| 11th week of 2013 patent applcation highlights part 62 |
| Patent application number | Title | Published |
|---|
| 20130067462 | INSTALLATION METHOD, INFORMATION PROCESSING APPARATUS AND DEVICE DRIVER - In response to a request from a client for the download installation of a device driver, device informational data that has been registered in a server and an installation set, which also has been registered in the server and includes the device driver and applications related to the device driver, are downloaded from the server to the client. On the basis of the device information data that has been downloaded from the server, the device driver and the related applications are installed in the client. After installation, post-installation processing regarding the applications related to the installed device driver is executed at the client based upon the device informational data. | 2013-03-14 |
| 20130067463 | INFORMATION PROCESSING DEVICE, PROGRAM INSTALLATION SUPPORT METHOD, AND COMPUTER-READABLE RECORDING MEDIUM - An information processing device performs communications via a network with a management device storing dependency information indicating a dependency relationship between programs. The information processing device includes a sending unit that sends, to the management device, identification information of a program to be downloaded; a receiving unit that receives, from the management device, install possibility information indicating whether the program to be downloaded can be installed in the information processing device, the install possibility information being determined based on the dependency information; and a display control unit that causes a display unit to display a screen page indicating whether the program to be downloaded can be installed in the information processing device based on the install possibility information, before downloading the program to be downloaded. | 2013-03-14 |
| 20130067464 | VIRTUAL MACHINE MOBILITY USING RESOURCE POOLS - In one embodiment, a portable virtual machine may use a generic resource allocation request to access a host resource. A virtualization host may receive a generic resource allocation request | 2013-03-14 |
| 20130067465 | DISTRIBUTED COMPUTING ARCHITECTURE WITH DYNAMICALLY RECONFIGURABLE HYPERVISOR NODES - A method of dynamically reconfiguring a distributed computing architecture having a plurality of processing nodes, where each processing node hosts a respective plurality of virtual machines, includes detecting a fault condition on a first processing node, assessing the criticality of a software function performed by each of the respective virtual machines on the first processing node, and reassigning at least one of the plurality of virtual machines on the first processing node to a second processing node if the at least one virtual machine is deemed critical. | 2013-03-14 |
| 20130067466 | Virtual Switch Extensibility - An extensible virtual switch allows virtual machines to communicate with one another and optionally with other physical devices via a network. The extensible virtual switch includes an extensibility protocol binding, allowing different extensions to be added to the extensible virtual switch. The extensible virtual switch also includes a miniport driver on which the extensions are loaded, tying the lifetimes of the extensions to the lifetime of the extensible virtual switch. | 2013-03-14 |
| 20130067467 | RESOURCE MANAGEMENT IN A VIRTUALIZED ENVIRONMENT - In a method for managing resources in a virtualized computing environment, a command to initiate execution of an operating system image dump process for a logical partition of the virtualized computing environment is received while the logical partition is in a process of terminating. One or more resources that are allocated to the logical partition that will not be utilized by the logical partition during execution of the operating system image dump process are determined. A notification to a hypervisor program in the virtualized computing environment is sent. The notification identifies the one or more resources. One of the one or more resources is reallocated. The operating system image dump process is executed. | 2013-03-14 |
| 20130067468 | APPLICATION ACCELERATION IN A VIRTUALIZED ENVIRONMENT - One embodiment illustrated herein includes a method that may be practiced in a computing environment. The method includes acts for providing direct access to hardware to virtual machines. The method includes determining that a virtual machine should have access to a piece of hardware. The method further includes a virtual machine requesting access to the hardware from the host wherein a host is a special partition that controls the physical hardware of a computing system and manages virtual machines. The method further includes the host configuring the hardware to allow access to the hardware directly by the virtual machine by the host mapping hardware resources into the virtual machine's address space. The method further includes the virtual machine directly accessing the hardware without going through the host once the hardware has been configured by the host. | 2013-03-14 |
| 20130067469 | Load Balancing By Endpoints - A mechanism is provided for In a cloud computing infrastructure, a mechanism is provided for balancing client sessions across virtual machines such that the number of virtual machines is efficiently managed. In some embodiments, the total number of virtual machines is minimized to reduce power consumption, cooling, and other cost drivers, while assigning users across the sessions. In one embodiment, the sessions in a virtual machine with low activity are migrated to a virtual machine with higher session rates to allow for the shutdown of the low usage virtual machines. In another embodiment, new user sessions are assigned according to a minimum performance standard. | 2013-03-14 |
| 20130067470 | Virtual Machine Monitoring Method, System and Computer Readable Storage Medium - A virtual machine monitoring method used in a virtual machine monitoring system is provided. The virtual machine monitoring method includes retrieving a hypercall transmitted from one of a plurality of virtual machines to a hypervisor of a virtual machine monitoring system, wherein the hypercall is used for establishing a channel between a source virtual machine and a target virtual machine. A central control virtual machine ID information in the hypervisor is retrieved. A type of the channel established by the hypercall is determined according to the central control virtual machine ID information and channel-establishing information corresponding to the hypercall. When the channel is a private channel that is not related to a central control virtual machine of the virtual machines, a security module is used to monitor the private channel. | 2013-03-14 |
| 20130067471 | OPERATION TRANSFER FROM AN ORIGIN VIRTUAL MACHINE TO A DESTINATION VIRTUAL MACHINE - Technologies and implementations for transferring operation from an origin virtual machine to a destination virtual machine while the origin virtual machine continues to execute an origin executable are generally disclosed. | 2013-03-14 |
| 20130067472 | ORGANIZATION OF HETEROGENEOUS ENTITIES INTO SYSTEM RESOURCE GROUPS FOR DEFINING POLICY MANAGEMENT FRAMEWORK IN VIRTUAL CLUSTER MANAGED SYSTEMS ENVIRONMENT - Policies are implemented in a virtual cluster managed systems. Heterogeneous entities are organized into system resource group (SRG) hosted on a virtual volume that is accessed via a virtual machine. Each of the heterogeneous entities is visible to an application operable on the virtual cluster managed systems environment. The system resource group is subject to at least one membership requirement, defines a relationship between at least two of the heterogeneous entities, contains at least one policy defining an operation as to be performed on the system resource group for a domain of the virtual cluster managed systems environment, and defines at least a portion of a policy framework between the system resource group and an additional system resource group organized from additional heterogeneous entities. The system resource group expands according to an action performed incorporating the relationship, policy, or policy framework. | 2013-03-14 |
| 20130067473 | Modes for Applications - Techniques for modes for applications are described. In one or more implementations, multiple operational modes are provided for an application. The operational modes can be associated with different resource access permissions, trust statuses, graphical user interfaces, and so on. An application can be launched in a particular one of the operational modes based on a context in which a request to launch the application is received. In one or more implementations, correlations between launch request contexts for an application and operational modes can be configured to enable different launch requests to cause an application to launch into different operational modes. | 2013-03-14 |
| 20130067474 | LANGUAGE INDEPENDENT APPLICATION OBJECT - Applications are managed on a computing device using a language independent application object. The computing device receives an indication that an application is to begin execution. Responsive to every indication that an application is to begin execution, a multi-thread aware singleton application object is instantiated within that application. The multi-thread aware singleton application object is configured to create a first application thread and a first application window for that application. The first application thread is associated with the first application window. The multi-thread aware singleton application object is configured to instantiate within an application regardless of a programming language or user interface framework utilized by that application. | 2013-03-14 |
| 20130067475 | MANAGING PROCESSES WITHIN SUSPEND STATES AND EXECUTION STATES - One or more techniques and/or systems are provided for suspending logically related processes associated with an application, determining whether to resume a suspended process based upon a wake policy, and/or managing an application state of an application, such as timer and/or system message data. That is, logically related processes associated with an application, such as child processes, may be identified and suspended based upon logical relationships between the processes (e.g., a logical container hierarchy may be traversed to identify logically related processes). A suspended process may be resumed based upon a wake policy. For example, a suspended process may be resumed based upon an inter-process communication call policy that may be triggered by an application attempting to communicate with the suspended process. Application data may be managed while an application is suspended so that the application may be resumed in a current and/or relevant state. | 2013-03-14 |
| 20130067476 | AUTOMATIC TRANSCODING AND SEMANTIC ADAPTATION BETWEEN SCRIPTING AND WORKFLOW SYSTEMS - A workflow scripting system is described herein that combines the features of workflows and scripts by automatically translating between the two models. Using the system, a script author can create workflows on the fly using familiar scripting language, and a workflow author can use scripting steps to perform actions. Workflows run in this manner can be setup to execute in their own process to improve robustness or efficiency. Operations in an enterprise environment frequently take a long time and are subject to interruptions. By adding reliability concepts of workflows to a shell environment, users of the system can write scripts to address common needs of large-scale computing environments. Thus, the workflow scripting system blends the available resources provided by workflow and scripting environments to provide a host of powerful, advanced capabilities to IT personnel. | 2013-03-14 |
| 20130067477 | COMPUTER SYSTEM AND CONTROL METHOD THEREOF - A computer system and a control method thereof are provided, wherein the computer system comprises an embedded controller (EC), a basic input/output system (BIOS), and an operating system (OS). In the method, when the computer system is rotated, the EC makes the BIOS identify a present rotation state of the computer system by an interrupt signal and an internal communication scheme. Then, the BIOS establishes a data structure in accordance with a virtual scan code and the rotation state, and then transmits the data structure to the OS. After that, the OS controls a program installed in the computer system to execute a related operation of the rotation state according to the data structure. | 2013-03-14 |
| 20130067478 | RESOURCE MANAGEMENT SYSTEM - Provided are: information acquisition unit that periodically acquires usage state information of resource by load; user terminal that creates permitted usage period data; period setting unit that sets each load's permitted usage period based on permitted usage period data; determination unit that determines whether each load's resource usage is within permitted usage period; and display unit that distinctively displays whether resource usage period is within permitted usage period based on determination result by determination unit. User terminal creates single batch permitted usage period data. Period setting unit includes batch setting unit that performs batch setting whereby batch permitted usage period is set as permitted usage periods of all loads. | 2013-03-14 |
| 20130067479 | Establishing A Group Of Endpoints In A Parallel Computer - A parallel computer executes a number of tasks, each task includes a number of endpoints and the endpoints are configured to support collective operations. In such a parallel computer, establishing a group of endpoints receiving a user specification of a set of endpoints included in a global collection of endpoints, where the user specification defines the set in accordance with a predefined virtual representation of the endpoints, the predefined virtual representation is a data structure setting forth an organization of tasks and endpoints included in the global collection of endpoints and the user specification defines the set of endpoints without a user specification of a particular endpoint; and defining a group of endpoints in dependence upon the predefined virtual representation of the endpoints and the user specification. | 2013-03-14 |
| 20130067480 | PROGRAMMABLE WALL STATION FOR AUTOMATED WINDOW AND DOOR COVERINGS - A programmable wall station system for controlling automated coverings includes at least one automated covering adapted to receive command signals, and a computer which includes a processor and a computer connection port. The processor is programmed to receive location input, position input for the automated coverings, schedule input, and generate scheduled events based on any of the received input. A wall station includes a controller and a station connection port that is linkable to the computer connection port. The controller is programmed to receive scheduled events from the processor when the station connection port and computer connection port are linked to one another and generate command signals based on the scheduled events for receipt by the automated covering to control its operation. | 2013-03-14 |
| 20130067481 | AUDIO FEEDBACK FOR COMMAND LINE INTERFACE COMMANDS - Exemplary method, system, and computer program product embodiments for audio feedback for command line interface (CLI) commands in a computing environment are provided. In one embodiment, by way of example only, auditory notifications are generated for indicating a completion of CLI commands. The auditory notifications are configurable by user preferences. Additional system and computer program product embodiments are disclosed and provide related advantages. | 2013-03-14 |
| 20130067482 | METHOD FOR CONFIGURING AN IT SYSTEM, CORRESPONDING COMPUTER PROGRAM AND IT SYSTEM - A method designed to configure an IT system having at least one computing core for executing instruction threads, in which each computing core is capable of executing at least two instruction threads at a time in an interlaced manner, and an operating system, being executed on the IT system, capable of providing instruction threads to each computing core. The method includes a step of configuring the operating system being executed in a mode in which it provides each computing core with a maximum of one instruction thread at a time. | 2013-03-14 |
| 20130067483 | LOCALITY MAPPING IN A DISTRIBUTED PROCESSING SYSTEM - Topology mapping in a distributed processing system that includes a plurality of compute nodes, including: initiating a message passing operation; including in a message generated by the message passing operation, topological information for the sending task; mapping the topological information for the sending task; determining whether the sending task and the receiving task reside on the same topological unit; if the sending task and the receiving task reside on the same topological unit, using an optimal local network pattern for subsequent message passing operations between the sending task and the receiving task; otherwise, using a data communications network between the topological unit of the sending task and the topological unit of the receiving task for subsequent message passing operations between the sending task and the receiving task. | 2013-03-14 |
| 20130067484 | INFORMATION PROCESSING APPARATUS, INFORMATION PROCESSING METHOD, RECORDING MEDIUM AND INFORMATION PROCESSING SYSTEM - There is provided an information processing apparatus including a receiver configured to receive a request to perform processing related to a task, from a first information processing apparatus which functions as a client on a network; a scheduler configured to, when a rank of a priority of the scheduler of the information processing apparatus among information processing apparatuses on the network is a first predetermined rank or higher, assign the task to one or a plurality of second information processing apparatuses which function as nodes on the network; and a transmitter configured to transmit a request to execute processing related to the task assigned to the one or the plurality of second information processing apparatuses. | 2013-03-14 |
| 20130067485 | Method And Apparatus For Providing Isolated Virtual Space - Various embodiments provide a method and apparatus of creating an application isolated virtual space without the need to run multiple OSs. Application isolated virtual spaces are created by an Operating System (OS) utilizing a resource manager. The resource manager isolates applications from each other by re-writing the network stack and the I/O subsystem of the conventional OS kernel to have multiple isolated network stack/virtual I/O views of the physical resources managed by the OS. Isolated network stacks and virtual I/O views identify the resources allocated to an application's isolated virtual space and are mapped to applications via an isolating identifier. | 2013-03-14 |
| 20130067486 | MESSAGE COMMUNICATION OF SENSOR AND OTHER DATA - A service may be provided that reads sensors, and that communicates information based on the sensor readings to applications. In one example, an operating system provides a sensor interface that allows programs that run on a machine to read the values of sensors (such as an accelerometer, light meter, etc.). A service may use the interface to read the value of sensors, and may receive subscriptions to sensor values from other programs. The service may then generate messages that contain the sensor value, and may provide these messages to programs that have subscribed to the messages. The messages may contain raw sensor data. Or, the messages may contain information that is derived from the sensor data and/or from other data. | 2013-03-14 |
| 20130067487 | Runtime Optimization Of An Application Executing On A Parallel Computer - Identifying a collective operation within an application executing on a parallel computer; identifying a call site of the collective operation; determining whether the collective operation is root-based; if the collective operation is not root-based: establishing a tuning session and executing the collective operation in the tuning session; if the collective operation is root-based, determining whether all compute nodes executing the application identified the collective operation at the same call site; if all compute nodes identified the collective operation at the same call site, establishing a tuning session and executing the collective operation in the tuning session; and if all compute nodes executing the application did not identify the collective operation at the same call site, executing the collective operation without establishing a tuning session. | 2013-03-14 |
| 20130067488 | METHOD AND SYSTEM FOR EFFICIENT INTER- PROCESS COMMUNICATION IN A HIGH AVAILABILITY SYSTEM - A system, method and associated data structures for providing inter process communication where IPC endpoints may get relocated during the operation of the system. A device in accordance with the principles of the present invention comprises IPC filter rule management process, IPC filter rule lookup process, IPC filter rule table and plurality of IPC endpoints and a network interface for connectivity, wherein IPC filter rule management process creates, deletes and updates the entries in IPC filter rule table, and wherein IPC filter rule lookup process finds the matched rule and takes the forwarding actions. A system in accordance with the principles of present invention for providing inter process communication where IPC endpoints may get relocated during the operation of the system comprises a plurality of preferred devices which in an embodiment may be connected with plurality of functional peers through plurality of network interfaces. | 2013-03-14 |
| 20130067489 | Power Efficient Callback Patterns - In one or more embodiments, an application program interface (API) is provided and enables an entity, such as an application, script, or other computing object to register to receive callbacks immediately and, without specifying a time constraint. In this approach, the API does not rely on a timer, such as a system timer. Rather, a non-timer based queue, such as a message queue-type approach is utilized. Specifically, callbacks that are registered through this API can be placed on the message queue and work associated with the registered callback can be performed through the normal course of processing messages and events in the message queue. Over time, such results in a callback pattern that allows an associated web browser and applications such as web applications to remain responsive, while increasing performance and power efficiencies. | 2013-03-14 |
| 20130067490 | MANAGING PROCESSES WITHIN SUSPEND STATES AND EXECUTION STATES - One or more techniques and/or systems are provided for suspending logically related processes associated with an application, determining whether to resume a suspended process based upon one or more wake policies, and/or managing an application state of an application, such as timer and/or system message data. That is, logically related processes associated with an application, such as child processes, may be identified and suspended based upon logical relationships between the processes (e.g., a logical container hierarchy may be traversed to identify logically related processes). A suspended process may be resumed based upon a set of wake policies. For example, a suspended process may be resumed based upon an inter-process communication call policy that may be triggered by an application attempting to communicate with the suspended process. Application data may be managed while an application is suspended so that the application may be resumed in a current and/or relevant state. | 2013-03-14 |
| 20130067491 | Content alerts - Detecting one or more preference events is disclosed. A rule defining a set of conditions associated with a set of preference events to be detected is received. An indication that one or more preference events has occurred is received. It is determined whether the set of conditions included in the rule has been met. If the set of conditions has been met, an alert is generated. | 2013-03-14 |
| 20130067492 | CONTENT-FILTER PUBLISH-SUBSCRIBE SYSTEM THAT OPTIMIZES INTERPROCESS COMMUNICATIONS - In a publish-subscribe system, a subscribing process may specify a condition relating to an object's attribute value. The condition may be retained in a data structure, and evaluated against a to be published event. If the condition is satisfied or occurred, the publish-subscribe system transmits a notification event to the subscribing process indicating the existence of the published event. | 2013-03-14 |
| 20130067493 | DEPLOYMENT OF PRE-SCHEDULED TASKS IN CLUSTERS - Managing a triggerable task in a cluster environment. A method includes accessing a definition a task, wherein the definition includes a triggering event, and an action to be performed when the triggering event occurs. The method further includes, accessing a cluster policy defining how triggering events are interpreted on a node task basis for a plurality of nodes in a cluster. Based on the cluster policy, the method includes determining that the triggering event has occurred. As a result of the determination that the triggering event has occurred, the method further includes attempting to perform the action. | 2013-03-14 |
| 20130067494 | Resuming Applications and/or Exempting Applications from Suspension - Only a particular number of applications on a computing device are active at any given time, with applications that are not active being suspended. A policy is applied to determine when an application is to be suspended. However, an operating system component can have a particular application be exempted from being suspended (e.g., due to an operation being performed by the application). Additionally, an operating system component can have an application that has been suspended resumed (e.g., due to a desire of another application to communicate with the suspended application). | 2013-03-14 |
| 20130067495 | MANAGING PROCESSES WITHIN SUSPEND STATES AND EXECUTION STATES - One or more techniques and/or systems are provided for suspending logically related processes associated with an application, determining whether to resume a suspended process based upon one or more wake policies, and/or managing an application state of an application, such as timer and/or system message data. That is, logically related processes associated with an application, such as child processes, may be identified and suspended based upon logical relationships between the processes (e.g., a logical container hierarchy may be traversed to identify logically related processes). A suspended process may be resumed based upon a set of wake policies. For example, a suspended process may be resumed based upon an inter-process communication call policy that may be triggered by an application attempting to communicate with the suspended process. Application data may be managed while an application is suspended so that the application may be resumed in a current and/or relevant state. | 2013-03-14 |
| 20130067496 | SITUATIONAL RECOMMENDATIONS IN HETEROGENOUS SYSTEM ENVIRONMENT - Situational recommendations in heterogeneous system environment are described herein. An event is received, where the event represents an interaction between an agent and a first resource from a number of resources available at the heterogeneous system environment. At least one impacted situation of a number of situations is determined based on the event. At least one operator from a number of operators is determined to apply on the at least one impacted situation. The at least one operator updates the at least one impacted situation. Recommendation of a second resource from the number of resources is generated based on the updated situation. | 2013-03-14 |
| 20130067497 | APPARATUS AND METHOD FOR SETTING A USER-DEFINED PATTERN FOR AN APPLICATION - In an apparatus to set a user-defined pattern for use in executing an application, the apparatus sets pattern information that indicates at least one of an input value according to a user input signal and an input value according to an input method for sensing information, and extracts task information of an application. Then, the apparatus generates mapping information based on the pattern information and the task information such that an application task corresponding to pattern information that is input in response to a user input signal is executed. A method for setting a reference pattern, including: receiving a first input; setting the reference pattern based on the first input; and mapping the reference pattern to an event of an application, wherein the event is executed in response to a duplication of the reference pattern. | 2013-03-14 |
| 20130067498 | Instant Messaging Sound Control - Controlling the volume of an audible alert associated with an instant messaging communications session includes rendering, on a first instant messaging user system, an instant messaging application user interface for an instant messaging communications session involving at least a first instant messaging user and a second instant messaging user, receiving notification of an event related to the instant messaging communications session, determining a characteristic of the event, accessing an audible alert to be rendered to signal existence of the event, adjusting based upon the determined characteristic of the event a volume of the audible alert corresponding to the event, and rendering the audible alert to signal existence of the event. | 2013-03-14 |
| 20130067499 | Instant Messaging Sound Control - Controlling the volume of an audible alert associated with an instant messaging communications session includes rendering, on a first instant messaging user system, an instant messaging application user interface for an instant messaging communications session involving at least a first instant messaging user and a second instant messaging user, receiving notification of an event related to the instant messaging communications session, determining a characteristic of the event, accessing an audible alert to be rendered to signal existence of the event, adjusting based upon the determined characteristic of the event a volume of the audible alert corresponding to the event, and rendering the audible alert to signal existence of the event. | 2013-03-14 |
| 20130067500 | LEGACY APPLICATION INTEGRATION WITHIN A BUNDLE FRAMEWORK - A bundle entering a set of starting and active bundles within a bundle framework is detected by a controller bundle executed by a processor. A determination is made as to whether a manifest of the bundle includes an extension header that identifies at least one legacy application. In response to determining that the manifest of the bundle includes the extension header that identifies the at least one legacy application, at least one application proxy object is created for at least one defined entry point class of the at least one legacy application identified by the extension header. The created at least one application proxy object is registered as a service within a service registry of the bundle framework. | 2013-03-14 |
| 20130067501 | VIRTUALIZED STORAGE ASSIGNMENT METHOD - Various aspects are disclosed for building a device driver stack in a virtual machine partition that does not physically control the device represented by the stack. In an embodiment, a secondary interface and driver for an I/O device may be instantiated. Information from an I/O virtualization layer describing the devices that the associated driver may control may be requested. A multi-path redirection layer may provide a handle to an existing stack that includes a driver for the I/O device. This existing stack may then be used to communicate with the device and allow the creation of a new stack including an object representing the device and a new driver for the device. The multi-path redirection layer may then open a handle to the new stack and inform the device virtualization layer, which may then ask the existing device interface to relinquish control of the device to the newly created interface. | 2013-03-14 |
| 20130067502 | Atlasing and Virtual Surfaces - Atlasing and virtual surface techniques are described. In one or more implementations, virtual surface functionality is exposed by an operating system for access by one or more applications of the computing device. A virtual surface is created in response to a request from the one or more applications to be used to render visuals for display by a display device. The virtual surface is allocated in memory of the computing device by the exposed virtual surface functionality to have an area that is larger than an area to be used to display the visuals from the one or more applications. | 2013-03-14 |
| 20130067503 | EXPOSURE OF REMOTELY INVOKABLE METHOD THROUGH A WEBPAGE TO AN APPLICATION OUTSIDE WEB BROWSER - Web browsing environments are commonly used to facilitate user interaction with data over the Internet. A web browser is a tool used to view and interact with a webpage. A webpage may interface with a web service to provide remote functionality that the webpage does not locally provide. An effective method for specifying and consuming remote functionality that an application invokes outside of the web browser is disclosed herein. A webpage exposes remote functionality (e.g., web service) that a web browser and/or browser extensions may discover through browsing the webpage. A browser extension associated with an application determines whether the application is compatible with the remote functionality. Once a compatible application is determined, it may be executed so as to connect to and invoke the remote functionality outside of the web browser. The application may provide a more robust experience with the remote functionality compared to the web browsing environment. | 2013-03-14 |
| 20130067504 | MOUNTING STRUCTURE FOR ELECTRONIC EQUIPMENT AND ELECTRONIC APPARATUS HAVING THE SAME - A chassis, and a rigid mount member having at least three fixed support portions connected to the chassis are included. The rigid mount member has an installation surface for fixing a base unit, and with the installation surface being used as a reference plane which is along the horizontal plane, at least one of the fixed support portions is provided at a level higher than the center of gravity of the base unit on the side of one end edge of the installation surface, while at least the other one of the fixed support portion is provided at a level lower than the center of gravity of the base unit on the side of the other end edge of the installation surface. | 2013-03-14 |
| 20130067505 | METHODS AND APPARATUS FOR AUDITING SIGNAGE - Example methods and apparatus for auditing signage are disclosed. A disclosed example method involves directing an operator to a signage location and capturing an image of a signage at the signage location. The example method also includes detecting an actual characteristic of the signage based on the image and comparing the actual characteristic to an expected characteristic. | 2013-03-14 |
| 20130067506 | System and Method for Monitoring Delivery of Media Content by a Media Communication System - A system that incorporates teachings of the present disclosure may operate according to, for example, a method involving recording audio feedback from a plurality of subscribers commenting on media content supplied by a media communication system on at least one of a plurality of media channels, detecting one or more trigger words in the recorded audio feedback having an association with a disruption of one or more media services supplied by the media communication system, selecting one or more network elements of the media communication system in at least one transmission path that supplies media services to one or more of the plurality of subscribers that supplied audio feedback matching the one or more trigger words, and directing the selected one or more network elements to record media content on one or more media channels selected from the plurality of media channels. Other embodiments are disclosed. | 2013-03-14 |
| 20130067507 | APPARATUS AND METHOD FOR PARENTAL CONTROL USING V-CHIP PLUS+ AND MASTER PASSWORD - A method and apparatus for exercising access control over television programs using a parental control user interface that has different functions is provided. The method requires a password to enter into a master mode for obtaining access to all the functions of the parental control user interface. Once in the master mode, the user may enter a criterion for blocking a television program from being viewed or recorded or the user can override an already blocked television program. | 2013-03-14 |
| 20130067508 | CONTROLLING ACCESS OF A USER TO MEDIA CONTENT - Media device ( | 2013-03-14 |
| 20130067509 | CONTENT DELIVERY FOR VIEWING DEVICES WITHIN A CUSTOMER PREMISES - A streaming device may broadcast multimedia content, such as television signals, to electronic devices in a customer premises. The device may include a tuner to receive a signal, corresponding to a number of television channels, and to extract a second signal corresponding to a selected channel. The device may include a media processor to transcode the extracted signal to a second encoded format. The device may further authenticate a destination device as a destination device that is authorized to receive at least some of the television channels, and receive, from the destination device, channel selection information that identifies the selected channel. The device may further include a communication interface to transmit the signal, in the second encoded format, to the destination device. | 2013-03-14 |
| 20130067510 | SYSTEMS AND METHODS FOR INSERTING ADS DURING PLAYBACK OF VIDEO MEDIA - The solution of the ad delivery platform described herein provides for the marketing and monetizing of media assets via the delivery of advertisement with on-demand video. The ad platform optimizes the delivery of ads by controlling the insertion frequency and format of the ad delivered with video streams. The ad platform provides flexible and configurable ad insertion rules to specify the insertion frequency and format for the composition of ads during playback of on-demand video media. The ad insertion rules may be based on a user profile, user behavior history, topic of the stream to be delivered, duration of the video or ad, and/or the popularity rating of the video or ad. The ad platform includes a reporting tool and usage reports to measure the effectiveness of the ad insertion rules in delivering ads to market and monetize the video media. | 2013-03-14 |
| 20130067511 | CONTENT DISTRIBUTION PLATFORM - A system is adapted to manage the distribution of content to one or more cooperating media/substrates. The system receives data representative of environment conditions for one or more cooperating media/substrates adapted to display digital content. The media/substrates may be located in public spaces. The system compares the received data representative of environment conditions with selection criteria to identify content for distribution to the media/substrates. The selected content is distributed to the one or more cooperating media/substrates. | 2013-03-14 |
| 20130067512 | SYSTEMS AND/OR METHODS FOR DISTRIBUTING ADVERTISEMENTS FROM A CENTRAL ADVERTISEMENT NETWORK TO A PERIPHERAL DEVICE VIA A LOCAL ADVERTISEMENT SERVER - Certain exemplary embodiments disclosed herein relate to systems and/or methods for distributing advertisements from a central advertisement network to one or more peripheral devices at a location via a local advertisement server. In certain exemplary embodiments, the local advertisement server within a location receives advertisements from the central advertisement network and rebroadcasts them to peripheral devices within that location. Advertising information may be tracked and reported, e.g., for accounting, revenue-sharing, and/or other purposes in certain exemplary embodiments. Thus, in certain exemplary embodiments, the distribution of advertisements is provided to peripherals via a non-web- and non-PC-dependent network. Moreover, in certain exemplary embodiments, reporting and advertising related communications are substantially bi-directional regardless of device type. Certain exemplary embodiments provide revenue sharing among some or all of the central advertising network provider, the proprietors of locations, operators tasked with maintaining the local ad server and/or the peripheral devices, etc. | 2013-03-14 |
| 20130067513 | CONTENT OUTPUT DEVICE, CONTENT OUTPUT METHOD, CONTENT OUTPUT PROGRAM, AND RECORDING MEDIUM HAVING CONTENT OUTPUT PROGRAM RECORDED THEREON - An information providing device associates in advance and stores a characteristic element which is a candidate to be specified from an image, with content. Further, the information providing device is configured to specify a difference between characteristic elements by comparing a characteristic element specified from a currently acquired image with a characteristic element specified from an image acquired prior to (in the past) the image, and acquire content associated with the characteristic element related to the difference, and display the content on a display. | 2013-03-14 |
| 20130067514 | SYSTEM AND METHOD FOR A COMMUNICATION EXCHANGE WITH AN AVATAR IN A MEDIA COMMUNICATION SYSTEM - A system that incorporates teachings of the present disclosure may include, for example, a processor that causes a STB to present an avatar. The processor can receive from the STB a response of the user, detect from the response a change in an emotional state of the user, adapt a search for media content according to the change in the emotional state of the user, and adapt a portion of the characteristics of the avatar relating to emotional feedback according to the change in the emotional state of the user. The processor can cause the STB to present the adapted avatar presenting content from a media content source identified from the adapted search for media content. Other embodiments are disclosed. | 2013-03-14 |
| 20130067515 | PRESENTING MEDIA CONTENT TO A PLURALITY OF REMOTE VIEWING DEVICES - Methods and systems for processing and provisioning media content for display on a viewer device are provided. An example method may comprise accessing an advertisement database to obtain a plurality of advertisement media components The advertisement media components may be provided by an advertisement provider that pays to have the advertisement media components accessible. An entertainment database may be accessed to obtain a plurality of entertainment media components, the plurality of entertainment media components being provided by an entertainment provider that receives payment to make the entertainment media components accessible. Thereafter, the entertainment media components may be interspersed between the advertisement media components to provide viewer media content. An award associated with the viewer media content may be selectively allocated and the media content is communicated to at least one viewer device for viewing. A notification may be sent to the viewer device when the award has been awarded. | 2013-03-14 |
| 20130067516 | TELEVISION CHANNEL MAPPING TECHNIQUES - In one embodiment, a television configuration technique includes determining a location, from a web service, of a television set using an internet protocol address of the television set or a zip code corresponding to a physical location of the television. Electronic programming guide, interactive programming guide or the like data for a plurality of service providers in the determined location are downloaded. The electronic programming guide data, interactive programming guide data, or the like for one or more channels that are unique between the plurality of service providers are checked against transmitting station identifier data or system information protocol data to identify the specific service provider that the television set is connected to. A channel list for the specific service provider is then determined from the electronic programming guide or interactive programming guide corresponding to the specific service provider. | 2013-03-14 |
| 20130067517 | INFORMATION DESCRIPTOR AND EXTENDED INFORMATION DESCRIPTOR DATA STRUCTURES FOR DIGITAL TELEVISION SIGNALS - According to an aspect, there is provided a digital television (DTV) data stream including program and system information protocol (PSIP) data associated with content of the DTV data stream, the PSIP data including a virtual channel table (VCT) and an event information table (EIT), the EIT comprising: a source identification field identifying a source of an associated event in a DTV data stream; an event identification field indicating an identification of the event; a start time field indicating a star time of the event; a title field indicating a title of the event; and a descriptor comprising: a descriptor tag identifying the descriptor as a genre descriptor; a descriptor length indicating a total length of the descriptor; and at least one category code for an associated event in a DTV data stream, each category code specifying genre, program type, or category information of the associated event, wherein the at least one category code specifies at least one of a set of basic categories. | 2013-03-14 |
| 20130067518 | RECOMMENDING BROADCAST TRANSMISSIONS OF INTEREST TO A VIEWER - Systems and methods identify broadcast transmissions of interest to a user by comparing a user's interest profile to characteristics, such as topic phrases, associated with available broadcast transmissions. The method comprises receiving from a viewing station via a communication network an interest profile associated with a user. The interest profile includes data representing a plurality of topics of interest to the user that relate to broadcast transmissions. After receiving the interest profile, a text-based search is performed to identify available broadcast transmissions that match at least one topic of interest included in the interest profile, and a list of one or more of the available broadcast transmissions that match at least one topic of interest included in the interest profile are transmitted to the viewing station so that one or more of the available broadcast transmissions can be selected from the list and presented via the viewing station. | 2013-03-14 |
| 20130067519 | INTERACTIVE MEDIA GUIDANCE APPLICATION WITH INTELLIGENT NAVIGATION AND DISPLAY FEATURES - Methods and systems are disclosed that allow a user to efficiently navigate media selections in an interactive media guidance application and easily identify media for viewing. The disclosed methods and systems provide an environment wherein video assets are displayed according to a user preference on a mosaic page with multiple cells. A subset of the assets appropriate for display in a particular cell is determined based on the user preference. Relevance scores of the assets meeting the user preference are computed, and the asset having the greatest relevance for the user is selected and displayed the corresponding cell. The relevance scores can be computed based on the user's historic viewing habits, user interaction with a media guidance application, or on specific user input. | 2013-03-14 |
| 20130067520 | INFORMATION DESCRIPTOR AND EXTENDED INFORMATION DESCRIPTOR DATA STRUCTURES FOR DIGITAL TELEVISION SIGNALS - A digital television (DTV) data stream includes an event information table (EIT), the EIT including: a descriptor including: a descriptor tag identifying the descriptor as a genre descriptor, a descriptor length field, and at least one category code for an associated event in a DTV data stream. | 2013-03-14 |
| 20130067521 | Method For Securely Linking Hospital Patients To Their Service Provider Accounts - Methods and systems for linking a service provider account with patient care information are disclosed. A patient's account information is received. A service account for the patient is identified, and an association between a patient's care record and the service account is stored. Care information for the patient is received and transmitted to a device associated with the patient's service account. | 2013-03-14 |
| 20130067522 | Dynamic VOD Channel Allocation Based on Viewer Demand - A system and method for delivering video content over a network in communication with a subscriber having an associated electronic device is disclosed. A network server is provided and is configured to transmit a plurality of multicast streams of video content over the network. A scheduled start time for the transmission of a first stream of the multicast streams is assigned. A request for the video content is received at a first time, which is after said scheduled start time and the request is the first request for the video content received by the network server after the scheduled start time. The first stream is transmitted over the network only after the request. | 2013-03-14 |
| 20130067523 | METHOD AND SYSTEM FOR MANAGING BANDWIDTH - A bandwidth management system, receiver, and method of managing bandwidth in a content delivery system are described. In one embodiment, the method includes: identifying two or more content items which are associated with at least some common content and which are temporally related; determining a relative priority of the least some of the identified content items; and allowing a receiver requesting the content associated with a lower priority content item to access a multicast associated with a higher priority content item. | 2013-03-14 |
| 20130067524 | VIDEO TRANSMISSION WITH ENHANCED AREA - A video transmission method includes receiving a selected area from an input device. The selected area includes a first portion of a video image received from a video device. The video image includes a second portion, at least some of which is not included in the selected area. The first portion of the video image is transmitted at a first resolution over a network for display. The second portion of the video image is transmitted at a second resolution over the network for display. The second resolution is lower than the first resolution, which allows the system and method to utilize available transmission bandwidth to transmit the video image with the first portion, which may be a portion of interest in the video image, at a higher quality than the second portion, which may be a portion in the video image of less interest than the first portion. | 2013-03-14 |
| 20130067525 | SERVICE PROVISIONING DEVICE WITH INTEGRATED CABLE MODEM - A cable service provisioning device includes an integrated cable modem to enable a cable provider to send configuration commands. The device includes an input component that receives an input signal from a cable network and an output component that provides an output signal to a customer premises. The device further includes a cable modem configured to receive configuration commands from a cable head end, radio frequency filters configured to selectively pass a portion of the input signal; and a radio frequency switchboard coupled to the input component, the output component, and the one or more radio frequency filters. A processor is coupled to the cable modem and the radio frequency switchboard and is configured to control the radio frequency switchboard to selectively enable or disable individual radio frequency filters in response to the configuration commands received from the cable head end. | 2013-03-14 |
| 20130067526 | Method and Apparatus for Browsing Using Alternative Linkbases - Systems and methods for navigating hypermedia using multiple coordinated input/output device sets. Disclosed systems and methods allow a user and/or an author to control what resources are presented on which device sets (whether they are integrated or not), and provide for coordinating browsing activities to enable such a user interface to be employed across multiple independent systems. Disclosed systems and methods also support new and enriched aspects and applications of hypermedia browsing and related business activities. | 2013-03-14 |
| 20130067527 | System and Method for Transmitting a Services List to a Playback Device - There is provided a system and method for dynamically transmitting a services list to a playback device. The system comprises a display device, a playback device, and a mediator server with a mediator application. The mediator application is configured to receive, from the playback device, a service request for a services list, to send a services list for presenting on a display device in response to receiving the service request, to receive an activation request for at a third-party service listed in the services list, and to activate the third-party service in response to receiving the activation request. By programming a digital video disc such as a Blu-ray disc according to an API and using such a mediator server, a dynamically adjustable list of third-party services may be supported and used by the playback device without changing the disc application code. | 2013-03-14 |
| 20130067528 | Apparatus and Method for Managing Set Top Boxes - A system that incorporates teachings of the present disclosure may include, for example, a set top box having a controller to eliminate a scheduled recording of a targeted media program, where the scheduled recording is a redundant recording of the targeted media program that is determined based upon monitoring of recordings of media programs by a group of set top boxes in communication with each other over a network, where another set top box of the group of set top boxes is designated as a host set top box to record the targeted media program, and where the controller is provided access to the targeted media program by the host set top box. Other embodiments are disclosed. | 2013-03-14 |
| 20130067529 | RECORDABLE DIGITAL TV SET-TOP BOX - A digital TV set-top box includes a casing, a fixing frame, an adapter board, a hard disk drive, and a sliding frame. The casing is provided with an opening, and the fixing frame is arranged with the hard disk drive. Since the sliding frame is smaller than the opening of the casing, the sliding frame can pass through the opening and be slidably arranged between two chutes of the fixing frame, and a connecting head of the hard disk drive can be correspondingly plugged into the adapter board so as to establish an electrical connection. As such, the present invention provides a TV set-top box that the hard disk drive can be assembled therewith or disassembled therefrom easily, so that the hard disk drive of the digital TV set-top box can be maintained or upgraded without the need of removing the whole upper casing of the set-top box. | 2013-03-14 |
| 20130067530 | DNS-Based Content Routing - DNS-based content routing techniques are described. In one or more implementations, data is examined that describes interactions via a network with content via a domain name. Responsive to the examination, a policy is adjusted to change how one or more network addresses are resolved for the domain name for access to the content. A communication is formed that includes the adjusted policy to be communicated to one or more domain name system (DNS) servers, the adjusted policy configured to specify which network address are resolved for the domain name by the one or more DNS servers for access to the content. | 2013-03-14 |
| 20130067531 | Access Brokering Based on Declarations and Consent - Embodiments include processes, systems, and devices for brokering application access to capabilities, such as device capabilities. An access broker receives requests from applications to access capabilities. The access broker determines whether to grant access based at least in part on whether the application manifest declares the capability. The access broker also may cause a user interface element to be displayed requesting user consent to the access request. Also, an in-application user interface element is provided that displays capability access settings for a particular application. The in-application user interface element includes selectable options for changing those settings. Changes in those settings via the user interface update the settings in the access broker. | 2013-03-14 |
| 20130067532 | GENERATING SECURITY PERMISSIONS - Embodiments of the invention relate to generating security permissions for applications. A static analysis on an application is carried out to determine security exceptions and to determine the application components responsible for the security exceptions. The determined security exceptions are analysed to calculate permissions required for each component. A security policy file that includes a hierarchy of the required permissions suitable for the type of application is formatted and applied to the application to provide a security enabled application. | 2013-03-14 |
| 20130067533 | GENERATING A TEST LICENSE FOR A DEVELOPER APPLICATION - One or more techniques and/or systems are disclosed for generating a test application license for a developer application, such as to test a licensing portion of the developer application on a developer machine. An application identifier (appID) can be created that is particular to the developer application. Developer binding data associated with an authenticated developer of the developer application can be created that is particular to the developer. The appID and developer binding data are combined to create bound application developer data. The test application license is generated for the developer application based at least upon an authenticated developer certificate and the bound application developer data. The generated test application license provides for the licensing portion of the developer application to be tested on the developer machine. | 2013-03-14 |
| 20130067534 | COMPUTER MOTHERBOARD HAVING PERIPHERAL SECURITY FUNCTIONS - A secure motherboard for a computer, wherein each user accessible peripheral port is protected by hardware based peripheral protection circuitry soldered to the motherboard. The protection circuitry provides security functions decreasing the vulnerability of the computer to data theft. User input ports such as keyboard and mouse peripheral ports are coupled to the computer through a security function that enforce unidirectional data flow only from the user input devices to the computer. Display port uses a security function which isolates the EDID in the display from the computer. Authentication device such as smart card reader is coupled to the computer via a port having a security function which enumerates the authentication device before coupling it to the computer. | 2013-03-14 |
| 20130067535 | APPARATUS AND METHOD FOR CONTROLLING A NETWORK CONNECTION - An apparatus and method for controlling access to a network in portable terminal based on a characteristic of an application may determine the characteristic of the application based on at least one of a reference security level of the application, a reference data amount of the application, and a reference speed of the application, and may select a network to be connected to from among available networks based on the characteristic of the application when executing the application. | 2013-03-14 |
| 20130067536 | INFORMATION PROCESSING APPARATUS AND INFORMATION PROCESSING PROGRAM - An information processing apparatus includes an generating section that generates authentication operation data from an input type associated with the type of the appliance in appliance data and stores the authentication operation data in a storage device, an transmitting section that transmits the authentication operation data to a gateway apparatus, an acquiring section that receives, from the gateway apparatus, input operation data input from an input device of an appliance and stores the input operation data in the storage device, and an collating section that compares the authentication operation data and the input operation data, determines whether the authentication operation data and the input operation data coincide with each other, and outputs collation result data. If the coincidence is determined, the information processing apparatus causes the gateway apparatus to authenticate communication for controlling the appliance between the appliance and the gateway apparatus. | 2013-03-14 |
| 20130067537 | APPARATUS, METHODS, AND COMPUTER PROGRAM PRODUCTS FOR PROVIDING PORTABLE COMMUNICATION IDENTITY SERVICES - Apparatus, methods, and computer program products for providing portable communication identity services are provided. A request is received to access a portable communication identity from a communications device. User information is received that is input by a user of the communications device, and the user information is authenticated. Capabilities of the communications device are accessed, and the portable communication identity is transmitted in accordance with the capabilities of the communications device. | 2013-03-14 |
| 20130067538 | Context Aware Recertification - Mechanisms are provided for facilitating recertification of a user access entitlement. These mechanisms collect, from a system resource of the data processing system, access information representative of accesses of the system resource by a user access entitlement. These mechanisms determine that recertification of the user access entitlement, with regard to the system resource, is to be performed and a pattern of access is determined based on the access information for the user access entitlement. A recertification request graphical user interface is output to a user based on the pattern of access. The graphical user interface includes the pattern of access and one or more graphical user interface elements for receiving a user input specifying acceptance or denial of the recertification of the user access entitlement. | 2013-03-14 |
| 20130067539 | ACCESS CONTROL MANAGEMENT - The subject disclosure relates to authorization based on a determination of permissions that can be granted for an action(s) to be performed on a resource. The determination of the permission is based on a set of rules that represent a theory including a notion of trust that has been divided into different sized tables. The tables are utilized to evaluate two or more input claims and to facilitate a determination of whether access to at least one system resource is to be granted. The evaluation can include matching the two or more input claims to rows in the table, wherein access is allowed if a match is found. | 2013-03-14 |
| 20130067540 | TECHNIQUES FOR ACHIEVING STORAGE AND NETWORK ISOLATION IN A CLOUD STORAGE ENVIRONMENT - Techniques for achieving storage and network isolation in a cloud environment are presented. A single Internet Protocol (IP) address is presented to multiple storage tenants that use storage in a cloud environment. When each tenant accesses the IP address, a specific identity of the tenant is resolved and the storage stack for that tenant is sent to the tenant's storage machine having the tenant's storage. The tenant is directly connected to its tenant storage machine thereafter. | 2013-03-14 |
| 20130067541 | IMAGE PROCESSING DEVICE, ACCESS CONTROL METHOD AND COMPUTER READABLE RECORDING MEDIUM - An image processing device, comprises: a display part on which various types of information are displayed; a storage part for storing therein a variety of data; a first browser for accessing an external server and acquiring a web page from the external server, thereby causing the display part to display the acquired web page; a second browser for accessing the external server and acquiring the web page from the external server, thereby causing the display part to display the acquired web page, and that is permitted to access a predetermined storage region in the storage part; a browser boot part for starting up any one of the first and second browsers; and a controller for permitting an access request for the predetermined storage region in response to receipt of the access request from the running browser only when the browser running by the browser boot part is the second browser. | 2013-03-14 |
| 20130067542 | Connection authorization with a privileged access - Disclosed is a connection authorization method with an access privilege transferring algorithm for safely transmitting privilege information between virtual mobile management tool and communication endpoint gateway (CEG) server through embedded stub. Secret Shared Key (SSK) information is shared between the embedded stub and communication endpoint gateway server (namely, session mediation server) through VMM (Virtual Mobile Management) client. A stub that generates access privilege information transfers access privilege information to VMM tool. The stub applies a two-way communication channel between the session mediation server and the VMM tool by joining the generated privilege information and the SSK information to each other, thereby generating protected privilege information with which a third party or hacker who does not know the secret information is not capable of interfering. Exploiting the protected privilege information makes it possible to safely connect authorization with access privileges. | 2013-03-14 |
| 20130067543 | PRINTER SERVER, PRINTER CONTROL METHOD, AND STORAGE MEDIUM - A system in an environment in which WSD is realized by employing SSL includes an authentication server that stores a certificate group which permits printer creation and printing to avoid a risk of spoofing. The system uses a printer having a certificate issued by an official certificate authority. In such a case, if verification on whether the certificate of the printer is included in the certificate group of the authentication server is performed for all printers, there may be a printer which becomes unable to print, or in which the time for performing the verification becomes a waste, depending on the printer. A printer type is thus set when creating the printer, and if the printer has a certificate issued by the official certificate authority, a printer server performs certificate authority (CA) verification with respect to the certificate. | 2013-03-14 |
| 20130067544 | SYSTEM FOR AUTHENTICATION MANAGEMENT OF A SENSOR NODE HAVING A SUBSCRIPTION PROCESSING FUNCTION, AND A METHOD FOR OPERATING THE SYSTEM - The present invention relates to a system for authentication management of a sensor node having a subscription processing function, and a method for operating the system. Upon receiving information about a sensor node allocated with an IP address, the system supports the access of only authorized user equipment to a corresponding sensor node, which blocking any direct access of unauthorized user equipment to the sensor node, thereby strengthening the security of the sensor node. According to the present invention, a relay server receives subscription information from user equipment. The relay server checks permission validity of corresponding user equipment. If the user equipment has a valid permission, the relay server transmits the subscription information to a sensor node, and transmits subscription acceptance information to the user equipment. Then the sensor node transmits the collected and stored information to the user equipment having a valid permission. | 2013-03-14 |
| 20130067545 | Website Security - A system and method for employing fingerprints for user authentication on a website is described. Embodiments of the invention employ a fingerprint scanner integrated into a USB device to scan a current user's fingerprint, and compare it against a stored fingerprint associated with the authorized user. If the current user is determined to be the authorized user, a user name and password associated with a requested website and stored on the USB device is entered onto the website. In one embodiment, the USB device is a password bank that both generates and stores passwords for various websites, removing the need for user memorization altogether. | 2013-03-14 |
| 20130067546 | TRANSACTION AUTHENTICATION MANAGEMENT SYSTEM WITH MULTIPLE AUTHENTICATION LEVELS - An operating system of an information handling system (IHS) initializes a security tool to provide security management during user-to-user transactions. The security tool may determine the user's type and invokes a user personal profile and application profile information that pertains to the transaction. The security tool may use the user personal profile and application profile information during user authentications. The security tool determines an initial authentication level and may modify that authentication level during user-to-user transaction operations. The security tool may perform substantially continuous user authentication during transaction operations by employing learned behavior, historical knowledge, and other information that the security tool maintains in a security information store. | 2013-03-14 |
| 20130067547 | TRANSACTION AUTHENTICATION MANAGEMENT INCLUDING AUTHENTICATION CONFIDENCE TESTING - An operating system of an information handling system (IHS) initializes a security tool to provide security management during user-to-user transactions. The security tool may determine a relationship between the users and, in response, invoke a user personal profile and application profile information that pertains to the users and the transaction. The security tool determines an initial observed confidence level that indicates a degree of certainty with respect to the accuracy of user authentication. The security tool may continuously determine observed confidence levels from current user actions, learned behavior, and other information within a security information store. The security tool may compare a currently observed confidence level to a predetermined confidence threshold. The tool may halt the transaction if the observed confidence level does not exceed the predetermined confidence threshold thus indicating a breach in security confidence. | 2013-03-14 |
| 20130067548 | Database Access Using A Common Web Interface - Methods and systems for accessing databases using a common web interface are provided. A method for transmitting data retrieved from an endpoint device to a client device using a common web interface includes providing the common web interface to the client device. The common web interface allows access to a plurality of endpoint devices, each endpoint device comprising a unique endpoint address. The method further includes receiving, by a computer, identification data from the client device, retrieving an endpoint address for one of the plurality of endpoint devices based on the identification data, connecting to the endpoint device corresponding to the endpoint address, retrieving data from the endpoint device, and transmitting the retrieved data to the client device. | 2013-03-14 |
| 20130067549 | Cloud-Based Broker Service for Digital Assistants - A cloud-based broker service may be provided for computing devices in a distributed computing environment. The broker service may aggregate user accounts and user account credentials utilized for accessing online services by the computing devices. The broker service may monitor a context of the computing devices associated with the user accounts. The broker service may then utilize the context, data associated with the user accounts and data associated with the user account credentials to automate tasks and/or provide alerts associated with the data. | 2013-03-14 |
| 20130067550 | PRIVATE CLOUD SERVER AND CLIENT ARCHITECTURE WITHOUT UTILIZING A ROUTING SERVER - A method and system for use with a public cloud network is disclosed, wherein the public cloud network includes at least one private cloud server and at least one smart client device in communication therewith. The method and system comprise setting up the at least one private cloud server and the at least one smart client device in a client server relationship. The at least one private cloud server includes a message box associated therewith. The first message box is located in the public network. The at least one smart client includes a second message box associated therewith. The second message box is located on the public network. The method includes passing session based message information between the at least one private cloud server and the at least one smart client device via the first message box and the second message box in a secure manner. The session base information is authenticated by the private cloud server and the at least one smart client device. The smart client device and the private cloud server can then communicate with each other after the session based information is authenticated. | 2013-03-14 |
| 20130067551 | Multilevel Authentication - In an exemplary embodiment, a system includes a memory operable to store a user account identifier associated with a user account and a mobile device identifier associated with a mobile device. The memory is also operable to store a first user credential and a second user credential, the second user credential, wherein the second user credential comprises user input data captured by a sensor. The system includes a network interface operable to receive a request to authenticate a requesting user. The system also includes a processor operable to determine information included in the request to facilitate authentication of the requesting user and whether the information included in the request matches the information associated with the user account. The processor is further operable to authenticate the requesting user if the request is associated with the user account and information included in the request matches the information associated with the user account. | 2013-03-14 |
| 20130067552 | AUTHENTICATION IN SECURE USER PLANE LOCATION (SUPL) SYSTEMS - A particular method includes storing, at a mobile device, at least one security credential that is specific to the mobile device. The method also includes transmitting the at least one security credential to a secure user plane location (SUPL) location platform (SLP) to authenticate the mobile device as associated with a SUPL user based on a comparison of the device identifier to a stored device identifier. | 2013-03-14 |
| 20130067553 | CONTROL APPARATUS AND METHOD FOR EXECUTING APPLICATION - A mobile terminal to execute an operation of an application includes an application framework to determine a reliability level of the application, to assign a first secure key value to the operation, and to pack a second secure key value to an event packet generated by the application; and a modem layer to extract the second secure key value from the event packet, to determine whether the second secure key value corresponds to the first secure key value of the operation, and to determine whether to execute the operation. A method for executing an operation of an application includes assigning a first secure key value to the operation; receiving an event packet corresponding to the operation; extracting a second secure key value from the event packet; comparing the second secure key value with the first secure key value; and determining whether to execute the operation. | 2013-03-14 |
| 20130067554 | METHODS, DEVICES AND COMPUTER PROGRAM SUPPORTS FOR PASSWORD GENERATION AND VERIFICATION - During log-on of a user to an entity protected by a password, the password is verified by iteratively receiving a password character; and verifying that the received character complies with a predefined property (α) that sets at least one requirement for allowable passwords. If this is not the case, then this can indicate a brute force attack and appropriate action may be taken. The property α may be dependent on the user. Also provided are a corresponding device and a computer program product. | 2013-03-14 |
| 20130067555 | Method and Apparatus for Trust-Based, Fine-Grained Rate Limiting of Network Requests - A method and apparatus for fine-grained, trust-based rate limiting of network requests distinguishes trusted network traffic from untrusted network traffic at the granularity of an individual user/machine combination, so that network traffic policing measures are readily implemented against untrusted and potentially hostile traffic without compromising service to trusted users. A server establishes a user/client pair as trusted by issuing a trust token to the client when successfully authenticating to the server for the first time. Subsequently, the client provides the trust token at login. At the server, rate policies apportion bandwidth according to type of traffic: network requests that include a valid trust token are granted highest priority. Rate policies further specify bandwidth restrictions imposed for untrusted network traffic. This scheme enables the server to throttle untrusted password-guessing requests from crackers without penalizing most friendly logins and only slightly penalizing the relatively few untrusted friendly logins. | 2013-03-14 |
| 20130067556 | APPLICATION STATE SHARING IN A FIREWALL CLUSTER - A firewall cluster system comprises a first node operable to receive a connection in a firewall cluster having three or more nodes, monitor packets of the received connection and determining application state data associated with the connection from the monitored packets in the first node, and share application state data with at least another node in the firewall cluster. | 2013-03-14 |
| 20130067557 | AUTHENTICATION SHARING IN A FIREWALL CLUSTER - A firewall cluster system comprises a first node operable to receive a connection in a firewall cluster having three or more nodes, determine user data associated with the connection, and share the user data with at least another node in the firewall cluster. | 2013-03-14 |
| 20130067558 | ASSURED PIPELINE THREAT DETECTION - Devices, methods, and systems for assured pipeline threat detection are described herein. One method for assured pipeline threat detection includes receiving a first set of data at a firewall from an unsecured network, moving the first set of data from the firewall to a number of virtual machines, performing a number of threat detection analyses on the first set of data in the number of virtual machines that are organized in a first assured pipeline, and sending the first set of data to a secured target network if no threat was detected. | 2013-03-14 |
| 20130067559 | INSTANT INTERNET BROWSER BASED VoIP SYSTEM - The present invention is an instant Internet browser based VoIP system with a VoIP client in the form of temporary VoIP applets that can start in a Web browser and can establish an instant peer-to-peer connection with another web-based or hardware embedded/installed VoIP client using session initiation protocol (SIP) and real-time transport protocol (RTP) audio streaming. The applet is a small file that is easily loaded onto a user's browser and uses application program interfaces (APIs) that require no additional libraries. The applet is written in JAVA, although other programming languages may also be used to write the applet. | 2013-03-14 |
| 20130067560 | MULTI-METHOD GATEWAY-BASED NETWORK SECURITY SYSTEMS AND METHODS - Systems and methods for detecting and preventing network security breaches are described. The systems and methods present a gateway-based packet-forwarding network security solution to not only detect security breaches but also prevent them by directly dropping suspicious packets and connections. The systems and methods employ multiple techniques to detect and prevent network security breaches, including stateful signature detection, traffic signature detection, and protocol anomaly detection. | 2013-03-14 |
| 20130067561 | INTELLIGENT INTEGRATED NETWORK SECURITY DEVICE - Methods, computer program products and apparatus for processing data packets are described. Methods include receiving the data packet, examining the data packet, determining a single flow record associated with the packet and extracting flow instructions for two or more devices from the single flow record. | 2013-03-14 |
