Abstract: The present invention provides a solution to the needs described above through a system and method for a business applications server. The automated system of the present invention uses a persistence framework to provide a process for saving and restoring state of business objects and for performing operations thereon, and metadata driven processes to dynamically define class properties and behavior for each class of business object, in order to control the execution of the required tasks with minimum use of redundant data input to the several applications, thereby minimizing the use of hardware resources and user input and programming effort.
Type:
Grant
Filed:
January 12, 2001
Date of Patent:
August 8, 2006
Assignee:
Saba Software, Inc.
Inventors:
Gaurav Mehra, Tejas M. Damania, Rich Ellinger, Deepak Jain, Michael L. Dufner
Abstract: In a computer telecommunications network, firewalls protect a machine or network from undesired message transmissions. In the case of a firewall employed on a user side of the wireless link, a message rejected by the firewall has already consumed the wireless resources required to transmit. A system for protecting a mobile wireless user via a firewall employed at the wired line, or ISP side, of the wireless link in a wireless network allows a specific user profile to be provided for each user that is indicative of a desired firewall configuration corresponding to the mobile user.
Abstract: A time period which is expended since a request for the authentication of the validity of a public key certificate till the authentication of the validity, is shortened. A certificate validity authentication center VC periodically searches for and verifies paths which extend from a bridge certification authority CAbridge to individual terminal admitting certification authorities CA, and it registers the paths whose verifications have held good, in a path database in association with the respective terminal admitting certification authorities CA.
Abstract: A method and arrangement for maintaining end-to-end synchronization on a telecommunications connection on which data are transmitted in frames substantially in real time and using synchronized end-to-end encryption which is synchronized by occasionally transmitting synchronization vectors in the frames, at least part of the telecommunications connection being a packet-switched connection, whereby the reproduction delay of the data to be transmitted can be increased by adding one or more extra frames to the frame sequence to be transferred and reduced by removing one or more frames from the frame sequence to be transferred, the arrangement including reproduction delay adjustment mechanisms arranged to change the reproduction delay during the data transmission at such a moment that the frame to be transferred next includes a synchronization vector.
Abstract: According to one embodiment a method is disclosed. The method includes receiving encrypted video data at a graphics controller from a microprocessor, decrypting the data at the graphics controller and rendering the data.
Abstract: A system and methods for providing distributed and dynamic network services to remote access users. One of the methods includes providing a first certificate for requesting dynamic network services by a user network entity, and at least one second certificate for requesting static network services by the user network entity. According to one method, a user of the user network entity may generate a first message to request dynamic network services from a network service provider entity. For example, the first message may include the first certificate, a digital signature generated with a private encryption key associated with the first certificate and list of network service that the user wishes to set up dynamically.
Type:
Grant
Filed:
February 22, 2001
Date of Patent:
July 4, 2006
Assignee:
3Com Corporation
Inventors:
Michael Freed, Satish Amara, Boby Joseph
Abstract: A method and apparatus for establishing authenticated network (e.g., TCP/IP) connections augments the network (e.g., TCP/IP) protocol and enables concealment of the presence of network (e.g., TCP/IP) servers on the network. One methodology uses one or more cryptographic techniques, and/or combinations of such techniques, to achieve the goal. A network (e.g., TCP/IP) connection establishment could be authenticated using both shared secret cryptographic and public key cryptographic methods. The trust between peers could be established either directly or via a trusted third party. One methodology allows network (e.g., TCP/IP) server concealment against Internet based eavesdroppers and eavesdroppers staging man-in-the-middle attacks on the local network or in the close proximity to the server. The techniques described herein may be used to protect a network (e.g., TCP/IP) server from establishing unsanctioned connections from both local and remote networks.
Type:
Grant
Filed:
August 19, 2002
Date of Patent:
June 27, 2006
Assignee:
Sowl Associates, Inc.
Inventors:
Igor V. Balabine, William G. Friedman, Ilya G. Minkin
Abstract: A paper document satchel is an ordinary piece of paper that functions as a fully functional document token repository by virtue of the data encoded in printed marks on the page. The paper document satchel provides a portable and functional way to transfer document, reference, owner, etc., information between computer systems.
Abstract: Methods, systems and computer program products which provide secure updates of firmware (i.e. data stored in a programmable memory device of a processing system) are disclosed. Updates of a programmable memory of a device may be controlled by providing an update window of finite duration during which the programmable memory may be updated. Access to the programmable memory may be based on the state of an access latch. The access latch may be set to allow access after a hardware reset of the device. An update control program may be executed to control access to the programmable memory and the latch reset to prevent access upon completion of the update control program. Verification of the update may be provided through encryption techniques and rules incorporated in certificates for application of updates to provide for selectively updating devices. Also disclosed are methods of securely providing differing functionality to generic devices.
Type:
Grant
Filed:
July 12, 2000
Date of Patent:
June 27, 2006
Assignee:
International Business Machines Corporation
Abstract: A method for calculating the arithmetic inverse of a number V modulo U, where U is a prime number, that may be used in cryptography, uses a modified extended greatest common divisor (GCD) algorithm that includes a plurality of reduction steps and a plurality of inverse calculations. In this algorithm, the values U and V are assigned to respective temporary variables U3 and V3 and initial values are assigned to respective temporary variables U2 and V2. The algorithm then tests a condition and, if the condition tests true, combines multiple ones of the plurality of reduction steps and multiple ones of the inverse calculations into a single iteration of the GCD algorithm.
Type:
Grant
Filed:
February 5, 2002
Date of Patent:
June 27, 2006
Assignee:
Matsushita Electric Industrial Co., Ltd.
Abstract: In a microprocessor, a program key for decrypting a program and a data key for encrypting/decrypting data processed by the program are handled as cryptographically inseparable pair inside the microprocessor, so that it becomes possible for the microprocessor to protect processes that actually execute the program, without an intervention of the operating system, and it becomes possible to conceal secret information of the program not only from the other user program but also from the operating system.
Abstract: In an information recording medium reproducing method, an information recording medium, a reproducing apparatus and an information recording medium managing method, a predetermined server is accessed on the basis of an address recorded in an information recording medium to issue key data from the server, and encrypted data recorded in the information recording medium are decrypted with the key data thus issued.
Abstract: The present invention provides a multicast communication system having a multicast server and a plurality of clients belonging to a multicast group. The multicast server transmits data encrypted by using a first encryption key to the clients by multicasting, and transmits the result of encrypting the first encryption key by using a second encryption key by unicasting to a client subscribed to a data distribution service, among the plurality of clients. The client subscribed to the data distribution service receives the encrypted data and the result. The client decrypts the result to obtain the first encryption key and decrypts the encrypted data using the first encryption key.
Abstract: A sensor is provided at the gateway of a local area network for successively acquiring IP packets passing through the gateway. The sensor detects various cracker attacks against the network based on the acquired IP packets. Information as to attacks detected by the sensor is given to a director which controls a firewall at the gateway of the network. Based on the given information, the director controls settings for the firewall to prevent IP packets associated with the detected attacks from entering the local area network.
Abstract: A system, method and computer program which enables the reception of chassis status by a remote management console from different types of computers servers having different implementations of intelligent platform management interface (IPMI). This system, method and computer program utilizes a platform instrumentation control GUI located in the console to request chassis status and receive chassis from the server. Further, a component instrumentation module located in the server is used to receive the chassis status request from the console and retrieve the chassis status from platform management hardware located in the sever.
Abstract: Data sequence randomization encryption system such that having supplied data sequence (X) and randomization-encryption key (Kp) generates random data sequence (Yp), so that laypersons in encryption are able to measure objectively the diffusion and confusion of the generated sequence (Yp) with the particular randomization-encryption key (Kp) which has been used. Data sequence (X) is divided into blocks (XI), each block (XI) gets into group with transformer block (WTI), generated by transformer block generator (1002) by making use of control initial block (R) and previous output block (YI), resulting in grouped block (VI), result of the group, which is encrypted by means of the device in U.S. Pat. No. 5,214,703 (204), generating output block (YI) which is supplied to transformer block generator (1002), the succession of output blocks (YI) results in output randomized-encrypted sequence (Yp).
Abstract: As an example of this invention, user data which is broken up into sectors and is scrambled for each sector using a randomly generated scramble pattern, and scramble pattern data for specifying the scramble pattern used in scrambling are recorded on a recording medium.
Abstract: A method of communicating between a portable computing device and a host computer is provided. The method typically includes storing a responsive action to be taken in the event that the portable computing device becomes missing. Typically, the responsive action is stored at a location accessible by the host computer, such as on an associated database. The method also includes registering the portable computing device as having a missing status, establishing contact between the portable computing device and the host computer via a communication network, and instructing the portable computing device to take the responsive action. The method may include before registering the portable computing device as having a missing status, receiving a report from an interest holder in the portable computing device that the portable computing device is missing, and storing the missing status in a database associated with the host computer.
Abstract: A method for embedding a message within a file may include generating a session key [305] and encrypting the session key with a public key to produce an encrypted session key [310]. The message may be encrypted with the session key to produce an encrypted message [320]. A random number generator may be seeded with the public key [335], and the encrypted session key may be embedded throughout the file in locations corresponding to random numbers produced by the random number generator [340]. The random number generator may be seeded with the session key [345], and the encrypted message may be embedded throughout the file in locations corresponding to random numbers produced by the random number generator after the seeding with the session key [355].