APPSENSE, LIMITED Patent applications |
Patent application number | Title | Published |
20150200930 | METHOD AND APPARATUS FOR SECURING MOBILE APPLICATIONS - A non-transitory processor-readable medium stores code that represents instructions to be executed by a processor. The code includes code to receive an object code of a first application. The first application is defined by an author different from an author of a second application. The code also includes code to dynamically load at least two intercept points into the object code of the first application, using the second application. The code further includes code to, responsive to a read request for data by the first application, intercept the read request by at least one of the two intercept points. The code further includes code to determine, in response to intercepting the read request, whether or not access to read the data is authenticated. The code further includes code to send a signal to provide the data to the first application, based on the determining. | 07-16-2015 |
20150200921 | METHOD AND APPARATUS FOR SECURING MOBILE APPLICATIONS - In some embodiments, a method includes obtaining an object code of an application executed on a mobile device. The application is created by an author different from an operator of a data source. The method includes loading dynamically at least one intercept point into the object code, wherein the intercept point is to detect a predetermined input gesture. The method further includes, responsive to an input gesture being received within a context of the application at the mobile device and the input gesture matching the predetermined input gesture: (1) overlaying a user interface within the context of the application, the user interface permitting selection of data items from the data source; (2) determining from a selection signal received at the mobile device, a selected data item; (3) responsive to the determining, loading the selected data item into the context of the application; and (4) removing the user interface overlay. | 07-16-2015 |
20150074744 | APPARATUS, SYSTEMS, AND METHODS FOR MANAGING DATA SECURITY - Disclosed embodiments of a data protection mechanism can provide secure data management. In particular, the disclosed embodiments provide secure data management mechanisms that can control transfer of data items so that contents of protected data items are not accessible to non-authorized parties. For example, the disclosed system can prevent an application from storing a protected file using a new file name. As another example, the disclosed system can prevent an application from sending a protected file to another computing device over a communication network. | 03-12-2015 |
20150026460 | Systems, Methods and Media for Selective Decryption of Files Containing Sensitive Data - Systems, methods and media are provided for selective decryption of files. One method includes monitoring a secure file storage area including at least one file using a selective decryption process associated with the secure file storage area. Content of each of the at least one file is protected with an encryption. The method also includes detecting a request by an application program for one of the at least one file. The method further includes determining whether the application program needs to access the content of the requested file. The method also includes, when it is determined that the application program does not need to access the content of the requested file, allowing the application program to access the file content without decrypting the encryption. | 01-22-2015 |
20140337743 | CONTEXT TRANSFER FROM WEB PAGE TO APPLICATION - Systems and methods are described for a web event framework. A computerized method includes receiving, at a framework plugin coupled to a web browser, a framework action from a framework server, the framework action including arguments specifying context data to retrieve from a web page loaded on the web browser; executing the framework action by the framework plugin, wherein executing the framework action comprises retrieving the specified context data from the web page and generating, by the framework plugin, a framework event including the context data; forwarding the framework event to a framework server coupled to the framework plugin; receiving at the framework server the framework event from the framework plugin; determining, at the framework server, a framework action based on the framework event, including the specified data, and a framework policy; and sending instructions to an external process based on the specified data and the framework action. | 11-13-2014 |
20140337525 | APPARATUS, SYSTEMS, AND METHODS FOR PROVIDING POLICY IN NETWORK-BASED APPLICATIONS - The disclosed subject matter provides apparatus, systems, and methods for preventing a user from disabling a software extension to a network-based application, thereby allowing a computing device to enforce the software extension even if the user wants to disable the software extension. The disclosed apparatus, systems, and methods can prevent a user from disabling a software extension by blocking an access to a communications network via the network-based application when the software extension is disabled. | 11-13-2014 |
20140337511 | CONTEXT AWARE BROWSER POLICY - Systems and methods for a web event framework include receiving at a framework plugin an event from a web browser, wherein the framework plugin is coupled to the web browser, generating, by the framework plugin, a framework event based on the event, forwarding the framework event to a framework server coupled to the framework plugin, receiving at the framework server the framework event from the framework plugin, determining, at the framework server, a framework action based on the framework event and a framework policy, forwarding the framework action to the framework plugin, and executing the framework action by the framework plugin, wherein executing the framework action includes modifying one or more settings for the web browser, wherein the modified settings are based on the framework policy and sending an instruction to the web browser to cause the web browser to reload at least one web page under the modified settings. | 11-13-2014 |
20140337495 | WEB EVENT FRAMEWORK - Systems and methods are described for a web event framework. A computerized method includes receiving at a framework plugin an event from a web browser, wherein the framework plugin is coupled to the web browser, generating, by the framework plugin, a framework event based on the event, forwarding the framework event to a framework server coupled to the framework plugin, receiving at the framework server the framework event from the framework plugin, determining, at the framework server, a framework action based on the framework event and a framework policy, forwarding the framework action to the framework plugin, and executing the framework action by the framework plugin. | 11-13-2014 |
20140317264 | SYSTEM AND METHOD FOR DETERMINING WHETHER A COMPUTER DEVICE IS COMPATIBLE WITH A COMPUTER NETWORK - A system and method are provided for allowing an administrator to automatically determine whether networked computer devices are configured to use governance software that allocates resource in, or controls or restricts the access of other network devices, to certain portions of the networked storage based upon IT governance protocols, network efficiency and economics. To do this, a company server having governance software stored thereon polls a range of device addresses (e.g., IP addresses) specified by the network administrator or stored on a DNS server with a message formatted using protocols such as WebDAV, SMB/CIFS, FTP, etc., and specific to the governance software. If the device responds to the message, the address of the device, along with an indicia that the device is compatible with the governance software is stored in memory. | 10-23-2014 |
20140310324 | SYSTEMS AND METHODS FOR AUTOMATICALLY SORTING AND INDEXING ELECTRONIC FILES - Systems and methods are provided for automatically sorting and indexing electronic files. A set of emails is received from a folder for an email program. A set of nouns from a first email from the set of emails is identified, wherein the first email comprises a document attached to the first email, and wherein the set of nouns are identified from the first email, the document attached to the first email, or both. The set of nouns are sorted alphabetically. A file structure is created on a storage device for storing data from the set of emails. The file structure includes a first folder with a same name as the folder for the email program, and a second folder with a name comprising the sorted set of nouns. The document attached to the first email is stored in the second folder. | 10-16-2014 |
20140283107 | SECURE DATA MANAGEMENT - The disclosed subject matter includes a method. The method includes identifying an attempt to access, by an application instance running in a user space of an operating system, a first security zone of a computer readable medium, where the first security zone is associated with a first security level. The method further includes determining whether a restriction level associated with the application instance is higher than the first security level, where the restriction level is a function of previous security zones that have been accessed by the application instance. When the restriction level associated with the application instance is higher than the first security level, the method would prevent the application instance from writing to the first security zone. When the restriction level associated with the application instance is not higher than the first security level, the method would authorize the application instance to access the first security zone. | 09-18-2014 |
20140282820 | SECURE DATA MANAGEMENT - The disclosed subject matter includes a method. The method includes determining, by a module running on a computer platform in communication with non-transitory computer readable medium having a plurality of security zones, whether an application instance is in a foreground of a user interface for the computer platform. The method further includes determining, by the module, an alert level associated with the application instance in the foreground of the user interface, wherein the alert level includes at least one of a restriction level and an access level. The method also includes providing the alert level to a user of the computer platform using a visual cue displayed on the user interface. | 09-18-2014 |
20140281875 | MULTI-USER LAYER ANNOTATION - Techniques are disclosed for providing collaborative annotation of documents. In one embodiment, a computerized method is disclosed for providing collaborative annotation of documents that can include receiving, at a first computer, a first annotation from a first user for an original file; storing the first annotation to a first layer file; uploading the first layer file to a cloud storage server; receiving, at the first computer from the cloud storage server, a second layer file created by a second user; retrieving a second annotation from the second layer file; and concurrently displaying the original file together with the first annotation and the second annotation by overlaying the first annotation and the second annotation over the original file. | 09-18-2014 |
20140281583 | STORING ENCRYPTED CONTENTS IN DIGITAL ARCHIVES - A digital archive for storing encrypted content includes a header section and a body. The header section includes real headers, wherein at least a portion of each real headers is encrypted, and fake headers, wherein each of the fake headers is filled with cryptographically random bytes, wherein the fake headers are substantially more than the real headers. The body includes real contents, wherein at least a portion of each real content is encrypted, and fake contents in the rest of the body, wherein the fake content contains additional cryptographically random bytes, wherein the amount of the fake content is substantially greater than the amount of the real contents, wherein each of the real headers refers to a corresponding real content in the body and contains decryption information for the corresponding real content. | 09-18-2014 |
20140280485 | PRE-FETCHING REMOTE RESOURCES - Systems and methods are described for pre-fetching remote resources. A computerized method of pre-fetching remote resources includes calculating a probability of a request for a remote resource by a user within a validity period, based on a representation of historical requests for the remote resource by the user, pre-fetching the remote resource if the probability is greater than a threshold, intercepting an actual request for the remote resource by the user, recording the actual request into the representation of the historical requests by the user, and fulfilling the actual request for the remote resource using the pre-fetched remote resource. | 09-18-2014 |
20140280321 | SYSTEMS, METHODS AND MEDIA FOR PROVIDING A CUSTOMIZED OUTPUT BASED ON DATA OBTAINED USING RADIO-FREQUENCY IDENTIFICATION (RFID) - Systems, methods and media are provided for providing a customized output based on data obtained using RFID. One method includes receiving from at least one RFID reader identification (ID) information stored in a plurality of RFID devices. The method also includes searching and gathering data related to a plurality of individuals carrying the plurality of RFID devices from at least one of a database and an online source based on the ID information. The databases include personal information corresponding to each of the plurality of individuals. The method further includes analyzing the gathered data to update the personal information and to search for additional data related to the individuals and correlating the gathered data and the updated personal information to derive relationships amongst the individuals. The method also includes providing a customized output using at least one of the gathered data, the updated personal information and the derived relationships. | 09-18-2014 |
20140279896 | CLOUD-BASED DOCUMENT SUGGESTION SERVICE - Systems and methods are disclosed for suggesting relevant documents to a local user. In one embodiment, a method is disclosed comprising determining, at a local device, a set of selection criteria for suggestion of relevant documents to the local user, the suggestion criteria including at least one of keywords and document metadata; retrieving a plurality of file statistics from a remote server, wherein at least one of the file statistics has been created by a remote user; creating a table of suggestions from the plurality of file statistics and from the set of suggestion criteria; and suggesting at least one file to the local user based on the table of suggestion criteria. | 09-18-2014 |
20140279893 | DOCUMENT AND USER METADATA STORAGE - Techniques are disclosed for providing services to a client device via a shared cloud service. In one embodiment, a method is disclosed that includes storing information on a first device relating to a subject, saving the stored information in a serialized format data file to the shared cloud service, the data file having a filename generated as a function of the subject, providing authenticated access to the data file for a second device via the shared cloud service, synchronizing a copy of the data file via the shared cloud service to the second device, the copied data file reflecting a single up-to-date state of the data file in the shared cloud service, and de-serializing the serialized format data file at the second device. | 09-18-2014 |
20140279879 | SYSTEMS, METHODS AND MEDIA FOR DEFERRED SYNCHRONIZATION OF FILES IN CLOUD STORAGE CLIENT DEVICE - Systems, methods and media are provided for deferred synchronization of files in cloud storage systems. One method includes detecting changes to a data file. The method also includes monitoring I/O operations performed by a process associated with the changes. When the process is busy, the method also includes adding to an upload file list a name of a first file in response to a creation/modification of the first file. The method further includes adding to the list a new name of a second file and, when applicable, removing from the list an old name of the second file in response to renaming the second file. The method also includes removing from the list a name of a third file in response to a deletion of the third file and uploading files identifiable using file names in the list to the cloud storage server when the process is no longer busy. | 09-18-2014 |
20140279872 | HOMING DATA - Systems and methods are described for homing data. A computerized method of homing data includes embedding a first homing configuration within a first file on a host, intercepting an access attempt to the first file by the host, retrieving the first homing configuration embedded within the first file, determining a first data homing connector based on the first homing configuration, and synchronizing the first file through the first data homing connector with a first synchronization server based on the first homing configuration. | 09-18-2014 |
20140258875 | SYSTEMS, METHODS AND MEDIA FOR PROVIDING HISTORICAL NAVIGATION CONTROLS FOR A MOBILE DEVICE USER - Systems, methods and media for providing multi-dimensional historical navigation controls are provided. One method includes recording, at a mobile device, a first navigation path associated with a data item accessed by a user using the mobile device and enabling a plurality of elements in the first navigation path by generating a plurality of active controls each corresponding to one of the plurality of elements. The method also includes displaying a UI control including the first navigation path that is presented using the enabled elements. The method further includes detecting a selection of one of the enabled elements of the first navigation path when the user selects the active control corresponding to the selected one of the enabled elements and navigating to the site associated with the selected one of the enabled elements by jumping to the site from a first site associated with any other one of the enabled elements. | 09-11-2014 |
20140250069 | SYSTEMS AND METHODS FOR SELECTIVELY SYNCHRONIZING FILES - Systems and methods are provided for selectively synchronizing files. Data is received from a remote storage device indicative of a set of files stored on the remote storage device. A first file from the set of files is downloaded, but not a second file from the set of files. Both (a) the first file and (b) data indicative of the second file are stored in a database. A list of files stored in the database is displayed, the list including the first file and the second file. | 09-04-2014 |
20140237474 | SYSTEMS AND METHODS FOR ORGANIZING DEPENDENT AND SEQUENTIAL SOFTWARE THREADS - Systems and methods are provided for the organization of dependent and sequential software threads running multiple threads of execution on a computing device in order to improve performance and reduce the complexity of thread management. Computing tasks, or jobs, are organized into job wrappers for ordered execution. In response to receiving a request to create a job wrapper, the computing device initializes the job wrapper; initializes a shared data table having a plurality of variables that can be accessed by software threads that comprise the job wrapper; setting a first variable in the plurality of variables to assign a dependency of one software thread to another software thread; finally executing the job wrapper. | 08-21-2014 |
20140195979 | INTERACTIVE USER INTERFACE - A system and method for providing a selection interface on a touch screen device is disclosed. The selection interface depicts a claw for grasping. A progress indicator is provided by varying the motion of the claw. A completion indicator is also provided by depicting the claw in an open state or a closed state, and by moving the claw into a target region. | 07-10-2014 |
20140195593 | SYSTEMS, METHODS AND MEDIA FOR MANAGING EMBEDDED CONTENT - A method, system and medium for managing embedded content in documents are provided. The method, e.g., includes detecting, at a host device running a host application program, a user's action to initiate editing of content embedded in a document associated with the host application program and querying for the user's content management configuration to determine a target device having an interface suitable for editing the embedded content. If it is determined that the user's configuration specifies a device other than the host device as the target device, the method further includes sending a revision notification to the target device, wherein the notification includes a copy of, or a reference to, the document and receiving an update notification from the target device, wherein the update notification includes one of a copy of or a reference to a latest version of the document including the latest edits made to the embedded content. | 07-10-2014 |
20140188958 | DATA DRIVEN HIERARCHICAL PAGES - A method of managing data includes generating a model file containing descriptions of the data, wherein the descriptions of the data in the model file are formatted as a collection of dictionaries, wherein the descriptions of the data are divided into multiple groups that are associated with multiple hierarchical pages, and wherein the multiple groups associated with the multiple hierarchical pages are listed in the model file in a flat structure, and generating a controller file that, when executed by a processor, causes the processor to interpret the model file and present the data in the multiple hierarchical pages to a user, wherein the controller file refers to one of the multiple groups in the model file, wherein the controller file is re-used to interpret the multiple groups in the descriptions of the data and present the data in the multiple hierarchical pages. | 07-03-2014 |
20140188942 | DATA DRIVEN HIERARCHICAL PAGES - A method of managing data includes generating a model file containing descriptions of the data, wherein the descriptions of the data in the model file are formatted as a collection of dictionaries, wherein the descriptions of the data are divided into multiple groups that are associated with multiple hierarchical pages, and wherein the multiple groups associated with the multiple hierarchical pages are listed in the model file in a flat structure, and generating a controller file that, when executed by a processor, causes the processor to interpret the model file and present the data in the multiple hierarchical pages to a user, wherein the controller file refers to one of the multiple groups in the model file, wherein the controller file is re-used to interpret the multiple groups in the descriptions of the data and present the data in the multiple hierarchical pages. | 07-03-2014 |
20140188802 | PULL AND PASTE - Systems and methods are described for providing pull and paste functionalities. A computerized method of pulling and pasting data among computing devices includes determining attributes of a first computing device, transmitting the attributes of the first computing device to a second computing device, receiving a pulling request for copying information from the first computing device to the second computing device, wherein the information resides on the first computing device, automatically processing the pulling request at the first computing device and automatically generating a response to the pulling request, and automatically sending the response to the pulling request back to the second computing device, wherein the response contains the information. | 07-03-2014 |
20140176562 | SYSTEMS AND METHODS FOR PROVIDING A SOFTWARE APPLICATION PRIVACY SCREEN - Systems and methods are provided for applying a localized software privacy screen over the display of specific applications, files, and/or other content on a computing device. In response to a user request, a computing device can open a window comprising a file or content in an associated application on its output display, determine whether a privacy screen should be applied to the user interface, and apply the privacy screen in a visual layer over the user interface if specified by the settings, rules, and/or permissions. The privacy screen can be user modifiable and can be made up of plurality of privacy lines that may be of any suitable orientation, thickness, spacing, and/or color and opaqueness that permits the user of the computing device to view the underlying window while preventing unauthorized onlookers from viewing the same. | 06-26-2014 |
20140165003 | TOUCH SCREEN DISPLAY - Systems and methods are disclosed for a slide-in menu that provides extended actions for grid layouts on touch screen devices. The slide-in menu provides a signposted visual interface object for user interaction with an application that is discoverable and usable and that provides several selectable options for touch-screen users, while requiring minimal screen real estate and retaining touch target sizes for individual screen controls that is appropriate for touch screen users. The slide-in menu may be augmented with an additional plurality of menu options and with a “more” button that displays the additional plurality of menu options. | 06-12-2014 |
20140149499 | REMOTE REQUEST FULFILLMENT AND DELIVERY - Systems and methods are described for described for providing remote request fulfillment and delivery. A computerized method of sharing and distributing data among computing devices includes receiving at a server a request from a first computing device, wherein the request targets a second computing device and contains information about a data object, retrieving, using the server, at least a portion of the data object from a source of the data object, determining, using the server, attributes of the second computing device, adapting at least a portion of the data object according to the attributes of the second computing device, and notifying the second computing device of an availability of the data object. | 05-29-2014 |
20140143663 | SYSTEMS AND METHODS FOR PROVIDING CONTEXTUAL BASED TRUNCATION - Systems and methods are provided for displaying and manipulating the display of digital character strings where the length of the character string extends beyond the width of a desired output display. A client can perform contextual based truncations of character strings using at least one truncation symbol when the characters strings extend beyond the width of an output display. The client can analyze the character strings for differences and similarities. The client can then generate the truncated representations of the character strings based on predetermined parameters for truncation. The truncated representations can include similar and different portions of the character strings that maintain descriptive information that differentiates them. | 05-22-2014 |
20140143662 | Systems and Methods for User Modifiable Truncation - Systems and methods are provided for displaying and manipulating the display of digital character strings where the length of the character string extends beyond the width of a desired output display. In response to a user request to display a character string, a client can generate a truncated representation of the character string using at least one truncation symbol when the character string extends beyond the width of an output display. A client can modify the display of the truncated representation of the character string in response to detecting a signal corresponding to a change in location of the truncation symbol. The signal can be detected from a touchscreen or input device. This allows a user to view any portion of a selected character string, including those portions that may be obscured by the truncation symbol. | 05-22-2014 |
20140139530 | SYSTEMS AND METHODS FOR USER VIEWABLE TRUNCATION - Systems and methods are provided for displaying and manipulating the display of digital character strings where the length of the character string extends beyond the width of a desired output display. In response to a user request to display a character string, a client can generate a truncated representation of the character string using at least one truncation symbol when the character string extends beyond the width of an output display. A client can modify the display of the truncated representation of the character string in response to detecting a signal. For example, the client can display a selected character string in its entirety or an excerpt of the truncated representation. The signal can be detected from a touchscreen or input device. This allows a user to view those portions of the selected character string that may be obscured by the truncation symbol. | 05-22-2014 |
20140137273 | SYSTEM AND METHOD FOR SECURING THE UPLOAD OF FILES FROM A SYSTEM SERVER - Embodiments of the invention include a system and method to prevent a user from copying and storing files on a third party storage device or a user's personal computer. To do this, the system and method may perform a process of connecting the authorized user to the company's computer storage to access computer files for modification and, if the authorized user attempts to copy the file to the user's computer or a third party storage site, determining whether the file should be copied. To determine whether the file should be copied, the system may use inspection modules that inspect the data files to determine whether or not the user has been restricted from copying the data file. | 05-15-2014 |
20140122454 | SYSTEMS AND METHODS FOR DETERMINING AN ADDRESS FOR A PRIVATE FUNCTION - Systems and methods are provided for determining an address for a private function. A start address for a public function of a software program in a data file associated with the software program is determined. Instruction data for the public function is identified in the data file based on the start address of the public function. First data of a predetermined size is read from a beginning of the instruction data for the public function. A signature for a private function of the software program is identified in the first data. A relative address for the private function in the data file based on the identified signature is stored in memory. | 05-01-2014 |
20140109003 | SYSTEM AND METHOD FOR SELECTIVELY MUTING COMPUTER APPLICATIONS - Embodiments of the invention include a computer, computer program product and computer implemented method for allowing a user to mute selectively a computer application. In some embodiments, the computer comprises a computer display and a tangible non-transitory computer memory, the computer memory having stored thereon a plurality of computer instruction performing a process of creating a menu of computer applications running on the computer and a process of allowing the user to select from the menu of applications a particular application to mute. The instructions and computer program product, in some embodiments, determine whether an application running on the computer is generating a sound signal; add the application to a list of applications that are generating sound signals; and create a menu from the list for viewing by the user on the computer display, the menu including a name of the application and a mute icon. | 04-17-2014 |
20140101719 | SYSTEMS AND METHODS FOR PROVIDING A NETWORK STORAGE SYSTEM - Systems and methods are provided for providing a network storage system. One method includes receiving a request from a client coupled to a local communication network to provide access to a network storage system. The request can include a data item identifier, and the network storage system can include a local network storage, coupled to the local communication network, and a remote network storage, coupled to a public communication network. The method can further include identifying, based on the request, one of the local network storage and the remote network storage for serving the request, and providing the request to the identified one of the local network storage and the remote network storage to provide the client with an access to the identified one of the local network storage and the remote network storage. | 04-10-2014 |
20140089379 | SYSTEMS AND METHODS FOR COLLABORATIVE MOBILE DEVICE APPLICATIONS - Systems and methods are provided for collaborative mobile device applications. Mobile device applications for a mobile device are stored in a database. The mobile device applications include an interface defining how each mobile device application interacts with the other mobile device applications. Each mobile device application provides a set of services and/or features for a virtual application, wherein the virtual application is defined by the mobile device applications and their associated interfaces. The mobile device applications are configured such that a mobile device can download at least two different subsets of the mobile device applications, wherein each subset provides different functionality for the virtual application. | 03-27-2014 |
20140082555 | DEVICE AND METHOD FOR USING A TRACKBALL TO SELECT ITEMS FROM A DISPLAY - Embodiments of the invention include a selection device for use with a user computer and method for using the device. The selection device performs a process of providing a user with a plurality of menu icons for a plurality of computer applications on the selection device and a process of allowing a user to select a menu icon corresponding to a particular application for viewing on the user computer display. To do this, the device and method may implement the steps of displaying the plurality of menu icons representing applications available to the user on the user computer on the selection device display; enabling the user to scroll through the plurality of menu icons to select the menu icon corresponding to the particular application, and responsive to the user selecting the menu icon, transmitting an identifier for the particular application to the user computer. | 03-20-2014 |
20140082513 | SYSTEMS AND METHODS FOR PROVIDING CONTEXT-SENSITIVE INTERACTIVE LOGGING - Systems, methods, and computer-readable media provide for context-sensitive, interactive logs to an administrative user console. A log server can receive at least one logging event from at least one application server based upon activity of at least one entity, identify at least one action associated with the logging event, and create and store a log entry based on the logging event and the associated action. The log server can further format an interactive display page for display at an administrative user console containing the log entry, wherein the interactive display page displays the logging event and the associated action in proximity to the logging event, and wherein the associated action can be selectable by a user at the administrative user console. In response to a selection of the associated action from the administrative user console, the associated action can be initiated. | 03-20-2014 |
20140067991 | DISTRIBUTED STORAGE - Systems and methods are described for providing a distributed storage system. A distributed storage system includes a control server coupled to a network, the control server maintaining a policy, a host directory, and a file directory, and a plurality of hosts coupled to the network, each of the plurality of hosts containing a storage device and an agent configured to communicate with the control server, wherein each of the plurality of hosts is configured to contribute a portion of the storage device thereof to collectively form a distributed virtual disk configured to store files, wherein the portion of the storage device on each of the plurality of hosts is configured based on the policy, wherein the host directory contains information about the plurality of the hosts on the distributed storage system, and wherein the file directory contains information about the files stored on the distributed storage system. | 03-06-2014 |
20140063048 | VISUAL ACCESSIBILITY INDICATORS - Systems and methods are described for providing visual accessibility indicators on mobile devices. A computerized method of presenting a visual accessibility indicator relating to a target file includes detecting, using a mobile device, an active network connection of the mobile device to be used to transfer the target file, retrieving a connection profile for the active network connection, the connection profile including attributes relating to the active network connection, projecting accessibility of the target file at least partially based on the connection profile, and displaying, on the mobile device, a visual accessibility indicator representing the projected accessibility, wherein the visual accessibility indicator contains an icon illustrating the accessibility. | 03-06-2014 |
20140059344 | FILE PROTECTION USING SESSION-BASED DIGITAL RIGHTS MANAGEMENT - Systems and methods are provided for encrypting electronic files during a transfer to a low-security storage location is provided. In one embodiment, a method comprises receiving a file copy request for a file stored on a source storage system to be copied to a destination storage system; determining a desired file security level of the file based on a desired security level for the file when the file is accessed; determining a destination security level of the destination storage system; comparing the file security level and the destination security level; encrypting the file to create an encrypted file when the destination security level is less than the file security level prior to copying the file; and copying at least one of the file and the encrypted file to the destination storage system as a function of the comparison of the file security level and the destination security level. | 02-27-2014 |
20140059161 | USER VIRTUALIZATION INITIALIZATION - Systems and methods are described for providing a user virtualization (UV) system. A non-transitory computer readable medium includes executable instructions that are operable to, when executed by a computing device, cause the computing device to: acquire an input related to user identification (ID) information from a non-contact user ID input device, determine a user ID based on the acquired input, transmit the user ID to a UV control server over a network, receive UV information corresponding to the user ID from the UV control server, and apply the received UV information to a UV client device. | 02-27-2014 |
20140053229 | Systems and Methods for Policy Propagation and Enforcement - Many organizations want to extend the services and capabilities available to their users, but need to ensure that devices that are not within the perimeter and not under the direct control of the organization are managed in accordance with the organization's policies. A computerized method is disclosed for propagating resource access policies to a client device to provide compliance with security policies, comprising automatically receiving from a policy server via push communication at a client device a resource access policy comprising a trigger event and an action; when the trigger event is satisfied, executing the action; and sending an indication to the policy server that the resource access policy has been executed. | 02-20-2014 |
20140047556 | SECURE REDACTED DOCUMENT ACCESS - Described are computer-based methods and apparatuses, including computer program products, for secure redacted document access. A viewing application for viewing documents is executed, the viewing application comprising standard code for the viewing application that can not process the container data type, and custom code configured to allow the viewing application to process a container data type. A container of the container data type is received from a remote computing device comprising a set of redacted documents corresponding to an original document, each redacted document having a level of redaction corresponding to a viewing location, and a header comprising encryption information for each redacted document in the set of redacted documents. The container is processed based on a location of the computing device and the custom code. | 02-13-2014 |
20140047234 | ADAPTIVE DOCUMENT REDACTION - Described are computer-based methods and apparatuses, including computer program products, for adaptive document redaction. A container is generated comprising a set of redacted documents corresponding to an original document, each redacted document having a level of redaction corresponding to a viewing location, and a header comprising encryption information for each redacted document in the set of redacted documents. A request to view the original document is received from a requesting device. The container is transmitted to the requesting device. A request for additional encryption information for a redacted document from the set of redacted documents is received from the requesting device, wherein the redacted document comprises a level of redaction for a viewing location that is equal to a location of the requesting device. The additional encryption information is transmitted to the requesting device. | 02-13-2014 |
20140025636 | SYSTEMS AND METHODS FOR PROVIDING METADATA ENHANCED FILENAMES - Described are computer-based methods and apparatuses, including computer program products, for metadata enhanced filenames. A filename is received, the filename including a first set of characters that represents a name for the electronic file, and a second set of additional characters. The filename is parsed to identify the second set of additional characters. Metadata associated with the electronic file is determined based on the second set of additional characters without downloading additional data of the electronic file. The electronic file is processed based on the determined metadata. | 01-23-2014 |
20130346405 | SYSTEMS AND METHODS FOR MANAGING DATA ITEMS USING STRUCTURED TAGS - Systems and methods are provided for associating structured tags with files in a computer system. In one method, the method includes requesting a user, by the computer system, to provide the structured tag for the file, where the structured tag includes a tag type, a value type, and a tag value. The method can further include receiving the structured tag from the user, associating the structured tag and the file, and storing the association of the structured tag and the file in a non-transitory storage medium. | 12-26-2013 |
20130326619 | MANAGING PROCESS IMAGE HIJACKS - In some embodiments, a method includes storing, at a first time, a copy of an executable process at a memory area if an initial thread of the executable process is defined in a suspended state such that the copy of the executable process is not executed at the memory area. The executable process can be maintained at a storage different from the memory area. The method also includes comparing, at a second time after the first time, a header of a section of the executable process with a header of a section of the copy of the executable process. The method further includes determining not to execute the executable process if the header of the section of the executable process is different from the header of the section of the copy of the executable process. | 12-05-2013 |
20130326618 | SYSTEMS, METHODS AND MEDIA FOR MANAGING PROCESS IMAGE HIJACKS - Disclosed is a method of checking the authenticity of an executable process including at least one section. The method includes, when an initial thread of the executable process is created in a suspended state, mapping from storage a copy of the executable process into a spare memory area, where it will not be executed. The method also includes comparing a header of a first section of the executable process with a header of a first section of the copy. The method further includes terminating the executable process when the header of the first section of the executable process and the header of the first section of the copy are not identical. | 12-05-2013 |
20130291080 | SYSTEMS AND METHODS FOR DATA ACCESS PROTECTION - Systems and methods are provided for data access protection. The disclosed computing system can determine a passphrase for controlling access to a file, operate a hash function on the passphrase by a predetermined number of iterations to provide an intermediate passphrase, and send a request for an enhanced passphrase to a server in communication with the apparatus, where the request can include the intermediate passphrase. Subsequently, the disclosed computing system can receive, from the server, the enhanced passphrase based on the intermediate passphrase in response to the request. | 10-31-2013 |
20130290734 | SYSTEMS AND METHODS FOR CACHING SECURITY INFORMATION - Systems and methods are provided for caching security information. A method can include receiving security information for a file to be accessed at a device, performing a first hash function on the security information using a salt and a first mixer to compute a key associated with the security information, generating a device identifier (ID) unique to the device, performing a second hash function on the key using the device ID and a second mixer to compute an index associated with the key, wherein the second mixer is different from the first mixer, caching at least one of the security information and the key in a storage medium, wherein the index refers to the at least one of the security information and the key cached in the storage medium, and storing the index with the file. | 10-31-2013 |
20130290733 | SYSTEMS AND METHODS FOR CACHING SECURITY INFORMATION - Systems and methods are provided for caching security information. A method can include receiving security information for a file, performing a first hash function on the security information using a first salt and a first mixer to compute a key associated with the security information, performing a second hash function on the key using a second salt and a second mixer to compute an index associated with the key, wherein the second mixer is different from the first mixer, caching at least one of the security information and the key in a storage medium, and storing the index with the file, wherein the index is associated with the at least one of the security information and the key stored in the storage medium. | 10-31-2013 |
20130290732 | SYSTEMS AND METHODS FOR STORING AND VERIFYING SECURITY INFORMATION - Systems and methods are provided for storing and verifying security information. A method can include receiving security information for encrypting a file, performing key stretching on the security information to compute a key associated with the security information, encrypting the file using the key, computing a check value associated with the key, wherein at least a portion of the check value is stored in at least one of a header, metadata, or filename of the encrypted file, and storing the encrypted file in a storage medium. | 10-31-2013 |
20130290731 | SYSTEMS AND METHODS FOR STORING AND VERIFYING SECURITY INFORMATION - Systems and methods are provided for storing and verifying security information. A method can include receiving a request to access an encrypted file from a storage medium, wherein the request includes security information, performing key stretching on the security information to compute a key associated with the security information, computing a first check value associated with the key, receiving at least one of a header, metadata, or filename of the encrypted file from the storage medium, retrieving a second check value stored in the at least one of the header, metadata, or filename of the encrypted file, comparing the first check value with the second check value, and receiving the encrypted file from the storage medium only when the first check value matches the second check value. | 10-31-2013 |
20130290730 | SYSTEMS AND METHODS FOR DATA ACCESS PROTECTION - Systems and methods are provided for data access protection. The disclosed computing system can provide an adjusted iteration count to a dynamic key stretching module. The computer system can determine whether the adjusted iteration count is to be used to enhance a passphrase for data encryption or data decryption. When the adjusted iteration count is to be used for data encryption, the computing system is configured to compute the adjusted iteration count by modifying a base iteration count according to an adjustment configuration; when the adjusted iteration count is to be used for data decryption, the computing system is configured to retrieve the adjusted iteration count that was used to encrypt the data. Once the adjusted iteration count is determined, the computing system is configured to provide the adjusted iteration count to the dynamic key stretching module. | 10-31-2013 |
20130290437 | SYSTEMS AND METHODS FOR MINING ORGANIZATIONAL DATA TO FORM SOCIAL NETWORKS - Systems and methods are provided for mining organizational data to form social networks, by identifying an initial user; sending a first query to a directory server for a first directory service record of the initial user; receiving and parsing the first directory service record of the initial user to determine at least one group to which the initial user belongs; sending a second query to the directory server for a second directory service record of the group; receiving and parsing the second directory service record of the group to determine at least one other user different from the initial user; and storing an association between the initial user and the other user in a storage medium, wherein the stored association forms part of a social network containing the initial user and the other user. | 10-31-2013 |
20130290372 | SYSTEMS AND METHODS FOR ASSOCIATING TAGS WITH FILES IN A COMPUTER SYSTEM - Systems and methods are provided for providing tag suggestions for a data file. One method includes receiving a request to provide tag suggestions for a data file from a client device and identifying contextual information associated with the data file. The contextual information can include an organization chart that has a plurality of entries, and is associated with a user of the client device. The method can further include determining compatibility measures where each of the compatibility measures corresponds to one of the plurality of entries, identifying, based on the compatibility measures, one or more of the plurality of entries in the organization chart as the tag suggestions, and providing, at the tag server, the tag suggestions to the client device. | 10-31-2013 |
20130290347 | SYSTEMS AND METHODS FOR PROVIDING DATA-DRIVEN DOCUMENT SUGGESTIONS - Systems and methods are disclosed for providing at least one document suggestion from a computer system using at least one information source, the method comprising storing in the information source a plurality of associations, each of which includes a numeric coefficient that corresponds to at least one action of a user and at least one document; receiving a triggering action related to the at least one action of the user; comparing the numeric coefficients stored in the information source with a suggestion threshold based on the triggering action; and for each numeric coefficient that exceeds the suggestion threshold, identifying the corresponding at least one document as a suggested document. | 10-31-2013 |
20130290323 | SYSTEMS AND METHODS FOR AUTOMATICALLY ASSOCIATING TAGS WITH FILES IN A COMPUTER SYSTEM - Systems and methods are provided for automatically associating tags with files in a computer system. In one method, the method comprises receiving a search request from a user containing a search keyword; retrieving results including one or more files responsive to the search request; receiving file information and the user's previous access information about the one or more files; selecting at least one eligible file from the one or more files based on the access information and the file information; identifying at least one tag based on at least one of the search keyword, the access information, and the file information; associating the tag with the eligible file; and storing the association of the tag with the eligible file. | 10-31-2013 |
20130212133 | VIRTUALISED SYSTEMS - A computer system comprising a plurality of managed applications, a plurality of virtual application stores for storing data for respective managed applications, a metadata store and a composer engine configured to receive entity write requests from a managed application and to store metadata to identify the application store of the most recently updated application store for the entity, to receive entity read requests from another managed application and to look up in the metadata store the application store most recently updated for the requested entity and to return the entity from the application store; whereby the composer engine is configured to consolidate multiple virtual stores into a single composite virtual store. | 08-15-2013 |
20130054731 | CUT/COPY AND PASTE FUNCTIONALITY - An apparatus including a clipboard monitor at a first device is described. The clipboard monitor is operatively coupled to a data management module. The clipboard monitor is configured to receive metadata associated with data acquired in an acquire operation at the first device. The clipboard monitor is configured to send the metadata to the data management module in response to the acquire operation. The clipboard monitor is configured to receive a request associated with a paste operation at a second device. The clipboard monitor is configured to provide the data to the second device in response to the request. | 02-28-2013 |
20120331489 | BYPASSING USER MODE REDIRECTION - In one embodiment, a non-transitory processor-readable medium stores code associated with a function module included in a resource library. The code can represent instructions that when executed cause a processor to define, in response to a function hook associated with the function module, a copy of the resource library, the copy of the resource library including an unhooked copy of the function module. The code can further represent instructions that when executed cause the processor to execute the unhooked copy of the function module based on at least one policy from a plurality of policies. | 12-27-2012 |
20120265946 | BYPASSING USER MODE REDIRECTION - In one embodiment, a non-transitory processor-readable medium stores code associated with a function module included in a resource library. The code can represent instructions that when executed cause a processor to define, in response to a function hook associated with the function module, a copy of the resource library, the copy of the resource library including an unhooked copy of the function module. The code can further represent instructions that when executed cause the processor to execute the unhooked copy of the function module based on at least one policy from a plurality of policies. | 10-18-2012 |