Abstract: In various aspects, the present invention provides uridine diphosphate-dependent glycosyltransferase (UGT) enzymes capable of catalyzing the transfer of a monosaccharide moiety from a NDP-sugar to the 3? carbon of a sugar moiety of a substrate, such as a terpenoid glycan, thereby functioning as a “1-3 UGT.” In other aspects, the invention provides polynucleotides encoding the 1-3 UGT, and host cells comprising the same. In still other aspects, the invention provides methods for preparing glycosylated substrates, including steviol glycosides, using the enzyme and host cells of this disclosure.

Abstract: In various aspects, the present invention provides uridine diphosphate-dependent glycosyltransferase (UGT) enzymes capable of catalyzing the transfer of a monosaccharide moiety from a NDP-sugar to the 3? carbon of a sugar moiety of a substrate, such as a terpenoid glycan, thereby functioning as a “1-3 UGT.” In other aspects, the invention provides polynucleotides encoding the 1-3 UGT, and host cells comprising the same. In still other aspects, the invention provides methods for preparing glycosylated substrates, including steviol glycosides, using the enzyme and host cells of this disclosure.

Abstract: A water window apparatus including a main water window element, and a plurality of retaining flanges, along with interlocking teeth that fixedly communicate with one another to fixedly retain the main water window there between. The main water window is hollow, as well as monolithic and hermetically sealed to maintain its integral buoyancy, and further has a top that includes a magnifying element that imparts magnification when viewed therethrough.

Abstract: Leveraging an established authenticated session in obtaining authentication to a client application includes receiving a request for access to a client application requiring authentication of a requestor and determining whether there exist characteristics of leverageable authentications corresponding to established sessions having an authenticated state at a time of the determination. When the determination reveals characteristics of at least one leverageable authentication corresponding to an established session, and attempt is made to obtain access for the requestor to the client application based on the at least one leverageable authentication, and the requestor is provided with a notification related to the 1 attempt to obtain access for the requestor to the client application.

Abstract: Leveraging an established authenticated session in obtaining authentication to a client application includes receiving a request for access to a client application requiring authentication of a requestor and determining whether there exist characteristics of leverageable authentications corresponding to established sessions having an authenticated state at a time of the determination. When the determination reveals characteristics of at least one leverageable authentication corresponding to an established session, and attempt is made to obtain access for the requestor to the client application based on the at least one leverageable authentication, and the requestor is provided with a notification related to the 1 attempt to obtain access for the requestor to the client application.

Abstract: Leveraging an established authenticated session in obtaining authentication to a client application includes receiving a request for access to a client application requiring authentication of a requestor and determining whether there exist characteristics of leverageable authentications corresponding to established sessions having an authenticated state at a time of the determination. When the determination reveals characteristics of at least one leverageable authentication corresponding to an established session, and attempt is made to obtain access for the requestor to the client application based on the at least one leverageable authentication, and the requestor is provided with a notification related to the 1 attempt to obtain access for the requestor to the client application.

Abstract: Protection is provided to prevent a computer user from unintentionally giving away sensitive data (e.g., security credentials, credit card number, PINs, personal data, or bank account number) to an illegitimate or unintended entity by means of a client application capable of communicating the sensitive data across a network to other computer users. To provide the protection, user input is monitored to detect a user entry of the sensitive data into the client application for communication to other users. When such an entry occurs, action is taken to reduce the likelihood of an unintentional giveaway of the sensitive data or to reduce the effects of an unintentional giveaway.

Abstract: Protection is provided to prevent a computer user from unintentionally giving away sensitive data (e.g., security credentials, credit card number, PINs, personal data, or bank account number) to an illegitimate or unintended entity by means of a client application capable of communicating the sensitive data across a network to other computer users. To provide the protection, user input is monitored to detect a user entry of the sensitive data into the client application for communication to other users. When such an entry occurs, action is taken to reduce the likelihood of an unintentional giveaway of the sensitive data or to reduce the effects of an unintentional giveaway.

Abstract: The volume of outgoing electronic messages from a given entity may be restricted by preventing the messages, such as spam, from being sent. Messages may be restricted, for example, by serializing outgoing messages using a mutual-exclusion locking technique or by using a ticket-based system. Serialization may occur, for example, at a web level in web-based implementations. In one system, a limited-use ticket is generated that allows an entity to send one or more electronic messages, and the ticket is provided to the entity. A request is received from the entity to send an electronic message, and the request is associated with the ticket and the electronic message. After receiving the request, a determination is made as to whether the ticket is valid and, if the ticket is determined to be valid, the electronic message is approved for sending.

Abstract: Leveraging an established authenticated session in obtaining authentication to a client application includes receiving a request for access to a client application requiring authentication of a requestor and determining whether there exist characteristics of leverageable authentications corresponding to established sessions having an authenticated state at a time of the determination. When the determination reveals characteristics of at least one leverageable authentication corresponding to an established session, and attempt is made to obtain access for the requester to the client application based on the at least one leverageable authentication, and the requestor is provided with a notification related to the attempt to obtain access for the requester to the client application.

Abstract: Protection is provided to prevent a computer user from unintentionally giving away sensitive data (e.g., security credentials, credit card number, PINs, personal data, or bank account number) to an illegitimate or unintended entity by means of a client application capable of communicating the sensitive data across a network to other computer users. To provide the protection, user input is monitored to detect a user entry of the sensitive data into the client application for communication to other users. When such an entry occurs, action is taken to reduce the likelihood of an unintentional giveaway of the sensitive data or to reduce the effects of an unintentional giveaway.

Abstract: Protection is provided to prevent a computer user from unintentionally giving away sensitive data (e.g., security credentials, credit card number, PINs, personal data, or bank account number) to an illegitimate or unintended entity by means of a client application capable of communicating the sensitive data across a network to other computer users. To provide the protection, user input is monitored to detect a user entry of the sensitive data into the client application for communication to other users. When such an entry occurs, action is taken to reduce the likelihood of an unintentional giveaway of the sensitive data or to reduce the effects of an unintentional giveaway.

Abstract: The invention provides an affiliation within a single sign-on system, which affiliation comprises a group of service providers that have chosen to act as a single entity on a network from the point of view of authentication, federation, and authorization. This type of entity is used to implement functionality within a portal site, such as the Yahoo (see http://www.yahoo.com) portal with a Travelocity (see http://www.travelocity.com/) travel section that acts as part of Yahoo and not as part of Travelocity. In the preferred embodiment, there is an owner of the affiliation that is responsible for maintaining a list that shows which service providers are members of the affiliation, as well as any control structure or meta-data associated with the affiliation. Each affiliation must have an identifier that is unique within the single sign-on system in which the affiliation is defined. User actions associated with the affiliation apply to all entities within the affiliation.

Abstract: A system and method for determining in a global network the user network authentication status as the user goes from site to site within the network is provided. Additionally, the system and method provides for transparent or implicit multi-site logon functionality, including automatic introduction from one site to the other using a baseline authentication agency (102). The system and method provides an architecture for a core global network (100) (referred to herein as NET) that incorporates some or all of the following features and components: a set of baseline authentication agencies responsible for the core global network (NET) services, such as login and user-selected service-provider lookup; a shared NET domain and associated DNS records (106) used for cookie (110) sharing, login routing, and the like; and a collection of partner sites (108) accessible via the NET.

Abstract: A method and apparatus for fine-grained, trust-based rate limiting of network requests distinguishes trusted network traffic from untrusted network traffic at the granularity of an individual user/machine combination, so that network traffic policing measures are readily implemented against untrusted and potentially hostile traffic without compromising service to trusted users. A server establishes a user/client pair as trusted by issuing a trust token to the client when successfully authenticating to the server for the first time. Subsequently, the client provides the trust token at login. At the server, rate policies apportion bandwidth according to type of traffic: network requests that include a valid trust token are granted highest priority. Rate policies further specify bandwidth restrictions imposed for untrusted network traffic.

Abstract: An identity based service system is provided, in which an identity is created and managed for a user or principal, such that at least a portion of the identity is available to use between one or more system entities. A discovery service enables a system entity to discover a service descriptor, given a service name and a name identifier of the user, whereby system entities can find and invoke the user's other personal web services. The discovery service preferably provides a translation between a plurality of namespaces, to prevent linkable identity information over time between system entities.

Abstract: Protection is provided to prevent a computer user from unintentionally giving away sensitive data (e.g., security credentials, credit card number, PINs, personal data, or bank account number) to an illegitimate or unintended entity by means of a client application capable of communicating the sensitive data across a network to other computer users. To provide the protection, user input is monitored to detect a user entry of the sensitive data into the client application for communication to other users. When such an entry occurs, action is taken to reduce the likelihood of an unintentional giveaway of the sensitive data or to reduce the effects of an unintentional giveaway.