Abstract: A level measuring device for radar transmitter calibration, and method of use is herein disclosed. The level measuring device can comprise a radar transmitter, a fluid column, process flanges, and a visible level gauge. The radar transmitter can mount above the fluid column. The fluid column can comprise a chamber capable of holding a fluid. The process flanges can be in fluid connection with the fluid column at a first side of the fluid column. The process flanges can be connectable to a vessel. The visible level gauge can attach to a second side of the fluid column. The visible level gauge can comprise one or more sight glasses that can allow visible light between the chamber and outside the chamber.

Abstract: The present invention relates to systems and methods for statistical caching. Inputs are captured via an appropriate network protocol. The input includes statistical data and a corresponding cache key. The values for each cache key within a cache are compacted using the input. The compacting involves determining if the corresponding cache key is already set within the cache, and if the cache key is present, aggregating the statistical data with the value stored within the cache to generate an updated value. The updated cache may be periodically synchronized with a final data store. Additionally, each operation performed by the statistical cache may be recorded in a transaction log for fault tolerance.

Abstract: Methods and apparatuses for detecting an evaluation flaw in a SQL query, the SQL query configured to access data in a database table are disclosed. The method includes creating a parse tree from the SQL query and evaluating the parse tree to ascertain whether a condition of the SQL query results in a type or value that is independent of contents of the database table. For type evaluation, if, responsive to the evaluating, the condition is found, designating the SQL query at risk for having the tautology in the SQL query. For value evaluation, if, responsive to the evaluating, the condition is found, determining whether the condition is always true or whether the condition is always false; and if, responsive to the determining, the condition is found to be always true or always false, designating the SQL query at risk for having the evaluation flaw in the SQL query.

Abstract: Methods and apparatuses for detecting an evaluation flaw in a SQL query, the SQL query configured to access data in a database table are disclosed. The method includes creating a parse tree from the SQL query and evaluating the parse tree to ascertain whether a condition of the SQL query results in a type or value that is independent of contents of the database table. For type evaluation, if, responsive to the evaluating, the condition is found, designating the SQL query at risk for having the tautology in the SQL query. For value evaluation, if, responsive to the evaluating, the condition is found, determining whether the condition is always true or whether the condition is always false; and if, responsive to the determining, the condition is found to be always true or always false, designating the SQL query at risk for having the evaluation flaw in the SQL query.

Abstract: The present invention relates to systems and methods for analyzing SQL queries for constraint violations, which may indicate injection attacks. The systems and methods tokenize a SQL query to generate a token stream. Next, lexical nodes are generated by iterating over the token stream. Then, a parse tree can be constructed by iterating over the lexical nodes. The parse tree may be compared to a SQL schema and access configuration for a database in order to analyze the SQL query for constraint violations, including determining the number of queries in the parse tree, identifying invalid fields and table access, identifying invalid field type comparisons and pattern matches, and identifying early statement termination.

Abstract: The present invention relates to systems and methods for the tokenization of user-generated content in order to prevent attacks on the user-generated content. The systems and methods initially pre-process the user-generated content string utilizing a secondary input of target language. Pre-processing may also include initialization of finite state machines, token markers and string buffers (text, HTML tag name, HTML attribute name, HTML attribute value, CSS selector, CSS property name, and CSS property value). The user-generated content string is scanned by rune, and the system sends each rune to a specific buffer based upon signaling by individual finite state machine states. Buffers are then converted to token stream nodes to be inserted into the token stream. The tokens represent a string of characters and are symbolically categorized according to activated finite state machine states.

Abstract: The present invention relates to systems and methods for parsing of a token stream for user generated content in order to prevent attacks on the user generated content. The systems and methods include a database which stores one or more whitelists, and a parser. The parser removes tokens from the token stream by comparing the tokens against the whitelist. Next, the parser validates CSS property values, encodes data within attribute values and text nodes, reconciles closing HTML tags, and coerces media tags into safe variants. The tokens removed may be any of HTML tags, HTML attributes, HTML protocols, CSS selectors and CSS properties.

Abstract: The present invention relates to systems and methods for statistical caching. Inputs are captured via an appropriate network protocol. The input includes statistical data and a corresponding cache key. The values for each cache key within a cache are compacted using the input. The compacting involves determining if the corresponding cache key is already set within the cache, and if the cache key is present, aggregating the statistical data with the value stored within the cache to generate an updated value. The updated cache may be periodically synchronized with a final data store. Additionally, each operation performed by the statistical cache may be recorded in a transaction log for fault tolerance.

Abstract: The present invention relates to systems and methods for analyzing SQL queries for constraint violations, which may indicate injection attacks. The systems and methods tokenize a SQL query to generate a token stream. Next, lexical nodes are generated by iterating over the token stream. Then, a parse tree can be constructed by iterating over the lexical nodes. The parse tree may be compared to a SQL schema and access configuration for a database in order to analyze the SQL query for constraint violations, including determining the number of queries in the parse tree, identifying invalid fields and table access, identifying invalid field type comparisons and pattern matches, and identifying early statement termination.

Abstract: The present invention relates to systems and methods for parsing of a token stream for user generated content in order to prevent attacks on the user generated content. The systems and methods include a database which stores one or more whitelists, and a parser. The parser removes tokens from the token stream by comparing the tokens against the whitelist. Next, the parser validates CSS property values, encodes data within attribute values and text nodes, reconciles closing HTML tags, and coerces media tags into safe variants. The tokens removed may be any of HTML tags, HTML attributes, HTML protocols, CSS selectors and CSS properties.

Abstract: The present invention relates to systems and methods for the tokenization of user-generated content in order to prevent attacks on the user-generated content. The systems and methods initially pre-process the user-generated content string utilizing a secondary input of target language. Pre-processing may also include initialization of finite state machines, token markers and string buffers (text, HTML tag name, HTML attribute name, HTML attribute value, CSS selector, CSS property name, and CSS property value). The user-generated content string is scanned by rune, and the system sends each rune to a specific buffer based upon signaling by individual finite state machine states. Buffers are then converted to token stream nodes to be inserted into the token stream. The tokens represent a string of characters and are symbolically categorized according to activated finite state machine states.

Abstract: An HTML filter is described that converts HTML tags into HTML object and associated param tags. In an exemplary embodiment, the present HTML filter also validates existing object tags so that they may render in at least one, and optionally all, major browsers. In another exemplary embodiment, the presently described HTML filter also serves as a configurable whitelist for rich media (through controlling particular attributes, e.g., “classid”, in the object tag and affiliated param tags).