Abstract: A method includes stalling a call to a critical operating system (OS) function and determining whether branch trace records of the call include a return instruction. Upon a determination that the branch trace records of the call do include a return instruction, the method further includes taking protective action to protect a computer system.

Abstract: A method includes randomly mutating a virus definition file on a first host computer system to create a first mutated virus definition file, and randomly mutating the virus definition file on a second host computer system to create a second mutated virus definition file, the second mutated virus definition file being different than the first mutated virus definition file. Because of the differences between the first and second mutated virus definition files, a new unknown virus variant undetected on the first host computer system is detected and collected on the second host computer system thus preventing the unknown virus variant from becoming widespread.

Abstract: A method includes determining whether the exception handling frames on the stack are uncorrupt prior to execution of an exception handler dispatcher. Upon a determination that the exception handling frames on the stack are uncorrupt, the method further includes allowing the execution of the exception handler dispatcher to proceed. Conversely, upon a determination that the exception handling frames on the stack are corrupt, protective action is taken to prevent the malicious code on the host computer system from exploiting and/or damaging the host computer system.

Abstract: Access to external service providers is provided through portlets, where each portlet accessible by a user is represented on the display of the user device. Through use of a dynamic content channel, e.g., a portlet, a highly customizable content page may be produced for any individual client system. When a portlet is selected on a user device, the content associated with the portlet is retrieved and automatically transformed into data that can be displayed by that user device. Thus, a particular user device is not limited to accessing content in a format identical to that associated with the user interface in use on the user device. Consequently, the user's ability to access a wide variety of content sources independent of the characteristics of the particular user device is further enhanced.

Abstract: A programmer to set his own input error handler after examining the context where the error occurs by utilizing a set error handler subroutine. The context may be provided by the system library to the user's handler routine so it can make a better judgment on how to proceed next. The customizable nature of the invention allows programmers to suit the error handling to individual application needs.

Abstract: Verification of a software program may be automated by receiving a program source file comprising program source code and at least one formal specification annotation, extracting the at least one formal specification annotation from the program source file, compiling the program source code and linking the compiled program and the at least one extracted formal specification annotation to create an executable program that includes at least one reference to an executable formal specification module. According to one aspect, a virtual machine includes a target virtual machine for executing one or more program implementation instructions, and a formal virtual machine for executing one or more formal specification modules corresponding to one or more program implementation instructions and configured to call a formal specification module, and to compare a first result obtained by executing the program implementation instructions with a second result obtained by the call to the formal specification module.

Abstract: Committing data loaded on a device includes computing a program unit storage commitment fingerprint over a program unit if the program unit is finally loaded in a non-volatile memory on the device, associating the program unit storage commitment fingerprint with the program unit and storing the program unit storage commitment fingerprint.

Abstract: A method for enhanced privacy protection in identification in a data communications network includes enrolling for a service on the data communications network, receiving a randomized identifier (ID) in response to the enrolling, storing the randomized ID and using the randomized ID to obtain services on the data communications network. An apparatus for obtaining a service on a data communications network includes an enrollment authority configured to accept an enrollment request. The enrollment authority is further configured to return enrollment results in response to the enrollment request. The enrollment results include user data and the enrollment results may be used obtaining a service from a service provider.

Abstract: A prologue and an epilogue of a function are hooked. Completion of the prologue is stalled in a first state of a stack frame, and a copy of the first state of the stack frame is saved. Completion of the prologue is initiated, permitting execution of the function. Completion of the epilogue is stalled in a second state of the stack frame. The saved copy of the first state of the stack frame is located and compared with the second state of the stack frame. A determination is made whether the stack frame is corrupted based on the comparison. Upon a determination that the stack frame is corrupted, the second state of the stack frame is replaced with the copy of the first state of the stack frame, and completion of the epilogue is initiated, allowing the function to complete.

Abstract: Optimized loading of program data on a device comprises receiving a program including multiple program units, at least one of which is a main program unit. A use graph of the program is obtained, where the root node of the use graph represents the joining of the root node to one or more nodes representing the at least one main program unit. The multiple program units are ordered based at least in part on a depth-first traversal of the use graph and the ordered program is communicated to the device.

Abstract: Factored assert chains allow for improved tracking of implicit information in a computer program. The compiler may generate assert statements at various points in the program where there is implicit information. The dominator tree for the program or section of program may then be constructed. Then ?-nodes may be inserted throughout a control flow graph. Following that, for each statement in the program or section of program, an assert chain may be constructed from each use to the most recent available assert statement for the variable. Then, if the statement is an assert statement, each use may be kept track of as a mapping to an assertion, otherwise a mapping of any reference to an assert statement for each definition may be deleted. This may then iterate through the dominator tree. At the end, a series of factored assert chains remains, which may be utilized by the compiler to improve the efficiency of generated code.

Abstract: A network portal system includes a web-top manager and a universal content broker system. The web-top manager is configured to receive a content request from a user device, where the content request includes a content provider identifier. The universal content broker system is coupled to the web-top manager. The universal content broker system includes a plurality of content providers. Each content provider in the plurality of content providers is associated with a different content provider identifier. Also, each content provider accesses content having a different raw data format. A universal content broker is coupled to the web-top manager and to the plurality of content providers. Upon the receipt of the content request from the web-top manager, the universal content broker passes the request to a content provider in the plurality of content providers that is associated with the content provider identifier.

Abstract: A method for managing remote software code update includes receiving a message from a remote device that includes a first code space having at least one segment and a second code space having one or more segment. The method also includes decoding the message to determine the execution mode of the remote device, indicating code in the first code space is corrupted if the execution mode indicates the remote device is executing in the second code space and indicating the code in the first code space is valid if the execution mode indicates the remote device is executing in the first code space.

Abstract: A method of forming an electronic component package includes: forming electrically conductive traces for connecting first selected bond pads of a plurality of bond pads on a first surface of an electronic component to corresponding bonding locations formed on a second surface of the electronic component; coupling the first surface of the electronic component to a first surface of a lower dielectric strip; coupling the second surface of the electronic component to a first surface of an upper dielectric strip; forming lower via apertures through the lower dielectric strip to expose second selected bond pads of the plurality of bond pads on the first surface of the electronic component; forming upper via apertures through the upper dielectric strip to expose the bonding locations on the second surface of the electronic component; filling the lower and upper via apertures with an electrically conductive material to form lower and upper vias electrically coupled to the first and second selected bond pads of the pl

Abstract: A method and apparatus for digital content access control comprises receiving an authenticated digital content request based at least in part on a digital content request comprising a request for digital content, validating the authenticated digital content request and providing the digital content if the authenticated digital content request is valid. The validating comprises indicating the authenticated digital content request is valid if the authenticated digital content request is validly associated with the digital content and if the authenticated digital content request authenticates the digital content request, and indicating the authenticated digital content request is invalid if the authenticated digital content request is not validly associated with the digital content.

Abstract: A method for generating output data for a transparent object in a digital image creates a plurality of image areas. The plurality of image areas covers a total area of the transparent object in the digital image. Each image area covers a different portion of the transparent object. The method combines information of the transparent object covered by an image area with information of a background image of the digital image also covered by the image area. The background image does not include the transparent object.

Abstract: One embodiment of the invention provides a smart card having multiple applications installed thereon. One of the multiple applications is designated as a default application which is activated whenever the card is reset. The default application is required to implement a first operation to provide a canonically ordered listing of the multiple applications on the card. The default application may further implement a second operation to allow one of the multiple applications to be selected for activation via an index into the listing.

Abstract: A method of operating a computer system includes providing a program in memory, verifying the program prior to an installation of the program and generating a program fault signal when the verification fails. The program includes at least one program unit, and each program unit includes an Application Programming Interface (API) definition file and an implementation. Each API definition file defines items in its associated program unit that are made accessible to one or more other program units and each implementation includes executable code corresponding to the API definition file. The executable code includes type specific instructions and data. Verification includes determining whether a first program unit implementation is internally consistent, determining whether the first program unit implementation is consistent with a first program unit API definition file associated with the first program unit implementation and generating a program fault signal when the verifying fails.

Abstract: One or more specified system calls of a running process are trapped in kernel space from user space. While the process is stopped, information associated with the process is read and a security analysis is performed on the information to determine whether malicious code activity is detected, such as a buffer overflow. If malicious code activity is detected, protective action is taken, such as killing the specified system call. Otherwise, if malicious code activity is not detected, the specified system call is restarted.

Abstract: A method of dynamically hooking runtime processes without interrupting the flow of execution includes: suspending a thread; hooking a function comprising modifying code of the function; and determining whether the thread was executing the modified code when the thread was suspended. If the thread was not executing the modified code, the thread is resumed. If the thread was executing the modified code, the context of the thread is changed to redirect the thread to a saved copy of the original prologue. In this manner, unpredictable behavior of the thread is avoided.