Abstract: A method and system for scanning a computing system network for dark matter computing systems and computing devices. The method includes establishing a communication link between a master server and at least one target scanning agent that has at least one network computing system coupled thereto, creating a scanning job for the target scanning agent, building a scanning job command based on the scanning job, sending the scanning job command to the target scanning agent, receiving scanning job results from the target agent, parsing through the received scanning job results for identifying information of hosts in the network computing system detected during the scanning job, determining which detected hosts are known hosts and which detected hosts are unknown hosts based on the identifying information, and comparing the identifying information of the unknown hosts to reference identifying information to determine which of the unknown hosts are dark matter.

Abstract: Embodiments described herein combine both glyph technologies and cryptography technologies by encrypting data with a private key of an entity tasked with issuing controlled documents, and then converting the resulting encryption as a visual glyph, such as a QR code. This permits validation of the printed document by scanning the QR code using a smartphone and decrypting using the issuing entity's public key. In some embodiments, a purpose-built software application executed by the smartphone may automatically recognize QR codes on a document presented for review and then automatically decrypt the QR code using the public key of the issuing entity. A user performing the validation may then compare the document's content with the decrypted data on the smartphone.

Abstract: A method and system for providing a plurality of host systems shared access to data files from a file server. The method includes monitoring a control file for updates, the control file located within a corresponding host directory located within the file server; receiving a request for access to a data file stored on the file server, the access request being written to the control file, the access request including a requested data file operation; performing the requested data file operation in response to the control file being updated with the access request; creating a status file in the host directory in which the requested data file operation was performed upon completion of the requested data file operation; writing status data in the status file, the status data including a result of the performance of the requested data file operation; and allowing access to the host directory in which the requested data file operation was performed in response to the status data being written to the status file.

Abstract: Systems and methods that include receiving a plurality of programs, wherein each of the plurality of programs performs at least one function. The systems and methods further include parsing the plurality of programs. The systems and methods further include generating control statements configured to create an executable file. The executable file is configured to perform the functions performed by the plurality of programs.

Abstract: A method and system for notifying a database administrator of a database deadlock, error or other critical event during a database data exchange data transformation process. The method includes receiving and saving data exchange subscription information associated with a data exchange operation between a source database and a target database, and receiving and saving notification information associated with at least one computing device of a database administrator. The method also includes capturing a critical event as the critical event occurs during the database data exchange data transformation process. The method also includes providing notification of the captured critical event, and sending a critical event notification.

Abstract: Methods and systems for operating a remote desktop client from a computing system hosting a secure boot device. In some embodiments, a method comprises initiating execution of an operating system from the computing system hosting the secure boot device, the computing system communicatively connected within a secure enterprise network, the computing system being untrusted within the secure enterprise network and based on verification of received authentication credentials, booting an operating system from the secure boot device and establishing a secure communication tunnel with a service appliance.

Abstract: A system and method for generating database independent input test data. The system includes a source database having an input and an output, a plurality of target databases each having an input and an output, a test data generator coupled to the input of the source database, and a data exchanger coupled between the output of the source database and the input of each of the target databases. The test data generator generates input test data that is database independent, and sends the generated input test data to the source database. The source database sends the input test data to the data exchanger. The data exchanger transforms the input test data into a database format compatible with at least one of the plurality of target databases. The data exchanger sends the transformed input test data to the target database for which the transformed input test data is compatible.

Abstract: A logistics management system (LMS) may include receiving, at a server, a reservation request from a requestor for an allotment on an air carrier's cargo hold for a designated route and date range; assigning, by the server, an allotment category for the requested allotment; generating, by the server, an allotment rate for the requested allotment based, at least in part, upon the designated route and the allotment category; and communicating, from the server to the requestor, the generated allotment rate.

Abstract: A SCD includes a processor configured to establish operating functions of the SCD. The SCD further includes a computer-readable medium including a setup volume and a storage volume. The setup volume is configured to store information that is decrypted. The storage volume is configured to store information that is encrypted. The setup volume includes instructions that establish at least one authentication process. The encrypted information stored in the storage volume is decrypted after completing the at least one authentication process. The SCD further includes a universal serial bus (USB) connector configured to transmit information stored in the computer-readable medium to a host or a user. The SCD further includes a battery that powers the SCD.

Abstract: A system and method for processing database transactions wherein the need for a DBMS server to convert data provided by the client from a text format to the raw storage format of the database is eliminated, thereby increasing the efficiency of the DBMS.

Abstract: Virtual machines in a network may be isolated by encrypting transmissions between the virtual machines with keys possessed only by an intended recipient. Within a network, the virtual machines may be logically organized into a number of community-of-interest (COI) groups. Each COI may use an encryption key to secure communications within the COI, such that only other virtual machines in the COI may decrypt the message. Virtual machines may be automatically provisioned with configuration information, such as the encryption keys, when the virtual machine is started. The provisioning information may be created based on a template stored on a configuration server.

Abstract: A method of communicatively connecting first and second endpoints across a NAT and/or PAT router to form an IPSec encrypted tunnel is disclosed. A message is received by the first endpoint from the second endpoint. The message includes an encrypted portion including a source port, a destination port, a source IP address, and a destination IP address. It is determined whether a table entry exists for the message. If Yes, it is determined by the first endpoint whether a NAT router and/or a PAT router is between the first endpoint and the second endpoint based, at least in part, on the table entry and the encrypted portion of the message. If Yes, an IPSec encrypted tunnel is created using IPSec transport mode for further communications between the first and second endpoints. An apparatus and a computer program product are also disclosed.

Abstract: Methods and systems for processing a database query are disclosed. An example method includes receiving a SQL database query at a database query handling server, and parsing the SQL database query to identify a database and one or more tables and columns identified by the SQL database query. The method also includes determining a query plan based on the parsed database query. At a database engine, and based on the query plan and the identified database, tables and columns, the method further includes identifying a set of data nodes implicated by the identified database, tables and columns, determining a set of reduce operations and levels at which each of the set of map-reduce operations are to execute, and passing the query plan, the set of data nodes, and the map-reduce operations to a map-reduce query execution framework. The map-reduce query framework returns records as query results to the client system.

Abstract: A system for providing a system for providing network communications organized using communities of interests defined by a common encryption key. IoT devices are located at the edge of a network while providing secure and isolated communications for its applications and data through a common network infrastructure. The system's functionality provides the IoT network with secure communications to obtain data from devices by host applications over public networks. The data may be organized and segmented in a manner that isolates and protects the data with only authorized applications gaining access the data to see its existence and read its contents.

Abstract: A system and method for monitoring and correcting device operating states during steady-state operations may be automated. The operating states for devices operating in a steady-state environment may be monitored. Any operating device that is set to operate in an unexpected operating state may be automatically changed to its expected operating state. The operator may then be warned of any incorrect state assignment through a console message that cannot be ignored by the operator.

Abstract: Systems and methods for improving the handing of communications between network applications in a computer system with connectivity services interfaces that seamlessly handle the communications in an easy-to-use, secure, message-oriented environment are disclosed. Embodiments of systems and methods for maintaining ownership of sessions by applications, and for avoiding the orphaning of communication sessions when activities are terminated are also disclosed. Also disclosed are embodiments of systems and methods for accessing data using authentication credentials different than the authentication credentials associated with a user that is requesting access to the data. Embodiments of systems and methods for authenticating credentials for establishing a secure communication connection between applications executing on different platforms are also disclosed.

Abstract: Systems and methods for automatically resuming commissioning of a partition image after a halt in the commissioning process are disclosed. Embodiments may include initiating a commissioning of a partition image. Embodiments may also include updating metadata associated with the commissioning of the partition image after each successfully executed step of the commissioning process. Embodiments may further include identifying a halt in the commissioning process and resuming, after the halt has been identified, the commissioning process from the last successfully executed step of the commissioning process stored in the metadata during the most recent update of the metadata.

Abstract: A system for configuring a plurality of security devices is provided. The system is configured to automatically generate one or more policy definition files and use the files to integrally control security configurations for a plurality of security devices in one or more networks. The system includes a security control module and one or more policy agent modules. The security control module converts security parameters to the one or more security policy definition files. The policy agent modules receive the security policy definition files and extract a plurality of policy configuration parameters from the security policy definition file. The plurality of policy configuration parameters is passed to the associated security devices. The security control module maintains communication with other components in the system, such as a checking module and a reporting module.

Abstract: Methods and systems for managing I/O requests in a secure storage appliance are disclosed. One method includes receiving a plurality of I/O requests at the secure storage appliance, each I/O request associated with a block of data and a volume, each volume associated with a plurality of shares stored on a plurality of physical storage devices. The method further includes storing a plurality of blocks of data in buffers of the secure storage appliance, each of the blocks of data associated with one or more of the plurality of I/O requests. The method also includes associating a state with each of the blocks of data, the state selected from a plurality of states associated with processing of an I/O request.

Abstract: A method and apparatus for embedding a data message in a carrier object using steganography. The method provides a secret key and determines an indicator channel from a plurality of color channels in the carrier object, wherein the indicator channel is the color channel in the carrier object that has a maximum number of different pixel values in the carrier object. The method generates a sorted indicator channel value array based on the channel values and the frequency of occurrence of each value of the indicator channel in the carrier object. For each indicator channel value in the sorted indicator channel value array, the method iterates through the carrier object to determine the pixel in the carrier object whose indicator channel value is the same as the current indicator channel value in the sorted indicator channel value array.