1068 results about "Filtering rules" patented technology

A method and apparatus are provided that evaluate a number of different sources of presence information to determine a presence status of a user. The presence status of a user is determined by obtaining presence information from a plurality of presence data stores; translating the obtained presence information from at least one of said presence data stores into a standard format; and determining the presence status of the user based on the obtained presence information. Presence information can also be based on user-specified rules. Presence information is obtained from a number of presence data stores and the presence status of a user is determined based on one or more rules that are applied to the obtained presence information. The rules may include, for example, aggregation rules that determines the presence status based on one or more of the obtained presence information or filter rules that determine who may receive the presence status.

The fare charging info collect system includes a filter condition management module (FCM) for setting and storing the filter condition being useful for flow analyze and control, a flow analyze module (FA), according to the filter condition, analyzes the business flow that mobile terminals access the data business, draws the data business content character code, business beacon and the business type info, a filter condition management interface module (FCMI) connecting FCM and FA, a authentication interface module (AI) sending the business content character code to the authentication server to authenticate. A fare charge interface module (FCI) sends the business beacon and the business type to the fare charging sub-system to charge. Via supporting user to set and modify dynamically the filter rule, this scheme extends user business features, e.g. QOS and safety features.

A multi-stage packet filtering method and system. The multi-stage packet filtering according to the invention applies a set of filtering rules early in the processing of incoming communications packets by filtering incoming data packets using the filtering rules in a plurality of stages wherein the first stage is triggered by the receipt of a data packet by the device. Filtering rules that cannot be applied in the first stage may be deferred to a pre-memory allocation stage. Thus, preferable leaving only rules that must be executed in conjunction with protocol processing to be filtered at a filtering stage executed in a protocol processing filtering stage.

A content filtering mechanism is enhanced to resolve conflicts in filtering rules (e.g., those created by a whitelist, on the one hand, and a blacklist, on the other hand). Preferably, a conflict between or among content filtering rules is resolved by selecting among conflicting rules based on a notion of “risk” associated with the rules. According to this risk-based approach, when two or more rules conflict with one another, the particular rule whose risk value has a predetermined relationship (e.g., aligns most closely) with a risk level associated with the application (applying the rules) then takes precedence. By selecting among conflicting rules based on risk, the potential or actual conflicts are disambiguated, with the result being that the content is filtered appropriately.

Online fraud prevention including receiving a rules set to detect fraud, mapping the rules set to a data set, mapping success data to members of the rules set, filtering the members of the rules set, and ordering members of the data set by giving priority to those members of the data set with a greater probability for being fraudulent based upon the success data of each member of the rule set in detecting fraud. Further, a receiver coupled to an application server to receive a rules set to detect fraud, and a server coupled to the application server, to map the rules set to a data set, and to map the success data to each members of the rules set. The server is used to order the various members of the data set by giving priority to those members of the data set with a greatest probability for being fraudulent.

A method of filtering a plurality of DNS queries, wherein each DNS query includes a query name and a resource record type, includes defining a filter rule including a domain name, a filter type, and a throttle percentage and forming a filter file including the filter rule. The method also includes transmitting the filter file from a server to a plurality of filter proxies, transmitting the filter file from each of the plurality of filter proxies to one or more processing engines, and receiving the plurality of DNS queries at one of the one or more processing engines. The method includes determining a match between the domain name and the query name and between the resource record type and the filter type for a subset of the plurality of DNS queries, and blocking a predetermined percentage (equal to the throttle percentage) of the subset of the plurality of DNS queries.

A system for filtering data comprises a filtering database for storing layered rule tables and a data filtering engine coupled to the filtering database for filtering the input data using the layered rule tables. The data filtering engine filters or classifies input data using tests or rules performed on the data elements in the input data. The data elements are segments of data in the input data and are selected from the input data using a data element locator. Preferably, each rule table in the filtering database comprises a data element locator, a default rule, and zero or more filtering rules. The filtering rules comprise the tests or rules that are to be applied to the data elements. Each rule table corresponds to a single data element and each filtering rule in the rule table is to be applied to that data element.

A method for interfacing with a user of an enterprise intrusion detection system, the method comprises receiving at least one packet flow, each packet flow originating from a unique node in the intrusion detection system and comprising descriptive information and a plurality of packet headers. The descriptive information of a first subset of the received packet flows is communicated to a user based at least in part on a filtering ruleset. A second subset of the received packet flows is concealed from the user based at least in part on the filtering ruleset. In response to receiving a command from the user, the plurality of packet headers for at least one packet flow in the first subset is communicated to the user.

Network elements that are configured to perform deep packet inspection may be dynamically updated with patterns associated with malicious code, so that malicious code may be detected and blocked at the network level. As new threats are identified by a security service, new patterns may be created for those threats, and the new patterns may then be passed out onto the network in real time. The real time availability of patterns enables filter rules derived from the patterns to be applied by the network elements so that malicious code may be filtered on the network before it reaches the end users. The filter rules may be derived by security software resident in the network elements or may be generated by a filter generation service configured to generate network element specific filter rules for those network elements that are to be implemented as detection points on the network.

A fraud rule can be applied to a transaction according to a first authorization parameter. The transaction is passed to a filtering rule which is applied to the transaction according to a second authorization parameter. The filtering rule can approve the transaction for processing or pass the transaction on to a third party analysis. The fraud and filtering rules can apply the same analysis to the transaction with the exception of the authorization parameters. The fraud rule and filtering rules can analyze historical attributes of a consumer account.

Data is acquired for an Identity System based on a one or more rules. The data can be from the same Identity System Component, another Identity System Component or a component external to the Identity System. The acquired data can be used to populate an Identity Profile, configure a workflow, or provide information to any other object, process, component, etc. of the Identity System. In one embodiment, the present invention combines dynamic identity value substitution and directory filter rules to enable rule based identity management. It enables dynamic population of identity data and real-time routing for identity management workflows. In other embodiments, the present invention can be applied to systems other than Identity Systems.

A data switch for network communications includes a data port interface which supports at least one data port which transmits and receives data. The switch also includes a CPU interface, where the CPU interface is configured to communicate with a CPU, and a memory management unit, including a memory interface for communicating data from the data port interface to the switch memory. A communication channel is also provided, communicating data and messaging information between the data port interface, the CPU interface, the switch memory, and the memory management unit. The data port interface also includes an access control unit that filters the data coming into the data port interface and takes selective action on the data by applying a set of filter rules such that access to the switch is controlled by the set of filter rules.

A method is disclosed for modifying the results of a search performed in a collection of items by a search and navigation system. The method includes receiving a query from a user interface and determining a navigation state, defined by expressions of attribute-value pairs, based on the received query. The user interface accepts both selecting and deselecting of any of the attribute-value pairs in an expression corresponding to a navigation state to obtain an expression corresponding to a different navigation state, and each selection and deselection forms a new query. The method further includes retrieving, from the collection, items associated with the navigation state to form a set of unmodified search results, the set of unmodified search results having an arrangement for presentation to the user. A rule filter that includes a metadata expression is applied to a set of rules, each rule having a trigger, an action, and metadata. The application of the rule filter to the set of rules includes evaluating the metadata expression of the rule filter based on the metadata of each rule and passing rules for which the metadata expression of the rule filter evaluates as logical true. The trigger of each rule passed by the rule filter is evaluated, and the action of each rule for which the trigger of the rule evaluates as logical true is executed to modify the unmodified search results to form modified search results.

The present invention allows for processing classification and/or security filtering rules by using bitmaps as representations. In one instance, the packet header involved in the packet classification is divided into sections (fields) such as 16 bit portions. Once, this is performed, a data lookup table is built for each of the packet header fields. In particular, a bitmap is created representing which filter rules match a certain packet header field value. The created data lookup tables, typically one for each packet header field, are merged to form intermediate level data lookup tables. The intermediate level data lookup tables are continuously merged until one final data lookup table is formed. The result of the final data lookup table represents all the possible packets to be classified. Thus, each final data entry has a bitmap representing the filtering rules that matches this entry. The bitmap can be used to selectively provide a desired result of the classification. For instance, a first matching rule is represented by the first bit set in the bitmap; the best matching rule is determined by processing the bitmap and selecting the most appropriate rule; and a complete set of rules that match is represented by the full bits set in the bitmap.

A method and system for defining financial transaction notification preferences is disclosed. A computer-implemented method for defining notification preferences using a financial transaction notification message served to a user on a mobile device and using properties of the financial transaction includes the steps of serving the financial transaction notification message, the financial transaction notification message being related to a financial transaction performed by the user, receiving a notification preference response message from the user, and defining at least one notification filtering rule based on the notification preference response message and the properties of the financial transaction. A system operable to implement the computer-implemented method includes a transaction notification module operable to serve the financial transaction notification message, the financial transaction notification message being related to a financial transaction performed by the user, a notification preference receiver module operable to receive a notification preference response message from the user, and a notification preference processor module operable to define at least one notification filtering rule based on the notification preference response message and the properties of the financial transaction.

A client application server includes a client server, a proxy authentication server, and an authentication server. The proxy authentication server maintains a set of one or more authentication rules and an authentication request table. The client server is responsive to an authentication request from a user including a user identifier for directing the authentication request to the proxy authentication server for searching the authentication request table for entries for the client; responsive to finding one or more entries, applying the filter rules; responsive failing a filter rule, rejecting the authentication request in a response message to the client server; and responsive to passing all relevant filter rules, directing the authentication request to the authentication server for authenticating the user.

A system for streaming packet captures over the Internet includes multiple network access devices, each operating as one of a gateway device, a wireless access point, and a network switch, and a management server communicatively coupled to the network access devices over the Internet for managing the network access devices. The management server maintains a persistent hypertext transport protocol (HTTP) connection with each of the network access devices over the Internet. The management server is to generate a bytecode based on a filtering expression for packet captures (PCAPs) representing one or more PCAPs filtering rules, transmit the bytecode to the network access devices without requiring the network access devices to compile the PCAPs filtering rules, receive PCAPs from the network access devices captured by the network access devices based on the PCAPs filtering rules, and merge the PCAPs received from the network access devices into merged PCAPs.

The invention relates to a method for monitoring a security network interface unit (23), FIG. 2 for example a firewall, which receives a stream of data packets via a first interface (21), checks said data stream with respect to filtering rules, and outputs said data stream to a second interface (22). The method has the steps of duplicating and outputting the data stream to the second interface (22), checking the output data stream for inadmissible data traffic, transmitting a warning message to the security network interface unit if inadmissible data traffic is detected in the data stream, and restricting the data stream by means of the security network interface unit if the warning message is received in the security network interface unit (23). The device or the system according to the invention comprises units which are designed to carry out the aforementioned method.

Methods and systems for a PLD-based network update transport (PNUT) protocol that utilizes UDP and other protocols for transmitting update or other commands or information over a packet-based or IP network. PNUT is a hardware-based network communication protocol that does not require the full TCP/IP stack and may be utilized for exchanging commands and information with such PLD-based and other devices. Protocols may include a set of core commands and a set of custom commands. Logic components within the PLD-based devices may consist of a command dispatcher, a transmitter/controller, a MAC receiver, a MAC transmitter, a packet parser, a packet generator, and core receiving and transmitting commands. The present invention may be implemented without requiring CPU cores, special controllers, stringent timings, or operating systems as compared with conventional network protocols. Various methods for exchanging and updating PNUT commands are disclosed. The methods and systems of the present invention may be utilized to provide other functions, such as filtering, logging, polling, testing, debugging, and monitoring, and may be implemented between a server and a PLD-based device or solely between PLD-based devices.

User input defines transmission filter rules to be met when sending an error report to a support provider. User input also defines collection filter rules to be met when including failure data within an error report. Error reports corresponding to crash failures at clients are filtered with the transmission filter rules to determine which of the error reports to send to the support provider, and each error report to be sent to the support provider is further filtered to remove any failure data that fails to satisfy the collection filter rules. Each error report that satisfies the transmission filter rules, along with the failure data satisfying the collection filter rules, is sent to the support provider for analysis. Standard and or custom failure responses corresponding to the failures at the clients may be retrieved and sent to the clients in accordance with the collection filter rules.

Embodiments of the present invention address deficiencies of the art in respect to alert management and provide a method, system and computer program product for adaptive alert management. In one embodiment of the invention, an adaptive alert management data processing system can include an alert server and multiple different alert monitors disposed in corresponding application hosts. Each of the alert monitors can be configured to establish a subscription to the alert server on behalf of at least one application view of an application issuing alerts. Finally, the system can include multiple different filter rules accessible by the alert server. Each of the filter rules can specify whether or not to suppress or display an alert received in the alert server. The system further can include a data store of ratings previously applied to an alert, an established predictive rating for a target user for a received alert, and predictive alert filter logic enabled to refine the predictive rating for the received alert based upon ratings applied by a plurality of application users to the received alert in the data store.