Abstract: The present invention includes a client-server security system. The client-server security system includes a client system receiving first biometric data and having a first level security authorization procedure. In one embodiment, the first biometric data is speech data and the first level security authorization procedure includes a first speaker recognition algorithm. A server system is provided for receiving second biometric data. The server system includes a second level security authorization procedure. In one embodiment, the second biometric data is speech data and the second level security authorization procedure includes a second speaker recognition algorithm. In one embodiment, the first level security authorization procedure and the second level security authorization procedure comprise distinct biometric algorithms.

Abstract: A server receives image, graphic and/or analytic data and processes and asynchronously outputs that data to a thin/no client. The server inputs image data in a variety of different formats and renders a normalized format that can be streamed to the thin/no client using light-weight protocol(s). The server updates the image, feature and/or analytic data in real time. The server inputs feature, analytic, business logic and other data and process it into various format(s) that can be streamed to the thin/no client and overlaid on the image data. The server provides application services, which can include collaboration, tracking, alerting, business, workflow and/or other desired services. The server can receive collaboration data from one thin/no client and stream that collaboration data to other thin/no clients to enable shared situational awareness between the thin/no clients. The server includes a programming environment for programming thin/no clients contained within server-based web pages.

Abstract: A method and system for monitoring performance of rendering one or more web pages are described. The embodiments include defining a set of web pages by selecting a subset of the pages available on a website, wherein the set is identified by a naming string and monitoring a web page of the set in response to a user requesting the page for viewing at a client computer, wherein the client computer requests each of the objects of the requested page from one or more server computers that are placed near or behind one or more network appliances or for services provided by a third party service-provider providing services for the website. The embodiments further include causing performance data to be collected by a client agent and one or more server agents during a composing and presenting of the requested page, wherein the client agent resides and gathers performance data on the client computer and the server agents reside and gather performance data on the web servers of the website, on the servers of a service provider providing services for the Website, or on network appliances near the servers, and correlating the performance data collected by the client agent and the server agents to present website performance data or diagnose problems experienced by the user with the requested page.

Abstract: Techniques for redirecting a client request. The client request is received at a first server. The first server forwards the client request to a second server. The first server receives a result message from the second server. The first server identifies, in the result message, references to resources of the second server. The first server replaces, in the result message, all references to resources of the second server with translated references that reference the first server without replacing references to resources of any other entity other than the second server. The first server sends the translated references to the client as a response to the client request.

Abstract: Applying firmware updates to servers in a data center, the servers including one or more active servers and a standby server, each server mapped to separate remote computer boot storage, including applying the firmware updates to the standby server; selecting an active server for firmware updating; powering off the selected active server by the system management server; remapping the standby server to the remote computer boot storage for the selected active server; rebooting the standby server from the remote computer boot storage for the selected active server, designating the standby server as an active server; remapping the selected active server to the remote computer boot storage formerly mapped to the standby server; and rebooting the selected active server from the remote boot storage formerly mapped to the standby server, designating the selected active server as a standby server.

Abstract: Load balancing and overload control techniques are disclosed for use in a SIP-based network or other type of network comprising a plurality of servers. In a load balancing technique, a first server receives feedback information from at least first and second downstream servers associated with respective first and second paths between the first server and a target server, the feedback information comprising congestion measures for the respective downstream servers. The first server dynamically adjusts a message routing process based on the received feedback information to compensate for imbalance among the congestion measures of the downstream servers. In an overload control technique, the first server utilizes feedback information received from at least one downstream server to generate a blocking message for delivery to a user agent.

Abstract: One aspect of the present invention provides a system for failover comprising at least one client selectively connectable to one of at least two interconnected servers via a network connection. In a normal state, one of the servers is designated a primary server when connected to the client and a remainder of the servers are designated as backup servers when not connected to the client. The at least one client is configured to send messages to the primary server. The servers are configured to process the messages using at least one service that is identical in each of the servers. The services are unaware of whether a server respective to the service is operating as the primary server or the backup server. The servers are further configured to maintain a library, or the like, that indicates whether a server is the primary server or a server is the backup server. The services within each server are to make external calls via its respective library. The library in the primary server is configured to complete the external calls and return results of the external calls to the service in the primary server and to forward results of the external calls to the service in the backup server. The library in the secondary server does not make external calls but simply forwards the results of the external calls, as received from the primary server, to the service in the secondary server when requested to do so by the service in the secondary server.

Abstract: A local game-area network includes a plurality of gaming devices and local game-area servers. Each local game-area server is associated with a corresponding gaming device. Each local game-area server in the local game-area network is operatively associated with every other local game-area server in the local game-area network. Additionally, one of the local game-area servers is a host local game-area server while the remaining gaming devices and associated local game-area servers are clients. Furthermore, the host status of the host local game-area server moves dynamically to an available local game-area server in the local game-area network in response to the host local game-area server becoming non-operational.

Abstract: A method of processing a computational job with a plurality of processors is disclosed. A request to process a job is received, where the job has a priority level associated with the job. A first group of the processors is designated as being available to process the job, where the number of processors in the first group is based on the priority level associated with the job. A second group of the processors is designated as being available to process the job, where for each processor in the second group a current utilization rate of the processor is less than a second predetermined utilization rate. Then, the job is processed with one or more of the processors selected from the first group of processors and the second group of processors.

Abstract: A computer implemented method, apparatus, and computer usable program code for load balancing in a cluster. In response to receiving a notification of an impending state change event in the server, a weight adjustment value for a server is identified to form an identified weight adjustment. An adjusted routing weight for the server is generated using the identified weight adjustment to form a current routing weight for the server. An incoming service request is routed to a selected server in the cluster using current routing weight associated with servers in the cluster.

Abstract: The present invention involves one or more computers (15, 20, 25, 30) that provide software controls (230) to enable a web application (65, 70, 75, 80) to interface with a personal trusted device (300). The server side (100) of the computer system comprises: a server-based framework process (120); a device (140) for receiving requests from the client computer and determining which software controls to send in response; and a device (130) for digitally signing and encrypting the software controls before sending them to the client computer so that their authenticity can be verified. The client side of the computer system comprises: a client web browser (200) that runs on a computer; a device (240) for transmitting requests to the server computer and for receiving responses from those requests; a device (230) for decrypting software controls so that the authenticity of their digital signature can be verified; and a connection to one or more personal trusted devices. An authentication proxy may be used to mutually authenticate a client user and server process using personal trusted devices.

Abstract: A computer-implemented method for securely handling a document in a client-server environment includes receiving at a server a request from a user to initiate a session to access a plurality of documents stored in a server. The documents include a first type that is allowed to be accessed only while the user is online and a second type that is allowed to be accessed while the user is both online and offline. The server transfers at least one offline vault key and at least one online vault key to a client enable the client to load the documents and enable the user to access the documents, the documents including at least one document of first type and at least one document of second type.

Abstract: A method and apparatus is provided for delivering a content file to a client over a packet-switched network. The method begins by determining a suitable throughput required to deliver the content file to the client. Next, the throughput available in a peer-to-peer network for delivering the content file to the client is determined. The required throughput is compared to the available throughput. If the available throughput is less than the required throughput, the available throughput is supplemented with additional throughput. The content is then delivered to the client over the packet-switched network using the available throughput of the peer-to-peer network and the additional throughput.

Abstract: Data-driven web applications are usually structured in three tiers with different programming models at each tier. This division forces developers to manually partition application functionality across the tiers, resulting in complex logic, suboptimal partitioning, and expensive re-partitioning of applications. In this paper, we introduce a unified platform for automatic partitioning of data-driven web applications. Our approach is based on Hilda[41, 46], a high-level declarative programming language with a unified data and programming model for all the layers of the application. Based on run-time properties of the application, Hilda's run time system automatically partitions the application between the tiers to improve response time while adhering to memory and/ or processing constraints at the clients. We evaluate our methodology with traces from a real application and with TPC-W, and our results show that automatic partitioning outperforms manual partitioning without the associated development overhead.

Abstract: Methods and apparatus for processing intercepted requests and responses related to document retrieval between client and server computers. In accordance with one embodiment of the present invention, document metadata from server responses are inspected and stored in a database by an acceleration device in the network path between client and server computers. The device inspects freshness verification requests sent from client to server computers and, based on information stored in its database, sends “not modified” responses back to the client computers without involving the server computers, thereby reducing network and server loads and improving response time. In further embodiments the device may maintain its database by sending document information requests to server computers and processing their subsequent responses.

Abstract: A multi-model-view-controller (MMVC) design pattern for generating client-server applications, which overcomes the disadvantages of the MVC design pattern. In an application generated according to the MMVC design pattern initial data is provided by the server model via the controller to the client model. Subsequent data is requested from the server model by the controller and passed to the client model. The initial and subsequent data are fetched according to predetermined rules. The predetermined rules can be based on personal details of the user, such as identity or role, on the server or client computing platforms, on the application, or other factors.

Abstract: Systems and methods for collaborative and interactive computer applications. A downloadable server-client collaborative mobile social computing application and methods for using the same that connect users based on both their physical location and mutual geographic proximity. A wide variety of Web-enabled devices may be used by members to access the system and interact with other members using both geographic proximity and user-defined preferences to match different users. The system is characterized by its location based services and high degree of user configurable options to provide users with both an entertaining experience and rich social interactions.

Abstract: When data is stored on a faulty server that is accessed concurrently by multiple clients, the server may present inconsistent data to different clients. For example, the server might complete a write operation of one client, but respond with stale data to another client. Mazieres and Shasha (PODC 2002) introduced the notion of fork-consistency, also called fork-linearizability, which ensures that the operations seen by every client are linearizable and guarantees that if the server causes the views of two clients to differ in a single operation, they may never again see each other's updates after that without the server being exposed as faulty. In this paper, we improve the communication complexity of their fork-linearizable storage access protocol with n clients from Ω(n2) to O(n). We also prove that in every such protocol, a reader must wait for a concurrent writer. This explains a seeming limitation of their and of our improved protocol. Furthermore, we give novel characterizations of fork-linearizability and prove that it is neither stronger nor weaker than sequential consistency.

Abstract: A method and apparatus for providing portability of a business process deployment model across different application servers. In one embodiment, a method may include determining which application server will be used for deploying a business process as a web application, and invoking an implementation framework of application server interfaces that corresponds to this application server. The method may further include utilizing the invoked implementation framework to obtain application server information needed for deploying the business process as a web application, and generating a web application package using the application server information.

Abstract: A complex user-facing computer application often has run-time dependencies on other computer applications. The other computer applications may, in turn, have run-time dependencies on still other applications. A supporting application might run on multiple hosts and a particular host might be chosen by a higher-level application in order to meet requirements such load balancing or reliability. In order to facilitate intelligent choices by higher-level applications in the system, each server in the system is responsible for generating a performance capability or health score that reflects the health of local components and the health of all servers on which the given server has a direct run-time dependency. A particular server's generated health score is advertised to any other server that has a direct run-time dependency on the particular server. Decisions about which of alternative lower-level servers to use in a servicing a client request are made using a routing or hop-at-a-time approach.

Abstract: Techniques for increasing the safety of medical device programming using general purpose hardware, such as a general purpose personal computer, are described. In some embodiments, a system includes an intermediate computing device comprising an applications module. Information from the applications module, such as instructions for an implantable medical device (IMD), may be presented to a user via a user input terminal that is separate from the intermediate computing device. A user may interact with the user input terminal to select an instruction from the applications module, and the intermediate computing device may transmit the selected instruction to the IMD. In some embodiments, the intermediate computing device comprises a web server and the user input terminal comprises a web browser configured to access the web server. In other embodiments, the intermediate computing device comprises a client server and the user input terminal comprises a client.

Abstract: The invention discloses a programming method and system for dynamic client/server network management using proxy servers, by allowing each active proxy server in an arrayed cluster to maintain an updated list of all other operating proxy servers in the cluster. When a client message requesting access to an application server is received by a clustered proxy server, the message may be forwarded to another proxy server (within the cluster) so that message (re)transmissions can pass through the same proxy server as the original message, allowing a proxy server to make consistent routing decisions (and other decisions) pertaining to that message.

Abstract: A novel and useful apparatus for and method of handling traffic congestion during power save mode in client/server systems such as wireless local area networks (WLANs). A reduction in response time is achieved by minimizing communications between the host and the MAC processing entities in client devices. The host sends shortened descriptors to the MAC rather than complete frames. Only a limited number of frames for each client queue are stored on the MAC. A transfer bitmap is used to track the frames to be transferred from the host to the MAC. Transmitter pre-processing is performed on the frames pulled from the host. A transmit bitmap is used to track frames that have been processed and awaiting transmission to a client. Frames that are ready are then sent out from queues for clients that are active and have an ongoing service period.

Abstract: Early Internet applications were written using a classic client/server model, with multiple content pages refreshed for each user action. As users continue to demand more sophisticated and increasingly interactive Internet programming, applications development is evolving to permit more efficient communication between clients and servers. Techniques such as Ajax are being used to promote this new style of Internet programming. Rich Internet Applications (RIA) offer greatly enhanced usability, and allow Internet programs to rival their desktop counterparts for functionality. This paper explores technologies deployed in creating RIA, and considers relative merits and limitations of this new style of application development.

Abstract: A local game-area network includes a plurality of gaming devices and local game-area servers Each local game-area server is associated with a corresponding gaming device Each local game-area server in the local game-area network is operatively associated with every other local game-area server in the local game-area network Additionally, one of the local game-area servers is a host local game-area server while the remaining gaming devices and associated local game-area servers are clients Furthermore, the host status of the host local game-area server moves dynamically to an available local game-area server in the local game-area network in response to the host local game-area server becoming non-operational

Abstract: A technique for establishing a logical path between two servers in a coordinated timing network of a processing environment is provided. The technique includes the exchange of command and response message pairs by a server and an attached server, via a physical link. The server transmits a command message to an attached server to establish a server-time-protocol (STP) logical path and receives a response from the attached server. The technique also includes the server receiving a request transmitted by the attached server to establish an STP logical path to the server and transmitting a response to the attached server's request. A logical path between the server and the attached server is established if the attached server's response indicates that the server's request was accepted by the attached server and if the server's response indicates that the attached server's request was accepted by the server.

Abstract: The Mirrored Server (MS) architecture uses multiple mirrored servers across multiple locations to alleviate the bandwidth bottleneck in the Client/Server (C/S) architecture. Each mirror receives and multicasts player updates to the others, simulates the game, and disseminates the new game state to players. However, keeping the game state consistent between mirrors in the presence of network delay, and maintaining game responsiveness requires each server in MS to simulate the game multiple times for each game update, and additional times in the event of costly rollbacks. In this paper we propose the Enhanced Mirrored Server (EMS) architecture. Like in the Peer-to-Peer architecture, EMS allows peers to exchange updates directly, resulting in a higher tolerance to delay at the mirrors. We propose using bucket synchronization in the mirrors so that each server in EMS simulates the game only once for each update and does not require rollbacks. The server dissenates updates to clients only in the event of inconsistency, and thus its outgoing bandwidth is lower than in MS. Our EMS uses cryptographic techniques to provide security equivalent to C/S, and prevents the timestamp cheat possible in MS. Our analytical analysis and simulations show the advantages of EMS over MS.

Abstract: A system resource manager of a site management server registers a server domain as a group of servers having a uniform physical wire connection, registers a server group as a group of servers that use uniform software in a registered server domain, and changes an application of a server by controlling a switch of software that is stored in a RAID device connected to a server belonging to a registered server group via a SAN for each application and that is used by the server.