Abstract: A system and method for reducing the amount of data transferred during streaming of an application upgrade. The system includes a server that streams application upgrades to a client. The client determines that an application upgrade is available and receives a first map from the server that corresponds to an upgraded version of the application. The client generates a second map of the currently installed application. The client compares the first map to a second map that corresponds to the application currently installed on the client to determine that one or more data blocks corresponding to the upgraded version of the application are not present in the application currently installed on the client. The client requests the one or more data blocks from the server. Both maps include entries that include data describing a size, a location, and a hash value of a corresponding data block.

Abstract: A computer-implemented method for secure third-party data storage may include 1) identifying, at a server-side computing device, a request from a client system to access an encrypted file stored under a user account, 2) identifying, in response to the request, an asymmetric key pair designated for the user account that includes an encryption key and a decryption key that has been encrypted with a client-side key, 3) receiving, from the client system, the client-side key, 4) decrypting the decryption key with the client-side key, and 5) using the decryption key to access an unencrypted version of the encrypted file. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: Various systems and methods can decide whether information being evicted from a level one (L1) operating system cache should be moved to a level two (L2) operating system cache. The L2 operating system cache can be implemented using a memory technology in which read performance differs from write performance. One method involves detecting that a portion of a file (e.g., a page) is being evicted from a L1 operating system cache. In response to detecting the imminent eviction of the portion of the file, the method determines whether the portion of the file has been read more frequently or written more frequently. Based upon this determination (e.g., in response to determining that the portion of the file has been read more frequently, if the L2 cache provides better read than write performance), the method decides to copy the portion of the file to the L2 operating system cache.

Abstract: Computer-implemented methods, systems, and computer-readable media for using community data to automatically generate rules for distinguishing data files from other file types are disclosed. In one example, an exemplary method for performing such a task may comprise: 1) receiving file metadata from a plurality of computing systems within a community, 2) establishing, based on the file metadata received from the plurality of computing systems within the community, criteria for distinguishing data files from other file types, and then 3) automatically generating a rule that comprises at least one of the criteria for distinguishing data files from other file types. Corresponding methods for identifying data files by applying such rules are also disclosed.

Abstract: A computer-implemented method for distributing spam signatures may include identifying a set of spam e-mails. The computer-implemented method may also include identifying a plurality of clients, each client in the plurality of clients having received at least one e-mail in the set of spam e-mails. The computer-implemented method may further include identifying at least one mailing list by identifying at least one group of clients within the plurality of clients that have received a subset of the set of spam e-mails. The computer-implemented method may additionally include identifying at least one additional spam e-mail sent via the mailing list. The computer-implemented method may also include transmitting information identifying the additional spam e-mail to at least one client on the mailing list. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: A system and method for automatically analyzing virtual machine bytecode of a software application and adding additional bytecode operable to determine information regarding network communication performed by the software application are described. According to one embodiment of the method, program code of a software application may be received, wherein the program code includes bytecode for a virtual machine. The bytecode may be automatically analyzed to detect network communication functionality. The method may operate to automatically add additional bytecode to the bytecode of the software application, where the added bytecode is operable to determine information regarding the network communication.

Abstract: A system and method for supporting asynchronous write operations within data storage systems and repairing a failed component within data storage subsystems without interruption of service. A data storage cluster is coupled to a client. The cluster comprises a plurality of data storage locations addressable as rows and columns in an array. Each column of the array comprises a separate computer of a plurality of computers interconnected to each other via a network. A coordinating column corresponding to a particular row receives data from the client for storage in the row and sends an indication of storage completion to the client, in response to forwarding the received data to data storage locations within the row. Although the client receives a write complete status before the data is actually written in corresponding computers, the cluster has sufficient information to complete the write operation even in the event of a column being temporarily offline.

Abstract: A computer-implemented method for indexing data for use by a plurality of applications may include receiving a data object at a first application of a plurality of applications. The method may include tokenizing the common-form data object to extract tokens from the data object and creating an index of the tokens extracted from the data object, the index being formatted to be utilized by each of the plurality of applications. The method may further include storing the index in a database that is accessible by the plurality of applications. The plurality of applications may comprise two or more application types. Various other methods and systems are also disclosed.

Abstract: A method for forming a digital certificate includes receiving contact information associated with the digital certificate. The contact information includes at least a name, a mailing address, and an email address. The method also includes receiving billing information associated with the digital certificate and receiving a Certificate Signing Request (CSR) for the digital certificate. The method further includes receiving a first name for use in forming the digital certificate and receiving a second name for use in forming the digital certificate. Moreover, the method includes receiving an indication of a vendor of web server software, receiving an indication of a service period for the digital certificate, and forming the digital certificate. The first name is stored in a Subject field of the digital certificate and the second name is stored in the SubjectAltName extension of the digital certificate.

Abstract: Secure, continuous, on-demand access to services provided by servers internal to a network is facilitated, while minimizing power consumption and power load spikes. Information concerning operation of the network is monitored, and a profile of the network is maintained. Internal network servers being in reduced power consumption states is tracked. Service requests from clients to internal network servers that are in reduced power consumption states are detected. In response, packets are generated to wake servers in reduced power consumption states, without requiring registration or installation of any components on the servers or clients. Frequencies are controlled at which packets are generated to wake servers, thereby minimizing sudden increases in power consumption associated with waking multiple servers. This can comprise waiting for a specific duration of time prior to generating packets, based on server profiles.

Abstract: A network authentication method, a method for a client to request authentication, a client, and a device are provided.

Abstract: A computer-implemented method for simultaneously providing multiple data protection functions may include identifying a storage appliance that provides a plurality of data protection functions to a production system. The computer-implemented method may also include identifying a splitter channel from the production system to the storage appliance. The computer-implemented method may further include creating a synchronization channel from the production system to the storage appliance. The computer-implemented method may additionally include transmitting changes made to data on the production system to the storage appliance via the splitter channel. The computer-implemented method may also include synchronizing data on the production system to the storage appliance via the synchronization channel. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: A computer system and method for installing a software product. A computer system includes a client coupled to a server. The client obtains an installation package of files to be used to install the software product and for each file, determines if there is a later file version available. The client creates a temporary folder. For each file, if a later version is not available, the client adds a link to the temporary folder that refers to the file in the installation package and if a later version of a file is available, adds a link to the temporary folder that refers to the later version of the file. The client executes an installation operation on the temporary folder. For only those files for which a later file version is available, the client may add links that refer to files downloaded from a server and stored in an update folder.

Abstract: A user's possession of synchronized data is used as an authentication factor. When the user requests an authentication configuration change, an authentication server requests the user to prove possession of synchronized data for that user. The user launches an authentication module on a client device hosting a local copy of the synchronized data. The authentication module creates a hash of the local copy and transmits the hash to the authorization server. Upon successfully verifying the received hash using a server copy of the synchronized data, the authentication server considers the user authorized and thus allows the user to make the authorization configuration change.

Abstract: A computer-implemented method may include generating a first region-of-interest identifier that represents a region of interest within an executable file at a first time. The computer-implemented method may also include receiving, at a second time, a request to scan the executable file for malware and generating a second region-of-interest identifier that represents the region of interest within the executable file at the second time. The computer-implemented method may further include comparing the first and second region-of-interest identifiers to determine that the region of interest at the second time is different than the region of interest at the first time. In addition, the computer-implemented method may include using the difference between the region of interest at the first and second times to determine whether the executable file comprises malware. Various other systems, methods, and computer-readable media are also disclosed.

Abstract: A computer-implemented method for reliably identifying controls invoked during quality-assurance reviews of user interfaces may include: 1) identifying at least one user-interface control invoked during an initial quality-assurance review of a user interface, 2) for each identified user-interface control, identifying an object-tree path that is followed when invoking the user-interface control, 3) storing the object-tree path for the user-interface control in a data structure, and then 4) using the object-tree path during a subsequent quality-assurance review to automatically identify and invoke the user-interface control.

Abstract: A system and method for logging operations of guest virtual machines are provided. An execution event is triggered, in response to a request to load a software module in a virtual machine. A processor sends an indication to a hypervisor that the software module is loaded in the virtual machine, in response to the triggering of the execution event. A security appliance accesses, using the hypervisor, a first memory location in the virtual machine, in response to the indication. A value is stored in the first memory location. The value identifies the software module. The security appliance returns the value to the hypervisor.

Abstract: A method and apparatus for providing highly available storage groups are described. In one embodiment, a method for using one or more processors to provide highly available storage groups in memory, comprising updating persistent information associated with at least one mapping between a node and at least one mailbox of a plurality of mailboxes, wherein the node owns the plurality of mailboxes and the persistent information identifies another node as a failover target for the at least one mailbox of the plurality of nodes, accessing at least one storage group that comprises the at least one mailbox, modifying the at least one mapping between the at least one mailbox and the node to bind the at least one mailbox to the other node and coupling the at least one mailbox with the other node.

Abstract: Information cluster systems and methods are presented. In one embodiment, a cluster method comprises: performing an engine process including issuing requests to bring a resource online, offline, and monitor the resources, wherein the engine process is performed by an engine; performing a resource interaction process including interacting with a resource and directing a resource to comply with the request from the engine process, wherein the resource interaction process is performed by a resource interaction agent; performing a predicate logic process including performing predicate logic operations to determine if a predicate logic condition associated with the resource is satisfied and forwarding an indication of the results of the predicate logic operations to the engine process, wherein the predicate logic process is performed by a predicate logic agent that is separate from the engine performing the engine process.