Patent application number | Description | Published |
20110087905 | Changing Operating State of a Network Device on a Network Based on a Number of Users of the Network - Object To control a network printer such that, when the number of active user computers in the vicinity of the network printer is large, the network printer is set in a standby state and, when that number is small, the network printer is powered off to achieve reduced office power consumption. Solution A method for managing a first unit and one or more other units connected to the first unit over a network is provided. The method includes (i) detecting, by a management unit, an operating state of the other units positioned within a specific range from the first unit on the basis of a location of each of the first and other units over the network, the operating state including at least an operating state at which a service request is capable of being transmitted to the first unit. The method further includes (ii) transmitting, by the management unit, to the first unit, an instruction to change an operating state of the first unit depending on a number of the other units being in the detected operating state at which the service request is capable of being transmitted. | 04-14-2011 |
20110296426 | METHOD AND APPARATUS HAVING RESISTANCE TO FORCED TERMINATION ATTACK ON MONITORING PROGRAM FOR MONITORING A PREDETERMINED RESOURCE - Exemplary embodiments include a method and system having resistance to a forced termination attack on a monitoring program for monitoring a predetermined resource. Aspects of the exemplary embodiment include a device that executes a predetermined process including a monitoring program that monitors a predetermined resource, wherein the predetermined process is a process for which the predetermined resource becomes unavailable in response to termination of the predetermined process; a program starting unit for starting the monitoring program in response to an execution of the predetermined process; and a terminator for terminating the predetermined process in the case where the monitoring program is forcibly terminated from the outside. | 12-01-2011 |
20120069406 | DETERMINING SCAN PRIORITY OF DOCUMENTS - When a group of documents are received, the scan priority of the documents may be determined, according to one embodiment, by acquiring contexts about each of the documents and calculating a scan priority of each of the documents according to a combination of the contexts of the document. Then, each of the documents may be stored to a queue corresponding to the scan priority of the document, such that documents stored in a higher priority queue are processed before documents stored to a lower priority queue. Also, a confidentiality label may be assigned to each of the documents, starting with the documents in the highest priority queue first, based on content acquired from each of the individual documents. | 03-22-2012 |
20120072376 | OPTIMIZING A PRINTER SYSTEM IN CONSIDERATION OF ENVIRONMENTAL LOAD - A print server selects a printer system to execute a print job received from a client, the printer system selected from among a plurality of printer systems connected to the network, the print server comprising a basic information acquiring section that acquires, at predetermining timing, unit price calculation basic information on printer systems in operation including at least information on environmental load information from at least one of the plurality of printer systems and external computers, a unit price calculating section that calculates a print unit price for each printer system based on the acquired unit price calculation basic information, a storage section that stores the calculated unit price in association with identification information for identifying the printer system and a sending section that sends the print unit prices and the identities of the printer systems associated with the calculated unit prices to the client. | 03-22-2012 |
20120072969 | DETERMINING A SENSITIVITY LABEL OF DOCUMENT INFORMATION IN REAL TIME - A sensitivity label for document information in a document may be determined in real time, according to one embodiment, by flexibly and dynamically determining a sensitivity label for the document based on content included in information within the document. Information within a document varies from day to day, for example, document information may decrease in importance with time, increase in importance due to an event, etc. Therefore, the sensitivity label of the document, according to embodiments described herein, may also change dynamically in accordance with document content, information, etc. | 03-22-2012 |
20120151165 | Data protection technique that protects illicit copying of data Maintained in data storage - A data protection program for protecting data to be processed by an application, and a computer including volatile storage means and nonvolatile storage means performs a volatile file unpack function of writing, to the nonvolatile storage means, data corresponding to a data file to be read or written by the application so that the data is associated with the data file; and a volatile file repackage function of outputting the data file corresponding to the data written to the volatile storage means. | 06-14-2012 |
20120166442 | CATEGORIZING DATA TO PERFORM ACCESS CONTROL - Systems and methods categorize data to perform access control. A system receives first data, where the first data comprises at least a portion of data to be categorized. The system analyzes the first data to determine Whether the first data belongs to a first category. If the first data belongs to a first category, the system applies a first access control set to actions on the data to be categorized. Further, if one or more of the actions on the data to be categorized has an access control status of pending after applying the first access control set, the system receives second data, where the second data comprises at least a portion of data to be categorized. The system analyzes the second data to determine whether the second data belongs to a second category. If the second data belongs to a second category, the system applies a second access control set to at least one of the actions having the access control status of pending. | 06-28-2012 |
20120166737 | Information Processing Apparatus, Data Duplication Method, Program, and Storage Medium - An enhanced security protection in data duplication using a shared storage area is provided. Specifically, an information processing apparatus, in which one or more applications operate, includes a copy-operation monitoring portion that acquires copy data that the copy source application issues an instruction to copy to a general-purpose shared memory, sets a lifetime interpreted from an operation pattern via an input device for the copy data, and then stores the copy data in a storage area; a display portion that displays, on a display, a paste candidate selected from one or more items of copy data stored in the storage area; a paste-operation monitoring portion that transfers the paste candidate read from the storage area to the paste destination application in response to a confirmation operation via the input device; and an erasing portion that erases, from the storage area, copy data that has become unpermitted to remain because the lifetime has expired. | 06-28-2012 |
20120167216 | METHOD AND APPARATUS HAVING RESISTANCE TO FORCED TERMINATION ATTACK ON MONITORING PROGRAM FOR MONITORING A PREDETERMINED RESOURCE - Exemplary embodiments include a method and system having resistance to a forced termination attack on a monitoring program for monitoring a predetermined resource. Aspects of the exemplary embodiment include a device that executes a predetermined process including a monitoring program that monitors a predetermined resource, wherein the predetermined process is a process for which the predetermined resource becomes unavailable in response to termination of the predetermined process; a program starting unit for starting the monitoring program in response to an execution of the predetermined process; and a terminator for terminating the predetermined process in the case where the monitoring program is forcibly terminated from the outside. | 06-28-2012 |
20120210080 | Data Protection Technique that Protects Illicit Copying of Data Maintained in Data Storage - A data protection program for protecting data to be processed by an application, and a computer including volatile storage means and nonvolatile storage means performs a volatile file unpack function of writing, to the nonvolatile storage means, data corresponding to a data file to be read or written by the application so that the data is associated with the data file; and a volatile file repackage function of outputting the data file corresponding to the data written to the volatile storage means. | 08-16-2012 |
20120215591 | OPTIMIZING A PRINTER SYSTEM IN CONSIDERATION OF ENVIRONMENTAL LOAD - A print server selects a printer system to execute a print job received from a client, the printer system selected from among a plurality of printer systems connected to the network, the print server comprising a basic information acquiring section that acquires, at predetermining timing, unit price calculation basic information on printer systems in operation including at least information on environmental load information from at least one of the plurality of printer systems and external computers, a unit price calculating section that calculates a print unit price for each printer system based on the acquired unit price calculation basic information, a storage section that stores the calculated unit price in association with identification information for identifying the printer system and a sending section that sends the print unit prices and the identities of the printer systems associated with the calculated unit prices to the client. | 08-23-2012 |
20120254951 | PROVIDING PROTECTION AGAINST UNAUTHORIZED NETWORK ACCESS - A system includes a detection unit configured to detect unauthorized access to one or more information processing apparatuses that are virtually implemented by virtual machines executed by a computer; an authorized network configured to transfer authorized access to the one or more information processing apparatuses from an external network; a honeypot network configured to transfer unauthorized access to the information processing apparatuses from the external network; and a control unit configured to connect the information processing apparatuses for which no unauthorized access has been detected to the authorized network, and connect the information processing apparatuses for which unauthorized access has been detected to the honeypot network; wherein the control unit shifts, in response to detecting unauthorized access by the detection unit, the corresponding information processing apparatus into a decoy mode in which the detected unauthorized access is disconnected from a normal operation. | 10-04-2012 |
20120297452 | PROVIDING PROTECTION AGAINST UNAUTHORIZED NETWORK ACCESS - A system includes a detection unit configured to detect unauthorized access to one or more information processing apparatuses that are virtually implemented by virtual machines executed by a computer; an authorized network configured to transfer authorized access to the one or more information processing apparatuses from an external network; a honeypot network configured to transfer unauthorized access to the information processing apparatuses from the external network; and a control unit configured to connect the information processing apparatuses for which no unauthorized access has been detected to the authorized network, and connect the information processing apparatuses for which unauthorized access has been detected to the honeypot network; wherein the control unit shifts, in response to detecting unauthorized access by the detection unit, the corresponding information processing apparatus into a decoy mode in which the detected unauthorized access is disconnected from a normal operation. | 11-22-2012 |
20130007469 | SECURELY MANAGING THE EXECUTION OF SCREEN RENDERING INSTRUCTIONS IN A HOST OPERATING SYSTEM AND VIRTUAL MACHINE - Provided are a computer readable storage medium, computer apparatus, and method for securely managing the execution of screen rendering instructions in a host operating system and virtual machine. A first rendering instruction hooking section is set to a first mode to hook a screen rendering instruction issued by a virtual machine application in a virtual machine. A second rendering instruction hooking section is set to a second mode to hook instructions issued by the virtual machine application. The hooked screen rendering instruction issued by the virtual machine application are encrypted in response to the setting of the first mode to produce illegible output. The hooked screen rendering instruction issued by the virtual machine application are encrypted in response to the setting of the second mode. The encrypted hooked screen rendering instruction encrypted in the second mode are issued to a host operating system to decrypt. | 01-03-2013 |
Patent application number | Description | Published |
20100250963 | EXTERNAL STORAGE DEVICE, AS WELL AS METHOD, PROGRAM AND INFORMATION PROCESSING APPARATUS FOR PROCESSING DATA STORED IN EXTERNAL STORAGE DEVICE - An external storage device connectable to an information processing apparatus is provided. The storage device includes: an input/output interface via which data is exchanged with an information processing apparatus; a first storage region where data associated with first and second validity periods is stored; and a second storage region where a control program is stored. While the first validity period is used when the external storage device is connected to one information processing apparatus, the second validity period is used when the external storage device is connected to another information processing apparatus. The control program causes a processor to execute the steps of: establishing connection of the external storage device to an information processing apparatus; identifying any one of the validity periods as a validity period to be used for the data; and executing predetermined security protection processing on the data in accordance with the identified validity period. | 09-30-2010 |
20100274860 | CHECKING DESTINATION EMAIL ADDRESSES AGAINST HISTORICAL ADDRESS INFORMATION - An email is created that includes one or more destination email addresses, plus historical information regarding previously exchanged emails. Before sending this email, each of the destination email addresses is checked against the email addresses in the historical information and, if a destination email address (or the domain name of that destination address) is not found in the historical information, then a warning is displayed to alert the user to the fact that this historical information may be sent to an unintended recipient. In response to this warning, which may include a list of unapproved destination email address, the user may approve a previously unapproved destination email address, change the unapproved destination email address to one that has been previously approved, or enter a new distribution email to be substituted for the unapproved one. When creating the email, the user may also specify other approved email addresses. | 10-28-2010 |
20110125857 | METHOD, COMPUTER PROGRAM, AND DEVICE FOR PROCESSING E-MAIL ADDRESSED TO MULTIPLE DESTINATION ADDRESSES - To allow a receiver of e-mail addressed to a plurality of destination addresses to readily specify a message of his/her interest included therein. A device for processing e-mail containing a plurality of destination addresses, contents corresponding respectively to the destination addresses, and display attributes for displaying the corresponding contents on a display device is provided. The e-mail processing device includes a unit for acquiring the degree of association between a first destination address, which is one of the plurality of destination addresses and at least one of the other destination addresses, and a unit for modifying the display attributes for the contents in accordance with the degree of association. | 05-26-2011 |
20120209411 | Abnormality Detection for Isolating a Control System - A mechanism is provided for effectively detecting an abnormality occurring in a control system and isolating the control system in which abnormality is acknowledged. The mechanism receives, from one or more control systems in the plurality of control systems, respective abnormality notifications for respective counter control systems to be monitored by the plurality of control systems. The mechanism adds up abnormality notifications transmitted from respective monitoring sections of the plurality of control systems so as to evaluate the reputation of a control system suspected to have an abnormality. The mechanism causes a protected area for operating the control system suspected to have an abnormality to restrict outbound traffic from at least the inside of the protected area, when an indication is identified that the control system is abnormal according to criteria from a result of the evaluation. | 08-16-2012 |
20120210158 | Anomaly Detection to Implement Security Protection of a Control System - An anomaly detection mechanism is provided that detects an anomaly in a control network, and includes an identifying unit to receive event information on an event that occurs, and to identify a group including a resource related to the event information by referring to a configuration management database for retaining dependence relationships between processes and resources including a control system; a policy storing unit to store one or more policies each of which associates one or more actions with a condition defining a situation suspected to have an anomaly; an adding unit to acquire group-related information needed for application to the one or more policies, and to add the acquired information to the event information; and a determining unit to apply the event information to the one or more policies and to determine the one or more actions associated with the matched condition as one or more actions to be taken. | 08-16-2012 |
20120222126 | CHECKING DESTINATION EMAIL ADDRESSES AGAINST HISTORICAL ADDRESS INFORMATION - An email, which includes a header and historical information, is created. The header comprises a destination email address, which comprises a name of an addressed recipient of the email and a domain name of the destination email address. The historical information in the email comprises an approved address for a previously exchanged email with the addressed recipient. The first approved address is compared to a corresponding portion of the first destination email address. In response to the corresponding portion of the first destination email address being different from the first approved address as stored in the storage unit, a warning is outputted. The warning comprises both the approved address, and an unapproved address list that comprises the first destination email address. | 08-30-2012 |
20120265999 | PROCESSING DATA STORED IN EXTERNAL STORAGE DEVICE - An external storage device connectable to an information processing apparatus is provided. The storage device includes: an input/output interface via which data is exchanged with an information processing apparatus; a first storage region where data associated with first and second validity periods is stored; and a second storage region where a control program is stored. While the first validity period is used when the external storage device is connected to one information processing apparatus, the second validity period is used when the external storage device is connected to another information processing apparatus. The control program causes a processor to execute the steps of: establishing connection of the external storage device to an information processing apparatus; identifying any one of the validity periods as a validity period to be used for the data; and executing predetermined security protection processing on the data in accordance with the identified validity period. | 10-18-2012 |
20130150985 | Abnormality Detection for Isolating a Control System - A mechanism is provided for effectively detecting an abnormality occurring in a control system and isolating the control system in which abnormality is acknowledged. The mechanism receives, from one or more control systems in the plurality of control systems, respective abnormality notifications for respective counter control systems to be monitored by the plurality of control systems. The mechanism adds up abnormality notifications transmitted from respective monitoring sections of the plurality of control systems so as to evaluate the reputation of a control system suspected to have an abnormality. The mechanism causes a protected area for operating the control system suspected to have an abnormality to restrict outbound traffic from at least the inside of the protected area, when an indication is identified that the control system is abnormal according to criteria from a result of the evaluation. | 06-13-2013 |
20130152198 | Anomaly Detection To Implement Security Protection of a Control System - An anomaly detection mechanism is provided that detects an anomaly in a control network, and includes an identifying unit to receive event information on an event that occurs, and to identify a group including a resource related to the event information by referring to a configuration management database for retaining dependence relationships between processes and resources including a control system; a policy storing unit to store one or more policies each of which associates one or more actions with a condition defining a situation suspected to have an anomaly; an adding unit to acquire group-related information needed for application to the one or more policies, and to add the acquired information to the event information; and a determining unit to apply the event information to the one or more policies and to determine the one or more actions associated with the matched condition as one or more actions to be taken. | 06-13-2013 |
Patent application number | Description | Published |
20080243804 | Information Search System, Information Search Supporting System, and Method and Program for Information Search - To enable a user to perform, by using an ontology, an information search utilizing a meaning given to information on a network by Semantic Web without being required to perform complicated operations for forming an inquiry sentence in conformity with the ontology. | 10-02-2008 |
20100006647 | SERVER SYSTEM, METHOD, AND COMPUTER PROGRAM PRODUCT FOR MANAGING PRINTABLE MEDIA THAT INCLUDE ELECTRONIC TAGS - The system includes a first receiver that, when information has been printed on the medium using a printing apparatus, receives, from the printing apparatus, an electronic tag ID of an electronic tag in the printed medium and a plurality of recipient IDs specified by a user, a second receiver that, when the printed medium has been stored in a repository, receives, from the repository, an electronic tag ID of an electronic tag in the stored medium and an ID in association with the repository (hereinafter called the repository ID), and an associating unit that, when the electronic tag ID sent from the printing apparatus agrees with the electronic tag ID sent from the repository, associates a recipient ID corresponding to the repository ID sent from the repository, out of the plurality of recipient IDs sent from the printing apparatus, with the agreed electronic tag ID. | 01-14-2010 |
20150294109 | Generating or Changing Passwords Using a Degree of Simplicity - A technique for generating passwords. The technique includes displaying objects, enabling a degree of simplicity to be set for a password, and generating a password in accordance with the established degree of simplicity. The technique also includes superimposing and displaying a secondary object icon for at least one secondary object available to a primary object on top of the primary object icon for the primary object, and the superimposing and display entails either superimposing and displaying a display on the superimposed secondary object icon to indicate whether or not the superimposed secondary object is available on the basis of the degree of simplicity, or changing the superimposed secondary object icon so as to differentiate the availability of the superimposed secondary object on the basis of the degree of simplicity. | 10-15-2015 |
Patent application number | Description | Published |
20080301754 | Management of Mandatory Access Control For Graphical User Interface Applications - Granular policy management is provided based upon an active status of a process and the display status of an associated visual display. A policy is constructed and applied to a process by a combination of individual control policy parameters associated with the status of a process or a graphical user interface. Each active policy is dynamically adjusted in response to a change in at least one policy condition. | 12-04-2008 |
20090044252 | SYSTEM, METHOD, AND PROGRAM FOR INSTANT MESSAGINGS - A method for delivering an instant message in a server connected to two or more computers via a network is provided. The two or more computers include groupware clients in which a user can perform login at the same time, using the same user ID, and for which status that may be different from each other can be set. Embodiments of the method includes authenticating a user of a groupware client who attempts to perform login using a user ID, recording the user ID and status information in association with an instant messaging user ID, receiving an instant message addressed to the user ID, and determining, on the basis of the status information, which of two or more client computers the instant message is sent to. | 02-12-2009 |
20090307323 | APPARATUS AND METHOD FOR SUPPORTING SETTING OF DESTINATION OF EMAIL - In a client | 12-10-2009 |
20140180929 | Assisting in Bill Split Payment - When a split amount decided by a representative splitting, in a representative terminal, a total amount transmitted from a store terminal is notified from each member terminal to a credit company server as a payment amount, the credit company server holds information for payment settlement, and transmits payment permission information including encrypted information generated by encrypting the information for payment settlement, to each member terminal. Each member terminal transmits payment permission information of the same contents as the payment permission information to the representative terminal. The representative terminal transmits payment permission information obtained by concatenating the payment permission information, to the store terminal. | 06-26-2014 |
20150278669 | SECURELY PRINTING A DOCUMENT - Securely printing a document. Receiving, by a server computer, a request from a client computer to allocate a printer satisfying a set of security requirements. Allocating, by the server computer, a printer that will print document data according to the received set of security requirements and that is accessible by the client computer. Transmitting to the client computer, by the server computer, an identification of the allocated printer. Transmitting to the allocated printer, by the server computer, the received set of security requirements. Receiving from the client computer, by the server computer, a printing instruction including document data for printing to the allocated printer. Transmitting to the allocated printer, by the server computer, the received document data to print. | 10-01-2015 |
Patent application number | Description | Published |
20130145459 | Information Processing Device, Control Method and Program - An information processing device, control method and program that suppresses security risks to a minimum. When power is activated, a control component starts by reading a first program from a first memory component and, in observance of the first memory program, it reads the identification information of an authentication device that is mounted to a mounting component, references a table T, and performs authentication processing for the authentication device, with the condition that the count value correspondingly listed for the identification information of the authentication device be larger than a prescribed value and, when authentication processing has succeeded, starts by reading the second program from a second memory component, and in the event that the authentication device continues to be mounted to the mounting component during executing the second program, decreases the table count value corresponding to the unique identification information of the authentication device. | 06-06-2013 |
20130219462 | GENERATING A DISTRUBITION PACKAGE HAVING AN ACCESS CONTROL EXECUTION PROGRAM FOR IMPLEMENTING AN ACCESS CONTROL MECHANISM AND LOADING UNIT FOR A CLIENT - A data distribution system, method and program for generating a distribution package for distribution data to a client. An environment of a requesting client requesting distribution data is detected. A determination is made of an access control execution program for implementing an access control mechanism and a loading unit on the requesting client. The access control execution program is adapted to the detected environment of the requesting client and control access to a resource from a process in the client. The loading unit loads the distribution data to a protected storage area of the client. A determination is made of a security policy specified for the distribution data. A distribution package is generated including the distribution data, the security policy, the loading unit, and the access control execution program adapted to the environment of the requesting client; and transmitting the generated distribution package to the requesting client. | 08-22-2013 |
20130226965 | Acquiring Customized Information from a Server - A mechanism is provided for acquiring information from a server based on search condition input by a search performing user and communication results with other information terminals. Input search conditions are received from a search performing user. Communication is performed with other information terminals. A search request is transmitted to the server based on the input search conditions and the communication results from the other information terminals. Information is received from the server that matches input search results and the communication results. The acquired information is customized based the communication results with the other information terminals. The customized information is then displayed on the information terminal. | 08-29-2013 |
20140006350 | METHOD FOR SELECTING STORAGE CLOUD FOR STORAGE OF ENTITY FILES FROM PLURALITY OF STORAGE CLOUDS, AND COMPUTER AND COMPUTER PROGRAM THEREFOR | 01-02-2014 |
20140172426 | Method for Processing Speech of Particular Speaker, Electronic System for the Same, and Program for Electronic System - An object of the present invention is to process the speech of a particular speaker. The present invention provides a technique for collecting speech, analyzing the collected speech to extract the features of the speech, grouping the speech, or text corresponding to the speech, on the basis of the extracted features, presenting the result of the grouping to a user, and when one or more of the groups is selected by the user, enhancing, or reducing or cancelling the speech of a speaker associated with the selected group. | 06-19-2014 |
20140298030 | COMPUTER ASSISTED NAME-BASED AGGREGATION SYSTEM FOR IDENTIFYING NAMES OF ANONYMIZED DATA, AS WELL AS A METHOD AND COMPUTER PROGRAM THEREOF - A computer assisted name-based aggregation system that acquires anonymized data from a plurality of service providing systems without obtaining the personal information, and identifies the name of the acquired anonymized data. The computer assisted name-based aggregation system transmits a transmission request that requests transmission of data, and a value that changes for each transmission request to the plurality of service providing systems; receives a set containing hash values created based on an identification number for controlling data and the aforementioned value, and the anonymized data specified by the identification number, from the plurality of service providing systems; and identifies the name of anonymized data specified by the hash value from the anonymized data received from each of the plurality of service providing systems. | 10-02-2014 |
20150178223 | Information Processing Technique to Manage Security Attributes of Data Generated in Different Modes - An information processing apparatus includes a storage managing unit configured to manage a storage device by dividing the storage device into a plurality of physical storage regions corresponding to respective modes used by the information processing apparatus, and a storage processing unit configured to cause data generated by the information processing apparatus during operation in a mode to be stored in a physical storage region corresponding to the mode. For example, the storage managing unit stores a policy in the storage device. The policy defines whether to permit the use of data between a plurality of security attributes corresponding to the respective physical storage regions. | 06-25-2015 |