公开(公告)号：US20180107501A1

公开(公告)日：2018-04-19

申请号：US15825865

申请日：2017-11-29

Applicant: International Business Machines Corporation

Inventor： Issac Jacob Roth ,  Albert K. Tsang ,  Zhaohui Feng ,  Ritchie Tyler Martori ,  Miroslav Bajtos

IPC: G06F9/455 ,  G06F9/54 ,  H04L29/08 ,  H04L29/06 ,  G06F21/62 ,  G06F9/46 ,  G06F21/33

CPC classification number: G06F9/45529 ,  G06F8/315 ,  G06F9/466 ,  G06F9/54 ,  G06F9/541 ,  G06F9/547 ,  G06F21/335 ,  G06F21/6218 ,  G06F21/6236 ,  G06F2221/2141 ,  H04L63/083 ,  H04L67/02 ,  H04L67/1097 ,  H04L67/42

Abstract: A method. A JavaScript (JS) object is instantiated. The instantiated JS object processes application programming interface (API) requests received from mobile devices. The instantiation of the JS object is based on a JS model including (1) a JS file that stores a description of a behavior of the JS object and (2) a JS object notation (JSON) file that stores a description of properties of the JS object. The JSON file includes at least one validation rule to reject a data tuple unless the data tuple meets a required constraint specified in the validation rule. A data abstracter is an interface between the JS object and a set of data storages from which the JS object retrieves data while processing at least two of the API requests. The data abstractor is connected with the set of data storages by implementing a data exchange logic for the set of data storages.

公开(公告)号：US09875121B2

公开(公告)日：2018-01-23

申请号：US14490644

申请日：2014-09-18

Applicant: International Business Machines Corporation

Inventor： Issac Jacob Roth ,  Albert K. Tsang ,  Zhaohui Feng ,  Ritchie Tyler Martori ,  Miroslav Bajto{hacek over (s)}

IPC: G06F15/16 ,  G06F9/455 ,  H04L29/08 ,  G06F21/62 ,  G06F9/54 ,  G06F9/46 ,  H04L29/06 ,  G06F21/33

CPC classification number: G06F9/45529 ,  G06F8/315 ,  G06F9/466 ,  G06F9/54 ,  G06F9/541 ,  G06F9/547 ,  G06F21/335 ,  G06F21/6218 ,  G06F21/6236 ,  G06F2221/2141 ,  H04L63/083 ,  H04L67/02 ,  H04L67/1097 ,  H04L67/42

Abstract: Some embodiments of the invention provide a novel server for processing application programming interface (API) requests. In some embodiments, the API server is written in JavaScript. For example, in some embodiments, the API-accessible objects of this server are each defined in terms of a JavaScript file and a JSON (JavaScript Object Notation) file. At runtime, a runtime processor instantiates each JavaScript object from its associated JavaScript and JSON files. Once instantiated, the JavaScript object can be used to process API requests that refer to the JavaScript object. Some embodiments use novel JSON file structures that allow these embodiments to define rich JavaScript models.

公开(公告)号：US09864869B2

公开(公告)日：2018-01-09

申请号：US14529729

申请日：2014-10-31

Applicant: CANON KABUSHIKI KAISHA

Inventor： Toshiyuki Noguchi

IPC: G06F21/62 ,  H04L29/06 ,  H04L29/08

CPC classification number: G06F21/62 ,  G06F21/6218 ,  G06F21/6236 ,  G06F21/6245 ,  H04L63/10 ,  H04L67/02

Abstract: A system in which a communication apparatus and first and second information processing apparatuses are communicably connected, comprises a comparison unit which compares a first disclosure range set in the first information processing apparatus with a second disclosure range set in the second information processing apparatus, and a notification unit which sends a notification to the communication apparatus. The information processing apparatuses distributes the content to a third-party terminal included in a disclosure range decided based on the result of the comparison.

公开(公告)号：US09825932B2

公开(公告)日：2017-11-21

申请号：US14648139

申请日：2013-01-09

Applicant: Qatar Foundation

Inventor： Simon Ponsford ,  Simon Guerrero ,  William Yip ,  Gokop Goteng

IPC: G06F21/62 ,  H04L29/06

CPC classification number: H04L63/0807 ,  G06F21/6218 ,  G06F21/6227 ,  G06F21/6236 ,  G06F2221/2107 ,  H04L63/045 ,  H04L63/061 ,  H04L63/083

Abstract: A system for and method of storing data comprising: encoding a file into a plurality of fragments; retrieving storage configuration data from a data management store including data associated with a plurality of remote storage volumes, the storage configuration data comprising an indication of a predefined data transmission size corresponding to each remote storage volume; using the storage configuration data to identify a storage strategy associating each fragment with a remote storage volume, wherein using the storage configuration data includes using the indications of the pre defined data transmission sizes; packaging one or more fragments each associated with a common identified remote storage volume as identified by the storage strategy to form a data bundle; communicating the data bundle to the respective common identified remote storage volume associated with the fragments in the data bundle; and storing the fragments at that identified remote storage volume.

公开(公告)号：US20170323117A1

公开(公告)日：2017-11-09

申请号：US15661641

申请日：2017-07-27

Applicant: Oracle International Corporation

Inventor： Jeffrey Pleau ,  Naresh Revanuru

IPC: G06F21/62 ,  H04L29/06

CPC classification number: G06F21/6236 ,  H04L63/0884 ,  H04L63/104

Abstract: Techniques are disclosed for enabling tenant hierarchy information to be migrated directly between different multi-tenant system (e.g., from a shared IDM system to a Nimbula system, or vice versa). A corresponding new tenant is created in a Nimbula system based on a combination of the tenant information and the service information from the shared IDM system. The Nimbula system extracts the tenant name and the service name from a request and asks the shared IDM system to verify that the user actually is a member of the tenant identified by the extracted tenant name. Upon successful authentication of the user, the Nimbula system requests the IDM system for roles that are associated with both the user and the extracted service name. The Nimbula system enable access to the service upon determining whether the requested operation can be performed relative to the specified service based on the roles.

公开(公告)号：US09805204B1

公开(公告)日：2017-10-31

申请号：US14834474

申请日：2015-08-25

Applicant: Symantec Corporation

Inventor： Carey S. Nachenberg

IPC: H04L29/06 ,  G06F17/30 ,  G06F21/60 ,  G06F7/04 ,  H04N7/16

CPC classification number: G06F17/30864 ,  G06F17/30109 ,  G06F21/6236

Abstract: The disclosed computer-implemented method for determining that files found on client devices comprise sensitive information may include (1) maintaining, on a server, a set of representations of files that have been classified as sensitive according to a data loss prevention policy, (2) receiving, from a client device, a message that includes a representation of a file on the client device, (3) determining that the representation of the file on the client device matches the representation of a sensitive file from the set of representations of files, (4) concluding, based on the representation of the file on the client device matching the representation of the sensitive file, that the file on the client device includes sensitive information, and (5) performing a security action in response to concluding that the file on the client device includes the sensitive information. Various other methods, systems, and computer-readable media are also disclosed.

公开(公告)号：US09779264B2

公开(公告)日：2017-10-03

申请号：US14733819

申请日：2015-06-08

Applicant: TmaxData Co., Ltd

Inventor： Jeong Il Yoon ,  Sang Young Park

IPC: G06F21/00 ,  G06F21/62

CPC classification number: G06F21/6227 ,  G06F21/6218 ,  G06F21/6236 ,  G06F21/6245

Abstract: Disclosed is a program for security management in a database, which is stored in a computer readable medium to allow a computer to perform steps including: reading one or more data encrypted at a column level from a persistent storage medium or a memory; decrypting one or more data encrypted at the column level to generate one or more decrypted data; generating an index table based on the one or more generated decrypted data; and performing an operation of encrypting the generated index table at a block level.

公开(公告)号：US20170279812A1

公开(公告)日：2017-09-28

申请号：US15078187

申请日：2016-03-23

Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATION

Inventor： Matthew G. Borlick ,  Lokesh M. Gupta ,  Micah Robison

IPC: H04L29/06 ,  G06F21/62

CPC classification number: H04L63/107 ,  G06F21/6218 ,  G06F21/6236 ,  G06F2221/2111 ,  G06F2221/2115 ,  H04L9/088 ,  H04L9/0894 ,  H04L63/0428 ,  H04L67/1097 ,  H04L67/18

Abstract: Provided are a method, a system, and a computer program product in which metadata associated with encrypted data is maintained in a cloud computing environment, wherein the metadata indicates whether reading of information in the encrypted data is restricted geographically. A controller provides a decryption code for decrypting the encrypted data to a cloud server located in a geographical location, based on whether the metadata indicates whether the reading of information in the encrypted data is restricted geographically.

公开(公告)号：US09769139B2

公开(公告)日：2017-09-19

申请号：US14771745

申请日：2014-09-10

Applicant: Oracle International Corporation

Inventor： Vladimir Yurievich Chizhov ,  Aleksei Vasilievich Mokeev ,  Kaj Van De Loo

IPC: H04L29/06 ,  H04L12/24 ,  G06F9/445 ,  H04W12/06 ,  G06F21/62 ,  H04L29/08 ,  H04W4/18

CPC classification number: H04L63/08 ,  G06F8/65 ,  G06F21/6236 ,  G06Q10/10 ,  H04L41/0226 ,  H04L63/02 ,  H04L63/0227 ,  H04L63/0281 ,  H04L63/029 ,  H04L63/0815 ,  H04L63/0853 ,  H04L63/0884 ,  H04L63/10 ,  H04L67/02 ,  H04L67/141 ,  H04L67/2823 ,  H04L67/34 ,  H04L69/08 ,  H04W4/18 ,  H04W12/06

Abstract: Systems, devices, and methods are disclosed for an agent device within a company's network firewall to initiate an HTTP connection with a cloud-based gateway and then upgrade the connection to a WebSockets protocol in order to have an interactive session. Over this interactive session, a mobile device, which connects to the cloud-based intermediary, can request data from servers inside the company's firewalls. Because the firewall is traversed using HTTP protocols (with WebSockets), it can be as safe as letting employees browse the web from inside the company's network.

公开(公告)号：US09760734B2

公开(公告)日：2017-09-12

申请号：US14752417

申请日：2015-06-26

Applicant: SAP SE

Inventor： Bernhard Drabant ,  Bernhard Drittler ,  Roland Lucius ,  Martin Schmid

IPC: G06F21/32 ,  G06F21/62

CPC classification number: G06F21/6236

Abstract: Embodiments manage user authorization to access multiple grouped software applications, via a catalog mechanism. Functionality of related software is divided into semantically meaningful catalogs, representing tasks or sub-processes within a business scenario. These catalogs represent a unit of functionality utilized to structure work and authorization. Functionality and authorizations are associated to system entry points, and assigned to catalogs bundling applications and services. Responsibilities may be defined statically or dynamically in terms of rule-based access restrictions to data structure (e.g., business object) instances. Catalogs may be assigned to business roles, and business roles assigned to users. Based on such assignments, corresponding authorizations are generated and linked to users at compile or deployment time. At run time, access decision and enforcement is granted based on these authorizations and restrictions. Decision and enforcement points are associated with the system entry points within software applications belonging to catalog(s).