Abstract: Systems and methods are described for pre-fetching remote resources. A computerized method of pre-fetching remote resources includes calculating a probability of a request for a remote resource by a user within a validity period, based on a representation of historical requests for the remote resource by the user, pre-fetching the remote resource if the probability is greater than a threshold, intercepting an actual request for the remote resource by the user, recording the actual request into the representation of the historical requests by the user, and fulfilling the actual request for the remote resource using the pre-fetched remote resource.

Abstract: Disclosed embodiments of a data protection mechanism can provide secure data management. In particular, the disclosed embodiments provide secure data management mechanisms that can control transfer of data items so that contents of protected data items are not accessible to non-authorized parties. For example, the disclosed system can prevent an application from storing a protected file using a new file name. As another example, the disclosed system can prevent an application from sending a protected file to another computing device over a communication network.

Abstract: The disclosed subject matter includes a method. The method includes identifying an attempt to access, by an application instance running in a user space of an operating system, a first security zone of a computer readable medium, where the first security zone is associated with a first security level. The method further includes determining whether a restriction level associated with the application instance is higher than the first security level, where the restriction level is a function of previous security zones that have been accessed by the application instance. When the restriction level associated with the application instance is higher than the first security level, the method would prevent the application instance from writing to the first security zone. When the restriction level associated with the application instance is not higher than the first security level, the method would authorize the application instance to access the first security zone.

Abstract: Systems, methods and media are provided for selective decryption of files. One method includes monitoring a secure file storage area including at least one file using a selective decryption process associated with the secure file storage area. Content of each of the at least one file is protected with an encryption. The method also includes detecting a request by an application program for one of the at least one file. The method further includes determining whether the application program needs to access the content of the requested file. The method also includes, when it is determined that the application program does not need to access the content of the requested file, allowing the application program to access the file content without decrypting the encryption.

Abstract: Described are computer-based methods and apparatuses, including computer program products, for secure redacted document access. A viewing application for viewing documents is executed, the viewing application comprising standard code for the viewing application that can not process the container data type, and custom code configured to allow the viewing application to process a container data type. A container of the container data type is received from a remote computing device comprising a set of redacted documents corresponding to an original document, each redacted document having a level of redaction corresponding to a viewing location, and a header comprising encryption information for each redacted document in the set of redacted documents. The container is processed based on a location of the computing device and the custom code.

Abstract: Systems and methods are described for a web event framework. A computerized method includes receiving, at a framework plugin coupled to a web browser, a framework action from a framework server, the framework action including arguments specifying context data to retrieve from a web page loaded on the web browser; executing the framework action by the framework plugin, wherein executing the framework action comprises retrieving the specified context data from the web page and generating, by the framework plugin, a framework event including the context data; forwarding the framework event to a framework server coupled to the framework plugin; receiving at the framework server the framework event from the framework plugin; determining, at the framework server, a framework action based on the framework event, including the specified data, and a framework policy; and sending instructions to an external process based on the specified data and the framework action.

Abstract: The disclosed subject matter provides apparatus, systems, and methods for preventing a user from disabling a software extension to a network-based application, thereby allowing a computing device to enforce the software extension even if the user wants to disable the software extension. The disclosed apparatus, systems, and methods can prevent a user from disabling a software extension by blocking an access to a communications network via the network-based application when the software extension is disabled.

Abstract: Systems and methods are described for a web event framework. A computerized method includes receiving at a framework plugin an event from a web browser, wherein the framework plugin is coupled to the web browser, generating, by the framework plugin, a framework event based on the event, forwarding the framework event to a framework server coupled to the framework plugin, receiving at the framework server the framework event from the framework plugin, determining, at the framework server, a framework action based on the framework event and a framework policy, forwarding the framework action to the framework plugin, and executing the framework action by the framework plugin.

Abstract: Systems and methods for a web event framework include receiving at a framework plugin an event from a web browser, wherein the framework plugin is coupled to the web browser, generating, by the framework plugin, a framework event based on the event, forwarding the framework event to a framework server coupled to the framework plugin, receiving at the framework server the framework event from the framework plugin, determining, at the framework server, a framework action based on the framework event and a framework policy, forwarding the framework action to the framework plugin, and executing the framework action by the framework plugin, wherein executing the framework action includes modifying one or more settings for the web browser, wherein the modified settings are based on the framework policy and sending an instruction to the web browser to cause the web browser to reload at least one web page under the modified settings.

Abstract: A digital archive for storing encrypted content includes a header section and a body. The header section includes real headers, wherein at least a portion of each real headers is encrypted, and fake headers, wherein each of the fake headers is filled with cryptographically random bytes, wherein the fake headers are substantially more than the real headers. The body includes real contents, wherein at least a portion of each real content is encrypted, and fake contents in the rest of the body, wherein the fake content contains additional cryptographically random bytes, wherein the amount of the fake content is substantially greater than the amount of the real contents, wherein each of the real headers refers to a corresponding real content in the body and contains decryption information for the corresponding real content.

Abstract: A system and method are provided for allowing an administrator to automatically determine whether networked computer devices are configured to use governance software that allocates resource in, or controls or restricts the access of other network devices, to certain portions of the networked storage based upon IT governance protocols, network efficiency and economics. To do this, a company server having governance software stored thereon polls a range of device addresses (e.g., IP addresses) specified by the network administrator or stored on a DNS server with a message formatted using protocols such as WebDAV, SMB/CIFS, FTP, etc., and specific to the governance software. If the device responds to the message, the address of the device, along with an indicia that the device is compatible with the governance software is stored in memory.

Abstract: Described are computer-based methods and apparatuses, including computer program products, for adaptive document redaction. A container is generated comprising a set of redacted documents corresponding to an original document, each redacted document having a level of redaction corresponding to a viewing location, and a header comprising encryption information for each redacted document in the set of redacted documents. A request to view the original document is received from a requesting device. The container is transmitted to the requesting device. A request for additional encryption information for a redacted document from the set of redacted documents is received from the requesting device, wherein the redacted document comprises a level of redaction for a viewing location that is equal to a location of the requesting device. The additional encryption information is transmitted to the requesting device.

Abstract: Systems and methods are provided for automatically sorting and indexing electronic files. A set of emails is received from a folder for an email program. A set of nouns from a first email from the set of emails is identified, wherein the first email comprises a document attached to the first email, and wherein the set of nouns are identified from the first email, the document attached to the first email, or both. The set of nouns are sorted alphabetically. A file structure is created on a storage device for storing data from the set of emails. The file structure includes a first folder with a same name as the folder for the email program, and a second folder with a name comprising the sorted set of nouns. The document attached to the first email is stored in the second folder.

Abstract: Systems, methods and media are provided for deferred synchronization of files in cloud storage systems. One method includes detecting changes to a data file. The method also includes monitoring I/O operations performed by a process associated with the changes. When the process is busy, the method also includes adding to an upload file list a name of a first file in response to a creation/modification of the first file. The method further includes adding to the list a new name of a second file and, when applicable, removing from the list an old name of the second file in response to renaming the second file. The method also includes removing from the list a name of a third file in response to a deletion of the third file and uploading files identifiable using file names in the list to the cloud storage server when the process is no longer busy.

Abstract: Techniques are disclosed for providing services to a client device via a shared cloud service. In one embodiment, a method is disclosed that includes storing information on a first device relating to a subject, saving the stored information in a serialized format data file to the shared cloud service, the data file having a filename generated as a function of the subject, providing authenticated access to the data file for a second device via the shared cloud service, synchronizing a copy of the data file via the shared cloud service to the second device, the copied data file reflecting a single up-to-date state of the data file in the shared cloud service, and de-serializing the serialized format data file at the second device.

Abstract: Systems and methods are disclosed for suggesting relevant documents to a local user. In one embodiment, a method is disclosed comprising determining, at a local device, a set of selection criteria for suggestion of relevant documents to the local user, the suggestion criteria including at least one of keywords and document metadata; retrieving a plurality of file statistics from a remote server, wherein at least one of the file statistics has been created by a remote user; creating a table of suggestions from the plurality of file statistics and from the set of suggestion criteria; and suggesting at least one file to the local user based on the table of suggestion criteria.

Abstract: Systems, methods and media are provided for providing a customized output based on data obtained using RFID. One method includes receiving from at least one RFID reader identification (ID) information stored in a plurality of RFID devices. The method also includes searching and gathering data related to a plurality of individuals carrying the plurality of RFID devices from at least one of a database and an online source based on the ID information. The databases include personal information corresponding to each of the plurality of individuals. The method further includes analyzing the gathered data to update the personal information and to search for additional data related to the individuals and correlating the gathered data and the updated personal information to derive relationships amongst the individuals. The method also includes providing a customized output using at least one of the gathered data, the updated personal information and the derived relationships.

Abstract: The disclosed subject matter includes a method. The method includes determining, by a module running on a computer platform in communication with non-transitory computer readable medium having a plurality of security zones, whether an application instance is in a foreground of a user interface for the computer platform. The method further includes determining, by the module, an alert level associated with the application instance in the foreground of the user interface, wherein the alert level includes at least one of a restriction level and an access level. The method also includes providing the alert level to a user of the computer platform using a visual cue displayed on the user interface.

Abstract: A digital archive for storing encrypted content includes a header section and a body. The header section includes real headers, wherein at least a portion of each real headers is encrypted, and fake headers, wherein each of the fake headers is filled with cryptographically random bytes, wherein the fake headers are substantially more than the real headers. The body includes real contents, wherein at least a portion of each real content is encrypted, and fake contents in the rest of the body, wherein the fake content contains additional cryptographically random bytes, wherein the amount of the fake content is substantially greater than the amount of the real contents, wherein each of the real headers refers to a corresponding real content in the body and contains decryption information for the corresponding real content.

Abstract: Systems and methods are described for pre-fetching remote resources. A computerized method of pre-fetching remote resources includes calculating a probability of a request for a remote resource by a user within a validity period, based on a representation of historical requests for the remote resource by the user, pre-fetching the remote resource if the probability is greater than a threshold, intercepting an actual request for the remote resource by the user, recording the actual request into the representation of the historical requests by the user, and fulfilling the actual request for the remote resource using the pre-fetched remote resource.