Abstract: Systems and methods for validating integrity of an executable file are described. In one aspect, the systems and methods determine that an executable file is being introduced into a path of execution. The executable file is then automatically evaluated in view of multiple malware checks to detect if the executable file represents a type of malware. The multiple malware checks are integrated into an operating system trust verification process along the path of execution.

Abstract: A method for providing an interface to a Bluetooth compliant device can emulate a modem such that computer software programs can communicate through the Bluetooth compliant device in the same manner in which they would communicate through a standard modem to access a dial-up, wide area network. The method also supports an interface to a Bluetooth compliant device which can emulate a network socket such that computer software programs can communicate through the Bluetooth compliant device seemingly in the same manner in which they would communicate through a standard network interface card to access a local area network. The method also allows for the interface to a Bluetooth compliant device to be dependent on the nature of the Bluetooth compliant device.

Abstract: Protecting computer systems from attacks that attempt to change USB topology and for ensuring that the system's information regarding USB topology is accurate is disclosed. A software model is defined that, together with secure USB hardware, provides an ability to define policies using which USB traffic can be properly monitored and controlled. The implemented policy provides control over USB commands through a combination of software evaluation and hardware programming. Legitimate commands are evaluated and “allowed” to be sent to a USB device by a host controller. Illegitimate commands are evaluated and blocked. Additionally, the USB topology is audited to verify that the system's topology map matches the actual USB topology.

Abstract: A trailer hitch locking device for securing a trailer having a ball type hitch includes a rigid U-shaped frame member having a central lower mounting member, an upper pin shield, a locking pin having a flattened locking end, a shaft and a pin head, the locking end engaging a cylindrical security lock which engages the locking pin through a hole in the frame member, the cylindrical security lock being surrounded by a lock security collar, preventing access to the entire cylindrical lock except for the outer surface of the cylindrical lock, exposed from the lock security collar, the pin head being sunken into a pin head recess in the frame member across from the lock security collar. The pin head access prevents access to the pin, the upper pin shield prevents access to the shaft of the pin and the cylindrical security lock and lock security collar preventing access to the locking end of the pin, the pin preventing removal of the device from the applied ball type hitch of the trailer.

Abstract: The present invention provides a system, method, and computer-readable medium for identifying malware that is loaded in the memory of a computing device. Software routines implemented by the present invention track the state of pages loaded in memory using page table access bits available from a central processing unit. A page in memory may be in a state that is “unsafe” or potentially infected with malware. In this instance, the present invention calls a scan engine to search a page for malware before information on the page is executed.

Abstract: A system for monitoring a resource in a processing system is disclosed. The processing system includes a display. The system comprises a total resource graphic provided on the display. The total resource graphic represents the total resource. The system includes at least one allocation graphic provided within the total resource graphic. The allocation graphic represents the proportion of the resources allocated to an object. The system and method in accordance with the present invention allows for allocation of a resource across all demands, the relative size of the allocations, and the usage of the resource by the individual demanding operation within a single graphical object. In addition, the object would provide for changes to that allocation by direct manipulation, in addition, the status indicator would provide additional information on demand by the user.

Abstract: The present invention provides various processes for selectively removing undesirably sized catalyst particles from a reaction system. In one embodiment, a plurality of catalyst particles, having a first median particle diameter, is withdrawn from the reaction system and is directed to a separation unit such as a counter flow cyclone separator. In the separation unit, the particles are separated into a small catalyst stream and a large catalyst stream, the small catalyst stream having a second median particle diameter less than the first median particle diameter, and the large catalyst stream having a third median particle diameter greater than the first median particle diameter. At least a portion of the small or large catalyst stream is then directed back to the reaction system in order to maintain a desirable particle size distribution therein.

Abstract: Systems and methods are provided for maintaining and updating a secure boot process on a computer with a trusted platform module (TPM). A boot process may be maintained by inspecting a log of TPM activity, determining data that prevented a secret to unseal, and returning the data to an original state. In situations where this type of recovery is not workable, techniques for authenticating a user may be used, allowing the authenticated user to bypass the security features of the boot process and reseal the boot secrets to platform configuration register (PCR) values that may have changed. Finally, a secure boot process may be upgraded by migrating TPM sealed secrets to a temporary storage location, updating one or more aspects of a secure boot process, and resealing the secrets to the resulting new platform configuration. Other advantages and features of the invention are described below.

Abstract: Systems and methods are provided for maintaining and updating a secure boot process on a computer with a trusted platform module (TPM). A boot process may be maintained by inspecting a log of TPM activity, determining data that prevented a secret to unseal, and returning the data to an original state. In situations where this type of recovery is not workable, techniques for authenticating a user may be used, allowing the authenticated user to bypass the security features of the boot process and reseal the boot secrets to platform configuration register (PCR) values that may have changed. Finally, a secure boot process may be upgraded by migrating TPM sealed secrets to a temporary storage location, updating one or more aspects of a secure boot process, and resealing the secrets to the resulting new platform configuration. Other advantages and features of the invention are described below.

Abstract: Systems and methods for controlling access to data on a computer with a secure boot process can provide a highly efficient mechanism for preventing future access to encrypted digital resources. This may be advantageous in a range of scenarios, for example where a computer is sold and assurance is desired that no stray private data remains on the hard disk. Data resources, for example all data associated with one or more particular hard disk partitions, may be encrypted. The decryption key may be available through a secure boot process. By erasing, altering, or otherwise disabling a secret, such as a decryption key or a process that obtains a decryption key, the data formerly accessible using such secret becomes inaccessible.

Abstract: In a computer with a trusted platform module (TPM), an expected hash value of a boot component may be placed into a platform configuration register (PCR), which allows a TPM to unseal a secret. The secret may then be used to decrypt the boot component. The hash of the decrypted boot component may then be calculated and the result can be placed in a PCR. The PCRs may then be compared. If they do not, access to the an important secret for system operation can be revoked. Also, a first secret may be accessible only when a first plurality of PCR values are extant, while a second secret is accessible only after one or more of the first plurality of PCR values has been replaced with a new value, thereby necessarily revoking further access to the first secret in order to grant access to the second secret.

Abstract: A security scheme provides security to one or more self-contained operating environment instances executing on a computer. The security scheme may include implementing a set of security applications that may be controlled by a supervisory process, or the like. Both the set of security applications and the supervisory process may operate on a host system of the computer, which may also provide a platform for execution of the one or more self-contained operating environments. The security scheme protects processes running in the one or more self-contained operating environment and processes running on the computer outside of the self-contained operating environments.

Abstract: This invention relates to processes for converting oxygenates to olefins that include a step of pretreating molecular sieve used in the conversion reaction with a C4–C7 olefin composition, which contains one or more C4–C7 olefins. Fresh or regenerated molecular sieve, which is low in carbon content, is contacted or pretreated with the olefin composition to form a hydrocarbon co-catalyst within the pore structure of the molecular sieve, and the pretreated molecular sieve containing the co-catalyst is used to convert oxygenate to a lighter olefin product.

Abstract: The present invention provides a process for making an olefin product from an oxygenate feedstock which comprises: a) contacting the feedstock in a reaction zone with a catalyst comprising i) a molecular sieve having defined pore openings and ii) a CO oxidation metal, under conditions effective to convert the feedstock into an olefin product stream comprising C2–C3 olefins and to form carbonaceous deposits on the catalyst so as to provide a carbon-containing catalyst; b) contacting at least a portion of the carbon-containing catalyst with a regeneration medium comprising oxygen in a regeneration zone comprising a fluid bed regenerator having a dense fluid phase and a dilute fluid phase under conditions effective to obtain a regenerated catalyst portion, wherein the difference between the temperature of the dilute phase and the temperature of the dense phase is no greater than 100° C.; c) introducing said regenerated catalyst portion into said reaction zone; and d) repeating steps a)–c).

Abstract: This invention relates to processes for converting oxygenates to olefins and olefins to polyolefins. The processes include a step of pretreating molecular sieve used in the conversion of oxygenate to olefin with a dimethyl ether composition. Fresh or regenerated molecular sieve, which is low in carbon content, is contacted or pretreated with the dimethyl ether composition to form a hydrocarbon co-catalyst within the pore structure of the molecular sieve, and the pretreated molecular sieve containing the co-catalyst is used to convert oxygenate to a lighter olefin product.

Abstract: A method, apparatus, and computer program product provide applications and application developers with generic access from user mode to the L2CAP layer of Bluetooth by exposing the L2CAP layer to user mode via a socket interface. In particular, a kernel mode primary component and user mode helper component cooperate to expose a Winsock interface to user mode components, and to manage various Bluetooth-specific functions and operations, allowing a user mode user application to access Bluetooth functionality without providing Bluetooth-specific commands or actions, and without being required to use RFCOMM.

Abstract: Disclosed is a method and apparatus for reducing the amount of metal catalyzed side-reaction byproducts formed in the feed vaporization and introduction system of a methanol to olefin reactor system by monitoring and/or maintaining the temperature of at least a portion of the feed vaporization and introduction system and/or of the feedstock contained therein below about 400° C., 350° C., 300° C., 250° C., 200° C. or below about 150° C. The temperature can be maintained in the desired range by jacketing at least a portion of the feed vaporization and introduction system, such as at least a portion of the feed introduction nozzle, with a thermally insulating material or by implementing a cooling system.

Abstract: The invention is directed to methods for protecting metalloaluminophosphate molecular sieves, particularly silicoaluminophosphate (SAPO) molecular sieves, from loss of catalytic activity due to contact with a gas containing water. The methods of the invention provide procedures that enable activated sieve to contact water vapor, within a certain range of time, temperature, and water partial pressure conditions, before the sieve becomes substantially deactivated.

Abstract: Systems and methods for analyzing transactions on a bus. A software module can cause a trace packet to be generated and sent out on a bus to an invalid address. The trace packet triggers a protocol analyzer and permits the bus data flowing on the bus when the software module detected a problem to be analyzed. The trace packet causes the protocol analyzer to trigger even though the bus protocol is normal and the protocol analyzer would not otherwise trigger. The trace packet can be used to analyze and debug communications flowing on a bus when the software module detects a problem.

Abstract: A method, apparatus, and computer program product provide applications and application developers with generic access from user mode to the L2CAP layer of Bluetooth by exposing the L2CAP layer to user mode via a socket interface. In particular, a kernel mode primary component and user mode helper component cooperate to expose a Winsock interface to user mode components, and to manage various Bluetooth-specific functions and operations, allowing a user mode user application to access Bluetooth functionality without providing Bluetooth-specific commands or actions, and without being required to use RFCOMM.