31st week of 2015 patent applcation highlights part 68 |
Patent application number | Title | Published |
20150215283 | BI-DIRECTIONAL DATA SECURITY FOR SUPERVISOR CONTROL AND DATA ACQUISITION NETWORKS - A cyber-security system, including a device and associated method, provides secure communications bi-directionally between an external network and an internal network, including a supervisor control and data acquisition (SCADA) device. The device includes a processor in data communication with the external and internal networks that is programmed with a rule-set establishing validation criteria configured to validate data received from the external and internal networks. The processor is operable in an operational mode to pass between the external and internal networks only data that are compliant with the validation criteria. The processor may be configured to save certain validated data indicating a system state that can inform the application of the rule-set to data. The processor is re-programmable with a new rule-set only in a programming mode. The device includes a switch that is manually operable to switch the processor from the operational mode to the programming mode. | 2015-07-30 |
20150215284 | SYSTEMS AND METHODS FOR DELIVERING MESSAGES OVER A NETWORK - Systems and methods are described for delivering messages from one or more service hosts to clients via a network. A first request identifying the client is received at the message server, and a connection is established and maintained between the message server and the client in response to the first request. When a subsequent request that identifies the client is received from the service host, a message is transmitted from the message server to the client over the previously-established connection. The methods and techniques may be used, for example, to provide messages from various services to placeshifting devices or other clients communicating via the network. | 2015-07-30 |
20150215285 | NETWORK TRAFFIC PROCESSING SYSTEM - A system for processing network traffic includes a hardware-accelerated inspection unit to process network traffic in hardware-accelerated inspection mode, and a software inspection unit to process the network traffic in software inspection mode. The software inspection unit processes a connection in in the software inspection mode at least for a consecutive predetermined number of bytes of the connection. The connection may be transitioned to the hardware-accelerated inspection mode if the connection is determined to be clean. | 2015-07-30 |
20150215286 | SELECTIVELY PERFORMING MAN IN THE MIDDLE DECRYPTION - An agent on a device within a network receives a request to access a resource outside the network. A first encrypted connection is established between the device and the agent, and a second encrypted connection is established between the agent and the resource, to facilitate encrypted communication traffic between the device and the resource. The agent sends a policy request to a network appliance within the network, the request specifying the resource. The agent receives a policy response indicating that the resource is associated with one or more security policies of the network. Traffic passing between the device and the resource is selectively decrypted and inspected depending on the security policies. | 2015-07-30 |
20150215287 | SECURE NETWORK PRIVACY SYSTEM - The invention provides a method and system of receiving communications from a network device in a network to a source of network data and establishing a secure and/or authenticated network connection between the network device and the source that appears to the network device as a direct connection to the source of network data. Broadly conceptualized, the method and system may also include a parsing module that modifies the network data passing back and forth between the network device and the source of network data. | 2015-07-30 |
20150215288 | DECENTRALIZED PEER-BASED INDIRECT AUTHENTICATION METHOD FOR PERSONAL ONLINE SOCIAL NETWORKING PROFILES - The invention here is a website addressing false profiles confronting online personal social networking systems via an indirect authentication system that relies on existing, scrutinized profiles which in turn acknowledge the authentication of a remote profile under scrutiny. The user's intimate knowledge of their social network enhances effectiveness. System allows registrants to create a profile and obtain a social identity code as a public identifier. The system integrates a virtual wallet to synthesize their online profiles and registrant controls access to it. The user may offer those profiles to be acknowledged by their connections. Once acknowledged, a hyperlink to the acknowledger's profile is created for cross referencing. The system offers an “authenticity index” for users to base their own verification needs. The scrutinizing party can thus make their own “gut-check” determination of the profile. Registrants can then create secure communities for exclusive networking. | 2015-07-30 |
20150215289 | METHOD FOR HIDING SERVER ADDRESS - Provided is a method for hiding a server address including: requesting, by a client, communication with a server to a contact point through a first network path; requesting, by the contact point, communication with the client to the server; and communicating, by the server and the client, with each other through a second network path by encrypting a server address. | 2015-07-30 |
20150215290 | ENHANCING PRIVACY BY OBSCURING TRAVERSAL USING RELAYS AROUND NETWORK ADDRESS TRANSLATOR (TURN) CONNECTIONS, AND RELATED METHODS, SYSTEMS, AND COMPUTER-READABLE MEDIA - Enhancing privacy by obscuring Traversal Using Relays around Network Address Translator (TURN) connections, and related methods, systems, and computer-readable media are disclosed herein. In one embodiment, a method comprises obtaining, by a TURN client, one or more candidate addresses comprising a TURN relayed transport address of a TURN server. The method further comprises generating a camouflaged candidate list, based on the candidate addresses, in which the TURN relayed transport address is obscured; generating a connection setup message comprising the camouflaged candidate list; and sending the connection setup message to a TURN peer executing on a computing device. In another embodiment, a method comprises receiving, by a TURN server, a request for a provision of a first TURN service from a TURN client to connect to a TURN peer. The method further comprises masking a presence of the TURN server to the TURN peer, and relaying communications based on the masking. | 2015-07-30 |
20150215291 | SECURE DECENTRALIZED CONTENT MANAGEMENT PLATFORM AND TRANSPARENT GATEWAY - An apparatus and method for private, peer-to-peer, and end-to-end content delivery, management, and access is disclosed. Content examples may include encrypted email, Instant Messaging (IM), and Voice over Internet Protocol (VoIP) communications. The disclosed apparatus, hereafter referred to as Personal Portable Device, is a small device that is owned by the service's subscribers. A Personal Portable Device is connected to its owner's home Internet router via Ethernet cable (or Wi-Fi). Then, the Internet router is configured to forward ports on the Personal Portable Device to allow incoming requests. In one embodiment, two (or more) owners of the Personal Portable Devices communicate securely over the Internet. Each device acts as a standalone web server with email, IM, and VoIP servers. Portable Personal Devices communicate with each other over the Internet in peer-to-peer fashion, and automatically handle the generation and exchange of encryption/decryption keys. | 2015-07-30 |
20150215292 | SYSTEM AND METHOD OF AUTOMATIC PAIRING AND PEER SELECTION WITH VISUAL CONFIRMATION - The technology disclosed relates to secure exchange of private data between mobile devices. Pairwise cryptographic connections are automatically established between a first and other mobile devices. Independently generated distinctive visual traits are generated that allow a user to verify which two devices will exchange information, upon acceptance of a match between respective visual traits. | 2015-07-30 |
20150215293 | Secure Application Processing Systems and Methods - Systems and methods are described for securely and efficiently processing electronic content. In one embodiment, a first application running on a first computing system establishes a secure channel with a second computing system, the secure channel being secured by one or more cryptographic session keys. The first application obtains a license from the second computing system via the secure channel, the license being encrypted using at least one of the one or more cryptographic session keys, the license comprising a content decryption key, the content decryption key being further encrypted using at least one of the one or more cryptographic session keys or one or more keys derived therefrom. The first application invokes a second application to decrypt the license using at least one of the one or more cryptographic session keys, and further invokes the second application to decrypt the content decryption key using at least one of the one or more cryptographic session keys or one or more keys derived therefrom, and to decrypt a piece of content using the content decryption key. The first application then provides access to the decrypted piece of content in accordance with the license. | 2015-07-30 |
20150215294 | DIFFERENTIAL CLIENT-SIDE ENCRYPTION OF INFORMATION ORIGINATING FROM A CLIENT - A method may include allocating a number of public keys, where each respective public key is allocated to a respective entity of a number of entities; storing a number of private keys, where each respective private corresponds to a respective public key; storing one or more decryption algorithms, where each respective decryption algorithm is configured to decrypt data previously encrypted using at least one encryption algorithm of the encryption algorithms. Each respective encryption algorithm may be configured to encrypt data using at least one public key. Each respective decryption algorithm may be configured to decrypt data using at least one private key. The method may include receiving encrypted data, where the encrypted data is encrypted using a first public key and a first encryption algorithm, and the encrypted data is provided over a network. | 2015-07-30 |
20150215295 | SHARED SECRET ARRANGEMENTS AND OPTICAL DATA TRANSFER - Digital data is optically broadcast through an environment by controllably switching the brightness or chrominance of LED solid state lamps, or of other illumination sources (e.g., television screens and backlit computer displays). This optical data channel is useful to convey cryptographic key data by which devices within the environment can authenticate themselves to a secure network. In some embodiments, the optical modulation is sensed by the camera of a smartphone. The row data output by the smartphone's camera sensor is processed to extract the modulated data signal. In some monochrome embodiments, data communication speeds far in excess of the camera's frame rate (e.g., 30/second), or even the camera's row rate (e.g., 14,400/second) are achieved. Still greater rates can be achieved by conveying different data in different chrominance channels. A great number of other features and arrangements are also detailed. | 2015-07-30 |
20150215296 | SELECTIVELY PERFORMING MAN IN THE MIDDLE DECRYPTION - A HTTP request addressed to a first resource on a second device outside the network is received from a first device within the network. The HTTP request is redirected to a third device within the network. A first encrypted connection is established between the first device and the third device, and a second encrypted connection between the third device and the second device. The third device retrieves the first resource from the second device. The first resource is modified to change pointers within the first resource to point to location in a domain associated with the third device within the network. The third device serves, to the first device, the second resource. | 2015-07-30 |
20150215297 | DEVICES, SYSTEMS, AND METHODS FOR DEVICE PROVISIONING - Systems, devices, and methods for provisioning a device receive authentication information from a user interface; send the authentication information to an identity provider device; receive a token at the registration device from the identify provider device; send the token, device information of a new device, and a provisioning request from the registration device to a provisioning service; receive an activation code at a user interface of the new device; send the activation code and the token from the new device to the provisioning device; and receive a key from the provisioning device, the key being associated with the device identifier of the new device. | 2015-07-30 |
20150215298 | CHANGING GROUP MEMBER REACHABILITY INFORMATION - In an embodiment, a method comprises obtaining a second network address at a computer node, which has been already associated with a first network address and provided first keying information; sending, to a key server computer, an update message that comprises both the first network address and the second network address; using the first keying information to encrypt messages that the computer node sends from the second network address to one or more other members of a group. | 2015-07-30 |
20150215299 | PROXIMITY-BASED AUTHENTICATION - A first device requests a protected resource (managed by a second device). A first authentication is performed by the second device upon receipt of the request. The second device provides an audio message back to the first device, which plays the audio message over a speaker. A third device captures the audio message as audio and uses the audio message to request a second authentication from the second device. The second device provides an authenticated session handle back to the first device for accessing the protected resource when both the first and second authentications are successful. | 2015-07-30 |
20150215300 | APPARATUS AND METHOD FOR ESTABLISHING SECURE COMMUNICATION WITH REDUNDANT DEVICE AFTER SWITCHOVER - A method includes transitioning a device in an industrial process control and automation system from a secondary role to a primary role during a switchover and, in response to the switchover, clearing one or more security values stored by the device. The method also includes receiving a message at the device from a network node and, in response to determining that no security association is associated with the received message or the network node, exchanging security credentials and establishing a trust relationship with the network node. Transitioning the device includes assuming a network address of another device that previously operated in the primary role, that previously communicated with the network node, and that previously had a security association with the network node. Clearing the security value(s) can prevent the device from having the trust relationship associated with the network node when the device receives the message from the network node. | 2015-07-30 |
20150215301 | Authentication of a First Device by a Switching Center - A method, a first device, and a switching center are described. A first device is authenticated by a switching center inside a network taking into account the use of additional (e.g., virtual) network interfaces. A device uses certificates to transfer additional MAC addresses for authentication. As a result, a device having a plurality of MAC addresses gains access to a network from a plurality of MAC addresses in a one-off authentication process. | 2015-07-30 |
20150215302 | RICH CONTENT SCANNING FOR NON-SERVICE ACCOUNTS FOR EMAIL DELIVERY - Various embodiments are generally directed to techniques and apparatuses to facilitate message communication between registered entities of an email system and other non-registered entities. In one embodiment, a transport component executes on a logic circuit to receive a request to perform a function on an encrypted message. Information embedded in the request is identified to determine if the original request was sent by a registered entity. The embedded information is authenticated with information contained in an authentication information store associated with the original request and if the information is authenticated, the requested function is executed. In addition, if the requested function by the non-registered entity is to send an email message, rich scanning is performed on the email message to ensure the safety thereof. | 2015-07-30 |
20150215303 | SYSTEM AND METHOD FOR PROVIDING PROACTIVE VPN ESTABLISHMENT - A system and method which includes monitoring an existing first connection to a secured network domain. A first network configuration is employed to access the secured network domain via the first connection. An available second connection to the network domain is detected, whereby the system and method automatically switch to the second connection to access the secured network domain upon detecting a termination with the first connection. Access to the secured network domain, via the second connection, is established by employing a second network configuration. In an aspect, the first connection is by cable and the first network configuration is associated with direct access to the secured network domain. In an aspect, the second connection is a wired or wireless signal and the second network configuration is associated with a Virtual Private Network (VPN) connection. | 2015-07-30 |
20150215304 | CLIENT AUTHENTICATION USING SOCIAL RELATIONSHIP DATA - A method and an apparatus for client authentication. The server receives from a client a request for identity authentication corresponding to a user account. A social relationship similarity is computed as a result of matching social relationship data of the client and the stored social relationship data of the user account. If the similarity meets a preset passing condition, the client is allowed to pass the identity authentication. | 2015-07-30 |
20150215305 | SYSTEMS AND METHODS FOR POPULATING ONLINE APPLICATIONS USING THIRD PARTY PLATFORMS - A system and method includes a database that stores a web-based form that includes a link to allow an applicant to select a third party to provide data to populate a plurality of fields of the web-based form, a communication interface that transmits the web-based form to a mobile device of a user and receive a selection of the third party to provide data to populate the plurality of fields of the web-based form and an application server, that, in conjunction with the communication interface, in response to the selection, transmits a third-party application programming interface (API) call to the at least one selected third party; transmits data indicative of an authentication request associated with the selected third party; and receives a security token in response to a validated authentication request, the security token enabling communication between application server and the third party system via the third party API, wherein the enabled communications is based on a set of permissions, each permission associated with a specific data field in the web-based form. | 2015-07-30 |
20150215306 | INFORMATION PROCESSING APPARATUS, INFORMATION PROCESSING METHOD, AND COMPUTER-READABLE RECORDING MEDIUM - An information processing apparatus according to the present invention is arranged in a client terminal connected to a server storing data via a network, wherein the information processing apparatus receives requests from one or a plurality of applications in the client terminal and controls transmission and reception of information to/from the server. The information processing apparatus includes an authentication information storage unit for storing authentication information of a user for accessing the server, and a request transmission unit for attaching the authentication information of the user of the client terminal to a request based on the request given by the application of the client terminal, and transmits the request to the server. | 2015-07-30 |
20150215307 | SECURE PUSH AND STATUS COMMUNICATION BETWEEN CLIENT AND SERVER - Systems and methods of authentication and authorization between a client, a server, and a gateway to facilitate communicating a message between a client and a server through a gateway. The client has a trusted relationship with each of the gateway and the server. A method includes registering the client with the gateway. The client also constructs the address space identifying the gateway and the client. The client communicates the address space to the server. The client receives an identity identifying the server. If the client authorizes to receive a message from the server through the gateway, the client informs the authorization to the gateway. The client puts the identity identifying the server on a list of servers which are authorized to send messages to the client. In addition, the client communicates the list of servers to the gateway. | 2015-07-30 |
20150215308 | SECURE COMMUNICATION BETWEEN PROCESSES IN CLOUD - Secure communication between processes in cloud platform may be performed by receiving a request from a client application process hosted in an application virtual machine at a load balancer. A first secure communication channel is established between the client application process and the load balancer. The first secure communication channel is encrypted with the client certificate. The first secure communication channel is terminated at the load balancer. A service process in a service virtual machine is identified based on the request received from the client application process. A new request is sent to the service virtual machine to establish a second secure communication channel between the load balancer and the service virtual machine. The load balancer certificate signed by the internal certificate authority is validated at the service virtual machine. Upon successful validation of the load balancer certificate, the second secure communication channel is accepted at the service virtual machine. | 2015-07-30 |
20150215309 | Secure Cryptoprocessor for Authorizing Connected Device Requests - A computing device described herein utilizes a secure cryptoprocessor of the computing device to compute a response to a request for authorization received from another local or remote device. The secure cryptoprocessor computes the response based on protected authorization credentials stored by the secure cryptoprocessor for one or more devices. The computing device then provides the computed response to the other device to cause the other device to grant or deny authorization. The computing device may also display information associated with the request for authorization, receive input indicating approval of the request, and utilize the secure cryptoprocessor in response to the received input. | 2015-07-30 |
20150215310 | SYSTEM AND METHOD FOR CROSS-CHANNEL AUTHENTICATION - A system may include a memory and processor. The memory may store a user account identifier associated with a user account. The processor may be able to receive at least one user credential and authenticate the user account based at least in part on the at least one user credential. The processor may also receive a first request, from a device associated with the user account, to generate a one-time password and generate the one-time password in response to receiving the first request. The processor may associate the one-time password to the user account and communicate the one-time password to the device associated with the user account. The processor is further able to receive a second request, from a transaction device, the second request comprising an attempted one-time password, determine whether the attempted one-time password is valid and communicate, to the transaction device, an indication that the attempted one-time password is valid in response to determining that the attempted one-time password is valid. | 2015-07-30 |
20150215311 | METHOD FOR CLONING A SECURE ELEMENT - The invention proposes a method for cloning a first secure element from a backup secure element of a user, said backup secure element comprising at least credentials of said user. The method comprises a preliminary phase of checking the authenticity of the first secure element using a second secure element, said second secure element being able to be paired with a third secure element. | 2015-07-30 |
20150215312 | SYSTEM AND METHOD FOR SECURE SINGLE OR MULTI-FACTOR AUTHENTICATION - The present invention utilizes token-based authentication to verify the identity of a user computer. A host server computer transmits a main challenge via light code to an ancillary computer or software program having access to the token. The token translates the main challenge and provides a counterchallenge response back to the host computer over a back channel, distinct from the channel over which the main challenge arrived. | 2015-07-30 |
20150215313 | AUTHENTICATION SYSTEM AND METHOD - A security protocol for use by computing devices communicating over an unsecured network is described. The security protocol makes use of secure data provided to a peripheral memory device from a server via a secure connection. When the peripheral memory device is coupled to a computing device that attempts to establish a secure connection to the server, the secure data is used to verify that the server is authentic. Similarly, the secure data assists the server in verifying that the request to access the server is not being made by a malicious third party. | 2015-07-30 |
20150215314 | METHODS FOR FACILITATING IMPROVED USER AUTHENTICATION USING PERSISTENT DATA AND DEVICES THEREOF - A method, non-transitory computer readable medium, and access policy management computing device that obtains a first set of attributes based on a login request received from a client device. The first set of attributes includes at least credentials for a user of the client device. A persistent data store record for the user is identified and a second set of attributes associated with the user, and included in the persistent data store record, is imported into a session cache record for the user. A fingerprint including the second set of attributes is compared to the first set of attributes. A multifactor or single factor authentication is initiated based on a result of the comparison to determine when the credentials for the user are valid. A session for the user is established and access by the user to network resource(s) is allowed, when the credentials for the user are valid. | 2015-07-30 |
20150215315 | DISCOVERING AND DISAMBIGUATING IDENTITY PROVIDERS - Systems, methods, and computer-readable storage media are provided for discovering and disambiguating identity providers such that user knowledge of appropriate identity providers is minimized. Users are presented with options for selecting appropriate providers only when multiple providers have user profiles matching a user identifier. When users are presented with options for selecting appropriate providers, providers that have user profiles matching the identifier are identified utilizing identity information for the application that utilizes the identity provider for its users rather than information identifying the identity provider itself. Where it is determined that no identity provider has a user profile associated with the user identifier (or where it is determined that a particular identity provider would generally be appropriate to be utilized with the user identifier), the opportunity for users to create an authentication account with one or more identity providers or to retry with a different user identifier is provided. | 2015-07-30 |
20150215316 | Authentication Techniques Utilizing a Computing Device - A pre-registration procedure is utilized to create a user profile for a user of a multi-factor authentication (“MFA”) service. A client application installation procedure is utilized to install a client application on a computing device that is to be utilized as an authentication factor for the MFA service. A computing device enrollment procedure is utilized to enroll the computing device on which the client application was installed for the MFA service. A voice enrollment procedure is utilized to create a voice print for the user of the computing device that is to be utilized as an authentication factor for the MFA service. An authentication procedure is utilized to provide multi-factor authenticated access to a service, such as an online service that provides access to sensitive account information. | 2015-07-30 |
20150215317 | METHOD AND APPARATUS FOR PROVIDING VALUE-BASED RESOURCE MANAGEMENT AND ADMISSION CONTROL - An approach for providing value-based resource management and admission control is described. A value-based platform may receive a request from a user or a service provider to access an asset, a service, or a combination thereof. The value-based platform may further apply a policy rule to account information associated with the user to determine a user value score. The value-based platform may also generate prioritization information for admitting the user to the asset, the service, or a combination thereof based on the user value score. | 2015-07-30 |
20150215318 | CASE MANAGEMENT SYSTEM - A case management system includes a first application server | 2015-07-30 |
20150215319 | AUTHENTICATION SEQUENCING BASED ON NORMALIZED LEVELS OF ASSURANCE OF IDENTITY SERVICES - An authentication sequencing and normalization module may receive a first authentication associated with a user and assign a level of assurance value to the user based on the first authentication from a first identity service of a specific type. If the user is associated with a second authentication, based on a second identity service of an alternate type, then the level of assurance value assigned to the user may be incremented. Furthermore, access to an application by the user may be allowed if the incremented level of assurance value assigned to the user meets or exceeds a second level of assurance value of a policy assigned to the application. Different users may be authenticated in the authentication sequencing and normalization module by disparate identity services. | 2015-07-30 |
20150215320 | METHOD FOR ESTABLISHING AN AUTHORIZED COMMUNICATION BETWEEN A PHYSICAL OBJECT AND A COMMUNICATION DEVICE ENABLING A WRITE ACCESS - A method for establishing an authorized communication between a physical object ( | 2015-07-30 |
20150215321 | Authorising A User By Means of a Portable Communications Terminal - A method and system for authorizing a user at a field device by a portable communications device. A first information is acquired by the portable communications device for identifying the field device. The portable communications device sends to a system the first information and a second information for identifying at least one of (i) the portable communications device, and (ii) the user thereof. The system determines a first piece of access information on the basis of the first information and the second information, and sends the first piece of access information to the portable communications device. The portable communications device transmits the second information and the first piece of access information to the field device. The field device determines a second piece of access information on the basis of the second information, and compares the first piece of access information with the second piece of access information. Access to the field device is allowed upon determining that the first piece of access information and the second piece of access information match. | 2015-07-30 |
20150215322 | METHOD AND APPARATUS FOR MAKING A DECISION ON A CARD - Method and devices for making access decisions in a secure access network are provided. The access decisions are made by a portable credential using data and algorithms stored on the credential. Since access decisions are made by the portable credential non-networked hosts or local hosts can be employed that do not necessarily need to be connected to a central access controller or database thereby reducing the cost of building and maintaining the secure access network. | 2015-07-30 |
20150215323 | METHOD AND APPARATUS FOR PROVIDING REACTIVE AUTHORIZATION - An approach is provided for providing reactive authorization for accessing a semantic network resource. An access application of a resource owner entity detects an authorization proxy entity acting between at least a semantic network resource and a requesting entity that requests access to the semantic network resource. The access application determines to cause, at least in part, actions that result in transmission of a query for whether to accept the requesting entity to an owner entity of the semantic network resource. | 2015-07-30 |
20150215324 | MANAGING COMMUNICATIONS FOR A GROUP OF USERS - Managing communications for a group of users includes with a managing system registering at least two users to create a group of users allowed to establish communications within the group of users, associating at least one communication device to each user in the group of users to allow the communications to be exchanged within the group of users, and managing the communications for the group of users based on eligibility criteria. | 2015-07-30 |
20150215325 | Systems and Methods for Continuous Active Data Security - Systems and methods are provided for active continuous data security. An active receiver module, an active marker module, an active transmitter module and an active profiler module work together to monitor data requests, detect suspicious activity and characteristics, and responds to hinder the suspicious activity. A method includes: obtaining a request for data; obtaining a characteristic associated with the request for data; comparing the characteristic with a database of known patterns and characteristics to determine if the request is suspicious; storing the request and the characteristic in the database for future comparison; and initiating a response to hinder the request for the data when the request is determined to be suspicious. Markers embedded in data are used to track the data, including data that is exposed to a security risk. Pattern detection is used to uncover suspicious activity and the systems are able self-learn as more data is provided. | 2015-07-30 |
20150215326 | SYSTEM AND METHOD FOR ANALYZING WEB CONTENT - A system and computer based method are provided for identifying active content in websites on a network. In one aspects, a method for classifying web content includes determining a first property associated with static content of a web page, determining a second property associated with the content of the web page based at least in part on active content associated with the web page, evaluating a logical expression relating the first property and the second property, at least in part by evaluating whether a constant value matches at least a portion of the content of the web page, associating the web page with a category based on a result of the evaluation, and determining whether to allow network access to the web page based on the category. | 2015-07-30 |
20150215327 | METHOD AND SYSTEM FOR EXTRUSION AND INTRUSION DETECTION IN A CLOUD COMPUTING ENVIRONMENT USING NETWORK COMMUNICATIONS DEVICES - An analysis trigger monitoring system is provided in a network communications device associated with a cloud computing environment. One or more analysis trigger parameters are defined and analysis trigger data representing the analysis trigger parameters is generated. The analysis trigger data is then provided to the analysis trigger monitoring system and the analysis trigger monitoring system is used to monitor at least a portion of the message traffic sent to, or sent from, virtual assets in the cloud computing environment and relayed by the network communications device through a network communication channel to detect any message including one or more of the one or more analysis trigger parameters. A copy of at least a portion of any detected message including one or more of the one or more analysis trigger parameters is then transferred to one or more analysis systems for further analysis using a second communication channel that is separate from the network communication channel. | 2015-07-30 |
20150215328 | Methods and Devices for Defending a 3G Wireless Network Against Malicious Attacks - Wireless state information collected or inferred from a 3G wireless network is used to detect and prevent malicious attacks against the network. | 2015-07-30 |
20150215329 | Pattern Consolidation To Identify Malicious Activity - A process includes analyzing events reported by computing devices on a network to recognize patterns of events that occurred on the network and sharing with a community, information concerning the patterns detected. The process may also use consolidated information on the patterns to select one or more of the patterns for analysis that identifies whether the selected patterns result from malicious activity. The consolidated information includes information on the patterns detected on the network and information concerning corresponding patterns of events that occurred elsewhere. | 2015-07-30 |
20150215330 | METHODS AND SYSTEMS OF CONTROLLING DISTRIBUTION OF PERSONAL DATA OVER NETWORK(S) - A method of blocking or editing network traffic events on a client terminal. The method monitoring, in run time, a plurality of network traffic events triggered by a plurality of applications executed on a client terminal for transmitting data via a cellular network, analyzing the plurality of network traffic events to identify thereamong at least one advertisement network traffic event for transferring personal data which describe at least one characteristic of a user associated with the client terminal over a network, and performing at least one of blocking and editing the at least one advertisement network traffic event to prevent transmitting of the personal data via the cellular network. | 2015-07-30 |
20150215331 | DETECTING NETWORK ATTACKS - This disclosure generally relates to the generation of a packet signature for packets determined to correspond to a network attack, such as a denial of service (“DoS”) attack. Specifically, a set of data packets captured during normal system operations can be analyzed to determine a set of baseline attributes. Additional packets captured during an attack can be compared to the baseline attributes, to determine, for individual packets, a probability that the packet forms a part of the attack. A packet signature can then be generated to identify attributes that are characteristic of the attack. That signature can then be used to filter out packets and mitigate the attack. | 2015-07-30 |
20150215332 | CLOUD SERVICE USAGE RISK ASSESSMENT USING DARKNET INTELLIGENCE - A method of assessing a risk level of an enterprise using cloud-based services from one or more cloud service providers includes assessing provider risk scores associated with the one or more cloud service providers and in view of darknet intelligence data; assessing cloud service usage behavior and pattern of the enterprise; and generating a risk score for the enterprise based on the provider risk scores and on the cloud service usage behavior and pattern of the enterprise. The risk score is indicative of the risk of the enterprise relating to the use of the cloud-based services from the one or more cloud service providers. | 2015-07-30 |
20150215333 | NETWORK FILTERING APPARATUS AND FILTERING METHOD - An apparatus filters data received through a network and outputs the filtered data to a protection target device. The apparatus includes a processor to execute a process including: comparing the received data with a predetermined pattern and outputting a result of comparison, the predetermined pattern being one of a plurality of patterns that are given to a test device configured to estimate a behavior of the protection target device, the target device exhibiting a predetermined behavior to the predetermined pattern; and intercepting the received data when the result of comparison is a positive result that indicates intercepting the data. | 2015-07-30 |
20150215334 | SYSTEMS AND METHODS FOR GENERATING NETWORK THREAT INTELLIGENCE - Implementations described and claimed herein provide systems and methods for generating threat intelligence based on network security data. In one implementation, a network traffic dataset representative of network traffic for an Internet Protocol address across one or more ports of a primary network is obtained. A content distribution network log associated with a content distribution network is obtained. The content distribution network log includes a history of content requests by the Internet Protocol address. The network traffic dataset is correlated with the content distribution network log based on the Internet Protocol address to obtain network security data. One or more threat attributes representative of malicious activity are identified from the network security data. The one or more threat attributes are weighted. Network threat intelligence is generated based on the weighted threat attributes using a processing cluster. | 2015-07-30 |
20150215335 | DETECTING AND PREVENTING EXECUTION OF SOFTWARE EXPLOITS - In non-limiting examples, anti-exploit systems and methods described herein monitor a memory space of a process for execution of functions. Stack walk processing is executed upon invocation of one of the functions in the monitored memory space. During execution of the stack walk processing, at least one memory check is performed to detect suspicious behavior. An alert of suspicious behavior is triggered when the performing of the memory check detects at least one of: code execution attempted from non-executable memory, identification of an invalid base pointer, identification of an invalid stack return address, attempted execution of a return-oriented programming technique, the base pointer is outside a current thread stack, and a return address is detected as being inside a virtual memory area. If an alert of suspicious behavior is triggered, execution of a payload is prevented for the invoked function. | 2015-07-30 |
20150215336 | METHOD AND SYSTEM FOR PROTECTING AGAINST UNKNOWN MALICIOUS ACTIVITIES BY DETECTING A HEAP SPRAY ATTACK ON AN ELECTRONIC DEVICE - A method and system for protecting against unknown malicious activities by detecting a heap spray attack on a electronic device are disclosed. A script is received at an electronic device from a remote device via a network and a loop operation is detected in the script that contains a write operation operable to write data to a memory of the electronic device. The amount of the data operable to be written to the memory by the write operation is determined and the data is prevented from being written to the memory if the amount of the data is greater than or equal to a threshold. | 2015-07-30 |
20150215337 | ANTI-TAKEOVER SYSTEMS AND METHODS FOR NETWORK ATTACHED PERIPHERALS - Methods, systems, and devices are described for the prevention of network peripheral takeover activity. Peripheral devices may implement an anti-takeover mechanism limiting the number of available device command classes when certain handshake and verification requirements are not met. Anti-takeover peripheral devices with protection enabled may be relocated within a controller network, or in certain cases, from one controller network to another controller network when certain conditions are met. That same device may be hobbled when removed from a controller network and may remain hobbled when connected to another network that fails to meet certain conditions. Unprotection and unhobbling of a device may occur through an algorithmic mechanism using values stored on the peripheral device and the controller device for one or more of anti-takeover code generation, anti-takeover code comparison, network identification value comparison, and manufacturer identification value comparison. | 2015-07-30 |
20150215338 | APPARATUS AND METHOD FOR SECURING A DISTRIBUTED CONTROL SYSTEM (DCS) - A method includes receiving, at a first distributed control system (DCS) node over a network, information associated with a security manager. The method also includes establishing multiple communication channels between the first DCS node and the security manager over the network using the information, where the communication channels include a non-secure channel and a secure channel. The method further includes receiving security credentials from the security manager at the first DCS node over the non-secure channel and receiving a security policy and an activation time from the security manager at the first DCS node over the secure channel. In addition, the method includes transitioning the first DCS node to communicate with a second DCS node over the network using the security policy at the activation time. | 2015-07-30 |
20150215339 | POLICY-BASED SECURE COMMUNICATION WITH AUTOMATIC KEY MANAGEMENT FOR INDUSTRIAL CONTROL AND AUTOMATION SYSTEMS - A method includes generating at least one access vector associated with a specified device in an industrial process control and automation system. The specified device has one of multiple device roles. The at least one access vector is generated based on one or more communication policies defining communications between one or more pairs of devices roles in the industrial process control and automation system, where each pair of device roles includes the device role of the specified device. The method also includes providing the at least one access vector to at least one of the specified device and one or more other devices in the industrial process control and automation system in order to control communications to or from the specified device. | 2015-07-30 |
20150215340 | METHODS RELATED TO NETWORK ACCESS REDIRECTION AND CONTROL AND DEVICES AND SYSTEMS UTILIZING SUCH METHODS - In illustrative embodiments, methods in accordance with the present invention utilize a thin kernel module operating in the kernel space of an operating system to redirect all TCP flows to user space for application analysis and processing. Redirected data is presented to the user space application as a data stream, allowing the processing of information contained within the data stream from the user space on a mobile device. This allows the user space application to inspect and take action on incoming data before allowing the data to continue to pass through the device. This enables parental controls, firewalls, real-time anti-virus scanning, tethering/hot-spot, bandwidth optimization, and similar programs to effectively operate across different mobile devices as user downloadable/actuatable applications. | 2015-07-30 |
20150215341 | METHOD AND SYSTEM FOR REDUCING MESSAGE PASSING FOR CONTENTION DETECTION IN DISTRIBUTED SIP SERVER ENVIRONMENTS - A method, a system, and a computer program product are provided for reducing message passing for contention detection in distributed SIP server environments. The method is implemented in a computer infrastructure having computer executable code tangibly embodied on a computer readable storage medium having programming instructions operable to determine that a first site is waiting for a first object locked by a second site. The programming instructions are further operable to determine that a third site is waiting for a second object locked by the first site, and to send a first probe to the second site to determine whether the second site is waiting. A second probe is received and indicates that a site is waiting for an object locked by the first site. The second probe further indicates a deadlock in a distributed server environment to be resolved. | 2015-07-30 |
20150215342 | HOME HUB FOR IP MULTIMEDIA SUBSYSTEM (IMS) WEB SERVICES INTERACTION - Systems and methods for home hub for IMS/Web services interaction are described. In one aspect, a data communication gateway operating as a home hub includes a processor that executes computer program instructions to provide IMS/Web services interaction to one or more client computing devices. The client computing device(s) are operatively coupled to the home hub. The client computing device(s) are not Session Initiation Protocol (SIP)-enabled devices. To provide SIP- or IMS-based services to such client computing devices, the home hub registers on behalf of the client computing device(s) to a SIP network. The home hub replies to SIP messages on behalf of the SIP network registered device(s) to process all SIP request(s) and provide the registered device(s) with corresponding SIP-based service(s). | 2015-07-30 |
20150215343 | MULTI-HOST NETWORK INTERFACE CONTROLLER WITH HOST MANAGEMENT - A network adapter includes one or more ports and circuitry. The ports are configured to connect to a switch in a communication network. The circuitry is coupled to a network node that includes multiple hosts, and is configured to exchange management packets between a control server and multiple BMC units associated respectively with the multiple hosts, and to exchange, over the communication network via the one or more ports, data packets between the hosts and one or more remote nodes. | 2015-07-30 |
20150215344 | SYSTEMS AND METHODS FOR ROUTING INTERNET PROTOCOL TELEPHONY COMMUNICATIONS - When IP telephony devices that make use of an Internet protocol (IP) based private branch exchange (PBX) service provider resister with PBX service provider, they furnish local address information that indicates how they telephony devices can be reached directly for a telephony communication. This information is provided to other telephony devices within the same business or organization. As a result, the telephony devices within a business or organization can contact one another directly to setup and conduct telephony communications, without the need for such telephony communications to pass though assets of the IP based PBX service provider. | 2015-07-30 |
20150215345 | PATH SELECTION USING TCP HANDSHAKE IN A MULTIPATH ENVIRONMENT - A plurality of SYN packets is sent from a first system, each of the plurality of SYN packets traverses a different path in a first set of paths between the first system and a second system in a multipath data communication network and includes a unique source identifier. From a plurality of SYN-ACK packets, a SYN-ACK packet is selected that is first to arrive at the first system. Each SYN-ACK packet includes a unique source identifier of a selected SYN packet. A path is configured corresponding to the selected SYN packet, as an outbound path from the first system. A path corresponding to the selected SYN-ACK packet is configured as an inbound path to the first system. A session between the first and the second systems is established using the outbound and inbound paths. | 2015-07-30 |
20150215346 | ADMISSION CONTROL FOR A NETWORK - One or more devices are provided that receive a request, from a client device, to connect to an operator network. The request is received at a request time. The one or more devices obtain information identifying a connect time at which the client device is permitted to connect to the operator network and determine whether the request time matches the connect time. If the request time is determined to be different than the connect time, the one or more devices reject the request to connect to the operator network based on the request time being determined to be different than the connect time. If the request time is determined to match the connect time, the one or more devices establish a communication session between the client device and the operator network based on the request time being determined to match the connect time. | 2015-07-30 |
20150215347 | SYSTEMS AND METHODS FOR ROUTING INTERNET PROTOCOL TELEPHONY COMMUNICATIONS - When IP telephony devices that make use of an Internet protocol (IP) based private branch exchange (PBX) service provider resister with PBX service provider, they furnish local address information that indicates how they telephony devices can be reached directly for a telephony communication. This information is provided to other telephony devices within the same business or organization. As a result, the telephony devices within a business or organization can contact one another directly to setup and conduct telephony communications, without the need for such telephony communications to pass though assets of the IP based PBX service provider. | 2015-07-30 |
20150215348 | VIRTUAL IDENTITY OF A USER BASED ON DISPARATE IDENTITY SERVICES - A virtual identity and context module may generate a virtual identity for a user. Virtual identities for different categories of users may be sourced from disparate identity services. For example, a first authentication of the user provided by a first identity service may be identified. A first virtual attribute field of the virtual identity may be populated or filled based on a first attribute field associated with the first identity service. A second identity service associated with the user may also be identified. A second virtual attribute field of the virtual identity may be populated or filled based on a second attribute field associated with the second identity service. Access to an application may be provided to a user based on the virtual attribute fields of the virtual identity that has been generated for the user. | 2015-07-30 |
20150215349 | PERSONALIZED CONTENT SHARING PLATFORM - A system comprising a computer-readable storage medium storing at least one program and a computer-implemented method for providing personalized content sharing service is presented. Consistent with some embodiments, the method may include receiving a request to share a content item with a member of the social network. The method may further include determining an interest of the member of the social network based on social data about the member of the social network. A customized posting to share the content item with the member of the social network is then generated using the interest of the user. | 2015-07-30 |
20150215350 | SYSTEM AND METHOD FOR DISTRIBUTED VIRTUAL ASSISTANT PLATFORMS - Virtual assistant systems (“VAs”) operate on a distributed and interconnected network, such as a hierarchy or mesh, of virtual assistant platforms (“VAPs”). VAs communicate with a user via an electronic device, and can communicate with other devices, software programs, and other VAs. VAs include intelligent agents configured to perform particular tasks. The VAP includes an execution environment that may provide an interface between the VA and the electronic device, and may further provide a framework of services for implementing, maintaining, and executing the intelligent agents. A VA may be configured to participate in a group VA in which knowledge and tasks can be shared and cooperatively executed. Cooperative execution can include distributing subtasks among VAs in the group VA, the subtasks together forming the task. Group VAs can share information with each other, and may further inter-network by accessing a common network outside the VAP, such as a social network. | 2015-07-30 |
20150215351 | CONTROL OF ENHANCED COMMUNICATION BETWEEN REMOTE PARTICIPANTS USING AUGMENTED AND VIRTUAL REALITY - Embodiments disclosed herein provide methods, systems, and computer readable storage media for facilitating controlling a meeting between remote Augmented Reality (AR) and Virtual Reality (VR) participants. In a particular embodiment, a method provides, during a conference session wherein a plurality of head mounted displays (HMDs) are each worn by one of a plurality of participants, compiling first orientation information and first view information from a first HMD of the plurality of HMDs. The orientation information describes current orientation of the first HMD. Based on the first orientation information and the first view information, the method provides determining a first change to how video is presented the first HMD. Also, the method provides directing the first HMD to implement the first change. | 2015-07-30 |
20150215352 | System and method for interactive remote movie watching, scheduling, and social connection - Disclosed is a media sharing system that provides shared experiencing of licensed media content such as movies. The system includes a web server that communicates with multiple client devices over the internet whereby a user's multiple social contacts can participate in a synchronized stream of licensed media content such as movies. The system is able to schedule the multi-user experiencing of the licensed media content and further synchronize the streaming of the licensed content so the participating users receiving the media streams in a substantially synchronized manner. The system still further provides for social content interaction amongst the multiple recipients so that the multiple users can interact in a time-contextual manner consistent with the substantially synchronized receipt of the licensed media content. | 2015-07-30 |
20150215353 | Tangible Social Network - A tangible social network system comprises at least two interactive physical objects adapted for communicatively linking with each other, a visualization application for providing a visual representation of a user's tangible social network, and an object communication frame. An interactive physical object comprises a controller for forming a communicatively linked relationship with another interactive physical object and for receiving and responding to commands and data received from a linked object, and an audio or visual response subsystem. An object communication frame comprises a housing adapted to receive interactive physical objects, a communications subsystem for managing communications with installed objects and with interactive physical objects communicatively linked with installed objects, a controller, and a power subsystem for powering installed objects. The frame or objects may interact with a visualization application, comprising subsystems for receiving information about the user's tangible social network and deriving a representation of it, and a graphical user interface for providing the visual representation to the user. | 2015-07-30 |
20150215354 | DATA MANAGEMENT SYSTEM AND METHOD - A method and computing system for receiving an indication of a first photo being uploaded to a web-based resource. A first capture date is determined for the first photo. A first object is associated with the first photo. The first object is positioned within a graphical representation of a calendar based, at least in part, upon the first capture date. | 2015-07-30 |
20150215355 | PHONING INTO VIRTUAL COMMUNICATION ENVIRONMENTS - A web browser interface for visualizing realtime network communications in spatial communication environments allows communicants to interact with other communicants in an immersive spatial communication environment without having to install any specialized communication software and without requiring special proxies or firewall additions or exceptions. | 2015-07-30 |
20150215356 | METHOD AND APPARATUS FOR COORDINATING AN OPERATION OF MULTIPLE MOBILE DEVICES IN A GROUP CALL - A method, Group Application Server, and mobile device are provided that coordinate an operation of multiple mobile devices of a same user in a group call. When the multiple mobile devices join the group call, a first mobile device of the multiple mobile devices determines that it is an active device and provides an indication of such to the Group Application Server. In response to receiving the indication, the Group Application Server identifies a second mobile device, of the multiple mobile devices, that is a non-active device and one or more of modifies subsequent communications with the second mobile device or conveys a behavior modification message to the second mobile device. In another embodiment of the present invention, the first mobile device may indicate that it is the active device directly to the second mobile device and the second mobile device modify its behavior accordingly. | 2015-07-30 |
20150215357 | VIDEO PLAYING METHOD AND APPARATUS - A client of a first terminal device enables a user to log on the client of the first terminal device with a user account of the client of the first terminal device, and plays, in a video playing window, a video of video website selected by the user. When obtaining a terminating operation performed for the video by the user, the client of the first terminal device saves the user account as well as a playing address and playing process of the video. A client of a second terminal device enables the user to log on the client of the second terminal device with the user account, and obtains the saved playing address and playing process according to the user account. The client of the second terminal device continues to play the video in the video playing window according to the playing address and the playing process. | 2015-07-30 |
20150215358 | System and Method for Media Content Streaming - In accordance with an embodiment, a method includes electronically receiving a media presentation description (MPD) from a network. The MPD describes multimedia content that includes alternative representations of a plurality of media types, and the MPD includes information indicative of how the alternative representations are encoded. The method also includes selecting one of the plurality of alternative representations for at least one of the plurality of media types based on information included in the MPD, requesting the selected one of the plurality of alternative representations piece-by-piece, and electronically receiving a piece of media data. | 2015-07-30 |
20150215359 | SYSTEMS AND METHODS FOR USING CLIENT-SIDE VIDEO BUFFER OCCUPANCY FOR ENHANCED QUALITY OF EXPERIENCE IN A COMMUNICATION NETWORK - A network node, and a method for operating a network node, such as a base station, may transmit multiple video streaming sessions from servers to clients in terminal nodes and can estimate client-side video buffer occupancy levels associated with the streaming sessions. To estimate a client-side video buffer occupancy level, the network node analyzes packets communicated with the terminal nodes to identify application layer messages and extract transaction information, determine payload types associated with objects conveyed in the packets identified with application layer messages, and associate the objects conveyed in the packets identified with application layer messages with one of the streaming sessions. The network node may use the estimated video buffer occupancy levels to determine scheduler parameters for use in scheduling packets for transmission to the terminal nodes. Packet scheduling may also be based on quality of experience considerations associated with streaming session clients in the terminal nodes. | 2015-07-30 |
20150215360 | METHOD AND DEVICE FOR SWITCHING MEDIA RENDERERS DURING STREAMING PLAYBACK OF CONTENT - A method and a device for switching a media renderer to another media renderer while a client performs streaming playback of content of a server are provided. Accordingly, a first client that performs streaming playback of the content transmits playback environment information and a URL of the content to the second client, and the second client transmits the received information and information about features of the second client to the server and requests the corresponding content which has the optimized format for the second client from the server. Therefore, a user can continue to watch the media content through a new media renderer in existing playback environment setting without additional manipulation. | 2015-07-30 |
20150215361 | CLIENT SIDE STREAM SWITCHING - Client side stream switching enables substantially uninterrupted transmission of a highest compatible bit rate of a stream of media to a client via a network connection. The client may include one or more buffers for receiving the stream of media. Attributes including the buffer activity and a bandwidth of the network connection may be monitored by a streaming module to determine an alternative bit rate of the stream of media. The stream of media may be transitioned from the first bit rate to the alternative bit rate without an interruption of the stream of media to provide the client with the highest compatible bit rate based on the monitored attributes. | 2015-07-30 |
20150215362 | SYSTEM AND METHOD FOR ENABLING COLLABORATIVE MEDIA STREAM EDITING - A system and method for editing multimedia content. A server transmits multimedia content to a plurality of electronic devices. Each of the plurality of electronic devices enables a user to perform at least one action in relation to the multimedia content. A voting engine gathers information concerning the actions performed by users in relation to the multimedia content transmitted to the electronic devices. In response to the information gathered by the voting engine, the multimedia content is modified based upon predefined criteria. The modified multimedia content is subsequently provided to later users. | 2015-07-30 |
20150215363 | Network Speed Indication Method And Mobile Device Using The Same - A network speed indication method and a mobile device using the same are disclosed. The method performed by the mobile device includes: establishing a data communication connection with a wireless network; detecting a data downloading speed when a currently running application receives data from the wireless network and renders the data on a user interface of the currently running application; obtaining, according to the detected data downloading speed, a speed indicator corresponding to the data downloading speed, so as to update the user interface of the currently running application; updating the user interface of the currently running application in accordance with the speed indicator corresponding to the data downloading speed, so that a user learns of the data downloading speed according to the update user interface; after receiving an application switch request from a user of the mobile device, acquiring, from the wireless network, application content that is suitable for the data downloading speed. | 2015-07-30 |
20150215364 | SYSTEM AND METHOD FOR LOCATING AND CAPTURING DESIRED MEDIA CONTENT FROM MEDIA BROADCASTS - A media agent that monitors multiple broadcast transmissions and a method for the same. The media agent establishes connections with broadcast transmissions and then identifies characteristics of the media content contained within the broadcast transmission. The association between the identified characteristic of the media content and the connected broadcast transmission is maintained to allow the information gathered from the broadcast transmission to be used meaningfully. | 2015-07-30 |
20150215365 | DYNAMIC MANAGEMENT OF COLLABORATION SESSIONS USING REAL-TIME TEXT ANALYTICS - System and method to respond to a streaming media link quality problem in a communication session, the method including: monitoring textual messages in the communication session for an indication of a quality of service (QoS) problem; forming a hypothesized cause of the QoS problem; retrieving evidence relevant to the hypothesized cause, the relevant evidence comprising system logs; and determining whether the retrieved evidence supports the hypothesized cause. The system includes: a processor coupled to a memory; a monitoring module configured to monitor textual messages in the communication session for an indication of a quality of service (QoS) problem; an inference module configured to form a hypothesized cause of the QoS problem; a retrieval module configured to retrieve evidence relevant to the hypothesized cause, the relevant evidence comprising system logs stored in the memory; and a calculation module configured to determine whether the retrieved evidence supports the hypothesized cause. | 2015-07-30 |
20150215366 | INTERACTION MODALITIES FOR MULTIMEDIA DELIVERY AND PRESENTATION - A method and apparatus for displaying received data, analyze the quality of the displayed data formulating a media-parameter suggestion for the encoder to alter the characteristics of data to be sent to the receiver, and sending from the receiver, the formulated suggestion. | 2015-07-30 |
20150215367 | MULTI-INTERFACE ADAPTIVE BIT RATE SESSION MANAGEMENT - Systems and method are provided that allow an application layer client in a mobile device to manage multiple interfaces in a communication network. The multiple interfaces can include WiFi, cellular, Femto, WiMAX, Bluetooth, infrared, Ethernet, and other types of interfaces for communication in a network. The client on the mobile device can use intelligence and rules to determine how and when request fragments are communicated over the various interfaces available to the client. The intelligence can include parameters such as performance information for a particular interface and subscriber preferences. Based on this information the client can decide to use a combination of the interfaces to obtain multimedia content and render the content for display on the mobile device. By using a combination of interfaces and tracking the advantages and disadvantages of each interface, the client can make intelligent decisions in providing multimedia content to the user. | 2015-07-30 |
20150215368 | TRANSMISSION MANAGEMENT SYSTEM, TRANSMISSION SYSTEM, AND RECORDING MEDIUM - A transmission management system includes a destination name data managing unit which manages a plurality of destination name data items which indicate a plurality of names of a destination in communications between transmission terminals, a destination name data reading unit which reads a destination name data item from the plurality of destination name data items managed by the destination name data managing unit, and a destination name data transmitting unit which transmits the destination name data item read by the destination name data reading unit to a transmission terminal capable of communicating with the destination. | 2015-07-30 |
20150215369 | CONTENT SUPPLY DEVICE, CONTENT SUPPLY METHOD, PROGRAM, AND CONTENT SUPPLY SYSTEM - The present disclosure relates to a content supply device, a content supply method, a program, and a content supply system, wherein an adaptive streaming technique based on DASH is extended to enable the use of broadcast distribution and multicast distribution. | 2015-07-30 |
20150215370 | SYSTEM AND METHOD FOR INTEGRATION OF BROWSER BASED APPLICATIONS IN A MANAGED APPLICATION ENVIRONMENT - Embodiments as disclosed may include an integration application that allows multiple disparate applications to be integrated. Specifically, in certain embodiments, a method of providing multiple browser-based applications through a single interface may include providing a single interface, configured for integrating the multiple browser-based applications, to a user, wherein the single interface has a parent area associated with a set of applications and a child area for presenting content associated with the set of applications. | 2015-07-30 |
20150215371 | REMOTE CONTEXTUAL ACCESS TO OPERATING SYSTEM DESKTOPS - Methods, systems, and techniques for remote contextual access to an operating system desktop are provided. Example embodiments provide a desktop state agent the harvests information from a user's desktop regarding state of various objects such as open documents, recent documents, links, shared links, bookmarks, upcoming events, and/or recent emails. The harvested information is translated to html or other web browser recognized language where possible and uploaded to be accessible to a web server configured to respond to requests for desktop state using a web address. In one embodiment, the RCAS allows access to a user's desktop transparently—without the user needing to take explicit action. Further, a remote mobile device can render the desktop data without using a session or connection to the user's desktop machine and without use of a remote desktop protocol. | 2015-07-30 |
20150215372 | Information Sharing Method and System - An information sharing method and the system thereof are provided. The method includes obtaining an information exported file by exporting the information to be shared, and storing the information exported file according to an assigned network address; generating a two-dimensional code according to the network address of the stored information exported file; sharing the generated two-dimensional code, and importing the information exported file by scanning the shared two-dimensional code. The system include an export processing module, a two-dimensional code generating module, a two-dimensional code sharing module, and an importing module. By the above method and system, the operation will be more convenient. | 2015-07-30 |
20150215373 | SYSTEM, METHOD, AND APPARATUS FOR UPLOADING, LISTENING, VOTING, ORGANIZING, AND DOWNLOADING MUSIC, AND/OR VIDEO, WHICH OPTIONALLY CAN BE INTEGRATED WITH A REAL WORLD AND VIRTUAL WORLD ADVERTISING AND MARKETING SYSTEM THAT INCLUDES COUPON EXCHANGE - The present invention relates to the use of free delivery to create a new system, method, and apparatus used for uploading, listening, voting, organizing, and downloading of music, and/or video, which optionally may be used in conjunction with a hybrid hard copy/soft copy advertising and marketing that also includes a coupon exchange system. The present invention also includes a novel “flush” vote system for rating music, and/or video. | 2015-07-30 |
20150215374 | DELIVERING AN UPDATE FOR A WEB APPLICATION - Systems and methods for delivering an update for a web application are provided. In some aspects, a request to access a web application is received from a client computing device. A last version of the web application provided to a computing device having an identifier associated with the client computing device is determined based on data stored locally at a server. A delta file is provided to the client computing device in response to the request to access the web application. The delta file includes indicia of a difference between a current version of the web application stored at the server and the last version of the web application provided to the computing device having the identifier associated with the client computing device. | 2015-07-30 |
20150215375 | PRECOMPILING LOCALLY-STORED INSTRUCTIONS FOR A WEB APPLICATION - Systems and methods for accessing locally-stored content for a web application are disclosed. In some aspects, a user input for requesting a web application is received at a client computing device. A network request for the web application is provided via a network. That software code for the web application is stored in local storage of the client computing device is determined. The stored software code for the web application is placed into a random access memory (RAM) of the client computing device. At least a portion of the stored software code is precompiled prior to receiving a response to the network request. | 2015-07-30 |
20150215376 | SYSTEMS AND METHODS FOR DEPLOYING LEGACY SOFTWARE IN THE CLOUD - A system, method, apparatus and computer program product is described to provide a plurality of connectors, the connectors configured to support one or more applications in at least one configuration selected from a group of configurations including: i) a non-tenant, and non-tenant aware, application, ii) a non-tenant, but tenant aware, application, iii) a many tenant application, iv) a multi-tenant application, and v) a native multi-tenant application. Also provided are one or more application programming interfaces (APIs) to the connectors, the one or more APIs providing a substantially uniform interface to applications supported by the connectors. In one embodiment, a governance layer provides the APIs, and the governance layer communicates with the connectors, so that an application's tenancy support is obfuscated. | 2015-07-30 |
20150215377 | Efficient Transfer of an Application - The presently disclosure provides methods and system for reducing the size of an application by replacing a media item in the application with a reference to the media item stored in a remote storage location. A method may include detecting a media item in an application and storing the media item in a remote storage location. The media item in the application may be replaced with a reference to the media item stored in the remote storage location and the application may be provided to a device. A media item request may be received from the device, and the media item request may indicate a parameter associated with the requested media item. The media item stored in the remote storage location may be scaled based on the parameter associated with the media item request and the scaled media item may be provided to the device. | 2015-07-30 |
20150215378 | Computer architecture for managing courseware in a shared use operating environment - Methods, devices, and systems are provided in a multi-level computer architecture which provides improved capabilities for managing courseware and other content in a shared use operating environment such as a computer network. In particular, the invention provides a commercial networked instruction content delivery method and system which does not exclude synchronous sharing but is focused on asynchronous sharing. Security means in the architecture provide content property holders with the ability to know how many minutes of use an individual made of licensed material and with increased certainty that their material cannot be used, copied, or sold in usable form unless and until a user site is connected or reconnected to a minute-by-minute counter which is located off the premises of the user. This security link helps protect software and other works which are being sold or licensed to an individual, organization, or entity, and creates income opportunities for owners of such content. | 2015-07-30 |
20150215379 | DISTRIBUTED PROCESSING DEVICE AND DISTRIBUTED PROCESSING SYSTEM AS WELL AS DISTRIBUTED PROCESSING METHOD - In a distributed processing device, there are provided: a collective communication means in which at least one activated process executes a local collective communication among a plurality of processes within one process group among a plurality of process groups generated by partitioning the plurality of processes by a first partitioning pattern; and a communication control means for selecting, after the local collective communication, a second partitioning pattern different from the first partitioning pattern used in the local collective communication and allowing the collective communication means to execute a next local collective communication using data based on a result of the local collective communication among a plurality of processes within one process group among a plurality of process groups generated by partitioning the plurality of processes by the second partitioning pattern. | 2015-07-30 |
20150215380 | NETWORK SYSTEM FOR IMPLEMENTING A CLOUD PLATFORM - A network system for implementing a cloud platform within a network to which at least one device defining a computing environment for a user has access comprises an application management module, a community management module, and a user enrolment portal. The application management module enables access to an abstract application, wherein the abstract application is associated with a concrete application defining an implementation of the abstract application for the computing environment. The community management module manages a community, wherein the community comprised of at least a user credential and the abstract application, wherein the community defines at least one of said following: a policy, a management process, and a service, under which the abstract application can be accessed by the user. The user enrolment portal supports an enrolment of the user in the community from the device, and to orchestrate a policy management mechanism to support an enforcement of the policy under which the user has access to the concrete application from the device. | 2015-07-30 |
20150215381 | METHODS FOR CONTENT INLINING AND DEVICES THEREOF - A method, computer readable medium, and application delivery controller apparatus for content inlining includes obtaining content from one or more servers as requested by one or more clients, obtaining external content from the one or more servers as referenced by one or more external references included in the requested content, modifying the requested content to include at least one of the external content, and servicing the client request by communicating the modified requested content. | 2015-07-30 |
20150215382 | AUTOMATED TRANSITION OF CONTENT CONSUMPTION ACROSS DEVICES - Features are disclosed for transferring the presentation or playback of content from device to device. The content may include, but is not limited to, aural, video, and multimedia content. A personal device may be detected playing content. A current play position of the content can be obtained, and playback can be halted. The play position can be transferred to a media device wherein playback is automatically resumed. Additionally, the playing of content may be transferred between two or more media devices, for example in response to the movement of a user. Personal device movements and content operations may be monitored in order to determine improvements to the automatic transfer of content consumption from device to device. | 2015-07-30 |