Abstract: A zero-gravity hoist system including a chain fall, a motor coupled to the chain fall and configured to drive the chain fall in one or more directions, a power supply configured to provide power to the motor, and a controller having one or more electronic processors. The one or more electronic processors are configured to measure a first force of a load in response to receiving an input, store the measured first force in a memory of the controller, measure a second force of the load, determine a difference between the second measured force and the first measured force, and adjust a height of the load based on determining that the second force differs from the first force by a predetermined threshold.

Abstract: A wireless hoist system including a first hoist device having a first motor and a first wireless transceiver and a second hoist device having a second motor and a second wireless transceiver. The wireless hoist system includes a controller in wireless communication with the first wireless transceiver and the second wireless. The controller is configured to receive a user input and determine a first operation parameter and a second operation parameter based on the user input. The controller is also configured to provide, wirelessly, a first control signal indicative of the first operation parameter to the first hoist device and provide, wirelessly, a second control signal indicative of the second operation parameter to the second hoist device. The first hoist device operates based on the first control signal and the second hoist device operates based on the second control signal.

Abstract: A tool and method examine error report information from a computer to determine not only whether a virus or other malware may be present on the computer but also may determine what vulnerability a particular exploit was attempting to use to subvert security mechanism to install the virus. A system monitor may collect both error reports and information about the error report, such as geographic location, hardware configuration, and software/operating system version information to build a profile of the spread of an attack and to be able to issue notifications related to increased data collection for errors, including crashes related to suspected services under attack.

Abstract: A tool and method examine error report information from a computer to determine not only whether a virus or other malware may be present on the computer but also may determine what vulnerability a particular exploit was attempting to use to subvert security mechanism to install the virus. A system monitor may collect both error reports and information about the error report, such as geographic location, hardware configuration, and software/operating system version information to build a profile of the spread of an attack and to be able to issue notifications related to increased data collection for errors, including crashes related to suspected services under attack.

Abstract: Evidence of attempted malware attacks may be used to identify the location and nature of future attacks. A failed attack may cause a program to crash. Crash data may be sent to an analyzer for analysis. The analysis may reveal information such as the identity of the program that is being exploited, the specific way in which the program is being exploited, and the identity or location of the source of the attack. This information may be used to identify potential sources of attack and to identify the same type of attack from other sources. When the source and/or nature of an attempted attack is known, remedial action may be taken. Filters may warn users who are attempting to visit sites from which attacks have been attempted, and the makers of programs that are being exploited can be notified so that those program makers can release updates.

Abstract: Evidence of attempted malware attacks may be used to identify the location and nature of future attacks. A failed attack may cause a program to crash. Crash data may be sent to an analyzer for analysis. The analysis may reveal information such as the identity of the program that is being exploited, the specific way in which the program is being exploited, and the identity or location of the source of the attack. This information may be used to identify potential sources of attack and to identify the same type of attack from other sources. When the source and/or nature of an attempted attack is known, remedial action may be taken. Filters may warn users who are attempting to visit sites from which attacks have been attempted, and the makers of programs that are being exploited can be notified so that those program makers can release updates.

Abstract: A tool and method examine error report information from a computer to determine not only whether a virus or other malware may be present on the computer but also may determine what vulnerability a particular exploit was attempting to use to subvert security mechanism to install the virus. A system monitor may collect both error reports and information about the error report, such as geographic location, hardware configuration, and software/operating system version information to build a profile of the spread of an attack and to be able to issue notifications related to increased data collection for errors, including crashes related to suspected services under attack.

Abstract: The restriction of particular resources includes providing a digital signature for unauthorized resources based on a structure-related parameter of the resource. Thus, attempts at circumventing recognition of such resource will likely result in altering the overall functionality of the resource. Further, such digital signatures are encoded in a critical file required for loading of a resource, thus ensuring that the identity of the resource is considered before execution thereof. Enforcement of the resource restriction includes generating a verification signature for a resource that requests loading. The verification signature is compared to the signature coded into the critical file, and a positive match results in the resource being blocked from loading.

Abstract: A system and method that automatically, transparently and securely controls software execution by identifying and classifying software, and locating a rule and associated security level for executing executable software. The security level may disallow the software's execution, restrict the execution to some extent, or allow unrestricted execution. To restrict software, a restricted access token may be computed that reduces software's access to resources, and/or removes privileges, relative to a user's normal access token. The rules that control execution for a given machine or user may be maintained in a restriction policy, e.g., locally maintained and/or in a group policy object distributable over a network. Software may be identified/classified by a hash of its content, by a digital signature, by its file system or network path, and/or by its URL zone. For software having multiple classifications, a precedence mechanism is provided to establish the applicable rule/security level.

Abstract: Object management is facilitated by signing objects with credentials and through noting and/or using an association between the signed objects and the signing credentials. In an exemplary method implementation, actions include: signing an object with a credential to produce a signed object and noting an association between an object identifier that represents the signed object and the credential. In another exemplary method implementation, actions include: receiving a revocation request for a signed object; accessing a database at an entry for the signed object to retrieve an associated credential, the associated credential having been used to sign an object to produce the signed object; and causing the associated credential to be revoked. In an exemplary electronically-accessible media implementation, a data structure thereof includes: at least one entry that associates a credential with an object identifier, the object identifier representing a signed object that was signed by the credential.

Abstract: Systems and methods are described for distributing and updating trusted certification authorities to computer systems and users. When a digital certificate is encountered during a secured electronic transaction, the root authority of the certificate is determined. It is then determined whether the root authority is a trusted authority by attempting to locate the root authority in a trusted root list. If the root authority is not included in the trusted root list, a remote site is accessed and an updated version of the trusted root list is downloaded. The new trusted root list is checked for the presence of the encountered certificate and, if found, the transaction is allowed to proceed. In one implementation, the entire trusted root list is not downloaded. Instead, if an appropriate digital certificate is located, then the certificate is downloaded and added to the trusted root list of the computer system. The transaction may then proceed.

Abstract: Object management is facilitated by signing objects with credentials and through noting and/or using an association between the signed objects and the signing credentials. In an exemplary method implementation, actions include: signing an object with a credential to produce a signed object and noting an association between an object identifier that represents the signed object and the credential. In another exemplary method implementation, actions include: receiving a revocation request for a signed object; accessing a database at an entry for the signed object to retrieve an associated credential, the associated credential having been used to sign an object to produce the signed object; and causing the associated credential to be revoked. In an exemplary electronically-accessible media implementation, a data structure thereof includes: at least one entry that associates a credential with an object identifier, the object identifier representing a signed object that was signed by the credential.

Abstract: A method, system, and computer program product code for dynamically refreshing user credentials in a distributed processing environment. The present invention provides for fast, local refresh of credentials by a server if the credentials expire during an on-going secure operation. This technique avoids the need for rolling back the operation and requiring the client to restart after acquiring fresh credentials. The ability for a systems administrator to invalidate credentials which have been compromised is maintained.

Abstract: A method for electronically facilitating an application process comprises creating a customized application for a data requester, the customized application being accessed via an Internet link to which access is controlled, granting access to the customized application to a specified data provider, accepting data from the specified data provider, providing an information management tool to the data requester, the information management tool being operable to manipulate the data from the specified data provider, and exchanging data between the data provider and the data requester. The present invention may be implemented by a computer carrying an ordered set of instructions which, when executed, perform the above-identified method.

Abstract: Systems and methods are described for distributing and updating trusted certification authorities to computer systems and users. When a digital certificate is encountered during a secured electronic transaction, the root authority of the certificate is determined. It is then determined whether the root authority is a trusted authority by attempting to locate the root authority in a trusted root list. If the root authority is not included in the trusted root list, a remote site is accessed and an updated version of the trusted root list is downloaded. The new trusted root list is checked for the presence of the encountered certificate and, if found, the transaction is allowed to proceed. In one implementation, the entire trusted root list is not downloaded. Instead, if an appropriate digital certificate is located, then the certificate is downloaded and added to the trusted root list of the computer system. The transaction may then proceed.

Abstract: A system and method that automatically, transparently and securely controls software execution by identifying and classifying software, and locating a rule and associated security level for executing executable software. The security level may disallow the software's execution, restrict the execution to some extent, or allow unrestricted execution. To restrict software, a restricted access token may be computed that reduces software's access to resources, and/or removes privileges, relative to a user's normal access token. The rules that control execution for a given machine or user may be maintained in a restriction policy, e.g., locally maintained and/or in a group policy object distributable over a network. Software may be identified/classified by a hash of its content, by a digital signature, by its file system or network path, and/or by its URL zone. For software having multiple classifications, a precedence mechanism is provided to establish the applicable rule/security level.