REGISTER now for FREE 
|
FREE patent keyword monitoring and additional FREE benefits. REGISTER now for FREE
|
 
|
|
Information Security > Policy PolicyPolicy patent applications listed are from June 2005 to current and include Date, Patent Application Number, Patent Title, Patent Abstract summary and are linked to the corresponding patent application page.11/22/07 - 20070271593 - Method and apparatus for establishing a security policy, and method and apparatus for supporting establishment of security policy There are provided a method of efficiently establishing a security policy and an apparatus for supporting preparation of a security policy. According to a method of establishing a security policy in six steps, a simple security policy draft is first prepared. The security policy draft is adjusted so as to ... 11/15/07 - 20070266422 - Centralized dynamic security control for a mobile device network An security system for an enterprise network and data automates the revision, deployment, enforcement, auditing and control of security policies on mobile devices connected to said enterprise network, through automated communication between a security policy server and the mobile device. Control of the security system is centralized through administrative control ... 11/15/07 - 20070266421 - System, method and computer program product for centrally managing policies assignable to a plurality of portable end-point security devices over a network A system, method and computer program product for centrally managing policies prescriptively assignable to a plurality of portable end-point security devices over a network is provided. Various embodiments incorporate an central management console configured to define a plurality of group folders on at least one administration server accessible by the ... 11/15/07 - 20070266420 - Privacy modeling framework for software applications Embodiments of the present invention address deficiencies of the art in respect to privacy compliance assessment for computer software and provide a method, system and computer program product for a privacy model framework for software applications. In one embodiment, a privacy modeling data processing system can be provided. The privacy ... 11/08/07 - 20070261100 - Platform independent distributed system and method that constructs a security management infrastructure Platform independent distributed software that constructs a security management infrastructure for different locations is described. The software includes a control manager module regulating access to critical business assets. The control manager interfaces with and bridges various type of biometric software and hardware systems. The software further includes a tracking model ... 11/08/07 - 20070261099 - Confidential content reporting system and method with electronic mail verification functionality A confidential content reporting system and method with electronic mail verification functionality are provided. With the system and method, a security compliance search engine is provided for searching items of information to identify items containing confidential content and security violations with regard to this confidential content. Results of the search ... 11/01/07 - 20070256116 - Automatic derivation of access control policies from a choreography A system architecture and algorithm for automatically generating, installing and enforcing access control policies that correspond to an agreed specification of collaboration. A collaboration member enforces its access control policies using a dedicated access controller separate from a workflow engine. In one embodiment, each access control policy contains extensions which ... 10/25/07 - 20070250905 - Method, system and computer program for managing user authorization levels An embodiment of the invention is a method of managing user authorization levels for access to a plurality of applications. The method includes receiving a request from a user to establish a user profile and establishing an employment indicator for the user. A user authorization level template is obtained in ... 10/18/07 - 20070245401 - Policy-based security certificate filtering Policy filtering services are built into security processing of an execution environment for resolving how to handle a digital security certificate of a communicating entity without requiring a local copy of a root certificate that is associated with the entity through a certificate authority (“CA”) chain. Policy may be specified ... 10/11/07 - 20070240197 - Platform posture and policy information exchange method and apparatus Transport agnostic, secure communication protocol for transmitting host platform posture information to the Network Access Control Server or PDP (Policy Decision Point) and for receiving policy information to be enforced on the trusted host platform and respective applications for data processing and communication are described herein. ... 10/11/07 - 20070240196 - Wireless communication database management A technique for updating and maintaining a wireless communication database (40) includes several features. One feature is a search capability that facilitates, for example, an individual locating appropriate portions of the database to be updated in a desired manner. A platinum data image portion includes a relational database regarding various ... 10/11/07 - 20070240195 - Method and system for certified publication of content A method and system for certified publication of content. A content-supplier provides content and supplies an access-server with a content-description and digital signature. A content-certifier obtains an access-token from the access-server and submits the access-token to the content-supplier with a request to obtain the content to be certified. The content-supplier ... 10/11/07 - 20070240194 - Scoped permissions for software application deployment Provided is a method for defining security permissions in a computer application in a manner that distributes the assignment of security permissions among multiple levels of the software development and delivery process. A developer defines the permissions for a particular application as metadata and saves the permissions in a permissions ... 09/27/07 - 20070226775 - System and method for enforcing policy in a communication network A system for enforcing policy in a communication network includes a policy server which is operable to receive a request to invoke an application, receive a policy profile for a network user, and decide a proper allocation of network users based on the policy profile, the application, and available network ... 09/27/07 - 20070226774 - Method and apparatus for providing access to an identity service Method, apparatus and computer program for providing access to identity services of users. A Discovery Service DS server (100) stores for a set of users references (RO1A,ROnB) of identity services (IDSRV-A,IDSRV-B) available for them and usable to contact respectively with the Service Providers SPs (120,130) hosting each of said identity ... 09/27/07 - 20070226773 - System and method for using sandboxes in a managed shell The present invention allows shell program to be managed with security policies and enforced using sandboxes enforced by the security manager of a managed environment. The additional security policies may come from shell tool specific security policies, application specific security policies, resource based security policies, shell based policies, owner based ... 09/20/07 - 20070220588 - Application-aware policy enforcement In one embodiment, a method includes receiving a first message from a first manager. The first message includes a first element of a request for policy authorization. The request for policy authorization attempts to reserve particular network resources for a particular application context. The method includes, in response to the ... 09/20/07 - 20070220586 - Computing resource assignment method and apparatus using genetic algorithms A computer-based solver provides a method of assigning computing resources in a data center to meet computing resource requirements of an application. The solver initially creates a list of application components wherein each application component represents a largest possible combination of shared resource requirements from the application. Next, the solver ... 09/20/07 - 20070220585 - Digital rights management system with diversified content protection process Some embodiments of the invention provide a digital rights management (DRM) method for distributing content to users over a network. Based on a first set of diversity indicia, the method identifies a first security element for distributing a set of content to a first computer. The set of content includes ... 09/06/07 - 20070209058 - Vendor-neutral policy based mechanism for enabling firewall service in an mpls-vpn service network A technique that simplifies managing and configuring firewalls by provisioning a vendor-neutral firewall in an MPLS-VPN service network. In one example embodiment, this is accomplished by creating a vendor-neutral firewall policy using a service activation tool residing in a host server. One of the one or more VPNs requiring the ... 08/30/07 - 20070204327 - Method, apparatus, and computer product for protecting terminal security A determining unit determines whether a terminal is in a communicable state with other terminal via a personal area network. A restricting unit restricts use of the terminal, when the determining unit determines that the terminal is not in the communicable state with the other terminal via the personal area ... 08/30/07 - 20070204324 - Method of customizing a standardized it policy A system and method are described herein for standardizing an IT policy that is used to configure devices operating on a network. An IT policy can be generated that applies to a group of users or to one or more special users without having to define and store a new ... 08/30/07 - 20070204323 - Auto-detection capabilities for out of the box experience Various embodiments are described in connection with auto-detection capabilities of a device in an industrial environment. The device can behave differently in a secured environment than it would in an unsecured environment. If in a secured environment, the device can obtain an auto configuration policy to control the device's security ... 08/23/07 - 20070199044 - Systems and methods for distributed security policy management In an embodiment, a system for distributed security policy management is described. The system may include, a security policy server, a network server at a client network and one or more client workstations on the client network. In an embodiment, the security policy server is configured to receive updates to ... 08/16/07 - 20070192827 - Method and apparatus for policy management in a network device A method and apparatus for policy management in a network intermediary device. One embodiment of the invention, includes establishing a session between a client and an intermediary device on a network to enable processing of a communication between the client and the intermediary device. Then, the communication is processed by ... 08/16/07 - 20070192826 - I/o-based enforcement of multi-level computer operating modes A computer is architected so that a monitoring and enforcement of an operating policy is carried out at an interface circuit that transmits data between a processor and one or more function blocks. The function blocks may include system memory, a display, a network, a USB port, or a non-volatile ... 08/16/07 - 20070192825 - Disaggregated secure execution environment An electronic device, such as, a computer, may be adapted for self-monitoring for compliance to an operating policy. The operating policy may specify a pay-per-use or subscription business model and measurements associated with compliant usage. A secure execution environment may measure usage in accordance with the business model as well ... 08/16/07 - 20070192824 - Computer hosting multiple secure execution environments A plurality of secure execution environments may be used to bind individual components and a computer to that computer or to blind computers to a given system. The secure execution environment may be operable to evaluate characteristics of the computer, such as memory usage, clock validity, and pay-per-use or subscription ... 08/16/07 - 20070192823 - Policy administration and provisioning Techniques for administering and provisioning policies are provided. Policies are translated to an intermediate format and provisioned to heterogeneous devices in native formats of those devices. Administration and interfaces to define and update the policies may occur in the intermediate format or in the native formats. Policies may be combined ... 08/02/07 - 20070180490 - System and method for policy management The invention provides a system and method for providing policy-based protection services. As a new threat is understood, one or more protection techniques are considered for protecting the asset, the organization assigns responsibilities to carry out or protect the asset, and a policy is constructed. After the policy is developed ... 07/26/07 - 20070174896 - Security policy assignment apparatus and method and storage medium stored with security policy assignment program A security policy assignment apparatus includes an acquisition unit that acquires key data from a set field in a digital document or its associated data and an assignment unit that assigns a security policy, which has been set with a set value corresponding to the acquired key data, to the ... 07/19/07 - 20070169169 - Method, system and apparatus for implementing data service security in mobile communication system A method for implementing data service security in a mobile communication system includes: obtaining security condition of a user terminal based on security-relevant configuration information reported by the user terminal; determining a security policy for the user terminal based on the security-relevant configuration information of the user terminal and security ... 07/19/07 - 20070169168 - Multilayer policy language structure A policy language for an information management system has a three-layer structure that allows specifying one or more policies using policy abstractions. The policies and policy abstractions are in two different layers and decoupled from one another, so policies and policy abstractions may be specified and altered separately from each ... 07/05/07 - 20070157288 - Deploying policies and allowing off-line policy evaluations In an information management system, policies are deployed to targets and targets can evaluate the policies whether they are connected or disconnected to the system. The policies may be transferred to the target, which may be a device or user. Relevant policies may be transferred while not relevant policies are ... 07/05/07 - 20070157286 - Analyzing security compliance within a network A security policy database identifies the intended security policies within a network, a traffic generator provides test traffic that is configured to test each defined security policy, and a simulator simulates the propagation of this traffic on a model of the network. The model of the network includes the configuration ... 06/28/07 - 20070150937 - Secure game download A method for gaming terminals, gaming kiosks and lottery terminals to ensure that the code-signing verification process of downloaded game software can be trusted. Drivers independently developed from the operating system supplier are embedded within the operating system kernel to verify that the micro-coded hardware components, the BIOS, the operating ... 06/28/07 - 20070150936 - Orchestration of policy engines and format technologies Policies can combine the efficiency of rule sets with the flexible expression power of workflow engines, as well as advantages of other programming languages and engines. Consistent modelling of policy rules is provided across different levels, such as network, control, and service levels. In one system, a policy module can ... 06/28/07 - 20070150932 - Systems and methods for providing secure access to embedded devices using a trust manager and a security broker A trust manager receives client account information from a client, determines whether the client account information is valid, and determines whether the client is authorized to access one or more embedded devices that are in electronic communication with a security broker. The trust manager also receives security broker account information ... 06/21/07 - 20070143824 - System and method for enforcing a security policy on mobile devices using dynamically generated security profiles A system and method for enforcing security parameters that collects information from a source relating to a mobile device (104). Based on the collected information, an identity status for the mobile device (104) is determined that uniquely identifies the mobile device (104) and distinguishes it from other mobile devices. The ... 06/21/07 - 20070143823 - Application context based access control A context based access control system that includes a set of one or more authorization contexts that are activated in response to selection of different functions or tasks or other functional boundary object of an application program. The authorization contexts are associated with one or more access policies that are ... 06/14/07 - 20070136784 - Communication terminal apparatus A disclosed communication terminal apparatus includes: a system control unit performing a plurality of device functions and a network communication function capable of communication via a network, wherein usage history information regarding each of the plural device functions is modified and transmitted in a semantic XML document of a predetermined ... 06/14/07 - 20070136783 - Communications traffic segregation for security purposes Technology for applying a communications traffic security policy in which a distinct communications traffic flow is segregated based upon a security value; whereby the communications traffic security policy include one or both of a detection and an enforcement policy. The detection policy may include determining whether the segregated communications traffic ... 05/31/07 - 20070124797 - Policy based service management A system and a method for policy management in a web services environment includes a policy design tool, a policy storage and a policy manager controller. The policy design tool creates (or updates) a policy for association with a web service. The policy storage stores the policy. The policy manager ... 05/24/07 - 20070118874 - System and method for handling electronic messages A system and method for handling secure-format messages in a communication system. The communication system includes a message server that receives secure-format messages from senders and one or more message recipients that may receive messages forwarded from the message server. The message server operates in conjunction with a secure message ... 05/17/07 - 20070113266 - Operating system independent data management Apparatuses and methods provide operating system independent digital rights management. A request can be made for data, which can be monitored by a security module. The security module is independent of a host operating system and manages digital rights for the requested data. Thus, digital rights management occurs outside the ... 05/17/07 - 20070113265 - Automated staged patch and policy management A security information management system is described, wherein client-side devices preferably collect and monitor information describing the operating system, software, and patches installed on the device(s), as well as configuration thereof. A database of this information is maintained, along with data describing vulnerabilities of available software and associated remediation techniques ... 05/10/07 - 20070107041 - Information processor, method and program for controlling incident response device An information processor, which controls an incident response device to perform an incident response toward a communication device, realizes the following functions: detecting an incident occurrence in the communication device; storing response information which is information indicative of the incident response that the incident response unit should perform, and target ... 05/10/07 - 20070107040 - Secure information id software/program A program that stores personal, family and general information on a CD Rom, Diskette, Flash, Jump, Hard drive, etc. The program contains several tabs entitled Personal, Medical, Credit Card, Passport, Insurance, Pet, Parents, School, Users, Phone Book, My Files and Other, and corresponding fields. For example Users Information allows several ... 04/26/07 - 20070094707 - Rule based security policy enforcement A rules based system enforces security policies in a data access management system. The rules based system provides rules that preclude certain activities, but those rules are only implemented and fired upon certain conditions occurring. This results in certain actions being precluded when specified conditions are true, without additional software ... 04/19/07 - 20070089162 - Method of controlling service access in ubiquitous environments and middleware therefor A security middleware for controlling service access in ubiquitous environments and a method thereby are provided. The security middleware includes: a service discovery manager discovering services needed for an application; a RBAC UA manager determining services accessible by a role of which a user of the application is assigned to ... 04/19/07 - 20070089161 - Modular network-assisted policy resolution The present invention relates to a policy resolution method and system, access network and terminal device for enabling modular network-assisted policy resolution, wherein the policy resolution is divided into separate stages each handling specific types of trigger events and performing specific types of policy actions. The separate stages are processed ... 03/22/07 - 20070067821 - Pre-negotiation and pre-caching media policy A device receives streaming media comprised of discrete content packets. The device separately receives policies that are associated with specific content packets. The policies are processed prior to receiving the content packets, such that the device is made ready to consume the content packets when they are received. ... 03/08/07 - 20070056019 - Implementing access control policies across dissimilar access control platforms A method of implementing access control requirements to control access to a plurality of system resources. The requirements are modeled as contents of security policies. The security policy contents are integrated into a policy set. Representations of the integrated policy set are generated, each representation corresponding to a target system ... 03/08/07 - 20070056018 - Defining consistent access control policies A method of defining policies for controlling access to resources of a system. Authorization requirements for the system are modeled to obtain a model expressing each of a plurality of access control policies as a constraint. From the model is generated a single policy set in an authorization markup language ... 02/08/07 - 20070033636 - Autonomous policy discovery Techniques for autonomous policy discovery are provided. Machines have personality profiles. The personality profiles permit machines to request advice from different machines having similar personality profiles. This facilitates automatic and autonomous discovery of policies for detected events and facilitates autonomous processing of actions, which are processed in response to the ... 02/08/07 - 20070033635 - Method, apparatus, and program product for autonomic patch deployment based on autonomic patch risk assessment and policies An automatic patch deployment system is provided that deploys a patch according to an assessed risk and a policy. The policy may specify actions to be taken to deploy the patch for different categories of risk. The automatic patch deployment system receives a patch notification, an assessment of the risk, ... 02/01/07 - 20070028291 - Parametric content control in a network security system A security system provides a defense from known and unknown viruses, worms, spyware, hackers, and social engineering attacks. The system can implement centralized policies that allow an administrator to approve, block, quarantine, or log file activities. The system can provide and update a security value that causes host computers to ... 01/18/07 - 20070016937 - Generating an outbound connection security policy based on an inbound connections security policy A security system that allows an outbound security policy for the connection security to be automatically derived from an inbound security policy for connection security is provided. The security system for an inbound security policy has security suites that each specify one or more security algorithms. Because the security system ... 01/04/07 - 20070006280 - Security management apparatus for office appliance, security management method for office appliance and security management program for office appliance There is disclosed a security managing apparatus and so on that are to be used for an office appliance in order to enhance the degree of freedom of security management of the office appliance to thereby improve the security and the operability of the office appliance. The security management apparatus ... 01/04/07 - 20070006279 - Active new password entry dialog with compact visual indication of adherence to password policy An active new password entry dialog provides a compact visual indication of adherence to password policies. A visual indication of progress towards meeting all applicable password policies is included in the display and updated as new password characters are being entered. A visual hint associated with at least one applicable ... 01/04/07 - 20070006278 - Automated dissemination of enterprise policy for runtime customization of resource arbitration A system and method for disseminating policies to multiple policy-based components includes a policy producer which generates a group of policies to be enforced. A policy disseminator classifies each policy with a type, and for each policy type, the policy disseminator identifies policy-based components that handle a corresponding policy type. ... 12/28/06 - 20060294577 - System and method of resolving discrepancies between diverse firewall designs A system, computer-implementable method, and computer-usable medium for resolving discrepancies between diverse firewall designs. In a preferred embodiment of the present invention, a firewall design manager receives at least two designs for a rule-based system and computing at least one functional discrepancy between the at least two designs utilizing decision ... 12/28/06 - 20060294576 - Efficient retrieval of cryptographic evidence An efficient protocol for retrieving cryptographic evidence may be selected by evaluating a local policy and a number of relevant factors. Furthermore, updated cryptographic evidence may be prefetched during a time period in which there is a low volume of requests for cryptographic evidence. This low volume time period may ... 12/28/06 - 20060294575 - Method and apparatus for use in security A security system for securing data paths in a network responds to events to change parameters of the security features in use. For example, it can change the type of encryption algorithm being used, or parameters of the encryption algorithm such as the key length or number of rounds of ... 12/21/06 - 20060288401 - System and method for generating a java policy file for eclipse plug-ins A system and method for automatically generating a Java policy file for an Eclipse Java program. A system is provided that includes an execution environment for executing the Eclipse Java program; and an extended security manager having a policy generator tool for documenting permissions required by the Eclipse Java program ... 12/14/06 - 20060282878 - Expression of packet processing policies using file processing rules Methods and apparatuses for distribution of rules using file-level Web-based protocols. The rules are mapped to a packet processing rules having a different outcome schema and applied by a client device. ... 12/14/06 - 20060282877 - Mobile authorization using policy based access control An authorization engine is provided in a remote device for mobile authorization using policy based access control. To ensure that remote devices can enforce consistent authorization policies even when the devices are not connected to the server, the remote device downloads the relevant authorization policies when the business objects are ... 12/14/06 - 20060282876 - Conditional activation of security policies A conditional activation system distributes a security policy to the computer systems of an enterprise. Upon receiving a security policy at a computer system, the computer system may install the received security policy without activation. When a security policy is installed without activation, it is loaded onto a computer system ... 12/07/06 - 20060277592 - System and method for determining a security encoding to be applied to outgoing messages A system and method for determining a security encoding to be applied to a message being sent by a user of a computing device, such as a mobile device, for example. In one broad aspect, the method comprises the steps of identifying a message to be sent to at least ... 12/07/06 - 20060277591 - System to establish trust between policy systems and users A system and method are provided to establish trust between a user and a policy system that generates recommended actions in accordance with specified policies. Trust is introduced into the policy-based system by assigning a value to each execution of each policy with respect to the policy-based system, called the ... 12/07/06 - 20060277590 - Remote management of mobile devices Systems and methodologies that proactively push down and enforce policies of a server(s) on mobile devices, when such devices connect to the server(s) for data synchronization. The subject invention employs a policy delivery and enforcement logic that is integrated as part of a communication channel (e.g. a single communication channel) ... 11/30/06 - 20060272003 - Automatic discovery of controlling policy enforcement point in a policy push model The present invention provides a method for performing automatic discovery of controlling policy enforcement points in a policy push computer network. The method involves a policy decision point sending a discover message toward an end point on a computer network; receiving a response from a policy enforcement point; reading a ... 11/30/06 - 20060272002 - Method for automating the management and exchange of digital content with trust based categorization, transaction approval and content valuation A method for automating the decisions involved in digital content management. It accomplishes these goals through the definition of machine-actionable rules for categorization, transfer approval and content valuation. These rules in turn approve or deny requests for action based on the degree of trust (calculated as reputation) of the counterparty ... 11/23/06 - 20060265733 - Method and apparatus for security policy and enforcing mechanism for a set-top box security processor In multimedia systems that implement secure access techniques, a method and apparatus for a security policy and enforcing mechanism for a set-top box security processor are provided. A security policy may be determined for a multimedia terminal based on high-level requirements by various system users. A default mode of operation ... 11/16/06 - 20060259952 - Unified roaming profile network provisioning system A method of network provisioning where a profile is associated with a specific end-user node and policies are enforced via a unified network provisioning appliance. Unlike traditional back-ends where multiple discrete devices are deployed to provision a network, the present invention can be implemented as a single unified device with ... 11/16/06 - 20060259951 - Selection of a communication interface A data processing mechanism is disclosed for selection of a communication interface for a communication device from a plurality of communication interfaces provided by a communication system. The mechanism comprises a first controller entity for executing a first selection routine for considering at least one first policy on communication via ... 11/16/06 - 20060259950 - Multi-layer system for privacy enforcement and monitoring of suspicious data access behavior A method for controlling data access in a data-at-rest system includes executing a link intrusion prevention analysis between multiple layers of the data-at-rest system, introducing a privacy policy at enforcement points that span multiple system layers, and dynamically altering the privacy policy. ... 11/16/06 - 20060259949 - Policy based composite file system and method A policy configurable file system includes a computer system upon which the policy configurable file system operates, a policy source for providing the configuration policies, and one or more file servers. The computer system includes software for enforcing one or more configuration policies. The policy source is typically either a ... 11/16/06 - 20060259948 - Integrated document handling in distributed collaborative applications A method of handling electronic documents can include determining at least one safety parameter of an electronic document and classifying the electronic document based upon the at least one safety parameter. A restriction policy can be selected based upon the classifying step. The selected restriction policy can be implemented for ... 11/16/06 - 20060259947 - Method for enforcing a java security policy in a multi virtual machine system A system and method for enforcing a security policy in a distributed system. A request is transmitted to a receiving program on a first virtual machine to permit a requesting program on a second virtual machine to access the receiving program. A first call stack is accessed in the target ... 11/16/06 - 20060259946 - Automated staged patch and policy management A security information management system is described, wherein client-side devices preferably collect and monitor information describing the operating system, software, and patches installed on the device(s), as well as configuration thereof. A database of this information is maintained, along with data describing vulnerabilities of available software and associated remediation ... 11/09/06 - 20060253892 - System and method for handling per subscriber application and bearer authorization in a communications environment An architecture for handling per subscriber application and bearer authorization in a network environment is provided that includes an application element operable to indicate that signaling responses have been authorized at a per-subscriber application level, whereby an end user has previously established an IP session and requested an application service. ... 11/02/06 - 20060248576 - Optical identification chips An optical identification element. The optical identification element is associated with an object and includes encoded or stored information associated with the object. The optical identification element includes an optical assembly that generates electrical power in response to incident light from a reader. The generated electrical power is used by ... 11/02/06 - 20060248575 - Divided encryption connections to provide network traffic security Security measures are applied to encrypted data exchanges by enabling content decryption, rule application, and content re-encryption at a network location that is between two nodes engaged in a secure transaction. A first encryption-enabled connection is established from the first node to a content filter, while a second encryption-enabled connection ... 11/02/06 - 20060248574 - Extensible security architecture for an interpretive environment The techniques and mechanisms described herein are directed to an extensible security architecture that provides a security mechanism for minimizing security problems within interpretive environments. The extensible security architecture comprises a script engine configured to process a script and a security manager configured to monitor the processing of the script ... 11/02/06 - 20060248573 - System and method for developing and using trusted policy based on a social model A trust policy is constructed based upon a social relationship between real-world entities. The trust policy may determined based upon a social network and social network maps. The social network map provides a framework to determine social distances. The trust policy provides quick and secure access to desired or trusted ... 10/26/06 - 20060242684 - System, method and computer program product for applying electronic policies A system, method and computer program product are provided for policy management. In use, a plurality of rules for applying policies to a computer are identified. Further, information associated with the computer is also identified. Such rules and information are then utilized for applying the policies to the computer. ... 10/19/06 - 20060236370 - Network security policy enforcement using application session information and object attributes A packet traversing on the computer network is received; session information is generated from the packet with the session information including a client network address and a server network address; the packet is associated with at least one object attribute from the directory by using the session information; and a ... 10/19/06 - 20060236369 - Method, apparatus and system for enforcing access control policies using contextual attributes A method, apparatus and system provide access control utilizing contextual attributes. An access control module may receive a client request for access to a protected resource. The access control module may examine the contextual attributes associated with the request and compare the attributes against a policy database. If the attributes ... 10/19/06 - 20060236368 - Resource manager architecture utilizing a policy manager Resource management architectures implemented in computer systems to manage resources are described. In one embodiment, a general architecture includes a resource manager and multiple resource providers that support one or more resource consumers such as a system component or application. Each provider is associated with a resource and acts as ... 10/19/06 - 20060236367 - Method for providing wireless application privilege management A method for providing an administration policy to a user device comprising a plurality of applications, the method comprising centrally generating the administration policy to be implemented in the user device, the administration policy comprising at least one of an application administration policy to be used by at least one ... 10/19/06 - 20060236366 - Systems and methods for generating secure documents from scanned images A system for preparing and securing a scanned document for use by an application may include a scanner configured to scan a document and a processor coupled to the scanner. The processor may be configured to determine a security profile to be assigned to the document based on a predefined ... 10/19/06 - 20060236365 - Secured network processor A method and system for sharing data between networks comprises an interface for receiving data from plural inputs; a policy-based router operationally connected to the interface, the policy-based router assigns security levels to the data based on security characteristics of the inputs and the policy-based router assigns virtual Internet protocol ... 10/19/06 - 20060236364 - Policy based method, device, system and computer program for controlling external connection activity The invention relates to controlling of an activity of external connections and in particular in situation where a device lock is on. This is achieved by a method, a device, a system, a computer program product and a computer program. In the method it is detected that the device lock ... 10/19/06 - 20060236363 - Client architecture for portable device with security policies In a particular embodiment, a client module is deployed on a wireless device. The client module comprises a policy database including a list of authorized devices to which the wireless device may communicate. In another embodiment, the client module comprises a policy database including at least two user profiles on ... 10/12/06 - 20060230432 - Policy algebra and compatibility model The present invention provide for an algebraic mapping of a policy expression from a compact to a normalized form, both in Boolean and set formulations. The policy algebra is defined in such a way that policy alternatives within the normalized expression will be the same across equivalent compact expressions—regardless of ... 10/12/06 - 20060230431 - System and method for implementing a private virtual backbone on a common network infrastructure A network security system is provided comprising a plurality of network bubbles wherein each bubble includes bubble members configured to transmit and receive data. Bubbles have network security policies that may be enforced by a plurality of network control point devices. The system further includes a private virtual backbone configured ... 10/12/06 - 20060230430 - Method and system for implementing authorization policies for web services A method, system and computer program product for implementing authorization policies for web services may include defining an authorization policy for access to a web service. The method, system and computer program product may also include attaching the authorization policy to a service definition for the web service. ... 10/05/06 - 20060225124 - System and method for enforcing functionality in computer software through policies A method and system for enforcing functionality in computer software through policy including converting a natural language policy to sample code, wherein the natural language policy is represented by logical patterns; creating one or more static analysis rules from the sample code to enforce the natural language policy at a ... 10/05/06 - 20060225123 - Use of policy levels to enforce enterprise control A system and method for using hierarchical policy levels for distribution of software in a computer network. In one embodiment, computers of the network are arranged into a hierarchy. A management policy server with access to the network queries the hierarchy to identify computers at or below its own level ... 09/28/06 - 20060218621 - Method for enabling authentication without requiring user identity information Authentication based on contextual attributes of a client device may be accomplished by receiving, by a service provider, a request for access from the client device to available content; determining whether access to the content is restricted by a policy; challenging the client device to provide contextual attributes required by ... 09/21/06 - 20060212925 - Implementing trust policies Embodiments of the present invention provide methods, systems, and software for implementing trust policies. Such policies may be implemented in a variety of ways, including at one or more border devices, client computers, etc. In accordance with various embodiments, a communication between a client computer (and/or application) and an online ... 09/21/06 - 20060212924 - Inheritance based network management The present invention teaches a methodology for provisioning and managing a network having many network devices. In certain embodiments, groups of member devices are created each having a group policy configuration inherited by member devices. A variety of rules regarding prioritization, versioning, system snapshot, redo and undo are also taught. ... 08/24/06 - 20060190987 - Client apparatus, device verification apparatus, and verification method A client apparatus for utilizing services by executing service programs includes a policy holding unit, a verification unit, a verification result holding unit, and a verification result notification unit. The policy holding unit holds a service-specific verification policy pre-checked by a device verification apparatus. The verification unit verifies an operation ... 08/24/06 - 20060190986 - System and method for dynamically allocating resources A computer network has a number of resources. One or more trusted localisation provider certifies the location of the resources. Encrypted data is closely associated with a policy package defining privacy policies for the data and metapolicies for their selection. A trusted privacy service enforces the privacy policies. The trusted ... 08/24/06 - 20060190985 - Automated policy change alert in a distributed enterprise A distributed enterprise includes a policy management module and policy library for automating policy change alerting. The policy management module and policy library are configured to list associations between published policies, published policy exceptions, and one or more systems policies, and to determine if changes to published (written) enterprise policies, ... 08/24/06 - 20060190984 - Gatekeeper architecture/features to support security policy maintenance and distribution In a particular embodiment, a network module deployed at a wireless network access node is disclosed. The network module comprises a policy database including a list of authorized wireless mobile devices and an agent for enforcing rules of the policy database. ... 08/17/06 - 20060184995 - Creating a privacy policy from a process model and verifying the compliance The present invention provides methods and apparatus for creating a privacy policy from a process model, and methods and apparatus for checking the compliance of a privacy policy. An example of a method for creating a privacy policy from a process model according to the invention comprises the following steps. ... 08/03/06 - 20060174320 - System and method for efficient configuration of group policies A registry of system information may have several sections. Group policies may be represented by entries in particular sections of the registry. A policy map may map group policies to the sections and entries of the registry. A policy map registry section field of the policy map may specify one ... 08/03/06 - 20060174319 - Methods and apparatus providing security for multiple operational states of a computerized device A system controls security during operation of a computerized device by enforcing a first security policy during first operational state of the computerized device. Enforcement of the first security policy provides a first level access to resources within the computerized device by processes operating in the computerized device. The system ... 08/03/06 - 20060174318 - Method and system for troubleshooting when a program is adversely impacted by a security policy A method and system for selectively excluding a program from a security policy is provided. The security system receives from a user an indication of a program with a problem that is to be excluded from the security policy. When the program executes and a security enforcement event occurs, the ... 07/20/06 - 20060161966 - Method and system for securing a remote file system A method and system for controlling access to files in a remote file system is provided. In one embodiment, a firewall system at a client computer system intercepts requests originating from the client computer system and sent to the remote file system for accessing remote files, that is, files stored ... 07/20/06 - 20060161965 - Method and system for separating rules of a security policy from detection criteria A method and system that enables a security policy to separate developer-provided detection criteria from an administrator-provided custom policy is provided. The security system allows a developer of detection criteria to provide a signature file containing the signatures that are available for use by a security policy. The security system ... 07/13/06 - 20060156383 - Smart buffering for policy enforcement The present invention discloses a method for smart buffering for a policy resolution and policy enforcement system. The invention can be applied to a communication system with one or several available communication network(s). The trigger events and policy actions form input and output buffers to be processed in the invention. ... 07/13/06 - 20060156382 - Approach for deleting electronic documents on network devices using document retention policies An approach is provided for deleting electronic documents using a document retention policy that specifies one or more deletion criteria for documents belonging to each of a plurality of document classifications. The document retention policy is defined by document retention policy data that is managed by a document retention policy ... 07/13/06 - 20060156381 - Approach for deleting electronic documents on network devices using document retention policies An approach is provided for deleting electronic documents on network devices using a document retention policy. The document retention policy specifies one or more deletion criteria for documents belonging to each of a plurality of document classifications. The document retention policy is defined by document retention policy data that is ... 07/13/06 - 20060156380 - Methods and apparatus providing security to computer systems and networks A system provides security to a computerized device by detecting a sequence of related processing operations within the computerized device and recording the sequence of related processing operations in a security history. The system identifies a security violation when a processing operation performed in the computerized device produces an undesired ... 07/13/06 - 20060156379 - Reactive audit protection in the database (rapid) A method for proactively enforcing security in a computer system is provided. A plurality of security modification rules is stored for a system. A set of conditions is associated with each security modification rule. Based on one or more audit records generated for the system, the system determines whether the ... 07/13/06 - 20060156378 - Intelligent interactive multimedia system An interactive multimedia system comprising a core server, streaming servers, and encoders. The core server comprises an authentication server, a master server, a web server, and a database. The authentication server is for checking authenticity of users. The master server redirects users to a specific server based on a policy ... 07/06/06 - 20060150238 - Method and apparatus of adaptive network policy management for wireless mobile computers System(s) and method(s) are provided that utilize external resources and protect the integrity of data within a mobile communication device and data communicated with the mobile communication device. The device includes an extrinsic data analysis component that receives information about both an external environment and an internal state. The device ... 06/29/06 - 20060143689 - Information flow enforcement for risc-style assembly code A method, article of manufacture and apparatus for performing information flow enforcement are disclosed. In one embodiment, the method comprises receiving securely typed native code and performing verification with respect to information flow for the securely typed native code based on a security policy. ... 06/29/06 - 20060143688 - Establishing and enforcing security and privacy policies in web-based applications Method, system, and computer code for implementing security and privacy policy in a web application having an execution environment in which a representation of each object handled by the execution environment accommodates data and an associated tag. An inbound tagging rule is established for tagging inbound objects according to a ... 06/29/06 - 20060143687 - Secure controller for block oriented storage A storage controller includes a command pointer register. The command pointer register points to a chain of commands in memory, and also includes a security status field to indicate a security status of the first command in the command chain. Each command in the command chain may also include a ... 06/29/06 - 20060143686 - Policies as workflows Methods, systems, and machine-readable mediums are disclosed for policy enforcement. In one embodiment, the method comprises receiving a communication and executing a workflow to apply one or more policies to the communication. The workflow includes a logical combination of one or more conditions to be satisfied and one or more ... 06/29/06 - 20060143685 - Systems and processes for managing policy change in a distributed enterprise A method for managing changes to policies in an enterprise includes receiving a systems policy change request to change a systems policy that implements a published enterprise policy, determining whether the requested systems policy change complies with the published enterprise policy, and updating the systems policy according to the requested ... 06/22/06 - 20060136988 - Resource manager architecture utilizing a policy manager Resource management architectures implemented in computer systems to manage resources are described. In one embodiment, a general architecture includes a resource manager and multiple resource providers that support one or more resource consumers such as a system component or application. Each provider is associated with a resource and acts as ... 06/22/06 - 20060136987 - Communication apparatus In a communication apparatus processing a packet transmitted/received by a device connected to a network, an identifying/processing policy storing portion stores a basic identifying policy and processing policy for determining an identification and processing of a packet corresponding to transmitted information from a device, a transmitted information extractor extracts the ... 06/22/06 - 20060136986 - Enterprise security monitoring system and method Embodiments of the invention provide an enterprise security solution wherein each network node itself enforces a predetermined security policy. In these embodiments, platform independent agents and coordinators run on any type of network node and require no central server to implement policy are utilized. With no requirement for access to ... 06/22/06 - 20060136985 - Method and system for implementing privacy policy enforcement with a privacy proxy A method is presented for enforcing a privacy policy concerning management of personally identifiable information in a centralized manner through a privacy proxy agent. A proxy intercepts a message from a first system to a second system, e.g., from a server to a client, and determines whether the message is ... 06/08/06 - 20060123462 - Systems and methods for protecting private information in a mobile environment Techniques for protecting non-public information in a mobile environment are provided. A request for non-public information about users in a mobile environment is received. Privacy policies, non-public and optional public information about the users affected by the request are determined. An optional privacy impact indicator is determined based on how ... 06/08/06 - 20060123461 - Systems and methods for protecting privacy Techniques for providing privacy protection are provided. A query is received. Privacy policy information, extracted knowledge and optional information about available public information are determined. Information about the knowledge extraction transformations applied to create the extracted knowledge and the source data is determined. Privacy protecting transformations are determined and applied ... 06/01/06 - 20060117376 - Charging via policy enforcement Methods, systems, and machine-readable mediums are disclosed for charging via policy enforcement. In one embodiment, the method comprises receiving a communication associated with a billable resource and invoking a charging policy to be applied to the communication. The charging policy includes a logical combination of one or more conditions to ... 05/25/06 - 20060112416 - Device management apparatus, device, and device management method A device management apparatus includes a device configuration information holding unit, a subscriber information holding unit, a security policy holding unit, a module state holding unit, and a device diagnosis unit. The security policy holding unit holds a security policy set based on the configuration based on the configuration information ... 05/18/06 - 20060107306 - Tuning product policy using observed evidence of customer behavior A computer adapted for pay-as-you go or other metered use has a policy for determined what measurements to take to detect fraud as well as steps to take when fraud is found. To optimize between good performance and sufficient tests to reduce the risk of fraud, a policy is developed ... 05/18/06 - 20060107305 - Reactive system safety verification device, method, program, and recording medium containing the program A safety verification device of a reactive system, in which a set of axioms consists only of a commutative law and an associative law, comprises a translation unit (8) which generates, under said set of axioms, a first equational tree automaton which accepts a set of terms; a simulation unit ... 05/04/06 - 20060095953 - Method and system for policy based authentication A mobile device capable of performing a plurality of functions. The mobile device includes a memory for storing a plurality of different security policies; an input device for invoking a function from the plurality of functions by a user; a processor for assigning a first security policy from the stored ... 04/27/06 - 20060090193 - Security architecture and mechanism to access and use security components in operating system A security architecture is provided for accessing security components associated with an operating system. The security architecture is generally comprised of: a policy tree storing a plurality of security policies, where each security policy is define as at least one system call which correlates to a security operation and a ... 04/27/06 - 20060090192 - Method and system for ensuring that computer programs are trustworthy Described is a system and method by which an application program is evaluated for trustworthiness based on the permissions and/or privileges it requests relative to a program category. The program describes the permissions needed to operate, and identifies itself as belonging to a particular category. Security components compare the requested ... 04/20/06 - 20060085838 - Method and system for merging security policies A method and system for combining and enforcing security policies is provided. The security system is provided with security policies that have process set criteria and associated rules. The security system combines the security policies by generating a rule list of the security policies and associated process set criteria. The ... 04/20/06 - 20060085837 - Method and system for managing security policies for databases in a distributed system One embodiment of the present invention provides a system that facilitates managing security policies for databases in a distributed system. During operation, the system creates multiple label security policies. The system stores these security policies in a directory and automatically propagates them from the directory to each database within the ... 04/20/06 - 20060085836 - System and method for visually rendering resource policy usage information A system and method for visually rendering resource policy usage information are provided. The system and method make use of policy performance data and relative weighting values of policies to generate, for each system resource, a graphical representation of the system resource with regard to the affect of policies on ... 04/06/06 - 20060075467 - Systems and methods for enhanced network access Systems and methods for enhanced network access are described. One aspect of one described embodiment includes receiving a request to connect to a network, the request associated with a user, determining a policy associated with the user, identifying at least one available network connection, determining at least one property of ... 04/06/06 - 20060075466 - Visual summary of a web service policy document Example embodiments provide for a rule-based wizard type tool for generating secure policy documents. Wizard pages present a user with general Web Service security options or questions at a user interface, which abstracts the user from any specific code, e.g., XML code, used for creating a Web Service policy document. ... 04/06/06 - 20060075465 - Rule-driven specification of web service policy Example embodiments provide for a rule-based wizard type tool for generating secure policy documents. Wizard pages present a user with general Web Service security options or questions at a user interface, which abstracts the user from any specific code, e.g., XML code, used for creating a Web Service policy document. ... 04/06/06 - 20060075464 - Access authorization api A facility for setting and revoking policies is provided. The facility receives a request from a controlling process a request to set a policy on a controlled process, and determines whether the controlling process has privilege to set the policy on the controlled process. If the facility determines that the ... 04/06/06 - 20060075463 - Method and apparatus for providing policy-based document control A method and apparatus for providing policy-based document control includes a client node, a collection agent, a policy engine, and a transformation server. The client node requests access to a resource. The collection agent gathers information about the client node. The policy engine receives the gathered information and makes an ... 04/06/06 - 20060075462 - Access authorization having embedded policies A facility for receiving an embedded policy is provided. The facility checks an application program image for the presence of an embedded policy. If an embedded policy is detected, the facility extracts the policy from within the application program image. The facility may then apply the extracted policy to the ... 04/06/06 - 20060075461 - Access authorization having a centralized policy A facility for performing an access control check is provided. The facility receives a request to perform an access control check to determine whether authorization exists to access a resource. The access control check is performed against the identity of a principal, a policy that applies to the principal, and ... 04/06/06 - 20060075460 - Output information management system There are provided an output information management system and a method therefor that prevent an output device, which outputs information onto media from being used by an unauthorized third party and allow efficient investigation of an unauthorized activity by an authorized user. A server which constitutes the output information management ... 03/30/06 - 20060070112 - Filtering a permission set using permission requests associated with a code assembly A security policy manager generates a permission grant set for a code assembly received from a resource location. The policy manager can execute in a computer system (e.g., a Web client) in combination with the verification module and class loader of the run-time environment. The permission grant set generated for ... 03/23/06 - 20060064737 - Security deployment system To address security that can arise in information systems, the present invention uses novel methods and/or systems to enhance security in information systems, using a new way to deploy selected security policies. Instead of trying to modify a whole binary file all at once to add in code to implement ... 03/23/06 - 20060064736 - Apparatus, system, and method for asymmetric security An apparatus, system, and method are disclosed for asymmetric security in data communications between two or more nodes. Asymmetric security within data communications refers to sending and receiving messages at different security levels. The apparatus includes a receiving module, a transmission module, and a communication module. The receiving module receives ... 03/16/06 - 20060059539 - Centralized enterprise security policy framework A centralized enterprise security and provisioning policy framework is described. Enterprise wide security and provisioning is stored in a hierarchical fashion in a centralized LDAP based Directory server. Each policy and user maps directly to a unique entry in the directory. Policy entries can be created at specific administrative points ... 03/16/06 - 20060059538 - Security system for wireless networks A security procedure for invoking IPsec security for communication of a packet in a network includes the steps of generating a message to be sent at the transport layer, building Internet Protocol and Transport Control Protocol headers for the message, selecting a security policy in accordance with a security policy ... 03/16/06 - 20060059537 - System and method for creating a security application for programmable cryptography module A system and method of the present invention creates a security application for a programmable cryptography module, which includes a security policy software module and mirror security policy data structures. A processor determines a security policy for an implementation specific application as a set of rules governing cryptographic security policy ... 03/09/06 - 20060053479 - Accessing a data item in a memory of a computer system A method for protecting sensitive data items which must be accessed data item in a memory of a computer system. A data hiding policy is defined. The policy includes one or more policy entries, each policy entry corresponding to an attribute of a data item and each policy entry indicating ... 03/09/06 - 20060053478 - System, method and computer program product for control of a service request Disclosed is a data processing system, a data processing system implemented method and an article of manufacture for controlling, based on a policy, a service request containing an action to be executed on a product to be serviced. The data processing system includes a service module for receiving the service ... 03/09/06 - 20060053477 - Methods, systems, and computer program products for event decomposition using rule-based directives and computed keys Methods, systems, and computer program products for generating a common event format representation of information from a plurality of messages include parsing a rule associated with a current message to determine if a property of a common event format representation for the current message is to be populated with a ... 03/09/06 - 20060053476 - Data structure for policy-based remediation selection A machine-actionable memory may include: one or more machine-actionable records arranged according to a data structure, the data structure including links that respectively map between at least one R_ID field, the contents of which denote an identification (ID) of a remediation (R_ID); and at least one POL_ID field, the contents ... 03/09/06 - 20060053475 - Policy-based selection of remediation A method, of automatically determining one or more remediations for a device that includes a processor, may include: receiving values of a plurality of parameters which collectively characterize an operational state of the device, there being at least one policy associated with at least a given one of the plurality ... 03/02/06 - 20060048210 - System and method for policy enforcement in structured electronic messages The present invention is directed a validation service, for example a digital certificate validation service (CVS), that facilitates the application of user-defined policies to structured electronic messages, for example E-mails, and the implementation of corresponding business rules based on user, system, device or electronic message attributes. The present invention provides ... 03/02/06 - 20060048209 - Method and system for customizing a security policy An intrusion detection system for customizing a security policy that detects an attempt to exploit a vulnerability is provided. A security policy contains criteria and a procedure. The criteria specify attributes of a security event that may be an exploitation, and the procedure specifies instructions to be performed that indicate ... 02/23/06 - 20060041929 - Virtual distributed security system A distributed security system is provided. The distributed security system uses a security policy that is written in a policy language that is transport and security protocol independent as well as independent of cryptographic technologies. This security policy can be expressed using the language to create different security components allowing ... 02/23/06 - 20060041928 - Policy rule management support method and policy rule management support apparatus A policy management apparatus 1 comprises a processing unit and a policy rule table 151 that stores at least one policy rule for each component of a computer system. For each component of the computer system, the processing unit performs a receiving step, in which a notification of a configuration ... 02/09/06 - 20060031923 - Access control list attaching system, original content creator terminal, policy server, original content data management server, program and computer readable information recording medium An access control list attaching system in which an original content creator terminal for creating original content data, a policy server producing a security policy file concerning the original content data and holding it in a storage part and a right management server managing a right concerning the original content ... 02/09/06 - 20060031922 - Ipsec communication method, communication control apparatus, and network camera When a packet arrives from a communication terminal apparatus, i.e., a communicating terminal with which the IPsec communication is performed, a source IP address is recognized from an IP header of the packet and a security policy is registered in an SPD. At the same time, an encoding parameter for ... 02/09/06 - 20060031921 - System and method for affecting the behavior of a network device in a cable network A subscriber access control system (SACS) configures a network device connected to cable network to affect the behavior of that device. The SACS comprises a rules engine and a datastore that stores the current state of subscribers known to the SACS and historical request information. When the SACS receives a ... 02/02/06 - 20060026667 - Generic declarative authorization scheme for java A method, system, and program storage device for establishing security and authorization policies for users accessing a software application, wherein the method comprises generating at least one application object group from an application object description document comprising an XML format run on a data processor; creating an authorization policy for ... 01/26/06 - 20060021003 - Biometric authentication system A full-featured authentication framework is provided that allows for the dynamic selection of authentication modalities based on need and/or environment. The framework comprises a server responsible for handling requests for data and services from the other components, a logon module, a user administration tool and a system administration tool. The ... 01/26/06 - 20060021002 - Framework for a security system A framework for a security system is described. The framework may be used to track which security engines are available to enforce security policies. A security engine is a software resource that enforces security policies designed to help ensure that a vulnerability of an application or operating system cannot be ... 01/26/06 - 20060021001 - Method and apparatus for implementing security policies in a network A secured network is disclosed configured to carry data, comprising a plurality of network bubbles and a plurality of network control points, wherein each network bubble comprises one or more bubble partitions and each bubble partition comprises at least one networked device configured to transmit and receive data, and all ... 01/26/06 - 20060021000 - Automated system management process A method and apparatus for an automated system management process are described. According to an embodiment of the invention, a method comprises receiving data regarding operation of a network; automatically generating network policies based at least in part on the data regarding operation of the network using automation intelligence; applying ... 01/12/06 - 20060010483 - Inherited role-based access control system, method and program product Under the present invention, role types are defined by association with certain permissible actions. Once defined in this manner, a role type can then be bound to “nodes” of a hierarchical tree that represent computer-based resources such as dynamic object spaces. Once bound to a node, instances of this role ... 01/05/06 - 20060005230 - Manifest-based trusted agent management in a trusted operating system environment Manifest-based trusted agent management in a trusted operating system environment includes receiving a request to execute a process is received and setting up a virtual memory space for the process. Additionally, a manifest corresponding to the process is accessed, and which of a plurality of binaries can be executed in ... 01/05/06 - 20060005229 - Method of enforcing a policy on a computer network A policy server program evaluates one or more policy statements based on the group or groups to which a user belongs as well as other conditions. Each policy statement expresses an implementation of the access policy of the network, and is associated with a profile. The profile contains one or ... 01/05/06 - 20060005228 - Behavior model generator system for facilitating confirmation of intention of security policy creator A policy normalizing means normalizes an entered security policy. Specifically, if the security policy does not include necessary items, the policy normalizing means compensates the security policy for the missing items by predefined values so that the security policy includes the necessary items. An behavior model generating means generates an ... 01/05/06 - 20060005227 - Languages for expressing security policies Languages for expressing security policies are provided. The languages comprise rules that specify conditions and actions. The rules may be enforced by a security engine when a security enforcement event occurs. The languages support data separation, dynamic evaluation, and ordered rule scope. By separating data from logic, security engines may ... 12/22/05 - 20050283824 - Security policy generation The invention provides security policy generation methods and devices for generating a security policy that is set up for an information processing apparatus comprises a step of generating an application model having a transmitter and a receiver of a message decided, for each of a plurality of messages that are ... 12/22/05 - 20050283823 - Method and apparatus for security policy management A security policy management system for deriving a security policy from setting details of security devices as components of an information system includes a setting information storage unit for storing setting information representing settings with regard to security functions of devices included in a network system to be managed, and ... 12/22/05 - 20050283822 - System and method for policy-enabling electronic utilities A system, apparatus and method for integrating policy-based technologies, including SLA management technologies, into an electronic utility (eUtility) infrastructure that supports automated provisioning of On Demand Service Environments (ODSEs) are provided. ODSEs embody the applications and computing resource services a subscribing customer requests. The system, apparatus and method augment the ... 12/22/05 - 20050283821 - Method and system for providing fault tolerant physical security A security device outputs a message to a first controller device for providing physical security, and in response to the first controller device faulting, the security device outputs the message to a second controller device for providing physical security. ... 12/08/05 - 20050273842 - Protection of privacy data A method is provided for separating people from direct access to personally identifiable information. The method involves use of a rules-based section which selectively blocks access to personally identifiable information where the access fails to comply with specified rules, and which selectively permits access to personally identifiable information where the ... 12/08/05 - 20050273841 - System and methodology for protecting new computers by applying a preconfigured security update policy A system and methodology for protecting new computers by applying a preconfigured security update policy is described. In one embodiment, for example, a method is described for controlling connections to a computer upon its initial deployment, the method comprises steps of: upon initial deployment of the computer, applying a preconfigured ... 12/01/05 - 20050268327 - Enhanced electronic mail security system and method For purposes of patent searching the following description involves an enhanced system that has an e-mail client, policy module, a clear signer and a steganographer. A removable device includes a public key, a private key, and a policy portion. The policy module requires the policy portion for operation such as ... 12/01/05 - 20050268326 - Checking the security of web services configurations Systems and methods for checking security goals of a distributed system are described. In one aspect, detailed security policies are converted into a model. The detailed security policies are enforced during exchange of messages between one or more endpoints. The one or more endpoints host respective principals networked in a ... 12/01/05 - 20050268325 - Method and system for integrating policies across systems The disclosed embodiments relate to a system and method of applying policies. The method may include identifying a first entity and a first relationship, the first relationship defining an attribute related to the first entity. Additionally, the method may include identifying a policy associated with the first entity and the ... 11/24/05 - 20050262549 - Method and system for authorizing user interfaces A method to generate a role-based user interface to be presented to a user includes processing a security-relevant portion of user interface code associated with an application, determining a permission by processing application role information pertaining to the user and security policy information, wherein the security policy information is distinct ... 11/17/05 - 20050257246 - System and method for configuring devices for secure operations Systems and methods for establishing a security-related mode of operation for computing devices. A policy data store contains security mode configuration data related to the computing devices. Security mode configuration data is used in establishing a security related mode of operation for the computing devices. ... 11/17/05 - 20050257245 - Distributed security system with dynamic roles A system and method for distributed enterprise security, comprising, a security control module (SCM) operable to accept information, wherein the information includes one or more policies, at least one security service module (SSM) operable to accept the information from the SCM, a role mapping module coupled to the at least ... 11/17/05 - 20050257244 - Method and apparatus for role-based security policy management A method and corresponding tool are described for security policy management in a network comprising a plurality of hosts and at least one configurable policy enforcement point. The method, comprises creating one or more policy templates representing classes of usage control models within the network that are enforceable by configuration ... 11/17/05 - 20050257243 - Method and system for enforcing a security policy via a security virtual machine A method and system for enforcing a security policy encoded in an instruction set of a security virtual machine is provided. A security system provides a security virtual machine that executes security programs expressed in the instruction set of the security virtual machine. The security system stores the security program ... 11/10/05 - 20050251853 - Automatically generating security policies for web services Systems and methods for automatically generating security policy for a web service are described. In one aspect, one or more links between one or more endpoints are described with an abstract link description. The abstract link description describes, for each link of the one or more links, one or more ... 11/10/05 - 20050251852 - Distributed enterprise security system A system and method for a distributed enterprise security, comprising, a first process capable of providing a second set of information derived from a first set of information, wherein the first set of information includes one or more of: a policy and configuration information, a security control module (SCM) capable ... 11/10/05 - 20050251851 - Configuration of a distributed security system A system and method for distributing security information, comprising, a remote interface capable of accepting the information from a distributor wherein the information includes at least one of: policy information and configuration information, a local interface capable of providing the information to at least one services layer, wherein the at ... 11/10/05 - 20050251850 - System and method for providing rea model based security A method of providing Resource-Event-Agent (REA) model based security includes identifying an association between a first object and a second object, where the first object is the Agent type and the second object is any REA object. Then, an association class is created for the association between the first object ... 11/03/05 - 20050246761 - System and method for local machine zone lockdown with relation to a network browser A method and system for locking down a local machine zone associated with a network browser is provided. Placing the local machine zone in a lockdown mode provides stricter security settings that are applied to active content attempting to publish within a local page open in the network browser. The ... 11/03/05 - 20050246760 - Verifying measurable aspects associated with a module The present invention extends to validating measurable aspects of computing system. A provider causes a challenge to be issued to the requester, the challenge requesting proof that the requester is appropriately configured to access the resource. The requester accesses information that indicates how the requester is to prove an appropriate ... 10/27/05 - 20050240987 - Password generation and verification system and method therefor A system and method for facilitating password control and maintenance is provided. A system 10 is provided where a plurality of categories are set so that a single piece or multiple pieces of information that are familiar to the user can be set as a password element(s) for each category. ... 10/27/05 - 20050240986 - Method and apparatus for configuration management of computer system A management computer collects, from a storage subsystem via a management network, path definition information including the contents of a security setting made to a path accessible to a volume in the storage subsystem, and when the volume in the storage subsystem is an original volume having a replica volume, ... 10/27/05 - 20050240985 - Policy engine and methods and systems for protecting data The described embodiments relate to data security. One exemplary system includes a first component associated with data on which an action can be performed and a second component configured to perform the action on the data. The system also includes a third component configured to ascertain the action and determine, ... 10/27/05 - 20050240984 - Code assist for non-free-form programming A code- or content-assist for various programming languages respects the boundaries of the data field in which the data is the be entered. Depending upon whether the data must be aligned within the column, as required by the programming language or by the spreadsheet or database, the content-assist widget and ... 10/27/05 - 20050240983 - Adjusting depiction of user interface based upon state Embodiments of the present invention provide adjustments of the depiction of a user interface upon a computing environment's change in state. ... 10/13/05 - 20050229237 - Systems and methods for passing network traffic content A method for transmitting content data includes receiving content data, and passing at least a portion of the content data based on a size of the received content data. A method for transmitting content data includes receiving content data, and passing at least a portion of the content data based ... 10/13/05 - 20050229236 - Method for delegated adminstration A system and method for providing a containment model of role capabilities wherein a parent role can obtain the capabilities of its child role(s). ... 09/01/05 - 20050193427 - Secure enterprise network What is proposed is a method of implementing a security system (Packet Sentry) addressing the internal security problem of enterprises having a generalized approach for inferential determination and enforcement of network policy with directory service based group correlation with transparent authentication of the connected customer and the policy enforcement inside ... 08/25/05 - 20050188419 - Method and system for dynamic system protection A method and system for dynamically protecting against exploitation of a vulnerability is provided. The dynamic protection system identifies the security level of an instance of an application that is to execute on a computer system. If the security level of the instance of the application is not appropriate, the ... 07/28/05 - 20050166259 - Information security awareness system A computer system for providing security awareness in an organization, comprises: a memory means, an input device, constituted by a hard disk or Random Access Memory device, a central processo unit connected to the memory means, an input device, constituted by a mouse or keyboard device, and an output device, ... ### FreshPatents.com Support - Terms & Conditions |