Abstract: A method, computer readable medium and computer system for repairing a failed network connection between a client system and a network is disclosed. In a first aspect, the method preferably includes collecting real time connectivity information by the client system and utilizing the real time connectivity information by the client system to establish a connection with the network. In a second aspect, a computer system coupled to a network includes at least one network adapter for monitoring and collecting real time connectivity information from the network, memory for storing the real time connectivity information, and a processor coupled to the memory and to the at least one network adapter, where the processor is configured to execute program instructions for utilizing the real time connectivity information to repair a failed network connection between the computer system and the network.

Abstract: A method for performing a domain logon to a computer network is disclosed. A secure storage area containing user identification information and domain password information corresponding to the user identification information is provided. In response to a receipt of a user-entered user identification and a user-entered domain password by a first module of a Windows® operating system, the domain password information stored in the secure storage area and the corresponding user identification information are written to a registry of the Windows® operating system. Authentication for domain logon is then performed by a second module of the Windows® operating system based on the received domain password and the domain password information written to the registry of the Windows® operating system. After the authentication, the domain password information is subsequently removed by the first module of the Windows® operating system from the registry of the Windows® operating system.

Abstract: Methods, apparatus and program products which monitor wireless access points (12, 16) through which data can be exchanged with a network (10), identify an unauthorized access point (16), and respond to monitored data flow in a variety of manners including determining the location of the identified unauthorized access point, establishing filtering, and controlling accounting for access services.

Abstract: Method and apparatus for enabling applications on security processors of computer systems. In one aspect, a security processor apparatus includes a processor and a memory coupled to the processor and operative to store a secure table. The secure table stores different certified endorsement keys and different values, each value associated with one of the endorsement keys. Each stored value is derived from a different application that is certified by the associated endorsement key to be executed on the processor.

Abstract: A method for providing a secure single sign-on to a computer system is disclosed. Pre-boot passwords are initially stored in a secure storage area of a smart card. The operating system password, which has been encrypted to a blob, is stored in a non-secure area of the smart card. After the smart card has been inserted in a computer system, a user is prompted for a Personal Identification Number (PIN) of the smart card. In response to a correct smart card PIN entry, the blob stored in the non-secure storage area of the smart card is decrypted to provide the operating system password, and the operating system password along with the pre-boot passwords stored in the secure storage area of the smart card are then utilized to log on to the computer system.

Abstract: Data exchanged between memory components is protected against possible misuse and breach of security by providing for encryption of data swapped out to another location such as a disk drive.

Abstract: A method for protecting Security Accounts Manager (SAM) files within a Windows® operating system is disclosed. A SAM file encryption key is generated by encrypting a SAM file via a syskey utility provided within the Windows® operating system. The SAM file encryption key is then stored in a virtual floppy disk by selecting an option to store SAM file encryption key to a floppy disk under the syskey utility. A blob is generated by performing a Trusted Platform Module (TPM) Seal command against the SAM file encryption key along with a value stored in a Performance Control Register and a TPM Storage Root Key. The blob is stored in a non-volatile storage area of a computer.

Abstract: A method for managing shared passwords on a multi-user computer system is disclosed. A set of shared passwords and an administrator internal key are initially generated. After the receipt of an administrator external key, the administrator internal key is encrypted with the administrator external key. For each user level within the computer system, an internal key is generated by hashing the administrator internal key. For each user level within the computer system, each of the shared passwords encrypted with a respective one of the internal keys. The internal keys and the encrypted shared passwords are then stored in a non-volatile storage device.

Abstract: A method for repairing a failed network connection between a client system and a network is disclosed. In a first aspect, the method preferably includes collecting real time connectivity information by the client system and utilizing the real time connectivity information by the client system to establish a connection with the network.

Abstract: The present invention is a method and system for providing a tamper alarm for a computer system. The method includes detecting tampering of the computer system, and transmitting electromagnetic field signals from a device concerning the tampering. In the preferred embodiment, the electromagnetic field signals are transmitted through patterns on a monitor or a video card which transmits a computer system identity information. The electromagnetic field signal of the present invention functions as a tamper alarm. When a receiver hears the alarm, the administrator of the computer system may act accordingly. The tamper evidence alarm may be transmitted in a manner which does not require the disabling of the computer system, thus increasing the ease of its use over conventional methods. Because the computer system is not disabled, a password is not required in order to regain access to the computer system.

Abstract: The present invention provides a method and system for securing a computer. The method includes providing a zone of authorized operation for the computer; determining if a possessor of the computer is authorized to have possession when the computer and the possessor leaves the zone of authorized operation and pass through a portal; and allowing continued access to the computer without requiring a password if the possessor is authorized. The method and system is transparent to the possessor and provides no advantage in hiding the computer from the portal. This method and system may be easily applied in a corporate environment and is particularly apt for securing mobile computer systems.

Abstract: A compact media drive for use in personal computers has a media support and detector arm structure that ejects to extend external of the drive case at the insertion slot to receive corners of a unit of media during data operations. The arm(s) retract within the drive case or system case when no media is received. This allows a drive case to be proportioned with a drive hub for the media adjacent to the insertion slot to reduce the dimension there between from that for normal full disk insertion. The arm structure permits the drive to collect state information at the rear disk corners necessary to avoid incorrect data operations while a significant portion of the disk remains outside the insertion slot.

Abstract: A method and system is provided for improved electronic voting. The system optionally allows paper type ballots to be utilized. A plurality of cryptographic routines are utilized in a distributed data processing system to maximize the privacy of both the voter's identity and the content of completed ballots. An authentication server is utilized to interact with a voter to issue electronic ballots and receive completed electronic ballots in a manner which determines the authenticity of the identification of the voter, while maintaining the content of the completed ballot confidential. The distributed data processing system further includes a results server which tabulates the content of completed ballots in a manner which maintains the identity of the voters associated with the particular ballots confidential.

Abstract: A method for causing an open circuit in an electrical conductor is provided, including the steps of: conducting a direct current through the conductor; and applying heat at a selected location on the conductor whereat it is desired to cause the open circuit of the conductor.