Abstract: There are provided a rule-set analyzer and a method of analyzing an ordered security rule-set comprising a plurality of rules and characterized by at least one extrinsic field. The method comprises: upon specifying atomic elements constituting an extrinsic space corresponding to the at least one extrinsic field, partitioning, by a processor, the extrinsic space into two or more equivalence classes, wherein each atomic element in the extrinsic space belongs to one and only one equivalence class; mapping, by the processor, said equivalence classes over the rule-set; and analyzing, by the processor, the security rule-set using the results of mapping said equivalence classes over the rule-set.

Abstract: There are provided a method of generation of a security rule-set and a system thereof. The method includes: obtaining a group of log records of communication events resulting from traffic related to the security gateway; generating a preliminary rule-set of permissive rules, said set covering the obtained group of log records; generating, with the help of mapping the generated preliminary rule-set to the obtained group of log records, a rule-set of non-overlapping rules covering the group of log records; and generating an operational rule-set by processing the generated rule-set of non-overlapping rules, said processing including mapping the generated rule-set of non-overlapping rule to the obtained group of log records.

Abstract: There are provided a rule-set analyzer and a method of analyzing an ordered security rule-set comprising a plurality of rules and characterized by at least one extrinsic field. The method comprises: upon specifying atomic elements constituting an extrinsic space corresponding to the at least one extrinsic field, partitioning, by a processor, the extrinsic space into two or more equivalence classes, wherein each atomic element in the extrinsic space belongs to one and only one equivalence class; mapping, by the processor, said equivalence classes over the rule-set; and analyzing, by the processor, the security rule-set using the results of mapping said equivalence classes over the rule-set.

Abstract: There are provided a rule-set analyzer and a method of analyzing an ordered security rule-set comprising a plurality of rules comprising N?1 extrinsic rule-fields. The method comprised: upon specifying an extrinsic space constituted by atomic elements corresponding to the values characterizing an extrinsic rule-field, partitioning said specified extrinsic space into two or more equivalence classes, wherein each atomic element in said extrinsic space belongs to one and only one equivalence class; mapping said equivalence classes over the rule-set; and generating a logically equivalent security rule-set, wherein respective rules comprise N?1 extrinsic rule-fields.

Abstract: There are provided a method of generation of a security rule-set and a system thereof. The method includes: obtaining a group of log records of communication events resulting from traffic related to the security gateway; generating a preliminary rule-set of permissive rules, said set covering the obtained group of log records; generating, with the help of mapping the generated preliminary rule-set to the obtained group of log records, a rule-set of non-overlapping rules covering the group of log records; and generating an operational rule-set by processing the generated rule-set of non-overlapping rules, said processing including mapping the generated rule-set of non-overlapping rule to the obtained group of log records.

Abstract: There are provided a method of automated generation of a security rule-set and a system thereof. The method comprises: obtaining a group of log records of communication events resulting from traffic related to the security gateway; generating a preliminary rule-set of permissive rules, said set covering the obtained group of log records; generating, with the help of mapping the generated preliminary rule-set to the obtained group of log records, a rule-set of non-overlapping rules covering the group of log records; and generating an operational rule-set by processing the generated rule-set of non-overlapping rules, said processing including mapping the generated rule-set of non-overlapping rule to the obtained group of log records.

Abstract: There are provided a rule-set analyzer and a method of analyzing an ordered security rule-set comprising a plurality of rules comprising N?1 extrinsic rule-fields. The method comprised: upon specifying an extrinsic space constituted by atomic elements corresponding to the values characterizing an extrinsic rule-field, partitioning said specified extrinsic space into two or more equivalence classes, wherein each atomic element in said extrinsic space belongs to one and only one equivalence class; mapping said equivalence classes over the rule-set; and generating a logically equivalent security rule-set, wherein respective rules comprise N?1 extrinsic rule-fields.

Abstract: There are provided a method of automated generation of a security rule-set and a system thereof. The method comprises: obtaining a group of log records of communication events resulting from traffic related to the security gateway; generating a preliminary rule-set of permissive rules, said set covering the obtained group of log records; generating, with the help of mapping the generated preliminary rule-set to the obtained group of log records, a rule-set of non-overlapping rules covering the group of log records; and generating an operational rule-set by processing the generated rule-set of non-overlapping rules, said processing including mapping the generated rule-set of non-overlapping rule to the obtained group of log records.

Abstract: Large-scale images are retrieved over network communications channels for display on a client device by selecting an update image parcel relative to an operator controlled image viewpoint to display via the client device. A request is prepared for the update image parcel and associated with a request queue for subsequent issuance over a communications channel. The update image parcel is received from the communications channel and displayed as a discrete portion of the predetermined image. The update image parcel optimally has a fixed pixel array size, is received in a single and or plurality of network data packets, and is constrained to a resolution less than or equal to the resolution of the client device display.

Abstract: Large-scale images are retrieved over network communications channels for display on a client device by selecting an update image parcel relative to an operator controlled image viewpoint to display via the client device. A request is prepared for the update image parcel and associated with a request queue for subsequent issuance over a communications channel. The update image parcel is received from the communications channel and displayed as a discrete portion of the predetermined image. The update image parcel optimally has a fixed pixel array size, is received in a single and or plurality of network data packets, and is constrained to a resolution less than or equal to the resolution of the client device display.

Abstract: Large-scale images are retrieved over network communications channels for display on a client device by selecting an update image parcel relative to an operator controlled image viewpoint to display via the client device. A request is prepared for the update image parcel and associated with a request queue for subsequent issuance over a communications channel. The update image parcel is received from the communications channel and displayed as a discrete portion of the predetermined image. The update image parcel optimally has a fixed pixel array size, is received in a single network data packet, and is constrained to a resolution less than or equal to the resolution of the client device display.

Abstract: Dynamic visualization of image data provided through a network communications channel is performed by a client system including a parcel request subsystem and a parcel rendering subsystem. The parcel request subsystem includes a parcel request queue and is operative to request discrete image data parcels in a priority order and to store received image data parcels in a parcel data store. The parcel request subsystem is responsive to an image parcel request of assigned priority to place the image parcel request in the parcel request queue ordered in correspondence with the assigned priority. The parcel rendering subsystem is coupled to the parcel data store to selectively retrieve and render received image data parcels to a display memory. The parcel rendering system provides the parcel request subsystem with the image parcel request of the assigned priority.

Abstract: Defects are removed from a tessellated polygonal mesh provided for the rendering of polygon corresponding image parcels through a process that first determines, for a predetermined segment of a first edge of a first polygon within the polygonal mesh, a difference in tessellation level between the first polygon and a second polygon disposed adjacent the predetermined edge of the first polygon, subject to the occurrence of a defect in the polygonal mesh between the first and second polygons. A terminus of the predetermined segment is then computed based on the difference in the tessellation levels and a new vertex, corresponding to the terminus, is added to a first set of vertices that define the first polygon. An image parcel can then be rendered based on the set of vertices, including the added vertex, such that the first image parcel as rendered covers the defect in the polygonal mesh between the first and second polygons.

Abstract: Defects are removed from a tessellated polygonal mesh provided for the rendering of polygon corresponding image parcels through a process that first determines, for a predetermined segment of a first edge of a first polygon within the polygonal mesh, a difference in tessellation level between the first polygon and a second polygon disposed adjacent the predetermined edge of the first polygon, subject to the occurrence of a defect in the polygonal mesh between the first and second polygons. A terminus of the predetermined segment is then computed based on the difference in the tessellation levels and a new vertex, corresponding to the terminus, is added to a first set of vertices that define the first polygon. An image parcel can then be rendered based on the set of vertices, including the added vertex, such that the first image parcel as rendered covers the defect in the polygonal mesh between the first and second polygons.

Abstract: Dynamic visualization of image data provided through a network communications channel is performed by a client system including a parcel request subsystem and a parcel rendering subsystem. The parcel request subsystem includes a parcel request queue and is operative to request discrete image data parcels in a priority order and to store received image data parcels in a parcel data store. The parcel request subsystem is responsive to an image parcel request of assigned priority to place the image parcel request in the parcel request queue ordered in correspondence with the assigned priority. The parcel rendering subsystem is coupled to the parcel data store to selectively retrieve and render received image data parcels to a display memory. The parcel rendering system provides the parcel request subsystem with the image parcel request of the assigned priority.

Abstract: Large-scale images are retrieved over network communications channels for display on a client device by selecting an update image parcel relative to an operator controlled image viewpoint to display via the client device. A request is prepared for the update image parcel and associated with a request queue for subsequent issuance over a communications channel. The update image parcel is received from the communications channel and displayed as a discrete portion of the predetermined image. The update image parcel optimally has a fixed pixel array size, is received in a single network data packet, and is constrained to a resolution less than or equal to the resolution of the client device display.