Abstract: A server system receives requests from client systems and sends responses back to the client systems. For a subset of the requests, in addition to responding to a request from a client system, the method includes creating a cryptographic object at the server system. The cryptographic object is used to cryptographically protect information related to the request, and the cryptographically protected information associated with the cryptographic object is stored at the server system. The server system then sends the cryptographic object to the client system, and in conjunction with sending the cryptographic object to the client system, irreversibly modifies the cryptographic object on the server system. For example, in some embodiments the cryptographic object includes an cryptographic key, and the server system deletes or truncates the only instances of the cryptographic object on the server system when the server system finishes responding to the request from the client system.

Abstract: A method and apparatus for enhanced data storage in peer-to-peer (P2P) networks. Users subscribe to a P2P storage network that allows each user to store files on the storage network by swapping blocks of the user's files with blocks from storage of a peer, or peers, on the network. A user desiring to utilize the storage network for a certain data block must take back an equal, or substantially equal, storage block from another peer on the network thereby insuring no net change, or minimal net change, in total storage across the P2P storage network. In addition, the diffusion of data blocks throughout the storage network is employed whereby individual peers swap data blocks on a random basis thereby further enhancing the security of the swapped blocks from direct attacks.

Abstract: A computer network is made more secure from attack attacks by partitioning the network into sub-networks and placing firedoors in association with the links that connect each sub-network to areas outside the sub-network. The firedoors scan traffic that flows through these links to identify—based on pre-stored pattern information—whether the traffic contains a virus, or some other attack, and blocks it from leaving the sub-network. The firedoors are coupled to a firedoor keeper, through which a firedoor informs the firedoor keeper whenever it detects unusual activity that suggests a successful virus breach of the protection intended for the gateway's network and, conversely, the firedoor keeper updates a pre-stored patterns file in all of the firedoors, or directs the firedoors to take specific action, e.g., blocking all traffic, whenever the firedoor keeper deemed it necessary.

Abstract: A method and system for displaying names of data files in a collection of data files represented by a corresponding symbol. According to one embodiment of the present invention, a user may display a listing of subroutine library files required to execute a particular subroutine. In such an embodiment, the user may enter the subroutine name as the symbol of interest and the system would display the library file containing that subroutine as well as those data files that contain subroutines called by that subroutine of interest. The present invention uses a transitive closure technique to traverse a data structure generated from a database and retrieve the data file list. The transitive closure technique enables the use of a compact database that contains only the data file names, corresponding symbol names, and symbol names of only data files for each data file that are directly related to that data file.