Abstract: A processor-based method for creating a persistent directory signature file, comprising: selecting a private key, a certificate identifier and a hash algorithm identifier for the directory signature file; concatenating one or more persistent, independent signatures wherein a persistent independent signature includes a file name, sub-directory indicator, or meta-data indicator, and a certificate identifier, and a hash identifier, and an encrypted hash; creating an encrypted hash of the one or more concatenated signatures using the hash algorithm and private key chosen for the directory signature file; and concatenating the encrypted hash of the one or more concatenated signatures with the concatenated signatures and the certificate identifier, and hash algorithm identifier chosen for the directory signature file to create a persistent, independent signature for the directory signature file.

Abstract: A processor-based method for securing directories through a persistent signature, comprising: selecting a directory; selecting a private key, a certificate identifier and a hash algorithm identifier for each selected directory; creating an encrypted hash of the directory using the hash algorithm and private key; and creating a persistent, independent signature for the directory that identifies the directory, certificate identifier, hash algorithm identifier, and the encrypted hash value for that directory.

Abstract: A processor-based method for securing meta-data through a persistent signature, comprising: identifying meta-data for a file; selecting a private key, a certificate identifier and a hash algorithm identifier for the meta-data; creating an encrypted hash of the meta-data using the hash algorithm and private key; and creating a persistent, independent signature for the meta-data that identifies the meta-data, certificate identifier, hash algorithm identifier, and the encrypted hash value for the meta-data.

Abstract: A processor-based method for securing files through a persistent signature includes: selecting a file of any file type; selecting a private key, a certificate identifier and a hash algorithm identifier for the file; creating an encrypted hash of the file using the hash algorithm and private key for the file; and creating a persistent, independent signature for each selected file that identifies the file, certificate identifier, hash algorithm identifier, and the encrypted hash value for the file.

Abstract: A processor-based method for verifying a secured file, directory, or meta-data, comprising: extracting a persistent, independent signature for a secured file, directory, or meta-data from a directory signature file, the signature identifying a certificate identifier, a hash algorithm identifier, and an encrypted hash value for that secured file, directory, or meta-data; retrieving a public key corresponding to the certificate identifier; decrypting the encrypted hash using the public key and a decryption tool, resulting in a clear text hash value; creating a new hash value for the secured file, directory, or meta-data, the hash creation corresponding to the hash algorithm identifier; and verifying the signature when the new hash value for the secured file, directory, or meta-data matches the unencrypted hash value from the persistent, independent signature for the secured file, directory, or meta-data,

Abstract: A data communication security system is disclosed that includes a network interface including a first security module implementing a first security architecture, and a second security module implementing a second security architecture different from the first security architecture. The network interface further includes a file-based application programming interface defining a plurality of attributes of the network interface and including at least one attribute associated with data security managed by one of the first and second security modules. The file-based application programming interface includes at least one attribute from among the plurality of attributes that is associated with selecting between the first or second security modules.

Abstract: A data communication security system is disclosed that includes a network interface including a first security module implementing a first security architecture, and a second security module implementing a second security architecture different from the first security architecture. The network interface further includes a file-based application programming interface defining a plurality of attributes of the network interface and including at least one attribute associated with data security managed by one of the first and second security modules. The file-based application programming interface includes at least one attribute from among the plurality of attributes that is associated with selecting between the first or second security modules.

Abstract: A data communication security system is disclosed that includes a network interface configured for transport layer protocol communications at a communication port. The network interface includes a security module configured to provide secure shell (SSH) data security on a transport layer data path, and which is communicatively connected to the transport layer data path. The data communication security system also includes a file-based application programming interface defining a plurality of attributes of the network interface and including at least one attribute configured for selection of the security module and accessible for use in logical I/O operations.

Abstract: A computing system having host computer and an I/O processor (IOP) provides firewall services to the host computer. When the host computer and the IOP are initialized, all of the communication ports are reset to a closed state. Application programs are loaded into memory of the host computer for execution and provide the identity of communication ports to be used by the application. The identity of the requested communication ports are used to instruct the IOP to open the communication port to accept network data packets that use the particular port. When the application terminates operation, the communication ports used by the application are closed to provide dynamic control over communication ports. This process ensures that only ports currently used by applications currently executing within the host computer are open without administrator action.

Abstract: Methods and apparatus that enable a transport protocol executing on a first computer system to be utilized by applications executing on a second computer system which is directly interconnected and closely coupled to the first computer system. An interconnection couples an input/output (I/O) subsystem of the first computer system to an I/O subsystem of the second computer system and provides a path over which data can be transmitted between the first and second computer systems independent of a network interface card, and an interconnection messaging system executing on the first and second computer systems provides general purpose transport interfaces between said first and second computer systems.

Abstract: Methods and apparatus that enable a transport protocol executing on a first computer system to be utilized by applications executing on a second computer system which is directly interconnected and closely coupled to the first computer system. An interconnection couples an input/output (I/O) subsystem of the first computer system to an I/O subsystem of the second computer system and provides a path over which data can be transmitted between the first and second computer systems independent of a network interface card, and an interconnection messaging system executing on the first and second computer systems provides general purpose transport interfaces between said first and second computer systems.

Abstract: Methods and apparatus that enable network applications executing on respective directly interconnected computer systems to communicate at high speed, with low latency, over the interconnection therebetween such that both systems may use their native mechanisms to communicate with each other without change in those mechanisms, rather than over conventional network communication paths such as Ethernet. Communication between applications in co-resident, closely coupled processing environments is provided by replacing the conventional TCP transport layer and the conventional IP network layer with a reliable messaging subsystem (“MSS”) for data transfers between the closely coupled systems which provides an interface which is independent of the communication protocol of the interconnect and a virtual transport layer (“VTL”) which simulates a known transport layer protocol, such as TCP/IP, to the network applications.