Abstract: A method, system, apparatus, or computer program product is presented for morphing a honeypot system on a dynamic and configurable basis. The morphing honeypot emulates a variety of services while falsely presenting information about potential vulnerabilities within the system that supports the honeypot. The morphing honeypot has the ability to dynamically change its personality or displayed characteristics using a variety of algorithms and a database of known operating system and service vulnerabilities. The morphing honeypot's personality can be changed on a timed or scheduled basis, on the basis of activity that is generated by the presented honeypot personality, or on some other basis.

Abstract: A method, computer program product, and apparatus for presenting data about security-related events that puts the data into a concise form is disclosed. Events are abstracted into a set data-type. Sets with common elements are grouped together, and summaries of the groups—“situations”—are presented to a user or administrator.

Abstract: A system and method for developing network policy document and assuring up-to-date monitoring and automated refinement and classification of the network policy. The system administrator defines an initial policy document that is provided as the initial symbolic classifier. The classification rules remain in human readable form throughout the process. Network system data is fed through the classifier, which labels the data according to whether a policy constraint is violated. The labels are tagged to the data. The user then reviews the labels to determine whether the classification is satisfactory. If the classification of the data is satisfactory, the label is unaltered; However, if the classification is not satisfactory, the data is re-labeled. The re-labeled data is then introduced into a refinement algorithm, which determines what policy must be modified to correct classification of network events in accordance with the re-labeling.

Abstract: A method and system for handling a malicious intrusion to a machine in a networked group of computers. The malicious intrusion is an unauthorized access to the machine, such as a server in a server farm. When the intrusion is detected, the machine is isolated from the rest of the server farm, and the machine is reprovisioned as a decoy system having access to only data that is ersatz or at least non-sensitive. If the intrusion is determined to be non-malicious, then the machine is functionally reconnected to the server farm, and the machine is reprovisioned to a state held before the reprovisioning of the machine as a decoy machine.

Abstract: A method simplified drag and drop operations of display icons. This method calculates a projected path for an icon based on the past movement of the icon. The method highlights the “best fit” target icon as the mouse pointer moves across the screen. As the mouse pointer moves, or changes direction, the “best fit” target icon can change, with the current best-fit icon being highlighted. In addition to highlighting the target icon, a line or arrow from the mouse pointer to the target icon is maintained. The line presents the predicted path in a very noticeable, visual way. As the best-fit target icon changes, the line is re-drawn to point to the current best-fit icon. Regardless of how the target icon is visually indicated, releasing the mouse button will cause the drop operation to be completed “into” target. Completion of the drop could be instantaneous, or could be rendered with animation of some sort to indicate moving from the source to the target.

Abstract: Illustrative embodiments provide a computer implemented method, apparatus, and computer program product for more effectively managing multiple call situations using voice over internet protocol. In one illustrative embodiment, the computer implemented method comprising, responsive to receiving a request to monitor a call from among multiple simultaneous calls using voice over internet protocol, creating a set of trigger criteria for the call and monitoring the call for the set of trigger criteria. Responsive to one of the set of trigger criteria having been met, identifying a triggered criteria and selectively invoking a rule with respect to the triggered criteria to produce a result, and notifying a requester of the result.

Abstract: A computer implemented method, apparatus, and computer usable program product for implementing wildcard patterns for a spellchecking operation. The process parses a set of words of a document using a dictionary of wildcard patterns to identify a set of wildcard strings in response to receiving a request to perform a spellchecking operation on the document. Thereafter, the process generates a visual cue identifying a subset of words as potentially misspelled, wherein the subset of words comprises words from the set of words that are absent from the set of wildcard strings.

Abstract: A computer implemented method, data processing system, and a computer program product are provided for resolving uniform resource locator addresses. A first uniform resource locator address is input from a user. The first uniform resource locator address is identified within a database list of uniform resource locator addresses. Each of the list of uniform resource locator addresses corresponds to a second uniform resource locator address contained in the database. Responsive to identifying the first uniform resource locator address with the list of uniform resource locator addresses, information for the corresponding second uniform resource locator address is displayed.

Abstract: A computer implemented method, apparatus, and computer program product for transferring a file item. The process selects a file item in response to receiving a first input command. The process selects a file item in response to receiving a first input command. The process then identifies a file path name from a hierarchical file path to form a selected file path name. The file path name is identified by detecting a pointer passing over the file path name. In response to receiving a second input command, the process transfers the file item to a storage location associated with the selected file path name.

Abstract: A method, system, apparatus, or computer program product is presented for morphing a honeypot system on a dynamic and configurable basis. The morphing honeypot emulates a variety of services while falsely presenting information about potential vulnerabilities within the system that supports the honeypot. The morphing honeypot has the ability to dynamically change its personality or displayed characteristics using a variety of algorithms and a database of known operating system and service vulnerabilities. The morphing honeypot's personality can be changed on a timed or scheduled basis, on the basis of activity that is generated by the presented honeypot personality, or on some other basis. The morphing honeypot can also be integrated with intrusion detection systems and other types of computer security incident recognition systems to correlate its personality with detected nefarious activities.

Abstract: A method for providing access control to a single sign-on computer network is disclosed. A user is assigned to multiple groups within a computer network. In response to an access request by the user, the computer network determines a group pass count based on a user profile of the user. The group pass count is a number of groups in which the access request meets all their access requirements. The computer network grants the access request if the group pass count is greater than a predetermined high group pass threshold value.

Abstract: A method, system, apparatus, or computer program product is presented for morphing a honeypot system on a dynamic and configurable basis. The morphing honeypot emulates a variety of services while falsely presenting information about potential vulnerabilities within the system that supports the honeypot. The morphing honeypot has the ability to dynamically change its personality or displayed characteristics using a variety of algorithms and a database of known operating system and service vulnerabilities. The morphing honeypot's personality can be changed on a timed or scheduled basis, on the basis of activity that is generated by the presented honeypot personality, or on some other basis. The morphing honeypot can also be integrated with intrusion detection systems and other types of computer security incident recognition systems to correlate its personality with detected nefarious activities.

Abstract: A method for providing access control to a single sign-on computer network is disclosed. A user is assigned to multiple groups within a computer network. In response to an access request by the user, the computer network determines a group pass count based on a user profile of the user. The group pass count is a number of groups in which the access request meets all their access requirements. The computer network grants the access request if the group pass count is greater than a predetermined high group pass threshold value.

Abstract: A method, system, apparatus, or computer program product is presented for morphing a honeypot system on a dynamic and configurable basis. The morphing honeypot emulates a variety of services while falsely presenting information about potential vulnerabilities within the system that supports the honeypot. The morphing honeypot has the ability to dynamically change its personality or displayed characteristics using a variety of algorithms and a database of known operating system and service vulnerabilities. The morphing honeypot's personality can be changed on a timed or scheduled basis, on the basis of activity that is generated by the presented honeypot personality, or on some other basis.

Abstract: An valve prosthesis, such as an artificial venous valve, having a support frame and leaf structure comprising one or more leaflets in which the outer edge of each leaflet engages the inner circumference of the bodily passageway along a serpentine path urged against the passageway by an expandable frame, while the inner edges move in response to fluid to restrict retrograde flow. Optionally, one or more elements can extend from the support frame/leaf structure to provide centering support and/or protection from the leaflet adhering to the vessel wall. In one embodiment, the centering support structure comprises a second or third expandable frames attached to and extending from the proximal and/or distal ends of main valve structure and support frame. In another embodiment, one or more support elements extend outward from the valve support frame to engage the vessel wall to provide greater longitudinal stability.

Abstract: An apparatus and method for authenticating users on a data processing system is implemented. The present invention provides for aggregating authenticated identities and related authorization information. A security context created in response to a first user logon is saved in response to a second logon. A composite or aggregate security context is created based on the identity passed in the second logon. Access may then be granted (or denied) based on the current, aggregated security context. Upon logout of the user based on the second identity, the aggregate security context is destroyed, and the security context reverts to the context previously saved.

Abstract: Disclosed are handheld or portable apparatus subject matters and associated methodologies for providing local communications to metrology devices within an Advanced Metering System (AMS). The metrology devices may be associated with AC supplied device that are configured with mailboxes for associated battery powered devices or with other home or customer premises area network devices. Battery powered metrology devices may include such as water, gas, and oil meters collocated with electricity meters. Communications between the handheld or portable device may be by way of direct wired or radio frequency connections for providing communications and diagnostic services for home area network coupled components in an Advanced Metering System.

Abstract: Disclosed are methodology and corresponding apparatus subject matters for providing improved efficiency in the collection of data from a large number of metrology devices associated with an Automated Meter reading (AMR) network. AMR network operation produces randomly spaced transmissions from individual nodes in the network. When an AMR system wishes to retrieve data from a large number of points over an AMR network, a broadcast or multicast request is transmitted to appropriate nodes. A time window is defined either in such request or in the devices themselves such that start and end offsets from the time of the request are received by the node. The start offset provides a quiet period to insure request delivery to all the appropriate nodes. The end offset provides a time by which the requested data must be returned. Responses are sent randomly within the window established by the start and stop offset times.

Abstract: An event handler is provided that associates events from heterogeneous data sources. In a first phase, incoming events are translated to vectors of event attributes. Based on the data source, implicit information about the event and its attributes may be available. This information is used to normalize the information provided by the event. Normalization actions may include renaming the attributes, deriving new attributes from given attributes, and transforming attribute value ranges. In a second phase, a determination is made as to whether two or more events are considered to be associated based on the vectors. Different vectors of core attributes may be created in order to create associations with different semantics.

Abstract: An expandable venous valve having a support structure that configured to enlarge the area adjacent to the valve structure such that the flow patterns of retrograde flow are modified in a way that facilitates the flushing of the pockets at the base of the valve area to prevent stagnation of bodily fluid, which in the venous system, can lead to thrombus formation. The enlarged pocket areas can be created by forming an artificial sinus adjacent the valve structure in an unsupported section of vessel wall between two support frame section or the support frame can comprise an expanded-diameter intermediate or proximal section that forms an artificial sinus adjacent the valve structure.