Abstract: A method and system for providing a first network resource with secure but limited access to a second network resource. A method embodying the invention includes receiving a request to access the second resource. It is verified that the source of the request is the first resource. It is then verified that the request was originated by a user through, for example, a web browser, and then a user's credentials are authenticated. Only when the request can be properly verified and the user credentials authenticated, is access to the second resource granted. Beneficially, the first resource cannot access the second without the user's knowledge or, at least, implicit consent.

Abstract: A method, computer readable media, and system for providing a first network resource with secure but limited access to a second network resource. A method embodiment of the invention includes associating a check with data identifying an expected source of a future request to access the second resource. Later, the first resource requests access to the second resource. Included in the request is a check signed with data identifying the first resource. The request is received and the check is authenticated. The request is granted only if the check is authentic and the data used to sign the check matches the expected source associated with the check.

Abstract: A system and method for charging a user for printing services. In one arrangement, the system and method include the steps of receiving a debiting request from a printing service via a network, verifying privileges of the printing service to access a user account, and debiting a user account for the printing services.

Abstract: Authorizing access to a network resource utilizing an autonomous authorization service. One method embodying the invention includes receiving a request to access a resource and acquiring credentials, identifying an authorization service that is autonomous of the resource, providing the credentials to the authorization service and requesting authorization to access the resource. The authorization service authenticates the credentials and authorizes access the resource only if the credentials are authentic.

Abstract: A method and system for providing a first network resource with secure but limited access to a second network resource. A method embodying the invention includes receiving from the first resource, digitally signed instructions to access the second resource. Data used to digitally sign the instructions is obtained, and, using the obtained data, it is verified that the instructions originated from an authorized source other than the first resource. Access to the second resource is granted only upon verifying that the instructions originated from an authorized source other than the first resource. Beneficially, the first resource cannot access the second without the user's knowledge or, at least, implicit consent.

Abstract: Pre-defined print option configurations for printing in a distributed environment are established by user selection of one or more print options via a network service. The one or more print options are identified for subsequent resolution, and can be applied to one or more other network services.

Abstract: The present disclosure relates to a system and method for color gamut inadequacy notification. In one arrangement, the system and method pertain to accessing imaging data to be printed, identifying colors represented by the imaging data, comparing the identified colors with a color gamut of a printing device, and notifying the user if one or more of the identified colors is not included in the color gamut of the printing device.

Abstract: A method and system for enabling a user to authorize a client, acting under the directed of a first resource, to access a second resource. Before the client accesses the second resource, client programming, that is autonomous of the first and second resources, redirects the client to an authorization service that is also autonomous of the first and second resource. The authorization service authenticates the user, identifies policy data, if any, associated with the user and the first resource, and then returns to the client an interface generated according to the identified policy data, if any, enabling the user to grant or deny authorization. Where policy data does not exist, the authorization service returns an interface to the client enabling the user to set policy data.

Abstract: Systems and methods for adding a visible watermark to a document are disclosed. The systems may comprise a server and a computing device coupled to each other via a network. In some embodiments, a selected watermark image is associated with a target composition, forming a watermark composition. The watermark composition comprises the necessary information for a device to acquire and construct a desired integration of the watermark image with the target composition. Methods for adding a watermark image to a document, can be summarized by the following steps: selecting a watermark image; identifying a target composition; associating the watermark image with the target composition to generate a watermark composition; and storing the watermark composition.

Abstract: Preventing replay attacks without user involvement. A method according to one embodiment of the invention includes recording a serial number that was verified following a previous request to access a resource, and later receiving a request to access the resource. A serial number is acquired from the source of the request and then updated by increasing its value. The updated serial number is verified by comparing it with the recorded serial number, and access to the resource is granted only if the value of the updated serial number exceeds the value of the recorded serial number.

Abstract: A user can select one or more print options corresponding to a particular printer and associate the set of selected options with a particular name. The user can then identify the set of selected options, by name, when printing to that particular printer, even though no printer driver for the printer is installed on the user's computing device. Additionally, one or more print options to be used in printing a document identified in a print request can be automatically selected based on one or more characteristics of the print request.

Abstract: The present disclosure relates to a system and method for facilitating color adjustment of imaging data. In one arrangement, the system and method pertain to accessing imaging data to be printed, prompting a user to select an area to be adjusted and a color that the area is desired to be, receiving the area and color selections, and adjusting the color of the area as desired.

Abstract: An improved system and method for recommending a service are disclosed. A data translation system may comprise a server and a computing device. In preferred embodiments, executable logic and descriptors reflective of data designated for transformation by a hard-copy generation device and in response to the logic recommends a suitable service for completing the transformation. A method for intelligently routing hard-copy generation tasks, can be summarized by the following steps: accessing imaging service data; accessing imaging data; recommending at least one capable service; and initiating a hard-copy generation request.

Abstract: A method and system for providing a first network resource with secure but limited access to a second network resource. A method embodying the invention includes receiving from the first resource, digitally signed instructions to access the second resource. Data used to digitally sign the instructions is obtained, and, using the obtained data, it is verify that the instructions originated from an authorized source other than the first resource. Access to the second resource is granted only upon verifying that the instructions originated from an authorized source other than the first resource. Beneficially, the first resource cannot access the second without the user's knowledge or, at least, implicit consent.

Abstract: A method, computer readable media, and system for providing a first network resource with secure but limited access to a second network resource. A method embodiment of the invention includes associating a check with data identifying an expected source of a future request to access the second resource. Later, the first resource requests access to the second resource. Included in the request is a check signed with data identifying the first resource. The request is received and the check is authenticated. The request is granted only if the check is authentic and the data used to sign the check matches the expected source associated with the check.

Abstract: Preventing replay attacks without user involvement. A method according to one embodiment of the invention includes recording a serial number that was verified following a previous request to access a resource, and later receiving a request to access the resource. A serial number is acquired from the source of the request and then updated by increasing its value. The updated serial number is verified by comparing it with the recorded serial number, and access to the resource is granted only if the value of the updated serial number exceeds the value of the recorded serial number.

Abstract: Preventing replay attacks with no user involvement. A method according to one embodiment of the invention includes generating and providing a client with a ticket. When making a request to access the resource, the client digitally signs and includes the ticket. The request is received and the ticket and signature are verified before access to the resource is granted.

Abstract: A method for authenticating a user before granting access to a network resource. In response to a first request from a client to access the resource, access data for an authentication service and return access data for the resource are acquired. The client is then directed to request authentication, the direction including the access data for the authentication service and the return access data for the resource. The client requests access the authentication service using the access data an the return access data. If the authentication service successfully verifies the source of the request, it then directs the client to again request access to the resource using the return access data.

Abstract: A method, system, program product, and means for maintaining state information for a browser instance when multiple browser instances are instantiated, the method comprising the steps: instantiating a first browser instance; associating first state information with the first browser instance and storing the association; instantiating a second browser instance; associating second state information, which is different from the first state information, with the second browser instance and storing the association; accessing the instantiated first browser instance; and retrieving the first state information for the first browser instance.

Abstract: A method and system for enabling a user to authorize a client, acting under the directed of a first resource, to access a second resource. Before the client accesses the second resource, client programming, that is autonomous of the first and second resources, redirects the client to an authorization service that is also autonomous of the first and second resource. The authorization service authenticates the user, identifies policy data, if any, associated with the user and the first resource, and then returns to the client an interface generated according to the identified policy data, if any, enabling the user to grant or deny authorization. Where policy data does not exist, the authorization service returns an interface to the client enabling the user to set policy data.