摘要:
A subscriber to a service that monitors user behavior first registers with that service and selects a model of user behavior. The service then transmits that model to an agent, situated capable of monitoring user behavior and relating it to the model. After the monitoring interval the agent transmits data from the model to a server, where that data is summarized and reports created. These reports can then be sent to the subscriber in satisfaction of their needs for behavioral information.
摘要:
The present invention concerns methods and apparatus for implementing context-dependent security for files and other computer system resources. In particular, methods and apparatus of the present invention implement context-based permissions that are used in context-dependent file security. In examples of the present invention, the context-based permissions may allow access to a file only when an attempt to access the file is made at a certain time of day, or from an authorized computer system, or from a computer having a certain application program installed. In general terms, the context-based permissions may specify time, location and application information that either alone or in combination may be used to restrict access to a file.
摘要:
Methods and devices for securely providing personalities to reconfigurable hardware. Reconfigurable hardware is provided with one or more domains. At least one domain serves as a gatekeeper domain and another domain serves as a task domain. A service provider provides an authentication and security personality to the gatekeeper domain. The hardware is shipped to the user. A user then accesses the service provider via a network connection and downloads a task personality into the task domain, but only if the personality in the gatekeeper domain allows the download to take place. Once the task personality completes a task, the user may download another task personality into the task domain, if permitted by the personality loaded in the gatekeeper domain. The domains and personalities are managed and made available by the service provider.
摘要:
The present invention concerns methods and apparatus for controlling software patching activity in, for example, computer systems. Methods and apparatus of the present invention may implement a software shell and institute a patching policy to control patching activities. When implemented, the software shell acts as a barrier which permits patching of the underlying software only when the patching activity would be in accordance with the instituted patching policy. Various patching policies can be instituted in embodiments of the present invention. For example, patching may be done when convenient; or just before when the software requiring the patch is needed; or patching may be blocked to prevent unwanted software characteristics and/or behavior. In other circumstances, patching may be delayed until confidence has been established in a new patch so as to avoid disrupting a computer system that is already functioning in an acceptable manner. In still further circumstances, a particular software action may be blocked so as to avoid the necessity of having to patch software, particularly when the action may interrupt the orderly function of a computer system.
摘要:
The present invention concerns methods and apparatus for managing multiple virtual machines simultaneously operative in a computing environment. The methods and apparatus of the present invention provide an integrated work environment—for example, a desktop—which incorporates graphical and control elements from multiple virtual machines. In embodiments of the present invention, application programs and resources available in multiple virtual machines can be accessed from a single desktop. Methods and apparatus of the present invention provide visual cues for associating control elements and resources with particular virtual machines. In embodiments of the present invention, multiple virtual machines operative in a computing environment can comprise a plurality of collaborative virtual machines, or a private virtual machine and one or more collaborative virtual machines.
摘要:
A system accesses a log of events on more than one computing system and scans these logs in an effort to determine the likely cause of various items of interest, events, or problems. These items of interest often include improper or frustrating behavior of a computer system, but may also include delightful or beneficial behaviors for which a user, group of users, company, service, or help desk seeks a cause. Once the likely source of the item of interest is found, a test may be performed to confirm the source of the problem and warning or corrective action taken.
摘要:
A method of transferring an image of a system or disk to a computer dedicated to performing a resource-intensive task, such as virus scanning, disk defragmentation or similar service. Once the dedicated computer has performed the task, the resulting image is compared to the current image of the client system or disk to produce an updated image. The client system or disk is then updated with the updated image.
摘要:
The present invention provides techniques for protecting information in a computing device. For instance, a location of the computing device is detected. It is determined whether the location is an unauthorized location. Access to the information is restricted in response to the location being an unauthorized location. As another example, information in a computing device may be protected by detecting location of the computing device. It is determined whether the location is an unauthorized location. One or more decoy files are created in the information in response to the location being an unauthorized location.
摘要:
A computer system having at least one CPU has as its only interface with the Internet and other external sources a virtual machine that contains a browser and/or other communications programs, so that e-mail and other external communications are opened within the virtual machine and stored within a virtual storage. The virtual machine is erased at frequent intervals, taking with it any changes made by virus or other hostile programs.
摘要:
A virtual device hub, into which local devices are plugged, enables those devices to be virtualized locally and with a remote virtual machine. Those devices then appear as available to the remote application, and can be used, for example, to print a report being processed on the remote host to a printer located at the user's physical location. The user's virtual device hub is a small computer device with network capability that is able to access the remote virtual machine. When the user runs an application, the application is actually being run in the remote virtual machine.