a base group, where the negative group associated with a base group includes any entities not included in the base group. Negative groups can be implemented using certificates rather than explicit lists of negative group members. A certificate can provide evidence of membership in the negative group and can be presented for evaluation to obtain access to resources. Subtraction groups can also be used to manage access to resources. A subtraction group can be defined as the members of a first group, excluding any members of a second group. | 2008-12-04 |
20080301781 | METHOD, SYSTEM AND COMPUTER PROGRAM FOR MANAGING MULTIPLE ROLE USERID - In a data processing system it is necessary to make sure that only authorized users have access to system resources and normally not all the users can have access to all and to the same resources. The present invention provides a method and a system for controlling resources, handling multiple authorization roles with a single userID, and allows for movement between the roles without changing identity. This results in a clearer audit trail, and removes the need for extensive knowledge of the security system commands and for multiple steps to allow a step up or down in authorization. | 2008-12-04 |
20080301782 | BROADCAST/MULTICAST SERVICE SYSTEM AND METHOD PROVIDING INTER-NETWORK ROAMING - A method of providing a broadcast/multicast (BCAST) service, the method including receiving, from a terminal, a request of access to a BCAST service, performing service authorization with a home network, delivering, to the terminal, a message including a rights object (RO) to access the BCAST service, if the terminal is authorized to receive the BCAST service as a result of the service authorization, and providing the BCAST service to the terminal that was authorized to receive the BCAST service. | 2008-12-04 |
20080301783 | Computer system - A computer architecture for enterprise device applications provides a real-time, bi-directional communication layer for device communication. An identity-based communications layer provides for secure, end-to-end telemetry and control communications by enabling mutual authentication and encryption between the devices and the enterprise. A unique identity is assigned to each device, user and application to provide security services. Telemetry data is communicated between a data producing device and a data receiving device. The telemetry data sent from the data producing device is identified using the identity identifier of the data producing device. | 2008-12-04 |
20080301784 | Native Use Of Web Service Protocols And Claims In Server Authentication - Architecture for natively authenticating a client application to a web server via HTTP authentication. The Web Services Architecture, and more specifically, Web Services Security, is leveraged to enable legacy applications to access web services transparently to the existing legacy applications. A security support provider (SSP) is created that employs WS-* protocol to at least emulate ws-trust and ws-mex thereby enabling policy exchange via an HTTP protocol stack. Policy can be exchanged via a WWW-Authenticate header enabling legacy applications to use the WS-* family of protocols without modifying the client application. The WS-* protocols are abstracted into a generic programming interface for native client application use. | 2008-12-04 |
20080301785 | SYSTEMS, METHODS AND COMPUTER PROGRAM PRODUCTS FOR PROVIDING ADDITIONAL AUTHENTICATION BEYOND USER EQUIPMENT AUTHENTICATION IN AN IMS NETWORK - A communication network provides access to a network service by providing an additional level of authentication beyond device level authentication. Operations include receiving a message at a Bootstrapping Server Function (BSF) from User Equipment (UE) that additional authentication beyond UE authentication is required for UE access to a network service, and performing an authentication protocol between the BSF and a Home Subscriber System (HSS) to authenticate an identity associated with the UE responsive to receiving the message. | 2008-12-04 |
20080301786 | Times 2 security system - A security system for determining whether a person is authorized to have access to a person, place or thing. The system has issued devices to authorized users that allow the user to answer multiple questions and that the correct answers may be time sensitive. The questions will ascertain whether the person has possession of an issued identification device. The system has a plurality of identification devices and each issued device has a plurality of addressable positions and each addressable position has an image and the image at one of the addressable positions on one of the assigned devices being different from the images at the same one of the addressable position on another one of the assigned devices. | 2008-12-04 |
20080301787 | IMS NETWORK IDENTITY MANAGEMENT - There is disclosed a manner of enabling secure communications between a UE (user equipment) device operating though a packet-switched network and a 3 | 2008-12-04 |
20080301788 | IDENTITY ASSERTION - The present invention relates to using authorization information provided by an asserting agent to control identity-related interactions between a receiving agent and an identity agent, which acts on behalf of the asserting agent. The authorization information may be provided to the identity agent directly or through the receiving agent. When the asserting agent is asserting the identity of an associated entity to the receiving agent, the asserting agent delivers assertion information, which may but need not include the authorization information, to the receiving agent. The assertion information includes claim information that includes actual claims or identifies available claims. Upon receiving the assertion information, the receiving agent may interact with the identity agent. The identity agent will use the authorization information to control claim-related interactions with the receiving agent. | 2008-12-04 |
20080301789 | METHOD AND SYSTEM FOR REAL WORLD VERIFICATION OF A PERSON AND/OR BUSINESS IDENTITY AT A CENTRAL LOCATION FOR REAL AND VIRTUAL WORLD - The method and system of the present invention provides a central location, such as the United States Postal ServiceĀ® (USPS), a product that will advance them into the world of internet business and will in turn offer the opportunity for new sources of revenue. The method and system of the present invention has the facilities to verify a person's and/or businesses identity. The verification process can be done in the same manner as money order, check cashing and real P.O. boxes, which are currently limited to availability in the post office. If the user is verified at the central location, the user's e-mail address, domains, ISP, WSP, and Web Sites can be globally registered at one or more e-mail servers or service providers that participate with the verification. The e-mail server or service providers can attach a symbol of the identity verification on all e-mail sent by the e-mail server or service provider from the verified customer. | 2008-12-04 |
20080301790 | FAST RE-AUTHENTICATION WITH DYNAMIC CREDENTIALS - A proxy server that is inserted between a plurality of network access servers, typically an access points, and an authentication server. When an original authentication request is received by a network access server, the network access server forwards the request to the proxy server which forwards the request to an authentication server. The authentication server then sends the session information to the proxy server which stores the keying material as a dynamic credentials. When the client re-authenticates with one of the plurality of access servers, the re-authentication request is handled by the proxy server using the dynamic credentials. The proxy server may re-authenticate the client using a different method than the method that was originally used. For example, the original authentication may be by Extensible Authentication ProtocolāTransport Layer Security (EAP-TLS) and subsequent re-authentications may use Wi-Fi Protected Access (WPA). | 2008-12-04 |
20080301791 | Single sign-on system, method, and access device - A system, method, and access device enabling a user to securely access a plurality of password-protected servers with a single entry of the user's User ID and associated password. When the access device receives the User ID and password from the user, it sends only the User ID to each of the password-protected servers. The servers each return a unique index value to the access device. The access device uses each index value to retrieve different password modification information from a database or lookup table. The access device then creates a plurality of modified passwords based at least in part on the password modification information. The access device then transmits each of the modified passwords to the corresponding password-protected server. | 2008-12-04 |
20080301792 | Common access card security and document security enhancement - Techniques and systems for maintaining a secure document replication environment based on information contained in CACs are disclosed. In one embodiment of the invention, a device such as an MFP, a printer, a scanner, a copier, or a fax machine comprises or is connected to a card reader. The device prevents users from using the device until the users have been authenticated. In order to authenticate himself to the device, a user inserts his CAC into the card reader. The device reads the user's digital certificate off of the user's CAC. The device determines whether the digital certificate is valid. If the digital certificate is not valid, then, in one embodiment of the invention, the device prevents the user from using any of the device's functions (e.g., printing, scanning, copying, faxing, etc.). | 2008-12-04 |
20080301793 | APPARATUS AND METHOD OF VERIFYING ONLINE CERTIFICATE FOR OFFLINE DEVICE - An apparatus and a method are provided for verifying an online certificate for an offline device. The apparatus includes a nonce generation unit which generates a nonce and a certificate verification request message that requests verification of a certificate on a target online device subject to authentication, wherein the certificate verification request message includes the generated nonce; a transmitting and receiving unit which transmits the certificate verification request to an online device and receives an online certificate status protocol (OCSP) response message from the online device; and a certificate verification result determination unit which extracts a nonce from the OCSP response and compares the extracted nonce with the nonce generated by the nonce generation unit to determine whether the OCSP response is reliable. | 2008-12-04 |
20080301794 | METHOD AND SYSTEM FOR PROVIDING REMOTE ACCESS TO RESOURCES IN A SECURE DATA CENTER OVER A NETWORK - Methods, computer products, and systems are described for providing remote access to resources in a secure data center protected by at least one firewall. One method includes sending by an internal server within the secure data center a request to an external server outside of the secure data center to establish a secure data transport channel between the internal server and the external server. The request travels through at least one firewall protecting the secure data center and over a public network, a private network, and/or a second firewall. The internal server receives a reply to the request from the external server granting the request and confirming the establishment of the secure data transport channel. When a first message from the external server instructing the internal server to create a first data access point associated with a first session is received via the established secure data transport channel, the internal server instantiates the first data access point for the first session and visual data corresponding to the resources in the secure data center is sent from the first data access point to the external server via the secure data transport channel. The visual data is received by the external server and then sent to a first client associated with the first session so that the first client is provided visual access to the resources in the secure data center while the resources remain protected within the secure data center. | 2008-12-04 |
20080301795 | DISTRIBUTED AND SCALABLE INSTANT MULTIMEDIA COMMUNICATION SYSTEM - A scalable instant multimedia communication network includes at least one server that supports instant multimedia communication (IMC) sessions for a plurality of clients registered on the at least one server, and a multi-point switch unit coupled to the server(s) that sends data out of and receives data into the network, routes data between server(s), and performs a security check to enforce a security policy of the network on an invitation to establish a secure IMC session between at least two of the plurality of clients registered on the at least one server. The instant multimedia communication network can be expanded or contracted by coupling additional or fewer servers to the multi-point switch unit. | 2008-12-04 |
20080301796 | Adjusting the Levels of Anti-Malware Protection - A client transmits requests via a gateway to a server in a network environment. The requests indicate content on a server to be transmitted as part of download process. The gateway receives into its memory the requested content and also maintains characteristics of the server and the client. The gateway adjusts the depth of scanning of the content for malware based on the retrieved server and client characteristics in order to optimize a balance between effectiveness of anti-malware scanning and a resulting user experience. | 2008-12-04 |
20080301797 | Method for providing secure access to IMS multimedia services to residential broadband subscribers - The present invention provides a method for providing secure access for a communication unit to an IP Multimedia Network in a communication system. The communication system includes a local area network (LAN), an Internet, and the IP Multimedia Network. A first secure connection is established between the LAN and the IP Multimedia Network. The first secure connection traverses the Internet. Secure access is provided to the communication unit by utilizing the first secure connection and a second connection between the communication unit and the LAN. | 2008-12-04 |
20080301798 | Apparatus and Method for Secure Updating of a Vulnerable System over a Network - An apparatus interposed between a vulnerable system and a network for secure updating of the system includes an internal interface connected to the system; an external interface connected to the network; and one or more filter modules for filtering out specific incoming network packets to block possible network attacks. The filtering may comprise filtering out all incoming TCP SYN packets; filtering out all incoming TCP SYN packets and UDP packets; and/or only allowing packets pertinent to any outgoing connection initiated by the system. | 2008-12-04 |
20080301799 | Method and apparatus for reliable, high speed data transfers in a high assurance multiple level secure environment - A method, apparatus for passing data from a first application at a first security level to a second application in a second security level higher than the first security level is disclosed. A backchannel communications link is established between the first application and the second application, and the backchannel link is used to transmit information such as an acknowledgement message to from the second application to the first application. | 2008-12-04 |
20080301800 | System and method for creating a virtual private network using multi-layered permissions-based access control - A system and method for creating a virtual private network (VPN) over a computer network using multi-layered permissions-based access control comprises a first individual seeking to send a live message from a transmitting node to a second individual at a receiving node over a computer network; means for identifying persons authorized access to said computer network; a Network Guardian Server for authenticating the identity of said transmitting and receiving nodes; and, a System Guardian Server for authenticating the identity of said first and second individuals as persons authorized access to the computer network. | 2008-12-04 |
20080301801 | Policy based virtual private network (VPN) communications - Techniques for policy based virtual private network (VPN) communications are provided. A principal uses a client device to establish a VPN session with a remote processing environment. At the remote processing environment, policies are evaluated and are used for modifying permissible VPN routes that the client uses on behalf of the principal during the VPN session. The modified VPN routes are dynamically pushed to the client at the start of the VPN session and dynamically enforced by the client with communications, which are initiated by the principal during the VPN session. | 2008-12-04 |
20080301802 | Trust-Based Link Access Control - An apparatus, program product and method control access to linked documents on a computer based on a calculated determination of the trustworthiness of such linked documents, so that user navigation to untrusted documents from a document with which such untrusted documents are linked can be deterred. Basing link access control on document trustworthiness permits owners, authors, developers, publishers, etc. of documents, for example, to avoid potential difficulties such as embarrassment, confusion or legal liability as a result of the content of linked-to documents under the control of third parties. | 2008-12-04 |
20080301803 | Tailored System Management Interface - Processes and techniques for tailoring operations management in a system are described. The processes and techniques allow a user to customize operations management based on the user's function within a system and the particular tasks that the user wishes to accomplish. Simplified user interfaces can be created by scoping the interfaces based on user profiles, preferences and system components. | 2008-12-04 |
20080301804 | METHOD AND APPARATUS FOR CONTROLLING DEVICE THROUGH WEB-BASED SERVICE - A method and apparatus for controlling a device through a web-based service is provided. The apparatus includes a control module which determines whether a user is authorized to access a control server via a terminal of the user based on information received from the terminal, and transmits an authentication token to the terminal if it is determined that the user is authorized to access the control server; and an output module which receives a request message for controlling a device along with the authentication token from the terminal, the request message being transmitted via a third party application by the terminal, and transmits the request message to the device if the authentication token received from the terminal is valid. | 2008-12-04 |
20080301805 | METHODS OF COMMUNICATING OBJECT DATA - In an embodiment, a method of communicating an object data is provided. The method comprises receiving the object data from a first medical information system at a second medical information system, checking for an authorization for a user of the second medical information system to view the object data and displaying the object data upon finding the authorization. The method further comprises de identifying the object data upon not finding the authorization for the user and displaying the de identified object data at the second medical information system. | 2008-12-04 |
20080301806 | DISTRIBUTED COMPUTATION IN UNTRUSTED COMPUTING ENVIRONMENTS USING DISTRACTIVE COMPUTATIONAL UNITS - An apparatus, program product and method initiate the execution of distractive computational units along with the execution of other computational units on an untrusted computer to inhibit the reconstitution of a computation by an untrusted party. In particular, along with partitioning a particular computation into a plurality of computational units, one or more distractive computational units are generated and supplied to one or more resource providers for execution along with those of the partitioned computation. | 2008-12-04 |
20080301807 | System and Method for Controlling On-Demand Security - An on-demand security service ensures isolation of the service provider's customers where the customers share resources at the system, subsystem, and storage level. The security service is provided in a pre-production phase and in a post production phase. The pre-production phase takes place prior to boarding the customer. In the pre-production phase the resources to be protected are defined in a security guide, and using the security guide, physical segregation at the facility, network, and technical and delivery support levels is planned and then implemented. In the post production phase, on going activities are proactive and reactive. Proactive activities include maintaining physical segregation by reviewing and updating the security guide, and testing physical segregation by performing security audits and penetration tests. Observations and finding of the audits and penetration tests are resolved. Reactive activities include identifying isolation failures, coordinating appropriate actions, and resolving the isolation failure. The service may be embodied in a system and in a computer implemented process comprising a security guide file (SGF), a security guide application (SGA), a security implementation application (SIA), a security validation application (SVA), and an event coordination application (ECA). | 2008-12-04 |
20080301808 | INTERNET ROBOT DETECTION FOR NETWORK DISTRIBUTABLE MARKUP - Embodiments of the present invention provide a method, system and computer program product for bot detection for network distributable markup. In accordance with an embodiment of the present invention, a page request for distributed markup can be processed to incorporate embedded fragment within the requested page. For instance, the fragment can include a script enabled to detect human activity within the requested page such as a mouse movement. Alternatively, the fragment can include an extraneous markup artifact. The requested page subsequently can be returned to the requestor and the embedded fragment can be monitored to detect the presence of a bot depending upon the activation of the artifact. For example, where human activity can be detected within the page or where the extraneous markup artifact becomes activated despite the extraneous nature of the artifact, a human requestor can be concluded. However, where no human activity is detected in the requested page, or where the extraneous markup artifact remains unactivated, a bot requestor can be determined. | 2008-12-04 |
20080301809 | SYSTEM AND METHOD FOR DETECTNG MALICIOUS MAIL FROM SPAM ZOMBIES - In recent years, the use of spam zombies has become a preferred method of sending spam. In fact, it is estimated that over 90% of all spam comes from spam zombies. Although existing spam zombie detection mechanisms such as the Spamhaus XBL blacklist exist, these techniques are limited in that they cannot block spam from newly created spam zombies. The present invention relates to a system and method for detecting malicious e-mails from spam zombies, the system comprising a processor operable to process a server identification value of a sending source by separating the value into one or more domain level terms to allow each unique term to be tokenized with an index value and to apply the one or more tokenized values as a learning feature in a learning algorithm trained to identify spam zombies. | 2008-12-04 |
20080301810 | MONITORING APPARATUS AND METHOD THEREFOR - A monitoring apparatus for detection of a malicious attack in a communications network comprises a pattern matching engine ( | 2008-12-04 |
20080301811 | System For Stabilizing of Web Service and Method Thereof - An object of the present invention is to provide a system and method for stabilizing a web service. The system of the present invention includes a reception module unit ( | 2008-12-04 |
20080301812 | Method and system for counting new destination addresses - Packets of a certain type from a certain source are directed to a system that estimates the set of destinations and the number of new destinations for which that source has sent packets during a time window T | 2008-12-04 |
20080301813 | Testing Software Applications with Schema-based Fuzzing - Systems and methods to test software applications with schema-based fuzzing are described. In one aspect, the systems and methods automatically generate valid input data for a software application according to a fuzzing data schema. The fuzzing data schema describes characteristics of data format that would be proper or well formed for input into the software application. The systems and methods mutate to the valid input data with one or more fuzzing algorithms to generate corrupted versions, or malformed data. The malformed data is for fuzz testing the software application to identify any security vulnerabilities. | 2008-12-04 |
20080301814 | Information processing apparatus, information processing method, and computer-readable recording medium storing information processing program - An information processing apparatus is disclosed. The information processing apparatus includes a table which describes a relationship between security strength (for example, HIGH, MIDDLE, or LOW) of a computer system of the information processing apparatus and values (for example, ON or OFF) of security function items that stipulate security functions in the information processing apparatus. When a user designates to change the security strength on a screen, the values of the security function items are changed based on the changed security strength. The changed values of the security function items are reported to the user on another screen. | 2008-12-04 |
20080301815 | Detecting Unauthorized Changes to Printed Documents - Systems and methods to detect unauthorized changes to a printed document are described. In one aspect, a digital signature of original content associated with electronic document is embedded into the original content to create a content signed document. The systems and methods use the embedded digital signature to automatically determine whether text-based content associated with a printout of the content signed document was changed from the original content associated with the electronic document. | 2008-12-04 |
20080301816 | Method and system for handling keystroke commands - Keystroke commands are safeguarded from keyboard logging malware based on a destination application's memory address. | 2008-12-04 |
20080301817 | MEMORY CARD - In order to protect the user security data, provided is a memory card capable of preventing the data leakage to a third party not having the access authority by imposing the limitation on the number of password authentications and automatically erasing the data. In a system comprised of a multimedia card and a host machine electrically connected to the multimedia card and controlling the operations of the multimedia card, a retry counter for storing the number of password authentication failures is provided and the upper limit of the number of failures is registered in a register. When passwords are repeatedly entered once, twice, . . . and n times and the retry counter which counts the entries reaches the upper limit of the number of failures, the data is automatically erased so as not to leave the data in the flash memory. | 2008-12-04 |
20080301818 | Method for Retransmission of Use Authorization Information - In order to reduce the multitude of data for transmitting and converting use authorizations, which are received either encoded or non-encoded together with sound and/or picture contents in signals from optional networks, it is proposed to reduce the hierarchically structured use authorization information in the form of a tree structure before transmitting it further, such that non-occupied tree branches are detected and marked as not relevant, wherein the tree branches marked as not relevant are not included during the further transmitting of the use authorization information. | 2008-12-04 |