Abstract: A system and method for distributed enterprise security, comprising, a server operable to update information, wherein the information can include one or more of a policy and configuration information, a security control module (SCM) operable to accept the information, at least one security service module (SSM) operable to accept the information from the SCM, and herein the information accepted by the SCM is relevant to one or more of the at least one SSMs.

Abstract: A system and method comprising the steps of, delegating a capability from a first user to a second user, propagating information that includes evidence of the delegation to a plurality of security service modules, wherein each one of the plurality of security service modules is capable of protecting one or more resources, providing the evidence to a first security service module belonging to the plurality of security service modules, enforcing the delegation when the second user attempts to access a resource in the one or more resources wherein the resource is protected by the first security service module, and wherein the enforcement is carried out by the first security service module.

Abstract: A solar energy augmented jet aircraft uses solar energy as the energy source for dielectric heating of a jet engine exhaust gas stream thereby increasing thrust.

Abstract: A system and method of authorization comprising associating at least one role with a resource, associating at least one capability with the at least one role, and determining whether to permit a resource operation based on the at least one capability.

Abstract: A system and a method for providing application flow integration in a portal framework. In accordance with one embodiment, the invention comprises a portal servlet, which handles all incoming servlet requests and determines whether the incoming request represents a request either for a portal page or for a non-portal page; and, a portal processor which handles all portal page requests passed by the portal servlet, and executes an appropriate webflow to update the current state of the portal page, depending on a current set of events. Each of a plurality of portlets may have an individual webflow associated with it.

Abstract: A system and a method for providing application flow integration in a portal framework. In accordance with one embodiment, the invention comprises a portal servlet, which handles all incoming servlet requests and determines whether the incoming request represents a request either for a portal page or for a non-portal page; and, a portal processor which handles all portal page requests passed by the portal servlet, and executes an appropriate webflow to update the current state of the portal page, depending on a current set of events. Each of a plurality of portlets may have an individual webflow associated with it.

Abstract: A memory for storing data for access by an application program being executed on a computer system, comprising, a data structure stored in said memory, said data structure including, a name attribute wherein the name identifies an action or a role, a resource attribute wherein the resource attribute specifies a resource in a hierarchy of resources and determines a scope for the name attribute, a subject attribute wherein the subject attribute specifies at least one of, a user and group, and wherein the application program accesses the memory through an interface that is part of a security service module.

Abstract: A system and method for distributed enterprise security, comprising, a security control module (SCM) operable to accept information, wherein the information includes one or more policies, at least one security service module (SSM) operable to accept the information from the SCM, a role mapping module coupled to the at least one SSM, wherein the role mapping module is operable to map a user to at least one role based on the information, and wherein the information accepted by the SCM is relevant to the at least one SSM.

Abstract: A system and method for a distributed enterprise security, comprising, a first process capable of providing a second set of information derived from a first set of information, wherein the first set of information includes one or more of: a policy and configuration information, a security control module (SCM) capable of accepting the second set of information wherein the second set of information only includes information from the first set of information that is relevant to the SCM and wherein the SCM is capable of providing a third set of information wherein the third set of information is derived from the second set of information, a security service module (SSM) capable of accepting the third set of information from the SCM wherein the third set of information only includes information from the second set of information that is relevant to the SSM, wherein the SSM is capable of controlling access to one or more resources based on the third set of information, and wherein the SSM is capable of configuring

Abstract: A system and method for distributing security information, comprising, a remote interface capable of accepting the information from a distributor wherein the information includes at least one of: policy information and configuration information, a local interface capable of providing the information to at least one services layer, wherein the at least one services layer includes at least one security provider, and wherein the at least one services layer can dynamically configure the at least one security provider based on the information.

Abstract: A system and method for accepting a communication, comprising providing the communication to a controller, associating a model with said communication, determining a state of the model based on said communication, providing a view based on the state of the model, and wherein the view is a page in a page group.

Abstract: A method for accepting a request, comprising mapping the request to a control tree factory, generating a control tree from the factory based on the request wherein the control tree can include at least one control, advancing the control tree through at least one lifecycle stage based on the request, generating a response wherein the response can be used to render at least a portion of a graphical user interface (GUI), and wherein the at least one control can represent a graphical element of the GUI.

Abstract: A method for rendering a graphical user interface (GUI), comprising providing for the representation of the GUI as a set of controls wherein the controls are organized in a logical hierarchy, traversing the representation, wherein the traversing comprises associating a theme with a first control in the set of controls, rendering the first control according to the theme, rendering any descendents of the first control according to the theme wherein any descendents of the first control can override the theme; and wherein one of the set of controls can communicate with another of the set of controls.

Abstract: A system and method for building a representation of a graphical user interface (GUI), comprising generating a class, generating a first representation of the GUI, wherein the class can produce a second representation GUI based on the first representation, generating a second representation of the GUI from the class, wherein the second representation includes at least one control, and wherein the first representation can include at least one of hierarchical relationships among controls, control properties, and control event information.

Abstract: A system and method for a distributed system for controlling access to a first resource in a hierarchy of resources, comprising, a distributor located on a first server and capable of distributing to a second server a first policy for the first resource, a security service module (SSM) located on the second server and capable of managing based on the first policy conditions for access to at least one of: the first resource and a second resource that is hierarchically inferior to the first resource, and wherein the first policy can be overridden by a second policy wherein the second policy specifies conditions for access for a resource that is hierarchically inferior to the first resource.

Abstract: A system and method for a configurable distributed security system, comprising, a security service module capable of dynamically instantiating one or more plugin security provider modules, the one or more security provider modules are coupled to the security service module wherein the one or more security provider modules are capable of responding to one or more changes in configuration information, a first process capable of modifying the configuration information, wherein the security service module is capable of accepting at least one of, security information and the configuration information, and wherein the security service module is capable of controlling access to one or more resources based on the security information.

Abstract: A method for delegating enterprise security capabilities, comprising, providing a capability for a first user, wherein the capability can be expressed as a policy, delegating the capability from the first user to a second user, wherein the second user is allowed to have the capability only at times when the first user is allowed to have the capability, and wherein the delegated capability is propagated in a distributed enterprise security system.

Abstract: A system and method distributed enterprise security, comprising, a security control module (SCM) operable to accept information, wherein the information include one or more of: a policy and configuration information at least one security service module (SSM) operable to accept the information from SCM at least one security service providers coupled to the at least one SSM, wherein the at least one security service providers is cable of at least one of, authentication of a user, determining if access to a resource is permitted based on the information, auditing of a security decision, and mapping an authenticated identity to a set of credentials to be used to authenticate a target resource, and wherein the information accepted by the SCM is relevant to one or more of the at least one SSMs.

Abstract: A system and method for distributing information from a first process to one or more security service modules, said system comprising the steps of, a remote interface capable of accepting first information from the first process, a provisioning service provider coupled to the remote interface and capable of obtaining the first information from the remote interface, and further capable of providing second information to a local interface, wherein the second information is based on the first information and is tailored for the one or more security service modules, the local interface capable of providing the second information to the one or more security service modules and wherein the one or more security service modules are capable of accepting the second information and performing at least one of the following: adjusting a configuration of the one or more security service modules to reflect the second information, and protecting access to at least one resource based on the second information.

Abstract: A method for searching a first set of policies, comprising, accessing the first set of policies wherein each policy in the first set of policies includes the following policy components, a resource, a subject, and one of an action and a role name, and wherein the subject includes at least one of, a user and a group, specifying one or more search criteria wherein the one or more search criteria includes one or more values for policy components and wherein the one or more values can include one or more wild cards, finding in the first set of policies a second set of policies that satisfy the one or more search criteria, and wherein a policy can be used to control access to a resource.