Abstract: A guidance system for targeted interventions using medical instruments may include an optical unit positioned such that a desired area of intervention is within a field of view. A control unit having a touch screen display, may be communicatively coupled with the optical unit and configured to receive a real time image of the area of intervention, and further configured to (i) receive MRI volume representations of the desired area of intervention, (ii) register any multi modal markers that appear in the field of view, (iii) generate guidance feedback images comprising a plurality of image elements based on the MRI volume representations and (iii) to transmit the guidance feedback images to the projector. The projector in turn directs at least one of the guidance feedback image elements onto the area of intervention responsive to receipt of the guidance feedback images from said control unit.

Abstract: A system and method of executing secure communications between first and second domains includes a first logical unit and a second logical unit. The first logical unit periodically calculates timestamps and hashes. The first logical unit also transmits a web form to a node of a first domain responsive to a request and the web form is displayed to a user. The first logical unit receives data input to said web form by the user and enhances the data by adding one or more security services. The first logical unit translates the received data from a first network application level protocol to a target network application level protocol while preserving said data security enhancements and transmits the translated data across a public network. A second logical unit de-enhances the translated data and filters the translated data data. The second logical unit further authorizes the filtered data and transmits the filtered data to a node of the second domain for use in an application.

Abstract: A system and method of executing secure communications between first and second domains includes a first logical unit and a second logical unit. The first logical unit periodically calculates timestamps and hashes. The first logical unit also transmits a web form to a node of a first domain responsive to a request and the web form is displayed to a user. The first logical unit receives data input to said web form by the user and enhances the data by adding one or more security services. The first logical unit translates the received data from a first network application level protocol to a target network application level protocol while preserving said data security enhancements and transmits the translated data across a public network. A second logical unit de-enhances the translated data and filters the translated data data. The second logical unit further authorizes the filtered data and transmits the filtered data to a node of the second domain for use in an application.

Abstract: A system and method of executing secure communications between first and second domains includes a first logical unit and a second logical unit. The first logical unit periodically calculates timestamps and hashes. The first logical unit also transmits a web form to a node of a first domain responsive to a request and the web form is displayed to a user. The first logical unit receives data input to said web form by the user and enhances the data by adding one or more security services. The first logical unit translates the received data from a first network application level protocol to a target network application level protocol while preserving said data security enhancements and transmits the translated data across a public network. A second logical unit de-enhances the translated data and filters the translated data data. The second logical unit further authorizes the filtered data and transmits the filtered data to a node of the second domain for use in an application.

Abstract: A system and method of executing secure communications between first and second domains includes a first logical unit and a second logical unit. The first logical unit periodically calculates timestamps and hashes. The first logical unit also transmits a web form to a node of a first domain responsive to a request and the web form is displayed to a user. The first logical unit receives data input to said web form by the user and enhances the data by adding one or more security services. The first logical unit translates the received data from a first network application level protocol to a target network application level protocol while preserving said data security enhancements and transmits the translated data across a public network. A second logical unit de-enhances the translated data and filters the translated data data. The second logical unit further authorizes the filtered data and transmits the filtered data to a node of the second domain for use in an application.

Abstract: A method of executing secure communications between first and second domains includes a translating data received from a node of the first domain to a target protocol and transmitting the translated data to a bastion host. The translated data may be filtered by the bastion host to block unauthorized transmissions. The data may then be authenticated and transmitted to a node of the second domain for use in an application. In one embodiment, the first domain is an untrusted domain and the second domain is a trusted domain.

Abstract: An intelligent token protected system includes a local host computer, an intelligent token in communication with the local host computer and a remote host computer in communication with the local host computer. The intelligent token interacts with the local host computer to perform a secure boot on the local host computer with minimal user input. Without additional user input, the intelligent token also interacts with the remote host computer to authenticate the local host computer to the remote host computer.

Abstract: The possibility of corruption of critical information required in the operation of a computer is reduced by storing the critical information in a device; communicating authorization information between the device and the computer; and causing the device, in response to the authorization information, to enable the computer to read the critical information stored in the device. The device includes a housing, a memory within the housing containing information needed for startup of the host computer, and a communication channel for allowing the memory to be accessed externally of the housing. The device is initialized by storing the critical information in memory on the device, storing authorization information in memory on the device, and configuring a microprocessor in the device to release the critical information to the computer only after completing an authorization routine based on the authorization information.