Abstract: Systems and methods for customizing business logic rules within a business process automation system and for processing business logic rules in a business process automation system are disclosed. The method for customizing business rules of a business logic application generally comprises serving a content page to a client browser of a client by a server that allows entering and modifying of data relating to a business logic rule, generating data by the server according to a predefined format such as a predefined XML format from information received via the content page, and automatically committing the generated data in the predefined format into a database. Preferably, a verification process such as by using DTDs (Document Type Definitions) is performed by the server prior to committing the data. The database stores data including data relating to business logic rules for implementing business logic as entries in the database and the generated data is committed into a corresponding entry in the database.

Abstract: A device that passively monitors arriving and departing data packets on one or more networks, correlates arriving data packets with departing data packets, and calculates a latency estimate based on the confidence of the correlation. The device detects and copies data packets arriving at a network device and the data packets departing from the same network device. A timestamp is stored for each arriving or departing data packet. Latency across a network device can be determined based on the timestamps for correlating data packets. Additionally, latency across a network device per protocol layer can also be calculated. Varying levels of confidence of a latency estimation depend on the operation necessarily performed on the data packet by the network device and the protocol level at which correlation between the arriving and departing data packets can be achieved.

Abstract: A system, method, and computer program product are provided for distributing software patches utilizing a network. Initially, information relating to at least one application program is collected from a plurality of computer utilizing a network. It is then determined whether the application program has been altered on the computers based on the information. Patches are then distributed to the computers, if it is determined that the application program has been altered on the computers.

Abstract: A system, method, and computer program product are provided for managing licenses associated with an application program utilizing a network. Initially, information is collected relating to at least one application program from a plurality of computers utilizing a network. Next, the information is reported to a user. Such information is then used to manage licenses associated with the application program.

Abstract: Anti-virus scanners can be deliberately disabled, inadvertently disabled, or simply slowed down to a point where the scanner becomes ineffective and the primary function of the scanning host device is disrupted when a suitably complex file is received by the scanning system for scanning. Archive files pose particular problems for scanners, since archives may contain very complex data structures, and require time consuming analysis. Virus scanners typically scan each element of an archive. Some virus scanners decompress each archive component for scanning. Virus developers have taken advantage of this scanning approach by creating complex archives designed to overwhelm a scanner, leaving a system unprotected or in a denial of service state. To counter such measures, when an archive (or other file) is passed to a scanner, various heuristics are applied to the archive so as to determine a risk-based scanning priority for the archive.

Abstract: A system and method for detecting and correcting errors using an authentication mechanism is described. In particular, a reversible inner function is used in a nested message authentication code configuration to provide both error detection and error correction in high performance applications.

Abstract: A method and system for detecting viruses on handheld computers. The handheld computer is in communication with a computer system having a virus detection program. The method includes reading data from the handheld computer and writing the data at least temporarily to a database on the computer system. The data is scanned for viruses with the virus detection program. The method further includes updating data on the handheld computer based on results of the scanning.

Abstract: A high-speed, low-strength authentication mechanism is disclosed. This mechanism is based on a partial message authentication code, wherein a message authentication code is applied only to some portion of the message. By applying an authentication algorithm only to selected parts of the message, significant time can be saved while maintaining acceptable security.

Abstract: A system, method and computer program product are provided for tracing a traffic event utilizing a firewall. Initially, a firewall is executed on a local computer. Next, traffic events between the local computer and a remote computer over a network are monitored utilizing the firewall. Further, the traffic events are displayed utilizing the firewall. In use, at least one of the traffic events is traced utilizing the firewall. Moreover, a map of the trace is displayed for effectively conveying information about the traffic event.

Abstract: A scan of computer files for predefined properties indicative of such things as viruses is disclosed. The scan is performed in a circular manner, such that when all of the files to be scanned have been scanned it starts again from the first file. The ability to update the data defining the properties to be scanned for during a scan is provided.

Abstract: A system and method using inheritance for the configuration, management, and/or monitoring of computer applications and devices via a computer network are disclosed. The method generally comprises calculating control settings to be enforced by an end node corresponding to a device of the network of devices, the control settings being calculated by the corresponding device. The control settings to be enforced by the end node are applicable to the device and the resources of the device. The calculation is performed by the end node or device by accessing data stored in a network directory defining a hierarchical tree structure containing nodes corresponding to the network of devices and defining control settings corresponding to and to be enforced upon the resources available to the devices. The control settings corresponding to the resources of each device are selectively inherited down the hierarchical tree structure of the network directory.

Abstract: A system, method and computer program product are provided for translating protocol decode objects. Initially, a plurality of frames is received. Next, the frames are decoded in order to generate protocol decode objects each with a numerical identifier associated therewith. Still yet, the numerical identifier is translated to a textual identifier. The textual identifier associated with the protocol decode objects are then displayed for facilitating the use of the protocol decode objects during network analysis.

Abstract: A system, method and computer program product are provided for affording network security features. A plurality of network objects are identified. Rule sets associated with one or more of the identified network objects are retrieved. Each rule set includes a plurality of policy rules that govern actions relating to the identified network objects. Overlapping policy rules of the rule sets are reconciled amongst the network objects. The reconciled rule sets are executed. A computer program product and a method are also provided for establishing network security. A plurality of network objects of a network and a plurality of rule sets are provided. The network objects are associated with the rule sets. The rule sets include a plurality of policy rules that govern actions relating to the identified network objects during operation of the network.

Abstract: A method and system are provided for updating software on a handheld computer in communication with a client computer system operable to connect to a network. Software installed on the handheld computer is identified with the client computer. Moreover, information on the identified software is transmitted from the client computer to a server connected to the network. Further, updated versions of the software installed on the handheld computer are transferred from the server to the client computer based on the identified software that is installed on the handheld computer. Still yet, the software installed on the handheld computer is updated with the updated versions transferred to the client computer.

Abstract: A method of intercepting application program interface, including dynamic installation of associated software, within the user portion of an operating system. An API interception control server in conjunction with a system call interception module loads into all active process spaces an API interception module. An initializer module within the API interception module hooks and patches all API modules in the active process address space. When called by the application programs, the API routines' flow of execution, by virtue of their patched code, is re-directed into a user-supplied code in a pre-entry routine of the API interception module. The API routine might be completely by-passed or its input parameters might be filtered and changed by the user code. During the operation, the API routine is double-patched by the API interception module to ensure that all simultaneous calls to the API routine will re-direct its flow of control into the API interception module.

Abstract: A system, method and computer program product are provided for organizing objects associated with a voice application call in a tree representation. Initially, a voice application call is identified. Next, a plurality of connection objects is generated associated with the voice application call. Further, a plurality of session objects associated with the voice application call is identified, along with a plurality of application objects associated with the voice application call. In use, the connection objects, the session objects, and the application objects are organized in a tree representation.

Abstract: A graphical user interface is provided for displaying network analysis. Included is a plurality of tabs selectable by a user. Also included is a plurality of windows each associated with one of the tabs and adapted for displaying a different aspect of a network analysis. In use, the windows are each displayed upon the selection of the associated tab.

Abstract: A system, method and computer program product are provided for scanning application program data utilizing a mobile communication device. Included is an application program installed on a mobile communication device capable of communicating via a wireless network. Such application program is adapted for performing tasks utilizing the mobile communication device. Associated therewith is a scanning subsystem in communication with the application program for scanning application data relating to the tasks performed by the application program. In use, the application program communicates information relating to the application data to the scanning subsystem to facilitate the scanning by the scanning subsystem.

Abstract: A system, method and computer program product are provided for efficiently updating a scanning subsystem of a mobile communication device. Initially received is a first portion of an update adapted for updating a scanning subsystem of a mobile communication device. Further, more portions of the update are received in addition to the receipt of the first portion of the update. The update is then installed with the scanning subsystem.

Abstract: A platform-independent system and associated method are provided for use with a mobile communication device. Included is a mobile communication device capable of communicating via a wireless network. Such mobile communication device includes an operating system installed thereon. Associated therewith is a platform-independent scanning subsystem in communication with the operating system of the mobile communication device for scanning purposes. Further provided is a platform-independent application program interface for interfacing the operating system and the scanning subsystem. The platform-independent application program interface includes an abstract library for porting the platform-independent scanning subsystem to the mobile communication device and associated operating system.