Abstract: A cloud-based secure Web gateway, a cloud-based secure Web method, and a network deliver a secure Web gateway (SWG) as a cloud-based service to organizations and provide dynamic user identification and policy enforcement therein. As a cloud-based service, the SWG systems and methods provide scalability and capability of accommodating multiple organizations therein with proper isolation therebetween. There are two basic requirements for the cloud-based SWG: (i) Having some means of forwarding traffic from the organization or its users to the SWG nodes, and (ii) Being able to authenticate the organization and users for policy enforcement and access logging. The SWG systems and methods dynamically associate traffic to users regardless of the source (device, location, encryption, application type, etc.), and once traffic is tagged to a user/organization, various polices can be enforced and audit logs of user access can be maintained.

Abstract: The present disclosure relates to cloud based mobile device management (MDM) systems and methods to use the “cloud” to pervasively manage mobile devices. The cloud based MDM systems and methods provide an ability to manage mobile devices with or without MDM clients while no requiring an MDM appliance or service at the enterprise. This provides a “no hardware, no software” deployment. In an exemplary embodiment, a client-less implementation leverages the ActiveSync protocol proxied through distributed cloud nodes to enforce mobile policies. In another exemplary embodiment, a client-based implementation uses a platform specific application and associated application programming interfaces (API) to connect managed mobile devices and provide MDM features through the cloud. Advantageously, the cloud based MDM systems and methods provide reliability and resiliency, elasticity, lower cost, mobility, integration of management and security, and agility over conventional MDM based solutions.

Abstract: Systems and methods of integrating log data from a cloud system with an internal management system are described, wherein the cloud system is located externally from a secure network which contains the internal management system. The systems and methods include receiving log data from a cloud system through a secure connection between the secure network and the cloud system; buffering the received log data; filtering the buffered, received log data; and transmitting the filtered, buffered, received log data to the internal management system in a format associated with the internal management system.

Abstract: A technique for storing binary large objects (BLObs) in a distributed key-value storage system is disclosed. In an embodiment, the storage of BLObs involves dividing the BLObs into smaller “BLOb chunks” and storing the BLOb chunks in storage nodes of the distributed key-value storage system. A BLOb is first associated with a key, referred to as a “BLOb key,” and each subsequent BLOb chunk is associated with a different unique key, referred to as a “BLOb chunk key.” A list of the BLOb chunks keys is maintained and all of the BLOb chunks of the BLOb can be retrieved from the distributed key-value storage system using the BLOb chunks key list.

Abstract: A system includes an enterprise network including an internal management system communicatively coupled thereon, the enterprise network includes security and the internal management system is disposed behind the security; a cloud system external to the enterprise network and communicatively coupled to the enterprise network, at least one user associated with the enterprise network is configured to communicate through the cloud system for cloud-based services, and the cloud system is configured to log data associated with the at least one user for the cloud-based services; and an external service bridge located in the enterprise network behind the security, the external service bridge is configured to securely communicate with the cloud system to receive the log data and to communicate with the internal management system to provide the log data thereto.

Abstract: The present disclosure provides systems and methods for mobile application security classification and enforcement. In particular, the present invention includes a method, a mobile device, and a distributed security system (e.g., a “cloud”) that is utilized to enforce security on mobile devices communicatively coupled to external networks (i.e., the Internet). Advantageously, the present invention is platform independent allowing it to operate with any current or emerging mobile device. Specifically, preventing malicious applications from running on an end user's mobile device is challenging with potentially millions of applications and billions of user devices; the only effective way to enforce application security is through the network that applications use to communicate.

Abstract: This invention describes systems and methods for combining the Wireless Local Area Network (WLAN) infrastructure and Wireless Intrusion Prevention Systems (WIPS) by leveraging a common radio platform equipped with more than one WLAN radio and a unified management system. The invention provides all the benefits of the WLAN, without sacrificing the 24×7 dedicated security monitoring and performance troubleshooting available from an overlay WIPS system, while reducing the deployment cost and management complexity, by sharing a common hardware platform for the WLAN Access Point (AP) and WIPS sensor and leveraging an integrated management system.

Abstract: A screw is configured to be inserted into an aperture of a plate. The screw comprises a head, a neck that extends distally from the head and having a diameter, a shoulder that extends distally from the neck and has a diameter, and a shaft that extends distally from the shoulder and has a thread, a major diameter and a minor diameter. The diameter of shoulder is larger than the diameter of the neck and larger than the minor diameter of the shaft.

Abstract: A computer implemented method and system are provided for implementing a longevity bond management system for managing hedging of longevity of beneficiaries. The method may include issuing, through a special purpose vehicle, using computer processing components, a longevity bond having returns following a longevity index defined for a reference population of a pre-selected cohort of beneficiaries. The method may additionally include receiving from investors a payment amount for investment in the longevity bond, investing the payment amount in a collateral pool held by a custodian, and receiving cash flows from the investment in the collateral pool.

Abstract: A cloud-based secure Web gateway, a cloud-based secure Web method, and a network deliver a secure Web gateway (SWG) as a cloud-based service to organizations and provide dynamic user identification and policy enforcement therein. As a cloud-based service, the SWG systems and methods provide scalability and capability of accommodating multiple organizations therein with proper isolation therebetween. There are two basic requirements for the cloud-based SWG: (i) Having some means of forwarding traffic from the organization or its users to the SWG nodes, and (ii) Being able to authenticate the organization and users for policy enforcement and access logging. The SWG systems and methods dynamically associate traffic to users regardless of the source (device, location, encryption, application type, etc.), and once traffic is tagged to a user/organization, various polices can be enforced and audit logs of user access can be maintained.

Abstract: A system includes an enterprise network including an internal management system communicatively coupled thereon, the enterprise network includes security and the internal management system is disposed behind the security; a cloud system external to the enterprise network and communicatively coupled to the enterprise network, at least one user associated with the enterprise network is configured to communicate through the cloud system for cloud-based services, and the cloud system is configured to log data associated with the at least one user for the cloud-based services; and an external service bridge located in the enterprise network behind the security, the external service bridge is configured to securely communicate with the cloud system to receive the log data and to communicate with the internal management system to provide the log data thereto.

Abstract: A bone screw, for drawing first and second bone fragments together, includes a shaft having a distal section and a proximal section. The distal section has a first external male screw thread and a minor diameter. The proximal section has a second external male screw thread. A major diameter of the distal section is larger than a major diameter of the proximal section. The bone screw includes a sleeve that has an internal female screw thread configured to mate with the second male screw thread. A distal portion of the sleeve has an outer diameter. The outer diameter is equal to or smaller than the minor diameter of the distal section of the shaft.

Abstract: The present disclosure provides systems and methods for detecting email spam and variants thereof. The systems and methods are configured to detect spam messages and variations thereof for different senders and with slight differences within the message body. In an exemplary embodiment, an incoming message body (m) is converted to a sequence of successive word lengths (Sm): m->Sm, a comparison is performed between the sequence, Sm, and a plurality of stored sequences (Sk) of known spam messages, and the incoming message is flagged as spam based on the comparison. Further, the plurality of stored sequences, Sk, may be continually updated based on user feedback and other spam detection techniques. The systems and methods of the present invention may be implemented through a computer, such as a mail server, through a cloud-based security system, through a user's computer via a software agent, and the like.

Abstract: The present disclosure provides distributed, multi-tenant Virtual Private Network (VPN) cloud systems and methods for mobile security and user based policy enforcement. In an exemplary embodiment, plural mobile devices are configured to connect to one or more enforcement or processing nodes over VPN connections. The enforcement or processing nodes are configured to perform content filtering, policy enforcement, and the like on some or all of the traffic from the mobile devices. The present invention is described as multi-tenant as it can connect to plural clients across different companies with different policies in a single distributed system. Advantageously, the present invention allows smartphone and tablet users to protect themselves from mobile malware, without requiring a security applications on the device. It allows administrators to seamless enforce policy for a user regardless of the device or network they are connecting to, as well as get granular visibility into the user's network behavior.

Abstract: A computer implemented method and system are provided for implementing a longevity bond management system for managing hedging of longevity of beneficiaries. The method may include issuing, through a special purpose vehicle, using computer processing components, a longevity bond having returns following a longevity index defined for a reference population of a pre-selected cohort of beneficiaries. The method may additionally include receiving from investors a payment amount for investment in the longevity bond, investing the payment amount in a collateral pool held by a custodian, and receiving cash flows from the investment in the collateral pool.

Abstract: Methods and systems for disrupting potential attacks on a wireless network through transmission of random data are disclosed. Specifically, this disclosure relates to systems and methods for disrupting the breaking of the secret key or passphrase by an adversary or rogue device for Wi-Fi networks using wired equivalent privacy (WEP) and Wi-Fi protected access (WPA).

Abstract: The present disclosure relates to cloud based mobile device security and policy systems and methods to use the “cloud” to pervasively enforce security and policy on mobile devices. The cloud based mobile device security and policy systems and methods provide uniformity in securing mobile devices for small to large organizations. The cloud based mobile device security and policy systems and methods may enforce one or more policies for users wherever and whenever the users are connected across a plurality of different devices including mobile devices. This solution ensures protection across different types, brands, operating systems, etc. for smartphones, tablets, netbooks, mobile computers, and the like.

Abstract: The present disclosure provides systems and methods for detecting email spam and variants thereof. The systems and methods are configured to detect spam messages and variations thereof for different senders and with slight differences within the message body. In an exemplary embodiment, an incoming message body (m) is converted to a sequence of successive word lengths (Sm): m->Sm, a comparison is performed between the sequence, Sm, and a plurality of stored sequences (Sk) of known spam messages, and the incoming message is flagged as spam based on the comparison. Further, the plurality of stored sequences, Sk, may be continually updated based on user feedback and other spam detection techniques. The systems and methods of the present invention may be implemented through a computer, such as a mail server, through a cloud-based security system, through a user's computer via a software agent, and the like.

Abstract: A technique for storing binary large objects (BLObs) in a distributed key-value storage system is disclosed. In an embodiment, the storage of BLObs involves dividing the BLObs into smaller “BLOb chunks” and storing the BLOb chunks in storage nodes of the distributed key-value storage system. A BLOb is first associated with a key, referred to as a “BLOb key,” and each subsequent BLOb chunk is associated with a different unique key, referred to as a “BLOb chunk key.” A list of the BLOb chunks keys is maintained and all of the BLOb chunks of the BLOb can be retrieved from the distributed key-value storage system using the BLOb chunks key list.

Abstract: Data access is controlled using metadata in the data being stored. As consistent with various example embodiments, data is stored on behalf of one or more of a multitude of disparate users and/or applications using the data, based upon metadata in the data itself and storage rules for the metadata. In one implementation, a rules-based storage and access system retrieves storage rules based upon metadata in received data, and executes the storage rules to select a file system in which to store the received data, from a plurality of file systems having different data retrieval characteristics such as speed, security and quality.