Abstract: Embodiments of the invention include a system and method to prevent a user from copying and storing files on a third party storage device or a user's personal computer. To do this, the system and method may perform a process of connecting the authorized user to the company's computer storage to access computer files for modification and, if the authorized user attempts to copy the file to the user's computer or a third party storage site, determining whether the file should be copied. To determine whether the file should be copied, the system may use inspection modules that inspect the data files to determine whether or not the user has been restricted from copying the data file.

Abstract: Systems and methods are provided for determining an address for a private function. A start address for a public function of a software program in a data file associated with the software program is determined. Instruction data for the public function is identified in the data file based on the start address of the public function. First data of a predetermined size is read from a beginning of the instruction data for the public function. A signature for a private function of the software program is identified in the first data. A relative address for the private function in the data file based on the identified signature is stored in memory.

Abstract: Embodiments of the invention include a computer, computer program product and computer implemented method for allowing a user to mute selectively a computer application. In some embodiments, the computer comprises a computer display and a tangible non-transitory computer memory, the computer memory having stored thereon a plurality of computer instruction performing a process of creating a menu of computer applications running on the computer and a process of allowing the user to select from the menu of applications a particular application to mute. The instructions and computer program product, in some embodiments, determine whether an application running on the computer is generating a sound signal; add the application to a list of applications that are generating sound signals; and create a menu from the list for viewing by the user on the computer display, the menu including a name of the application and a mute icon.

Abstract: Systems and methods are provided for providing a network storage system. One method includes receiving a request from a client coupled to a local communication network to provide access to a network storage system. The request can include a data item identifier, and the network storage system can include a local network storage, coupled to the local communication network, and a remote network storage, coupled to a public communication network. The method can further include identifying, based on the request, one of the local network storage and the remote network storage for serving the request, and providing the request to the identified one of the local network storage and the remote network storage to provide the client with an access to the identified one of the local network storage and the remote network storage.

Abstract: Systems and methods are provided for collaborative mobile device applications. Mobile device applications for a mobile device are stored in a database. The mobile device applications include an interface defining how each mobile device application interacts with the other mobile device applications. Each mobile device application provides a set of services and/or features for a virtual application, wherein the virtual application is defined by the mobile device applications and their associated interfaces. The mobile device applications are configured such that a mobile device can download at least two different subsets of the mobile device applications, wherein each subset provides different functionality for the virtual application.

Abstract: Embodiments of the invention include a selection device for use with a user computer and method for using the device. The selection device performs a process of providing a user with a plurality of menu icons for a plurality of computer applications on the selection device and a process of allowing a user to select a menu icon corresponding to a particular application for viewing on the user computer display. To do this, the device and method may implement the steps of displaying the plurality of menu icons representing applications available to the user on the user computer on the selection device display; enabling the user to scroll through the plurality of menu icons to select the menu icon corresponding to the particular application, and responsive to the user selecting the menu icon, transmitting an identifier for the particular application to the user computer.

Abstract: Systems, methods, and computer-readable media provide for context-sensitive, interactive logs to an administrative user console. A log server can receive at least one logging event from at least one application server based upon activity of at least one entity, identify at least one action associated with the logging event, and create and store a log entry based on the logging event and the associated action. The log server can further format an interactive display page for display at an administrative user console containing the log entry, wherein the interactive display page displays the logging event and the associated action in proximity to the logging event, and wherein the associated action can be selectable by a user at the administrative user console. In response to a selection of the associated action from the administrative user console, the associated action can be initiated.

Abstract: Systems and methods are described for providing visual accessibility indicators on mobile devices. A computerized method of presenting a visual accessibility indicator relating to a target file includes detecting, using a mobile device, an active network connection of the mobile device to be used to transfer the target file, retrieving a connection profile for the active network connection, the connection profile including attributes relating to the active network connection, projecting accessibility of the target file at least partially based on the connection profile, and displaying, on the mobile device, a visual accessibility indicator representing the projected accessibility, wherein the visual accessibility indicator contains an icon illustrating the accessibility.

Abstract: Systems and methods are described for providing a distributed storage system. A distributed storage system includes a control server coupled to a network, the control server maintaining a policy, a host directory, and a file directory, and a plurality of hosts coupled to the network, each of the plurality of hosts containing a storage device and an agent configured to communicate with the control server, wherein each of the plurality of hosts is configured to contribute a portion of the storage device thereof to collectively form a distributed virtual disk configured to store files, wherein the portion of the storage device on each of the plurality of hosts is configured based on the policy, wherein the host directory contains information about the plurality of the hosts on the distributed storage system, and wherein the file directory contains information about the files stored on the distributed storage system.

Abstract: Systems and methods are provided for encrypting electronic files during a transfer to a low-security storage location is provided. In one embodiment, a method comprises receiving a file copy request for a file stored on a source storage system to be copied to a destination storage system; determining a desired file security level of the file based on a desired security level for the file when the file is accessed; determining a destination security level of the destination storage system; comparing the file security level and the destination security level; encrypting the file to create an encrypted file when the destination security level is less than the file security level prior to copying the file; and copying at least one of the file and the encrypted file to the destination storage system as a function of the comparison of the file security level and the destination security level.

Abstract: Systems and methods are described for providing a user virtualization (UV) system. A non-transitory computer readable medium includes executable instructions that are operable to, when executed by a computing device, cause the computing device to: acquire an input related to user identification (ID) information from a non-contact user ID input device, determine a user ID based on the acquired input, transmit the user ID to a UV control server over a network, receive UV information corresponding to the user ID from the UV control server, and apply the received UV information to a UV client device.

Abstract: Many organizations want to extend the services and capabilities available to their users, but need to ensure that devices that are not within the perimeter and not under the direct control of the organization are managed in accordance with the organization's policies. A computerized method is disclosed for propagating resource access policies to a client device to provide compliance with security policies, comprising automatically receiving from a policy server via push communication at a client device a resource access policy comprising a trigger event and an action; when the trigger event is satisfied, executing the action; and sending an indication to the policy server that the resource access policy has been executed.

Abstract: Described are computer-based methods and apparatuses, including computer program products, for adaptive document redaction. A container is generated comprising a set of redacted documents corresponding to an original document, each redacted document having a level of redaction corresponding to a viewing location, and a header comprising encryption information for each redacted document in the set of redacted documents. A request to view the original document is received from a requesting device. The container is transmitted to the requesting device. A request for additional encryption information for a redacted document from the set of redacted documents is received from the requesting device, wherein the redacted document comprises a level of redaction for a viewing location that is equal to a location of the requesting device. The additional encryption information is transmitted to the requesting device.

Abstract: Described are computer-based methods and apparatuses, including computer program products, for secure redacted document access. A viewing application for viewing documents is executed, the viewing application comprising standard code for the viewing application that can not process the container data type, and custom code configured to allow the viewing application to process a container data type. A container of the container data type is received from a remote computing device comprising a set of redacted documents corresponding to an original document, each redacted document having a level of redaction corresponding to a viewing location, and a header comprising encryption information for each redacted document in the set of redacted documents. The container is processed based on a location of the computing device and the custom code.

Abstract: Described are computer-based methods and apparatuses, including computer program products, for metadata enhanced filenames. A filename is received, the filename including a first set of characters that represents a name for the electronic file, and a second set of additional characters. The filename is parsed to identify the second set of additional characters. Metadata associated with the electronic file is determined based on the second set of additional characters without downloading additional data of the electronic file. The electronic file is processed based on the determined metadata.

Abstract: Systems and methods are provided for associating structured tags with files in a computer system. In one method, the method includes requesting a user, by the computer system, to provide the structured tag for the file, where the structured tag includes a tag type, a value type, and a tag value. The method can further include receiving the structured tag from the user, associating the structured tag and the file, and storing the association of the structured tag and the file in a non-transitory storage medium.

Abstract: Disclosed is a method of checking the authenticity of an executable process including at least one section. The method includes, when an initial thread of the executable process is created in a suspended state, mapping from storage a copy of the executable process into a spare memory area, where it will not be executed. The method also includes comparing a header of a first section of the executable process with a header of a first section of the copy. The method further includes terminating the executable process when the header of the first section of the executable process and the header of the first section of the copy are not identical.

Abstract: In some embodiments, a method includes storing, at a first time, a copy of an executable process at a memory area if an initial thread of the executable process is defined in a suspended state such that the copy of the executable process is not executed at the memory area. The executable process can be maintained at a storage different from the memory area. The method also includes comparing, at a second time after the first time, a header of a section of the executable process with a header of a section of the copy of the executable process. The method further includes determining not to execute the executable process if the header of the section of the executable process is different from the header of the section of the copy of the executable process.

Abstract: Systems and methods are provided for storing and verifying security information. A method can include receiving a request to access an encrypted file from a storage medium, wherein the request includes security information, performing key stretching on the security information to compute a key associated with the security information, computing a first check value associated with the key, receiving at least one of a header, metadata, or filename of the encrypted file from the storage medium, retrieving a second check value stored in the at least one of the header, metadata, or filename of the encrypted file, comparing the first check value with the second check value, and receiving the encrypted file from the storage medium only when the first check value matches the second check value.

Abstract: Systems and methods are provided for data access protection. The disclosed computing system can determine a passphrase for controlling access to a file, operate a hash function on the passphrase by a predetermined number of iterations to provide an intermediate passphrase, and send a request for an enhanced passphrase to a server in communication with the apparatus, where the request can include the intermediate passphrase. Subsequently, the disclosed computing system can receive, from the server, the enhanced passphrase based on the intermediate passphrase in response to the request.