Patent application number | Description | Published |
20080288581 | Method and an apparatus to record web transactions using a proxy server - Some embodiments of a method and an apparatus to record web transactions in a proxy server have been presented. In one embodiment, responses and requests are routed between a web server and a client via a proxy server communicatively coupled between the web server and the client during a web transaction. The proxy server further records transaction information of the web transaction. | 11-20-2008 |
20080288648 | Method and an apparatus to validate a web session in a proxy server - Some embodiments of a method and an apparatus to validate a web session in a proxy server have been presented. In one embodiment, service of predetermined content is offloaded from an application server to a proxy server communicatively coupled between the application server and a client. Using the proxy server, access to the predetermined content by the client may be controlled. | 11-20-2008 |
20080289025 | Method and an apparatus to validate a web session in a proxy server - Some embodiments of a method and an apparatus to validate a web session in a proxy server have been presented. In one embodiment, a first message authentication code is generated at a proxy server communicatively coupled between an application server and a client upon receiving a message from the application server. The message is generated by the application server in response to an authentication request from the client to initiate a web session. The proxy server then adds the first message authentication code and one or more timestamps to the message. Then the proxy server may send the message to the client, wherein the client may use the first message authentication code and the one or more timestamps to request access to predetermined content during the web session. | 11-20-2008 |
20080301222 | Mobile bookmarks - A method and apparatus for updating bookmarks is described. In one embodiment, a server has a bookmark database and a bookmark synchronizer. The bookmark synchronizer is configured to receive a communication from a web browser of a client of a user, to collect a list of bookmarks of the web browser of the client, to compare the list of bookmarks with a list of bookmarks stored in the server, and to synchronize the list of bookmarks of the web browser of the client with the list of bookmarks stored in the server. | 12-04-2008 |
20090060180 | Method and an apparatus to generate pseudo random bits for a cryptographic key - Some embodiments of a method and an apparatus to generate pseudo random bits for a cryptographic key have been presented. In one embodiment, a set of Blum-Blum-Shub (BBS) pseudo random number generators is executed substantially in parallel. Each of the BBS pseudo random number generators may generate a series of pseudo random bits. A subset of pseudo random bits is extracted from each of the series of pseudo random bits from each of the plurality of BBS pseudo random number generators. Subsets of the series of pseudo random bits from the BBS pseudo random number generators are combined to generate a cryptographic key. | 03-05-2009 |
20090063485 | Finding superlatives in an unordered list - The k first elements from an unordered list of n total elements are copied to a result buffer, wherein k is a value smaller than n. The k first elements in the result buffer are sorted. Each subsequent element in the unordered list is compared to elements in the result buffer. If the subsequent element belongs in the result buffer, a current element in the result buffer is replaced with the subsequent element. The elements in the result buffer are then resorted. | 03-05-2009 |
20090125581 | Automated recording and playback of application interactions - Some embodiments of automated recording and playback of application interactions have been presented. In one embodiment, an application proxy server communicatively coupled between an application server and a client records responses and requests between an application server and a client during a transaction. Furthermore, the application proxy server generates a script based on the responses and requests recorded. | 05-14-2009 |
20090125711 | Securing unprivileged sessions on posix systems - A method and apparatus for providing security to Portable Operating System Interface (POSIX) system. In one embodiment, a file system with noexec/nodev options is mounted on the POSIX system. The root directory of the mounted file system is changed with a chroot operation to generate a secured system directory structure. The secured system directory structure is assigned to a non-administrative user. | 05-14-2009 |
20090132517 | Socially-derived relevance in search engine results - A method and apparatus for ranking results from a search engine query is described. In one embodiment, a search engine generates a list of search results in response to a query for a search term to the search engine. A statistical computation engine determines an average frequency of first selection of each hyperlink with respect to its position in a list of hyperlinks, and determines an average frequency of first selection of each search result from the list of search results. A relevance engine compares the average frequency of first selection of a search result from the list of search results with the average frequency of first selection of a corresponding hyperlink in the respective position in the list of hyperlinks, and adjusts the position of the search result in the list of search results based on the comparison. | 05-21-2009 |
20090132723 | Generic network protocol scripting - Some embodiments of generic network protocol scripting have been presented. In one embodiment, a script is received from a user. The script is associated with a set of connection oriented network transport based network protocols. The script may be executed to emulate a network transaction according to one of the set of connection oriented network transport based network protocols within a network. | 05-21-2009 |
20090132807 | Renegotiating SSL/TLS connections with client certificates on post requests - A method and apparatus for providing securing a connection with a (Secure Sockets Layer) SSL/TLS-enabled server. In one embodiment, a web client establishes a new connection by initiating a communication with the SSL/TLS-enabled server. The communication includes a non-POST request. After the client negotiates the secured connection with the server in response to the non-POST request, the client submits a POST request to the SSL/TLS-enabled server via the secured connection. | 05-21-2009 |
20090138464 | Method for removing network effects from search engine results - A method and apparatus for ranking results from a search engine query is described. In one embodiment, the search engine provides results from a search query. The results contain a list of web pages where each web page has one or more inbound links. The search engine computes the growth of the number of inbound links of each web page over a predefined period of time. The search engine ranks each web page based on a function of its respective computed growth of the number of inbound links. | 05-28-2009 |
20090138602 | Secured agent communications - A server communicates with a network appliance. The server includes an agent. The network appliance sends a request to the agent. The request includes an identification of a port. The agent negotiates a secured communication channel with the network appliance on the identified port to retrieve further instructions from the network appliance. The instructions includes one or more commands. The server reports the results of the executed command to the network appliance on the initial channel. | 05-28-2009 |
20090138956 | Multi-use application proxy - Some embodiments of a multi-use application proxy have been presented. In one embodiment, an application proxy is executed as an intermediary a set of applications. The application proxy performs multiple functions between the set of applications. For example, the application proxy aggregates interactions between the applications and a client in one embodiment. | 05-28-2009 |
20090201180 | Compression for deflate algorithm - A method and apparatus for compressing data is described. In one embodiment, a processor receives one or more strings of data to be compressed. Duplicate strings are replaced with pointers using a first compression algorithm. An output of the first compression algorithm is processed with a second compression algorithm using a variable context dynamic encoder to generate a tree of non-overlapping bit-sequences where the length of each sequence is being inversely proportional of the likelihood of that symbol needing to be encoded. Unused symbols are not generated on the tree. | 08-13-2009 |
20090214028 | Generating Session Keys - A method and apparatus for generating shared session keys. The method and apparatus does not rely on strong random number generation. The first node sends a timestamp and random sequence to the second node. The second node generates a message authentication code (MAC) using this data and a shared secret key. The MAC is then used to encrypt a reply containing a second timestamp and second random sequence from the second node. The first node receives this message and decrypts it by generating the same MAC. Both nodes then generate a session key using the shared set of timestamps and random sequences. | 08-27-2009 |
20090216909 | Setting time from a NFS server - An apparatus and a method for setting a system time of a client from a network file system (NFS) server is described. In one embodiment, the client creates a file on the (NFS) server and reads the last-modified time attribute of the file. The client adjusts its system time accordingly based on the last-modified time attribute of the file. The file is then deleted from the NFS server. | 08-27-2009 |
20090217162 | Flexible System Monitoring Using SNMP - A method and apparatus for generating and managing simple network management protocol (SNMP) reports that support the retrieval and processing of tabular data. An SNMP management station or similar program provides a user with an interface for viewing and managing data and resources through SNMP. The data and resources are identified by object identifiers (OID). However, some data referenced by the OIDs is tabular data. The management station provides an interface and set of functions for the configuration of methods for processing and displaying the tabular data. The SNMP management station provides a set of functions including: summation, maximums, minimums, averaging, threshold checks, value comparisons and similar functions that can be applied to the tabular data and used to generate a result or indicator in a management report. | 08-27-2009 |
20090217174 | Online desktop distribution - An apparatus and a method for an online desktop distribution is described. In one embodiment, an online desktop operates on a client with an online desktop distributor having an operating system with one or more kernels compiled for usermode. A server coupled to the client stores and uploads a user profile setting to the client to configure the online desktop on the client based on a user login on the online desktop. The online desktop can be booted from the client with the online desktop distributor or run as a hosted operating system in usermode under a default operating system of the client. | 08-27-2009 |
20090217386 | Stateless challenge-response broadcast protocol - A broadcast stateless protocol by which a client broadcasts a request to a server group is described. In one embodiment, the client broadcasts the request to a server group. A tamper-evident challenge including the request is received from any one server of the server group. A response to the tamper-evident challenge is broadcast to any one server of the server group, the response including the request. A result to the request is received upon any one server of the server group verifying the response being valid and the request being unmodified. | 08-27-2009 |
20090220072 | Secure serial number generation - An apparatus and a method for generating serial numbers is described. In one embodiment, a block cipher encrypter encrypts an application identifier and a sequence of random numbers to generate a signature. The block cipher encrypter is associated with a serial number key. The application identifier, the sequence of random numbers, and the signature are concatenated to generate a serial number. An encoder encodes the serial number into a string. | 09-03-2009 |
20090220081 | Mechanism for broadcast stenography of data communications - In one embodiment, a mechanism for broadcast stenography of data communications is disclosed. In one embodiment, a method includes creating a plurality of messages for transmission to one or more recipients, the plurality of messages including one or more real messages intended for one or more of the recipients and one or more bogus messages intended for none of the recipients. The method further includes for each intended recipient of the one or more real message, calculating a message authentication code (MAC) based on the message and a shared secret key kept between a broadcaster of the plurality of messages and the intended recipient, and for each of the plurality of messages, creating a plurality of unique pseudo-MACs that have an identical format to a real MAC. In addition, the method includes sending the plurality of messages to the one or more recipients, with the calculated MACs for each intended recipient attached to the one or more real message and the associated unique pseudo-MACs attached to each message of the plurality of messages.. Other embodiments are also described. | 09-03-2009 |
20090222554 | Statistics for online advertising - An apparatus and a method for collecting online advertisement statistics is described. In one embodiment, a web browser of a client requests from a server, a web page having an advertisement banner. The web browser receives the web page and a JavaScript program. The browser loads the webpage and the JavaScript program which polls the browser of one or more property of an HTML image object included in the advertisement banner of the web page. The JavaScript program reports out the one or more property of the HTML image object. | 09-03-2009 |
20090222661 | Mechanism for securely ordered message exchange - In one embodiment, a mechanism for securely ordered message exchange is disclosed. In one embodiment, a method includes associating sequence numbers with each of a plurality of messages that are part of a transmission from a broadcaster to an intended recipient, and for each message of the plurality of messages, calculating a unique message authentication code (MAC) using as inputs the message, a shared secret key, and the associated sequence number. The method also includes sending to the intended recipient the plurality of messages each with the associated calculated MAC attached to the message. | 09-03-2009 |
20090222666 | Mechanism for generating message sequence order numbers - In one embodiment, a mechanism for generating message sequence order numbers is disclosed. In one embodiment, a method includes generating a timestamp value, and calculating a message authentication code (MAC) using as inputs the timestamp value, public information of an intended recipient, and a shared secret key kept between a broadcaster and the intended recipient. In addition, the method includes extracting, according to a pre-determined process agreed to between the broadcaster and the intended recipient, a required number of bits that define a size of an initial sequence number from the MAC. Lastly, the method includes using the extracted result as the initial sequence number. | 09-03-2009 |
20090222831 | Scheduling network distributed jobs - A method and apparatus for scheduling processing jobs is described. In one embodiment, a scheduler receives a request to process one or more computation jobs. The scheduler generates a size metric corresponding to a size of an executable image of each computation job and a corresponding data set associated with each computation job. The scheduler adjusts a priority of each computation job based on a system configuration setting and schedules the process of each computation job according to the priority of each computation job. In another embodiment, the scheduler distributes the plurality of computation jobs on one or more processor of a computing system, where the system configuration setting prioritizes a computation job with a smaller size metric than a computation job with a larger size metric. In another embodiment, the scheduler distributes the computation jobs across a network of computing systems with one or more computation jobs distributed over one or more computing systems, where the system configuration setting prioritizes a computation job with a smaller size metric than a computation job with a larger size metric. | 09-03-2009 |
20090256729 | DIFFERENCE CODING ADAPTIVE CONTEXT MODEL USING COUNTING - Techniques for improving encoding and decoding data are described herein. According to one embodiment, it is determined whether a current context can encode a retrieved symbol. The current context includes a plurality entries, each representing an encoded symbol, including a count value representing a frequency of the entry being used. A code is generated to a code stream, where the code represents a difference between an index of an entry in the current context associated with the retrieved symbol and a previous index used for encoding a previous symbol, if the current context can encode the retrieved symbol. A count value corresponding to the entry associated with the retrieved symbol is incremented in the current context. The current context is sorted based on count values of all entries in the current context, where the code stream and the literal stream are to be compressed and encoded by a compressor. | 10-15-2009 |
20090257583 | CIPHER FEEDBACK WITH VARIABLE BLOCK CHAINING - Some embodiments of a method and apparatus for encrypting and decrypting data have been presented. In one embodiment, a current initialization vector (IV) is generated based on a previous block of plaintext enciphered. Then a current block of plaintext is combined with the current IV to create a temporary block. An encipher may encipher the temporary block to generate a current block of ciphertext. | 10-15-2009 |
20090267810 | EFFICIENT CODING OF SMALL INTEGER SETS - Techniques for coding integer sets are described herein. According to one embodiment, for each data range of parameters to be encoded, a number of bits required to represent a maximum parameter among the parameters in each data range is determined, including a first number of bits and a second number of bits corresponding to the first and second data ranges. Each parameter in the first data range is encoded using the first number of bits and each parameter in the second data range is encoded using the second number of bits, where the data stream further includes a value representing the first number of bits and the data stream is to be decoded by a decoder using the value representing the first number of bits to recover the first number of bits and the second number of bits, which are used to recover each parameter from the data stream. | 10-29-2009 |
20090271462 | Keyed Pseudo-Random Number Generator - A method and apparatus for client authentication using a pseudo-random number generation system. The pseudo-random number generation utilizes a secret key as well as state information as input into the hash function to generate a pseudo-random number. The state information that is part of the input can be any number of prior generated pseudo-random numbers. The authentication allows for synchronization of the client and server by exchanging state information. The authentication is not dependent on any absolute time and consequently the client and servers are not required to maintain a reliable shared time base. | 10-29-2009 |
20090279697 | CIPHERTEXT KEY CHAINING - Some embodiments of a method and apparatus for encrypting and decrypting data have been presented. In one embodiment, a current key is generated from a prior ciphertext block and another key, which may include a prior key used to encipher the prior ciphertext block or an initialization vector. Then a current plaintext block is enciphered using the current key to generate a current ciphertext block. | 11-12-2009 |
20090284399 | MECHANISM FOR MODELING ESCAPE COUNTS IN ADAPTIVE COMPRESSION MODELS - In one embodiment, a mechanism for modeling escape counts in adaptive compression models is disclosed. In one embodiment, a method includes initializing an escape count for an escape symbol used in an adaptive compression context model that encodes an input stream, the initial escape count being initialized at a high value in an upper portion of a range of possible count values, invoking the adaptive compression context model with the initial escape count for the escape symbol, incrementing the escape count each time it is utilized in the adaptive compression context model, and scaling the escape count when it exceeds a maximum count value. | 11-19-2009 |
20090285399 | Distributing Keypairs Between Network Appliances, Servers, and other Network Assets - A method and apparatus for providing an automated key distribution process to enable communication between two networked devices without the need for human provision of a key to both networked devices. In response to a first connection request from a first network device to a second network device, the second network device will check for a credential such as a public key for the first network device. If the credential is not present, then the second network device will communicate with the first network device on a second secured and pre-defined connection to obtain a certificate from the first network device. The second network device then queries a backend server with the certificate to obtain a credential such as the public key for the first network device. Subsequent connection or communication requests from the first network device will then be properly serviced. | 11-19-2009 |
20090290707 | Generating and Securing Multiple Archive Keys - A method and apparatus for generating multiple keys for a set of archives or portions of a set of archives. The process includes receiving a passphrase from a user and an indicator of a set of archives to be modified or created. An archive key generation process can be based on a random value generation, an algorithm for generating keys with specific characteristics, an indexing scheme, a progressive enciphering scheme or a shared secret scheme. The generated keys are enciphered using an enciphering algorithm in combination with the passphrase. The archive keys are stored with the archives in their enciphered form. Other intermediate key information is also stored with the archive to enable deciphering of the set of archives using the passphrase as needed. | 11-26-2009 |
20090290708 | Generating and Securing Archive Keys - Described herein is a method and apparatus for managing archives. The archive management process receives a passphrase and an indicator of an archive to be managed. The passphrase is used to encipher or decipher an archive key dependent on whether data is to be inserted or extracted from the archive key. The passphrase can be changed by re-enciphering the archive key. | 11-26-2009 |
20090292751 | NON-LINEAR MIXING OF PSEUDO-RANDOM NUMBER GENERATOR OUTPUT - A method and apparatus for a pseudo-random number generation system. The pseudo-random number generation mixes the output of two or more pseudo-random number generators to create a new pseudo-random number or sequence. The process operates on pseudo-random numbers with a bit size k, multiplies the numbers and then performs modulo 2 | 11-26-2009 |
20090292803 | Method for measuring web visitors - An apparatus and a method for tracking the number of hits to a web page is described. In one embodiment, a web browser of a client requests from a server a web page. The server redirects the web browser to a cookie counting web page, where the cookie counting web page provides a tracking cookie to the web browser. The server computes the number of unique hits to the web page without cookies based on the number of hits to the cookie counting web page without tracking cookies, the number of unique hits to the cookie counting web page with tracking cookies, the number of all hits to the cookie counting web page with tracking cookies. | 11-26-2009 |
20090300352 | Secure session identifiers - An apparatus and a method for an authentication protocol. In one embodiment, a server generates a sequence number, and a server message authentication code based on a server secret key. The server sends the sequence number, an account identifier, and the server message authentication code to the client. The client generates a client message authentication code over the sequence number, a request specific data, and a shared secret key between the client and the server. The client sends a request to the server. The request includes the sequence number, the account identifier, the server message authentication code, the request specific data, and the client message authentication code. The server determines the validity of the client request with the shared secret key. | 12-03-2009 |
20090300364 | Username based authentication security - An apparatus and a method for an authentication protocol. In one embodiment, a client requests for an authentication challenge from a server. The server generates the authentication challenge and sends it to the client. The authentication challenge includes the authentication context identifier, a random string, a timestamp, and a signature value. The client computes a salt value based on a username and the authentication context identifier from the authentication challenge. The signature value is computed based on the authentication context identifier, the random string, and the timestamp. The client computes a hashed password value based on the computed salt value, and a message authentication code based on the hashed password value and the random string. The client sends a response to the server. The response includes the username, the message authentication code, the random string, the timestamp, and the signature value. | 12-03-2009 |
20090327740 | Securing a password database - An apparatus and a method for storing an encrypted username and password. In one embodiment, a username is encrypted. A password associated with the username is encrypted. A user identifier associated with the username is encrypted. The encrypted username, the encrypted password, and the user identifier are stored in one or more database. | 12-31-2009 |
20100054468 | VALIDATING COMPRESSED ARCHIVE KEYS - An apparatus and a method for validating compressed encrypted archive keys is described. In one embodiment, a pseudo-stream is generated for an archive. The pseudo-stream is made of a small amount of random text. The pseudo-stream is attached to a stream of the archive. The pseudo-stream and stream are compressed using the compression algorithm that includes validation data. The compressed pseudo-stream is then enciphered with an archive key. | 03-04-2010 |
20100054475 | VALIDATING ENCRYPTED ARCHIVE KEYS - An apparatus and a method for validating encrypted archive keys is described. In one embodiment, a passphrase is enciphered. An archive key used to encipher an archive is enciphered with the enciphered passphrase. A first enciphered block is computed by enciphering a random block with the archive key. A second enciphered block is computed by enciphering the same random block with a Message Authentication Code (MAC) key. The MAC key is derived from the archive key and the passphrase. The validity of keys is determined by comparing the decrypted first block with the decrypted second block. | 03-04-2010 |
20100054476 | VALIDATING ENCRYPTED ARCHIVE KEYS WITH MAC VALUE - An apparatus and a method for validating encrypted archive keys is described. In one embodiment, a passphrase is received. An archive key is recovered with the passphrase. A Message Authentication Code (MAC) value is computed with the recovered archive key. The computed MAC value is compared with a MAC value stored in an archive to determine the validity of the passphrase. The stored MAC value is originally computed with an original passphrase using the archive key as a MAC key. | 03-04-2010 |
20100058059 | SHARING KEYS BETWEEN COOPERATING PARTIES - An apparatus and a method for generating a secure cipher key over an insecure channel. In one embodiment, a set of polynomials is generated and shared between a first party and a second party over the insecure channel. The first party generates a first random exponent for its private cipher key. The second party generates a second random exponent for its private cipher key. The first party operates on the set of polynomials with the first random exponent and sends the results to the second party. The second party operates on the set of polynomials with the second random exponent and sends the results to the first party. A shared cipher key is computed based on the exchanged operation results. | 03-04-2010 |
20100058060 | Username Based Key Exchange - A method and apparatus for an system and process for sharing a secret over an unsecured channel in conjunction with an authentication system. A client computes a message authentication code based on a hashed password value and a first random string received from the server. The client sends a response to the server that includes authentication data including a second random string. Both the client and server concatenate the first random string, second random string and username. Theses values are processed to generate as a shared master secret to further generate shared secrets or keys to establish a secured communication channel between the client and server. The secured communication can be based on stateless messaging where the decryption key associated with the message is identified by the message authentication code, which is placed within the message. | 03-04-2010 |
20100058067 | SECURING A PASSWORD DATABASE - An apparatus and a method for encrypting a username is described. In one embodiment, a hashed username is encrypted with a key. An input size of the key matches an output size of the key. The password associated with the hashed username is replaced with a function of the encrypted username. The function includes a linear combination operator of the password and the encrypted username. The encrypted username is then swapped with the replaced password. The encryption, replacement, and the swapping are iterated for at least two or more rounds using a different key with each iteration. | 03-04-2010 |
20100131477 | VERSIONING FILE SYSTEM - An apparatus and a method for versioning a file of a file system is described. A versioning module stores multiple versions of the file. The file is opened for write access. The versioning module identifies an file mapping structure of a block associated with the file, copies the content of the file mapping structure of the file to a new file mapping structure of the file, and allocates a new block to the file as represented by the file mapping structure. | 05-27-2010 |
20100131480 | DEDUPLICATED FILE SYSTEM - An apparatus and a method for maintaining a file system is described. An allocation module receives a request from a kernel module to allocate a block of the file system to a file. The allocation module examines an other block of the file system to determine whether the other block contain a same data as the block. The allocation module also determines an external reference count of the other block containing the same data. The other block is then allocated to the file and the external reference count is updated accordingly. | 05-27-2010 |
20100131542 | SUGGESTED WEBSITES - An apparatus and a method for suggesting a web site is described. In one embodiment, a user at a client enters a web address. A suggestion server receives the web address and generates one or more suggested web addresses for the user based on an analysis of captured aggregate online users behavior in relation to the web address. The suggestion server stores and organizes results of the analysis of the captured aggregate online users behavior. The results includes a list of two or more substantially related and relevant web addresses. The suggestion server compares the web address with the results of the analysis to generate the one or more suggested web addresses. The one or more suggested web addresses are sent to the client. | 05-27-2010 |
20100131662 | NETWORKED PROJECTION DISPLAY ADAPTER - A networked projector system includes a projection display device, a projector computer, and a network adapter. The projector computer negotiates an IP address of a local network, and periodically broadcasts the IP address on the local network. The network adapter connects with a client on the local network with the IP address. | 05-27-2010 |
20100131756 | USERNAME BASED AUTHENTICATION AND KEY GENERATION - An apparatus and a method for an authentication protocol. A client generates a server unique identifier of a server prior to communicating with the server. An encrypted password generator module of the client calculates an encrypted password based on the server unique identifier, a username, and an unencrypted password. A communication request generator module of the client generates and sends a communication request to the server. The communication request includes a username, a client random string, a client timestamp, and a client MAC value. The client MAC value is computed over the username, the client random string, and the client timestamp, using the encrypted password as an encryption key. | 05-27-2010 |
20100131766 | NOTIFYING USERS OF SERVER CHANGES VIA SSL - An apparatus and a method for authenticating a secure communication is described. A server receives a request from a client for an original SSL certificate. The server embeds a message in a common name (CN) of a new SSL certificate directing the client to another server. The client is transparently reconfigured and establishes a secure communication with the other server using the new SSL certificate. | 05-27-2010 |
20100214136 | DICTIONARY-BASED COMPRESSION - A method and apparatus for compressing data is described. A compressor builds a dictionary associated with the characters in the input string. A table in the dictionary is generated by looking backward from a current character being encoded in the input string to determine the last time the most recent one or more characters have occurred. The compressor determines whether the following characters at a point of encoding matches the next character being encoded. | 08-26-2010 |
20100214137 | LZSS WITH MULTIPLE DICTIONARIES AND WINDOWS - A method and apparatus for compressing data is described. An input string to be compressed is received. The input string is encoded with compressor using a compression algorithm using several sizes of dictionaries and windows. The compressor processes the input string with a selected size of the dictionary and window yielding the most compression of the input string among the different sizes of dictionaries and windows. | 08-26-2010 |
20100219990 | COMPACT ENCODING OF SMALL INTEGERS - A method and apparatus for encoding a set of integers is described. The largest power of two integer is determined based on a size of the set of integers with an integer encoder. A code table is constructed using the largest power of two integer. A uniform coding is constructed with values from the code table. A string “1” is prepended to each code from the code table. The string “1” is appended to a string “0” from the code table. | 09-02-2010 |
20100220853 | Method and Apparatus for Compound Hashing Via Iteration - A method and apparatus for a system and process for generating a hashing value using any number of cryptographic hashing functions. The hashing process receives an input value to be hashed. The input value is cyptographically hashed and augmented. The augmented value is then cryptographically hashed. The process then iteratively applies a set of non-linear functions to these values. Each iteration maintaining a ‘left half’ and ‘right half.’ After the last iteration, the left and right portions are concatenated to form a hash value that is output. | 09-02-2010 |
20100223273 | DISCRIMINATING SEARCH RESULTS BY PHRASE ANALYSIS - A statistical analysis parses documents for phrases in the documents. Each document is analyzed with a phrase analysis engine to determine a key phrase that frequently occur throughout each document. One or more documents are grouped together based a corresponding statistically improbable phrase. | 09-02-2010 |
20100223280 | MEASURING CONTEXTUAL SIMILARITY - A contextual similarity measurement system computes a similarity model for a reference document using a prediction by partial match method. The system further computes a similarity measure between a compared document and the reference document using the similarity for the reference document. | 09-02-2010 |
20100223288 | PREPROCESSING TEXT TO ENHANCE STATISTICAL FEATURES - A document preprocessor preprocess a document to enhance the statistical features of the document. The system preprocesses the document by matching a prefix and a trailing context in the document with one or more matching prefixes in a transformation database, where the prefix is a first string of one or more tokens in the first document and the trailing context is a second string of one or more tokens in the first document that trail the prefix. Alternatively, the system preprocesses the document by computing cyclic permutations of the document, sorting these permutations and taking the last token from each of the sorted permutations. | 09-02-2010 |
20100223497 | Monitoring Processes Via Autocorrelation - A method and apparatus including a monitoring and correction module that monitors process metrics to identify a steady-state for a process, detects a deviation from the steady-state for the process, and executes a corrective measure automatically to reduce an impact of the process in response to the deviation by a monitoring and correction module. The monitoring and correction module also analyzes the deviation to determine whether the deviation is negatively impact in performance for other processes. | 09-02-2010 |
20100223675 | CERTIFICATE BASED DISTRIBUTED POLICY ENFORCEMENT - An apparatus and a method for a certificate-based distributed policy system is described. A policy server receives over a communication channel a data structure associated with an object to be managed across a communication boundary between a client and the policy server. The policy server generates an object certificate upon validation of the object and validation of an initiator of the object. The data structure includes a serialized representation of public properties of the object, a hash of the object in a canonical serialized form, and a signature of the public properties and hash using the initiator's private key. | 09-02-2010 |
20100228763 | FINDING RELATED SEARCH TERMS - An apparatus and a method for suggesting search terms is described. A server receives a search term from a client and generating one or more suggested search terms to the client based on an analysis of temporal data between prior search terms in relation to the search term. The server sends the suggested search terms to the client. | 09-09-2010 |
20100306025 | COLLABORATIVE OPTIMIZATION OF ONLINE ADVERTISEMENT RETURN ON INVESTMENT - An online advertisement system determines which of a plurality of advertisement clickthroughs are successful online events. A successful online event is based on an advertisement online reference and a success online reference. The system further correlates the number of successful online events for a traffic originator. In addition, the online advertisement system computes an advertisement penalty based on the computed correlation. | 12-02-2010 |
20100306026 | PLACING PAY-PER-CLICK ADVERTISEMENTS VIA CONTEXT MODELING - An advertisement platform system makes advertisement placement decision via context modeling. The advertisement platform system receives advertisements and a plurality of advertisement target pages, wherein each of the advertisements is associated with one of the advertisement target pages. Furthermore, the advertisement platform system computes a similarity metric between one of the advertisement target and a displayed page. The advertisement platform system selects one of the advertisements for display in the display page based on the computed similarity metric between one of the plurality of advertisement target that corresponds to the selected one of the advertisement and the display page. | 12-02-2010 |
20100306739 | FAST LATE BINDING OF OBJECT METHODS - An apparatus and a method for managing class properties in a computer program is described. Classes are declared. Each class is associated with a corresponding method with at least one class inheriting one or more method corresponding to one or more other classes. A table generator forms a table of methods and references associated with each class. The table is copied forward with each inheritance declaration. A reference to a method of a class is resolved by retrieving the table associated with a current instance's class and resolving from the table associated with the class corresponding to an object from which the method is referenced. | 12-02-2010 |
20100306742 | FAST LATE BINDING OF OBJECT PROPERTIES - An apparatus and a method for managing class properties in a computer program is described. Classes are declared. Each class is associated with a corresponding property with at least one class inheriting one or more property corresponding to one or more other classes. A table generator forms a table of property offsets associated with each class. The table is copied forward with each inheritance declaration. A reference to a property of a class is resolved by retrieving the table associated with a current instance's class and resolving from the table associated with the class corresponding to an object from which the property is referenced. | 12-02-2010 |
20100306751 | EXECUTION RESULT CACHING AND SEARCHING - An apparatus and a method for searching and caching results of pure functions in a computer program is described. The computer program is parsed to identify pure functions. A computed result of the identified pure functions is stored and shared with at least one process of the computer program. Each identified pure functions is replaced with the computed result of the corresponding pure function. | 12-02-2010 |
20100306766 | ADDING ASPECTS TO VIRTUAL MACHINE MONITORS - A software generated trap is received by a virtual machine monitor running on a computer system, wherein the software generated trap was caused by a process or a guest operating system of a virtual machine hosted by the computer system. The virtual machine monitor performs a service in response to receiving the software generated trap. | 12-02-2010 |
20110055391 | MULTIFACTOR VALIDATION OF REQUESTS TO THWART CROSS-SITE ATTACKS - An apparatus and a method for validating requests to thwart cross-site attacks is described. A user identifier token, a request identifier token, and a timestamp, are generated at a web application of a server. A Message Authentication Code (MAC) value is formed based on the user identifier token, the request identifier token, and the timestamp using a secret key of the web application. The form is sent with the MAC value and the time stamp to a client. A completed form comprising a returned MAC value and a returned timestamp is received from the client. The completed form is validated at the server based on the returned MAC value and the returned timestamp. | 03-03-2011 |
20110128167 | UNICODE-COMPATIBLE DICTIONARY COMPRESSION - A character data set is compressed with a compression algorithm module of a computer system to generate one or more streams of encoded values. A code point mapper assigns the encoded values to code points reserved for private use in a Unicode format. An encoder encodes the streams of assigned encoded values using a Unicode Transformation Format (UTF). A dictionary of the compression algorithm initially includes code points assigned by the Unicode format. New entries are successively assigned to private use code points. | 06-02-2011 |
20110128168 | UNICODE-COMPATIBLE ENTROPY CODING - A character data set is compressed with a compression algorithm module of a computer system to generate one or more streams of encoded values. The compression module is configured to compress the character data set with an entropy encoder to generate one or more streams of encoded values with UTF-8 or UTF-16. A code points mapper assigns the encoded values to code points in a Unicode format. A UTF encoder encodes the streams of assigned encoded values. | 06-02-2011 |
20110128169 | UNICODE-COMPATIBLE BASE-N RANGE CODING - A character data set is compressed with a compression algorithm module of a computer system to generate one or more streams of encoded values. The compression module is configured to compress the character data set with an base-n range encoder to generate one or more streams of encoded values with UTF-8 or UTF-16. A code points mapper assigns the encoded values to code points in a Unicode format. A UTF encoder encodes the streams of assigned encoded values. | 06-02-2011 |
20110129083 | UNICODE-COMPATIBLE ENCIPHERMENT - Unicode character data is received for transcoding. The Unicode character data is transcoded to an intermediate value. The intermediate value is enciphered. The enciphered intermediate value is transcoded back to Unicode-compatible character data. The transcoding includes assembling character values from the Unicode character data into one or more blocks and representing the assembled character values in a compact form. | 06-02-2011 |
20110129086 | Unicode-Compatible Stream Cipher - A process and system for enciphering and deciphering Unicode characters that is compatible with scripting languages such as JAVASCRIPT®, JSCRIPT® and VBSCRIPT®. The process and system can encipher each character individually and maintain the size of the character. The enciphered character is deciphered at the application layer at the client to provide endpoint security. | 06-02-2011 |
20110131415 | MULTIFACTOR USERNAME BASED AUTHENTICATION - A hashed value is computed from an encrypted password value and a displayed code value from a hardware token at a client. The encrypted password value is based on a username, a context identifier, and a password. The client provides the username and the hashed value to a server. The encrypted password value associated with the username is retrieved at the server. An expected hashed value is computed at the server. The client is validated based on a comparison of the hashed value and the expected hashed value. | 06-02-2011 |
20110131416 | MULTIFACTOR VALIDATION OF REQUESTS TO THW ART DYNAMIC CROSS-SITE ATTACKS - An apparatus and a method for validating requests to thwart cross-site attacks is described. A user identifier token, a request identifier token, and a timestamp, are generated at a web application of a server. A Message Authentication Code (MAC) value is formed based on the user identifier token, the request identifier token, and the timestamp using a secret key of the web application. Names of the form elements are enciphered. Fake form elements can also be added to the dynamic form. The entire page also can be enciphered. The dynamic form is sent with the MAC value and the time stamp to a client. A completed form comprising a returned MAC value and a returned timestamp is received from the client. The completed form is validated at the server based on the returned MAC value and the returned timestamp. | 06-02-2011 |
20110131635 | CLIENT-SIDE PREVENTION OF CROSS-SITE REQUEST FORGERIES - Cross-site request forgeries (“XSRF”) can be prevented using a client-side plugin on a client computer. The client computer accesses a content provided by a third party host via a network and generates a request to a web application as directed by the content. The client-side plugin determines whether the request is associated with suspicious activities based on the content, a source of the request and a list of approved hosts associated with the target host. In response to a determination that the request is associated with suspicious activities, the plugin removes authentication credentials from the request and sends the request to the web application. | 06-02-2011 |
20110295824 | SEARCH PREDICTION USING CONTEXT MODELING - A method and apparatus for predicting search queries for a user on a search-based system is described. A search engine tracks search queries from a user received at the search engine. A prediction engine compares a search query history from the user with search query histories from other users on the search engine. The search query histories are stored in a storage device of the search-based system. A prediction of a search query for the user is generated based on the comparison. Search query histories from other users having greater similarities with the search query history from the user have a greater computation weight than search query histories from other users with less similarities with the search query history from the user. | 12-01-2011 |
20110295869 | EFFICIENT STRING MATCHING STATE MACHINE - An apparatus and a method for searching one or more documents for several different strings is described. A finite state machine receives and processes one or more search strings with a tail-first search. A matching string machine forms states based on the characters in the search string with at least one state accepting a match. The states are annotated with a pattern that indicates what the state has matched and can match. Each position within the pattern is either a character that has been matched at that point or an indicator that it is unknown. | 12-01-2011 |
20120209957 | MOBILE BOOKMARKS - A method and apparatus for updating bookmarks is described. In one embodiment, a server has a bookmark database and a bookmark synchronizer. The bookmark synchronizer is configured to manage a remote bookmark list including sublists each associated with a corresponding one of multiple browsers. The bookmark synchronizer receives a client request, from one of the browsers, to synchronize a local bookmark list with the remote bookmark list, and collects the local bookmark list from the one web browser. The bookmark synchronizer compares the local bookmark list with the remote bookmark list, the bookmark synchronizer adds or deletes bookmarks from the local bookmark list or the associated sublist. | 08-16-2012 |
20140136848 | DISTRIBUTING KEYPAIRS BETWEEN NETWORK APPLIANCES, SERVERS, AND OTHER NETWORK ASSETS - A method and apparatus for providing an automated key distribution to enable communication between two networked devices. A monitoring device receives a request from a network device to send a certificate using a second secure connection prior to an expiration of a timeout period, wherein the second secure connection was created using a known port in response to determining that a request to create a first secure connection was rejected. The monitoring device sends the certificate to the network device using the second secure connection, and establishes the first secure connection with the network device in response to the network device receiving the public key of the monitoring device from a server system by using the certificate. | 05-15-2014 |
20150074077 | SEARCH PREDICTION USING CONTEXT MODELING - A search engine tracks search queries from a user received at the search engine to generate a search query history. A prediction engine compares the search query history from the user with search query histories from other users on the search engine. A predicted search query for the user that the user is predicted to use to perform a next search in relation to other possible searches is generated in view of the comparison. Search query histories of the other users with greater similarities to the search query history of the user have a greater computation weight in generating the predicted search query than the search query histories of the other users with fewer similarities to the search query history of the user. | 03-12-2015 |