21st week of 2012 patent applcation highlights part 70 |
Patent application number | Title | Published |
20120131622 | HYBRID VIDEO SELECTION, DELIVERY, AND CACHING - One or more devices, in a video content delivery network, store video content for one or more customer premise devices in a hierarchical storage, and provide real time video content from the hierarchical storage, via multicast or unicast, to the one or more customer premise devices. The one or more devices also provide non-real time video content from the hierarchical storage to the one or more customer premise devices during idle time periods associated with the network. The one or more devices further establish a license with the one or more customer premise devices to view video content in multiple formats, and establish a license with the one or more customer premise devices to view video content via multiple customer premise devices. | 2012-05-24 |
20120131623 | UNDER-THE-BOTTOM TIME-SHIFTED DELIVERY OF VIDEO CONTENT - One or more devices, in a video content delivery network, provide real time video content to one or more devices located at a customer premise. The one or more devices also provide non-real time video content to at least one of the customer premise devices during idle time periods associated with the network and using lower effort Internet protocol (IP) transport. The non-real time video content may be broadcast, at a time after the idle time periods, by at least one of the customer premise devices. | 2012-05-24 |
20120131624 | Apparatus and Method for Multi-User Construction of Tagged Video Data - A video content source includes a processor and a download module executed by the processor to download or stream selected videos from a video library. A tag collection module executed by the processor receives tag data from users viewing the selected videos from different set-top boxes. The tag data provides content descriptors from the users for the selected videos. A tag search module executed by the processor searches the tag data from the users in response to a search command from a user. | 2012-05-24 |
20120131625 | Multistream Placeshifting - Disclosure is directed to managing more than one placeshifting transmission at a target device. The target device may be configured to receive a first video from a first placeshifting source and a second video from a second placeshifting source. The target device may additionally be configured to simultaneously output the first and second video on an output device, using various display screen configurations such as picture-in-picture, split screen, windows, and so. The first and second placeshifting sources may be content receivers having integrated placeshifting functions or may be content receivers provided in association with stand-alone placeshifting devices. A dual-tuner content receiver may also provide both the first and second placeshifting sources to the target device. | 2012-05-24 |
20120131626 | METHODS, APPARATUS AND SYSTEMS FOR DELIVERING AND RECEIVING DATA - Methods, apparatus and systems are provided that enable a user of a computing device to alter, augment or replace broadcast transmitted content destined for or received in the computing device with on-line content from the internet. In some implementations an application program, purchasable or otherwise downloadable from the internet (e.g., from an application store), facilitates in the computing device the manipulation of broadcast transmitted content that changes the manner in which content from a broadcast transmission source (e.g., television or cable transmission sources) is presented by the computing device absent the intervention of the application program. In one implementation an application program downloaded from the internet to the computing device alters the presentation of broadcast transmitted content by substituting broadcast advertising with non-advertising content from the internet. | 2012-05-24 |
20120131627 | SYSTEMS, METHODS AND DEVICES TO REDUCE CHANGE LATENCY IN PLACESHIFTED MEDIA STREAMS USING PREDICTIVE SECONDARY STREAMING - Systems, methods and devices are provided to reduce change latency and/or to provide a picture-in-picture (PIP) feature within a placeshifted media stream. As the viewer receives a primary stream containing selected programming, secondary programming that is likely to be of interest to the user is predicted. A secondary stream containing the predicted content is obtained at the same time as the primary stream selected by the user. The secondary stream may be of lower quality than the primary stream to preserve network bandwidth. If the user subsequently selects the predicted secondary content, the previously-obtained content can be quickly provided as an output to the display. Alternately, the primary and secondary streams may be simultaneously output to the display in PIP or another manner. | 2012-05-24 |
20120131628 | SESSION INITIATION PROTOCOL ENABLED SET-TOP DEVICE - Controlling delivery of media content at a network server is disclosed. A request for media channel guide information from a remote subscriber device is received. Media channel guide information is sent to the remote subscriber device in response to the request. A request for delivery of media content associated with a selected media channel is received. Media channel content associated with the selected media channel is directed to a media channel recording device associated with the subscriber. | 2012-05-24 |
20120131629 | SYSTEMS, METHODS, AND APPARATUS FOR RECORDING BROADBAND CONTENT - Systems, methods, and apparatus for recording broadband content are provided. A user command to record desired content included in broadband content output by a service provider may be received by a programming processing component configured to receive the output broadband content. The programming processing component may determine whether the desired content will be recorded by the programming processing component. If it is determined that the desired content will be recorded by the programming processing component, then the desired content may be stored by the programming processing component in at least one memory. If it is determined that the desired content will not be recorded by the programming processing component, then a request to record the desired content may be communicated by the programming processing component to a content recording server. | 2012-05-24 |
20120131630 | CONTROL APPARATUS AND CONTROL METHOD - A control method for controlling via a network a transmitting apparatus which transmits contents and a receiving apparatus which receives contents is configured to include the steps of acquiring chapter information which indicates scene partition positions of contents from the transmitting apparatus, and transmitting an instruction to the receiving apparatus to cause the receiving apparatus to reproduce the contents from a scene partition position of the contents indicated by the acquired chapter information. | 2012-05-24 |
20120131631 | TRANSFERRING A BROADCAST TRANSMISSION TO A REMOTE DEVICE - An approach is described that includes determining that a remote device has moved outside of a pre-defined area associated with a digital video recorder (DVR), and transmitting program data from the DVR to the remote device while the remote device remains outside of the pre-defined area. Another approach includes a digital video recorder (DVR) having a memory and a processor. The DVR operates to: receive an incoming transmission signal; transmit a selected program to a primary display device; determine that a remote device has moved outside of a pre-defined area; and transmit program data corresponding to the selected program to the remote device while the remote device remains outside of the pre-defined area. | 2012-05-24 |
20120131632 | VIDEO MULTICAST SCHEDULING - Methods and systems for scheduling multicast transmissions that includes scheduling layered data for one or more multicast transmissions across a plurality of sub-channels using multi-resolution modulation. The sub-channels for each transmission may have diverse or uniform capacities. Scheduling includes allocating sub-channels to the layers of the layered data. | 2012-05-24 |
20120131633 | System and method for distributing information via a communications network - A point of distribution that distributes source information to a plurality of subscriber gateway devices through a communications network. A television broadcast spectrum is divided into a plurality of channels. Each channel has a deterministic bandwidth for transmitting packetized data, and each deterministic bandwidth is subdivided into a plurality of unshared bandwidth allocations. An unshared bandwidth allocation is allocated to each subscriber gateway device and source information is transmitted in packetized format to the subscriber gateway device based on the unshared bandwidth allocation. | 2012-05-24 |
20120131634 | METHOD OF EXECUTING AN APPLICATION EMBEDDED IN A PORTABLE ELECTRONIC DEVICE - The invention is a method of executing an application embedded in a portable electronic device. The application comprises one instruction handling an object. The electronic device comprises a firewall which is intended to check the compliance of the object with preset security rules. The portable electronic device comprises a volatile memory area intended to store a data set uniquely associated to the object. The data set comprises an indicator reflecting the result of the checking of the compliance of the object with the preset security rules. The method comprises the following steps before execution of the instruction, checking the presence in the volatile memory area of a data set associated to the object and comprising an indicator reflecting a successful checking of security rules, and if successful in the checking of the data set, authorizing the execution of the instruction without further security rules checking done by the firewall. | 2012-05-24 |
20120131635 | METHOD AND SYSTEM FOR SECURING DATA - Disclosed is a method of supporting security policies and security levels associated with processes and applications. A security level is associated with a process independent of a user executing the process. When secure data is to be accessed, the security level of the process is evaluated to determine whether data access is to be granted. Optionally, the security level of a user of the process is also evaluated prior to providing data access. | 2012-05-24 |
20120131636 | Security Context Lockdown - A method and system for locking down a local machine zone associated with a network browser is provided. Placing the local machine zone in a lockdown mode provides stricter security settings that are applied to active content attempting to publish within a local page open in the network browser. The stricter setting are provided in a new set of registry keys that correspond to the lockdown mode of the local machine zone. The original security settings remain unchanged so that other systems and applications functionality that depends on the original security settings remains unaffected for the local machine zone. A user may also selectively allow active content to render despite the local machine zone being locked down. | 2012-05-24 |
20120131637 | Systems and Methods of Controlling Network Access - A new approach to network security includes manipulating an access point such that an initial communication from an external device is passed to a restricted subset of a computing network including a gatekeeper. The gatekeeper is configured to enforce a security policy against the external device before granting access to a less-restricted subset of the computing network. If requirements of the security policy are satisfied, then the gatekeeper reconfigures the access point such that further communication from the external device may be received by elements of the less-restricted subset. Enforcement of the security policy optionally includes performing a security audit of the external device. | 2012-05-24 |
20120131638 | PROCESSING PERFORMANCE OF REPEATED DEVICE COMPLIANCE UPDATE MESSAGES - A message comprising an indication of a management key block and an indication of an authorization table is received at a first network device from a second network device. The indication of the management key block, the indication of the authorization table, and a response message generated based on validating the indication of the management key block and the indication of the authorization table are stored. A second message comprising a second indication of the management key block and a second indication of the authorization table is received at the first network device from the second network device. The first network device communicates with the second network device in accordance with the stored response associated with the first message on determining that the second indication management key block and the second indication of the authorization table match corresponding stored indications of the management key block and the authorization table. | 2012-05-24 |
20120131639 | SESSION REDUNDANCY AMONG A SERVER CLUSTER - Systems and methods are provided for providing redundancy and failover for servers communicating via an authentication protocol. Mirroring is initiated at the beginning of a Diameter application session by an enhanced Diameter server, which continuously provides updates of the Diameter session to one or more peer Diameter mirror servers and thereby maintains an active mirror of the session. | 2012-05-24 |
20120131640 | ENABLING PRESENCE INFORMATION ACCESS AND AUTHORIZATION FOR HOME NETWORK TELEPHONY - In a first embodiment of the present invention, a method for operating a presence server in a home network is provided, the method comprising: receiving a request for presence information; sending an event notification to all subscribed control points informing them of the request for presence information; receiving an action from one of the subscribed control points accepting or rejecting the request for presence information; and if the action received from the one of the subscribed control points accepts the request for presence information, causing presence information regarding the one of the subscribed control points to be sent to the entity that sent the request for presence information. | 2012-05-24 |
20120131641 | OPTIMIZING INTERACTIONS BETWEEN CO-LOCATED PROCESSES - In one set of embodiments, methods, systems, and apparatus are provided to enable secure local invocation of a web service in response to receiving a request from a first composite application to invoke a web service operation of a second composite application, where the first application is associated with a reference policy, and the second application is associated with a service policy, then determining, based upon the service policy and the reference policy, whether local invocation is secure, and invoking the operation using the local invocation in response to determining that the local invocation is secure. Attributes associated with the reference and service policies can indicate whether those policies can be used in a local invocation, or if user authentication is needed before performing the invocation with those policies. The local invocation may comprise a procedure call in an application server from the first application to the second application. | 2012-05-24 |
20120131642 | Identity management trust establishment method, identity provider and service provider - A method for establishing an identity management trust, and an IDentification Provider (IDP) and a Service Provider (SP) are provided in the present disclosure. The method comprises: after receiving an access from a user, an SP determines whether an IDP to which the user attaches is located in a trust domain of the SP (S | 2012-05-24 |
20120131643 | Tunneled Security Groups - A method for providing security groups based on the use of tunneling is disclosed. The method includes assigning a security group identifier (SGI) to a packet and classifying the packet based on the packet's SGI. | 2012-05-24 |
20120131644 | Mobile IPv6 authentication and authorization baseline - The invention consists of an authentication protocol for the Home Agent to authenticate and authorize the Mobile Node's Binding Update message. Two new mobility options compatible with RADIUS AAA are used to exchange a shared secret between the Home Agent and the Mobile Node so the Mobile Node can be authenticated.
| 2012-05-24 |
20120131645 | User Scriptable Server Initiated User Interface Creation - A computer-implemented method of providing user interfaces in association with network hosted computer scripts is disclosed. A group of selectable user interface elements is provided to a macro author. The elements include behavior that, when controls generated by the elements are selected by a computing device user, cause a web-connected server separate from the computing device to perform one or more operations. A selection by the macro author of a user interface element and an identification of one or more parameters for the element is received. Macro code to generate controls associated with the author-selected elements to be associated with a first macro is executed, the first macro stored to be called from and execute on computing devices different from the device used by the macro author. The macro code is stored and the generated macro code is provided for access by users of a hosted computer system. | 2012-05-24 |
20120131646 | ROLE-BASED ACCESS CONTROL LIMITED BY APPLICATION AND HOSTNAME - In a Role Based Access Control (RBAC) system, an additional layer of access control is provided on a per-client basis on a centralized directory or database server. Access to privileged commands that are otherwise accessible by a user under a given role may be restricted by the additional layer of access control, depending on the client under which access is attempted. Thus, a user otherwise authorized to access a privileged command under an assigned role using one client may be restricted from accessing that command from a particular client system, even if another user having the same role is allowed to access that command using another client. | 2012-05-24 |
20120131647 | System and Methods for Facilitating Secure Communications on a Website - A system and methods for facilitating secure communications on a website are presented. The system comprising a security server configured to receive a secure message from a creator device is disclosed. The security server encodes the received message and sends the encoded message or a representation of the encoded message for posting on the website so that one or more users of the website have the ability to request that the security server make the message available after the encoded message has been decoded. | 2012-05-24 |
20120131648 | INFORMATION MANAGEMENT APPARATUS, INFORMATION MANAGEMENT METHOD, AND NON-TRANSITORY COMPUTER-READABLE STORAGE MEDIUM - An information management apparatus includes a first control information setting unit that sets first control information for permitting use of information within a destination terminal to the information; a second control information setting unit that sets second control information for permitting the destination terminal to forward the information to the information; a displaying permitting unit that controls, when information set with the first control information is received from a source terminal, to permit the information to be used locally within an apparatus; and a forwarding permitting unit that controls, when information set with the second control information is received from a source terminal, to permit the information to be forwarded. | 2012-05-24 |
20120131649 | APPARATUS REGISTRATION METHOD AND SERVER DEVICE - In a method of registering an access permission from a first device to a second device to the second device over a network, when receiving via the network a connection request from the first device of which access permission is not registered, the second device rejects connection from the first device, and shifts to the first mode. In the first mode, the second device detects user's operation on the second device, and judges whether the detected user's operation is an operation regarding viewing of a reproduction signal from the second device. If the user's operation is not the operation regarding viewing, the second device shifts to the second mode for registering an access permission. If the user's operation is the operation regarding viewing, the second device does not shift to the second mode. | 2012-05-24 |
20120131650 | SPOT BEAM BASED AUTHENTICATION - In one embodiment, a method to authenticate a claimant comprises receiving, from the claimant, at least one of a set of beam data from a spot beam transmission, comparing the claimed at least one set of beam data to a known valid data set, and authenticating the claimant when a difference between at least one set of beam data and the known valid data set is less than a threshold. | 2012-05-24 |
20120131651 | System, Device And Method For Secure Provision Of Key Credential Information - A system for secure provision of key credential information is provided. The system comprises secure logic circuitry for being disposed in a host computer. The secure logic circuitry detects a message received from a remote computer connected to the host computer and indicative of a request for provision of the key credential information; generates a message for prompting a user for provision of the key credential information; receives the key credential information; and provides the key credential information to the remote computer absent processing using circuitry of the host computer. The system further comprises a secure user interface connected to the secure logic circuitry for receiving the key credential information from the user and providing the same to the secure logic circuitry. | 2012-05-24 |
20120131652 | HARDWARE-BASED CREDENTIAL DISTRIBUTION - This document describes various techniques for distributing credentials based on hardware profiles. A resource access request including a hardware profile is transmitted to a remote entity having access to a previous hardware profile and a credential useful to access a resource is received if at least a portion of the hardware profile matches the previous hardware profile. | 2012-05-24 |
20120131653 | SYSTEM, DEVICES AND METHOD FOR SECURE AUTHENTICATION - A system, devices and method for authenticating a user requesting access, through a computing device connected to a network, to an on-line resource hosted by a server in communication with the network. The system, devices and method employing an authentication server and a mobile communications device in communication over a wireless network. The authentication server forwarding an authentication to the mobile communications device. Optionally, the authentication server also returning security information related to the authentication in response to the request. The mobile communications device operative to receive and process the authentication, and forward the processed authentication to the computing device over a short-range communications link. | 2012-05-24 |
20120131654 | PROPAGATING SECURITY IDENTITY INFORMATION TO COMPONENTS OF A COMPOSITE APPLICATION - Various methods and systems for propagating identity information in a composite application are presented. State data of a composite application, as executed for a particular entity, may be transferred to and stored by a computer-readable storage medium. The state data may include a portion of a set of subject information linked with the entity. A security attribute of the subject may not be present in the portion of the set of subject information in the state data transferred to the non-transitory computer-readable storage medium. After a period of time, such as an hour or a day, the state data of the composite application as executed for the entity may be retrieved and the security attribute of the set of subject information linked with the entity may be determined. The composite application may then continue to be executed for the entity. | 2012-05-24 |
20120131655 | User Authentication Device and Method - An authentication device ( | 2012-05-24 |
20120131656 | Secure Information Storage and Delivery System and Method - A system for secure information storage and delivery includes a vault repository that includes a secure vault associated with a user, wherein the secure vault is configured to receive at least one data entry. A mobile vault server coupled to the vault repository creates a mobile vault on a mobile device based on the secure vault and is capable of authenticating the mobile device based on user authentication information. The mobile vault server includes a mobile device handler that communicates with the mobile device. A synchronization utility determines whether the at least one data entry on the secure vault is transferable to or storable on the mobile vault. and transfers the data entry from the secure vault to a corresponding data entry on the mobile vault if the at least one data entry on the secure vault is determined to be transferable to or storable on the mobile vault. | 2012-05-24 |
20120131657 | Apparatus and Method for Authenticated Multi-User Personal Information Database - A method of assuring integrity of a personal information in a data base, containing personal information provided by multiple users, uses in various embodiments physiological identifiers associated with each of the users. Related systems are also provided. A user may be notified if a merchant verification request to the data base has produced a non-match event. | 2012-05-24 |
20120131658 | METHODS AND APPARATUS FOR DYNAMIC USER AUTHENTICATION USING CUSTOMIZABLE CONTEXT-DEPENDENT INTERACTION ACROSS MULTIPLE VERIFICATION OBJECTS - An authentication framework is provided which enables dynamic user authentication that combines multiple authentication objects using a shared context and that permits customizable interaction design to suit varying user preferences and transaction/application requirements. For example, an automated technique for user authentication comprises the following steps/operations. First, user input is obtained. At least a portion of the user input is associated with two or more verification objects. Then, the user is verified based on the two or more verification objects in accordance with at least one verification policy operating on a context shared across the two or more verification objects. The user authentication technique of the invention may preferably be implemented in a flexible, distributed architecture comprising at least one client device coupled to at least one verification server. The client device and the verification server may operate together to perform the user authentication techniques of the invention. | 2012-05-24 |
20120131659 | COMMUNICATIONS SYSTEM INCLUDING PROTOCOL INTERFACE DEVICE FOR USE WITH MULTIPLE OPERATING PROTOCOLS AND RELATED METHODS - A communications system may include a plurality of data storage devices each using at least one of a plurality of operating protocols. The system may also include a plurality of mobile wireless communications devices for accessing the data storage devices, and each may use at least one of the plurality of operating protocols. Furthermore, the system may also include a protocol interface device including a front-end proxy module for communicating with the plurality of mobile wireless communications devices using respective operating protocols, and a protocol engine module for communicating with the plurality of data storage devices using respective operating protocols. More particularly, the front-end proxy module and the protocol engine module may communicate using a common interface protocol able to represent a desired number of protocol-supported elements for a desired operating protocol. | 2012-05-24 |
20120131660 | USING CACHED SECURITY TOKENS IN AN ONLINE SERVICE - A security token service generates a security token for a user that is associated with a client and stores the full security token within a memory. The security token includes an identity claim that represents the identity of the generated security token. Instead of passing the entire security token back to the client, the identity claim is returned to the client. For each request the client makes to the service, the client passes the identity claim in the request instead of the full security token having all of the claims. The identity claim is much smaller then the full security token. When a computing device receives the identity claim within the request from the user, the identity claim is used to access the full security token that is stored in memory. | 2012-05-24 |
20120131661 | BACK-END CONSTRAINED DELEGATION MODEL - A client can communicate with a middle tier, which can then, in turn, communicate with a back end tier to access information and resources on behalf of the client within the context of a system that can scale well. Each individual back end can establish a policy that defines which computing device can delegate to that back end. That policy can be enforced by a domain controller within the same administrative domain as the particular back end. When a middle tier requests to delegate to a back end, the domain controller to which that request was directed can either apply the policy, or, if the domain controller is in a different domain than the targeted back end, it can direct the middle tier to a domain controller in a different domain and can sign relevant information that the middle tier can utilize when communicating with that different domain controller. | 2012-05-24 |
20120131662 | Virtual local area networks in a virtual machine environment - In one embodiment, a method includes identifying virtual machines operating at a network device and virtual local area networks associated with the virtual machines, creating an allowed list of virtual local area networks at the network device based on the virtual machines operating at the network device, and updating the allowed list in response to changes in the virtual machines at the network device. The network device is configured to forward traffic received from the virtual local area networks on the allowed list to a virtual switch at the network device, and drop traffic received from a virtual local area network not on the allowed list. An apparatus and logic are also disclosed. | 2012-05-24 |
20120131663 | TRANSMITTING KEEP-ALIVE PACKETS ON BEHALF OF A MOBILE COMMUNICATIONS DEVICE WITHIN A WIRELESS COMMUNICATIONS SYSTEM - In an embodiment, a mobile communications device (MCD) is positioned within an internal network that is separated from an external network by network address translation (NAT) and/or a firewall. The MCD establishes settings with the NAT and/or firewall by which the MCD can be contacted through from the external network. The settings are configured to be disabled by the NAT and/or firewall after a threshold period of traffic inactivity. An application server receives information associated with the settings, and instructs an assisting application server (AAS) within the internal network to transmit keep-alive packets on behalf of the MCD so as to maintain the settings for the MCD. The AAS receives the instructions from the application server, and instructs an assisting wireless communications device (WCD) within the internal network to transmit keep-alive packets on behalf of the MCD. The WCD then transmits the keep-alive packets in accordance with the instructions. | 2012-05-24 |
20120131664 | METHOD AND APPARATUS FOR CONTENT AWARE OPTIMIZED TUNNELING IN A MOBILITY ENVIRONMENT - A method, computer readable medium and apparatus for performing content aware optimized tunneling in a communication network are disclosed. For example, the method authenticates a user endpoint device, establishes a tunnel to the user endpoint device if the user endpoint device is authenticated, analyzes content of a data packet transmitted through the tunnel to determine if the tunnel should be re-directed, and re-directs the tunnel to a gateway general packet radio services support node light based upon the content of the data packet. | 2012-05-24 |
20120131665 | THIRD PARTY VPN CERTIFICATION - A virtual private netvvork (VPN) over a telecommunications network is created by sending a request from a first VPN device to a second VPN device for establishing a VPN between the first and second VPN devices. The request includes a first signed certificate having a verified VPN parameter for the first VPN device. A reply is received at the first VPN device from the second VPN device that includes a second signed certificate having a verified VPN parameter for the second VPN device. The VPN is established between the first and second VPN devices based on each verified VPN parameter for each of the first and second VPN devices. | 2012-05-24 |
20120131666 | Virtual Appliance Pre-Boot Authentication - A system for pre-boot authentication of a virtual appliance includes one or more subsystems to receive a command to power-on an information handling system (IHS). After receiving the command to power-on the IHS, the system initializes a power-on self test (POST), passes control of the IHS to a hypervisor, loads a concurrent service environment (CSE), requests user credentials, receives user credentials, authenticates user credentials using the CSE and authorizes a specific operating system image from a plurality of images to run on the IHS via the virtual appliance after the user credentials are authenticated. | 2012-05-24 |
20120131667 | NONDESTRUCTIVE TESTING SYSTEM - A nondestructive testing apparatus includes a display section and a storage section which stores predetermined executable functions. Each of the predetermined functions is initially set to one of a permitted state and a disabled state, and one of a display state and a non-display state on the display section. In an initial state, at least one of the predetermined functions is set to the disabled state and the non-display state. The nondestructive testing apparatus can receive permission information which unlocks at least one of the predetermined functions initially set to the disabled state so as to be set to the permitted state, and unlocks at least one of the predetermined functions initially set in the non-display state so as to be in the display state. The apparatus displays an operation icon only with respect to all of the predetermined functions set to the display state. | 2012-05-24 |
20120131668 | Policy-Driven Detection And Verification Of Methods Such As Sanitizers And Validators - A method includes performing a static analysis on a program having sources and sinks to track string flow from the sources to the sinks. The static analysis includes, for string variables in the program that begin at sources, computing grammar of all possible string values for each of the string variables and, for methods in the program operating on any of the string variables, computing grammar of string variables returned by the methods. The static analysis also includes, in response to one of the string variables reaching a sink that performs a security-sensitive operation, comparing current grammar of the one string variable with a policy corresponding to the security-sensitive operation, and performing a reporting operation based on the comparing. Apparatus and computer program products are also disclosed. | 2012-05-24 |
20120131669 | Determining whether method of computer program is a validator - An illegal pattern and a computer program having a method are received. The method has one or more return statements, and a number of basic blocks. The method is normalized so that each return statement of the target method relating to the illegal pattern returns a constant Boolean value. A first path condition and a second path condition for one or more corresponding paths is determined such that one or more corresponding basic blocks return a constant Boolean value of true for the first path condition and a constant Boolean value of false for the second path condition. An unsatisfiability of each path condition is determined using a monadic second-order logic (M2L) technique. Where the unsatisfiability of either path condition is false, the method is reported as not being a validator. Where the unsatisfiability of either path condition is true, the method is reported as being a validator. | 2012-05-24 |
20120131670 | Global Variable Security Analysis - A method includes determining selected global variables in a program for which flow of the selected global variables through the program is to be tracked. The selected global variables are less than all the global variables in the program. The method includes using a static analysis performed on the program, tracking flow through the program for the selected global variables. In response to one or more of the selected global variables being used in security-sensitive operations in the flow, use is analyzed of each one of the selected global variables in a corresponding security-sensitive operation. In response to a determination the use may be a potential security violation, the potential security violation is reported. Apparatus and computer program products are also disclosed. | 2012-05-24 |
20120131671 | Securing An Access Provider - To secure an access provider, communications to/from the access provider are monitored for a partially-completed connection transaction. Detected partially-completed connection transactions are terminated when they remain in existence for a period of time that exceeds a threshold period of time. The monitoring may include detecting partially-completed connection transactions initiated by an access requestor, measuring the period of time that a partially-completed connection transaction remains in existence, comparing the period of time with the threshold period of time, and resetting a communication port located on the access provider. | 2012-05-24 |
20120131672 | Secure Notification on Networked Devices - A system, device and method to securely notify a user of a compromise of a device are provided. The system, device and method may include a detection device adapted for determining a compromise of the device communicatively coupled to the first path, a user database including at least information regarding the device and other devices associated with the user, and the secure signal path to at least one of the other devices. | 2012-05-24 |
20120131673 | APPARATUS AND METHOD FOR PROTECTION OF CIRCUIT BOARDS FROM TAMPERING - A method and system for protecting a printed circuit board (PCB) from tampering positions a physical sensor proximal to the PCB. An initialization period is established and an output signal from the sensor is continuously monitored to establish threshold parameter data. Periodically, the sensor is polled and an output signal received which is compared to the threshold parameter data. A detected intrusion signal is generated if the received signal exceeds the threshold by a predetermined level. A detected intrusion is validated using a sent of validation rules which analyze the detected intrusion based on historical sensor output values and factors such as duration or frequency of intrusion detections. If the detected intrusion is validated, a validated signal is generated which triggers a reset processor to output a reset signal that causes erasure of at least a portion of onboard memory. | 2012-05-24 |
20120131674 | Vector-Based Anomaly Detection - Methods of detecting anomalous behaviors associated with a fabric are presented. A network fabric can comprise many fungible networking nodes, preferably hybrid-fabric apparatus capable of routing general purpose packet data and executing distributed applications. A nominal behavior can be established for the fabric and represented by a baseline vector of behavior metrics. Anomaly detection criteria can be derived as a function of a variation from the baseline vector based on measured vectors of behavior metrics. Nodes in the fabric can provide a status for one or more anomaly criterion, which can be aggregated to determine if an anomalous behavior has occurred, is occurring, or is about to occur. | 2012-05-24 |
20120131675 | SERVER, USER DEVICE AND MALWARE DETECTION METHOD THEREOF - A server, a user device, and a malware detection method thereof are provided. The server connects with the user device via a network, and records execution records of the user device. Based on the history of the execution records of the user device, the server can detect whether the user device has malwares or not accordingly. | 2012-05-24 |
20120131676 | SECURITY MANAGEMENT METHOD IN VIRTUALIZED ENVIRONMENT, VIRTUAL SERVER MANAGEMENT SYSTEM, AND MANAGEMENT SERVER - Disclosed are a security management method in a virtualized environment, virtual server management system, and management server capable of improving security in the virtualized environment. A management server ( | 2012-05-24 |
20120131677 | IMAGE VULNERABILITY REPAIR IN A NETWORKED COMPUTING ENVIRONMENT - Embodiments of the present invention provide an approach to repair vulnerabilities (e.g., security vulnerabilities) in images (e.g., application images) in a networked computing environment (e.g., a cloud computing environment). Specifically, an image is checked for vulnerabilities using a database of known images and/or vulnerabilities. If a vulnerability is found, a flexible/elastic firewall is established around the image so as to isolate the vulnerability. Once the firewall has been put in place, the vulnerability can be repaired by a variety of means such as upgrading the image, quarantining the image, discarding the image, and/or generating a new image. Once the image has been repaired, the firewall can be removed. | 2012-05-24 |
20120131678 | SYSTEM, METHOD AND COMPUTER PROGRAM PRODUCT FOR VIRTUAL PATCHING - A system, method, and computer program product are provided for virtual patching. Initially, information associated with at least one vulnerability of a computer application is collected. Further, at least one host interface is identified that is capable of being used to access the vulnerability. In use, data sent to the at least one host interface is analyzed to determine whether the data is unwanted, based on the information. | 2012-05-24 |
20120131679 | METHOD FOR PROTECTING SOFTWARE BASED ON CLOCK OF SECURITY DEVICE AND SECURITY DEVICE THEREOF - The invention discloses a software protecting method based on clock of a security device and a security device thereof. The method includes connecting to a terminal device to the security device, receiving the service instruction sent from protected software of the terminal device, protecting the protected software of the terminal device by the security device via the preset time protecting function. The security device includes an interface module and a control module. Thereby, the control module includes a communicating unit and a software protecting unit. The security device of the invention binds with functions such as time and date easily according to the time limit information which limits the time of using the security device and controls the start time and expiring time of using the security device accurately which provides safer service for protecting the software. | 2012-05-24 |
20120131680 | DETECTION METHOD FOR DETECTING FRAUD - A detection method for detecting fraud with respect to a card reader. The card reader includes a removal detection switch for detecting a removal from a housing of a user operation terminal, a first RAM that can erase removal detection recognition data being stored therein, according to an output signal from the detection switch, a second RAM being independent of the first RAM and storing authentication key data. The method includes erasing the removal detection recognition data is erased when the card reader is removed from the housing of the user operation terminal. Afterwards, the authentication key data is changed after completion of predetermined authentication procedures when the card reader is mounted into the housing of the user operation terminal. Then, the changed authentication key data is stored in the second RAM, while the removal detection recognition data is stored in the first RAM. | 2012-05-24 |
20120131681 | RELIABLE SOFTWARE PRODUCT VALIDATION AND ACTIVATION WITH REDUNDANT SECURITY - Systems, methods, and apparatus for validating product keys. In some embodiments, a product key includes security information and identification information identifying at least one copy of a software product. The security information may include a first portion to be processed by a first validation authority using first validation information and a second portion to be processed by a second validation authority using second validation information. The second validation information may be stored separately from the first validation information and may not be accessible to the first validation authority. In some embodiments, the first validation authority randomly determines whether a product key is to be audited by the second validation authority. Alternatively, the first validation authority may determine whether to audit based on a type of the software product associated with the product key and/or a perceived level of security risk. | 2012-05-24 |
20120131682 | METHOD AND APPARATUS FOR PROTECTING DIGITAL CONTENTS - The present invention discloses an apparatus and method for protecting digital spatial information. The apparatus for protecting digital spatial information according to the present invention includes a spatial information authority database which stores access authority information on spatial information, an access authority determining unit which, when there is a request for access to the spatial information from a user, determines whether to permit the user to access the requested spatial information by referring to the spatial information authority database, a spatial information database, a spatial information providing unit which obtains the access-permitted spatial information from the spatial information database, organizes the information based on the user's request for access, and provides the information, and an access control unit. | 2012-05-24 |
20120131683 | UNIFIED ONLINE CONTENT MANAGER APPARATUSES, METHODS, AND SYSTEMS - Apparatuses, methods, and systems for transforming user identification information and user selection data inputs into a profile data output, a generated query output, search results output, and a secure home page with customized content. According to one embodiment, the method includes indexing disparately owned content via a multi-content owner spider indexing engine; generating a disparately owned content index from the indexing engine; receiving, by a first server, a request to access secure content through a network, the request including user identification information; automatically constructing a query based on the request without input from the user; providing the constructed query to the search engine and running the constructed query against the index; constructing a display by placing the results of the query sent from the search engine within a multi-source owner template interface; and providing the multi-source owner template interface to a requestor for display. | 2012-05-24 |
20120131684 | AUTOMATIC BACKUP LICENSE TO AVOID SERVICE INTERRUPTIONS IN CONTINUOUS SERVICE, HIGH RELIABILITY SYSTEMS - Methods for automatically providing a backup license for a device that relies on a primary license to operate when the primary license for the device fails to satisfy a licensing requirement are provided. A backup license that can become automatically available for use upon noncompliance of a primary license can prevent service interruptions, which are unacceptable for systems that provide continuous service and require high reliability. For example, methods of the disclosure can be used in cable systems and more specifically in cable modem termination systems to prevent an interruption in service. | 2012-05-24 |
20120131685 | Mobile Posture-based Policy, Remediation and Access Control for Enterprise Resources - A mobile device management system that monitors the security state of one or more mobile devices and sets indicators related to such security state. Enterprise network applications, such as an email application, can access the security state information when making access control decisions with respect to a given mobile device. | 2012-05-24 |
20120131686 | METHOD AND SYSTEM FOR PREVENTING UNAUTHORIZED REPRODUCTION OF ELECTRONIC MEDIA - A method for selectively controlling access to electronic media disposed on a media storage device according to one embodiment is described. The method comprises creating a first list comprising a plurality of process identification values. Each of the plurality of process identification values of the first list is associated with a software application that is accessing the media disposed upon the media storage device. The method further includes creating a second list comprising a second plurality of process identification values. Each of the second plurality of process identification values is associated with a software application that is storing data. The method further includes determining that a particular software application is creating an unauthorized copy of the media disposed upon the media storage device. The method further includes preventing the particular software application from storing a usable copy of said electronic media. | 2012-05-24 |
20120131687 | AGENT THAT MODULATES PHYSIOLOGICAL CONDITION OF PESTS, INVOLVED IN INSECT VOLTAGE-GATED POTASSIUM CHANNEL ACTIVITY - The present invention provides an agent that modulates physiological condition of pests, wherein the agent has an ability to modulate the activity of an insect voltage-gated potassium channel; a method for assaying pesticidal activity of a test substance, which comprises measuring the activity of a voltage-gated potassium channel in a reaction system in which the voltage-gated potassium channel contacts with a test substance, and so on. | 2012-05-24 |
20120131688 | Reverse Breeding - A method for efficiently producing homozygous organisms from a heterozygous non-human starting organism, comprising providing of a heterozygous starting organism; allowing the starting organism to produce haploid cells; creating homozygous organisms from the haploid cells thus obtained; and selecting the organisms having the desired set of chromosomes, wherein during production of the haploid cells no recombination occurs in order to obtain a limited number of genetically different haploid cells. Recombination can also be prevented or suppressed. | 2012-05-24 |
20120131689 | LACTUCA SATIVA CULTIVAR SOLID KING - According to the invention, there is provided a novel romaine lettuce cultivar, designated Solid King. ‘Solid King’ is described as a vigorous romaine cultivar with large frame size and heavier weight, short core length, savoyed and glossy leaf color, corky root rot resistance, no fringe burn on mature leaves and also yellower heart leaf color with a solid mid rib. This invention thus relates to the seeds of lettuce cultivar Solid King, to the plants of lettuce cultivar Solid King, to plant parts of lettuce cultivar Solid King, to methods for producing a lettuce cultivar by crossing the lettuce cultivar Solid King with another lettuce cultivar, and to methods for producing a lettuce cultivar containing in its genetic material one or more backcross conversion traits or transgenes and to the backcross conversion lettuce plants and plant parts produced by those methods. | 2012-05-24 |
20120131690 | BRASSICA GAT EVENT DP-061061-7 AND COMPOSITIONS AND METHODS FOR THE IDENTIFICATION AND/OR DETECTION THEREOF - Compositions and methods related to transgenic glyphosate tolerant | 2012-05-24 |
20120131691 | LIGHT-REGULATED PROMOTERS - Light-regulated promoter sequences were identified that respond to differential light conditions and so can be used to regulate gene expression in a light- or dark-inducible manner. These promoters may be used to produce transgenic plants that have an altered trait relative to control plants. In preferred embodiments, the transgenic plants with the improved traits are morphologically and/or developmentally similar to control plants (examples of the latter include wild-type or non-transformed plants of the same species). Any of these light-regulated promoters may be incorporated into a nucleic acid construct that comprises a polynucleotide regulated by one such promoter and that encodes a polypeptide or RNA molecule that, when ectopically expressed, confers an improved trait in plants. | 2012-05-24 |
20120131692 | BRASSICA GAT EVENT DP-073496-4 AND COMPOSITIONS AND METHODS FOR THE IDENTIFICATION AND/OR DETECTION THEREOF - Compositions and methods related to transgenic glyphosate tolerant | 2012-05-24 |
20120131693 | SOYBEAN MARKERS LINKED TO SCN RESISTANCE - This disclosure concerns compositions and methods for identifying the SCN resistant phenotype in soybean. In some embodiments, the disclosure concerns methods for performing marker-assisted breeding and selection of plants carrying one or more determinants of SCN resistance in soybean. | 2012-05-24 |
20120131694 | CHIMERIC REGULATORY SEQUENCES COMPRISING INTRONS FOR PLANT GENE EXPRESSION - The present invention relates to a method of using a dicot intron or elements thereof to enhance transgene expression in plants. The present invention also provides constructs, transgenic plants and seeds containing the polynucleotide useful for expressing transgene in plants. | 2012-05-24 |
20120131695 | Chalcone synthase dihyrdoflavonol 4-reductase and leucoanthocyanidine reductase from clover, medic ryegrass or fescue - The present invention relates to nucleic acid fragments encoding amino acid sequences for flavonoid biosynthetic enzymes in plants, and the use thereof for the modification of, for example, flavonoid biosynthesis in plants, and more specifically the modification of the content of condensed tannins. In particularly preferred embodiments, the invention relates to the combinatorial expression of chalcone synthase (CHS) and/or dihydroflavonol 4-reductase (BAN) and/or leucoanthocyanidine reductase (LAR) in plants to modify, for example, flavonoid biosynthesis or more specifically the content of condensed tannins. | 2012-05-24 |
20120131696 | POLYNUCLEOTIDES AND POLYPEPTIDES FOR INCREASING DESIRABLE PLANT QUALITIES - Provided are isolated polynucleotides which are at least 80% homologous to SEQ ID NO: 75, 1-74, 76-473, 783-1272, 1277-4139, 4142, 4146-5508, or 5509; and isolated polypeptides which are at least 80% homologous to 548, 474-547, 549-562, 564-620, 622-750, 752-782, 5510-5939, 5946-6856, 6858-7540, 7543, 7544, 7548-8735, or 8736, nucleic acid constructs comprising the isolated polynucleotides, transgenic plants expressing same and methods of using same for increasing abiotic stress tolerance, yield, biomass, growth rate, vigor, oil content, fiber yield, fiber quality, and/or nitrogen use efficiency of a plant. | 2012-05-24 |
20120131697 | GENE ENCODING AUXIN RECEPTOR PROTEIN DERIVED FROM RICE AND USE THEREOF - The present invention pertains to an auxin receptor protein involved in activation of proton pump in plasma membrane of a plant derived from rice, a gene encoding the protein, a recombinant vector comprising the gene, a host cell transformed with the recombinant vector, a method of improving traits of a plant by transforming the plant with the recombinant plant expression vector, a plant having improved traits by transformation with the recombinant plant expression vector and seeds of the plant, and a composition comprising the gene of the invention for improving traits of a plant. | 2012-05-24 |
20120131698 | Dominant Negative Mutant Kip-Related Proteins (KRP) in Zea Mays and Methods of Their Use - The present invention provides expression vectors comprising polynucleotides encoding mutant | 2012-05-24 |
20120131699 | METHODS AND COMPOSITIONS FOR OBTAINING MARKER-FREE TRANSGENIC PLANTS - The invention provides methods and compositions for identifying transgenic seed that contain a transgene of interest, but lack a marker gene. Use of an identification sequence that results in a detectable phenotype increases the efficiency of screening for seed and plants in which transgene sequences not linked to a gene of interest have segregated from the sequence encoding a gene of interest. | 2012-05-24 |
20120131700 | PLANT PROTECTION - The invention provides seed treatment compositions as well as their use, methods for treating seeds, methods of protecting plants against pests and also treated seeds and plants. In one embodiment there is provided a method of treating a seed with a seed treatment composition to induce a plant resistance mechanism against one or more pests in a plant grown from said seed. | 2012-05-24 |
20120131701 | IMPROVED PLANTS, MICROBES, AND ORGANISMS - The present invention relates to methods for identification, isolation, and enrichment of plant cells, plants, microbial cells, and organisms comprising desired genetic profiles and to plant cells, plants, microbial cells, and organisms resulting from these methods. In certain aspects, organisms obtained by the methods of the invention are not genetically engineered organisms. | 2012-05-24 |
20120131702 | Method and Apparatus of Using Peak Force Tapping Mode to Measure Physical Properties of a Sample - An improved mode of AFM imaging (Peak Force Tapping (PFT) Mode) uses force as the feedback variable to reduce tip-sample interaction forces while maintaining scan speeds achievable by all existing AFM operating modes. Sample imaging and mechanical property mapping are achieved with improved resolution and high sample throughput, with the mode being workable across varying environments, including gaseous, fluidic and vacuum. Ease of use is facilitated by eliminating the need for an expert user to monitor imaging. | 2012-05-24 |
20120131703 | QUANTITATIVE ANALYSIS OF MRNA AND PROTEIN EXPRESSION - Provided is a highly selective and non-destructive method and apparatus for the measurement of one or more target molecules within a target environment. The apparatus comprises of a modified AFM (atomic force microscope) tip to create a tapered nanoscale co-axial cable, and wherein the application of an alternating potential between the inner and outer electrodes of the co-axial cable creates a dielectrophoretic force for attracting molecules toward the tip-end which is pre-treated with one or more specific ligands. | 2012-05-24 |
20120131704 | SENSOR FOR NONCONTACT PROFILING OF A SURFACE - A sensor for scanning a surface with an oscillating cantilever ( | 2012-05-24 |
20120131705 | Floribunda rose plant named 'WEKplalajaro' - A new variety of Floribunda rose suitable for garden decoration, having flowers of salmon blend blushing scarlet coloration. | 2012-05-24 |
20120131706 | Apple tree named 'GALIWA' - A new ‘Gala’-type apple variety named ‘Galiwa.’ The new variety is distinguished by its large orange-red fruit, high fruit sugar content, and resistance to scab. | 2012-05-24 |
20120131707 | INTERSPECIFIC TREE NAMED 'CRIMSON KAT' - A new and distinct variety of interspecific tree. The following features of the tree and its fruit are characterized with the tree budded on ‘Nemaguard’ Rootstock (non-patented), grown on Handford sandy loam soil with Storie Index rating 95, in USDA Hardiness Zone 9, near Modesto, Calif., with standard commercial fruit growing practices, such as pruning, thinning, spraying, irrigation and fertilization. Its novelty consist of the following combination of desirable features:
| 2012-05-24 |
20120131708 | Pinus plant named ANSU HWANGKEUMSONG - A new and distinctive variety of | 2012-05-24 |
20120131709 | Weigela shrub named 'Sunset' - ‘Sunset’ is a new | 2012-05-24 |
20120131710 | Pearlbush shrub named 'Blizzard' - ‘Blizzard’ is a new pearlbush plant particularly distinguished by its compact habit, smaller plant height and width, larger flower diameter, and larger genome size. | 2012-05-24 |
20120131711 | Chrysanthemum plant named 'Zanmubedaz' | 2012-05-24 |
20120131712 | Chrysanthemum plant named 'Zanmuperfect' | 2012-05-24 |
20120131713 | Chrysanthemum plant named 'Zanmurover' | 2012-05-24 |