24th week of 2012 patent applcation highlights part 71 |
Patent application number | Title | Published |
20120151554 | SECURITY ACCESS CONTROL METHOD AND SYSTEM FOR WIRED LOCAL AREA NETWORK - The present invention relates to a security access control method and system for wired local area network, the method includes the following steps: 1) a requester (REQ) negotiates the security policy with an authentication access controller (AAC); 2) the requester (REQ) and the authentication access controller (AAC) authenticate the identity; 3) the requester (REQ) negotiates the key with the authentication access controller (AAC). The direct identity authentication between the user and the network access control device is realized by the present invention; the negotiation and the dynamic update of the session key for the link layer data protection are realized; a variety of network architectures such as the enterprise network, the telecommunication network are supported; the scalability is good, the multiple authentication methods are supported; the authentication protocols with different security levels are supported, the requirements of the various subscribers are satisfied; the sub-modules of the protocol are independent, flexible, and easy to be accepted or rejected. | 2012-06-14 |
20120151555 | A SCALABLE FIREWALL POLICY MANAGEMENT PLATFORM - Securing large networks having heterogeneous computing resources including provision of multiple services both to clients within and outside of the network, multiple sites, security zones, and other characteristics is provided using access control functionality implemented at hosts within the network. The access control functionality includes respective access control policies for indicating to each host from which other computers it can accept connections. Content of the access control policies can be determined based on application data flow needs, and can draw information from databases including DNS and security zone information for hosts to which the access control policies will be applied. Access control policies can be formatted automatically for different host with different characteristics from the same base logical rule set. Other aspects include using more permissive and/or access control rules provided on network equipment to block known bad data, while providing host-based access control focused on application data flow. | 2012-06-14 |
20120151556 | METHOD AND APPARATUS FOR DIGITAL RIGHTS MANAGEMENT POLICIES - Method and apparatus are described wherein, in one example embodiment, there is provided one or more policy templates that may define a set of policy permissions or other attributes that may be desirable to specify in a policy. One or more policy templates may be specified in a user interface of a policy creation and maintenance program that may run on the policy server and/or run on a workstation computer. Each policy template specified by a user may include permissions for how a user may access and use a document. The maintenance program may, in one embodiment, associate both templates to a policy used for a specific unit of digital content, or, for example, an electronic document. The permissions for the policy are determined by aggregating the permissions associated with each respective templates chosen by the user. According to another example embodiment, a user selects a policy template and defines one or more additional permissions to form an augmented policy. | 2012-06-14 |
20120151557 | Progressive Consent - A consent management system is described which manages an entity's consent to consume application functionality on a per-feature level of granularity. To perform this task, the consent management system maintains consent information which describes a plurality of use conditions associated with the features of the application functionality. In one case, the consent information has a hierarchical data structure that identifies a hierarchy of application features. In operation, the consent management system accesses the content information whenever an entity seeks to access a particular application feature; it grants or denies access to the feature based on the consent information. The consent management system also includes a consent maintenance module that allows an administrator (or other entity) to cancel or modify any use condition in the consent information. | 2012-06-14 |
20120151558 | NETWORK SECURITY APPLIANCE - A network security appliance that provides security to devices in industrial environments by transparently bridging traffic to the endpoint device. The security 5 appliance securely communicates with a management server for receiving configuration data for operation of security modules in the appliance by encrypted communications. The security appliance utilizes the network address of the industrial device when communicating with a management server and is addressed by the management server using the address of one of the protected devices associated with the appliance. Learned device characteristics are provided by the appliance to the management server which tailors software and security rules to specific network vulnerabilities of the device and control protocol. The security appliance sends periodic heartbeat messages to the management server using the network address of the device. The heartbeat message can also report anomalous events which may required additional software being provided from the management server to the node. | 2012-06-14 |
20120151559 | Threat Detection in a Data Processing System - A mechanism is provided for resolving a detected threat. A request is received from a requester to form a received request, statistics associated with the received request are extracted to form extracted statistics, rules validation is performed for the received request using the extracted statistics, and a determination is made as to whether the request is a threat. Responsive to a determination that the request is a threat, the requester is escalated using escalation increments, where the using escalation increments further comprises increasing user identity and validation requirements through one of percolate to a next user level or direct entry to a user level. | 2012-06-14 |
20120151560 | Portable Identity Rating - Portable on-line identity verification technology includes, for example, portable widgets with an identity rating, and other on-line identification verification icons and identity rating scores. | 2012-06-14 |
20120151561 | METHODS AND APPARATUS FOR COMMUNICATING WITH GROUPS OF DEVICES SHARING AN ATTRIBUTE - Methods and apparatus for IPv6 based multicast are disclosed. An example method includes broadcasting a multicast group address advertisement instructing a recipient device to join an Internet Protocol multicast group, the Internet Protocol multicast group being associated with a physical attribute of the recipient device; and broadcasting a multicast message to the multicast address instructing the members of the multicast group to perform an action. | 2012-06-14 |
20120151562 | METHOD, SYSTEM AND SERVER FOR AUTHORIZING COMPUTING DEVICES FOR RECEIPT OF VENUE-BASED DATA BASED ON THE GEOGRAPHIC LOCATION OF A USER - Methods, systems and servers are disclosed for authorizing access by a user of a service associated with an event at a venue and provided via a computer network based on a determined geographic location of the user. The location of the user can be determined, via a server, based on location information obtained from the held device utilized by the user. The computing device can be authorized to receive the service (e.g., video, concession information, advertisements, statistical information, etc.) based on the location information obtained from the hand held device. | 2012-06-14 |
20120151563 | AUTOMATED MANAGEMENT OF SYSTEM CREDENTIALS - One disclosed aspect of the present invention includes authentication and user account automation within a compute cluster for each cluster node that requires password or other credential administration. For example, a storage appliance computing system may rely on a plurality of subsystems (such as databases, storage management software, and application servers) that each have internal user accounts with associated passwords and credential keys that need to be changed at frequent intervals. Rather than requiring an administrator to manually manage all of these accounts, the presently described invention includes techniques and an authentication manager component to automatically manage, update, and refresh authentication information as required. Further, the authentication manager component may be used to perform and propagate automatic credential changes such as new sets of SSH keys or updated passwords as required within a computing system, and respond to new nodes or out-of-sync credentialing scenarios. | 2012-06-14 |
20120151564 | System and method for associating a universal user indentification and a domain specific user identification - There is presented a system and method for associating a domain transcendent identification (ID) of a user and a domain specific ID of the user, the system comprising an ID association server accessible by a plurality of secure domains over a network. The system also includes an ID associator application that when executed by ID association server is configured to receive a domain specific ID that associates the user to the secure domain, enter the domain specific ID in a domain transcendent ID record created for the user, generate a unique data associated with the domain transcendent ID record and identify a network location for submission of the unique data, send the unique data and the network location to the user, and associate the domain transcendent ID and the domain specific ID. | 2012-06-14 |
20120151565 | SYSTEM, APPARATUS AND METHOD FOR IDENTIFYING AND BLOCKING ANOMALOUS OR IMPROPER USE OF IDENTITY INFORMATION ON COMPUTER NETWORKS - A system, apparatus and method is described for a security platform and/or identity platform for identifying, notifying, reporting and blocking pass-the-hash attacks and the anomalous or improper use of identity information on computer networks. The system, apparatus or method follows a policy of zero-trust, and does not rely on any client or server information to verify or confirm identity. Instead, the system, apparatus or method of the invention monitors communications between network devices, and when a first device transmits a communication of interest to a second device, the system, apparatus or method of the invention queries the first device directly to determine whether the transmission is authorized. | 2012-06-14 |
20120151566 | METHOD AND DEVICE FOR VERIFYING DYNAMIC PASSWORD - The examples of the present invention provide a method and device for verifying a dynamic password. In the method and device, some algorithm parameters can be exchanged in public by using a DH algorithm, and thus a same key is shared safely between two entities, so as to implement the verification of the dynamic password and further improve the security of identity verification. Moreover, the method and device can be easy to use. Further, by the above technical solution, no message exchange is needed between a mobile device and a verification server, and a user does not need to pay for additional flux, so as to decrease the burden of the user and verification costs. | 2012-06-14 |
20120151567 | Reusable Authentication Experience Tool - A reusable authentication component may be integrated into a web page to communicate with an authentication server and authenticate a user to the web page. The reusable authentication component may implement a complex authentication process, including multiple user interfaces to receive multiple assurances of user identity and user confirmation of previously stored mutual authentication data. The authentication process may be performed by the authentication component without refreshing or redirecting the parent web page until completion of a successful user authentication, after which the parent web page may receive authentication data and refresh to provide user specific and/or secure user data on the web page. | 2012-06-14 |
20120151568 | Method and system for authenticating a rich client to a web or cloud application - A rich client performs single sign-on (SSO) to access a web- or cloud-based application. According to the described SSO approach, the rich client delegates to its native application server the task of obtaining a credential, such as a SAML assertion. The native server, acting on behalf of the user, obtains an assertion from a federated identity provider (IdP) that is then returned to the rich client. The rich client provides the assertion to a cloud-based proxy, which presents the assertion to an identity manager to attempt to prove that the user is entitled to access the web- or cloud-based application using the rich client. If the assertion can be verified, it is exchanged with a signed token, such as a token designed to protect against cross-site request forgery (CSRF). The rich client then accesses the web- or cloud-based application making a REST call that includes the signed token. The application, which recognizes the request as trustworthy, responds to the call with the requested data. | 2012-06-14 |
20120151569 | Portable Identity Rating - Portable on-line identity verification technology includes, for example, portable widgets with an identity rating, and other on-line identification verification icons and identity rating scores. | 2012-06-14 |
20120151570 | SYSTEM FOR AND METHOD OF AUTHENTICATING MEDIA MANAGER AND OBTAINING A DIGITAL TRANSMISSION CONTENT PROTECTION (DTCP) CERTIFICATE - A system for and method of authenticating a media manager and obtaining DTCP certificates is presented. The system and method may include receiving a request for digital transmission content protection certificate provided by a user of a content provider, verifying user information associated with the user of the content provider, providing the request for digital transmission content protection certificate to a digital transmission content protection certificate system, and receiving a digital transmission content protection certificate. | 2012-06-14 |
20120151571 | "Push" Keep-Alive Mechanism For SIP User Agents Located Behind NATS/Firewalls - A user equipment (UE) and method is provided having one or more components configured to receive a non-session initiation protocol (SIP) notification from a SIP entity and in response to send a ping request to the SIP entity, the one or more components further configured to receive a SIP request from the SIP entity. A network component and method is also provided that include one or more components configured to send a non-session initiation protocol (SIP) notification to a user equipment (UE) and to receive a ping request from the UE and further to send a SIP request to the UE. | 2012-06-14 |
20120151572 | ARCHITECTURE FOR NETWORK MANAGEMENT IN A MULTI-SERVICE NETWORK - A mechanism is provided for a non-converged network for a service provider. A core network is divided into individually managed domains, where each of the domains comprises multiprotocol label switching for packets. A management system is coupled to each of the domains. Network elements in each of the domains are restricted from directly transferring packets to network elements in another one of domains. Each of the domains has a domain firewall at an edge of the domains, and the domain firewall restricts packets from being received from other domains. To transfer packets from one domain to another domain, the management system receives the packets from one domain and transfers the packets to the other domain after authentication. | 2012-06-14 |
20120151573 | UTILIZING VIRTUAL PRIVATE NETWORKS TO PROVIDE OBJECT LEVEL SECURITY ON A MULTI-NODE COMPUTER SYSTEM - The disclosure herein provides data security on a parallel computer system using virtual private networks connecting the nodes of the system. A mechanism sets up access control data in the nodes that describes a number of security classes. Each security class is associated with a virtual network. Each user on the system is associated with one of the security classes. Each database object to be protected is given an attribute of a security class. Database objects are loaded into the system nodes that match the security class of the database object. When a query executes on the system, the query is sent to a particular class or set of classes such that the query is only seen by those nodes that are authorized by the equivalent security class. In this way, the network is used to isolate data from users that do not have proper authorization to access the data. | 2012-06-14 |
20120151574 | SOFTWARE ACTIVATION USING DIGITAL LICENSES - Systems and methods are provided for activation of software that uses digital licenses. In some embodiments, a software vendor may securely deliver at least one digital proof-of-purchase to an OEM (e.g., to avoid piracy of software licenses). The OEM may install an associated software copy on a computer system, and store the at least one digital proof-of-purchase on it. The OEM may communicate the proof(s)-of-purchase stored on the computer system and its system identifier to the software vendor. A user of the computer system may attempt to activate the OEM pre-installed software by sending an activation request to a software vendor, who may verify whether or not the digital proof-of-purchase and system identifier in the activation request match those previously reported by the OEM, and may either grant or deny the activation request. | 2012-06-14 |
20120151575 | APPARATUS AND METHOD FOR CERTIFICATING SECURITY IN PORTABLE TERMINAL - Provided is an apparatus and method for certificating security in a portable terminal, which can enhance security in the portable terminal by multiple security certifications. An apparatus for certificating security in a portable terminal includes a security certificating unit for performing a plurality of security certification processes through a plurality of security operations performed in the portable terminal, and a control unit for performing a relevant function after completion of the security certification processes through the security operations. | 2012-06-14 |
20120151576 | METHOD AND SYSTEM FOR CREATING AND ACCESSING A SECURE STORAGE AREA IN A NON-VOLATILE MEMORY CARD - In order to create and access a secure storage account in a non-volatile memory device, an account identification value is calculated. A memory identification value is read from a first non-volatile memory device. The memory identification value and the account identification value are transmitted to a second non-volatile memory device, and a calculated credential is received. A command is transmitted to create a secure storage account in the first non-volatile memory device, where the command contains the credential and the account identification value. To access the account, a sequence is transmitted, containing the account identification value and a value based on the credential. A secure storage system contains a first non-volatile memory device that stores a memory identification value and contains a secure partition accessible using a credential, a second non-volatile memory device that can compute the credential, and a host adapted to create and access the secure partition. | 2012-06-14 |
20120151577 | Archive of Text Captures from Rendered Documents - A facility for storing a text capture data structure for a particular user is described. The data structure comprises a number of entries. Each entry corresponds to a text capture operation performed by the user from a rendered document. Each entry contains information specifying the text captured in the text capture operation. | 2012-06-14 |
20120151578 | Detecting a suspicious entity in a communication network - A method and apparatus for detecting a suspicious entity in a communication network. A receiving device receives a message from a sender. A processor obtains domain information or a user identity, and further contact information from data contained in the message. A reputation query message is sent to a Network Reputation Server (NRS), the reputation query message including the domain information or user identity. A reply is received from the NRS that indicates that the domain information or user identity is related to a suspicious entity. The receiving device then associates the contact information with the suspicious entity. In this way, if a user of the receiving device attempts to use the contact information, they can be prevented from doing this or informed that it relates to a suspicious entity. | 2012-06-14 |
20120151579 | Network Device, Network Packet Processing Method and Computer Readable Storage Medium for Storing Thereof - A network device builds connection with a network through a Network Interface Card (NIC). The network device includes a processor and a storage unit. The processor includes at least one transmission processing core, at least one security core, and a main core. The storage unit stores a packet receiving module and a packet output module. The main core loads the packet receiving module to receive several packets from the network, makes the at least one transmission processing core process the packets for a network transmission and makes the at least one security core check the packets for security. The main core loads the packet output module to output the packets after the at least one transmission processing core processes the packets for network transmission and the at least one security core checks the packets for security. | 2012-06-14 |
20120151580 | COMPUTING SYSTEM - Disclosed is a computing system which comprises a data processing device exchanging communication data with the external and processing the communication data; and a security integrated circuit (IC) monitoring the communication data. | 2012-06-14 |
20120151581 | METHOD AND SYSTEM FOR INFORMATION PROPERTY MANAGEMENT - A system for managing sensitive information property, includes a monitoring agent installed in a host system needed for sensitive information property management and configured to monitor the sensitive information property; an information property storage configured to store a list of the sensitive information property for the host system; and an information property manager configured to determine whether or not the sensitive property has leaked. | 2012-06-14 |
20120151582 | Offline Scan, Clean and Telemetry Using Installed Antimalware Protection Components - The subject disclosure relates to antimalware scanning, and more particularly to offline antimalware scanning of a host environment via an alternate, known safe operating system. An offline scanning product obtains data previously written by the host environment online antimalware scanning tool, e.g., configuration data and antimalware signatures in shared data stores accessible to the offline and online products, and uses that data to perform the offline antimalware scan. The offline scanning product writes results information and any quarantined files to other shared data stores, whereby the online environment, when rebooted, has access to the information, such as for review and to upload telemetry information to an online service for analysis. Also described is offline replacement of operating system files that cannot be cleaned or removed when online. | 2012-06-14 |
20120151583 | DDOS ATTACK DETECTION AND DEFENSE APPARATUS AND METHOD - A Distributed Denial of Service (DDoS) attack detection and defense apparatus and method are provided. The Distributed Denial of Service (DDoS) attack detection and defense apparatus includes: a flow information collection unit to collect, from one or more input packets with an IP address of an attack target system as a destination IP address, flow information including source IP addresses of the input packets and packet counts of one or more flows that are classified for each of the source IP addresses and each of different protocol types; an inspection unit to calculate packets per second (PPS) values of the flows based on the packet counts; and a response unit to determine a DDoS attack response method for each of the flows based on the PPS value and the protocol type of a corresponding flow and to process the corresponding flow using the determined DDoS attack response method | 2012-06-14 |
20120151584 | METHOD FOR BLOCKING DENIAL-OF-SERVICE ATTACK - Disclosed herein is a method for blocking a Denial-of-Service (DoS) attack. A server extracts a plurality of suspicious packets including data, length of which is equal to or greater than a preset length, from a plurality of received packets. The server determines a packet, which includes data composed of characters or character strings identical to each other, among the plurality of suspicious packets, to be an attack packet. The server blocks a packet corresponding to the attack packet. Accordingly, the present invention can block a DoS attack based on UDP flooding. | 2012-06-14 |
20120151585 | Method and System for Identifying Malicious Messages in Mobile Communication Networks, Related Network and Computer Program Product Therefor - A system for identifying malicious messages transmitted over a mobile communication network includes: sentinel modules associated with respective mobile terminals in the network for monitoring messages passing therethrough, wherein the sentinel modules identify as a candidate malicious message, any message passing through the mobile terminals and failing to comply with a first set of patterns and issue a corresponding sentinel identification message; a set of probe modules for monitoring messages transmitted over the network, wherein the probe modules identify as a candidate malicious message any message transmitted over the network and failing to comply with a second set of patterns and issue a corresponding probe identification message; and preferably at least one client honeypot module for receiving and processing any messages sent thereto to produce corresponding processing results, wherein the client honeypot module identifies as a candidate malicious message any message producing a processing result failing to comply with a third set of patterns and issues a corresponding client honeypot identification message. | 2012-06-14 |
20120151586 | Malware detection using feature analysis - A method of identifying sections of code that can be disregarded when detecting features that are characteristic of malware, which features are subsequently used for detecting malware. The method includes, for each of a multiplicity of sample files, subdividing file code of the sample file into a plurality of code blocks and then removing duplicate code blocks to leave a sequence of unique code blocks. The sequence of unique code blocks is then compared with those obtained for other sample files in order to identify standard sections of code. The standard sections of code identified are then included within a database such that those sections of code can subsequently be disregarded when identifying features characteristic of malware. | 2012-06-14 |
20120151587 | Devices, Systems, and Methods for Detecting Proximity-Based Mobile Malware Propagation - Devices, systems, and methods are disclosed which leverage an agent that resides in a mobile communication device to detect Proximity based Mobile Malware Propagation (PMMP). The agent injects one or several trigger network connections in the candidate connection list. These connections appear as legitimate networks and devices. However, the triggers connect to an agent server on a service provider's network. Essentially, the method is based on the assumption that malware lacks the intelligence to differentiate the trigger network connection from a normal one. Therefore, by attempting to connect through the trigger network connection, the malware reveals itself. The system helps collect the malware signature within a short period of time after the malware outbreak in local areas, and such attacks typically bypass network based security inspection in the network. | 2012-06-14 |
20120151588 | Malware Detection for SMS/MMS Based Attacks - Devices, systems, and methods are disclosed which utilize lightweight agents on a mobile device to detect message-based attacks. In exemplary configurations, the lightweight agents are included as contacts on the mobile device addressed to an agent server on a network. A malware onboard the mobile device, intending to propagate, unknowingly addresses the lightweight agents, sending messages to the agent server. The agent server analyzes the messages received from the mobile device of the deployed lightweight agents. The agent server then generates attack signatures for the malware. Using malware propagation models, the system estimates how many active mobile devices are infected as well as the total number of infected mobile devices in the network. By understanding the malware propagation, the service provider can decide how to deploy a mitigation plan on crucial locations. In further configurations, the mechanism may be used to detect message and email attacks on other devices. | 2012-06-14 |
20120151589 | INTELLIGENT SYSTEM AND METHOD FOR MITIGATING CYBER ATTACKS IN CRITICAL SYSTEMS THROUGH CONTROLLING LATENCY OF MESSAGES IN A COMMUNICATIONS NETWORK - A system and method are provided for controlling the latency of messages to enable a network of devices to detect and respond to potential malware. The system and method receiving a message at a device and determining whether the message represents potential malware and requires a delay to allow time to detect and respond to potential malware. The amount of the delay associated with the message is determined and the message is processed based on the delay amount. | 2012-06-14 |
20120151590 | Analyzing Traffic Patterns to Detect Infectious Messages - Managing electronic messages comprises receiving a message, forwarding the message, determining that the forwarded message is infectious after the message has been forwarded and preventing the infectious forwarded message from spreading. | 2012-06-14 |
20120151591 | SYSTEM AND METHOD FOR NETWORK EDGE DATA PROTECTION - Disclosed are systems and methods which examine information communication streams to identify and/or eliminate malicious code, while allowing the good code to pass unaffected. Embodiments operate to provide spam filtering, e.g., filtering of unsolicited and/or unwanted communications. Embodiments provide network based or inline devices that scan and scrub information communication in its traffic pattern. Embodiments are adapted to accommodate various information communication protocols, such as simple mail transfer protocol (SMTP), post office protocol (POP), hypertext transfer protocol (HTTP), Internet message access protocol (IMAP), file transfer protocol (FTP), domain name service (DNS), and/or the like, and/or routing protocols, such as hot standby router protocol (HSRP), border gateway protocol (BGP), open shortest path first (OSPF), enhanced interior gateway routing protocol (EIGRP), and/or the like. | 2012-06-14 |
20120151592 | STRING OPERATIONS WITH TRANSDUCERS - There is provided a computer-implemented method for analyzing string-manipulating programs. An exemplary method comprises describing a string-manipulating program as a finite state transducer. The finite state transducer may be evaluated with a constraint solving methodology to determine whether a particular string may be provided as output by the string-manipulating program. The constraint solving methodology may involve the use of one or more satisfiability modulo theories (SMT) solvers. A determination may be made regarding whether the string-manipulating program may contain a potential security risk depending on whether the particular string may be provided as output by the string-manipulating program. | 2012-06-14 |
20120151593 | DISTRIBUTED DENIAL OF SERVICE ATTACK DETECTION APPARATUS AND METHOD, AND DISTRIBUTED DENIAL OF SERVICE ATTACK DETECTION AND PREVENTION APPARATUS FOR REDUCING FALSE-POSITIVE - Provided is a DDoS attack detection apparatus including an information collecting unit to collect DDoS detection information including rate information about traffic change, variation of a first type flow and a Packet Per Second (PPS) for a second type flow, in which the rate information about traffic change is obtained using packet count of packets input per a unit time, flow count of flows input per the unit time and the byte count of bytes input per the unit time; and a testing unit to calculate a probability of occurrence of the DDoS attack by use of a first probability determined by the rate information about traffic change, a second probability determined by the variation of the first type flow and a third probability determined by the PPS for the second type flow and detect occurrence of the DDoS attack based on the probability of occurrence of the DDoS attack. | 2012-06-14 |
20120151594 | SYSTEM AND METHOD FOR NETWORK VULNERABILITY DETECTION AND REPORTING - A system and method provide comprehensive and highly automated testing of vulnerabilities to intrusion on a target network, including identification of operating system, identification of target network topology and target computers, identification of open target ports, assessment of vulnerabilities on target ports, active assessment of vulnerabilities based on information acquired from target computers, quantitative assessment of target network security and vulnerability, and hierarchical graphical representation of the target network, target computers, and vulnerabilities in a test report. The system and method employ minimally obtrusive techniques to avoid interference with or damage to the target network during or after testing. | 2012-06-14 |
20120151595 | SYSTEM AND METHOD FOR NETWORK VULNERABILITY DETECTION AND REPORTING - A system and method provide comprehensive and highly automated testing of vulnerabilities to intrusion on a target network, including identification of operating system, identification of target network topology and target computers, identification of open target ports, assessment of vulnerabilities on target ports, active assessment of vulnerabilities based on information acquired from target computers, quantitative assessment of target network security and vulnerability, and hierarchical graphical representation of the target network, target computers, and vulnerabilities in a test report. The system and method employ minimally obtrusive techniques to avoid interference with or damage to the target network during or after testing. | 2012-06-14 |
20120151596 | SYSTEM AND METHOD FOR NETWORK VULNERABILITY DETECTION AND REPORTING - A system and method provide comprehensive and highly automated testing of vulnerabilities to intrusion on a target network, including identification of operating system, identification of target network topology and target computers, identification of open target ports, assessment of vulnerabilities on target ports, active assessment of vulnerabilities based on information acquired from target computers, quantitative assessment of target network security and vulnerability, and hierarchical graphical representation of the target network, target computers, and vulnerabilities in a test report. The system and method employ minimally obtrusive techniques to avoid interference with or damage to the target network during or after testing. | 2012-06-14 |
20120151597 | De-Identification of Data - The present invention relates to a method, computer program product and system for de-identifying data, wherein a de-identification protocol is selectively mapped to a business rule at runtime via an ETL tool. | 2012-06-14 |
20120151598 | APPARATUS AND METHOD FOR FORENSIC MARKING OF DIGITAL CONTENT - Provided are an apparatus and method for forensic marking of digital content. The apparatus includes a forensic marker configured to generate first content by inserting a first binary forensic mark in original content and second content by inserting a second binary forensic mark in the original content, and when a content service request is generated, combine the first content and the second content on the basis of information about a user who has requested the content service and thereby generate third content in which a forensic mark corresponding to the user information is inserted, a content database configured to store the first and second content, and a transceiver configured to transmit the third content. | 2012-06-14 |
20120151599 | ELECTRONIC SYSTEM FOR THE PROTECTION AND CONTROL OF LICENSE TRANSACTIONS ASSOCIATED WITH THE DISABLEMENT OF REPLICATED READ ONLY MEDIA AND ITS BOUND LICENSED CONTENT - Distribution of content stored on read only media, and a system and method by which a consumer who purchased content stored on read only media implements a process in the field by which they alter the storage media and verifiably disable at least a portion of the stored content in support of a transaction. A system and tools are used by the consumer to identify, authenticate, disable, and confirm disablement in exchange for compensation, the acquisition of new usage rights to content, or the ability to restore access to or copy content to new media. The process may be conducted by the consumer in the field without assistance and or visual inspection, or be partially conducted in conjunction with an authorized intermediary. Furthermore, the process may restore access to content stored on new media without the need to transfer copies of content. | 2012-06-14 |
20120151600 | METHOD AND SYSTEM FOR PROTECTING INTELLECTUAL PROPERTY IN SOFTWARE - A system and method for modifying material related to computer software. The system receives an original disclosure for a software system. A masquerading algorithm is applied to the original disclosure to generate a new disclosure. The subject matter of the new disclosure is different from the original disclosure but has the same functionality. The system also receives original source code for the software system and applies a camouflaging algorithm to the original source code to generate modified source code and conversion data for converting between the modified source code and the original source code. | 2012-06-14 |
20120151601 | IMAGE DISTRIBUTION APPARATUS - An image distribution apparatus that ensures both privacy protection and security is provided. A private area storage section stores private areas relating to the privacy of users. A cutout area storage section stores, as a cutout area, an area requested by an identified user to be distributed. An image processing level storage section stores an image processing rule that defines an image processing level for each of areas having different levels of privacy. An image processing area generation section acquires the cutout area of the identified user from the cutout area storage section, acquires, from the private area storage section, a private area of the identified user and a private area of a person other than the identified user, which private areas are contained in an image of the acquired cutout area, acquires the image processing rule from the image processing level storage section, and then determines an image processing method for each area in the cutout area in accordance with the acquired image processing rule. | 2012-06-14 |
20120151602 | Method and Apparatus for Digital Rights Decomposition - Various methods for digital rights decomposition are provided. One example method includes receiving a set of digital rights, and identifying conditions within the set of digital rights that have relationships with more than one permission and create copies of the identified conditions based on the number of relationships an identified condition has with the permissions. The example method also associating each condition with a respective permission based on the relationships to generate fundamental condition-permission components, and constructing a fundamental decomposition of the set of digital rights based on the fundamental condition-permission components. Similar and related example methods, example apparatuses, and example computer program products are also provided. | 2012-06-14 |
20120151603 | Method, Apparatus and Server for User Verification - The present disclosure discloses a method, apparatus, and server for user verification to store a plurality of pictures in a database and define a plurality of rotational directions. The method includes: when receiving from a client a request for a checkcode, rotating a picture retrieved from a database according to a defined rotational direction; after storing a correlation between an identification of the client and the rotational direction of the retrieved picture, outputting the rotated picture to the client; receiving a rotational direction of the picture from the client; finding the stored correlation between the identification of the client and the stored rotational direction of the retrieved picture according to the identification of the client; determining whether or not the rotational direction of the picture returned from the client matches the stored rotational direction. If they match, user verification is passed; otherwise, the user verification is failed. The large number of pictures in the database makes it difficult for enumeration. In addition, by using the rotational direction as identification information to verify user, the safety and accuracy of user verification can be enhanced. | 2012-06-14 |
20120151604 | SEEDING OF ACCOUNT SETUP OPERATIONS - A system and method and provided for setting up target user accounts based on the accounts or experiences of other users or archetypes. One example method first includes determining that a first user wants to set up or modify an account for the consumption of digital content items. Then an account profile is identified for a second user that has an affinity with the first user, with the account profile being based on an account of the second user. Underlying protected information in the source account/profile is then protected to ensure that the account profile is free of sensitive or otherwise protected information. The account profile is then made available and used to set up or modify an account for the target user. | 2012-06-14 |
20120151605 | Information Exchange Engine Providing a Critical Infrastructure Layer and Methods of Use Thereof - A virtual record manager and a data exchange engine are provided for dynamically defining data records in a database and for dynamically allocating instances of defined data records. These components are capable of mediating between the database and application and client interface layers to facilitate exchange of information over a network. Embodiments are configured to allow complex data records having a plurality of related fields, and to allow management and exchange of information at both the data field level and data record level. | 2012-06-14 |
20120151606 | SOFTWARE SYSTEM FOR DENYING REMOTE ACCESS TO COMPUTER CAMERAS - A program and method for detecting and preventing the unauthorized remote access of a computer camera by determining whether the camera is activated, and scanning applications to determine if the activation is authorized, and if it is not authorized, then the user is alerted. | 2012-06-14 |
20120151607 | SYSTEM FOR DETECTING INTRUSIONS BY DEVICES WITH OPENABLE CASING - The invention comprises an intrusion-detection system based on a switch | 2012-06-14 |
20120151608 | SYSTEMS AND METHODS FOR SECURING THE POWER SUPPLY OF COMMAND MEANS OF A MICROCIRCUIT CARD IN CASE OF ATTACK - This microcircuit card includes means for detecting an attack on the card, command means ( | 2012-06-14 |
20120151609 | Genetically Modified Rat Models for Pain - This invention relates to the engineering of animal cells, preferably mammalian, more preferably rat, that are deficient due to the disruption of gene(s) or gene product(s) resulting in altered nervous system function. In one aspect, the altered function results in pain in the mammal. In another aspect, the nervous system dysfunction results in prolonged hyperalgesia, allo dynia, and loss of sensory function. In another aspect, the invention relates to genetically modified rats, as well as the descendants and ancestors of such animals, which are animal models of altered nervous system function mediated pain and methods of their use. In another aspect, the genetically modified rats, as well as the descendants and ancestors of such animals, are animal models of nervous system dysfunction resulting in prolonged hyperalgesia, allodynia, and loss of sensory function and methods of their use. In another aspect, the present invention provides a method of identifying a compound useful for the treatment or prevention of pain. | 2012-06-14 |
20120151610 | SOLUBLE "HEAVY-CHAIN ONLY" ANTIBODIES - The present invention provides a high affinity, antigen-specific, soluble heavy chain-only antibody which: lacks hallmark camelid-related amino acid substitutions and has FR2 substitutions which are not found in antibodies which comprise heavy and light chain; shows increased net hydrophobicity within CDR1 and an increased number of charged amino acids present in CDR3; and comprises one or more amino acid substitutions within the framework β-pleated sheet leading to increased net hydrophobicity within FR1 and an increased number of charged amino acids present in FR3. Also provided are VII domains having the same properties, gene segments for their production, methods for their production, transgenic animals and uses of the antibody of the VH domains in therapy. | 2012-06-14 |
20120151611 | METHOD OF PRODUCING AN ANTIBODY USING A CANCER CELL - The present invention aims to provide a method for antibody preparation. The present invention is directed to a method for preparing an antibody-producing cell, which comprises the following steps:
| 2012-06-14 |
20120151612 | NON-SURGICAL APPROACH TO PREVENT AND CORRECT CRANIOFACIAL MALFORMATIONS DURING DEVELOPMENT - The present invention discloses a novel TGF-β signaling mechanism implicated in craniofacial malformation as well as methods and compositions for treating craniofacial malformation utilizing knowledge of the mechanism. Methods of the invention generally comprises administering an effective amount of a TGF-β inhibitor to a subject in need of the treatment. Also disclosed are methods for treating craniofacial malformation by administering Tgf-β, Tgf-βRIII, p38 MAPK inhibitor or neutralizing antibodies to a subject. Also disclosed is a diagnostic method for diagnosing patients at risk of developing craniofacial malformation by determining the level of Tgf-β2 and ectopic p38 MAPK activation. Compounds useful for treating craniofacial malformation may also be discovered by using animal models of the present invention. | 2012-06-14 |
20120151613 | MUTANTS OF ACTIVATION-INDUCED CYTIDINE DEAMINASE (AID) AND METHODS OF USE - The invention provides functional mutants of activation-induced cytidine deaminase (AID) protein that have increased activity as compared to a wild-type AID protein. The invention also provides nucleic acids encoding the functional AID mutants, and vectors and cells comprising the nucleic acids. The invention further provides methods of using the functional mutant AID proteins. | 2012-06-14 |
20120151614 | VECTOR UTILIZING BORNA DISEASE VIRUS AND USE THEREOF - Disclosed is a viral vector comprising
| 2012-06-14 |
20120151615 | PEPPER HYBRID PS09943431 - The invention provides seed and plants of pepper hybrid PS09943431 and the parent lines thereof. The invention thus relates to the plants, seeds and tissue cultures of pepper hybrid PS09943431 and the parent lines thereof, and to methods for producing a pepper plant produced by crossing such plants with themselves or with another pepper plant, such as a plant of another genotype. The invention further relates to seeds and plants produced by such crossing. The invention further relates to parts of such plants, including the fruit and gametes of such plants. | 2012-06-14 |
20120151616 | PEPPER HYBRID PS09954859 - The invention provides seed and plants of pepper hybrid PS09954859 and the parent lines thereof. The invention thus relates to the plants, seeds and tissue cultures of pepper hybrid PS09954859 and the parent lines thereof, and to methods for producing a pepper plant produced by crossing such plants with themselves or with another pepper plant, such as a plant of another genotype. The invention further relates to seeds and plants produced by such crossing. The invention further relates to parts of such plants, including the fruit and gametes of such plants. | 2012-06-14 |
20120151617 | PEPPER HYBRID PS09967422 - The invention provides seed and plants of pepper hybrid PS09967422 and the parent lines thereof. The invention thus relates to the plants, seeds and tissue cultures of pepper hybrid PS09967422 and the parent lines thereof, and to methods for producing a pepper plant produced by crossing such plants with themselves or with another pepper plant, such as a plant of another genotype. The invention further relates to seeds and plants produced by such crossing. The invention further relates to parts of such plants, including the fruit and gametes of such plants. | 2012-06-14 |
20120151618 | PEPPER HYBRID PS09956434 - The invention provides seed and plants of pepper hybrid PS09956434 and the parent lines thereof, such as line SMY 99-1311. The invention thus relates to the plants, seeds and tissue cultures of pepper hybrid PS09956434 and the parent lines thereof, and to methods for producing a pepper plant produced by crossing such plants with themselves or with another pepper plant, such as a plant of another genotype. The invention further relates to seeds and plants produced by such crossing. The invention further relates to parts of such plants, including the fruit and gametes of such plants. | 2012-06-14 |
20120151619 | TOMATO HYBRID PS01533588 - The invention provides seed and plants of tomato hybrid PS01533588 and the parent lines thereof, such as inbred tomato line FDR 15-2090. The invention thus relates to the plants, seeds and tissue cultures of tomato hybrid PS01533588 and the parent lines thereof, and to methods for producing a tomato plant produced by crossing such plants with themselves or with another tomato plant, such as a plant of another genotype. The invention further relates to seeds and plants produced by such crossing. The invention further relates to parts of such plants, including the fruit and gametes of such plants. | 2012-06-14 |
20120151620 | CHLOROPLAST TRANSIT PEPTIDES FOR EFFICIENT TARGETING OF DMO AND USES THEREOF - The invention provides for identification and use of certain chloroplast transit peptides for efficient processing and localization of dicamba monooxygenase (DMO) enzyme in transgenic plants. Methods for producing dicamba tolerant plants, methods for controlling weed growth, and methods for producing food, feed, and other products are also provided, as well as seed that confers tolerance to dicamba when it is applied pre- or post-emergence. | 2012-06-14 |
20120151621 | GENES FOR MICROSOMAL DELTA-12 FATTY ACID DESATURASES AND HYDROXYLASES FROM PLANTS - The preparation and use of nucleic acid fragments encoding fatty acid desaturase enzymes are described. The invention permits alteration of plant lipid composition. Chimeric genes incorporating such nucleic acid fragments with suitable regulatory sequences may be used to create transgenic plants with altered levels of unsaturated fatty acids. | 2012-06-14 |
20120151622 | PHYTOPHTHORA RESISTANCE IN SWEET PEPPERS - The present invention provides sweet bell pepper ( | 2012-06-14 |
20120151623 | LETTUCE CULTIVAR KEEPER - A lettuce cultivar, designated Keeper, is disclosed. The invention relates to the seeds of lettuce cultivar Keeper, to the plants of lettuce cultivar Keeper and to methods for producing a lettuce plant by crossing the cultivar Keeper with itself or another lettuce cultivar. The invention further relates to methods for producing a lettuce plant containing in its genetic material one or more transgenes and to the transgenic lettuce plants and plant parts produced by those methods. This invention also relates to lettuce cultivars or breeding cultivars and plant parts derived from lettuce cultivar Keeper, to methods for producing other lettuce cultivars, lines or plant parts derived from lettuce cultivar Keeper and to the lettuce plants, varieties, and their parts derived from the use of those methods. The invention further relates to hybrid lettuce seeds, plants, and plant parts produced by crossing cultivar Keeper with another lettuce cultivar. | 2012-06-14 |
20120151624 | GARDEN BEAN CULTIVAR H28121 - Three novel garden bean cultivars, designated H28103, H28119 and H28121, are disclosed. The invention relates to the seeds of garden bean cultivars H28103, H28119 and/or H28121, to the plants of garden bean lines H28103, H28119 and/or H28121 and to methods for producing a bean plant by crossing the cultivars H28103, H28119 and/or H28121 with itself or another bean line. The invention further relates to methods for producing a bean plant containing in its genetic material one or more transgenes and to the transgenic plants produced by that method and to methods for producing other garden bean lines derived from the cultivars H28103, H28119 and/or H28121. | 2012-06-14 |
20120151625 | METHODS FOR INCREASING GENETIC GAIN IN A BREEDING POPULATION - Methods for method for increasing genetic gain in a breeding process are provided. Also provided are methods for choosing breeding pairs predicted to produce progeny having desired phenotypes, methods for increasing the likelihood of producing progeny individual having desired phenotypes, methods for generating progeny individual having desired genotypes and/or phenotypes, progeny produced thereby, and cells, seeds, parts, and tissues cultures thereof. | 2012-06-14 |
20120151626 | METHOD FOR EXCISION OF PLANT EMBRYOS FOR TRANSFORMATION - This invention describes a simple method useful for the excision and isolation of maize immature embryos. The embryos are useful for plant tissue culture and transformation methods. | 2012-06-14 |
20120151627 | SELECTABLE MARKER GENE AND METHODS OF USE THEREOF IN TRANSPLASTOMIC PLANTS - Compositions and method for the generation of transplastomic plants are provided. | 2012-06-14 |
20120151628 | GENERATION OF PLANTS WITH ALTERED PROTEIN, FIBER, OR OIL CONTENT - The present invention is directed to plants that display an improved oil quantity phenotype or an improved meal quality phenotype due to altered expression of an IMQ nucleic acid. The invention is further directed to methods of generating plants with an improved oil quantity phenotype or improved meal quality phenotype. | 2012-06-14 |
20120151629 | Nematode-Resistant Transgenic Plants - The invention provides nematode-resistant transgenic plants and seed that express polynucleotides encoding AP2/EREBP transcription factors, harpin-induced proteins, TINY-like transcription factors, annexins, laccases, isoflavone 7-O-methyltransferases, anthocyanidin 3-glucoside rhanmosyltransferases, hsr201-like, or AUX/IAA proteins. The invention also provides methods of producing transgenic plants with increased resistance to plant parasitic nematodes and expression vectors for use in such methods. | 2012-06-14 |
20120151630 | METHODS AND MATERIALS FOR MAKING AND USING TRANSGENIC DICAMBA-DEGRADING ORGANISMS - The invention provides isolated and at least partially-purified dicamba-degrading enzymes, isolated DNA molecules coding for dicamba-degrading enzymes, DNA constructs coding for dicamba-degrading enzymes, transgenic host cells comprising DNA coding for dicamba-degrading enzymes, and transgenic plants and plant parts comprising one or more cells comprising DNA coding for dicamba-degrading enzymes. Expression of the dicamba-degrading enzymes results in the production of dicamba-degrading organisms, including dicamba-tolerant plants. Finally, the invention provides a method of selecting transformed plants and plant cells based on dicamba tolerance and a method of selecting or screening transformed host cells, intact organisms and parts of organisms based on the fluorescence of 3,6-dichlorosalicylic acid produced as a result of dicamba degradation. | 2012-06-14 |
20120151631 | INSECT PEST CONTROL METHOD - The present invention is intended to provide means of pest control which achieve marked pest control effect. The pest control effect is achieved by the incorporation of an inhibitor (IAP inhibitor) against inhibitor of apoptosis (IAP) into the body of the target pest. The expression of the IAP is preferably inhibited by RNAi. | 2012-06-14 |
20120151632 | PHOSPHOLIPASES AND METHODS OF USING SAME - The present invention relates to phospholipase variants, polynucleotides encoding the variant and to nucleic acid constructs, vectors, and host cells comprising the polynucleotides, and methods of using the variant enzymes. | 2012-06-14 |
20120151633 | Polypeptides having endoglucanase activity and polynucleotides encoding same - The present invention relates to isolated polypeptides having endoglucanase activity and isolated polynucleotides encoding the polypeptides. The invention also relates to nucleic acid constructs, vectors, and host cells comprising the polynucleotides as well as methods for producing and using the polypeptides. | 2012-06-14 |
20120151634 | ASSAY FOR MEASURING ROOTWORM RESISTANCE - A method for determining the resistance of a pest to a plant that produces insecticidal toxins. The method involves sampling pests in fields with known pest problems, and in control fields with no known pest problems. Eggs are obtained from the sample pest populations, and larvae hatched from the eggs are evaluated in laboratory bioassays for their survival on two transgenic crop hybrids, each of which contain a unique toxin targeting the pest, and two near isogenic hybrids that lack a gene for the toxin. Mortality rates are determined by counting the larvae recovered, and measuring the larvae instars based on head capsule width to calculate the resistance levels. | 2012-06-14 |
20120151635 | METHODS OF AFFECTING NITROGEN ASSIMILATION IN PLANTS - Provided herein are compositions and methods for producing transgenic plants. In specific embodiments, transgenic plants comprise a construct comprising a polynucleotide encoding CCA1, GLK1 or bZIP1, operably linked to a plant-specific promote, wherein the CCA1, GLK1 or bZIP1 is ectopically overexpressed in the transgenic plants, and wherein the promoter is optionally a constitutive or inducible promoter. In other embodiments, transgenic plants in which express a lower level of CCA1, GLK1 or bZIP1 are provided. Also provided herein are commercial products (e.g., pulp, paper, paper products, or lumber) derived from the transgenic plants (e.g., transgenic trees) produced using the methods provided herein. | 2012-06-14 |
20120151636 | Peptides for Stimulating Plant Disease Resistance - Peptides that stimulate plant disease resistance are described. | 2012-06-14 |
20120151637 | SCANNING TYPE PROBE MICROSCOPE - The present invention provides a fast-operating and stable scanning probe microscope configured to detect the interaction between a probe and a sample to avoid generation of a harmonic component. An oscillation circuit ( | 2012-06-14 |
20120151638 | METHOD FOR MEASURING THE FORCE INTERACTION THAT IS CAUSED BY A SAMPLE - Disclosed is a method for measuring the force interaction caused by a sample, wherein a bias voltage, with respect to the sample, is applied between a tip, and the tip is guided at such a small distance to the sample that a measurable current flows between the tip and the sample, and a sensor and signal converter S, which changes the current flowing through the tip-sample contact depending on the intensity of the force interaction, is formed and used in the region of the force interaction. A scanning tunneling microscope therefor is disclosed. | 2012-06-14 |
20120151639 | ACTINIDIA CHINENSIS PLANT NAMED 'W47' - A new and distinct | 2012-06-14 |
20120151640 | Interspecific tree - A new and distinct variety of interspecific tree. The following features of the tree and its fruit are characterized with the tree budded on ‘Nemaguard’ Rootstock (non-patented), grown on Handford sandy loam soil with Storie Index rating 95, in USDA Hardiness Zone 9, near Modesto, Calif., with standard commercial fruit growing practices, such as pruning, thinning, spraying, irrigation and fertilization. Its novelty consist of the following combination of desirable features:
| 2012-06-14 |
20120151641 | NECTARINE TREE NAMED 'PEARLICIOUS I' - The present invention relates to a new and distinct variety of nectarine tree, | 2012-06-14 |
20120151642 | NECTARINE TREE NAMED 'FIRE TIME' - The present invention relates to a new and distinct variety of nectarine tree, | 2012-06-14 |
20120151643 | Peach tree named 'June Time' - The present invention relates to a new and distinct variety of peach tree, | 2012-06-14 |
20120151644 | Peach tree, 'Burpeachtwentysix' - A new and distinct variety of peach tree ( | 2012-06-14 |
20120151645 | Blackberry Plant Named 'Reuben' - This invention relates to a new and distinct variety of blackberry plant named ‘Reuben’, which is primarily characterized by its primocane fruiting habit, large fruit size, high quality, and high productivity, is disclosed. | 2012-06-14 |
20120151646 | STRAWBERRY PLANT NAMED 'MERIT' - This invention relates to a new and distinct variety of strawberry plant named ‘MERIT’. This new strawberry plant named ‘MERIT’ is primarily adapted to the growing conditions of the central coast of California, and is primarily characterized by its small fruit size; orange red to red fruit color; uniformly shaped conical berries; and small sized plant. | 2012-06-14 |
20120151647 | Variety of Chamaesyce plant named 'SUMMER SNOW' - A new and distinct | 2012-06-14 |