Abstract: A secure data storage system for controlling access having a data user facility, a data owner facility and a data storage facility, wherein a third party data holder managing the data storage facility grants the data user access to the data without knowing the identities of the data user or data owner.

Abstract: A data storage system for controlling access to data, including: (a) a data user facility for a data user to create a request to access data, and attach a data user digital signature thereto; (b) a data owner facility for a data owner to: (i) verify the identity of the data user; (ii) determine whether the request to access data meets permission conditions and should be granted, and: (iii) attach a data owner public key and digital signature to the request, thereby creating a portable data access token; and (c) a data storage and management facility for a third party data holder to: (i) verify the identity of the data user, (ii) establish that the data user is making the same data request that is authorized by the portable data access token; and then, (iii) identify the requested data, and (iv) grant the data user access to the requested data.

Abstract: A method of enforcing web security, by: (a) receiving an incoming request; (b) applying a plurality of XML customized schemas to the incoming request, and thereby: (c) simultaneously validating the incoming request and determining whether the incoming request is authorized; and then, (d) (i) processing the incoming request if the incoming request is both valid and authorized, (ii) sending the incoming request to an authenticator if the incoming request is valid but not authorized, or (iii) ceasing operation on the incoming request if the incoming request is not valid.

Abstract: A method of client to client communication, by: (a) providing first and second clients which both have the same application running thereon, wherein the application defines structure and content for an XML schema; (b) having the first client send XML data to a server; (c) having the second client send an XML search to the server; and (d) having the server send XML search results to the second client, wherein the XML search results comprise the XML data sent to the server by the first client.

Abstract: A method of enforcing web security, by: (a) receiving an incoming request; (b) applying a plurality of XML customized schemas to the incoming request, and thereby: (c) simultaneously validating the incoming request and determining whether the incoming request is authorized; and then, (d) (i) processing the incoming request if the incoming request is both valid and authorized, (ii) sending the incoming request to an authenticator if the incoming request is valid but not authorized, or (iii) ceasing operation on the incoming request if the incoming request is not valid.

Abstract: A microprocessor-based system generates an electronic document based on a set of microprocessor-readable instructions organized in logical units known as instruction nodes. Each instruction node includes at least one microprocessor-readable instruction. If an instruction node is eligible for caching, it is associated with a cache key value, which is compared with a cache key value that is stored in a cache memory and that is associated with a data item. If the cache key value associated with the instruction node matches the cache key value stored in the cache memory, the microprocessor-based system retrieves the data item with the cache key value stored in the cache memory, rather than executing the instruction node. The microprocessor-based system generates at least a portion of the electronic document as a function of the retrieved data item.