1. An inversion apparatus configured to invert a continuous web of recording media moving along a path in an imaging system, the inversion apparatus comprising:
an input configured to receive the continuous web of recording media;
an output, displaced from the input, the output configured to convey the continuous web of recording media after being inverted;
a blower configured to provide a flow of forced air;
a turnbar configured to convey the continuous web of recording media between the input and the output and to enable inversion of the continuous web of recording media, the turnbar defines a first tangent line corresponding to an initial point of contact of the web and the turnbar in the absence of an air gap, a second tangent line corresponding to a last point of contact of the web with the turnbar in the absence of an air gap, and a contacting area disposed between the first tangent line and the second tangent line in the absence of an air gap, the turnbar having an exterior surface defining a first region and a second region, which is substantially devoid of apertures, the first region having a plurality of apertures operatively connected to the blower, the plurality of apertures defining a pattern including a plurality of rows and a plurality of columns, each of the rows being aligned in a longitudinal direction along a length of the turnbar, one of a first row of apertures and a last row of apertures being disposed outside of the contacting area and being rotated approximately ten degrees beyond one of the first tangent line and the second tangent line, the plurality of apertures being configured to direct the forced air from the exterior surface of the turnbar, and the forced air through the second region is not directed from the exterior surface.
2-7. (canceled)
8. The inversion apparatus of claim 1 wherein the first region includes a portion in which forced air is not directed from the exterior surface.
9. The inversion apparatus of claim 8 wherein the portion in which forced air is not directed from the exterior surface is devoid of apertures.
10. The inversion apparatus of claim 1 wherein each of the columns includes a first aperture and a last aperture and the first aperture of each column is aligned along a first circumferential line and the last aperture of each column is aligned along a second circumferential line different than the first circumferential line.
11. The inversion apparatus of claim 10 wherein each of the columns defines a helix.
12. The inversion apparatus of claim 10 wherein the plurality of columns includes a first column and a last column and at least one of the plurality of columns is disposed outside of the contacting area.
13. A method of forming a duplex image on a continuous web of recording media having a first side and a second side, the continuous web moving along a transport path through a printer and a web inverter including a turnbar having a surface defining a plurality of apertures, and a blower operatively connected to the plurality of apertures to provide forced air to the apertures, the method comprising:
imaging the first side of the continuous web of recording media during a first pass through the printer;
directing the second side of the continuous web toward the plurality of apertures;
directing air through the plurality of apertures to provide an air gap between the second side of the continuous web of recording media and the surface of the turnbar, the surface of the turnbar defining a first tangent line corresponding to an initial point of contact of the continuous web with the turnbar in the absence of the air gap and a second tangent line corresponding to a last point of contact of the continuous web with the turnbar in the absence of the air gap, the directed air being confined to a predetermined region of the surface of the turnbar, the predetermined region extending over a first portion of the surface of the turnbar but not over a second portion of the surface of the turnbar, the predetermined region including a first edge and a second edge aligned along a longitudinal axis of the turnbar, the first edge and the second edge being separated by the second portion of the surface of the turnbar and one of the first edge and the second edge respectively extends past one of the first tangent line and the second tangent line such that the distance between the first edge and the second edge is greater than the distance between the first tangent line and the second tangent line taken along the transport path; and
imaging the second side of the continuous web of recording media during a second pass through the printer.
14-15. (canceled)
16. The method of claim 13 wherein one of the first edge and the second edge are rotated approximately ten degrees beyond one of the first tangent line and the second tangent line to reduce at least one of eddy currents, acoustic noise, and higher tension without the web touching the turnbars.
17. An inversion apparatus configured to invert a continuous web of recording media moving along a path in an imaging system, the inversion apparatus comprising:
an input configured to receive the continuous web of recording media;
an output, displaced from the input, the output configured to convey the continuous web of recording media after being inverted; and
a turnbar configured to convey the continuous web of recording media between the input and the output and to enable inversion of the continuous web of recording media, the turnbar includes an exterior surface having an air foil region with a plurality of apertures configured to provide an air gap between the exterior surface of the turnbar and the recording media and a second region substantially devoid of apertures, the exterior surface of the turnbar defines a first tangent line corresponding to an initial point of contact of the continuous web with the turnbar in the absence of the air gap and a second tangent line corresponding to a last point of contact of the continuous web with the turnbar in the absence of the air gap, the air foil region includes a first edge and a second edge aligned along the longitudinal axis of the turnbar and the first edge and the second edge are separated by the second region, one of the first edge and the second edge respectively extends past one of the first tangent line and the second tangent line such that a distance between the first edge and the second edge is greater than a distance between the first tangent line and the second tangent line taken along the transport path.
18-19. (canceled)
20. The inversion apparatus of claim 17 wherein one of the first edge and the second edge are rotated approximately ten degrees beyond one of the first tangent line and the second tangent line.
21. The inversion apparatus of claim 20, the air foil region further comprising:
a portion devoid of apertures.
22. The inversion apparatus of claim 21, the plurality of apertures in the air foil region being arranged in a plurality of columns configured as a cylindrical helix.
23. The inversion apparatus of claim 22, the plurality of apertures arranged in the plurality of columns having a first column and a last column disposed outside the edges of the recording media in the absence of the air gap when the recording media is in contact with the turnbar.
The claims below are in addition to those above.
All refrences to claim(s) which appear below refer to the numbering after this setence.
1. A method for securely transferring a data object from a source application to a destination application on a computing device, the method comprising:
providing a source application and a destination application on a computing device, the source and destination applications each having original, post-compile object code;
modifying, using at least one processor operatively coupled with a memory, the original object code of the source application to create first replacement object code for the source application;
modifying, using the at least one processor operatively coupled with the memory, the original object code of the destination application to create second replacement object code for the destination application;
transferring, from the source application to the destination application, a data object that is encrypted with an object data protection key;
requesting, from the first replacement code of the source application to a security manager application on the computing device, a source application key that is associated with the source application;
decrypting the source application key using a data protection root key from the security manager application;
decrypting, by the first replacement code of the source application, the object data protection key with the decrypted source application key;
encrypting, by the first replacement code of the source application, the object data protection key with a data-sharing key or a destination application key, the destination application key associated with the destination application;
sharing with the destination application the object data protection key that is encrypted with the data-sharing key or destination application key;
decrypting, in the second replacement code of the destination application, the object data protection key that is encrypted with the data-sharing key or destination application key; and
decrypting, in the second replacement code of the destination application, the object data using the unencrypted object data protection key.
2. The method of claim 1, wherein the sharing includes transferring the object data protection key that is encrypted with the data-sharing key or destination application key to the destination application.
3. The method of claim 1, further comprising:
determining, by the security manager application, whether a transfer of the data object between the source and destination applications is constrained.
4. The method of claim 1, further comprising:
verifying, by the security manager application, a signature of the source or destination application.
5. The method of claim 4, wherein the signature is a product of a public key infrastructure (PKI) key.
6. The method of claim 1, further comprising:
generating, by the security manager application, at least one of the source application key, the destination application key, and the data-sharing key.
7. The method of claim 6, further comprising:
generating the source application key upon registration of the source application with the security manager application; or
generating the destination application key upon registration of the destination application with the security manager application.
8. The method of claim 6, further comprising:
prompting the user for a passcode; and
generating the source application key or destination application key using the passcode.
9. The method of claim 6, further comprising:
generating, by the security manager application, the data-sharing key upon a request by the source application.
10. The method of claim 1, further comprising:
encrypting, by the second replacement code of the destination application, the object data protection key with the destination application key.
11. The method of claim 1, wherein the computing device is a mobile device.
12. The method of claim 1, further comprising:
retrieving, to the source application, a policy from a remote server, the policy specifying the encrypting.
13. The method of claim 12, wherein the policy specifies no messaging, no chat, or no printing by the source application.
14. The method of claim 1, wherein the original object code of the source application is selected from the group consisting of a .dylib file, a .so file, and a .dll file.
15. A machine-readable non-transitory storage medium embodying information indicative of instructions for causing one or more machines to perform operations comprising:
providing a source application and a destination application on a computing device, the source and destination applications each having original, post-compile object code;
modifying, using at least one processor operatively coupled with a memory, the original object code of the source application to create first replacement object code for the source application;
modifying, using the at least one processor operatively coupled with the memory, the original object code of the destination application to create second replacement object code for the destination application;
transferring, from the source application to the destination application, a data object that is encrypted with an object data protection key;
requesting, from the first replacement code of the source application to a security manager application on the computing device, a source application key that is associated with the source application;
decrypting the source application key using a data protection root key from security manager application;
decrypting, by the first replacement code of the source application, the object data protection key with the decrypted source application key;
encrypting, by the first replacement code of the source application, the object data protection key with a data-sharing key or a destination application key, the destination application key associated with the destination application;
sharing with the destination application the object data protection key that is encrypted with the data-sharing key or destination application key;
decrypting, in the second replacement code of the destination application, the object data protection key that is encrypted with the data-sharing key or destination application key; and
decrypting, in the second replacement code of the destination application, the object data using the unencrypted object data protection key.
16. The medium of claim 15, wherein the sharing includes transferring the object data protection key that is encrypted with the data-sharing key or destination application key to the destination application.
17. The medium of claim 15, wherein the operations further comprise:
verifying, by the security manager application, a signature of the source or destination application.
18. A computer system executing instructions in a computer program, the computer system comprising:
a processor; and
a memory operatively coupled with the processor, the processor executing program code for:
providing a source application and a destination application on a computing device, the source and destination applications each having original, post-compile object code;
modifying, using at least one processor operatively coupled with a memory, the original object code of the source application to create first replacement object code for the source application;
modifying, using the at least one processor operatively coupled with the memory, the original object code of the destination application to create second replacement object code for the destination application;
transferring, from the source application to the destination application, a data object that is encrypted with an object data protection key;
requesting, by the first replacement code of the source application to a security manager application on the computing device, a source application key that is associated with the source application;
decrypting the source application key using a data protection root key from the security manager application;
decrypting, by the first replacement code of the source application, the object data protection key with the decrypted source application key;
encrypting, by the first replacement code of the source application, the object data protection key with a data-sharing key or a destination application key, the destination application key associated with the destination application;
sharing with the destination application the object data protection key that is encrypted with the data-sharing key or destination application key;
decrypting, in the second replacement code of the destination application, the object data protection key that is encrypted with the data-sharing key or destination application key; and
decrypting, in the second replacement code of the destination application, the object data using the unencrypted object data protection key.
19. The system of claim 18, wherein the sharing includes transferring the object data protection key that is encrypted with the data-sharing key or destination application key to the destination application.
20. The system of claim 18, wherein the processor further executes program code for: verifying, by the security manager application, a signature of the source or destination application.