Abstract: A method for creating an application cluster virtual node. The method may comprise identifying a plurality of nodes associated with an application cluster. The method may also comprise creating a virtual node that is associated with each node in the plurality of nodes. The method may comprise providing a data protection server with access to at least one node in the plurality of nodes. The access may be provided through the virtual node. A computer-readable medium is also disclosed.

Abstract: The disclosed computer-implemented method for secure hybrid third-party data storage may include (1) identifying, at a trusted proxy system, an access request from a client system to access an encrypted file stored under a user account at a third-party storage system, where the requested access requires decryption of the encrypted file, (2) retrieving, from the third-party storage system, (i) the encrypted file and (ii) a decryption key that has been encrypted with a client-side key, where an asymmetric key pair designated for the user account includes an encryption key and the encrypted decryption key, (3) receiving, at the trusted proxy system, the client-side key, (4) decrypting, at the trusted proxy system, the decryption key with the client-side key, and (5) using the decryption key to access an unencrypted version of the encrypted file at the trusted proxy system. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: Information migration systems and methods are presented. In one embodiment, a cloud information migration method comprises: performing a migration interpretation process, including interpreting migration initiation information; performing a migration information retrieval process to automatically retrieve information in a first configuration from a first cloud vendor in accordance with the migration initiation information; performing a migration information configuration process, including automatically converting the retrieved information in a first configuration to information in a second configuration, wherein the second configuration is compatible with a second cloud vendor; and performing a migration information forwarding process to automatically forward the information in a second configuration to the second cloud vendor in accordance with the migration initiation information.

Abstract: Techniques for managing disaster recovery sites are disclosed. In one particular embodiment, the techniques may be realized as a method for managing disaster recovery sites comprising generating a heartbeat at a first node, transmitting the heartbeat from the first node to a second node, determining whether a network connection between the first node and the second node has failed, determining whether the second node has received an additional heartbeat from the first node, and changing a state of the secondary node based on the determination of whether the second node has received the additional heartbeat.

Abstract: A computing device determines counts of documents that are similar to a reference document for a set of similarity ratings. Each similarity rating is based on a number of co-occurring terms between the reference document and corresponding similar documents. The computing device present the reference document and a GUI element pertaining to the documents similar to the reference document in a graphical user interface (GUI). Upon a selection of the GUI element, the computing device presents a visual representation of a correlation between the counts of similar documents and the similarity ratings in the GUI. The visual representation is provided prior to displaying at least one of the similar documents.

Abstract: A computer-implemented method for managing access-control groups. The method may include (1) tracking users' access patterns to one or more shared resources, (2) analyzing the users' access patterns to identify a cluster of users who exhibit similar access patterns to the one or more shared resources, (3) identifying a preexisting access-control group to which one or more of the users is assigned, (4) comparing the preexisting access-control group to the cluster of users, and (5) organizing, based on the comparison, one or more of the users into one or more access-control groups. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: A method and system for merging files of multiple volumes in a data store to a single merged volume. The method includes creating one or more snapshots of one or more volumes of a data store of a first system. Files in the one or more snapshots are merged into a merged volume. The merged volume is mounted and stored in a second system.

Abstract: A computer-implemented for protecting user accounts may include: 1) identifying a credential that a computing device uses to log in to a user account of an online system, where the online system is configured to perform an adverse security action in response to a number of failed attempts to log in to the user account, 2) determining that an old version of the credential is no longer valid for logging in to the user account and that a new version of the credential is required to log in to the user account, and 3) taking a remedial action that prevents the adverse security action in response to determining that the old version of the credential is no longer valid. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: A computer-implemented method for verifying user identities may include (1) identifying a request to ascertain whether a user account corresponds to a physical person, and, in response to the request, (2) identifying a password vault configured to store login information for at least one third-party Internet site for the user account, the third-party Internet site requiring a physical validation factor to log in to the third-party Internet site, (3) determining, based at least in part on the login information for the third-party Internet site, that the user account corresponds to the physical person, and (4) responding to the request with an indicator that the user account corresponds to the physical person. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: A computer-implemented method for responding to security breaches may include (1) receiving a notification that a service provider has experienced a security breach, (2) identifying a first user account that is potentially affected by the security breach by identifying an account management database that stores users' account information for a plurality of different service providers and searching the account management database for user accounts associated with the service provider that experienced the security breach, and (3) performing, for the first user account that is potentially affected by the security breach, a security action that addresses the security breach. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: A computer-implemented method for distributing replication tasks within computing clusters may include (1) identifying a primary volume that is replicated to a secondary volume, (2) identifying a computing cluster with access to the primary volume that includes at least a first node and a second node, (3) receiving a request to write data to the primary volume, (4) logging, via the first node, the request to write the data to the primary volume to a replication log, and (5) using the replication log to replicate, via the second node, the data to the secondary volume. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: Unauthorized uses of embedded objects in websites are detected, in order to protect users from phishing sites using cloned copies of such objects. Authorized parties register objects for use at legitimate locations (e.g., specific IP address ranges or domains). When a client computing device accesses a website, the objects in the website are checked against the registered objects, to determine whether the objects are registered for use by the site being accessed. Depending upon trust status information concerning the objects, the access of the website can be permitted or blocked, or the user can be warned about questionable or un-trusted embedded objects. Additionally, the party that registered an object can be notified, in the case of an indication of unauthorized use of the object by a website.

Abstract: A method of creating a synthetic backup set which can be used as a baseline for subsequent incremental backup or for the restoration of a data volume. The method includes copying a first data object from a first backup set to a memory media for storing the synthetic backup set, and copying a second data object from a second backup set to the memory media. The second data object is copied to the memory media when both the first and second backup sets are open for read access. In one embodiment, the first backup set data of data objects is stored on a first magnetic tape, and the second backup set data of data objects is stored on a second magnetic tape. When the second data object is copied to the memory media, the first and second magnetic tapes are simultaneously mounted on first and second tape drives, respectively.

Abstract: Selective projection of user interface elements between a host and a plurality of guests is provided according to a configurable policy. User interface elements generated by guests and/or the host are captured. It is determined whether to project captured elements into the user interface with which the user is currently interacting, based on the policy. In some cases, it is determined to project a captured element originating from a first user interface into a second user interface with which the user is currently interacting, based on factors such as source, destination, element attributes, element contents and/or element type. Responsive to such a determination, the captured element is projected into the current user interface, thereby presenting the projected element to the user.

Abstract: A query is received from a client device regarding an object. The query includes an identifier of the object and a set of associated usage attributes describing a usage of the object on the client device. A set of usage facts associated with the identified object is identified. The set of usage facts describe typical usages of the object on a plurality of client devices. A determination is made whether the usage of the object on the client device is suspicious based on the set of usage facts associated with the object and the set of usage attributes included in the query. A report is provided to the client device based on the determination.

Abstract: A method for merging virtual layers may include creating a virtual merger layer. The method may further include identifying a first virtual layer to be added to the virtual merger layer, the first virtual layer being programmed to execute within a process space of the first virtual layer. The method may also include identifying a second virtual layer to be added to the virtual merger layer, the second virtual layer being programmed to execute within a process space of the second virtual layer that is distinct from the process space of the first virtual layer. The method may also include linking the first and second virtual layers to the virtual merger layer such that when the virtual merger layer is activated, the first and second virtual layers execute within a process space of the virtual merger layer. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: A preferred node is selected for a specific functional role in a cluster. Dynamic and static parameters concerning the nodes are measured, including connectivity to shared storage. A user preference value is gleaned for each node, quantifying the user's preference of each corresponding node for the functional role. A preference rating is calculated for each node, based on the measured parameters and the gleaned user preference value. The preference rating indicates the node's suitability for the specific functional role, relative to the other nodes. Connectivity to shared storage in the cluster can be weighted more heavily than other parameters. Examples of specific functional roles in the cluster include becoming the master node, becoming a failover target for a specific application, or remaining in operation with access to shared cluster storage, in response to an occurrence of split brain.

Abstract: A graphical payment identifier is used to facilitate the automatic processing of an electronic payment. A graphical identifier payment system receives a request from a payment processing entity for a onetime use graphical payment identifier. In response, a onetime use graphical payment identifier to be displayed by the payment processing entity is generated. A request for user payment information by the payment processing entity is encoded in the graphical payment identifier, which is transmitted to the payment processing entity for display. The graphical payment identifier being displayed by the payment processing entity is captured by a registered user operated computing device. In response, the requested user payment information is transmitted to the payment processing entity, such that the electronic payment is executed automatically, without the user manually entering the requested payment information or providing a credit card.

Abstract: Techniques for providing data in dynamic account and device management are disclosed. In one particular exemplary embodiment, the techniques may be realized as a system for providing data in dynamic account and device management. The system may comprise one or more processors communicatively coupled to a network. The one or more processors may be configured to identify a user device to be managed. The one or more processors may be configured to transmit a request for delegate authority to manage the user device. The one or more processors may be configured to receive delegate authority to manage the user device. The one or more processors may be configured to provide network access to the user device. The one or more processors may also be configured to manage the user device and monitor data communicated to and from the user device.

Abstract: A computer-implemented method for injecting code into an application is described. In one embodiment, a metadata pointer is identified. The metadata pointer points to a first metadata section in an application startup file. The first metadata section includes application metadata. A second metadata section is created in the application startup file. The application metadata is copied to the second metadata section. The second metadata section includes copied application metadata. The copied application metadata in the second metadata section is modified. The metadata pointer is updated to point to the second metadata section.