摘要:
The present invention provides a method, apparatus, and computer instructions for warning of a presence of a person in a zone having an inadequate security clearance. Movement of the person in the zone is detected. A message is broadcast to selected data processing systems associated with the zone, wherein the data processing systems initiate actions to protect data in the selected data processing systems.
摘要:
A method and system for tracking a data processing system within a communications network are provided. According to one embodiment, a method is provided comprising receiving identity data from a data processing system via a communications network, where the data processing system comprises a security processing element associated with a secure storage element and the identity data specifies a portion of a security processing element endorsement key stored within the secure storage element. The described method embodiment further comprises identifying the data processing system utilizing the identity data and causing corresponding recovery data to be stored in response to an identification of the data processing system, where the recovery data comprises an associated network connection address.
摘要:
A method and system for controlling interrupt frequency by transferring processor load information to a peripheral adapter provides adaptive interrupt latency to improve performance in a processing system. A device driver obtains current processor load information from an operating system or directly from processor usage counters. The estimated processor load is then used to set a parameter in the adapter that controls the frequency of an interrupt generator, which may be controlled by setting an interrupt queue depth threshold, packet frequency threshold or interrupt hold-off time value. The result is that the relative frequency of interrupts is managed in conformity with the current processor load, provide reduced processing latency when the system is relatively idle, which avoids loading the processor with additional interrupt processing overhead when the processor is busy.
摘要:
A method, system, and program for mitigating self-propagating e-mail viruses are provided. A request to send an electronic mail message with a file attachment to intended recipients is received. A characteristic of the intended recipients are compared with a maximum recipient limit for the file attachment. If the characteristic of the intended recipients exceeds the maximum recipient limit for the file attachment, then a sender authorization is requested prior to sending the electronic mail message. The sender authorization is required such that if a virus is attempting to self-propagate by sending the electronic mail message, the attempt is mitigated.
摘要:
A balanced approach is provided for interrupt coalescing, wherein interrupts of locking and other small size packets are maximized, while large data segment interrupts are minimized. Thus, the most desirable interrupt characteristics of both large data segments and smaller packets are achieved. Usefully, a data processing system has an adapter connecting the system to a network to receive incoming packets of varying size, the incoming packets respectively carrying messages to interrupt the system processor. Each incoming packet is analyzed, to determine whether or not it meets one or more prespecified criteria, at least a first criterion being related to the size of the incoming packet. The processor is immediately interrupted in accordance with the interrupt message carried by the analyzed packet, if the packet meets all the prespecified criteria. If the analyzed packet does not meet all of the prespecified criteria, the processor is interrupted in accordance with a specified interrupt coalescing technique.
摘要:
A mechanism is provided for performing intrusion decision-making using a plurality of approaches. Detection approaches may include, for example, signature-based, anomaly-based, scan-based, and danger theory approaches. When event information is received, each approach produces a result. A consensus of each result is then reached by using, for example, Bayesian Filtering. A corpus is kept for each approach. An intrusion corpus keeps combinations of the corpora for all of the approaches that constitute intrusions. A safe corpus keeps combinations of the corpora for all of the approaches that do not constitute an intrusion. The corpora for the approaches may be pre-defined according to security policies and the like. The intrusion corpus and the safe corpus may be trained using scores that are determined using the detection approaches.
摘要:
Changing access permission based on usage of computer resources including maintaining records of a user's usage of computer resources in a security domain, the user having a scope of access permission for the computer resources; measuring the user's disuse of one or more of the computer resources in the security domain; and degrading the user's scope of access permission for the computer resources in dependence upon the user's disuse. Typical embodiments include receiving from a user a request for access to a requested computer resource, receiving from the user a request to upgrade the user's degraded scope of access permissions to grant access to the requested computer resource and upgrading, in dependence upon the user's request to upgrade the degraded scope of access permissions, the user's degraded scope of access permissions to grant access to the requested computer resource.
摘要:
A method, apparatus, and computer instructions for processing video data. Text in the subtitles in the multimedia program data is identified to generate a set of text. The set of text is analyzed to form an analysis. A video segment that should be altered based on the analysis is identified to form an identified video segment and this identified segment is altered. Additionally, color corrections may be performed to enhance the visibility of text in subtitles.
摘要:
A method and system for automatic address error recovery in an electronic mail system where electronic mail messages are transferred by identifying an address which includes a user name and a domain name which includes a top level domain suffix. In the event an electronic mail message destination cannot be determined, likely appropriate destinations are automatically determined by systematically determining common alternate spellings of the user name, likely alternate domain names or an alternate top level domain suffix. Alternately, a table of expired addresses and corresponding new addresses can be maintained and examined to determine a likely appropriate address. At least one likely appropriate address is presented to a sender and the electronic mail message is then transmitted to a destination by the sender.
摘要:
A method, system, and program provide for voice mail management. A voice mail filtering controller calculates a separate Bayesian score for each voice mail message from among multiple voice mail message entries received into a voice mailbox for a user, wherein each separate Bayesian score indicates a probability that the associated voice mail message is unwanted by said user. During playback, the voice mail filtering controller automatically deletes a selection of the voice mail messages each with a separate Bayesian score greater than a particular Bayesian score of the last played voice mail message from the voice mailbox.