摘要:
A method, system and program product are presented for enabling a session, as defined by a series of related transactions to perform a unit of work, to be created between a client and a particular server where the server is managed by a dispatcher. Modifications to the Uniform Resource Locator (URL) are used to create a method of transferring information form the client to the server. The server implements a server-side storage area (cookie jar) to temporarily store information about the client and the session so that the client is routed to the same server for successive messages in the same session and no reliance is made upon an ability by the client to store or return cookies.
摘要:
A method, system and program product are presented for enabling a session, as defined by a series of related transactions to perform a unit of work, to be created between a client and a particular server where the server is managed by a dispatcher. Modifications to the Uniform Resource Locator (URL) are used to create a method of transferring information form the client to the server. The server implements a server-side storage area (cookie jar) to temporarily store information about the client and the session so that the client is routed to the same server for successive messages in the same session and no reliance is made upon an ability by the client to store or return cookies.
摘要:
A method and system for providing targeted advertising in public places and carriers such as trains, buses, train stations, shopping malls, airports, etc. The demographics, purchasing history and/or personal preferences of individuals in the public place are collected from personal digital assistants (PDAs) or other wireless communication devices carried by the individuals in the public place or public carrier. The collected data pertaining to a group of individuals who are present near the display device, is processed and used to select appropriate advertisements that would most likely interest that group of individuals. The selected advertisements are displayed on the display device located in the public place or public carrier so as to provide targeted advertising to the group of individuals.
摘要:
Methods, systems, computer program products, and methods of doing business by improving quality of service (“QoS”) in network exchanges comprising a plurality of related request and response messages. A TQoS (“transactional QoS”) cookie is defined, which is used to store information needed when controlling response time (and perhaps other QoS factors as well) for messages exchanged with a particular client. In preferred embodiments, this QoS information comprises a relative priority for these related messages and an available bandwidth for transmitting messages to the client. The disclosed techniques enable applying consistent QoS requirements for delivery of all the related Web objects comprising a transaction. No changes are required on client devices or in client software, and there is no dependency on a client to support cookies.
摘要:
A method, system, and computer program product for selectively encrypting one or more elements of a document using style sheet processing. Disclosed is a policy-driven augmented style sheet processor (e.g. an Extensible Stylesheet Language, or “XSL”, processor) that creates a selectively-encrypted document (e.g. an Extensible Markup Language, or “XML”, document) carrying key-distribution material, such that by using an augmented document processor (e.g. an augmented XML processing engine), an agent can recover only the information elements for which it is authorized. The Document Type Definition (DTD) or schema associated with a document is modified, such that the DTD or schema specifies a reference to stored security policy to be applied to document elements. Each document element may specify a different security policy, such that the different elements of a single document can be encrypted differently (and, some elements may remain unencrypted). The key distribution material enables a document to be encrypted for decryption by an audience that is unknown at the time of document creation, and enables access to the distinct elements of a single encrypted document to be controlled for multiple users and/or groups of users. In this manner, group collaboration is improved by giving more people easier access to information for which they are authorized, while protecting sensitive data from unauthorized agents. A key recovery technique is also defined, whereby the entire document can be decrypted by an authorized agent regardless of how the different elements were originally encrypted and the access protections which were applied to those elements.
摘要:
A method and an apparatus in a data processing system detects the presence of sensitive data and renders this data in a secured manner. The data processing system may be any device with information presentation capability which can receive data from a network. Detecting a need for secured rendering may include recognition that the data was encrypted, tags in the data indicating a level of secured rendering, or various forms of pre-arrangement between the sender and the recipient. Ways to determine if the recipient is in a secured environment include detection of conversations in the environment, video images showing people in the environment, analysis of infrared signals, determining the location of the data processing system using GPS or similar means, or interaction with an authenticated user. The means for rendering may be specified in the data, may be determined by the recipient, may be determined by pre-agreement between the sender and recipient, or may be based on the capability of the data processing system. Secured rendering means include, but are not limited to, display of data in a visual format that requires a special lens for detection, speaking the data into a speaker device in an ear canal of the recipient, or use of a special coded format known only to the recipient.
摘要:
A method, system and program product are presented for enabling a session, as defined by a series of related transactions to perform a unit of work, to be created between a client and a particular server where the server is managed by a dispatcher. Modifications to the Uniform Resource Locator (URL) are used to create a method of transferring information form the client to the server. The server implements a server-side storage area (cookie jar) to temporarily store information about the client and the session so that the client is routed to the same server for successive messages in the same session and no reliance is made upon an ability by the client to store or return cookies.
摘要:
The present invention provides an apparatus and method for accessing request header information used to transcode servlet output. The apparatus and method of the present invention includes a preamble that stores request header information from a request sent by a client device. The request header information is then provided to the transcoder along with the generated content data. The transcoder then performs appropriate transcoding on the generated content data based on the request header information supplied by the preamble. The transcoded content data is then sent to the client device. In this way, the client device is able to obtain content from a much larger set of content sources than with conventional systems.
摘要:
A method, system, computer program product, and method of doing business by providing a secure integrated device (such as a pervasive computing device) for which operating capabilities can be dynamically yet securely selected (including, but not limited to, pluggable connection of input/output devices and/or application processors that provide selected functions). Each input/output (I/O) device and application processor to be used is plugged in to a bus of a security core, and authenticates itself to the security core using public key infrastructure techniques, thereby creating a secure multi-function device. All of the multi-function device's input and output interactions with its environment necessarily traverse an I/O bus under the sole control of the security core. The only communication path between an application processor and the external environment (such as an I/O device) is through an application processor bus, which is likewise under control of the security core. Thus a user may dynamically yet securely select the capabilities of a multi-function device, and because each I/O device and application processor in use by that multi-function device is authenticated, the security of transactions or network services performed when using such devices is improved.
摘要:
A method, system, and computer program product for selectively encrypting one or more elements of a document using style sheet processing. Disclosed is a policy-driven augmented style sheet processor (e.g. an Extensible Stylesheet Language, or “XSL”, processor) that creates a selectively-encrypted document (e.g. an Extensible Markup Language, or “XML”, document) carrying key-distribution material, such that by using an augmented document processor (e.g. an augmented XML processing engine), an agent can recover only the information elements for which it is authorized. The Document Type Definition (DTD) or schema associated with a document is modified, such that the DTD or schema specifies a reference to stored security policy to be applied to document elements. Each document element may specify a different security policy, such that the different elements of a single document can be encrypted differently (and, some elements may remain unencrypted). The key distribution material enables a document to be encrypted for decryption by an audience that is unknown at the time of document creation, and enables access to the distinct elements of a single encrypted document to be controlled for multiple users and/or groups of users. In this manner, group collaboration is improved by giving more people easier access to information for which they are authorized, while protecting sensitive data from unauthorized agents. A key recovery technique is also defined, whereby the entire document can be decrypted by an authorized agent regardless of how the different elements were originally encrypted and the access protections which were applied to those elements.