Abstract: Mapping of database partitions to available nodes. Metric information related to the partitions of the database are stored. One or more metrics associated with the partitions are gathered. A plurality of potential mappings of partitions to nodes are evaluated. One of the potential mappings of partitions to nodes to result in improved metric distribution among the nodes and the partition moves are within a pre-selected move constraint is selected. The selected potential mapping is implemented by moving one or more partitions between one or more nodes.

Abstract: Mapping of database partitions to available nodes. Metric information related to the partitions of the database are stored. One or more metrics associated with the partitions are gathered. A plurality of potential mappings of partitions to nodes are evaluated. One of the potential mappings of partitions to nodes to result in improved metric distribution among the nodes and the partition moves are within a pre-selected move constraint is selected. The selected potential mapping is implemented by moving one or more partitions between one or more nodes.

Abstract: Mapping of database partitions to available nodes. Metric information related to the partitions of the database are stored. One or more metrics associated with the partitions are gathered. A plurality of potential mappings of partitions to nodes are evaluated. One of the potential mappings of partitions to nodes to result in improved metric distribution among the nodes and the partition moves are within a pre-selected move constraint is selected. The selected potential mapping is implemented by moving one or more partitions between one or more nodes.

Abstract: The invention provides a method for improving the security of a mobile terminal in a WLAN environment by installing two shared secrets instead of one shared secret, the initial session key, on both the wireless user machine and the WLAN access point during the user authentication phase. One of the shared secrets is used as the initial session key and the other is used as a secure seed. Since the initial authentication is secure, these two keys are not known to a would be hacker. Although the initial session key may eventually be cracked by the would be hacker, the secure seed remains secure as it is not used in any insecure communication.

Abstract: A method for de-authenticating a client device from a network based on a credit based access control is disclosed. The method comprises receiving by an access point (AP) in the network a user request for user access from the client device according to an authentication protocol and transmitting by the AP an access request to an authentication server in response to the user request. The AP receives an access response from the authentication server authenticating the user access for the client device, where the access response contains a parameter having a value indicative of the length of available continued access of the client device to the network based on remaining user credit. The then transmits a re-authentication request to the authentication server when the parameter value reaches a threshold to cause a re-authentication of the client device with the network to occur before granting further access to the network by the client device.

Abstract: The invention provides a method for a web browser based remote administration system to maintain its security by utilizing an ActiveX control or a plug-in, without relying on HTTPS protection to transact management information. The invention does not burden the embedded system and thus is ideally suited for the remote administration of embedded systems. The invention provides a method to calculate a security code base upon identical algorithms in the administrative system having the browser and the embedded system. When the browser-based administrator submits the management information, an operator packages the control information as a string and invokes the security function in the plug-in with the string as a parameter. After the security function returns the result, the operator sends the form data together with a coded digest to the remote system. The digest may be embedded in the form data, for example, as a hidden field.

Abstract: A system and device for authenticating and admitting parties located at remote sites (115) to a secure communication network (100), wherein each remote site includes a device operable to execute code for determining a first authenticating value received from a second site (110), which is blinded with a value associated with the remote site (115), encrypting and transmitting the determined value and decrypting a second authenticating value and validating the transmitting site (110) when the unblinded first authenticating value is equivalent to the second authenticating value. Furthermore, the transmitting site (110) includes a devices operable to execute code for generating and transmitting a first authenticating value blinded by a value associated with a remote site (115), decrypting a value and validating the remote site when the authenticating value is equivalent to the decrypted received value.

Abstract: The invention relates generally to a method and an apparatus for synchronizing a digital transmission using beacon packets, and in particular, by using beacon packets utilized in communication between a wireless access point and a wireless station in accordance with operating in accordance with the Institute of Electrical & Electronics Engineers' IEEE standard 802.11. A communication device comprises a means for creating a plurality of logical access points; a means for downloading a SSID into a mobile terminal in accordance with a user's of communication reception; and a means to permit the mobile terminal to switch from one logical access point to second logical access point depending on the current state of the logical access point and the user's choice.

Abstract: A public wireless LAN permits receipt of non-authentication traffic, such as access information requests, from a mobile wireless communications device prior to device authentication by partially opening a controlled port within an access point. The wireless LAN re-directs such non-authentication traffic received at the AP from the mobile wireless communications to a local web server. The local web server provides reply to the mobile wireless communications device, enabling a determination by the device whether or not to request access. The device seeks access by way of an access request received at the AP. In response, the AP re-directs the access request through an uncontrolled port in the AP to an access server that authenticates device. Upon successful device authentication, the AP fully opens its controlled port to permit the exchange of traffic through that port with the mobile wireless communications device.