Abstract: Methods and apparatuses for storing structured information are disclosed. A hash value computed over structured information determined for a host is compared to a hash value computed over a corresponding structured information stored in a remote database for the host where after an update of at least a part of the stored structured information can take place in response to determining a difference in the hash values and the stored structured information is kept in the database as it is in response to determining that the hash values are equal.

Abstract: Methods and apparatuses for a computerized system are disclosed. A data processing device receives information from at least one source of log information in the computerized system and detects, based at least in part on said received log information, at least one security protocol related event at a first host device, the at least one security protocol related event being initiated by a second host device. Information is then stored for determination of a trust relationship record based on the detected at least one security protocol related event and information of the second host device.

Abstract: Methods and apparatuses for a computerized system are disclosed. A data processing device receives information from at least one source of log information in the computerized system and detects, based at least in part on said received log information, at least one security protocol related event at a first host device, the at least one security protocol related event being initiated by a second host device. Information is then stored for determination of a trust relationship record based on the detected at least one security protocol related event and information of the second host device.

Abstract: Certain embodiments provide means for managing automated access to computers, e.g., using SSH user keys and other kinds of trust relationships. Certain embodiments also provide for managing certificates, Kerberos credentials, and cryptographic keys. Certain embodiments provide for remediating legacy SSH key problems and for automating configuration of SSH keys, as well as for continuous monitoring.

Abstract: Methods and apparatus for generation of session audit log displays are disclosed. Audit log data is captured in association with at least one session in a computerized system. A video presentation is generated based on the captured audio log data. A video presentation of at least a part of the at least one session can then be displayed based on the generated data.

Abstract: Methods and apparatuses for a computerized system are disclosed. A data processing device receives information from at least one source of log information in the computerized system and detects, based at least in part on said received log information, at least one security protocol related event at a first host device, the at least one security protocol related event being initiated by a second host device. Information is then stored for determination of a trust relationship record based on the detected at least one security protocol related event and information of the second host device.

Abstract: Methods and apparatuses for managing access to hosts in a computerized system are disclosed. A request for an authenticator for enabling access to at least one host in the computerized system is communicated from an user to a portal. The portal verifies the right of the user to make the request, and in response to positive verification authorizes the user to make the request and sends the request to an authenticator manager to trigger providing of an authenticator for enabling access to at least one host in accordance with the request. The authenticator manager provides the authenticator for enabling access to the at least one host in accordance with the request. Acceptance of the request by an administration process according a predefined rule is required before said providing of the authenticator.

Abstract: Disambiguation of the meaning of a natural language expression proceeds by constructing a natural language expression, and then incrementally specializing the meaning representation to more specific meanings as more information and constraints are obtained, in accordance with one or more specialization hierarchies between semantic descriptors. The method is generalized to disjunctive sets of interpretations that can be specialized hierarchically.

Abstract: Some links are omitted from indexes associated with semantic network elements and clustering is influenced by such omissions.

Abstract: An inference system responsive to omitting links from indexes in semantic network elements is described. The inference system prioritizes strategies that avoid trying to follow links from an index from which they may have been omitted.

Abstract: The effective area of an electric sail depends on the voltage applied to tethers. The use of higher voltages is made possible by moving voltage multipliers to tethers, perhaps 100 meters out from the body of the spacecraft.

Abstract: In an object-relocating garbage collector, objects are copied and new copies taken into use concurrently with mutator execution without needing to use a read barrier, and importantly, without requiring verification (read-back) of each copied word and without requiring atomic instructions for the copying. Write barriers, thread-local write barrier buffers and processing them by the garbage collector, and write propagation are used for achieving this.

Abstract: Ambiguities in a natural language expression are interpreted by jointly disambiguating multiple alternative syntactic and semantic interpretations. More than one syntactic alternative, represented by parse contexts, are analyzed together with joint analysis of referents, word senses, relation types, and layout of a semantic representation for each syntactic alternative. Best combinations of interpretations are selected from all participating parse contexts, and are used to form parse contexts for the next step in parsing.

Abstract: Use of one or more computer systems may be audited by performing a man-in-the-middle attack against a cryptographic protocol (e.g., SSH) at one or more interceptors, transmitting audit data to a centralized audit server. Operations performed using the encrypted connection may be controlled and restricted.

Abstract: SSH sessions and other protocol sessions (e.g., RDP) may be audited using an interceptor embedded within an SSH server or other protocol server. Operations performed over an SSH connection may be controlled, including controlling what files are transferred.

Abstract: A method for serializing cyclic or shared data structures using information from the garbage collector to determine that some objects in the data structure being serialized cannot have more than one reference.

Abstract: Indexing overhead in a semantic network is reduced by omitting some links from indexes in semantic network elements in response to one or more omission rules. Inference strategy over the semantic network is modified to prioritize inference strategies in such a way that the impact of the omissions on inference results is minimized.

Abstract: During garbage collection, writes to objects being copied (relocated) are monitored (tracked) using a write barrier that uses a thread-local write barrier buffer. In the preferred embodiment, soft synchronization is used for reading the thread-local write barrier buffers. In response to detecting a write to an object, the object may be re-copied, the copying may be made to fail, the write may be propagated to another copy of the object, or, e.g., another node in a distributed system may be notified of the write.

Abstract: A consistent snapshot of a large main memory knowledge base is saved to persistent storage without blocking the application for the duration of serializing and writing the knowledge base. Taking the snapshot comprises bringing the knowledge base to a consistent state (in a multithreaded application), using virtual memory facilities to obtain a copy-on-write copy of the knowledge base in memory, and using a separate thread or process to serialize the copy-on-write copy to persistent storage.

Abstract: The effective area of an electric sail depends on the voltage applied to tethers. The use of higher voltages is made possible by moving voltage multipliers to tethers, perhaps 100 meters out from the body of the spacecraft.