Abstract: A method is described of adding a wireless device to a secure wireless local area network (WLAN) that is secured by a wireless network security key. A computer that is independent of the wireless device receives a device key specific to the wireless device, and generates encrypted data by encrypting, using the device key, the wireless network security key. The computer transmits, to the wireless device, a first packet over the WLAN. The first packet includes a multicast address, which includes at least a portion of the encrypted data. The method includes, in response to the wireless device receiving the first packet, decrypting the encrypted data received in the first packet to obtain the wireless network security key. The method includes the wireless device transmitting and receiving encrypted payloads over the WLAN, wherein the encrypted payloads are encrypted using the wireless network security key.

Abstract: Embodiments herein change the way item syncing is handled and tracked between two devices. Changes to items are tracked in accordance with well defined property groups and each group is tracked independently of the other. For example, one group could contain large data items, e.g., attachments, while another group could include highly volatile properties like a follow-up flag. The present invention increases the sync rates between a client and a server by syncing only select portions of an item that have changed, without monitoring the change of each individual property within the item. Accordingly, if a change is made to a small data property (e.g., follow-up flag) on a relatively large email message, such change will not trigger a large download to a client running under a cached mode, nor will there be a requirement for high storage and processing for tracking each individual property.

Abstract: Systems and methods for connecting new stations to a secure network. New stations can send connection requests to a headend device. The headend device can retrieve a device access key associated with the new station and can provide a network membership key to the new station based upon authentication of the new station using the device access key.

Abstract: In one embodiment, a first network device may receive a request for an identifier of at least one target to service a client. The first network device may obtain an identifier of each of two or more targets. The first network device may then determine whether to redirect the request. The first network device may redirect the request to a second network device according to a result of the determining step, where the first network device is in a first autonomous system and the second network device is in a second autonomous system.

Abstract: A method begins with a processing module receiving a search parameter. The method further includes the processing module searching for a data object stored in the DSN based on the search parameter. The searching begins by determining a data segment of the data object. The searching continues by retrieving a plurality of slices corresponding to the data segment and regenerating the data segment therefrom. The searching continues by determining when the data segment satisfies the search parameter. The searching continues by retrieving the data object from the DSN when the data segment satisfies the search parameter.

Abstract: Methods and systems for authenticating a user and a consumer electronic device (CED) to a financial services provider (FSP) for purposes of communications initiated from the device and needing security, such as purchases and financial transactions, are provided. The FSP may compile information about a user's behavior from various sources, both public and private, including the CED. The information may be of a stochastic nature, being gathered by sampling user data and behavior at chosen times. The information may include indicators of user behavior—such as the user using the device to check various accounts and web-pages—and data from the device—such as GPS location. Based on the compiled stochastic information, and using a sliding scale, a throttling mechanism, acceptance variation, and pinging information, the FSP can compare current information from the device with what is known about the user and the device to provide a more accurate and reliable authentication process.

Abstract: Various embodiments of a system and method for backing up a plurality of copies of a file are described. A first copy of the file may be owned by a first user, and a second copy of the file may be owned by a second user. The file is split into a plurality of segments, and each segment is encrypted with a respective segment key. Each encrypted segment is transmitted to and stored on a server computer system. De-duplication techniques are used to ensure that only a single instance of each encrypted segment is stored. The segment keys used to encrypt the file segments are also stored on the server computer system in an encrypted form. De-duplication techniques may be utilized so that only a single instance of the encrypted segment keys is stored.

Abstract: A method that protects a confidentiality and an integrity of information in a secure object from other software on the system, said secure object comprising information that is cryptographically protected from the other software on the system, said method includes decrypting and integrity-checking information in the secure object as said information is brought into a cache from external memory.

Abstract: A system, method and computer program product for implementing network connection failover during application service interruption. While the application is quiesced, a network socket that terminates a network connection to a network peer is maintained on behalf of the application. The socket's network connection state information is sustained by providing acknowledgements of incoming network traffic to the network peer that prevent the peer from terminating the connection. Upon restart, the application is brought up with a blocked socket. The state of the blocked socket is conformed to a current network connection state of the original socket and the blocked socket is unblocked.

Abstract: A hybrid cloud environment is provided where a user of cloud computing services is disposed to consume cloud provided services delivered by each of a plurality of cloud computing service providers. Specified event data is received at an MCS component. The event data pertains to metering events related to the cloud provided services delivered by one or more cloud service providers. Event data include event data furnished by one or more entities that actively monitor metering events at one or more local or remote cloud service provider locations. Event data are sent from the MCS component to a metering system. The metering system generates reports from the event data that contains usage information on services provided by one or more cloud service providers. Information for a provider specifies amounts and quality of each type of service delivered to users by the provider.

Abstract: Techniques for measuring above-the-fold (ATF) page rendering are provided. Visible objects for an ATF portion of a browser page are identified. A start and end time for each visible object is recorded. Furthermore, a total elapsed time to finish loading each of the visible objects to the ATF portion of a browser is determined.

Abstract: A method for delivering media content includes receiving a request identifying a requested media file. The method also includes, in response to receiving the request, accessing the requested media file. The requested media file includes media content in a first format. The method further includes generating a modified media file based on the requested media file. The modified media file includes media content in a second format. Additionally, the method includes generating an auxiliary file associated with the modified media file. The auxiliary file includes a plurality of content records associated with different portions of the media content in the modified media file and indicating a location of the associated portion. Each content record includes information to facilitate transmission of the associated portion of the media content to a remote client prior to the modified media file being completely generated.

Abstract: In some embodiments an accelerometer is mechanically coupled to a first device. The accelerometer obtains a vibration profile in response to a relative movement of the first device and a second device. A radio transmits an encrypted version of the vibration profile to the second device and receives an encrypted version of a vibration profile from the second device. A processor sets up a secure channel between the radio and the second device in which to exchange keys with the second device in order to decrypt the received encrypted vibration profile. The processor also decrypts the received encrypted vibration profile in response to at least one of the exchanged keys, compares the transmitted vibration profile with the received vibration profile and allows a sharing of resources with the second device if a match occurs between the transmitted vibration profile and the received vibration profile. Other embodiments are described and claimed.

Abstract: Determining at least one resource node for deployment of an application in a system having a plurality of compute and storage resource nodes includes determining criteria for nodes based on a policy provided for the application, pruning nodes that do not meet a criteria for deploying the application to provide a plurality of remaining nodes, determining a cost of deploying the application on each of the plurality of remaining nodes, where the cost is based on a metric associated with the application, and selecting for deployment a node having a lowest cost. The application may be a vApp that includes a plurality of virtual machine images. The nodes may be interconnected by communication links having associated therewith costs of moving the application from one node to another.

Abstract: Methods and systems for protecting the privacy of a user of a communication system that include enabling a first user to block a second user so that the first user generally appears to the second user to be unavailable. The method includes allowing a third user to establish a group that includes the first user and the second user. The group may be any sort of group that involves communication among three or more users. For example, the group may be an instant message group, voice chat, conference call, video conference, or any other suitable group communication. The method also enables a blocked user to be temporarily unblocked so as to prevent his blocking decision to be revealed to the blocked user.

Abstract: Techniques for utilizing trusted hardware components for mitigating the effects of equivocation amongst participant computing devices of a distributed system are described herein. For instance, a distributed system employing a byzantine-fault-resilient protocol—that is, a protocol intended to mitigate (e.g., tolerate, detect, isolate, etc.) the effects of byzantine faults—may employ the techniques. To do so, the techniques may utilize a trusted hardware component comprising a non-decreasing counter and a key. This hardware component may be “trusted” in that the respective participant computing device cannot modify or observe the contents of the component in any manner other than according to the prescribed procedures, as described herein. Furthermore, the trusted hardware component may couple to the participant computing device in any suitable manner, such as via a universal serial bus (USB) connection or the like.

Abstract: Operating systems can be constructed through working “in the clouds” without dependence on a specific piece of hardware. Over the Internet, an operating system is constructed based on received requests. Received requests disclose modules that are to be added to the operating system and these modules are added. A constructed operating system can be tested in context of a web server and then downloaded to an electronic device. The electronic device boots the operating system from virtual hard disk by utilization of bare metal deployment and/or non-metal deployment.

Abstract: A solution for managing communicative interactions between network elements is described herein. A system incorporating teachings of the present disclosure may include a processor module that monitors communications between a program resident on a user machine and a server program resident on a computing device remote from the user. The processor module may be utilized to effectively reduce the processing overhead of a server program and the number of communications actually transmitted between the client program and the server program. For example, the processor module may intercept certain client or server initiated communications intended for the server or client program and process those communications internally. The results of the processing which may require an updating to all object groups which may be associated with client programs. The updating of said client programs is then executed without server program involvement.

Abstract: Automated secure registration techniques for communication devices are provided which address the problem of allowing multiple clients to gain access to one system, and thus provide a solution to the “reverse single sign-on” problem. For example, a method for registering a group of two or more communication devices in a communication network comprises the following steps. A group challenge message is sent from a network device to the group of two or more communication devices. The network device receives one or more response messages to the group challenge respectively from one or more of the group of two or more communication devices, wherein the response message from each of the responding communication devices in the group comprises a group credential corresponding to the group.

Abstract: An approach is provided for service provider controlled communication security. A security platform receives a connection request from a client device. The security platform determines context information associated with the device, access network, a user of the device, or a combination thereof, and then processes and/or facilitates a processing of the context information to determine one or more encryption ciphers to offer for the session. Next, the security platform causes, at least in part, establishment of the connection request using, at least in part, the one of the offered encryption ciphers.