Abstract: When a computer system process is acting contrary to the rules established for that process for the resource it is running on, the process is moved to a quarantined section and its continued operation is isolated from other processes. While in isolation, the quarantined process is tested and appropriate action, such as, for example, rehabilitation, change of the rules, or termination, is performed. The divided quarantined sections are used for each misbehaving process.

Abstract: A computer system and method responds to a compromise of a first computer node by automatically hardening one or more uncompromised nodes of the system.

Abstract: An embodiment of the invention provides an apparatus and method for automatic detection of a vulnerability exploit. The apparatus and method are configured to post a security vulnerability warning indicating a vulnerability of software; provide an exploit detector; and use the exploit detector to detect an attempted exploit that targets the vulnerability.

Abstract: To control update of content in a programmable read-only memory in a system, the security status associated with the system is determined, where the security status is one of a secure mode and non-secure mode. In response to detecting that the system is in secure mode, a write to the programmable read-only memory is enabled. In response to detecting that the system is in non-secure mode, a write to the programmable read-only memory is disabled.

Abstract: A tamper-evident data management system uses public-private digital signature keys to control use of data and to ensure the fidelity of data that is stored on a customer's system for later collection by a computer vendor or that is sent to the vendor over a network. A computer system includes an application for collecting usage or metrics data from the computer system, for example. The metering application uses an application private key to digitally sign all metrics data prior to optionally storing the data in a data log file. The vendor can then use an application public key to validate the digitally signed entries. The digitally signed data entries may also be encrypted using a vendor public key prior to storage in the data log and may be decrypted using a vendor private key prior to validating the digitally signed data. The application and application private key may be stored on a smart card to discourage and detect tampering or may be stored on the computer system itself.

Abstract: The present invention provides a computer system with a chronology generator for generating a chronology for a series of computer configurations.

Abstract: An embodiment of the invention provides an apparatus and method for automatic detection of a vulnerability exploit. The apparatus and method are configured to post a security vulnerability warning indicating a vulnerability of software; provide an exploit detector; and use the exploit detector to detect an attempted exploit that targets the vulnerability.

Abstract: A virtual machine (VM) is created using an alternate root disk (DRD) that has complete isolation between the booted system environment (BSE) running on the host operating system and the BSE running on the VM's operating system. The VM's root disk and BSE are separately bootable from the host system's root disk and BSE, thereby allowing for updates and modifications to the VM's root disk and BSE without interference with the host system's root disk and BSE regardless of how many times the updating BSE must be rebooted during the updating procedure. At most a single reboot is required in order to transfer the work in progress from the VM to the host system.

Abstract: A system comprising a first subsystem adapted to provide a service by executing a first code stored on the first subsystem. The system further comprises a second subsystem, communicably coupled to the first subsystem, on which a second code associated with the first code is stored. The second subsystem produces modified code by applying status files associated with the first code to the second code. The second subsystem provides the service in lieu of the first subsystem by executing the modified code.

Abstract: In accord with a first computer-implemented method, 1) a plurality of duress codes are assigned to a number of users; 2) different response policies are configured for different ones of the duress codes; and 3) access to the response policies is provided via an interface of a policy engine. The response policies are retrieved, via the interface, as users enter ones of the duress codes into ones of a number of computer systems. Other embodiments are also disclosed.

Abstract: A tamper-evident data management system uses public-private digital signature keys to control use of data and to ensure the fidelity of data that is stored on a customer's system for later collection by a computer vendor or that is sent to the vendor over a network. A computer system includes an application for collecting usage or metrics data from the computer system, for example. The metering application uses an application private key to digitally sign all metrics data prior to optionally storing the data in a data log file. The vendor can then use an application public key to validate the digitally signed entries. The digitally signed data entries may also be encrypted using a vendor public key prior to storage in the data log and may be decrypted using a vendor private key prior to validating the digitally signed data. The application and application private key may be stored on a smart card to discourage and detect tampering or may be stored on the computer system itself.

Abstract: A system that automatically detects logical errors when compiling a program. The system detects such logical errors as calling a virtual function of a class passed into a function by value; virtual functions called from constructors or destructors; multiple definitions of classes, enums, or typedefs; multiple declarations of an object; mixing standard C I/O routines with C++ routines; a member function or data of a class hiding inherited member function or data; problems with the order of dynamic initialization; or failing to initialize non-static and non-class data members. The system also will suggest the use of the contact attribute for a member function that does not modify data members and suggest the use of const for parameters of functions when the parameter is not modified.

Abstract: A task manager for providing personal organization, project management, and process automation capabilities. The task manager maintains a hierarchical list of tasks for an individual. For each task, notes can be kept, priorities set, and progress tracked. Also, subsets of the task hierarchy can be shared. Every task in the task manager belongs to a class, and each class includes pre-defined automatic actions and manual actions. The pre-defined automatic actions are automatically executed by the task manager when the task is being worked on. The manual actions aid in task execution because the relevant operations (that is, the manual actions) are available when the task is being worked on. The task manager communicates with agents, tools, and process engines via a message system. The agents, tools, and process engine may receive task information from the task manager and may also remotely control the task manager.