Abstract: Various methods and devices are provided for allowing multiple surgical instruments to be inserted into sealing elements of a single surgical access device. The sealing elements can be movable along predefined pathways within the device to allow surgical instruments inserted through the sealing elements to be moved laterally, rotationally, angularly, and vertically relative to a central longitudinal axis of the device for ease of manipulation within a patient's body while maintaining insufflation.

Abstract: A generation identifier is provided having a value established upon generating a new virtual machine configuration context or a snapshot of a virtual machine configuration context. The generation identifier is configured to be sampled in order to indicate whether the sampled generation is a latest generation. To use the generation identifier, a service or application persists the generation identifier upon resuming or initiating operation. During normal operation or replay, the persisted generation identifier is compared to the generation identifier sampled from a location associated with the virtual machine configuration context on which the service or application is being run before performing a requested process or committing to a transaction. When the sampled generation identifier is different than the persisted generation identifier, the service or application knows that it is running a time-shifted operation such as from a snapshot replay.

Abstract: A computer-implemented method for authorizing access by a client application to a resource of a user maintained on a first server computing system, the client application being implemented on a second server computing system, includes receiving a delegation message from the first server computer system to initiate authorization of the access by the client application, issuing an authorization message to the first server computer system, the authorization message comprising an authorization data package for redemption by the client application, the authorization data package comprising first through fourth integral delegation data indicative of the user, the client application, the resource, and a timestamp, respectively, receiving a redemption message from the second server computing system comprising the authorization data package, conducting an analysis of the authorization data package, and sending an access token to the second server computing system based on the analysis.

Abstract: Sharing resources on a network include, for example, a domain controller hierarchy scheme, which is used in some implementations to organize and share both secure and non-secure resources in an efficient manner. Using authentication information can be used to architect a trustworthy system to divulging sensitive client data (such as user/computer passwords) to a host system. The sensitive client data can be released to the host system when a client establishes a relationship having a degree of trust with the host.

Abstract: A computer-implemented method for authorizing access by a client application to a resource of a user maintained on a first server computing system, the client application being implemented on a second server computing system, includes receiving a delegation message from the first server computer system to initiate authorization of the access by the client application, issuing an authorization message to the first server computer system, the authorization message comprising an authorization data package for redemption by the client application, the authorization data package comprising first through fourth integral delegation data indicative of the user, the client application, the resource, and a timestamp, respectively, receiving a redemption message from the second server computing system comprising the authorization data package, conducting an analysis of the authorization data package, and sending an access token to the second server computing system based on the analysis.

Abstract: A domain controller hierarchy includes one or more hub domain controllers in communication with one or more local domain controllers, such as local domain controllers at a branch office. The hub domain controller(s) is writable, while the local domain controller(s) is typically read-only. Non-secure and secure information is partitioned to specific local domain controllers at the one or more hub domain controllers. The non-secure and secure information is then passed from the hub domain controller only to the local domain controller associated with the given partition at the hub domain controller on request. For example, a user requests a logon at a client computer system at a local branch office, and the logon is passed from the local domain controller to the hub domain controller. If authenticated, the user logon account is passed to the local domain controller, where it can be cached to authenticate subsequent requests.

Abstract: A domain controller hierarchy includes one or more hub domain controllers in communication with one or more local domain controllers, such as local domain controllers at a branch office. The hub domain controller(s) is writable, while the local domain controller(s) is typically read-only. Non-secure and secure information is partitioned to specific local domain controllers at the one or more hub domain controllers. The non-secure and secure information is then passed from the hub domain controller only to the local domain controller associated with the given partition at the hub domain controller on request. For example, a user requests a logon at a client computer system at a local branch office, and the logon is passed from the local domain controller to the hub domain controller. If authenticated, the user logon account is passed to the local domain controller, where it can be cached to authenticate subsequent requests.

Abstract: A generation identifier is provided having a value established upon generating a new virtual machine configuration context or a snapshot of a virtual machine configuration context. The generation identifier is configured to be sampled in order to indicate whether the sampled generation is a latest generation. To use the generation identifier, a service or application persists the generation identifier upon resuming or initiating operation. During normal operation or replay, the persisted generation identifier is compared to the generation identifier sampled from a location associated with the virtual machine configuration context on which the service or application is being run before performing a requested process or committing to a transaction. When the sampled generation identifier is different than the persisted generation identifier, the service or application knows that it is running a time-shifted operation such as from a snapshot replay.

Abstract: A domain controller hierarchy includes one or more hub domain controllers in communication with one or more local domain controllers, such as local domain controllers at a branch office. The hub domain controller(s) is writable, while the local domain controller(s) is typically read-only. Non-secure and secure information is partitioned to specific local domain controllers at the one or more hub domain controllers. The non-secure and secure information is then passed from the hub domain controller only to the local domain controller associated with the given partition at the hub domain controller on request. For example, a user requests a logon at a client computer system at a local branch office, and the logon is passed from the local domain controller to the hub domain controller. If authenticated, the user logon account is passed to the local domain controller, where it can be cached to authenticate subsequent requests.

Abstract: A domain controller hierarchy includes one or more hub domain controllers in communication with one or more local domain controllers, such as local domain controllers at a branch office. The hub domain controller(s) is writable, while the local domain controller(s) is typically read-only. Non-secure and secure information is partitioned to specific local domain controllers at the one or more hub domain controllers. The non-secure and secure information is then passed from the hub domain controller only to the local domain controller associated with the given partition at the hub domain controller on request. For example, a user requests a logon at a client computer system at a local branch office, and the logon is passed from the local domain controller to the hub domain controller. If authenticated, the user logon account is passed to the local domain controller, where it can be cached to authenticate subsequent requests.

Abstract: A domain controller hierarchy includes one or more hub domain controllers in communication with one or more local domain controllers, such as local domain controllers at a branch office. The hub domain controller(s) is writable, while the local domain controller(s) is typically read-only. Non-secure and secure information is partitioned to specific local domain controllers at the one or more hub domain controllers. The non-secure and secure information is then passed from the hub domain controller only to the local domain controller associated with the given partition at the hub domain controller on request. For example, a user requests a logon at a client computer system at a local branch office, and the logon is passed from the local domain controller to the hub domain controller. If authenticated, the user logon account is passed to the local domain controller, where it can be cached to authenticate subsequent requests.

Abstract: A domain controller hierarchy includes one or more hub domain controllers in communication with one or more local domain controllers, such as local domain controllers at a branch office. The hub domain controller(s) is writable, while the local domain controller(s) is typically read-only. Non-secure and secure information is partitioned to specific local domain controllers at the one or more hub domain controllers. The non-secure and secure information is then passed from the hub domain controller only to the local domain controller associated with the given partition at the hub domain controller on request. For example, a user requests a logon at a client computer system at a local branch office, and the logon is passed from the local domain controller to the hub domain controller. If authenticated, the user logon account is passed to the local domain controller, where it can be cached to authenticate subsequent requests.

Abstract: Communicating with a distributed service in the network computing environment. A method for communicating with a distributed service includes referencing a configuration registry to determine resources and permissions in a potential distributed service entry. A potential distributed service entry identifies a distributed service corresponding to the potential distributed service entry that is authorized to exist by virtue of an entry in the configuration registry for the potential distributed service entry specifying that the distributed service may exist, whether or not the distributed service corresponding to the potential distributed service entry exists. The method further includes using the resource information, attempting to contact the distributed service corresponding to the potential distributed service entry. Permissions of the distributed service corresponding to the potential distributed service entry are verified to match permissions of the potential distributed service entry.

Abstract: Sharing resources on a network include, for example, a domain controller hierarchy scheme, which is used in some implementations to organize and share both secure and non-secure resources in an efficient manner. Using authentication information can be used to architect a trustworthy system to divulging sensitive client data (such as user/computer passwords) to a host system. The sensitive client data can be released to the host system when a client establishes a relationship having a degree of trust with the host.

Abstract: A method and system for backing up and restoring a data set on a node of a distributed system prevents conflicts in data replication caused by restoration from backup data. Before a node is backed up, state data of the data set of the node are set to mark the data set as “backed up.” The data set also stores a lowest serial number for uncommitted changes. A snapshot of the data set, including the state data, of the node is then taken to provide a backup copy. When the backup copy is later used to restore the data set of the node, the “backed up” value of the state data of the restored data set serves as a notification to the replication server of the node that the data set has been restored, so that the replication server will switch to a new Node ID for labeling new changes for replication to other nodes in the distributed system.