Abstract: Systems and methods for monitoring a plurality of mailboxes by a plurality of computer nodes. The plurality of computer nodes comprises a first computer node and a second computer node. The first computer node is configured to detect an update to a database record associated with a message store; determine, in response to detecting the update to the database record, a second computer node in the plurality of computer nodes to monitor the message store, based at least in part on an attribute stored in the database record; and update the database record to store an identifier corresponding to the second computer node. The second computer node is configured to: detect the update to the database record by the first computer node based at least in part on the identifier; and configure a monitoring process for the message store based, at least in part, on the attribute stored in the database record.

Abstract: Methods and systems for managing access to a resource by one of a plurality of applications. The method comprises: storing, in a first storage area associated with a first application, a first credential for use in accessing the resource; receiving, at a second application, a message comprising data for determining that the first application stores a validated credential for accessing the resource; sending a request for the validated credential from the second application to the first application; receiving the first credential at the second application from the first application in response to the request sent; and storing the first credential in a second storage area associated with the second application; wherein the message received at the second application is received from a server system, remote from the plurality of applications, which maintains data indicating a subset of the plurality of applications which store respective validated credentials for accessing the resource.

Abstract: Systems and methods for monitoring a plurality of mailboxes by a plurality of computer nodes. The plurality of computer nodes comprises a first computer node and a second computer node. The first computer node is configured to detect an update to a database record associated with a message store; determine, in response to detecting the update to the database record, a second computer node in the plurality of computer nodes to monitor the message store, based at least in part on an attribute stored in the database record; and update the database record to store an identifier corresponding to the second computer node. The second computer node is configured to: detect the update to the database record by the first computer node based at least in part on the identifier; and configure a monitoring process for the message store based, at least in part, on the attribute stored in the database record.

Abstract: Methods and systems for managing access to a resource by one of a plurality of applications. The method comprises: storing, in a first storage area associated with a first application, a first credential for use in accessing the resource; receiving, at a second application, a message comprising data for determining that the first application stores a validated credential for accessing the resource; sending a request for the validated credential from the second application to the first application; receiving the first credential at the second application from the first application in response to the request sent; and storing the first credential in a second storage area associated with the second application; wherein the message received at the second application is received from a server system, remote from the plurality of applications, which maintains data indicating a subset of the plurality of applications which store respective validated credentials for accessing the resource.

Abstract: Systems and techniques to provide distributed document version control. In general, in one implementation, the technique includes: receiving information, in a distributed document control system, specifying a locally saved copy of a first electronic document; determining, in response to the received information, whether the first electronic document should supersede a second electronic document in the distributed document control system; and storing, based on an outcome of the determining, information in the distributed document control system that links the first electronic document with the second electronic document in a superior-subordinate relationship such that when an action is requested with respect to the second, subordinate electronic document, the distributed document control system forces an action to be taken with respect to the first, superior electronic document. Various implementations include those in computer program products and client-server systems.

Abstract: Method and apparatus are provided wherein, in one example embodiment, an authentication scheme may be defined as part of a digital rights management policy. Authentication rules are defined for a unit of digital content whose location can be anywhere. Further, the digital rights management system may support many authentication schemes while permitted schemes can be fine tuned for individual policies and therefore for individual units of digital content. According to other example embodiments, one or more preferred authentication schemes can be added to a rights management policy. They can be either requested or required for authentication. In addition, in other example embodiments, the reader application may be informed of specific authentication schemes being demanded for a document. If none of the authentication schemes are available then the user can be informed without attempting to authenticate unsuccessfully.

Abstract: Method and apparatus are described wherein, in one example embodiment, there is provided one or more policy templates that may define a set of policy permissions or other attributes that may be desirable to specify in a policy. One or more policy templates may be specified in a user interface of a policy creation and maintenance program that may run on the policy server and/or run on a workstation computer. Each policy template specified by a user may include permissions for how a user may access and use a document. The maintenance program may, in one embodiment, associate both templates to a policy used for a specific unit of digital content, or, for example, an electronic document. The permissions for the policy are determined by aggregating the permissions associated with each respective templates chosen by the user. According to another example embodiment, a user selects a policy template and defines one or more additional permissions to form an augmented policy.

Abstract: Systems and techniques to provide distributed document version control. In general, in one implementation, the technique includes: receiving information, in a distributed document control system, specifying a locally saved copy of a first electronic document; determining, in response to the received information, whether the first electronic document should supersede a second electronic document in the distributed document control system; and storing, based on an outcome of the determining, information in the distributed document control system that links the first electronic document with the second electronic document in a superior-subordinate relationship such that when an action is requested with respect to the second, subordinate electronic document, the distributed document control system forces an action to be taken with respect to the first, superior electronic document. Various implementations include those in computer program products and client-server systems.

Abstract: Method and apparatus are described wherein, in one example embodiment, there is provided one or more policy templates that may define a set of policy permissions or other attributes that may be desirable to specify in a policy. One or more policy templates may be specified in a user interface of a policy creation and maintenance program that may run on the policy server and/or run on a workstation computer. Each policy template specified by a user may include permissions for how a user may access and use a document. The maintenance program may, in one embodiment, associate both templates to a policy used for a specific unit of digital content, or, for example, an electronic document. The permissions for the policy are determined by aggregating the permissions associated with each respective templates chosen by the user. According to another example embodiment, a user selects a policy template and defines one or more additional permissions to form an augmented policy.

Abstract: Method and apparatus are described wherein, in one example embodiment, there is provided one or more policy templates that may define a set of policy permissions or other attributes that may be desirable to specify in a policy. One or more policy templates may be specified in a user interface of a policy creation and maintenance program that may run oh the policy server and/or run on a workstation computer. Each policy template specified by a user may include permissions for how a user may access and use a document. The maintenance program may, in one embodiment, associate both templates to a policy used for a specific unit of digital content, or, for example, an electronic document. The permissions for the policy are determined by aggregating the permissions associated with each respective templates chosen by the user. According to another example embodiment, a user selects a policy template and defines one or more additional permissions to form an augmented policy.

Abstract: Method and apparatus are described wherein, in one example embodiment, there is provided one or more policy templates that may define a set of policy permissions or other attributes that may be desirable to specify in a policy. One or more policy templates may be specified in a user interface of a policy creation and maintenance program that may run oh the policy server and/or run on a workstation computer. Each policy template specified by a user may include permissions for how a user may access and use a document. The maintenance program may, in one embodiment, associate both templates to a policy used for a specific unit of digital content, or, for example, an electronic document. The permissions for the policy are determined by aggregating the permissions associated with each respective templates chosen by the user. According to another example embodiment, a user selects a policy template and defines one or more additional permissions to form an augmented policy.

Abstract: One embodiment of the present invention provides a method for authenticating an identity of a user in order to secure access to a host system. In this embodiment, the host system receives an identifier for the user from a client system. This identifier is used to retrieve a template containing biometric data associated with the user, and this template is returned to the client. The client then gathers a biometric sample from the user, and compares this biometric sample with the template to produce a comparison result. Next, the client computes a message digest using the template, the comparison result and an encryption key, and sends the message digest to the host system. This computation takes places within a secure hardware module within the client computing system that contains a secure encryption key in order to guard against malicious users on the client system.