858 results about "Access to information" patented technology

A distributed antenna system having a transport portion including at least one overhead power line for transmitting system information along its length, and a distribution portion including at least one local access point disposed along the length of the power line for providing local access to information transported by the transport portion.

A method, system, and computer program product for selectively encrypting one or more elements of a document using style sheet processing. Disclosed is a policy-driven augmented style sheet processor (e.g. an Extensible Stylesheet Language, or “XSL”, processor) that creates a selectively-encrypted document (e.g. an Extensible Markup Language, or “XML”, document) carrying key-distribution material, such that by using an augmented document processor (e.g. an augmented XML processing engine), an agent can recover only the information elements for which it is authorized. The Document Type Definition (DTD) or schema associated with a document is modified, such that the DTD or schema specifies a reference to stored security policy to be applied to document elements. Each document element may specify a different security policy, such that the different elements of a single document can be encrypted differently (and, some elements may remain unencrypted). The key distribution material enables a document to be encrypted for decryption by an audience that is unknown at the time of document creation, and enables access to the distinct elements of a single encrypted document to be controlled for multiple users and/or groups of users. In this manner, group collaboration is improved by giving more people easier access to information for which they are authorized, while protecting sensitive data from unauthorized agents. A key recovery technique is also defined, whereby the entire document can be decrypted by an authorized agent regardless of how the different elements were originally encrypted and the access protections which were applied to those elements.

A method, system, and computer program product for selectively encrypting one or more elements of a document using style sheet processing. Disclosed is a policy-driven augmented style sheet processor (e.g. an Extensible Stylesheet Language, or “XSL”, processor) that creates a selectively-encrypted document (e.g. an Extensible Markup Language, or “XML”, document) carrying key-distribution material, such that by using an augmented document processor (e.g. an augmented XML processing engine), an agent can recover only the information elements for which it is authorized. The Document Type Definition (DTD) or schema associated with a document is modified, such that the DTD or schema specifies a reference to stored security policy to be applied to document elements. Each document element may specify a different security policy, such that the different elements of a single document can be encrypted differently (and, some elements may remain unencrypted). The key distribution material enables a document to be encrypted for decryption by an audience that is unknown at the time of document creation, and enables access to the distinct elements of a single encrypted document to be controlled for multiple users and/or groups of users. In this manner, group collaboration is improved by giving more people easier access to information for which they are authorized, while protecting sensitive data from unauthorized agents. A key recovery technique is also defined, whereby the entire document can be decrypted by an authorized agent regardless of how the different elements were originally encrypted and the access protections which were applied to those elements.

A method of multi-domain authorisation/authentication on a computer network comprises: a user making a request to a policy enforcement point of a computer for access to information on the computer; providing a location address for a user's authorisation and/or authentication information, a policy decision point of the service on the computer network then verifying the authorisation/authentication information; and the user being given access by the PEP to the information or the service requested, if the request is accepted, wherein the user's authorisation/authentication and/or further information is located on a meta policy decision point (MPDP).

A method for controlling access to information from a DNS server having an access control list specifying clients approved to receive an IP address corresponding to a domain name of a target host is disclosed. The method includes receiving a request from a client for an IP address of a domain name at the DNS server and looking up the domain name in an access control list. The client is sent a reply containing the IP address of the domain name if the client is authorized in the access control list to receive the IP address. If the client is not authorized to receive the IP address, the request is denied.

Access to information or a document is secured by a central global positioning authority that evaluates access requests in accordance with predefined policies. One component of an access request includes location information regarding at least one of the requesting entity and location of the requested resource. Access is either allowed or denied as a function of at least the requesting entity, position information and the applicable policy or policies. An encryption/decryption scheme is implemented where the encryption key is a function of the resource's position.

A GUI containing a panel along each of its edges is produced within a computer's display. Each of the four panels are always visible and accessible within the GUI and contain items that display or reference network-based information, communication, navigational systems, computer programs, and other items. These items have been assigned to the panels based upon a hierarchal containment system which, in the preferred embodiment of the invention, uses the categories “people, places, things, and home” as its first logical grouping of the various items and services a user would seek to utilize within the GUI. This organizational system, and its associated visual representation within the panels, enables the GUI to be displayed and operated within multiple computer devices, even though the designs of those devices may include a wide range of display and control systems. This consistency across various computing devices enables a user to quickly apply knowledge gained from having used the GUI on another computing device. Furthermore, the items presented within the GUI, as well as the GUI's configuration, are stored in, and retrieved from, a networked “server” computer thereby enabling a user to produce and access their familiar GUI workspace and items using a variety of networked computer devices. The GUI therefore may be accessed within multiple computing devices and provide access to information, computer programs, and electronic communications.

A communication system (10) supports the provision of a plurality of dedicated communication resources (50–64), such as copper drops, RF links and optical fibers, to dedicated home-gateway devices (44–48) or distribution points (124). The communication resources (50–64) support broadband interconnection (104) between the dedicated home-gateway devices (44–48) or distribution points (124) and an access multiplexor (30) in a network (12). Each gateway device (44–48) or distribution point (124) generally includes a local RF transceiver (84) and associated control logic (80–82) that allows local communication (86) between gateway devices (44–48) and hence statistically multiplexed access (60–64, 89) to multiple communication resources, thereby providing increased bandwidth in uplink and/or downlink directions. With the control logic (80) operable to provide a routing and prioritisation/arbitration function, each gateway (44–48) is able to selectively engage use of supplemental, non-reserved communication resources usually associated with a dedicated ono-to-one connection between the access network (12) and at least one secondary gateway. Physical layer access to information routed via a secondary gateway within a virtual neighborhood network (90–92) comprising several gateways is restricted through an end-to-end encryption algorithm between an originating gateway and, at least, the access multilpexor (30).

Provided is a method and apparatus for improved access to material via the World Wide Web Internet service. Web page URLs are stored as attribute-values of directory objects and Web page hyperlinks to those directory objects are provided together with access logic responsive to the hyperlinks for retrieving the URLs for use by a client. This indirect access to Web pages via hyperlinks to directories has significant advantages for Web page organization and facilitates more flexible methods of Web page access than the known use of hyperlinks which include URLs pointing directly to the target Web pages.

An efficient method and apparatus for regulating access to information objects stored in a database in which there are a large number of users and access groups. The invention uses a representation of a hierarchical access group structure in terms of intervals over a set of integers and a decomposition scheme that reduces any group structure to ones that have interval representation. This representation allows the problem for checking access rights to be reduced to an interval containment problem. An interval tree, a popular data structure in computational geometry, may be implemented to efficiently execute the access-right checking method.

Methods and apparatus for providing access to information associated with a patient are disclosed. Information associated with a patient may be stored electronically, enabling the information from an electronic health record (e.g., electronic personal health record controlled by a patient) or a portion thereof to be provided to an entity such as a healthcare provider. Patient records may be maintained and controlled by multiple entities, such as the healthcare providers, patients, payors, or other third parties. Information from these records may be transferred among these entities, thereby enabling updates to such records to be performed. These updates may occur automatically or upon acceptance by the receiving entity (e.g., patient or healthcare provider).

A method, system, and computer program product for selectively encrypting one or more elements of a document using style sheet processing. Disclosed is a policy-driven augmented style sheet processor (e.g. an Extensible Stylesheet Language, or “XSL”, processor) that creates a selectively-encrypted document (e.g. an Extensible Markup Language, or “XML”, document) carrying key-distribution material, such that by using an augmented document processor (e.g. an augmented XML processing engine), an agent can recover only the information elements for which it is authorized. The Document Type Definition (DTD) or schema associated with a document is modified, such that the DTD or schema specifies a reference to stored security policy to be applied to document elements. Each document element may specify a different security policy, such that the different elements of a single document can be encrypted differently (and, some elements may remain unencrypted). The key distribution material enables a document to be encrypted for decryption by an audience that is unknown at the time of document creation, and enables access to the distinct elements of a single encrypted document to be controlled for multiple users and/or groups of users. In this manner, group collaboration is improved by giving more people easier access to information for which they are authorized, while protecting sensitive data from unauthorized agents. A key recovery technique is also defined, whereby the entire document can be decrypted by an authorized agent regardless of how the different elements were originally encrypted and the access protections which were applied to those elements.

A method, system, and computer program product for selectively encrypting one or more elements of a document using style sheet processing. Disclosed is a policy-driven augmented style sheet processor (e.g. an Extensible Stylesheet Language, or “XSL”, processor) that creates a selectively-encrypted document (e.g. an Extensible Markup Language, or “XML”, document) carrying key-distribution material, such that by using an augmented document processor (e.g., an augmented XML processing engine), an agent can recover only the information elements for which it is authorized. The Document Type Definition (DTD) or schema associated with a document is modified, such that the DTD or schema specifies a reference to stored security policy to be applied to document elements. Each document element may specify a different security policy, such that the different elements of a single document can be encrypted differently (and, some elements may remain unencrypted). The key distribution material enables a document to be encrypted for decryption by an audience that is unknown at the time of document creation, and enables access to the distinct elements of a single encrypted document to be controlled for multiple users and/or groups of users. In this manner, group collaboration is improved by giving more people easier access to information for which they are authorized, while protecting sensitive data from unauthorized agents. A key recovery technique is also defined, whereby the entire document can be decrypted by an authorized agent regardless of how the different elements were originally encrypted and the access protections which were applied to those elements.

A method and system of verification is provided for sensing a fingerprint. The present invention offers a secure authentication method and system based on a user's fingerprint data to grant the access to information at a remote location. A biometric input corresponding to the fingerprint is provided by a user and the biometric input is than validated. Based on the validation, a token is transmitted to a remote location. The method and system can be further enhanced by additional security comprising receiving a request based on the authentication of the user information and transmitting, to a second remote location, a token based on the biometric input in response to the request.

An integrated method and apparatus is provided for capturing, storing, organizing, and sharing pertinent information from a plurality of sources in a simple and effective manner. The invention allows for the local capture of pertinent information from files, Web pages, Web files, e-mail items, and the like, as well as portions thereof. The pertinent information may be captured in any granularity that is selected by a user. The invention also provides a graphical user interface (GUI) for a consistent handling and viewing of all information. The integrated method and apparatus can operate in conjunction with a software browser, such as Microsoft's Internet Explorer, Netscape's Navigator, or any other commercial or custom-designed browser that allows access to information.

A method and system for providing access to information via a supplementary device is provided. User access to primary information via a primary device is monitored. Key information related to the primary content is obtained by extracting and analyzing metadata sources for the primary information. Then, supplementary information related to the primary information is obtained based on the key information. The supplementary information is provided for user access via the supplementary device.

A system and method are described for virtualizing Internet of Things (IoT) devices and hubs. For example, one embodiment of a system comprises: a primary Internet of Things (IoT) cloud service to register IoT devices owned by users who have subscribed with the primary IoT cloud service; IoT device management logic on the primary IoT cloud service to provide access to data generated by the primary IoT devices and to control the IoT devices responsive to user input; the IoT device management logic to establish a communication channel with an external IoT cloud service responsive to a user registering one or more external IoT devices controlled by the external IoT cloud service; and wherein upon the external IoT cloud service providing the IoT device management logic with access to the one or more external IoT devices, the IoT device management logic to generate virtual representations of the one or more external IoT devices to allow user access to information generated by the external IoT devices and to allow the user to control the external IoT devices through the virtual representations.