Abstract: A system for data and signal routing for videotelephonic conferencing is provided.

Abstract: A system for signal or data routing is provided. The system has a client side graphical user interface GUI in communication with target side GUI over the network, wherein the client side GUI represents a first user and the target side GUI represents an organizational user, a focus server communicatively coupled to the client side GUI and the target side GUI, wherein the focus server is configured to create a conference session between the client side GUI and the target side GUI, a routing server comprising various routing logic, configured to direct the focus server to invite the organizational user to join the conference session at the target side GUI and a data management server coupled to the routing server. A method for signal or data routing is also provided.

Abstract: Systems and methods for switching from a first Internet context to a second Internet context without process shutdown are described. Internet context data, such as cookies, history and user-defined data, is stored in containers unique to each user on a system. Internet content is stored in a common location so redundant downloaded information is not stored. Content information is found or stored by hashing a URL and indexing the memory location according to the resulting hash value. If content data is specific to a particular user, a hash is performed on a combination of the URL and an ordinal associated with the user's unique identity to obtain a hash value unique to the user. The user-specific content is then stored and the memory location is indexed according to the unique hash value.

Abstract: A method and system for using an Internet client's local authentication mechanism in systems having updated browser code, so as to enable third party authentication according to an authentication scheme specified by a participating server on clients with updated browser code, while not breaking clients with legacy browser code. A redirect response from a server has authentication data added thereto such that updated browser code can detect the data's presence and enable the use of local security mechanisms for authentication purposes with the server-specified authentication scheme, including local credential entry for verification at a third party login server. At the same time, if such a redirect response is received by prior browser code, the added data is ignored while conventional redirection occurs, such that third party authentication may be performed via redirection to a third party's Internet page that provides a form for credential entry.

Abstract: Aspects of the present invention are directed to embodiments that include system and methods for electronic deposit of a financial instrument. In one embodiment the system and method are configured to receive a financial transaction document associated with a user, wherein the financial transaction document is received at a location remote from the user; obtain an electronic image of the financial transaction document at the location; determine identification information about the user based upon data from the electronic image of the financial transaction document; receive handling instructions from the user regarding the financial transaction document; and, electronically deposit the financial transaction document with financial institution for application to an account associated with the user, the financial institution being remote from the user and remote from the location.

Abstract: A system and method that evaluates privacy policies from web sites to determine whether each site is permitted to perform operations (e.g., store, retrieve or delete) directed to cookies on a user's computer. Various properties of each cookie and the context in which it is being used are evaluated against a user's privacy preference settings to make the determination. An evaluation engine accomplishes the evaluation and determination via a number of criteria and considerations, including the cookie properties, its current context, the site, the zone that contains the site, and any P3P data (compact policy) provided with the site's response. The user privacy preferences are evaluated against these criteria to determine whether a requested cookie operation is allowed, denied or modified. A formalized distinction between first-party cookies versus third-party cookies may be used in the determination, along with whether the cookie is a persistent cookie or a session cookie.

Abstract: Systems and methods for switching from a first Internet context to a second Internet context without process shutdown are described. Internet context data, such as cookies, history and user-defined data, is stored in containers unique to each user on a system. Internet content is stored in a common location so redundant downloaded information is not stored. Content information is found or stored by hashing a URL and indexing the memory location according to the resulting hash value. If content data is specific to a particular user, a hash is performed on a combination of the URL and an ordinal associated with the user's unique identity to obtain a hash value unique to the user. The user-specific content is then stored and the memory location is indexed according to the unique hash value.

Abstract: A system and method that allows a page (e.g., Internet content) author to associate a set of security settings on any desired element (e.g., tag) of the page. When the page is interpreted, each element is handled based on its associated security settings, allowing a page author to request that any element be considered differently with respect to security than other elements, and/or differently relative to the page that contains it. A negotiator determines the actual settings for elements to ensure that security cannot be compromised by tagging an element such that it has the ability to do more than desired. The negotiator also determines the settings for elements that do not have specifically associated security data, e.g., elements without specified security settings may inherit security settings from higher elements, or the top-level container. The settings may correspond to those of a security zone.

Abstract: A method and system for using an Internet client's local authentication mechanism in systems having updated browser code, so as to enable third party authentication according to an authentication scheme specified by a participating server on clients with updated browser code, while not breaking clients with legacy browser code. A redirect response from a server has authentication data added thereto such that updated browser code can detect the data's presence and enable the use of local security mechanisms for authentication purposes with the server-specified authentication scheme, including local credential entry for verification at a third party login server. At the same time, if such a redirect response is received by prior browser code, the added data is ignored while conventional redirection occurs, such that third party authentication may be performed via redirection to a third party's Internet page that provides a form for credential entry.

Abstract: A system and method for virtually eliminating a potential security risk inherent with the caching of network content. Random subdirectory names are generated for cache directories, while continuing to generate user-friendly file names. Security is achieved since malicious sites cannot guess the cache location, which if guessed along with the filename, could cause a user connected to the site to inadvertently execute malicious content downloaded by the site to the cache. In addition to generating random subdirectory names, the system and method provide enhanced performance by balancing the number of files among the cache directories, and by limiting the number of files in any cache directory by creating additional cache directories as needed.

Abstract: A method and system for using an Internet client's local authentication mechanism in systems having updated browser code, so as to enable third party authentication according to an authentication scheme specified by a participating server on clients with updated browser code, while not breaking clients with legacy browser code. A redirect response from a server has authentication data added thereto such that updated browser code can detect the data's presence and enable the use of local security mechanisms for authentication purposes with the server-specified authentication scheme, including local credential entry for verification at a third party login server. At the same time, if such a redirect response is received by prior browser code, the added data is ignored while conventional redirection occurs, such that third party authentication may be performed via redirection to a third party's Internet page that provides a form for credential entry.

Abstract: A system and method that evaluates privacy policies from web sites to determine whether each site is permitted to perform operations (e.g., store, retrieve or delete) directed to cookies on a user's computer. Various properties of each cookie and the context in which it is being used are evaluated against a user's privacy preference settings to make the determination. An evaluation engine accomplishes the evaluation and determination via a number of criteria and considerations, including the cookie properties, its current context, the site, the zone that contains the site, and any P3P data (compact policy) provided with the site's response. The user privacy preferences are evaluated against these criteria to determine whether a requested cookie operation is allowed, denied or modified. A formalized distinction between first-party cookies versus third-party cookies may be used in the determination, along with whether the cookie is a persistent cookie or a session cookie.

Abstract: A system and method that evaluates privacy policies from web sites to determine whether each site is permitted to perform operations (e.g., store, retrieve or delete) directed to cookies on a user's computer. Various properties of each cookie and the context in which it is being used are evaluated against a user's privacy preference settings to make the determination. An evaluation engine accomplishes the evaluation and determination via a number of criteria and considerations, including the cookie properties, its current context, the site, the zone that contains the site, and any P3P data (compact policy) provided with the site's response. The user privacy preferences are evaluated against these criteria to determine whether a requested cookie operation is allowed, denied or modified. A formalized distinction between first-party cookies versus third-party cookies may be used in the determination, along with whether the cookie is a persistent cookie or a session cookie.

Abstract: Systems and methods for switching from a first Internet context to a second Internet context without process shutdown are described. Internet context data, such as cookies, history and user-defined data, is stored in containers unique to each user on a system. Internet content is stored in a common location so redundant downloaded information is not stored. Content information is found or stored by hashing a URL and indexing the memory location according to the resulting hash value. If content data is specific to a particular user, a hash is performed on a combination of the URL and an ordinal associated with the user's unique identity to obtain a hash value unique to the user. The user-specific content is then stored and the memory location is indexed according to the unique hash value.

Abstract: Systems and methods for switching from a first Internet context to a second Internet context without process shutdown are described. Internet context data, such as cookies, history and user-defined data, is stored in containers unique to each user on a system. Internet content is stored in a common location so redundant downloaded information is not stored. Content information is found or stored by hashing a URL and indexing the memory location according to the resulting hash value. If content data is specific to a particular user, a hash is performed on a combination of the URL and an ordinal associated with the user's unique identity to obtain a hash value unique to the user. The user-specific content is then stored and the memory location is indexed according to the unique hash value.

Abstract: Systems and methods for switching from a first Internet context to a second Internet context without process shutdown are described. Internet context data, such as cookies, history and user-defined data, is stored in containers unique to each user on a system. Internet content is stored in a common location so redundant downloaded information is not stored. Content information is found or stored by hashing a URL and indexing the memory location according to the resulting hash value. If content data is specific to a particular user, a hash is performed on a combination of the URL and an ordinal associated with the user's unique identity to obtain a hash value unique to the user. The user-specific content is then stored and the memory location is indexed according to the unique hash value.

Abstract: A system and method that allows a page (e.g., Internet content) author to associate a set of security settings on any desired element (e.g., tag) of the page. When the page is interpreted, each element is handled based on its associated security settings, allowing a page author to request that any element be considered differently with respect to security than other elements, and/or differently relative to the page that contains it. A negotiator determines the actual settings for elements to ensure that security cannot be compromised by tagging an element such that it has the ability to do more than desired. The negotiator also determines the settings for elements that do not have specifically associated security data, e.g., elements without specified security settings may inherit security settings from higher elements, or the top-level container. The settings may correspond to those of a security zone.

Abstract: Two new cache control headers in the cache control header, “post-check” and “pre-check”, enable the display of content from the cache, with a later synchronization of the content performed in the background via a conditional request such as an IMS request. These headers enable the server to define a non-validate time period relative to the cached content's age in which the user will receive content from the cache, a background synchronization period in which the user will receive content from the cache and automatically queue a request for background synchronization thereof, and a validate period in which the cached content may or may not be used, depending on a response to a validation request sent to the server. The content is quickly rendered for the user in the non-validate and background synchronization periods, and the hit count is correct in the background synchronization and validate periods.

Abstract: A computer based system and method of providing security when receiving digital data at a client computer from one or more Web sites is disclosed. The method includes receiving security configuration information that specifies multiple security zones, each zone corresponding to a set of Web sites. The security configuration information also includes information specifying a set of security settings corresponding to each security zone. A security setting is a specification indicating an action to perform when a Web page from one of the security zones requests a protected operation to be performed. During a Web browsing session, the mechanism of the invention determines the security zone corresponding to the Web site currently being browsed.

Abstract: A system and method for virtually eliminating a potential security risk inherent with the caching of network content. Random subdirectory names are generated for cache directories, while continuing to generate user-friendly file names. Security is achieved since malicious sites cannot guess the cache location, which if guessed along with the filename, could cause a user connected to the site to inadvertently execute malicious content downloaded by the site to the cache. In addition to generating random subdirectory names, the system and method provide enhanced performance by balancing the number of files among the cache directories, and by limiting the number of files in any cache directory by creating additional cache directories as needed.