94 results about "Supplicant" patented technology

Embodiments of the invention relate to systems and methods for providing an anonymization engine. One embodiment of the present invention relates to a method comprising receiving a message directed at a recipient computer located outside a secure area by a privacy computer located within a secure area. The privacy computer may identify private information using a plurality of privacy rules and anonymize the message according to the plurality of privacy rules. Another embodiment may be directed to a method comprising receiving a request for sensitive data from a requesting computer. An anonymization computer may determine a sensitive data record associated with the request and may anonymize the sensitive data record by performing at least two of: removing unnecessary sensitive data entries from the sensitive data record, masking the sensitive data entries to maintain format, separating the sensitive data entries into associated data groupings, and de-contexting the data.

Host name data is “looped-back” from a native host name resolver included in a requesting computer system to a name resolution port that is also included in the requesting computer system. A replacement host name resolver monitors the name resolution port for host name data that is incompatible with name resolution techniques utilized by a network. The replacement host name resolver modifies the otherwise incompatible host name data for compatibility with name resolution techniques utilized by the network. Modifying host name data may include changing a transmission protocol associated with the host name data or formatting non-secure host name data for resolution with secure host name resolution techniques. The replacement host name resolver redirects compatible host name data to a module that may cause the host name data to be resolved into a network address. The network address may be provided to the native host name resolver.

A method and apparatus for dynamically balancing the loading of video data storage devices facilitates the transfer of video data by acquiring a listing of locations and loading of all segments of a requested video data. Those storage devices containing copies of each segment of the video data having a least loading are selected. If the loading of the storage devices exceed their maximum capacity, the segment is divided into sub-segments and stored to storage devices with minimum loading. The presence of all segments of the requested video data is determined. If there are missing segments of the requested video data, each of those missing segments is assigned a file identification and file location, such that those missing segments are retrieved from a back-up storage device and assigned to data storage devices having the least loading for transfer to a requesting computer system.

A cloud broker and procurement system and method is closed. In particular embodiments, the method includes receiving an offer of a computing resource from each of a plurality of providers. The method further includes receiving, from each of the plurality of providers, a service level agreement associated with each respective offered computing resource. Additionally, the method includes normalizing each of the service level agreements associated with the offered computing resources. The method further includes receiving a request from a requesting computer for a computing resource and selecting, based at least in part on the normalized service level agreements, one of the providers to provide the requested computing resource. The method also includes transmitting a service match indicator to the client, wherein the service match indicator indicates a time at which the offered computing resource will be utilized, and utilizing the computing resource on the selected provider.

A method for preventing unauthorized access by a requestor to data sent via computer networks, including a) requesting, from a requesting computer, access to data from a first server, at the first server b) determining if the request is a valid request, c) receiving a ticket from a ticket server, if the request is a valid request d) providing the ticket identifying the requestor to a second server the data is stored, e) directing the requesting computer to request access to the data from the second server, at the second server f) receiving the request from the requesting computer, g) verifying the ticket as identifying the requestor, and h) sending the data to the requesting computer in response to the request.

Systems and methods for requesting computer software program logic by a client computing device from a server are provided. The method at the server comprises receiving a request for the computer software program logic from the client device along with a first list comprising details about multiple modules running on the client device; determining a second list comprising details about multiple modules required to deploy the computer software program logic on the client device; checking whether the modules of the second list need to be substituted based on their availability or suitability; updating the second list; checking whether the client device has permission rights for accessing the modules of the updated second list; and sending an object comprising the modules of the updated second list to the client device, the updated second list comprising details about the modules required for deployment of logic on the client device.

An event report, such as a virus detection event, is sent from a reporting computer 2 to a receiving computer 6 via an internet link 4. The report data may take the form of a URL requesting a web page 28 to be provided by the receiving computer 6, the URL bearing an encrypted form 24 of the report data that is used to identify the requested web page as well as pass further information to the receiving computer 6. Alternatively, the report data may be collated in the reporting computer 2 and passed to the receiving computer 6 when a computer virus definition data update is requested. The report data seeks to uniquely identify the event by incorporating the MAC address of the reporting computer 2, the date, time, computer product identifier, version identifier, update identifier and driver triggered. Additionally, a checksum derived from the infected file together with an indication of the corrective action, if any, taken by the reporting computer 2 may be included. The report data sent to the receiving computer 6 may be used to obtain real life information concerning the prevalence of particular viruses together with information characterising the anti-virus programs and their update status being employed by the user community.

A method and apparatus for monitoring a computer to detect operating system process manipulation by malicious software programs is disclosed. In one embodiment, a method for detecting operating system process manipulation through unexpected process behavior includes accessing process behavior indicia regarding memory addresses used by at least one user mode process to request computer resources and comparing the process behavior indicia with a user mode request to identify operating system process manipulation.

A method and system for logging event data from at least one operable application program or at least one peripheral device operably connected to a server using a log manager device driver. The method includes the steps of registering the log manager device driver with the server to receive all the event data from the server, registering the log manager device driver with the server as a log manager file, the log manager device driver receiving the event data, and the log manager device driver responding to a download request for said log manager file from a requesting computer.

A method and system for enabling secure IPsec tunnels within NAT without compromising security. A local network is configured with a gateway machine connected to the Internet and having an IPsec ID for interfacing with the Internet and a local IP/interface address for interfacing with the local network. Client machines are connected to the gateway machine and communicate with the Internet via the gateway and network address translation (NAT) techniques. Each client machine is configured with a local IP/interface address. The client machines are also provided with an alias of the IPsec ID for the gateway machine. When an IPsec request is received by the gateway machine to establish a tunnel (secure communication) with one of the clients, the gateway machine forwards the packet to the particular client using NAT. The client machine receives the request and since it has an alias of the gateway's IPsec ID, the client machine will confirm that it has one of the IPsec IDs in the packet. The client machine sends the reply packet back to the gateway machine, which then forwards it to the requesting machine over the Internet. The requesting machine receives the packet and a confirmation that it has reached its intended recipient and opens the secure IKE tunnel with the particular client via the gateway machine. In this manner authentication of the IKE tunnel and establishment of a secure IPsec session is completed with a client machine that is accessible only via a gateway implementing NAT.

A method for security authentication within a wireless network is disclosed. A method within an adhoc mesh network for two devices to quickly determine roles (i.e. which is the authenticator and which is the supplicant) while establishing a security association is provided for. The invention further provides for the inclusion of cached key information in the role negotiation process and the application of role negotiation to a shortened three-way handshake.

A wireless receiver for receiving a multi-contents file and a method for outputting data using the same, which can receive, navigation information for providing intuitively recognizable search interfaces to a user by radio in real time, receive various types of contents files by radio in real time, and output the received information and files through an AV device. A video decoder decodes a video stream on the basis of an MPEG standard. An audio decoder decodes an audio contents file. An OSD processor processes a text file and additional information. A video output unit selectively configures decoded video data and text data on one screen and performs encoding and outputting operations based on the format of a display unit. An audio output unit outputs decoded audio data. A user interface receives a user's command. A WLAN card communicates WLAN data with a computer system. A controller requests the computer system to transmit navigation screen information, at least one contents file or additional information of the contents file edited and processed by the computer system, analyzes a data stream received by radio from the computer system responsive to the request, and performs a control operation so that a result of the analysis is inputted into the decoder or OSD processor. A memory stores the stream and control program data.

A reliable request-response mechanism allows a requesting computer system and a responding computer system in an established end-to-end connection to send and receive messages in a manner that the responding computer system processes a request as intended by the requesting computer system, such that all the message communication is initiated by the requesting computer system. The requesting computer system and responding computer system can accommodate a wide range of messaging failures, such as intermittent network connections or failure of a transport of SOAP intermediary by resending cached versions of previously sent messages, and by acknowledging receipt of each message received. Cached messages on either computer system are deleted after being appropriately acknowledged. After all sent messages have been acknowledged by the responding computer, and the requesting computer has received all of the response messages from the responding computer, the end-to-end connection is terminated with an exchange of connection termination messages.

A removable digital data storage device has a programmable memory controller, a data storage medium and a data destruction means. The memory controller is encoded with a firmware program to provide a computer device driver interface, wherein the firmware program further configures the memory controller to secure data on the medium by querying for a hardware code in response to a data operation request by a computer through the interface and either granting access in response to a hardware code input or, independent of an operational status of the requesting computer, directly instructing the data destruction means to render data residing on the data storage medium unreadable in response to a failure to receive the first hardware code input through the interface.