28th week of 2015 patent applcation highlights part 55 |
Patent application number | Title | Published |
20150195232 | DYNAMIC DELAY IN UNDO FUNCTIONALITY BASED ON EMAIL MESSAGE CHARACTERISTICS - A system and machine-implemented method for calculating a dynamic delay for an email message, the method including receiving an indication of an email message being created by a user, identifying one or more characteristics of the email message in response to receiving the indication, determining an impact associated with the email message based on one or more of the identified one or more characteristics of the email message or one or more behavioral information regarding the user sending the email message, determining a customized delay for the email message based on the determined impact, the delay comprising a length of time and delivering the email message to one or more recipients of the email message after the length of time has elapsed. | 2015-07-09 |
20150195233 | REMINDER SERVICE FOR EMAIL SELECTED FOR FOLLOW-UP ACTIONS - A reminder service is disclosed herein receives action information indicative of an email selected for follow-up action in an email application. The reminder service identifies an additional application through which to surface a reminder about the follow-up action and communicates reminder information to the additional application with which to render the reminder. | 2015-07-09 |
20150195234 | PREVENTING UNNECESSARY MESSAGES FROM BEING SENT AND RECEIVED - A method, system and computer program product for preventing unnecessary messages (e.g., e-mails) from being sent and received. Recipients designated by an author to receive a message are identified. A time constraint associated with a timeframe to complete a task discussed in the message (e.g., “prepare a report in 3 days”) is obtained. The availability of the recipients to complete the task within the required time constraint is determined prior to the author sending the message. If one of the recipients is unavailable to complete the task within the required time constraint, then the author is informed as such thereby providing the author an opportunity to not send that message to the unavailable recipient. As a result, an unnecessary message is prevented from being sent and received thereby reducing the amount of messages for a user to review. | 2015-07-09 |
20150195235 | SYSTEMS AND METHODS FOR MOBILE COMMUNICATION INTEGRATION - A mobile application for integrating a location sharing event with a messaging platform such as a text messaging or email platform allows users to be prompted about location sharing when at least a part of the message includes location or time information. In one embodiment, the mobile application takes the form of an integrated location sharing application that parses the message to discern the relevant location or time information. The application may also provide a notification of a future event and may optionally generate a location sharing event based on the notification. In another embodiment, the application permits interactive route sharing between at least two computing devices. | 2015-07-09 |
20150195236 | TECHNIQUES FOR IMPLEMENTING A SECURE MAILBOX IN RESOURCE-CONSTRAINED EMBEDDED SYSTEMS - Various embodiments are generally directed to implementing a secure mailbox in resource-constrained embedded systems. An apparatus to establish communication with a trusted execution environment includes a processor component, a co-processor component for executing the trusted execution environment, a host operating system component for execution by the processor component and including one or more application components, a mailbox array component for execution by the co-processor to store one or more mailbox components, each mailbox component being associated with a mailbox identification number, and a mailbox firewall component for execution by the co-processor component to facilitate communication between the one or more application components and the one or more mailbox components. Other embodiments are described and claimed. | 2015-07-09 |
20150195237 | MAIL EXTRACTION METHOD, MAIL EXTRACTION DEVICE, AND PROGRAM - A mail extraction method causes a computer to execute processes including storing, in association with each other in a storage unit, a first mail sent to a plurality of destinations, a first return mail from a first destination among the plurality of destinations, and a first re-return mail that is returned to the first return mail; and displaying, on a display unit, the first re-return mail stored in the storage unit in association with the first mail, in response to a request to create a second re-return mail to a second return mail from a second destination among the plurality of destinations of the first mail. | 2015-07-09 |
20150195238 | Download of Current Portions of Email Messages - In general, this disclosure describes techniques of enabling devices to download only current portions of email messages without downloading historical portions of the email messages. For instance, when an email client generates a reply email message to an original email message, the reply email message includes a current portion and a historical portion. The current portion of the reply email message includes new information and the historical portion of the reply email message includes the original email message. The techniques of this disclosure enable devices to download the current portions of email messages without downloading the historical portions of the email messages. | 2015-07-09 |
20150195239 | MESSAGING FOR NOTIFICATION-BASED CLIENTS - The claimed subject matter provides a method for communicating with a client. The method includes receiving a notification token that identifies the client. The method further includes registering the client to receive a message when the client is not connected to the server. The method also includes sending the message to the client when the client does not have a connection to the server, based on the registering and the notification token. The message may be sent using a notification channel. | 2015-07-09 |
20150195240 | DEFERRING ALERT OF NOTIFICATIONS FOR A PARTICULAR TIME - A computing system is described that receives, at a particular time, notification data, the notification data indicating a threshold amount of time for which the computing system is to delay outputting an alert based on the notification data. The computing system initiates, based on the threshold amount of time, a deferred output of the alert based on the notification data. Responsive to determining that the threshold amount of time has elapsed since the particular time, the computing system outputs the alert based on the notification data. | 2015-07-09 |
20150195241 | SYSTEM, METHOD AND TECHNIQUE FOR ENABLING USERS TO INTERACT WITH ADDRESS FILEDS OF MESSAGING APPLICATIONS - An example system includes a main processor operable in a normal mode or a trusted mode, the main processor having an embedded diagnostic trusted code executable in the trusted mode; a secure memory accessible by the main processor when the main processor is in the trusted mode and inaccessible to the main processor when the main processor is in the normal mode, wherein execution of the embedded diagnostic trusted code causes the main processor to write diagnostic information to the secure memory; and a monitor processor having access to the secure memory to analyze the diagnostic information to determine a state of the main processor. | 2015-07-09 |
20150195242 | Computer-Implemented System And Method For Creating And Visualizing A Social Network - A computer-implemented system and method for creating and visualizing a social network are provided. A social network is created based on a traffic pattern of messages exchanged between two or more entities. A sender and a recipient of each exchanged message in the set are identified as the entities. A link is created between the identified sender and recipient for each exchanged message. A representation of the social network is generated by representing each of the entities via a node, selecting one of the nodes within the social network, and arranging the nodes of the unselected entities relative to the selected node and based on the links. One of a positive and negative position of each of the unselected entity nodes from the selected node is identified. | 2015-07-09 |
20150195243 | Adaptive DNS Pre-Resolution - Embodiments of the present invention include methods and systems for domain name system (DNS) pre-resolution. A method for DNS pre-resolution is provided. The method includes initiating a DNS lookup call for one or more sub-resource uniform resource locator (URL) hostnames associated with a referring URL prior to navigation to the referring URL, whereby a resolution result for at least one of the sub-resource URL hostnames is cached in a DNS cache in preparation for navigation to the sub-resource URLs. The method further includes learning relationship information including the sub-resource URLs associated with the referring URL for DNS pre-resolution. A system for DNS pre-resolution is also provided. The system includes a DNS pre-resolver, a navigation monitor and a relationship data store. | 2015-07-09 |
20150195244 | REQUEST ROUTING MANAGEMENT BASED ON NETWORK COMPONENTS - Systems and methods for managing requesting routing functionality associated with resource requests for one or more resources associated with a content provider are provided. A content delivery network (“CDN”) service provider, on behalf of a content provider, can process domain name service (“DNS”) requests for resources by computing devices and resolve the DNS requests by the identification of a network address of a computing device that will provide the requested resources. Based on the processing of DNS queries initiated by a client computing device, the CDN service provider can measure CDN service provider latencies associated with the generation of DNS requests by network components associated with the client computing devices. Examples of the network components can include DNS resolvers associated with the client computing device. | 2015-07-09 |
20150195245 | SYSTEM AND METHOD FOR INSPECTING DOMAIN NAME SYSTEM FLOWS IN A NETWORK ENVIRONMENT - A method is provided in one example and includes maintaining a correlation between a domain name and a plurality of Internet protocol (IP) addresses included in a domain name system (“DNS”) response to a DNS request in connection with DNS exchange between a subscriber and a DNS server, wherein each of the IP addresses corresponds to one of a plurality of web servers associated with the domain name; receiving from the subscriber a packet associated with a flow; identifying an IP address within the packet as being one of the plurality of IP addresses included in the DNS response; and executing a policy decision for the subsequent flow without inspecting the contents of the subsequent flow at layer 7 based on an identity of the subscriber and the domain name correlated to the identified IP address, wherein the policy decision comprises charging a different rate for a particular flow. | 2015-07-09 |
20150195246 | MICRO SERVER, METHOD OF ALLOCATING MAC ADDRESS, AND COMPUTER READABLE RECORDING MEDIUM - A micro server includes a plurality of processor modules, and a network controller configured to control the plurality of processor modules to communicate with an external apparatus through a single physical port. The network controller performs communication by using a plurality of MAC addresses pre-allocated to the micro server. | 2015-07-09 |
20150195247 | Relay Device and Control Method of Relay Device - An occurrence of virus infection and fraud caused by web access is prevented in advance without any particular restriction. A relay device ( | 2015-07-09 |
20150195248 | Computer or microchip controlled by a firewall-protected master controlling microprocessor and firmware - A computer or microchip including a master controlling microprocessor and firmware, network communication components, one or more microprocessors and RAM, and an internal hardware firewall located between a protected portion that is protected by the internal hardware firewall and a network portion. The internal hardware firewall denies access to at least the protected portion of the computer or microchip from the network. The firewall permits unrestricted access by the network to the network portion so that processing operations conducted with the network are executed by microprocessors and RAM in the network portion. The master controlling microprocessor and at least a part or all of the firmware are located in the protected portion of the computer or microchip. The master controlling microprocessor has preemptive control of the microprocessors and RAM in the network portion including erasure of the random access memory (RAM) prior to the use of the network portion. | 2015-07-09 |
20150195249 | PLANT COMMUNICATION NETWORK - An embodiment of the disclosure provides a communication network having a plurality of end devices protected by multilayer switches that receive data packets in different formats for transmission to the end devices, translate received data packets to a common data format for inspection to determine if they pose a security threat, and if they do not pose a threat, forward the data packets to their end device destinations. | 2015-07-09 |
20150195250 | PLANT COMMUNICATION NETWORK - An embodiment of the disclosure provides a communication network having a plurality of end devices protected by multilayer switches that receive data packets in different formats for transmission to the end devices, translate received data packets to a common data format for inspection to determine if they pose a security threat, and if they do not pose a threat, forward the data packets to their end device destinations. | 2015-07-09 |
20150195251 | PACKET ANALYSIS APPARATUS AND METHOD AND VIRTUAL PRIVATE NETWORK SERVER - A packet analysis apparatus and method and a VPN server, which secure evidence against a situation in which a hacker disguises a packet as a normal packet so as to make an attack using a VPN server as a router. The packet analysis apparatus includes a packet classification unit for classifying packets provided and collected from a host into encrypted VPN packets and plaintext packets. A first comparative analysis unit compares contents of an encapsulated IP datagram of each encrypted VPN packet, obtained by decrypting the encrypted VPN packet, with contents of a plaintext IP datagram that is included in each plaintext packet and that is present for a target to which the host desires to transfer the encrypted VPN packet. A second comparative analysis unit compares lengths of the encapsulated IP datagram and the plaintext IP datagram with each other. | 2015-07-09 |
20150195252 | CREDENTIALS MANAGEMENT IN LARGE SCALE VIRTUAL PRIVATE NETWORK DEPLOYMENT - Techniques for credentials management in large scale virtual private network (VPN) deployment are disclosed. In some embodiments, credentials management in large scale VPN deployment includes generating a public/private key pair and a certificate signing request at a satellite device; automatically communicating the certificate signing request to a portal over a public, untrusted network to authenticate the satellite device using a serial number associated with the satellite device, in which the certificate signing request and the serial number are verified by the portal; and receiving a certificate from the portal for using to establish VPN connections and configuration information for the satellite device, in which the certificate includes a credential signed by a trusted certificate authority, and the configuration information includes gateway configuration information identifying a plurality of gateways to which the satellite device is configured to connect using VPN connections. | 2015-07-09 |
20150195253 | RETRIEVING BOTH SENSITIVE AND NON-SENSITIVE CONTENT IN A SECURE MANNER - A method, system and computer program product for retrieving both sensitive and non-sensitive content in a secure manner. After a proxy server establishes a secure connection between a client device and a web server, the client device receives the requested sensitive content, which includes an index file that contains a hash value that was generated by the web server. The web browser of the client device further issues a request to the proxy server to establish a non-secure connection to retrieve non-sensitive static content from the web server. After receiving the requested content, the web browser of the client device generates a hash value over the received content. If this generated hash value is equal to the hash value contained in the index file, then the web browser accepts the received non-sensitive static content. In this manner, both sensitive and non-sensitive content can be retrieved in a secure manner. | 2015-07-09 |
20150195254 | Event-Triggered Release Through Third Party of Pre-Encrypted Digital Data From Data Owner to Data Assignee - A future proof method and system for securely transferring digital data from a data owner to a data assignee through a third party involving securely registering the data owner possessing the digital data with the third party and securely predefining to the third party a trigger event associated with a data assignee, registering the data assignee with the third party, receiving encrypted digital data and an encrypted trigger event associated with the data assignee transmitted from the data owner to the third party, and securely transferring and releasing the digital data to the at least one data assignee by the third party upon validation by the third party of the occurrence of the trigger event in such a manner that digital data can be used by data assignee on data assignee system. | 2015-07-09 |
20150195255 | CLIENT-SIDE HTTP TRANSLATOR - A network gateway device receives an HTTP compliant request stream from a client device over plural TCP connections, translates the HTTP compliant request stream received over the plural TCP connections into an HTTP non-compliant request stream for transmission over a lesser number of TCP connections, and transmits the HTTP non-compliant request stream to a server device over the lesser number of TCP connections. The network gateway device receives an HTTP non-compliant response stream from the server device over one or more TCP connections, translates the HTTP non-compliant response stream received over the one or more TCP connections into an HTTP compliant response stream for transmission over a greater number of TCP connections, and transmits the HTTP compliant response stream to a client device over the greater number of TCP connections. | 2015-07-09 |
20150195256 | Methods and Apparatus for Key Delivery in HTTP Live Streaming - A key delivery mechanism that delivers keys to an OS platform (e.g., iOS platform) devices for decrypting encrypted HTTP live streaming data. An HTTPS URL for a stateless HTTPS service is included in the manifest for an encrypted HTTP live stream obtained by an application (e.g., a browser) on an OS platform device. The URL includes an encrypted key, for example as a query parameter value. The application passes the manifest to the OS. The OS contacts the HTTPS service to obtain the key using the URL indicated in the manifest. Since the encrypted key is a parameter of the URL, the encrypted key is provided to the HTTPS service along with information identifying the content. The HTTPS service decrypts the encrypted key and returns the decrypted key to the OS over HTTPS, thus eliminating the need for a database lookup at the HTTPS service. | 2015-07-09 |
20150195257 | SECURING PASSWORDS AGAINST DICTIONARY ATTACKS - Described herein are various technologies pertaining to constructions of a password-based authentication protocol that are configured to allow a user to register with and authenticate to an online service without the online service receiving a password or a deterministic function of the password of the user. When registering with an online service, a client computing device establishes a cryptographically strong random secret and stores an encryption of such secret with a data storage device. The storage device also never receives the password or a deterministic function of the password. When the user wishes to authenticate to the online service, the user employs her password to retrieve the encrypted secret from the storage device, decrypts such secret, and utilizes the decrypted secret to answer a cryptographically strong challenge provided to the user by the online service upon the online service receiving a username pertaining to such user. | 2015-07-09 |
20150195258 | INFORMATION PROCESSING APPARATUS AND SEMICONDUCTOR APPARATUS - An information processing apparatus includes a secure module and a first control circuit provided external to the secure module and configured to input encrypted data to the secure module through a first communication channel. The secure module includes memory, a second control circuit, and an input unit. The memory is configured not to allow the first control circuit to read and write data therefrom and thereto and to store a key for decrypting the encrypted data. The second control circuit is configured to decrypt the encrypted data using the key and output the decrypted data to the first control circuit through the first communication channel. The input unit is configured to store, in the memory, the key input through a second communication channel provided separately from the first communication channel. | 2015-07-09 |
20150195259 | System and Method for Signaling Segment Encryption and Key Derivation for Adaptive Streaming - An apparatus for decoding a media stream, wherein the apparatus comprises a memory module, a processor module coupled to the memory module, wherein the memory module contains instructions that when executed by the processor cause the apparatus to perform the following: receive a media stream comprising a segment signaling information and a plurality of segments, wherein the plurality of segments comprises encoded and unencoded segments, wherein the segment signaling information comprises identification of at least two segment groups each comprising at least one segment, identify at least one segment group using the segment signaling information in the media stream, identify at least one segment decoding algorithm for the at least one segment group, identify at least one decoding key for the at least segment group, and decode each encoded segment within the at least segment group using the at least segment decoding algorithm and the at least one decoding key. | 2015-07-09 |
20150195260 | System and Method for Dynamically Allocating Stream Identifiers in a Multi-Encryption Transport System - The present invention is suitable for use in a multi-encrypted system that dynamically allocates stream identifiers in a second stream depending upon the identifiers in a first stream. The first stream is monitored and counters are incremented with the presence of an identifier. The count for each of the counters is then received. Using the count, a control processor then assigns or revises identifiers in the second stream. | 2015-07-09 |
20150195261 | Secure Session for a Group of Network Nodes | 2015-07-09 |
20150195262 | PROCESSING REQUEST KEYS BASED ON A KEY SIZE SUPPORTED BY UNDERLYING PROCESSING ELEMENTS - A packet classification system, methods, and apparatus are provided for packet classification. A processor of a router coupled to a network processes data packets received from a network. The processor creates a request key using information extracted from a packet. The processor splits the request key into an n number of partial request keys if at least one predetermined criterion is met. The processor also sends a non-final request that includes an i-th partial request key to a corresponding search table of an n number of search tables, wherein i2015-07-09 | |
20150195263 | EXTENSIBLE BROWSER PLUGIN INTERFACE - Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for an extensible browser plugin interface. In one aspect, a method includes receiving, at a browser plugin interface, an interface request from a plugin, where the interface request includes an interface identifier string that identifies a particular interface; determining, using the interface identifier string, whether the particular interface is supported by the browser; and if it is determined that the particular interface is supported by the browser, returning to the plugin a virtual function table (vtable) of one or more functions, wherein the vtable is associated with the particular interface identified by the interface request. | 2015-07-09 |
20150195264 | Secure Challenge System for Verifying Access Rights to Media Content - Described is a technique for securely verifying access rights to a media file stored on a user device. By verifying the access rights to the media file, a server may provide access to a licensed version of the media from a media library in a remote location such as server for a cloud-based service. When a media file is confirmed to be available in a media library, a cryptographic a hash function that incorporates a random value or “salt” is used to verify that a user is in possession of an entire media file. Accordingly, the techniques described herein improve the security for verifying that a user is in possession of a media file by preventing the use of pre-calculated hashes. | 2015-07-09 |
20150195265 | VIRTUAL PRIVATE NETWORK DEAD PEER DETECTION - Methods and systems are provided for detecting dead tunnels associated with a VPN. An indicator of a tunnel capability, for example, a DPD vendor ID, is received from a peer through a VPN connection. The tunnel capability is associated with one or more phase II tunnels associated with the VPN. Traffic generated by the peer is detected, and if traffic is detected at a tunnel, the tunnel is presumed to be alive. When no traffic is detected in a tunnel, a DPD packet exchange with the tunnel is initiated. A determination is made, based on the packet exchange, whether the tunnel is alive. | 2015-07-09 |
20150195266 | Authentication Device and Authentication Program - It is an object of the present invention to provide a communication technology that is more convenient. A device according to one embodiment of the present invention includes: equipment information creating request receiving means for receiving an equipment information creating request issued by external equipment; date/time obtaining means for obtaining information for identifying a date/time; path display identifier identifying means for identifying a path display identifier that is associated with a request source identifier of a request source of the equipment information creating request received by the equipment information creating request receiving means; and output means for outputting, to the external equipment, in response to the equipment information creating request, at least the path display identifier identified by the path display identifier identifying means and the information for identifying a date/time. | 2015-07-09 |
20150195267 | PACKET FORWARDING DEVICE, PACKET FORWARDING SYSTEM, AND PACKET FORWARDING METHOD - A packet forwarding device includes: an evaluation unit configured to judge whether or not authentication information is stored in a header, the authentication information being for authenticating communication quality control information stored in the header of a packet transmitted via a network, and evaluate whether or not the authentication information is proper, the evaluation being made when the authentication information is stored in the header; and a forwarding unit that configured to control a communication quality using the communication quality control information, and forward the packet toward a transmission destination, the control being made when the authentication information is evaluated by the evaluation unit to be proper. | 2015-07-09 |
20150195268 | METHOD AND SYSTEM FOR DETERMINING WHETHER A TERMINAL LOGGING INTO A WEBSITE IS A MOBILE TERMINAL - Embodiments of the present application relate to a method and system for determining whether a terminal logging into a website is a mobile terminal. The method includes receiving a login request to access a website from a terminal, generating a first token, sending information including a redirect script to the terminal, the redirect script configured to cause the terminal to execute the redirect script and to access an activation link, receiving a verification request from the terminal, determining whether the version of the first token included in the verification request is valid relative to the generated first token, sending an indication that the first token is valid to the terminal, receiving an access request, the access request including the second token, determining whether the second token is valid, and determining whether the terminal is a mobile terminal according to whether the second token is valid. | 2015-07-09 |
20150195269 | Verification That A User Attempting To Access Content Is A Human User - An easier and less frustrating way of verifying that a user attempting to access content is a human user is provided. For example, data indicative of a request by a user to access content from a content server is received. An output of geographic data associated with a geographic region is generated. A task to be performed by the user to access the content is provided as a function of the generated output. The output and the task are transmitted to the content server for presentation to the user. Performance of the task by the user is substantially indicative of the user being a human user. | 2015-07-09 |
20150195270 | PRIVATE AND SECURE COMMUNICATION ARCHITECTURE WITHOUT UTILIZING A PUBLIC CLOUD BASED ROUTING SERVER - A method for use with a public cloud network is disclosed. The method includes setting up a private cloud routing server and a smart device client in a client server relationship. The private cloud routing server includes a first message box. The smart client includes a second message box. The first and second message boxes are located on the public cloud network. The method also includes passing an authenticated session based message between the first and the second message boxes in a secure manner. The smart device client and the private cloud routing server can communicate with each other after authentication to provide security. The method also includes setting up another smart device client in a client server relationship with the private cloud routing server. The two smart device clients can privately and securely communicate with each other through the public cloud network. | 2015-07-09 |
20150195271 | Peer Applications Trust Center - Concepts and technologies are disclosed herein for a peer applications trust center. A trust client can execute on a client computer and a trust service can execute on a server computer to provide the peer applications trust center. The trust client or trust server can register applications. During registration, the trust server or the trust client can generate a public key or other identifier for identifying the registered application. If another application requests access to the registered application, the trust server or the trust client can determine if the request specifies a registered application by name. If the requestor is granted access to the application, the requestor can be issued a token. Tokens can be revoked, updated, replaced, or renewed for various purposes. | 2015-07-09 |
20150195272 | EXTENSION POINT APPLICATION AND ONFIGURATION OF A LOGIN MODULE - Embodiments of the present invention address deficiencies of the art in respect to applying application security to an extension point oriented application framework, and provide a novel and non-obvious method, system and computer program product for log-in module deployment and configuration in an extension point oriented application. In this regard, a method for log-in module deployment and configuration in an extension point oriented application can include installing a proxy to a login controller plug-in for the extension point oriented application, and proxying login module directives from an external security service to the login controller plug-in for the extension point oriented application. | 2015-07-09 |
20150195273 | UPDATING STORED PASSWORDS - A device may include an authentication server and a server. The authentication server may receive a first form of a password from a client device in accordance with an authentication protocol, and authenticate the client device based on a comparison of the first form to a value derived from a second form of the password stored in a password database, where the comparison fails when the first form is not comparable to a value derived from the second form. The server may establish a secure connection to the client, receive a plain-text password from the client device over the secure connection, authenticate the client device by comparing a value derived from the plain-text password with a value derived from the second form, and update the password database with a third form of the password that permits the authentication server to successfully authenticate the client device when the authentication server receives the first form. | 2015-07-09 |
20150195274 | SYSTEM AND METHOD OF CERTIFICATING A GENUINE ARTICLE - A method for authenticating a genuine article includes: performing a first authentication by comparing authentication information of an article, transmitted from an authentication terminal, with previously stored authentication information; and performing a second authentication by deciding whether an authentication check device of the article is replicated. Here, genuine article authentication is completed when both the first authentication and the second authentication are completed. | 2015-07-09 |
20150195275 | SECURE DEVICE AUTHENTICATION PROTOCOL - Disclosed is a system and method by which a multimedia source device communicates with a display device, allowing the multimedia devices to securely confirm the identity of the devices and confirm their trustworthiness through a trust authority. | 2015-07-09 |
20150195276 | System and Method For Securely Provisioning and Generating One-Time-Passwords In A Remote Device - A secure processor such as a TPM generates one-time-passwords used to authenticate a communication device to a service provider. In some embodiments the TPM maintains one-time-password data and performs the one-time-password algorithm within a secure boundary associated with the TPM. In some embodiments the TPM generates one-time-password data structures and associated parent keys and manages the parent keys in the same manner it manages standard TPM keys. | 2015-07-09 |
20150195277 | MANAGING DISPLAY OF PRIVATE INFORMATION - In one example, a method includes receiving a first indication of an incoming communication and determining that the incoming communication includes private information. The method may also include outputting, for display at a wearable computing device, a second indication of the incoming communication, wherein the indication includes non-private information. The method may also include determining, based on motion data generated by the wearable computing device, that a user of the wearable computing device is likely viewing the wearable computing device. The method may also include outputting, for display at the wearable computing device, an indication of the private information. | 2015-07-09 |
20150195278 | ACCESS CREDENTIALS USING BIOMETRICALLY GENERATED PUBLIC/PRIVATE KEY PAIRS - A method and system for access credential functionality using biometrically generated public/private key pairs may involve generating an asymmetric encryption key pair using a biometric scan of a human user and a server identifier of a network server. The public key of the key pair may be sent to the network server from a client device operated by the human user. The network server may use the public key to authenticate that the client device is in possession of the private key, thereby authenticating the human user. | 2015-07-09 |
20150195279 | Linked Account System Using Personal Digital Key (PDK-LAS) - One embodiment of the invention includes a system comprising: a personal digital key and a computer readable medium that is accessible when authenticated by the personal digital key. | 2015-07-09 |
20150195280 | AUTHENTICATION SYSTEM AND AUTHENTICATION METHOD - Provided is an authentication system in which a client terminal that receives input of request information is connected to a server that executes a process with regard to the request information. The client terminal includes: a first authentication information generation unit that generates first authentication information based on information which is shared with the server; an encryption unit that generates encryption information; and a transmission unit that transmits the request information and encryption information to the server. The server includes: a reception unit that receives the request information and encryption information; a second authentication information generation unit that generates second authentication information; a decoding unit that generates reference information which is acquired by decoding the encryption information using the same common key method as in the client terminal while using the second authentication information as a key; and an authentication unit that compares the request information with the reference information. | 2015-07-09 |
20150195281 | ESTABLISHING CONNECTIONS FOR SECURE ELEMENT COMMUNICATIONS - A server is configured to establish connections for secure element communication sessions. The server receives a request from a device to establish a first secure connection, and establishes the first secure connection with the device in response to the received request. The server sends a request to a Trusted Service Manager (TSM). The sent request instructs the TSM to establish a second secure connection between the TSM and a secure memory. The server receives an authentication request from the TSM to establish the second secure connection, and forwards the authentication request to the device over the first secure connection. | 2015-07-09 |
20150195282 | TECHNIQUE FOR CONFIGURING SECURED ACCESS TO A HOST NETWORK FOR AN INVITED TERMINAL - A method is provided for configuring access to a network, to authorize an access to the network for at least one invited terminal associated with an invited user. The method is implemented by a first network access management module associated with a host user. The method includes: receiving, from a terminal associated with the host user, an offer to share the access to the network intended for the invited user, the users being connected via a social network; obtaining, from a second network access management module associated with the invited user, information identifying the invited terminal; obtaining, from the network, configuration information allowing access to the network by the invited terminal, following a sending, to the network, of an access configuration request comprising the identification information; and sending, to the second management module, configuration information intended for the invited terminal allowing it access to the network. | 2015-07-09 |
20150195283 | SYSTEM AND METHOD FOR MANAGING ACCESS TO COMPUTER RESOURCES - Disclosed are methods, systems, and computer program are provided for managing access to computer resources. An example method includes receiving a request, from a client process, for performing an operation on a computer resource, including receiving the request by a kernel of an operating system for creating a separate process to perform the requested operation on the computer resource; obtaining, by a resource manager, metadata of the computer resource, security policies for the client process to perform the requested operation on the computer resource, and data relating to operations requested by other client processes on the computer resource; and performing the requested operation on the resource upon detecting that the requested operation does not: alter the metadata, violate an isolation condition of the computer resource, violate rights of the client process, and distort the operations requested by the other client processes. | 2015-07-09 |
20150195284 | DELEGATING AUTHORIZATION TO APPLICATIONS ON A CLIENT DEVICE IN A NETWORKED ENVIRONMENT - Disclosed are various embodiments for delegating security authorization to at least one application executed on a client device. A computing device is employed to send to a remote server, from an agent application, a request for a first access credential. The first access credential is received from the remote server and a determination is made by the agent application in communication with a managed application, that the managed application requires a second access credential. In response to the determination being made that the managed application requires the second access credential, the second access credential is sent to the managed application, from the agent application. An indication that the agent is authorized to be in communication with managed applications regarding a need for access credentials is stored and the agent application determines where at least one of the managed applications requires an access credential. | 2015-07-09 |
20150195285 | Unified Workspace for Thin, Remote, and SAAS Applications - Application-manager software authenticates a user of a client device over a channel. The authentication operation is performed using a directory service. The application-manager software presents a plurality of applications in a GUI displayed by the client device. The plurality of applications depends on the authentication, the client device, and the channel. And the plurality of applications includes a thin application and a software-as-a-service (SaaS) application. The application-manager software receives a selection as to an application from the user. If the selection is for the SaaS application, the application-manager software provisions the SaaS application. The provision includes automatically logging the user onto an account with a provider of the SaaS application using a single sign-on and connecting the user to the account so that the user can interact with the SaaS application. If the selection is for the thin application, the application manager software launches the thin application. | 2015-07-09 |
20150195286 | METHODS AND APPARATUS FOR DEVICE INFORMATION SHARING - Systems and techniques for sharing data collected by sensing devices are described. At initial setup of a sensing device, authorizations for access to data collected by the device are defined. Data collected by the device is delivered to a central repository, which allows access to data by users based on authorization information associated with the users. | 2015-07-09 |
20150195287 | MODE-BASED ACCESS CONTROL METHOD AND DEVICE - Provided is a mode-based access control method that includes: making a security mode list which indicates security setting states of devices existing in a home network; setting a specific security mode selected from the modes on the security mode list; and making the devices perform functions thereof in the specific security mode. Also, provided is a mode-based access control device includes: an authentication unit which checks information on a user and authenticates the user; a mode configuration unit which makes a security mode list indicating the security setting state of devices forming a home network; a mode setting unit which sets a specific security mode selected from modes on the security mode list; and an operating unit which causes the devices to perform functions thereof in the specific security mode. | 2015-07-09 |
20150195288 | SYSTEM AND METHOD FOR AUTHORIZING ACCESS TO ACCESS-CONTROLLED ENVIRONMENTS - Systems and methods are provided for authorizing a user to access an access-controlled environment. The system includes a system server platform that communicates with fixed PC's, servers and mobile devices (e.g., smartphones) operated by users. The systems and methods described herein enable a series of operations whereby a user attempting to access an access-controlled environment is prompted to biometrically authenticate using the user's preregistered mobile device. Biometric authentication can include capturing images of the user's biometric features, encoding the features as a biometric identifier, comparing the biometric identifier to a previously generated biometric identifier and determining liveness. In addition, the authentication system can further authorize the user and electronically grant access to the access-controlled environment. In this manner the secure authentication system can, based on biometric authentication, authorize a user's access to devices, online services, physical locations or any networked environment that require user authorization. | 2015-07-09 |
20150195289 | MOBILE HUMAN CHALLENGE-RESPONSE TEST - Methods and systems for verifying whether a submission of a request is likely from a human user or an automated program are described. A request may be received from a user device. A human challenge-response test adapted for displaying on the user device is displayed on the user device. Upon viewing the human challenge-response test, the user enters the user's solution to the human challenge-response test on the user device. A response hash value is created based on the user's solution. The response hash value is sent to a computing device for verification. | 2015-07-09 |
20150195290 | METHOD AND SYSTEM FOR FILTERING COMMUNICATION - An e-mail relay provides message filtering services to an e-mail network. The e-mail relay monitors incoming communication and intercepts e-mail messages. The e-mail relay compares attributes of the messages to data derived from SPAM messages, which are stored in a SPAM database. The e-mail relay restricts the delivery of messages based on the comparison such as by restricting the delivery of messages having attributes close to those of SPAM messages from the SPAM database. The SPAM database is constructed by responding to user or administrator indications as to whether received messages are SPAM messages. | 2015-07-09 |
20150195291 | IDENTIFICATION OF MALWARE SITES USING UNKNOWN URL SITES AND NEWLY REGISTERED DNS ADDRESSES - In some embodiments, identification of malware sites using unknown URL sites and newly registered DNS addresses includes performing a heuristic analysis for information associated with a network site; and assigning a score based on the heuristic analysis, in which the score indicates whether the network site is potentially malicious. In some embodiments, the system includes a security appliance that is in communication with the Internet. In some embodiments, the network site is associated with a network domain and/or a network uniform resource locator (URL). In some embodiments, performing a heuristic analysis for information associated with a network site further includes determining if a network site has recently been registered. In some embodiments, performing a heuristic analysis for information associated with a network site further includes determining if a network site is associated with recently changed DNS information. In some embodiments, performing a heuristic analysis for information associated with a network site further includes determining geographical information as well as an IP network location associated with the network site. | 2015-07-09 |
20150195292 | DATA PROCESSING DEVICE THAT EXECUTES VIRUS COUNTERMEASURE PROCESSING, DATA PROCESSING METHOD, AND RECORDING MEDIUM STORING A DATA PROCESSING PROGRAM - A data processing device, that includes: a first storage device; and a processor configured to execute a procedure. The procedure includes: receiving write data to be written to a second storage device provided at a computer, outputting the write data to the second storage device, and duplicating and outputting the write data; executing control that writes the duplicated write data to the first storage device that is separate from the second storage device; executing virus countermeasure processing related to virus infection, on the write data stored in the first storage device; and in a case where the write data is output while executing the virus countermeasure processing, suspending the virus countermeasure processing and prioritizing execution of the control that writes the duplicated write data to the first storage device. | 2015-07-09 |
20150195293 | SECURITY LEVEL AND STATUS EXCHANGE BETWEEN TCP/UDP CLIENT(S) AND SERVER(S) FOR SECURE TRANSACTIONS - According to one embodiment, a system includes a processor and logic integrated with and/or executable by the processor, the logic being configured to identify a security issue affecting a first peer in one or more secure transmission control protocol/user datagram protocol (TCR/UDP) sessions, inform a second peer about the security issue using the first peer of the one or more TCP/UDP sessions, and perform at least one action in response to identifying and/or being informed about the security issue. In another embodiment, a method for providing a secure TCP/UDP session includes identifying a security issue affecting a first peer in one or more TCP/UDP sessions, informing a second peer about the security issue using the first peer of the one or more TCP/UDP sessions, and performing at least one action in response to identifying and/or being informed about the security issue. | 2015-07-09 |
20150195294 | NETWORK MONITORING APPARATUS AND METHOD - When obtained communication data corresponds to an external communication from the outside of the network to the inside, external communication data is stored. When the obtained communication data corresponds to a service start, external communication data associated with the service start is extracted, and service start data is stored in correlation with the extracted external communication data. When the obtained communication data corresponds to an operation end, operation end data is stored. When the obtained communication data corresponds to a communication from the inside to the outside of the network, operation end data associated with the obtained communication data is extracted. Then, it is determined that a condition is satisfied that external communication data associated with the obtained communication data is stored in correlation with the service start data associated with the extracted operation end data. When the condition is satisfied, an attack for the system is detected. | 2015-07-09 |
20150195295 | Monitoring of Negative Feedback Systems - A computer-implemented method for identifying on-line comments as being legitimate or illegitimate is disclosed. The method includes receiving a comment directed to a piece of on-line content, randomly determining whether to review the comment manually, and providing for review of information regarding the comment by a manual reviewer if a determination is made to manually review the comment. The chance of determining whether to review the comment manually is dependent on outcomes of prior manual reviews of received comments. | 2015-07-09 |
20150195296 | ANOMALY DETECTION IN A COMPUTER NETWORK - In one embodiment, a training request is sent to a plurality of nodes in a network to cause the nodes to generate statistics regarding unicast and broadcast message reception rates associated with the nodes. The statistics are received from the nodes and a statistical model is generated using the received statistics and is configured to detect a network attack by comparing unicast and broadcast message reception statistics. The statistical model is then provided to the nodes and an indication that a network attack was detected by a particular node is received from the particular node. | 2015-07-09 |
20150195297 | GLOBAL AUTOMOTIVE SAFETY SYSTEM - A system for providing security to an in-vehicle communication network, the system comprising: a data monitoring and processing hub; and at least one module configured to monitor messages in communication traffic propagating in a vehicle's in-vehicle network, the network having a bus and at least one node connected to the bus, the module comprising: a communication interface configured to support communication with the hub; a memory having software comprising data characterizing messages that the at least one node transmits and receives during normal operation of the node; at least one communication port via which the module receives and transmits messages configured to be connected to a portion of the in-vehicle network; a processor that processes messages received via the port from the portion of the in-vehicle network responsive to the software in the memory to: identify an anomalous message in the received messages indicative of exposure of the in-vehicle network to damage from a cyber attack; determine an action to be taken by the module that affects the anomalous message; and transmit data responsive to the anomalous message to the hub for processing by the hub via the communication interface. | 2015-07-09 |
20150195298 | Identification of Infected Devices in Broadband Environments - Novel solutions for detecting and/or treating malware on a subscriber's premise network. Such solutions can include, but are not limited to, tools and techniques that can detect, and/or enable the detection of, malware infections on individual subscriber devices within the subscriber's network. In a particular embodiment, for example, a premise gateway, or other device on the subscriber's premise network, is configured to analyze packets traveling through the premise gateway and, based on that analysis, identify one or more subscriber devices that are infected with malware. | 2015-07-09 |
20150195299 | CYBER SECURITY ADAPTIVE ANALYTICS THREAT MONITORING SYSTEM AND METHOD - A system and method of detecting command and control behavior of malware on a client computer is disclosed. One or more DNS messages are monitored from one or more client computers to a DNS server to determine a risk that one or more client computers is communicating with a botnet. Real-time entity profiles are generated for at least one of each of the one or more client computers, DNS domain query names, resolved IP addresses of query domain names, client computer-query domain name pairs, pairs of query domain name and corresponding resolved IP address, or query domain name-IP address cliques based on each of the one or more DNS messages. Using the real-time entity profiles, a risk that any of the one or more client computers is infected by malware that utilizes DNS messages for command and control or illegitimate data transmission purposes is determined. One or more scores are generated representing probabilities that one or more client computers is infected by malware. | 2015-07-09 |
20150195300 | SYSTEM ADMINISTRATOR BEHAVIOR ANALYSIS - A network computer system is protected from malicious attacks by its own system administrators by a large number of addressable and assignable smart-agents that are individually allocated to independently follow and represent those system administrators, the jobs those system administrated are assigned to work on, and the system resource tasks that such system administrators can employ in furtherance of the completion of a particular job. | 2015-07-09 |
20150195301 | CONTEXT-AWARE PROACTIVE THREAT MANAGEMENT SYSTEM - This disclosure is directed to a context-aware proactive threat management system. In general, a device may use internal activity data along with data about external activities (e.g., provided by remote resources) for threat assessment and mitigation. A device may comprise, for example, a hostile environment detection (HED) module to coordinate threat assessment and mitigation. The HED module may accumulate internal activity data (e.g., from security services in the device), and external activity data regarding a system environment and/or a physical environment from the remote resources. The HED module may then assess threats based on the activity data and determine automated and/or manual mitigation operations to respond to the threats. In one embodiment, visualization features may also be used to, for example, visualize threats to a user, visualize automatic/manual mitigation operations, request user confirmation regarding the performance of manual mitigation operations, etc. | 2015-07-09 |
20150195302 | HARDWARE-ASSISTED INTEGRITY MONITOR - A hardware-assisted integrity monitor may include one or more target machines and/or monitor machines. A target machine may include one or more processors, which may include one or more system management modes (SMM). A SMM may include one or more register checking modules, which may be configured to determine one or more current CPU register states. A SMM may include one or more acquiring modules, which may be configured to determine one or more current memory states. A SMM may include one or more network modules, which may be configured to direct one or more communications, for example of one or more current CPU register states and/or current memory states, to a monitor machine. A monitor machine may include one or more network modules and/or analysis modules. An analysis module may be configured to determine memory state differences and/or determine CPU register states differences. | 2015-07-09 |
20150195303 | Preventing application-level denial-of-service in a multi-tenant system - Denial-of-service attacks are prevented or mitigated in a cloud compute environment, such as a multi-tenant, collaborative SaaS system. This is achieved by providing a mechanism by which characterization of “legitimate” behavior is defined for accessor classes, preferably along with actions to be taken in the event an accessor exceeds those limits. A set of accessor “usage profiles” are generated. Typically, a profile comprises information, such as a “request time window,” one or more “constraints,” and one or more “actions.” A request time window defines a time period over which request usage is accumulated and over which constraints are applied. A constraint may be of various types (e.g., number of transactions, defined resource usage limits, etc.) to be applied for the usage monitoring An action defines how the system will respond if a particular constraint is triggered. By applying the constraints to accessor requests, over-utilization of compute resources is enabled. | 2015-07-09 |
20150195304 | PROTECTING ADDRESS RESOLUTION PROTOCOL NEIGHBOR DISCOVERY CACHE AGAINST DENIAL OF SERVICE ATTACKS - In one embodiment, a device (e.g., switch or registry) maintains a binding table for all internet protocol (IP) addresses in a particular subnet associated with the device, and in response to receiving a neighbor solicitation (NS) lookup message from a router for a particular address, determines whether the particular address is within the binding table. When the particular address is not within the binding table, the device causes the router to not store the particular address in a neighbor discovery (ND) cache at the router (e.g., by responding to clear the cache, or ignoring to prevent state from being created). In another embodiment, the ND-requesting router ensures that the particular address is not kept in an ND cache at the router in response to the device indicating that the particular address is not within its binding table (e.g., an explicit response to clear, or absence of instruction to store state). | 2015-07-09 |
20150195305 | SYSTEM AND METHOD FOR PREVENTING WEB CRAWLER ACCESS - Preventing web crawler access includes receiving a request for a webpage that includes web content that is to be protected from a web crawler, encrypting the web content to be protected to generate encrypted content and responding to the request, including sending the encrypted content and a decryption instruction. The decryption instruction is configured to allow a web browser to decrypt the encrypted content. | 2015-07-09 |
20150195306 | COMMUNICATIONS SECURITY SYSTEMS - A method of establishing secure communications between a first computer, eg a client computer, and a second computer, eg a web server, whereby the client computer receives one or more security policies relating to the web server. A client application examines the client computer and preferably configures one or more aspects of the client computer in order to make it comply with the security policies. Once the web server receives the results of this examination and/or configuration process, it can determine whether the secure communications are to be established and whether any restrictions need to be placed on this communication and/or the activity conducted via the communication. | 2015-07-09 |
20150195307 | Techniques of Transforming Policies to Enforce Control in an Information Management System - In an information management system, policies are deployed to targets and targets can evaluate the policies whether they are connected or disconnected to the system. The policies may be transferred to the target, which may be a device or user. Relevant policies may be transferred while not relevant policies are not. The policies may have policy abstractions. | 2015-07-09 |
20150195308 | ASSESSMENT OF NETWORK PERIMETER SECURITY - A method and system for assessing security of a network perimeter of a network. Security of an authentication computer from attack is reviewed. Users outside of the network perimeter that request access to an application within the network perimeter are authenticated. Vulnerability of a gateway computer at the network perimeter from applications outside of the network perimeter is reviewed. The reviewing of vulnerability of the gateway computer includes scanning ports on the gateway computer to determine whether an unauthorized application outside the network perimeter and/or at least one unauthorized service from the unauthorized application is available within the network perimeter via the gateway computer. | 2015-07-09 |
20150195309 | METHOD FOR ADDING CLIENT CAPABILITY DATA TO A SIP MESSAGE - It is presented a server for forwarding one or more Session Initiation Protocol (SIP) messages. The server includes a processor and an instruction memory. The instruction memory stores instructions that, when executed by the processor, causes the server to: receive a WebSocket handshake request from a client device, the WebSocket handshake request includes a SIP service capability indicator for the client device; establish a WebSocket connection; store, in a data memory, service capability data for the client device, the service capability data being based on the SIP service capability indicator; receive a SIP message from the client device; add a header field to the SIP message, the content of the header field being based on the service capability data, resulting in a modified SIP message; and forward the modified SIP message to a SIP application router. Corresponding methods, computer programs and computer program products are also presented. | 2015-07-09 |
20150195310 | COMMUNICATION TRANSACTION CONTINUITY USING MULTIPLE CROSS-MODAL SERVICES - A computer receives a global command from a communication device using a first communication mode associated with a transaction. The computer stores transaction data, wherein the transaction data is stored for at most a duration of a session life span (SLS) time interval that is predefined. The computer sends a transfer session identifier (TSI) key to the communication device using the first communication mode. The computer receives the TSI key from the first communication device or a second communication device, using at least a second communication mode. The computer associates the transaction data with at least the second communication mode and the first communication mode in parallel, and the computer performs the transaction by use of either or both of the first communication mode and at least the second communication mode, within the SLS time interval that is pre-defined. | 2015-07-09 |
20150195311 | Systems and Methods for Providing Access to a Document Associated with a Third Party Software Application Via Interframe Communication - A plurality of inputs associated with a third party software application are received from a plurality of users associated with respective devices, via respective embedded frames displayed on the respective devices. A plurality of visual representations of a document displayed on the respective devices are updated to reflect a plurality of inputs, substantially in real-time. The plurality of inputs may be received substantially simultaneously. | 2015-07-09 |
20150195312 | ALLOWING A USER TO VIEW NETWORK CONTACTS OF OTHER USERS WHEN VISITING AN ENVIRONMENT OF A DIFFERENT ORGANIZATION - A method, system and computer program product for allowing a user to view network contacts of other users when visiting an environment of a different organization. A visitor requests to view a profile of a user while the visitor is visiting the environment or tenant space of a different organization. The organization of the visitor is obtained. Furthermore, the organization and network contacts of the user whose profile is requested to be viewed are obtained in response to validating the visitor's organization. The requested profile is then displayed to the visitor containing the accessible network contacts (if any) of the user based on whether the user and the visitor belong to the same organization. | 2015-07-09 |
20150195313 | OFFLINE CONTENT SHARING - Offline sharing of content is performed. An offline request to share content associated with a content sharing platform to a social networking service is received by a processing device of a user device. The offline request is received while the user device is not connected to a network. A share request is generated for the content in view of the social networking service. The share request for the content is generated while the user device is not connected to the network. Upon determining that a network connection is available, the share request for the content is provided to the social networking service. | 2015-07-09 |
20150195314 | METHOD AND SYSTEM FOR DISTRIBUTED COLLECTION AND DISTRIBUTION OF PHOTOGRAPHS - Methods and systems crowdsourcing collection and distribution of photographs. A network of computing devices communicates with a content storage and client computing devices operated by users. The network includes application instance computing devices that register users, receive photographs from users (after a description of a common theme has been published), and store photographs in the content storage. Identifications of multiple external and independently operated social networks are received for each photograph, and each photograph is posted on the social networks identified for the photograph. After these posts, a new registration request is received from a new user. After the new user is registered, a new photograph is received from the new user and stored in the content storage. The new photograph is associated with new identifications of social networks, and posted on the social networks identified in the new identifications to thereby crowdsource collection of photographs across the social networks. | 2015-07-09 |
20150195315 | METHOD AND SYSTEM FOR DELIVERY OF AUDIO CONTENT FOR USE ON WIRELESS MOBILE DEVICE - A music service application that can be run on a wireless mobile device enables audio data to be progressively downloaded from a remote server and also enables locally stored data to be played efficiently. Audio content that is relevant to a user is identified and downloaded to the user's mobile device, in some cases with minimal or no effort by the user. Continuous play features ensure that the user can experience an uninterrupted music experience, both in online and offline modes. Social features such as playlists and preferences of other users are leveraged, to provide users with popular music that is relevant to their interests. | 2015-07-09 |
20150195316 | REMOTE SUBSCRIPTION MANAGEMENT METHOD AND SYSTEM - A method and system to enable remote management of a media content subscription are described. The method includes receiving, at a local point of presence from a consumer, a request to access media content that is available under a media content subscription. The method further includes capturing, at the local point of presence from a consumer, a request to access media content from the local media content provider and transforming the captured media content into a digital stream that is suitable for streaming over a network. Finally, the method includes streaming the digital stream over the network, via which the consumer, using a computer device, accesses the media content. | 2015-07-09 |
20150195317 | EXCHANGING DATA ASSOCIATED WITH A COMMUNICATION SESSION WITHIN A COMMUNICATIONS SYSTEM - In an embodiment, objects are downloaded to an access terminal (AT) based on which window(s) are prominently displayed on the AT. In another embodiment, objects are downloaded to the AT based on a set of user-specified object download priorities. In another embodiment, a portion of a streaming data session to the AT is de-prioritized in response to a transition of a display of the AT from a first set of windows associated with the streaming data session to a second set of windows associated with a different session. For example, the de-prioritization can result in the portion (e.g., a video-portion of a audio and video conference) being omitted or reduced. In another embodiment, in response to the AT entering a limited environment, objects being downloaded to the AT can be dynamically altered to conform with the AT's limited environment. | 2015-07-09 |
20150195318 | Transmission method for media data stream and thin client - Disclosed are a method for transmitting a media data stream and a thin client, and the method includes: a media channel is established between a first thin client and a second thin client, wherein a first media module is pre-configured in the first thin client and a second media module is pre-configured in the second thin client; and the media data stream is transmitted between the first media module pre-configured in the first thin client and the second media module pre-configured in the second thin client through the media channel. The present disclosure solves problems of network time delay and data distortion caused by a fact in the prior art that media data need to be transmitted between a thin client and a virtual desktop through using a protocol such as RDP so as to implement interaction of data between two thin clients, thus achieving technical effectives of improvement on the data transmission rate and accuracy of data. | 2015-07-09 |
20150195319 | PLAYLIST COMPILATION SYSTEM AND METHOD - A method, computer program product and client electronic device for storing, in a memory of a client electronic device, a location of at least one remote media data file available to stream from a server device. A location of at least one local media data file available on the client electronic device is stored in the memory of the client electronic device. A playlist is compiled that defines the location of the at least one remote media data file and the location of the at least one local media data file. The at least one local media data file and the at least one remote media data file in the playlist are rendered and metadata concerning the at least one local media data file rendered is transmitted to the server device. | 2015-07-09 |
20150195320 | Method, System and Software Product for Improved Online Multimedia File Sharing - The present invention describes methods, systems and software for improved information sharing over a public network, the system including an online application for uploading a compressed audio file (CAF) and a text vector (TV), which are synchronized over time by an internal first clock, a public network for storing the compressed audio file (CAF) and a text vector (TV) and comprising a system clock and a tool for downloading the compressed audio file (CAF) and a text vector (TV) with an internal second clock, wherein the internal first clock and internal second clock are synchronized with the system clock to form a synchronized emulated video. | 2015-07-09 |
20150195321 | PROVIDING CONTROL INFORMATION TO A MULTIMEDIA SERVER - A method may include receiving, at a mobile computing device comprising a processor, input identifying control information to be sent from the mobile computing device to a media server. The method may include determining, at the mobile computing device, whether the computing device is sending a media stream to the media server. In response to determining that the mobile computing device is sending a media stream to the media server, the control information may be sent from the mobile computing device to the media server without interrupting the media stream by embedding the control information in the media stream. | 2015-07-09 |
20150195322 | Media Resource Playback Method and System - A media resource playback method, including aggregating, by an aggregate server, media resource information of media servers in a local area network and sleep state information of a media server in sleep state, and generating a media resource directory according to the media resource information or according to both the media resource information and the sleep state information; receiving a browse or search request sent by a control point, and returning content in the media resource directory to the control point; determining, by the aggregate server according to the sleep state information, that a media server storing a to-be-played media resource is in sleep state; and waking up the media server, so that a media playback device acquires the to-be-played media resource from the media server and plays the to-be-played media resource. | 2015-07-09 |
20150195323 | METHOD AND APPARATUS FOR REPRODUCING CONTENT IN MULTIMEDIA DATA PROVIDING SYSTEM - A content reproducing method is provided for continuously reproducing content being reproduced by a client device in another client device in a multimedia data providing system including a server for providing content and a plurality of client devices for reproducing the content provided by the server. The method includes reproducing, by a first device, multimedia content being streamed by a content server; and transmitting, by the first device, a first request message for continuously reproducing content being reproduced by the first device in another device and an IDentification (ID) of the first device to another device using local area communication in order to continuously reproduce the content being reproduced by the first device in another device. | 2015-07-09 |
20150195324 | NETWORK CAMERA AND NETWORK IMAGE SURVEILLANCE SYSTEM - A network camera and a network image surveillance system including the network camera are provided. The network camera may include: an image and audio encoding unit configured to convert an optical image incident from a lens, compress an audio signal from a microphone in a predetermined format, and generate compressed streaming data by encoding the converted image and the compressed audio signal; a network controlling unit configured to monitor an input and output status of the compressed streaming data, control a configuration of a packet of the compressed streaming data in accordance with a network quality of system (QoS), control synchronizing the compressed streaming data with a video frame, and transmit the synchronized streaming data; and a network routing unit configured to route input and output of the data via at least one network port and implement redundancy by using a Spanning Tree Protocol (STP). | 2015-07-09 |
20150195325 | SYSTEMS AND METHODS FOR ENCODING AND DECODING - Systems and methods for multimedia encoding and decoding are disclosed. The systems and methods include multimedia format detection systems, decoder functionality generation systems, decoder instantiation systems, and multimedia processing engines which are capable of selecting a decoder or playback mechanism for each input encoded multimedia stream. The functionality of the decoder or playback mechanism is represented as syntax elements which may be further encoded. The functionality for decoding or playback is then stored or transmitted with the multimedia bitstream. Alternatively, the functionality and multimedia bitstream can be embedded in or associated with a second digital bitstream. Further, the functionality associated with an encoded multimedia stream can be used to instantiate a decoder or playback mechanism and the encoded multimedia stream decoded with the instantiated decoder or mechanism. | 2015-07-09 |
20150195326 | DETECTING WHETHER HEADER COMPRESSION IS BEING USED FOR A FIRST STREAM BASED UPON A DELAY DISPARITY BETWEEN THE FIRST STREAM AND A SECOND STREAM - In an embodiment, a target device (e.g., a server or a target client device) receives a first stream (e.g., an RTP stream) and a second stream (e.g., a probing stream) for a given communication session that originates from an application-layer client application on a source client device. The target device calculates delays of arrival times for packet payload portions in the first and second streams, and reports information indicative of a delay disparity between the first and second delays to the application-layer client application on the source client device. The application-layer client application on the source client device determines whether header compression of a given type is used for the first stream based on the received information, and selectively modifies one or more parameters (e.g., a bundling factor, etc.) of the first stream based on the determination. | 2015-07-09 |
20150195327 | METHOD AND APPARATUS FOR STREAMING DASH CONTENT OVER BROADCAST CHANNELS - A user equipment is provided for providing content. The user equipment comprising at least one memory and at least one processing device. The at least one process is configured to receive a data stream over a network, the data stream comprising un-segmented media data for the content. The at least one process is also configured to identify segment boundaries in the un-segmented media data to identify segments and determine a segment number for each of the identified segments from a media presentation description (MPD) based on the segment boundaries. The at least one process is also configured to retrieve a uniform resource locator (URL) associated with each of a plurality of dynamic adaptive streaming over hypertext transfer protocol (DASH) segments based on the segment number for each of the plurality of DASH segments and provide the URL associated with each of the plurality of DASH segments to a client player. | 2015-07-09 |
20150195328 | CLIENT/SERVER SIGNALING COMMANDS FOR DASH - Technology to provide improved quality-of-experience-aware multimedia streaming is disclosed. Several types of communications that can be made between clients and servers are described. These communications enable improvements to current approaches that are used to achieve hyper-text transfer protocol (HTTP) adaptive streaming. These messages can be used in conjunction with computer circuitry configured to: determine a bandwidth available to the server for transmitting HTTP adaptive streaming content to a plurality of clients; receive HTTP requests from the plurality of clients for representations offered by the server in a manifest file for the HTTP adaptive streaming; and calculate an availability of each representation that is offered in the manifest file for the server. The availability can be calculated, at least in part, based on the determined bandwidth. The availability of each representation can be communicated from the server to the plurality of clients. | 2015-07-09 |
20150195329 | ACCESS TO NETWORK CONTENT - A method and system for improving access to search results are provided in the disclosure herein. Aspects of this disclosure minimize the delay in accessing network content by priming certain regularly viewed content (e.g., a web search home page or a search results page) in an invisible browser instance. As the user accesses the content prerendered in the invisible browser instance, a new instance of the prerendered content is created to facilitate future accesses to the network content (e.g., future search queries). | 2015-07-09 |
20150195330 | PERMISSION-BASED SNAPSHOTS FOR DOCUMENTS SHARED ON A SOCIAL MEDIA SERVICE - A method of storing a preview image of a document shared over a social media service includes receiving at a server a first notification that a document stored on the server is being shared on a post by a first user on the social media service, where the first notification includes information identifying the first user. The method further includes generating a thumbnail image from the document, where the thumbnail image is stored in the document metadata and is a representative image of a first version of the document at the time the user shares the document, associating the thumbnail image with a URL, where the URL has an access control list that includes the first user, and sending the URL from the server to the social media service. | 2015-07-09 |
20150195331 | Method and Apparatus for Redirection of Server External Hyper-Link References - A message is provided to a tracking server system in response to a client system referencing a predetermined resource locator that corresponds to a resource external to the tracking server system. The tracking server system indirectly provides for the client system to have an informational element selectable by the client system, where the informational element is graphically identified on the client system with informational content obtainable from a content server system through use of a content resource locator. The informational element includes a tracking resource locator, referencing the tracking server system, and data identifying the informational element. The selection of the informational element causes the client system to use the tracking resource locator to provide the data to the tracking server system and to use the content resource locator to obtain the informational content from the content server system. | 2015-07-09 |