Secure computer network using trusted path subsystem which encrypts/decrypts and communicates with user through local workstation user I/O devices without utilizing workstation processor

TL;DR: In this paper, a multi-level security apparatus and method for a network employs a secure network interface unit (SNIU) coupled between each host or user computer unit (TS, S, S-U, PC, U) and a security manager (SM) coupled to the network, for controlling the operation and configuration of the SNIUs.

TL;DR: In this article, a system and method for providing a trusted server which controls access to the execution of processes by applying file level extended sensitivity label attributes (202) is presented, where attributes are utilized to restrict execution of process (250) that are requested by comparing the extended attributes (200) in addition to using standard file permission authorization.

Abstract: A technique for implementing in a networked client-server environment, e.g., the Internet, network-distributed advertising in which advertisements are downloaded, from an advertising server to a browser executing at a client computer, in a manner transparent to a user situated at the browser, and subsequently displayed, by that browser on an interstitial basis, in response to a click-stream generated by the user to move from one web page to the next. Specifically, an HTML advertising tag is embedded into a referring web page. This tag contains two components. One component effectively downloads, from a distribution web server and to an extent necessary, and then persistently instantiates an agent at the client browser. The other component is a reference, in terms of a web address, of the advertising management system. The ad management system selects the given advertisement that is to be downloaded, rather than having that selection or its content being embedded in the web content page.

TL;DR: In this article, a system and method of performing electronic transactions between a server computer and a client computer is presented, which implements a communication protocol with encrypted data transmission and mutual authentication between the server and a hardware device via a network, performs a decryption of encrypted server responses, forwards the decrypted server responses from the hardware device to the client computer, displays the decryption server responses on a client display, receives requests to be sent from the client computers to the server, parses the client requests for predefined transaction information by the hardware devices, encrypts and forwards client requests

TL;DR: In this paper, the authors propose a scheme to prevent the entry of non-encrypted ID numbers at a terminal while storing only encrypted ID number at the host, requiring the correspondence between credit card account information and ID numbers need be known only to a few key personnel having access to both the encryption algorithm and a particular key therefor.

TL;DR: A call by a user procedure to a protected subsystem (including the supervisor) is identical to a call to a companion user procedure, and the mechanisms of passing and referencing arguments are the same in both cases as well.

TL;DR: In this paper, means and methods of securing protected system files in a data processing system are disclosed, wherein the information determining access rights of system users to the protected systems files remains at all times within a secure processor.

TL;DR: In this article, a storage accessing device is used in conjunction with the computer to determine whether access to a particular user to specific storage media is granted, and the storage media may be subdivided into a plurality of logical zones and access to all or a portion of the material on the file is granted based upon the logical zones to which the user is allowed access.