Abstract: A computer system creates a view that has a class definition and one or more attributes of a directory to support graphical representation of the directory. A distributed processing system includes the directory and a number of nodes, one of the nodes being a service node. The directory includes entries that are associated with the nodes. The service node receives an attribute value that is associated with one of nodes. The service node determines from the class definition of the view that the received attribute value is associated with an attribute type that describes a new attribute value and creates an updated view without defining the received attribute value in the entries of the directory. The updated view includes the received attribute value.

Abstract: Systems and methods for a smart card accessible over a personal area network (PAN). An example method may include: communicatively coupling a device to the PAN, storing a digital certificate that identifies a user, logging the user on to an additional device within the PAN, and providing an encryption service for the additional device, by: receiving a message to be encrypted, encrypting the message, sending the encrypted message to the additional device via the PAN, receiving an encrypted version of an additional message, decrypting the additional message using the private key associated with the user to produce an unencrypted version of the additional message, and sending the unencrypted version of the additional message to the additional device via the PAN.

Abstract: A social networking site host includes, in a user's profile, information that has been attested to and verified by both the user and an independent verifier. The independent verifier is an accepted authority with direct knowledge of the information. Both the user and verifier attest to the information by digitally signing the information and including the digital signature with the information. The host or visitors to the social networking site can authenticate the information by using both digital signatures. By authenticating the information, visitors and users viewing information on the social networking site can assume that the information is trusted and accurate.

Abstract: Information to link two attributes in a database is stored, and when one of the attributes is updated, a new value for the second attribute is computed and stored. Related systems and applications are also described.

Abstract: Systems and methods for a smart card accessible over a personal area network (PAN). An example method may include: communicatively coupling a device to the PAN, storing a digital certificate that identifies a user, logging the user on to an additional device within the PAN, and providing an encryption service for the additional device, by: receiving a message to be encrypted, encrypting the message, sending the encrypted message to the additional device via the PAN, receiving an encrypted version of an additional message, decrypting the additional message using the private key associated with the user to produce an unencrypted version of the additional message, and sending the unencrypted version of the additional message to the additional device via the PAN.

Abstract: Some embodiments of a smart card accessible over a personal area network have been presented. In one embodiment, an apparatus includes a wireless transceiver to communicatively couple to a personal area network (PAN) to receive an authentication request via the PAN from a device. The device may include a computer. The apparatus further includes a storage device to store a digital certificate that uniquely identifies a user. An authentication module in the apparatus may authenticate the user in response to an authentication request from the device using the digital certificate, wherein the user is allowed to access the computer upon authentication.

Abstract: A distributed database server receives an operation request including a flag to cause recursive lock-and-propagate operation, acquires a local lock, tests the operation locally and propagates the recursive request to a peer database server. Specific implementations within a Lightweight Directory Access Protocol (“LDAP”) server are described.

Abstract: A method and apparatus for maintaining logs for a Lightweight Directory Access Protocol (LDAP) directory server. The method includes receiving or detecting events or activities in the system to be logged. The events are transformed into LDAP entries and stored in an LDAP repository. The LDAP entries may then be searched and operated on using LDAP operations, thereby providing enhanced utility and functionality for log data using LDAP operations and an LDAP repository.

Abstract: Embodiments of the present invention provide a system and method of assigning unique identifiers in a multi-master directory service. In particular, each server in the system assigns numeric user identifiers in a linear fashion that compliments the series of user identifiers assigned by the other servers. In particular, a first server is selected and assigned a first starting number. Each subsequent server is then assigned their own starting series number by incrementing from the first starting number. Then, all servers are assigned an additive, which is an integer greater than or equal to the number of servers in the system. Each server then generates its own series of unique numeric identifiers based on its own starting series number and the additive.

Abstract: Some embodiments of a method and apparatus for protecting web pages against phishing have been presented. In one embodiment, a user interface control is created at a client machine. A user may submit a request to protect a web page via the user interface control. In response to the request, a web page protection module may protect the web page against phishing based on content of the web page. In some embodiments, the web page protection module may be integrated with a network access application, such as, for example, as a plug-in to a browser.

Abstract: A method and apparatus to prove user assertions. A client request to authenticate a user assertion pertaining to user personal data may be received. The requested authentication may be generated for the client, the authentication proving the user assertion without revealing other information about the user. The requested authentication may be sent to the client.

Abstract: A computing device receives a request to perform a Lightweight Directory Access Protocol (“LDAP”) database operation and propagates the request to perform the LDAP database operation to a peer server to test the LDAP database operation at the peer server. The computing device executes an action on a distributed LDAP database based on a result of testing the LDAP database operation at the peer server.

Abstract: Embodiments of the present invention provide a method and system for determining a probability that a suspected domain name of a domain accessed using a universal resource locator (URL), which can be entered as a character string into a browser associated with a client in a net environment, is a counterfeit of a legitimate domain name. Characters in the suspected domain name can be identified as known as likely to be deceptively substituted for corresponding legitimate characters of a legitimate domain name. An alternate domain name is generated by substituting predetermined characters with the corresponding legitimate characters. An attempt can be made to resolve alternate domains of the alternate domain names. If the names are successfully resolved, a non-zero probability is assigned to the suspected domain name as being counterfeit.

Abstract: A method and apparatus for ordering callbacks for server plug-ins of a Lightweight Directory Access Protocol (LDAP) directory server. Each plug-in registers with the LDAP server and has a designated priority and set of dependencies. The priority and dependency data are stored in an LDAP callback configuration entry or set of entries. The LDAP server analyzes the priority and dependencies to determine the order of each plug-in or individual callback relative to one another. This allows the LDAP directory server and LDAP operations to rely on the order of callbacks thereby improving the efficiency of the system.

Abstract: Embodiments of the present invention provide a method and system for dynamically creating a view in a distributed processing system. The system can have nodes such as a service node and a directory with entries. An object class of a view can be defined as including an attribute type that accommodates a new attribute value. An attribute value associated with one of the nodes can be received at the service node whereupon it can be determined whether the attribute value is associated with the new attribute value. A new view can be created if the attribute value is associated with the new attribute value.

Abstract: Some embodiments of graphical spam detection and filtering have been presented. In one embodiment, an electronic mail addressed to an electronic mail account is screened. If a graphic image is embedded in a body of the electronic mail and a sender of the electronic mail is unidentified, then the electronic mail is classified as unsolicited bulk electronic mail.

Abstract: Some embodiments of a smart card accessible over a personal area network have been presented. In one embodiment, an apparatus includes a wireless transceiver to communicatively couple to a personal area network (PAN) to receive an authentication request via the PAN from a device. The device may include a computer. The apparatus further includes a storage device to store a digital certificate that uniquely identifies a user. An authentication module in the apparatus may authenticate the user in response to an authentication request from the device using the digital certificate, wherein the user is allowed to access the computer upon authentication.

Abstract: Some embodiments of a smart card accessible over a personal area network have been presented. In one embodiment, an apparatus includes a wireless transceiver to communicatively couple to a personal area network (PAN) to receive an authentication request via the PAN from a device. The device may include a computer. The apparatus further includes a storage device to store a digital certificate that uniquely identifies a user. An authentication module in the apparatus may authenticate the user in response to an authentication request from the device using the digital certificate, wherein the user is allowed to access the computer upon authentication.

Abstract: A computing device receives a request to perform a Lightweight Directory Access Protocol (“LDAP”) database operation and propagates the request to perform the LDAP database operation to a peer server to test the LDAP database operation at the peer server. The computing device executes an action on a distributed LDAP database based on a result of testing the LDAP database operation at the peer server.

Abstract: A method and apparatus for ordering callbacks for server plug-ins of a Lightweight Directory Access Protocol (LDAP) directory server. Each plug-in registers with the LDAP server and has a designated priority and set of dependencies. The priority and dependency data are stored in an LDAP callback configuration entry or set of entries. The LDAP server analyzes the priority and dependencies to determine the order of each plug-in or individual callback relative to one another. This allows the LDAP directory server and LDAP operations to rely on the order of callbacks thereby improving the efficiency of the system.