Abstract: A system and method of selectively providing encrypted data is provided. Embodiments of the invention may store data in encrypted form on a storage device. Embodiments of the invention may selectively provide encrypted or decrypted data to a requestor of data based on configuration or other parameters. A filter driver or other module or unit may examine a request for, or communication of data from the storage device and may determine if data is to be provided in encrypted or decrypted form. Decrypted data may be provided to a caching system. A filter driver or other module or unit may examine a request for, or communication of data from the caching system. Data provided from the caching system may be selectively encrypted based on configuration or other parameters.

Abstract: A system and method of efficiently inspecting content is provided. Embodiments of the invention may inspect files accessed by an application prior to an activation of the application. Selective inspection of files accessed by an application may be based on a previous inspection. Inspection of files accessed by an application may be postponed or performed concurrently with the access. A prioritized queue may include references to files, a priority may be related to a risk level and an inspection order may be according to a risk level.

Abstract: A system and method for storing information on a storage device. An encrypted version of the information is stored on a storage device. The information is inspected in order to determine whether it may be stored on the storage device. If the information may be stored on the storage device then the stored encrypted version is decrypted, otherwise it is deleted.

Abstract: Protecting the integrity and the effectiveness of a security agent that is installed in a user's device while the user's device operates online or offline. The security agent may be used for enforcing a security policy required by an organization or network to which the user's computer belongs. One aspect of exemplary embodiments of the present invention is to associate the content of one or more storage devices of the user's computer with the security agent and with a boot-loader program used by the user's computer.

Abstract: A system apparatus and method for protecting information are provided. Embodiments of the invention may detect inactivity related to a computing device. Information and encryption key may be removed from a memory. Subsequent activity may be detected. An authentication procedure may be performed, and, contingent on authenticating a relevant entity, a master key may be generated and installed in a memory.

Abstract: A system, device and method for incapacitating a keylogger. An inactivity of an input device may be detected. A flow of information from an input device to a computing device may be manipulated. A keylogger may be caused to store redundant information by causing the input device to produce redundant input. Other embodiments are described and claimed.

Abstract: A system and method for validating an application and for controlling execution of an application. A plurality of parameters may be computed for an authenticated object and for a tested object. A plurality of comparison and other metrics may be computed based on the computed plurality of parameters. Control of an execution of programs may be based on said metrics. Other embodiments are described and claimed.

Abstract: The pureness of a connection between an external device and a host computer can be inspected or monitored to determine the status: connected or disconnected. When it is determined that a disconnection state is entered, an indication can be sent to the host and, in parallel, the data transportation from and/or to the external device may be manipulated. In some embodiments an exemplary connection protector device (CPD) may be added to the connection in between the external device and the host. The CPD can have two connectors one for the host and one for the cable of the external device. The CPD can be adapted to identify any disconnection in the connection with the host and/or the connection with the external device on the other side of the CPD.

Abstract: Secure operation of SEMDs on a client computer in a host system is obtained by controlling what applications (i.e., U3 applications) that can run on the host system and access data on the SEMD. Applications allowed to run on each host machine are identified and any access to the SEMD by an allowed application is permitted and other access are prohibited. Security and/or privacy for data that is stored on a SEMD is provided by only allowing approved USB memory card based applications to access the data stored on the SEMD. All other applications, either unapproved USB memory card based applications or non-SEMD resident cannot access the data on the SEMD. Other security is provided by preventing access to the SEMD except for computers or systems that are a part of a company's private network and maintaining the data on the SEMD in an encrypted state.

Abstract: A system apparatus and method for protecting information on a storage device. Embodiments of the invention may create a virtual volume on a storage device. Embodiments of the invention may further transfer information to the virtual volume, remove information stored outside the virtual volume and extend the size of the virtual volume. Other embodiments are described and claimed.

Abstract: A system and method for a contextual control of resources of a computer. A plurality of detection modules may inform a configuration module of context changes and events. A database may store a plurality of configuration parameters and policies. A configuration module may configure a BIOS of a computer according to events, context and configuration policies. Other embodiments are described and claimed.

Abstract: Computers connected to a private network are monitored and controlled through the use of a client agent that operates in association with the computer and a server client that establishing security parameters, privileges and authorizations for the computer. The invention can prevent access to certain devices according to an active security policy. Any activity of the computer, such as a request to transfer data to an external device, access a particular file, etc. is monitored and controlled by the client agent. No operations or procedures are allowed by the computer inconsistent with the active security policy. The security policy may be set by the administrator of the private network according to the user rights and position in the organization.

Abstract: A system and method of selectively providing encrypted data is provided. Embodiments of the invention may store data in encrypted form on a storage device. Embodiments of the invention may selectively provide encrypted or decrypted data to a requestor of data based on configuration or other parameters. A filter driver or other module or unit may examine a request for, or communication of data from the storage device and may determine if data is to be provided in encrypted or decrypted form. Decrypted data may be provided to a caching system. A filter driver or other module or unit may examine a request for, or communication of data from the caching system. Data provided from the caching system may be selectively encrypted based on configuration or other parameters.

Abstract: In a private network setting in which various computers can be attached, the confidential or sensitive data within the various devices on the private network is vulnerable. The ability to copy such confidential or sensitive data to a storage device communicatively coupled to a client computer on the network is governed and controlled. Only devices that include an authentic stamp or digital certificate can be accessed by client computers. If a device does not have a valid stamp or the stamp has been black listed, then the access to the device can be prevented or greatly limited.