Abstract: A security system, including a receiver for receiving a downloadable, a scanner, coupled with the receiver, for scanning the downloadable to identify suspicious computer operations therein, a code modifier, coupled with the scanner, for overwriting the suspicious computer operations with substitute computer operations, if at least one suspicious computer operation is identified by the scanner, and for appending monitoring program code to the downloadable thereby generating a modified downloadable, if at least one suspicious computer operation is identified by the scanner, and a processor, coupled with the code modifier, for executing programmed instructions, wherein the monitoring program code includes program instructions for the processor to validate input parameters for the suspicious computer operations during run-time of the downloadable. A method is also described and claimed.

Abstract: A method for secure printing is presented. A document management system (DMS) is provided within a server computer for storing, displaying and printing a plurality of documents. At least a portion of the documents require authentication information for displaying and printing. A web-based capture protection system is provided that prevents proprietary content displayed on a display device from being screen-captured. The web-based capture protection system is combined with the DMS to augment the DMS with capture protection of displayed documents, including intercepting retrieval requests from a client computer to display documents from the DMS.

Abstract: A method for altering text displayed in a formatted page, including locating a buffer of memory locations containing contents of a formatted page, locating a first text string between two markers within the buffer, the first string being an encrypted text including N characters, replacing the first text string with a second text string within the buffer, the second string being a decrypted text including M characters, where M is less than N, and inserting N-M special fill characters in the N-M unfilled memory locations between the markers within the buffer, so as to avoid the need to move the markers closer together.

Abstract: A system for secure communication, including a first security computer communicatively coupled with a client computer via an SSL connection, including a certificate creator, for receiving certificate attributes of a server computer certificate and for creating a signed certificate therefrom, and an SSL connector, for performing an SSL handshake with the client computer using the signed certificate created by said certificate creator, and a second security computer communicatively coupled with a server computer via an SSL connection, and communicatively coupled with the first security computer via a non-SSL connection, including an SSL connector, for performing an SSL handshake with the server computer using a signed certificate provided by the server computer, and a protocol appender, for appending attributes of the signed certificate provided by the server computer within a message communicated to the first security computer. A method is also described and claimed.

Abstract: Protection systems and methods provide for protecting one or more personal computers (“PCs”) and/or other intermittently or persistently network accessible devices or processes from undesirable or otherwise malicious operations of Java™ applets, ActiveX™ controls, JavaScript™ scripts, Visual Basic scripts, add-ins, downloaded/uploaded programs or other “Downloadables” or “mobile code” in whole or part. A protection engine embodiment provides, within a server, firewall or other suitable “re-communicator,” for monitoring information received by the communicator, determining whether received information does or is likely to include executable code, and if so, causes mobile protection code (MPC) to be transferred to and rendered operable within a destination device of the received information, more suitably by forming a protection agent including the MPC, protection policies and a detected-Downloadable.

Abstract: A security system, including a receiver for receiving a downloadable, a scanner, coupled with the receiver, for scanning the downloadable to identify suspicious computer operations therein, a code modifier, coupled with the scanner, for overwriting the suspicious computer operations with substitute computer operations, if at least one suspicious computer operation is identified by the scanner, and for appending monitoring program code to the downloadable thereby generating a modified downloadable, if at least one suspicious computer operation is identified by the scanner, and a processor, coupled with the code modifier, for executing programmed instructions, wherein the monitoring program code includes program instructions for the processor to validate input parameters for the suspicious computer operations during run-time of the downloadable. A method is also described and claimed.

Abstract: A method for scanning files for security, including receiving an unfamiliar file for scanning, if the determining indicates that the mime type is suitable for analysis, then processing a buffer of file data from the unfamiliar file, including generating a histogram of frequencies of occurrence of bytes within a buffer of file data from the unfamiliar file, excluding a designated set of bytes, and if the generated histogram of frequencies of occurrence of the non-excluded bytes deviates substantially from a reference distribution, then signaling that the unfamiliar file is potentially malicious. A system and a computer-readable storage medium are also described and claimed.

Abstract: A computer gateway for an intranet of computers, including a scanner for scanning incoming files from the Internet and deriving security profiles therefor, the security profiles being lists of computer commands that the files are programmed to perform, a file cache for storing files, a security profile cache for storing security profiles for files, and a security policy cache for storing security policies for client computers within an intranet, the security policies including a list of restrictions for files that are transmitted to intranet computers. A method and a computer-readable storage medium are also described and claimed.

Abstract: A system for appending security information to search engine results, including a search engine for locating, in a computer network, web pages that include at least one designated search term, for issuing a security analysis request to a content security scanner to assess at least one designated web page for potential security risks, and for preparing a search results summary that includes links to the located web pages and security assessments for the located web pages, a client computer communicatively coupled with the search engine for issuing a search request with at least one user designated search term, to the search engine, and for receiving the search results summary from the search engine, and a content security scanner communicatively coupled with the search engine for assessing security of content in at least one designated web page. A method and computer-readable storage media are also described and claimed.

Abstract: A system for appending security information to search engine results, including a search engine for locating, in a computer network, web pages that include at least one designated search term, for issuing a security analysis request to a content security scanner to assess at least one designated web page for potential security risks, and for preparing a search results summary that includes links to the located web pages and security assessments for the located web pages, a client computer communicatively coupled with the search engine for issuing a search request with at least one user designated search term, to the search engine, and for receiving the search results summary from the search engine, and a content security scanner communicatively coupled with the search engine for assessing security of content in at least one designated web page. A method and computer-readable storage media are also described and claimed.

Abstract: A method for providing textual information in a network environment, the method comprising: receiving a request via a network for text-editable textual information; converting the text-editable textual information into a non-text-editable textual format on line upon receiving the request; and sending the non-text-editable textual information via the network. Network-based systems are also disclosed.

Abstract: Protection systems and methods provide for protecting one or more personal computers (“PCs”) and/or other intermittently or persistently network accessible devices or processes from undesirable or otherwise malicious operations of Java™ applets, ActiveX™ controls, JavaScript™ scripts, Visual Basic scripts, add-ins, downloaded/uploaded programs or other “Downloadables” or “mobile code” in whole or part. A protection engine embodiment provides, within a server, firewall or other suitable “re-communicator,” for monitoring information received by the communicator, determining whether received information does or is likely to include executable code, and if so, causes mobile protection code (MPC) to be transferred to and rendered operable within a destination device of the received information, more suitably by forming a protection agent including the MPC, protection policies and a detected-Downloadable.

Abstract: A method for providing textual information in a network environment, the method comprising: receiving a request via a network for text-editable textual information; converting the text-editable textual information into a non-text-editable textual format on line upon receiving the request; and sending the non-text-editable textual information via the network. Network-based systems are also disclosed.

Abstract: A method for preventing copying a proprietary digital image data that is rendered within a window displayed on a computer monitor, including providing screen pixel data for rendering on a computer monitor, the screen pixel data including pixel data for a first window having proprietary digital image data therewithin, detecting that a second window is going to be displayed on the computer monitor, determining the position and size of the second window, determining, based on the position and size of the second window, a portion of the screen pixel data wherein the first window is going to be covered by the second window, and replacing the portion of the screen pixel data with substitute pixel data, prior to the second window being displayed. A system is also described and claimed.

Abstract: A computer-based method for generating a Downloadable ID to identify a Downloadable, including obtaining a Downloadable that includes one or more references to software components required by the Downloadable, fetching at least one software component identified by the one or more references, and performing a function on the Downloadable and the fetched software components to generate a Downloadable ID. A system and a computer-readable storage medium are also described and claimed.

Abstract: A system protects a client from hostile Downloadables. The system includes security rules defining suspicious actions and security policies defining the appropriate responsive actions to rule violations. The system includes an interface for receiving incoming Downloadable and requests made by the Downloadable. The system still further includes a comparator coupled to the interface for examining the Downloadable, requests made by the Downloadable and runtime events to determine whether a security policy has been violated, and a response engine coupled to the comparator for performing a violation-based responsive action.

Abstract: A system comprises an inspector and a protection engine. The inspector includes a content inspection engine that uses a set of rules to generate a Downloadable security profile corresponding to a Downloadable, e.g., Java.TM. applets, ActiveX.TM. controls, JavaScript.TM. scripts, or Visual Basic scripts. The content inspection engine links the Downloadable security profile to the Downloadable. The set of rules may include a list of suspicious operations, or a list of suspicious code patterns. The first content inspection engine may link to the Downloadable a certificate that identifies the content inspection engine which created the Downloadable security profile. Additional content inspection engines may generate and link additional Downloadable security profiles to the Downloadable. Each additional Downloadable security profile may also include a certificate that identifies its creating content inspection engine.

Abstract: A system protects a computer from suspicious Downloadables. The system comprises a security policy, an interface for receiving a Downloadable, and a comparator, coupled to the interface, for applying the security policy to the Downloadable to determine if the security policy has been violated. The Downloadable may include a Java.TM. applet, an ActiveX.TM. control, a JavaScript.TM. script, or a Visual Basic script. The security policy may include a default security policy to be applied regardless of the client to whom the Downloadable is addressed, or a specific security policy to be applied based on the client or the group to which the client belongs. The system uses an ID generator to compute a Downloadable ID identifying the Downloadable, preferably, by fetching all components of the Downloadable and performing a hashing function on the Downloadable including the fetched components.