Abstract: Methods and systems for securing communications with an enterprise from a remote computing system are disclosed. The enterprise is included within a community of interest. One method includes authenticating a bridge appliance with an authentication server associated with an enterprise having secure communications, and receiving a packet at the bridge appliance. The method also includes decrypting the packet to provide a decrypted packet in a case where the packet is encrypted according to a cryptographic key associated with the enterprise, and forwarding the decrypted packet to a remote computing device in communication with the bridge appliance. The method additionally includes, in a case where the packet is received from the remote computing device, encrypting the packet according to a cryptographic key associated with the enterprise, to provide an encrypted packet, and forwarding the encrypted packet to an endpoint within the enterprise.

Abstract: Methods and systems for securing communications with an enterprise from a remote computing system are disclosed. The enterprise is included within a community of interest. One method includes authenticating a bridge appliance with an authentication server associated with an enterprise having secure communications, and receiving a packet at the bridge appliance. The method also includes decrypting the packet to provide a decrypted packet in a case where the packet is encrypted according to a cryptographic key associated with the enterprise, and forwarding the decrypted packet to a remote computing device in communication with the bridge appliance. The method additionally includes, in a case where the packet is received from the remote computing device, encrypting the packet according to a cryptographic key associated with the enterprise, to provide an encrypted packet, and forwarding the encrypted packet to an endpoint within the enterprise.

Abstract: An artificially intelligent method includes the steps of monitoring, by a processor, information sources to identify primary semantic information; capturing, by the processor, the primary semantic information; reformatting, by the processor, the primary semantic information according to a predetermined format; analyzing, by the processor, the primary semantic information to establish secondary semantic information; and establishing, by the processor, ontologies from the primary, secondary, and additional secondary semantic information.

Abstract: A system and method for masking the complexity of developing software for a heterogeneous target execution environment may be established by configuring an integrated development environment to perform certain masking mechanisms. For example, the integrated development environment used to develop a background process may be used to create a background process-file on the target execution environment. The integrated development environment may further be configured to synchronously connect with an agent on the target execution environment, allowing the agent to initiate the background process using the integrated development environment user credentials. Additionally, the integrated development environment may be configured to monitor completion of the background process execution on the target execution environment, and to return the output from the background process after completion to the integrated development environment user.

Abstract: Systems and methods for accessing data secured and encrypted using a file system manager are disclosed. One method includes determining whether a community of interest (COI) key obtained from a security appliance matches a COI key associated with a file structure managed by the file system manager that is the subject of a file system request issued by a caller. The method further includes identifying an entry included in a key bank associated with the COI key and the file structure that is the subject of the file system request, the key bank storing encrypted versions of a metadata key. The method also includes decrypting the metadata key using the COI key, decrypting at least one block encryption key using the metadata key, and decrypting a block of data associated with the at least one block encryption key.

Abstract: Systems and methods for establishing a secure file system are disclosed, in which system endpoints such as files and directories in a file system are protected using a security appliance. The security appliance protects each endpoint in the file system from unauthorized access by making those endpoints invisible to unauthorized users. The security appliance organizes users and endpoints into various communities of interest (COI). A user COI groups users such that all users associated with that particular COI have authorization to view the same one or more endpoints located in file storage.

Abstract: Disclosed herein is a commodity infrastructure operating system that manages and implements the resources and services found in the heterogeneous components of the common infrastructure. The infrastructure operating system managing one or more services residing within an operating system image of a partition. The infrastructure operating system capable of providing a service of a first partition's operating system to a second partition's operating system when the second partition is in need of the service.

Abstract: Systems and methods for accessing data secured and encrypted using a file system manager are disclosed. One method includes determining whether a community of interest (COI) key obtained from a security appliance matches a COI key associated with a file structure managed by the file system manager that is the subject of a file system request issued by a caller. The method further includes identifying an entry included in a key bank associated with the COI key and the file structure that is the subject of the file system request, the key bank storing encrypted versions of a metadata key. The method also includes decrypting the metadata key using the COI key, decrypting at least one block encryption key using the metadata key, and decrypting a block of data associated with the at least one block encryption key.

Abstract: Systems and methods for establishing a secure file system are disclosed, in which system endpoints such as files and directories in a file system are protected using a security appliance. The security appliance protects each endpoint in the file system from unauthorized access by making those endpoints invisible to unauthorized users. The security appliance organizes users and endpoints into various communities of interest (COI). A user COI groups users such that all users associated with that particular COI have authorization to view the same one or more endpoints located in file storage.

Abstract: One embodiment of a computer-implemented method for managing computing resources may include determining, by a computer, target computing resources to be configured with a platform. A determination, by the computer, may be made as to whether the target computing resources includes a management agent for managing the platform. The computer may cause a management agent to be installed on the target computing resources if the target computing resources are determined to not include a management agent, otherwise, the computer may not cause a management agent to be installed on the target computing resources. The computer may instruct the management agent to commission the platform on the target computing resources.

Abstract: One embodiment of a computer-implemented method for managing computing resources may include determining, by a computer, target computing resources to be configured with a platform. A determination, by the computer, may be made as to whether the target computing resources includes a management agent for managing the platform. The computer may cause a management agent to be installed on the target computing resources if the target computing resources are determined to not include a management agent, otherwise, the computer may not cause a management agent to be installed on the target computing resources. The computer may instruct the management agent to commission the platform on the target computing resources.

Abstract: Disclosed herein is a commodity infrastructure operating system that manages and implements the resources and services found in the heterogeneous components of the common infrastructure using a fabric manager. A fabric manager managing computing resources in one or more platforms and one or more partitions residing on the platform by monitoring each platform and partitions, and issuing instructions to a hypervisor or other management agent on a platform to execute one or more platform management commands, such as commission a new partition onto a platform.

Abstract: Interaction between isolated partitioned execution environments may be permitted through transmission of messages. A method for interaction between partitions may include may include receiving, by a processor, a request message comprising a request to execute a transaction application code; creating, by the processor, an isolated execution environment; starting, by the processor, an operating system in the isolated execution environment; and executing, by the processor, the transaction application code in the operating system.

Abstract: Disclosed herein is a commodity infrastructure operating system that manages and implements the resources and services found in the heterogeneous components of the common infrastructure. The infrastructure operating system managing one or more services residing within an operating system image of a partition. The infrastructure operating system capable of providing a service of a first partition's operating system to a second partition's operating system when the second partition is in need of the service.

Abstract: Disclosed herein is a method and a system for data storage and retrieval that is agnostic to the database models of any of the databases in embodiments of the common infrastructure. Data may be stored via one database, according to a corresponding model, and then stored such that the data may be retrieved by a second database with a different database model. The data is stored in key-value pairs, and is thus not stored according to any database model. However, metadata perspectives construct a set of retrieved data into a format expected by the database retrieving the set of data.

Abstract: Disclosed herein is a commodity infrastructure operating system that manages and implements the resources and services found in the heterogeneous components of the common infrastructure using a fabric manager. A fabric manager managing computing resources in one or more platforms and one or more partitions residing on the platform by monitoring each platform and partitions, and issuing instructions to a hypervisor or other management agent on a platform to execute one or more platform management commands, such as commission a new partition onto a platform.

Abstract: Values may be interchanged between computers with different computer architectures by implementing a transform function in a database serving the values to the computers. The transform function may convert a value for use on a computer with a different word length than the word length of the computer hosting the database. For example, the database may have 36-bit words, and a client may have 32-bit words. The transform function may operate without data loss and be capable of reversing the transform to enable round trips for data between the database and client.

Abstract: An authentication system is enhanced by prompting an individual to perform a randomly-selected challenge action. For example, the individual may be requested to move the device in a particular motion, after entering a username/password combination. The randomly-selected challenge action verifies the individual is located at the device, which prevents automated attacks to steal the individual's identity. The challenge action improves security by preventing attackers from spoofing an individual's authentication information. The enhanced authentication system may be used on mobile devices, such as mobile phones and laptop computers, to provide access to secure data, such as bank account information.

Abstract: An authentication system is enhanced by prompting an individual to perform a challenge action. For example, the individual may be requested to move the device in a particular motion, after entering a username/password combination. The challenge action is known only by the individual, such that an imposter, even with authentication information, does not know the challenge action. The challenge action improves security by preventing attackers from spoofing an individual's authentication information. The enhanced authentication system may be used on mobile devices, such as mobile phones and laptop computers, to provide access to secure data, such as bank account information.

Abstract: Biometric authentication is enhanced by prompting an individual to perform an action challenge. For example, when an individual provides a facial picture for facial recognition to access secure data the individual may be prompted to provide a second picture of the individual performing an action. In one case, the individual is prompted to provide a second picture with an eye closed or an open mouth. The action challenge improves security by preventing attackers from spoofing an individual's biometric information. The enhanced biometric authentication may be used on mobile devices, such as mobile phones and laptop computers, to provide access to secure data, such as bank account information.