METHODS AND SYSTEMS FOR ENABLING COMMUNITY-TESTED SECURITY FEATURES FOR LEGACY APPLICATIONS
Granted: May 22, 2014
Application Number:
20140143828
A computer-implemented method for enabling community-tested security features for legacy applications may include: 1) identifying a plurality of client systems, 2) identifying a legacy application on a client system within the plurality of client systems, 3) identifying a security-feature-enablement rule for the legacy application, 4) enabling at least one security feature for the legacy application by executing the security-feature-enablement rule, 5) determining the impact of the…
METHOD AND SYSTEM OF PERFORMING INCREMENTAL SQL SERVER DATABASE BACKUPS
Granted: May 15, 2014
Application Number:
20140136484
A system, method, and medium for performing incremental backups of a Microsoft SQL server database. A snapshot of the database is created, and then a map identifying the changed extents is retrieved from the snapshot. The changed extents are then retrieved from the snapshot and stored in a backup storage device. For a restore operation, a full database backup file is written to a storage device and then the changed extents from a stored incremental backup file may be merged with the full…
MALWARE DETECTION DRIVEN USER AUTHENTICATION AND TRANSACTION AUTHORIZATION
Granted: May 1, 2014
Application Number:
20140122343
Techniques are disclosed for detecting online fraud initiated by a host infected with a malicious software application that would otherwise remain undetected by many current fraud detection systems, e.g., for detecting man-in-the-browser Trojans. A fraud detection system operates in conjunction with an IPS system to identify online transactions that have a high probability of being fraudulent or initiated by a legitimate, but compromised host.
FORMAT FRIENDLY ENCRYPTION
Granted: April 24, 2014
Application Number:
20140115328
Techniques are disclosed for encrypting application data files using a format-friendly encryption process. A software agent may create an encrypted version of an application file using the same data file format of the unencrypted file. For example, when a user encrypts a word processing document, the software agent outputs a word processing document which includes an encrypted copy of the first word processing document. Application data files for other file formats may be encrypted in a…
PERFORMING CLIENT AUTHENTICATION USING CERTIFICATE STORE ON MOBILE DEVICE
Granted: April 17, 2014
Application Number:
20140108810
Techniques are disclosed for authenticating users to a computing application. A relying application transmits a login page to a user requesting access to the application. The login page may include a QR code (or other barcode) displayed to the user. The QR code may encode a nonce along with a URL address indicating where a response to the login challenge should be sent. In response, the user scans the barcode with an app on a mobile device (e.g., using a camera on a smart phone) to…
Locality Aware, Two-Level Fingerprint Caching
Granted: April 10, 2014
Application Number:
20140101113
The present disclosure provides for implementing a two-level fingerprint caching scheme for a client cache and a server cache. The client cache hit ratio can be improved by pre-populating the client cache with fingerprints that are relevant to the client. Relevant fingerprints include fingerprints used during a recent time period (e.g., fingerprints of segments that are included in the last full backup image and any following incremental backup images created for the client after the…
AUTOMATED SEPARATION OF CORPORATE AND PRIVATE DATA FOR BACKUP AND ARCHIVING
Granted: March 27, 2014
Application Number:
20140089279
A computing device categorizes data items as a corporate data items when a first criterion is satisfied and as personal data items when a second criterion is satisfied. The computing device provides identified corporate data items to a first backup system that stores the corporate data items to a corporate data store. The computing device further provides identified personal data items to a second backup system that stores the personal data items to a personal data store.
SYSTEMS AND METHODS FOR PERFORMING SELECTIVE DEEP PACKET INSPECTION
Granted: March 13, 2014
Application Number:
20140075554
A computer-implemented method for performing selective deep packet inspection may include 1) identify a traffic flow that includes a stream of data packets, 2) sample at least one packet from the stream of data packets, 3) analyze the sampled packet using a computing resource to determine whether the traffic flow is trustworthy, 4) determine that the traffic flow is trustworthy based on analyzing the sampled packet, and 5) divert the traffic flow to a hardware accelerator in response to…
TECHNIQUES FOR RECOVERING A VIRTUAL MACHINE
Granted: March 6, 2014
Application Number:
20140067763
Techniq ues for recovering a virtual machine are disclosed. In one particular embodiment, the techniques may be realized as a method for recovering a virtual machine comprising the steps of selecting a first backup copy of a virtual machine in a first data store, selecting a second data store; enabling use of the virtual machine by reading from the first data store and writing to the second data store, selecting a second backup copy of the virtual machine, and migrating the virtual…
SYSTEMS AND METHODS FOR DETECTING ILLEGITIMATE APPLICATIONS
Granted: March 6, 2014
Application Number:
20140068767
A computer-implemented method for detecting illegitimate applications may include 1) identifying an installation of an application on a computing system, 2) determining, in response to identifying the installation of the application, that at least one system file with privileged access on the computing system has changed prior to the installation of the application, 3) determining that the application is illegitimate based at least in part on a time of the installation of the application…
GLOBAL INDEXING WITHIN AN ENTERPRISE OBJECT STORE FILE SYSTEM
Granted: February 27, 2014
Application Number:
20140059005
A file system is disclosed that includes an application wide name space instantiated in a global index (Gindex) that is used for accessing objects related to an application. Using the Gindex, a method for cache coherency includes establishing one or more appliances, each defining a storage cluster; establishing one or more tenants spanning across appliances, wherein an application stores objects in file systems associated with the appliances and tenants; establishing a Gindex including…
SEQUENTIAL BLOCK ALLOCATION IN A MEMORY
Granted: December 26, 2013
Application Number:
20130346724
A region of memory is logically divided into a number of segments, each of which is logically divided into a number of blocks. Blocks are allocated sequentially. A head pointer and a tail pointer demarcate the section of allocated blocks. As allocated blocks are added, the tail pointer is moved so that it remains at the end of the section of allocated blocks. If the tail pointer is within a threshold distance of the head pointer, then the head pointer is moved from its current position…
TECHNIQUES FOR PROVIDING DYNAMIC ACCOUNT AND DEVICE MANAGEMENT
Granted: December 19, 2013
Application Number:
20130339517
Techniques for providing data in dynamic account and device management are disclosed. In one particular exemplary embodiment, the techniques may be realized as a system for providing data in dynamic account and device management. The system may comprise one or more processors communicatively coupled to a network. The one or more processors may be configured to identify a user device to be managed. The one or more processors may be configured to transmit a request for delegate authority…
SYSTEMS AND METHODS FOR IMPLEMENTING MULTI-FACTOR AUTHENTICATION
Granted: December 12, 2013
Application Number:
20130333003
A computer-implemented method for implementing multi-factor authentication may include 1) receiving, as part of a secondary authentication system, an authentication request from a client system, 2) redirecting the client system to first perform a first authentication with a primary authentication system in response to receiving the authentication request, 3) receiving an assertion of the first authentication from the client system that demonstrates that the first authentication was…
SYSTEMS AND METHODS FOR DISASTER RECOVERY OF MULTI-TIER APPLICATIONS
Granted: December 5, 2013
Application Number:
20130326265
A computer-implemented method for disaster recovery of multi-tier applications may include 1) identifying a multi-tier application that is provisioned with a plurality of production clusters at a production site, 2) identifying a disaster recovery site including a plurality of recovery clusters, 3) identifying, at the disaster recovery site, a failure of the multi-tier application at the production site, and 4) initiating, from the disaster recovery site, a migration of the multi-tier…
MULTI-TIER STORAGE USING MULTIPLE FILE SETS
Granted: October 17, 2013
Application Number:
20130275653
Storage locations in a first tier of a multi-tier storage system are allocated to a first set of data structures (e.g., inodes) in a first file set. A file that is stored in the first tier is associated with a first data structure of the first set. In response to determining that data in the file should be moved to a second tier of the multi-tier storage system, the file is associated with a second data structure in a second file set. The second data structure is allocated a storage…
METHOD AND SYSTEM FOR CO-EXISTENCE OF LIVE MIGRATION PROTOCOLS AND CLUSTER SERVER FAILOVER PROTOCOLS
Granted: October 10, 2013
Application Number:
20130268800
A method and system for LPAR migration including creating a profile for a logical partition on a host system comprising one or more LPARs, wherein the profile is associated with a first name. Also, within the profile, a port of a client virtual small computer system interface (SCSI) adapter of the LPAR is mapped to a port of a server virtual SCSI adapter of a virtual input/output server (VIOS) of the host system. The server port of the VIOS is set to accept any port of virtual client…
SYSTEMS AND METHODS FOR USING PROPERTY TABLES TO PERFORM NON-ITERATIVE MALWARE SCANS
Granted: October 3, 2013
Application Number:
20130263265
A computer-implemented method for using property tables to perform non-iterative malware scans may include (1) obtaining at least one malware signature from a security software provider that identifies at least one property value for an item of malware, (2) accessing a property table for a computing device that identifies property values shared by one or more application packages installed on the computing device and, for each property value, each application package that shares the…
SYSTEMS AND METHODS FOR SECURE THIRD-PARTY DATA STORAGE
Granted: September 26, 2013
Application Number:
20130254537
A computer-implemented method for secure third-party data storage may include 1) identifying, at a server-side computing device, a request from a client system to access an encrypted file stored under a user account, 2) identifying, in response to the request, an asymmetric key pair designated for the user account that includes an encryption key and a decryption key that has been encrypted with a client-side key, 3) receiving, from the client system, the client-side key, 4) decrypting…
SYSTEMS AND METHODS FOR SECURE THIRD-PARTY DATA STORAGE
Granted: September 26, 2013
Application Number:
20130254558
A computer-implemented method for secure third-party data storage may include 1) identifying, at a server-side computing device, a request from a client system to access an encrypted file stored under a user account, 2) identifying, in response to the request, an asymmetric key pair designated for the user account that includes an encryption key and a decryption key that has been encrypted with a client-side key, 3) receiving, from the client system, the client-side key, 4) decrypting…
