Abstract: The devices and methods taught in this disclosure are directed to facilitate the observation, collection, transportation, storage, and preservation of specimens possibly containing DNA, said specimens potentially constituting evidence of sexual assault. The devices and methods described further allow for a means of minimizing the possibility of specimen contamination, dilution, or degradation during the collection and storage processes. The disclosed devices may contain electrical components that provide for the generation and recordation of information (specifically, times, dates, and locations) related to circumstances surrounding the collection of such specimens. This information may serve as evidence corroborating the circumstance of specimen collection, it may help to maintain a known and identifiable Chain of Custody (CoC), and it may additionally be used for unique device identification (UDI), inventory control, and current procedural terminology (CPT) coding purposes.

Abstract: An error in a web page displayed on a device is detected. The error is assigned to a bucket to indicate a type of the error, and a record describing the current state of the device is generated. Both an indication of the bucket and the record describing the current state of the device are then sent to a server. At the server, error information including error records and bucket identifiers are received from multiple devices. Each error record describes a current state of one of the multiple devices at a time when an error in a web page displayed on the one device was detected. Each bucket identifier corresponds to one of the error records and describes a type of the error associated with that error record. The error records are grouped into multiple baskets based at least in part on the current state information in the error records.

Abstract: The devices and methods taught in this disclosure are directed to facilitate the observation, collection, transportation, storage, and preservation of specimens possibly containing DNA, said specimens potentially constituting evidence of sexual assault. The devices and methods described further allow for a means of minimizing the possibility of specimen contamination, dilution, or degradation during the collection and storage processes. The disclosed devices may contain electrical components that provide for the generation and recordation of information (specifically, times, dates, and locations) related to circumstances surrounding the collection of such specimens. This information may serve as evidence corroborating the circumstance of specimen collection, it may help to maintain a known and identifiable Chain of Custody (CoC), and it may additionally be used for unique device identification (UDI), inventory control, and current procedural terminology (CPT) coding purposes.

Abstract: The devices and methods taught in this disclosure are directed to facilitate the observation, collection, transportation, storage, and preservation of specimens possibly containing DNA, said specimens potentially constituting evidence of sexual assault. The devices and methods described further allow for a means of minimizing the possibility of specimen contamination, dilution, or degradation during the collection and storage processes. The disclosed devices may contain electrical components that provide for the generation and recordation of information (specifically, times, dates, and locations) related to circumstances surrounding the collection of such specimens. This information may serve as evidence corroborating the circumstance of specimen collection, it may help to maintain a known and identifiable Chain of Custody (CoC), and it may additionally be used for unique device identification (UDI), inventory control, and current procedural terminology (CPT) coding purposes.

Abstract: An error in a web page displayed on a device is detected. The error is assigned to a bucket to indicate a type of the error, and a record describing the current state of the device is generated. Both an indication of the bucket and the record describing the current state of the device are then sent to a server. At the server, error information including error records and bucket identifiers are received from multiple devices. Each error record describes a current state of one of the multiple devices at a time when an error in a web page displayed on the one device was detected. Each bucket identifier corresponds to one of the error records and describes a type of the error associated with that error record. The error records are grouped into multiple baskets based at least in part on the current state information in the error records.

Abstract: An error in a web page displayed on a device is detected. The error is assigned to a bucket to indicate a type of the error, and a record describing the current state of the device is generated. Both an indication of the bucket and the record describing the current state of the device are then sent to a server. At the server, error information including error records and bucket identifiers are received from multiple devices. Each error record describes a current state of one of the multiple devices at a time when an error in a web page displayed on the one device was detected. Each bucket identifier corresponds to one of the error records and describes a type of the error associated with that error record. The error records are grouped into multiple baskets based at least in part on the current state information in the error records.

Abstract: Access to a resource by sandboxed code is dynamically authorized by a client security system based on a resource based policy. A sandboxed application running on a client is granted access to a resource based on a resource based policy despite denial of the access based on a static policy associated with the client security system. The granting of access coincides with the determination that the threat to a user or the user's information is not increased should the access be granted.

Abstract: Described is a mechanism for collectively evaluating security risks associated with loading an application. A hosting environment associated with loading the application invokes a trust manager to evaluate the security risks. The trust manager invokes a plurality of trust evaluators, where each trust evaluator is responsible for analyzing and assessing a different security risk. Upon completion of each security risk evaluation, results of those individual security risk evaluations are returned to the trust manager. The trust manager aggregates the variety of security risk evaluation results and makes a security determination based on the aggregated evaluation results. That determination may be to move forward with loading the application, to block the load of the application, or perhaps to prompt the user for a decision about whether to move forward with the load.

Abstract: An error in a web page displayed on a device is detected. The error is assigned to a bucket to indicate a type of the error, and a record describing the current state of the device is generated. Both an indication of the bucket and the record describing the current state of the device are then sent to a server. At the server, error information including error records and bucket identifiers are received from multiple devices. Each error record describes a current state of one of the multiple devices at a time when an error in a web page displayed on the one device was detected. Each bucket identifier corresponds to one of the error records and describes a type of the error associated with that error record. The error records are grouped into multiple baskets based at least in part on the current state information in the error records.

Abstract: An error in a web page displayed on a device is detected. The error is assigned to a bucket to indicate a type of the error, and a record describing the current state of the device is generated. Both an indication of the bucket and the record describing the current state of the device are then sent to a server. At the server, error information including error records and bucket identifiers are received from multiple devices. Each error record describes a current state of one of the multiple devices at a time when an error in a web page displayed on the one device was detected. Each bucket identifier corresponds to one of the error records and describes a type of the error associated with that error record. The error records are grouped into multiple baskets based at least in part on the current state information in the error records.

Abstract: An error in a web page displayed on a device is detected. The error is assigned to a bucket to indicate a type of the error, and a record describing the current state of the device is generated. Both an indication of the bucket and the record describing the current state of the device are then sent to a server. At the server, error information including error records and bucket identifiers are received from multiple devices. Each error record describes a current state of one of the multiple devices at a time when an error in a web page displayed on the one device was detected. Each bucket identifier corresponds to one of the error records and describes a type of the error associated with that error record. The error records are grouped into multiple baskets based at least in part on the current state information in the error records.

Abstract: An error in a web page displayed on a device is detected. The error is assigned to a bucket to indicate a type of the error, and a record describing the current state of the device is generated. Both an indication of the bucket and the record describing the current state of the device are then sent to a server. At the server, error information including error records and bucket identifiers are received from multiple devices. Each error record describes a current state of one of the multiple devices at a time when an error in a web page displayed on the one device was detected. Each bucket identifier corresponds to one of the error records and describes a type of the error associated with that error record. The error records are grouped into multiple baskets based at least in part on the current state information in the error records.

Abstract: A method and system for using an Internet client's local authentication mechanism in systems having updated browser code, so as to enable third party authentication according to an authentication scheme specified by a participating server on clients with updated browser code, while not breaking clients with legacy browser code. A redirect response from a server has authentication data added thereto such that updated browser code can detect the data's presence and enable the use of local security mechanisms for authentication purposes with the server-specified authentication scheme, including local credential entry for verification at a third party login server. At the same time, if such a redirect response is received by prior browser code, the added data is ignored while conventional redirection occurs, such that third party authentication may be performed via redirection to a third party's Internet page that provides a form for credential entry.

Abstract: Evidence-based application security may be implemented at the application and/or application group levels. A manifest may be provided defining at least one trust condition for the application or application group. A policy manager evaluates application evidence (e.g., an XrML license) for an application or group of applications relative to the manifest. The application is only granted permissions on the computer system if the application evidence indicates that the application is trusted. Similarly, a group of applications are only granted permissions on the computer system if the evidence indicates that the group of applications is trusted. If the application evidence satisfies the at least one trust condition defined by the manifest, the policy manager generates a permission grant set for each code assembly that is a member of the at least one application. Evidence may be further evaluated for code assemblies that are members of the trusted application or application group.

Abstract: Described is a system and method by which an application program is evaluated for trustworthiness based on the permissions and/or privileges it requests relative to a program category. The program describes the permissions needed to operate, and identifies itself as belonging to a particular category. Security components compare the requested permission set against the permissions that programs of that category actually need in order to operate properly. Programs requesting more permissions than needed are deemed untrustworthy. For example, screen saver application programs need only a limited permission set to operate properly, including full screen access and the ability to read files, but do not need network access permissions or write access to files. Any screensaver application that requests only the needed permission set is deemed trustworthy, while others that request permissions beyond what is actually needed are not deemed trustworthy, and a user or automated policy process may then intervene.

Abstract: An error in a web page displayed on a device is detected. The error is assigned to a bucket to indicate a type of the error, and a record describing the current state of the device is generated. Both an indication of the bucket and the record describing the current state of the device are then sent to a server. At the server, error information including error records and bucket identifiers are received from multiple devices. Each error record describes a current state of one of the multiple devices at a time when an error in a web page displayed on the one device was detected. Each bucket identifier corresponds to one of the error records and describes a type of the error associated with that error record. The error records are grouped into multiple baskets based at least in part on the current state information in the error records.

Abstract: Described herein is an implementation of a technology for managing credentials. With an implementation, a credential manager is domain-authentication aware and concurrent authentications with multiple independent networks (e.g., domains) may be established and maintained. Moreover, a credential manager provides a credential model retrofit for legacy applications that only understand the password model. The manager provides a mechanism where the application is only a “blind courier” of credentials between the trusted part of the OS to the network and/or network resource. The manager fully insulates the application from “read” access to the credentials. This abstract itself is not intended to limit the scope of this patent. The scope of the present invention is pointed out in the appending claims.

Abstract: A method and system for using an Internet client's local authentication mechanism in systems having updated browser code, so as to enable third party authentication according to an authentication scheme specified by a participating server on clients with updated browser code, while not breaking clients with legacy browser code. A redirect response from a server has authentication data added thereto such that updated browser code can detect the data's presence and enable the use of local security mechanisms for authentication purposes with the server-specified authentication scheme, including local credential entry for verification at a third party login server. At the same time, if such a redirect response is received by prior browser code, the added data is ignored while conventional redirection occurs, such that third party authentication may be performed via redirection to a third party's Internet page that provides a form for credential entry.

Abstract: Described is a mechanism for collectively evaluating security risks associated with loading an application. A hosting environment associated with loading the application invokes a trust manager to evaluate the security risks. The trust manager invokes a plurality of trust evaluators, where each trust evaluator is responsible for analyzing and assessing a different security risk. Upon completion of each security risk evaluation, results of those individual security risk evaluations are returned to the trust manager. The trust manager aggregates the variety of security risk evaluation results and makes a security determination based on the aggregated evaluation results. That determination may be to move forward with loading the application, to block the load of the application, or perhaps to prompt the user for a decision about whether to move forward with the load.

Abstract: Evidence-based application security may be implemented at the application and/or application group levels. A manifest may be provided defining at least one trust condition for the application or application group. A policy manager evaluates application evidence (e.g., an XrML license) for an application or group of applications relative to the manifest. The application is only granted permissions on the computer system if the application evidence indicates that the application is trusted. Similarly, a group of applications are only granted permissions on the computer system if the evidence indicates that the group of applications is trusted. If the application evidence satisfies the at least one trust condition defined by the manifest, the policy manager generates a permission grant set for each code assembly that is a member of the at least one application. Evidence may be further evaluated for code assemblies that are members of the trusted application or application group.