Patent application number | Description | Published |
20090300028 | DEVICE AND METHOD FOR MANAGING DIGITAL SIGNAGE SYSTEMS - A method is provided for managing information during a pre-determined period of time at a plurality of remote display surfaces, based on criteria established at a central terminal, wherein the method comprises: i) providing a pre-determined period of time; ii) providing at least two digital signage objects; iii) determining at least one properties' sub set which comprises a plurality of attributes for each of the digital signage objects provided; iv) determining the value of attributes included in the at least one properties' sub set for the duration of the pre-determined period of time; v) establishing at least one identity group comprising digital signage objects each of which is identical in its properties during the respective pre-determined period of time, to the other digital signage objects belonging to a respective identity group; and vi) applying the at least one identity group for managing information at the plurality of remote channels. | 12-03-2009 |
20100066905 | SYSTEM, METHOD AND DEVICE FOR DISPLAYING VIDEO SIGNALS - A video displaying system is provided which comprises: display means for displaying an output that is comprised of a plurality of displaying zones, means for providing information conveying tracks and for utilizing information conveyed along these tracks for creating the displayed output, and means operative to synchronize the information conveying tracks. Each of the information conveying tracks of the video displaying system is associated with at least one displaying zone and at least one of the information conveying tracks is associated with at least two displaying zones. | 03-18-2010 |
20100306673 | METHOD AND DEVICE FOR ACCESSING DATA IN SIGNAGE SYSTEMS - A method is provided for displaying information at remote terminals, based on criteria established at a central terminal. At the central terminal, a set of rules is selected out of a plurality of pre-defined sets of rules for displaying the information at the respective remote terminal, and based on the selected set of rules, a virtual tokens is created, which is then forwarded to the respective remote terminal. The token is received at the remote terminal, and the identification of the corresponding set of rules is derived. Based on the identified set(s) of rules, one or more corresponding software modules operative to retrieve information originated at additional source(s) is uploaded for use at the respective remote terminal. Next, a display of information that comprises information retrieved by using the corresponding software modules is generated and presented at the remote terminal. | 12-02-2010 |
20140157346 | METHODS, DEVICES AND SYSTEMS FOR PEER-TO-PEER VIDEO CONTENT DISTRIBUTION - Methods, apparatuses, and devices for distributing video content in a peer-to-peer network. A video content source outputs video content to a first display device of a plurality of display devices. Each of the plurality of display devices is configured to automatically detect and download video content from one or more others of the plurality of display devices. | 06-05-2014 |
Patent application number | Description | Published |
20090271453 | Network Intrusion Blocking Security Overlay - A database security overlay that identifies each network and local access gateway to a database, and monitors each access path from the identified gateways to analyze each connection to the database and block any connections determined to transport unauthorized or undesirable content. Access gateways that establish connections are identifiable by interprocess communication (IPC) mechanisms employed in accessing the database. An evaluator monitors access attempts, while a tapping mechanism on IPC mechanisms that provide the connections captures access attempts from the access gateways. The tapping mechanism intercepts and forwards access attempts to the evaluator to centralize and focus DB paths amid multiple local and external connections on the DB server. A lightweight check for each local access quickly determines if the access attempt warrants further scrutiny. | 10-29-2009 |
20100131512 | System and methods for selective local database access restriction - A nonintrusive database access monitoring mechanism employs a hybrid approach that disallows, or blocks, the access mediums which are not feasible to intercept or analyze, as well as intercepting and analyzing access mediums for which interception and interrogation is available. Accordingly, various configurations provide the hybrid coverage approach to identifying access mediums, and either block or intercept the access attempts. In this manner, access mediums, such as interprocess communication (IPC) system calls, which may be efficiently intercepted and analyzed are captured and substantively processed, while other access mediums that are excessively burdensome or intrusive to capture are unselectively blocked from any communication, avoiding the need to analyze such access attempts. | 05-27-2010 |
20100131758 | Nondesctructive interception of secure data in transit - In a data level security environment, the data level security mechanism operates on plaintext data. Data level security operations identify a point in the information stream where plaintext data is available for interception. Typically this is a point in the processing stream just after the native DBMS decryption functionality has been invoked. A database monitor intercepts and scrutinizes data in transit between an application and a database by identifying a transition point between the encrypted and plaintext data where the cryptographic operations are invoked, and transfers control of the data in transit to a database monitor application subsequent to the availability of the data in plaintext form. | 05-27-2010 |
20100132024 | Identifying attribute propagation for multi-tier processing - A multi-tier attribute tracking mechanism provides the ability to identify the end user credentials and other client information and attributes and assign them to database requests in an application server architecture. Disclosed configurations identify the processing unit, or thread, assigned by the operating system to service the incoming request from the user at the application tier. A matching of users to threads allows successive thread activity to be mapped back to the initiating user. Conventional interception of database access attempts at the application level (so called “server taps,” or staps) identified only the database user (the account in the database) and associated connection as the responsible user. By intercepting, or “tapping” the access request at the operating system level (using so-called kernel taps, or “ktaps”), the mechanism matches which application requests map to which database requests. With this matching, the database requests can be tagged with the user credentials which are known through the application request. | 05-27-2010 |
20110313981 | Data Privacy, Redaction and Integrity for Relational Databases - A method, a data processing system, and a computer program product for protecting data in a database. A query to a database in a data processing system is received by a security mechanism in the data processing system that is external of the database. The query is converted to a modified query according to a security policy. The modified query is sent to the database, and a response to the modified query is returned. | 12-22-2011 |
20120150880 | Identity Propagation through Application Layers Using Contextual Mapping and Planted Values - Mechanisms are provided for propagating source identification information from an application front-end system in an application layer to a data layer inspection system associated with a back-end system. An incoming user request is received, at the data layer inspection system, from a gateway system associated with the application front-end system. One or more outgoing statements targeting a back-end system are received at the data layer inspection system. The data layer inspection system accesses a mapping data structure based on the one or more outgoing statements to thereby correlate the one or more outgoing statements with the incoming user request. The data layer inspection system retrieves source identification information associated with the incoming user request based on the correlation of the one or more outgoing statements with the incoming user request. The data layer inspection system performs a data layer inspection operation based on the source identification information. | 06-14-2012 |
20130151542 | Identity Propagation through Application Layers Using Contextual Mapping and Planted Values - Mechanisms are provided for propagating source identification information from an application front-end system in an application layer to a data layer inspection system associated with a back-end system. An incoming user request is received, at the data layer inspection system, from a gateway system associated with the application front-end system. One or more outgoing statements targeting a back-end system are received at the data layer inspection system. The data layer inspection system accesses a mapping data structure based on the one or more outgoing statements to thereby correlate the one or more outgoing statements with the incoming user request. The data layer inspection system retrieves source identification information associated with the incoming user request based on the correlation of the one or more outgoing statements with the incoming user request. The data layer inspection system performs a data layer inspection operation based on the source identification information. | 06-13-2013 |
20130212689 | MANAGING NETWORK DATA - A method, system or computer usable program product for masking communication data using context based rules including intercepting a communication between a server and a client by an intermediary, the communication having a recipient, parsing the communication by the intermediary to determine whether a context based alteration rule should be applied, responsive to an affirmative determination, applying the rule to the communication to produce an altered communication with altered data, and sending the altered communication to the recipient so that the altered data in the communication is utilized in a masked manner. | 08-15-2013 |
20140222842 | Identity Propagation through Application Layers Using Contextual Mapping and Planted Values - Mechanisms are provided for propagating source identification information from an application front-end system in an application layer to a data layer inspection system associated with a back-end system. An incoming user request is received, at the data layer inspection system, from a gateway system associated with the application front-end system. One or more outgoing statements targeting a back-end system are received at the data layer inspection system. The data layer inspection system accesses a mapping data structure based on the one or more outgoing statements to thereby correlate the one or more outgoing statements with the incoming user request. The data layer inspection system retrieves source identification information associated with the incoming user request based on the correlation of the one or more outgoing statements with the incoming user request. The data layer inspection system performs a data layer inspection operation based on the source identification information. | 08-07-2014 |
20140283115 | METHOD AND SYSTEM FOR MONITORING ACCESS ATTEMPTS OF SHARED MEMORY OF DATABASES - An approach for auditing database access attempts within a computer system. In one implementation, the computer system provides a target server for directing client requests for database access to the target server. In another implementation, the computer system provides a plurality of filtering agents which intercept the client requests and each filtering agent forwards a respective set of client requests which match a respective filter profile to a processing entity. | 09-18-2014 |
Patent application number | Description | Published |
20140053227 | System and Method for Secure Synchronization of Data Across Multiple Computing Devices - A computer implemented method and apparatus comprises detecting a file content update on a first client computer system, the file to be synchronized on a plurality of different types of client computer systems in a plurality of formats. The method further comprises associating a security policy with the file, wherein the security policy includes restrictions to limit one or more actions that can be performed with the file, and synchronizing the file to a second client computing system while applying the security policy to provide controls for enforcement of the restrictions at the second client computer system. | 02-20-2014 |
20150180905 | SYSTEM AND METHOD FOR SECURE SYNCHRONIZATION OF DATA ACROSS MULTIPLE COMPUTING DEVICES - A computer implemented method and apparatus comprises detecting a file content update on a first client computer system, the file to be synchronized on a plurality of different types of client computer systems in a plurality of formats. The method further comprises associating a security policy with the file, wherein the security policy includes restrictions to limit one or more actions that can be performed with the file, and synchronizing the file to a second client computing system while applying the security policy to provide controls for enforcement of the restrictions at the second client computer system. | 06-25-2015 |
20150180938 | SYSTEM AND METHOD FOR SECURE SYNCHRONIZATION OF DATA ACROSS MULTIPLE COMPUTING DEVICES - A computer implemented method and apparatus comprises detecting a file content update on a first client computer system, the file to be synchronized on a plurality of different types of client computer systems in a plurality of formats. The method further comprises associating a security policy with the file, wherein the security policy includes restrictions to limit one or more actions that can be performed with the file, and synchronizing the file to a second client computing system while applying the security policy to provide controls for enforcement of the restrictions at the second client computer system. | 06-25-2015 |