Abstract: A dynamic network security system (20) responds to a security attack (92) on a computer network (22) having a multiplicity of computer nodes (24). The security system (20) includes a plurality of security agents (36) that concurrently detect occurrences of security events (50) on associated computer nodes (24). A processor (40) processes the security events (50) that are received from the security agents (36) to form an attack signature (94) of the attack (92). A network status display (42) displays multi-dimensional attack status information representing the attack (92) in a two dimensional image to indicate the overall nature and severity of the attack (92). The network status display (42) also includes a list of recommended actions (112) for mitigating the attack. The security system (20) is adapted to respond to a subsequent attack that has a subsequent signature most closely resembling the attack signature (94).

Abstract: The invention enables a peripheral device to communicate with a host computing device to enable one or more security operations to be performed by the peripheral device on data stored within the host computing device, data provided from the host computing device to the peripheral device (which can then be, for example, stored in the peripheral device or transmitted to yet another device), or data retrieved by the host computing device from the peripheral device (e.g., data that has been stored in the peripheral device, transmitted to the peripheral device from another device or input to the peripheral device by a person). In particular, the peripheral device can be adapted to enable, in a single integral peripheral device, performance of one or more security operations on data, and a defined interaction with a host computing device that has not previously been integrated with security operations in a single integral device. The defined interactions can provide a variety of types of functionality (e.g.

Abstract: An apparatus, system and method permitting a variety of reset procedures and corresponding reset states. A device reset control register is provided for each I/O device adapter in single function or multifunction devices. The device reset control registers permit a greater degree of control over single function devices, multifunction device as a whole and individual device functions within a multifunction device. A device immediate status register synchronizes the various reset procedures. A logical power on reset procedure, a directed unit reset procedure and a directed interface reset procedure utilize the greater degree of control that the device reset control registers provide to force the I/O device adapter, single function device or multifunction device into a corresponding logical power on reset state, a directed unit reset state or a directed interface reset state.

Abstract: A human-oriented object programming system (HOOPS) and its debugger provide an interactive and dynamic modeling system to assist in the incremental generation of symbolic information of computer programs that facilitates the development of complex computer programs such as operating systems and large applications with graphic user interfaces (GUIs). A program is modeled as a collection of units called components. A component represents a single compilable language element such as a class or a function. One major functionality built in HOOPS is the debugger, using symbolic properties. The database stores the components and properties. The debugger, using a GUI, displays to the user the execution state of the program. To display the execution state in terms of the programmer's source code, the debugger demands retrieval and/or generation of the symbolic properties of the program.

Abstract: A plurality of client apparatuses, which issue a request to obtain a control privilege, are registered in a camera control queue provided to obtain the control privilege of controlling an image sensing apparatus. When it is detected that one of the plurality of client apparatuses registered in the queue has issued a control request to control the image sensing apparatus, it is determined whether or not the client apparatus who has issued the control request possesses the control privilege. If the client apparatus does not possess the control privilege, it is determined whether or not shifting of the control privilege should be executed based on a control-privilege possessing time of a client apparatus which currently has the privilege. When it is determined that shifting of the control privilege should be executed, contents of the queue is updated, whereby shifting the camera control privilege.

Abstract: The present invention has been made in consideration of thin devices efficiently communicating ideas and transactions into data networks by using other devices with full functional user interface in the networks. According to one aspect of the present invention, the thin device exclusively controls the authentication of a rendezvous that is associated with a user account in a server. The thin device running a micro-browser provisions the rendezvous with a set of credential information in an authenticated and secure communication session so that the provisioning process is truly proprietary. To access the user account, the other devices equipped with well known browsers must submit the correct credential information to the rendezvous for verification in the server.

Abstract: Techniques and testers for testing a system U including the steps of (a) defining a formal specification of a logical property P that system U is required not to satisfy; (b) generating a passive testing module T based upon property P to monitor system U; (c) invoking a function F at specific invocation points during the execution of system U to compute an abstract representation of the state of system U at the current point of execution; (d) passing the abstract representation computed by function F to passive testing module T in order to determine whether the abstract representation of the execution of system U to the current point matches illegal property P; and (e) declaring a "fail" result if the abstract representation of the execution of system U to the current point matches illegal property P and declaring a "pass" result if the abstract representation of the execution of system U to the current point does not match illegal property P.

Abstract: Apparatus, and accompanying methods for use therein, for an ISDN LAN modem (300) (and various aspects thereof) that is particularly, though not exclusively, suited for small user environments and which contains an internal ISDN router (305) having a self-contained network hub (340) for inter-connecting multiple network devices, such as workstations (10), to each other through a local area network (LAN) and for permitting each of those devices to each gain access through the router to any one of a number of different remote networks. Advantageously, to facilitate and simplify its configuration, the LAN modem automatically adapts itself to a current network environment of a workstation connected thereto, via the LAN, and then communicates with that workstation through a browser executing thereat to obtain configuration information from a user situated at the workstation.

Abstract: A method is described for providing fault tolerance within a computer system. The method allows multiple network interface cards to reside within the same computer system. If a primary network interface card fails, a secondary network interface card automatically begins managing the network communications. In addition, a method of load-sharing data transmissions between each network interface card installed in a server computer is described.

Abstract: A monitor system for computer equipment under test comprising a system monitor in communication with a storage element and a status indicator. The system monitor scans video memory for values indicative of a pass, fail or test in progress condition. The system monitor also determines if the computer equipment has failed to respond to testing resulting in a locked up "frozen" condition. The status indicator communicates with an external port of the computer equipment to receive and display signals from the system monitor indicative of the test status. In addition, when the computer equipment fails to respond to testing, the system monitor communicates with a storage element to capture detailed information related to the condition of the computer equipment. The storage element may reside within the computer equipment under test or may be distributed across a local or wide area network in communication with the computer equipment under test.

Abstract: A multi-node computer network includes a plurality of nodes coupled together via a data link. Each of the nodes includes a local memory, which further comprises a shared memory. Certain items of data that are to be shared by the nodes are stored in the shared portion of memory. Associated with each of the shared data items is a data structure. When a node sharing data with other nodes in the system seeks to modify the data, it transmits the modifications over the data link to the other nodes in the network. Each update is received in order by each node in the cluster. As part of the last transmission by the modifying node, an acknowledgement request is sent to the receiving nodes in the cluster. Each node that receives the acknowledgment request returns an acknowledgement to the sending node. The returned acknowledgement is written to the data structure associated with the shared data item.

Abstract: A user is authenticated at a client machine running a native operating system. Authentication may be effected from one or more non-native server domains including, without limitation, a Server Message Block (SMB) server domain, a DCE Cell, or some other non-Windows NT server domain. Following successful authentication, a user account is dynamically established or updated at the client by retrieving from the server user information and a set of "group" privileges associated with the authenticated user. A "user profile" is retrieved from the non-native server domain and used to establish at the client a user desktop and any preferences associated with the user.

Abstract: A method and system for creating and administering certificates digitally signed by a trusted entity (certificate authority) to ensure that certificated transactions are authenticated as that of a particular entity. Requests for a certificate, along with verification information, are directed to the certificate authority, where they are held and accessed by an entity having verification responsibilities (registration authority) and approved or disapproved.

Abstract: A timing edge forming circuit includes a pattern generator for generating address data, a rate signal and pattern data, a first logic delay circuit for generating first delay time data by the address data wherein the first delay time data includes a first multiple delay time which is an integer multiple of one cycle of the clock signal and a first fractional delay time which is smaller than one cycle of the clock signal, and for sending an enable signal in synchronism with the clock signal which is delayed by the first multiple delay time and the first fractional delay time, a logic delay control circuit for adding the first fractional delay time to skew data to form second delay time data, a second logic delay circuit for providing a second multiple delay time in the second delay time data which is an integer multiple of one cycle of the clock signal to the enable signal, and for producing a second fractional delay time which is smaller than one cycle of the clock signal, a variable delay circuits for provid

Abstract: A method of authenticating a user of a Windows NT client normally configured against an account held at a Windows NT server. The method begins in response to a logon request at the client. In particular, the user is provided with an option to select a server domain from a set of one or more native Windows NT server domains and/or non-native server domains for authentication. The list of native and/or non-native server domains is compiled by an administrator (e.g., during installation) or by the user (at logon). In response to user selection of the server domain, a connection is then established between the Windows NT client and the server domain. The user is then authenticated at the server domain. Following successful authentication of the Windows NT client at the server domain, a Windows NT user account is then established and maintained at the client.

Abstract: Scan chains to support debugging and manufacturing test modes for integrated circuit chips are made adaptable. Scan chains may be configured either in a multiple scan chain JTAG mode or in a multiple independent and parallel scan chain mode. The configuration transition between the scan modes is made by private instructions implemented in a JTAG controller, which supports the IEEE 1149.1 standard.

Abstract: A method and apparatus for reverting a disk drive to an earlier point in time is disclosed. Changes made to the drive are saved in a circular history buffer which includes the old data, the time it was replaced by new data, and the original location of the data. The circular history buffer may also be implemented by saving new data elements into new locations and leaving the old data elements in their original locations. References to the new data elements are mapped to the new location. The disk drive is reverted to an earlier point in time by replacing the new data elements with the original data elements retrieved from the history buffer, or in the case of the other embodiment, reads to the disk are mapped to the old data elements stilled stored in their original locations. The method and apparatus may be implemented as part of an operating system, or as a separate program, or in the controller for the disk drive. The method and apparatus are applicable to other forms of data storage as well.

Abstract: A reset signal is asserted to a processor. In response to the reset signal, the processor normally performs an instruction fetch cycle to a predetermined address. If the processor fails to perform the instruction fetch cycle or fails to perform the fetch cycle to the predetermined address within a predetermined period of time, an indication is provided that the processor reset has failed.

Abstract: A memory device includes an output data path that uses single-ended data in conjunction with a flag signal. The output data path transfers data from an I/O circuit coupled to a memory array to an output tri-state buffer. A comparing circuit compares data from the I/O circuit to a desired data pattern if the data does not match the desired pattern outputs the flag signal. The flag signal is input to the output buffer and the output buffer outputs a tri-state condition on the data bus. Since the flag signal corresponds to more than one data bit, the tri-state condition of the output buffer is held for more than one tick of the data clock, rather than only a single tick. Consequently, the tri-state condition remains on the bus for sufficiently long that a test system can detect the tri-state condition even at very high clock frequencies.

Abstract: The present invention discloses a system and method to evaluate intrusive repair. The method and system is based on analyzing data from the field and drawing causal diagrams (cause-consequence diagrams). In an aspect of the present invention, a method and system for evaluating intrusive repair for a class of devices comprises providing a threshold time window for analyzing failure data. The system and method further includes utilizing a causal diagram based on the analysis of the failure data for the class of devices to indicate the probability of intrusive repair. In the present invention, two measures are defined to evaluate intrusive repair--intrusivability and one-fixability. Intrusivability is defined as the probability that a repair action will cause a new fault. One-fixability is defined as the probability that the diagnostic process will fix the fault on the first repair attempt. Both of these measures are determined by using the causal diagram in accordance with the present invention.