36th week of 2015 patent applcation highlights part 41 |
Patent application number | Title | Published |
20150249561 | SIGNAL MODULATION USING GUARD BAND DETERMINATION FOR IMPROVED FREQUENCY SPECTRUM EFFICIENCY - A method for signal modulation includes determining at least one guard band between at least two continuous available sub-bands among multiple available sub-bands that can be used by a communication entity and are discrete; and using the at least one guard band in signal modulation for the communication entity. | 2015-09-03 |
20150249562 | MIMO RELATED SIGNALING IN WIRELESS COMMUNICATION - Certain aspects of the present disclosure relate to techniques for multiple-input multiple-output (MIMO) related signaling in a wireless communication system. In an aspect, a method for wireless communication is provided which includes receiving a signal comprising a reference signal (RS). The RS is associated with a specific pseudo-noise (PN) sequence. The method further includes performing blind decoding of the RS using a plurality of PN sequences and determining, based on results of the blind decoding, a UE-specific RS pattern from a plurality of UE-specific RS patterns. | 2015-09-03 |
20150249563 | TRANSMITTER, RECEIVER, AND METHOD FOR RECEIVING AND TRANSMITTING A RADIO FREQUENCY SIGNAL - The present invention discloses a transmitter, a receiver, and a method for receiving and transmitting a radio frequency signal, and relates to the field of radio communications technologies, which can perform carrier recovery and generation at a front end of a radio frequency circuit, thereby reducing a running cost of a baseband chip. The method includes: generating, by an amplitude discriminator/phase detector according to an intermediate-frequency analog signal, a signal amplitude pulse signal/signal phase pulse signal that is not corrected; generating, by a bit error matrix corrector, an amplitude/phase correction control signal; correcting, by the amplitude discriminator/phase detector, the signal amplitude pulse signal/signal phase pulse signal according to the amplitude/phase correction control signal; and converting, by an amplitude code generator/phase code generator, a corrected pulse signal into a corresponding digital code. The present invention is applicable to receiving/transmitting a radio frequency signal. | 2015-09-03 |
20150249564 | METHOD AND APPARATUS FOR TRANSMITTING MODULATION SYMBOL USING 256QAM IN A WIRELESS ACCESS SYSTEM - Disclosed herein is a wireless access system and, more particularly, methods and apparatuses for designing a 256 quadrature amplitude modulation (QAM) constellation point and transmitting a modulation symbol using the same in order to support a 256QAM scheme. The method for transmitting a modulation symbol using a 256 quadrature amplitude modulation (QAM) scheme at a transmitter in a wireless access system includes modulating octuplet bits into one modulation symbol using the 256QAM scheme, mapping the modulation symbol to one of 256QAM constellation points and transmitting the mapped modulation symbol. | 2015-09-03 |
20150249565 | COMMUNICATION SYSTEM, VIRTUAL NETWORK MANAGEMENT APPARATUS, VIRTUAL NETWORK MANAGEMENT METHOD AND PROGRAM - A communication system includes: a network configuration memory that stores network configuration information of a first layer in which an area of the first layer whose low level configuration is desired to be concealed is represented by a preset symbol and that also stores network configuration information of a second layer showing the area represented by the preset symbol. The system also includes a network configuration management section that allows a first user to manage a network of the first layer using the network configuration information of the first layer and that also allows a second user to manage a network of the second layer using at least the network configuration information of the second layer. | 2015-09-03 |
20150249566 | APPARATUS FOR SELECTING MASTER IN REDUNDANCY SYSTEM - An apparatus for selecting a master in a redundancy system, which can rapidly select a single master among a plurality of backups by selecting a master through negotiation among backups when a failure occurs in the master in a redundancy system with one or more backups. | 2015-09-03 |
20150249567 | SHARED RISK GROUP HANDLING WITHIN A MEDIA GATEWAY - A media gateway controller (MGC) is described herein that implements a shared risk group package to control and prevent a media gateway (MG) from establishing redundant links like a primary link and a secondary link that use resources that share the same risk of failure. Essentially, the MGC uses the shared risk group package to control which resources like ephemeral terminations are used by the MG to establish the primary link and the secondary link such that if any of the resources associated with the primary link fail then the secondary link remains operational within the MG and if any of the resources associated with the secondary link fail then the primary link remains operational within the MG. | 2015-09-03 |
20150249568 | CONTROL APPARATUS, CONTROL METHOD, COMMUNICATION SYSTEM, AND PROGRAM - A control apparatus includes: a database which stores control information for controlling a network; an interface unit which is connectable to a plurality of modules, each of which operates the control information based on a predetermined algorithm, and which operates the control information responsive to a database operation command issued by any one of the modules; and a control unit which controls packet processing in the network based on the control information configured by an operation executed by any one of the modules. | 2015-09-03 |
20150249569 | MANAGING USE OF INTERMEDIATE DESTINATION COMPUTING NODES FOR PROVIDED COMPUTER NETWORKS - Techniques are described for providing managed computer networks. In some situations, the techniques include managing communications for computing nodes of a managed computer network by using one or more particular computing nodes of the managed computer network that are configured to operate as intermediate destinations to handle at least some communications that are sent by and/or directed to one or more other computing nodes of the managed computer network. For example, a manager module associated with a source computing node may select one or more particular intermediate destination computing nodes to use for one or more particular communications from the source computing node to an indicated final destination, such as based on a configured logical network topology for the managed computer network. The manager module then forwards those communications to a first of the selected intermediate destination computing nodes for further handling. | 2015-09-03 |
20150249570 | METHOD FOR CONFIGURING A PATH FOR INTERCEPTING USER DATA, METHOD FOR INTERCEPTING, APPARATUS AND ENTITY - A method for configuring a path for intercepting user data, a method for intercepting user data, an apparatus, a system, a control plane entity and a user plane entity, the method for configuring the path for intercepting user data comprises: acquiring a target to be intercepted and an intercepting interface address; configuring data path configuration information on a user plane entity GW-U according to the target to be intercepted and the intercepting interface address; sending the data path configuration information to the user plane entity GW-U so that the GW-U establishes a path for data transmission; initiating an establishment of an intercepting connection of an intercepting interface to an intercepting entity based on the intercepting interface address so as to transmit the data of the target to be intercepted. | 2015-09-03 |
20150249571 | COUNTERPART TERMINAL MANAGEMENT SYSTEM, COMMUNICATION TERMINAL, COMMUNICATION SYSTEM, COUNTERPART TERMINAL MANAGEMENT METHOD, AND RECORDING MEDIUM STORING COUNTERPART TERMINAL MANAGEMENT PROGRAM - A counterpart terminal management system receives a request for adding a second communication terminal as a candidate counterpart terminal for a first communication terminal that is participating in a session with the second communication terminal, the request for adding being generated based on information indicating that the second communication terminal is not registered as a candidate counterpart terminal for the first communication terminal, and stores counterpart terminal identification information of the second communication terminal in association with terminal identification information of the first communication terminal in response to the request for adding. | 2015-09-03 |
20150249572 | Software-Defined Network Control Using Functional Objects - A method implemented in a network element (NE), comprising receiving a flow configuration message identifying a flow context in a software-defined network (SDN) and a network control associated with the flow context, wherein the flow configuration message comprises a function object (FO) reference that identifies the network control, generating an FO based on the FO reference, wherein the FO comprises a plurality of network behaviors associated with the network control, and performing the network control for the flow context based on the FO generated by the NE. | 2015-09-03 |
20150249573 | USING VIRTUAL NETWORKING DEVICES AND ROUTING INFORMATION TO ASSOCIATE NETWORK ADDRESSES WITH COMPUTING NODES - Techniques are described for providing managed virtual computer networks that have a configured logical network topology with virtual networking devices, such as by a network-accessible configurable network service, with corresponding networking functionality provided for communications between multiple computing nodes of the virtual computer network by emulating functionality that would be provided by the virtual networking devices if they were physically present. In some situations, the networking functionality provided for a managed computer network of a client includes receiving routing communications directed to the virtual networking devices and using included routing information to update the configuration of the managed computer network, such as to allow at least some computing nodes of a managed computer network to dynamically signal particular types of uses of one or more indicated target network addresses and/or to dynamically signal use of particular external public network addresses based on such routing information. | 2015-09-03 |
20150249574 | Declarative Approach to Virtual Network Creation and Operation - A network controller may receive a request from an application via an application programming interface (API), wherein the request comprises program codes written in a declarative programming language, and wherein the program codes describe at least some aspects of a virtual network (VN). The network controller may further parse the program codes into internal objects of the network controller, with the internal objects representing the aspects of the VN described by the program codes. The network controller may then manage the VN according to the internal objects translated from the program codes. | 2015-09-03 |
20150249575 | CALCULATING WORKLOAD CLOSURE IN NETWORKS - Methods and arrangements for identifying and characterizing subgraphs of a network. In a network comprising a plurality of nodes and edges, there is identified a subgraph including a plurality of nodes. Communication workload closure of the subgraph is calculated via: identifying and counting all length- | 2015-09-03 |
20150249576 | SYSTEMS AND METHODS FOR PHYSICAL LINK ROUTING - A system for physical link routing includes a link routing block, comprising a volume of solid material, that defines a set of link routing paths; and a first link interface, comprising a set of access points arranged in a pattern, wherein each access point of the set of access points is associated with an endpoint of a link routing path. | 2015-09-03 |
20150249577 | INFORMATION PROCESSING APPARATUS, INFORMATION PROCESSING METHOD, TERMINAL, CONTROL METHOD AND PROGRAM - Provided is an information processing apparatus including a determination unit configured to determine whether to urge a user who uses a terminal to execute an action corresponding to an action executed by a different user who uses a different terminal, based on a relationship between the user and the different user, and acquire a determination result, and an output control unit configured to perform control in a manner that display corresponding to the determination result is performed. | 2015-09-03 |
20150249578 | Method for Data Transmission. - The subject innovation relates to a method for providing data-based services via a terminal The method includes identifying a mobile terminal device of a user, identifying the terminal, linking the terminal to the mobile terminal device so that data-based services can be downloaded via the terminal and the costs associated with these data-based services can be charged to the mobile terminal device. The subject innovation also relates to a correspondingly adapted terminal and system. Data-based services may be requested via a terminal, and the costs may be charged to the mobile terminal device, without the mobile terminal device being involved in the provision of the data-based service. | 2015-09-03 |
20150249579 | FORWARD-BASED RESOURCE DELIVERY NETWORK MANAGEMENT TECHNIQUES - A resource delivery network and method for distributing content in the network is disclosed herein. The network comprises a plurality of servers arranged in tiers and partitioned. Each server includes a resource store with a set of resources for distribution to a successive tier. Updates to each successive tier are provided by a pull-forward client on servers in the tier. This forward propagation mechanism maximizes resource availability at edge servers in the network. Resources transmitted to the edge tier servers may be transformed, combined, and rendered without taxing lower tier servers. Transformation and pre-rendering of data can be performed by low priority CPU tasks at each layer of the system. | 2015-09-03 |
20150249580 | SYSTEM AND METHOD FOR PROVIDING UNCAPPED INTERNET BANDWIDTH - A system and method which allow for uncapped bandwidth to internet users in a high density environment while ensuring a minimum ‘floor’ tier is retained using defined site bandwidth, defined default floor tier, unique algorithms for adjustments, and equal sharing distribution is described. The method includes the steps of: validating active devices for authentication; matching device with remotely and locally defined bandwidth floor tier; adding the device to a virtual pipe with the potential of a significant percentage of the total provisioned bandwidth; storing the virtual pipe within a container that ensures a minimum distribution of the defined floor tier; remaining bandwidth is distributed equally as needed to active devices in the container in real-time. | 2015-09-03 |
20150249581 | INFORMATION COLLECTION SYSTEM, SERVER APPARATUS, EDGE APPARATUS, CONTROL METHOD, AND PROGRAM - An information collection system includes a server apparatus, a plurality of edge apparatuses, and a collection rules storage unit. The edge apparatus includes a first information generation unit that generates first information and a second information generation unit that generates second information. The collection rules storage unit stores collection rules so as to be associated with the edge apparatus and the first information that the server apparatus acquires from the edge apparatus. The server apparatus includes a first information acquisition unit that acquires the first information from the edge apparatus, a second information acquisition unit that acquires the second information from the edge apparatus, and a collection rules acquisition unit that acquires collection rules from the collection rules storage unit. | 2015-09-03 |
20150249582 | Cognitive Data Delivery Optimizing System - Network performance data is gathered and analyzed to produce network patterns and data delivery strategies. Client devices and other network components report network performance data to a central management system. Data delivery strategies are applied to a portion of a network to deliver content appropriate for network patterns that are associated with the portion of the network. | 2015-09-03 |
20150249583 | STREAMING QUERY RESOURCE CONTROL - Streaming query resource control is described, for example, to allocate streaming queries to servers in a data center providing a streaming query platform. In various embodiments streaming queries are allocated to servers in a manner seeking to balance load between the servers and also to reduce network traffic costs between data stream sources and the servers. In various examples, query types are taken into account, where a query type is the identity of one or more data stream sources used by the query, and optionally also traffic rates of the data stream sources. In some examples, processes for allocating incoming queries in an online fashion are described and in some examples, processes for allocating queries in an offline fashion are described. In examples, a network traffic cost metric is used which takes into account an incremental network traffic cost of adding a given query at a server. | 2015-09-03 |
20150249584 | METHOD AND APPARATUS FOR PROVIDING AN ANTI-BULLYING SERVICE - An approach is provided for an anti-bullying service. A service platform monitors interaction data from one or more applications, wherein the interaction data is associated with an interaction between a source and a target. The service platform analyzes the interaction data to parse one or more indicators of a monitored conduct between the source and the target. The service platform then initiates at least one of (a) a recording of the interaction data; (b) a transmission of an alert message, the one or more indicators, the interaction data, the monitored conduct, or a combination thereof to a third party; and (c) a pushing of an anti-conduct application to a source device associated with the source, a target device associated with the target, or a combination thereof based on the monitored conduct, the one or more indicators, or a combination thereof. | 2015-09-03 |
20150249585 | DETECTION APPARATUS, DETECTION METHOD, AND DETECTION PROGRAM - It is provided a detection apparatus including: a first storage module configured to store logs about traffic between communication apparatus and, when a consumed storage capacity reaches a given level or higher, delete the stored logs starting from an oldest log; a calculation module configured to refer to specific logs about specific traffic that is related to a subject of communication quality monitoring from the logs stored in the first storage module, thereby calculating a group of time-series statistical values about communication quality of the monitoring subject; a detection module configured to compare the group of time-series statistical values with a threshold, thereby detecting communication quality deterioration of the monitoring subject; and a saving module configured to obtain, when communication quality deterioration of the monitoring subject is detected, the specific logs from the first storage module and store the specific logs in a second storage module. | 2015-09-03 |
20150249586 | EMERGENCY NETWORK SERVICES BY AN ACCESS NETWORK COMPUTING NODE - In one embodiment, a method comprises detecting, by an access network computing node, a network service provided by a service provider for one or more identified endpoint devices via a wide area network connection, the access network computing node within an access network providing connections for the one or more identified endpoint devices to access the network service via the wide area network connection; detecting an unavailability of the network service via the wide area network connection; and supplying, by the access network computing node, at least a substitute of the network service for the one or more identified endpoint devices in response to the detected unavailability of the network service via the wide area network connection. | 2015-09-03 |
20150249587 | METHOD AND APPARATUS FOR TOPOLOGY AND PATH VERIFICATION IN NETWORKS - A method and apparatus are disclosed herein for topology and/or path verification in networks. In one embodiment, a method is disclosed for use with a pre-determined subset of network flows for a communication network, where the network comprises a control plane, a forwarding plane, and one or more controllers. The method comprises installing forwarding rules on the forwarding elements for identification of network information, wherein the forwarding rules are grouped into one or more separate control flows, where each of the one or more control flows makes a closed loop walk through at least a portion of the network according to the forwarding rules of said each control flow, injecting traffic for one or more control flows onto the forwarding plane, and identifying the network information based on results of injecting the traffic. | 2015-09-03 |
20150249588 | Distributed Processing System - Described is a system that includes a queue cluster including first network devices that cooperate to communicate with end nodes of a network and to store information from the end nodes in memory, a processing cluster comprising second network devices that cooperate to perform one or more tasks on the information from the queue cluster, and a database cluster including third network devices that cooperate to provide storage for use by the processing cluster, with the queue cluster, the processing cluster, and the database cluster being part of a local network that is connectable to an external network, the local network including a wireless mesh network and for the one or more tasks, a network device among the second network devices is selected as a leader responsible for task execution. | 2015-09-03 |
20150249589 | METHOD AND APPARATUS FOR DETERMINING AUTOMATIC SCANNING ACTION - Disclosed are a method and an apparatus for determining an automatic scanning action. The method comprises: in a set period, collecting access request messages sent from a selected send end to a selected network server and access response messages returned from the selected network server to the selected sending end; equally dividing the set period into at least two set sub-periods, successively counting the number of the access request messages in each set sub-periods and determining a request credible value of the selected sending end; counting the number of response success messages and the number of response failure messages in the collected access response messages, and determining a request credible value of the selected sending end; calculating a general accessed value of the selected send end in the set period according to the determined request credible value, the response credible value, first weight, and second weight; and comparing the general accessed value with a first set threshold, and determining whether is the selected sending end performs automatic scanning This solution is more applicable and more accurate than the prior art. | 2015-09-03 |
20150249590 | DEADLOCK-FREE ROUTING IN FAT TREE NETWORKS - Methods and apparatus are provided for routing data packets between source and destination switches in a fat tree network. For each packet, a route is selected having three or less routing phases such that the route follows a shortest path across the network between the source and destination switches. The data packet is transmitted from the source switch to the destination switch, via the route, on one of first and second virtual channels unless the route includes a predetermined one of a down-up turn and an up-down turn. If the route includes the predetermined one of a down-up turn and an up-down turn, the data packet is transmitted, via the route, on the first virtual channel up to the switch | 2015-09-03 |
20150249591 | OPAQUE PROFILE IDENTIFIERS FOR PATH COMPUTATION ELEMENT PROTOCOL - Methods and systems are disclosed for enabling centralized path definition and policy with distributed path setup, and centralized path setup control with distributed path utilization constraints. In one example, a path computation client (PCC) requests, utilizing opaque PCE profile identifiers, a path computation from a path computation element (PCE). The PCE profile identifier corresponds to path computation constraints, stored local to PCE, and are unknown to the PCC. Advantageously, the PCE profile identifiers allow the PCC to initiate path computation requests based on information local the PCC while leveraging centralized path computation by the PCE. In another example, a PCE requests, utilizing opaque PCC profile identifiers, that a PCC initiate a path. The PCC profile identifier corresponds to path usage parameter constraints, stored local to PCC, and are unknown to the PCE. Advantageously, the PCC identifiers allow the PCE to marshal path initiation while leveraging distributed resources to enforce compliance with usage parameters. | 2015-09-03 |
20150249592 | OPAQUE PROFILE IDENTIFIERS FOR PATH COMPUTATION ELEMENT PROTOCOL - Methods and systems are disclosed for enabling centralized path definition and policy with distributed path setup, and centralized path setup control with distributed path utilization constraints. In one example, a path computation client (PCC) requests, utilizing opaque PCE profile identifiers, path computation from a path computation element (PCE). The PCE profile identifier corresponds to path computation constraints, stored local to PCE, and are unknown to the PCC. Advantageously, the PCE profile identifiers allow the PCC to initiate path computation requests based on information local the PCC while leveraging centralized computation by the PCE. In another example, a PCE requests, utilizing opaque PCC profile identifiers, that a PCC initiate a path. The PCC profile identifier corresponds to path usage constraints, stored local to PCC, and are unknown to the PCE. Advantageously, the PCC identifiers allow the PCE to marshal path initiation while leveraging distributed resources to enforce compliance with usage parameters. | 2015-09-03 |
20150249593 | OPAQUE PROFILE IDENTIFIERS FOR PATH COMPUTATION ELEMENT PROTOCOL - Methods and systems are disclosed for enabling centralized path definition and policy with distributed path setup, and centralized path setup control with distributed path utilization constraints. In one example, a path computation client (PCC) requests, utilizing opaque PCE profile identifiers, path computation from a path computation element (PCE). The PCE profile identifier corresponds to path computation constraints, stored local to PCE, and are unknown to the PCC. Advantageously, the PCE profile identifiers allow the PCC to initiate path computation requests based on information local the PCC while leveraging centralized computation by the PCE. In another example, a PCE requests, utilizing opaque PCC profile identifiers, that a PCC initiate a path. The PCC profile identifier corresponds to path usage constraints, stored local to PCC, and are unknown to the PCE. Advantageously, the PCC identifiers allow the PCE to marshal path initiation while leveraging distributed resources to enforce compliance with usage parameters. | 2015-09-03 |
20150249594 | PROTOCOL INDEPENDENT MULTICAST DESIGNATED ROUTER REDUNDANCY - In one embodiment, a method includes transmitting a packet from a router located in a communication path between a source and a receiver, the packet having one or more values used to select a group designated router from a list of candidate group designated routers for multicast traffic streams, selecting the router as said group designated router for one or more of the multicast traffic streams, and forwarding traffic for the one or more multicast traffic streams to the receiver. The candidate group designated routers are last hop routers for transmitting the multicast traffic streams to a common link connected to the receiver. An apparatus is also disclosed herein. | 2015-09-03 |
20150249595 | MESH ROUTER SYSTEMS AND METHODS - A system including an edge router which collects data from a mesh network by receiving on multiple simultaneous frequencies. Using N simultaneous frequencies increases the throughput of a system by up to N-times, reducing the bottleneck that otherwise occurs at the take-out-point of a mesh communications system. Furthermore, nodes in direct communication with the edge router can send each data packet multiple times on multiple frequencies, increasing the probability that the packet is delivered correctly, eliminating the necessity to acknowledge (ACK) each packet. This further enhances system throughput. | 2015-09-03 |
20150249596 | INFORMATION PROCESSING DEVICE AND METHOD FOR DETERMINING PATH RANGE - An information processing device includes a first storage unit and a processor. The first storage unit is configured to store therein setting information designating a path range. The path range is one of a subset of a plurality of communication paths and a full set of the plurality of communication paths. The processor is configured to perform communication through a communication path included in a first path range designated by first setting information stored in the first storage unit. The processor is configured to acquire performance information of the respective communication paths included in the first path range. The processor is configured to select a second path range between the subset and the full set on basis of the acquired performance information. The processor is configured to store second setting information designating the selected second path range in the first storage unit. | 2015-09-03 |
20150249597 | Rapid Alternate Paths for Network Destinations - Network traffic is sent via alternate paths in cases of network link or node failure. An alternate node responds to U-Turn traffic from a primary neighbor to select a further alternate. An algorithm for determining the alternate paths is provided to select loop-free neighbors. | 2015-09-03 |
20150249598 | SELECTING NETWORK SERVICES BASED ON HOSTNAME - In an embodiment, a method configures a network to route data on a first network service that connects a user's network with a service provider network. In the method, an instruction to route data from the network addressed to a hostname on the first network service is received. According to the hostname, a first IP address that addresses a server identified by the hostname is determined. A second IP address is also determined as the second IP address of the specific network service. Finally a message is sent to the user's network that specifically instructs the user's network to route data addressed to the first IP address to the second address. The message causes configuration of a router on the user's network to route data on the first network service. System and computer program product embodiments are also disclosed. | 2015-09-03 |
20150249599 | VIRTUAL CLUSTER ESTABLISHMENT METHOD AND NETWORK DEVICE - The present invention provides a virtual cluster establishment method and a network device. The method includes: a first network device establishes, a network-layer-based first communication connection with a second network device; the first network device sends a first registration request message to the second network device through the first communication connection, where the first registration request message is used to establish a virtual cluster with the second network device; after the first network device receives a registration response message, selecting the second network device as an active main control device in the virtual cluster system; establishes, a network-layer-based second communication connection with a third network device; sends, a second registration request message to the third network device; and selects the third network device as a standby main control device. In this invention, a structure of a cluster is simplified, and scalability of the cluster is improved. | 2015-09-03 |
20150249600 | COMMUNICATION SYSTEM, CONTROL APPARATUS, PACKET FORWARDING PATH CONTROL METHOD, AND PROGRAM - A control apparatus, including a first unit configured to construct a plurality of logical network topologies on a physical network included a plurality of nodes; a second unit configured to select a logical network topology corresponding to a policy of communication service from the logical network topologies; and a third unit configured to specify a communication path corresponding to a packet on the physical network based on the selected logical network topology, configured to notify a rule forwarding a packet along the communication path to a node on the communication path. | 2015-09-03 |
20150249601 | SIGNALING-LESS DYNAMIC CALL SETUP AND TEARDOWN BY UTILIZING OBSERVED SESSION STATE INFORMATION - Signaling-less call setup and teardown by employing observed Quality of Experience (QoE) and resource demands. A system provides an environment for supersonic treatment of observed QoE and Quality of Service (QoS) demands for mobile applications. Specifically, a monitoring component is employed to determine session state information associated with a traffic flow, which includes observed QoE and resource demand data. The session state information is stored in a shared memory location and can be analyzed to modify and/or create a network policy for the traffic flow. The network policy is applied to one or more traffic flows to minimize signaling exchanges between a communication network and a mobile station. | 2015-09-03 |
20150249602 | SYSTEM ON CHIP LINK LAYER PROTOCOL - A network processing system provides coherent communications between multiple system-on-chips (SOCs). Data messages between SOCs are assigned to virtual channels. An interconnect linking the SOCs divides the communications into discrete data blocks, each of which contains data segments from several virtual channels. The virtual channels can be implemented to control congestion and interference among classes of communications. During transmission, the interconnect distributes the data blocks across several physical ports linking the SOCs. As a result, communications between SOCs is optimized with minimal latency. | 2015-09-03 |
20150249603 | PACKET OUTPUT PROCESSING - A circuit operates to manage transmittal of packets in a network packet processor. The circuit includes a packet descriptor manager (PDM), a packet scheduling engine (PSE), and a packet engines and buffering module (PEB). The PDM generates a metapacket and a descriptor from a command signal, where the command signal identifies a packet to be transmitted by the circuit. The PSE determines an order in which to transmit the packet among a number of packets, where the PSE determines the order based on information indicated in the metapacket. Once the packet is scheduled for transmission, the PEB performs processing operations on the packet to produce a processed packet based on instructions indicated in the descriptor. The PEB then causes the processed packet to be transmitted toward the destination. | 2015-09-03 |
20150249604 | PACKET SCHEDULING IN A NETWORK PROCESSOR - A circuit operates to manage transmittal of packets in a network packet processor. The circuit includes a packet descriptor manager (PDM), a packet scheduling engine (PSE), and a packet engines and buffering module (PEB). The PDM generates a metapacket and a descriptor from a command signal, where the command signal identifies a packet to be transmitted by the circuit. The PSE models the packet through a model of the network topology, determining an order in which to transmit the packet among a number of packets based on the modeling. Once the packet is scheduled for transmission, the PEB performs processing operations on the packet to produce a processed packet based on instructions indicated in the descriptor. The PEB then causes the processed packet to be transmitted toward the destination. | 2015-09-03 |
20150249605 | Efficient Communication for Devices of a Home Network - Systems and methods are provided for efficient communication through a fabric network of devices in a home environment or similar environment. For example, an electronic device may efficiently control communication to balance power and reliability concerns, may efficiently communicate messages to certain preferred networks by analyzing Internet Protocol version 6 (IPv6) packet headers that use an Extended Unique Local Address (EULA), may efficiently communicate software updates and status reports throughout a fabric network, and/or may easily and efficiently join a fabric network. | 2015-09-03 |
20150249606 | SMARTER POLICY DECISIONS BASED ON METADATA IN DATA FLOWS - Modern day user applications leverages new communication technologies such as WebRTC, WebEx, and Jabber allow devices to connect and exchange media content including audio streams, video streams, and data stream/channels. The present disclosure describes mechanisms for a Port Control Protocol (PCP) server to provide feedback to PCP clients to enforce certain policies on the transport of such media content for a network. A policy may include a traffic handling policy for enforcing differentiated quality of service characteristics for different types of media streams. Another policy may include a security policy ensuring a data files being transmitted over a data channel from one endpoint travels to a security application via a relay element before the packets reaches another endpoint. The mechanisms are transparent to the endpoints, and advantageously preserve the user experience for these user applications. | 2015-09-03 |
20150249607 | AUTOMATED SERVICE INTERFACE OPTIMIZATION - Disclosed are various embodiments for automated service interface optimization. In one embodiment, a service client and/or a service provider is reconfigured to use an optimized version of a data transfer interface, where the optimized version transfers fewer data items from the service provider to the service client. In another embodiment, service calls from a service client for multiple different data objects are aggregated into an aggregated service call for a data object. In yet another embodiment, an optimized data object is provided to a service client in response to a request for an unoptimized data object. If the service client attempts to use a data item excluded from the optimized data object, the excluded data item is then provided to the service client. | 2015-09-03 |
20150249608 | Method, System and Apparatus for Controlling Flow Detection, Controller and Detection Device - A control method, system and apparatus for flow detection, a controller and a detection device. The method includes the controller acquires a flow identifier of a flow to be detected by each flow detection module in a network; adjusts the flow to be detected by each flow detection module according to a set load balancing policy; and delivers a detection instruction to each flow detection module, where the detection instruction includes a flow identifier of a flow to be detected by each flow detection module after the adjustment. In the present invention, because multiple flow detection modules are deployed in a network in a distributed manner, when there are a large number of switching devices included in the network, load balancing can be performed for detection of flows transmitted between these switching devices. | 2015-09-03 |
20150249609 | METHOD AND APPARATUS FOR PROCESSING RECEIVED NETWORK PACKETS ON A NETWORK INTERFACE FOR A COMPUTER - An intelligent network interface card (INIC) or communication processing device (CPD) works with a host computer for data communication. The device provides a fast-path that avoids protocol processing for most messages, greatly accelerating data transfer and offloading time-intensive processing tasks from the host CPU. The host retains a fallback processing capability for messages that do not fit fast-path criteria, with the device providing assistance such as validation even for slow-path messages, and messages being selected for either fast-path or slow-path processing. A context for a connection is defined that allows the device to move data, free of headers, directly to or from a destination or source in the host. The context can be passed back to the host for message processing by the host. The device contains specialized hardware circuits that are much faster at their specific tasks than a general purpose CPU. A preferred embodiment includes a trio of pipelined processors devoted to transmit, receive and utility processing, providing full duplex communication for four Fast Ethernet nodes. | 2015-09-03 |
20150249610 | INTRODUCING UNCOMPRESSED PACKETS IN COMPRESSION FLOW BASED ON FLOW CONTROL - Methods and apparatus are described for introducing uncompressed data packets in to theinto a compression flow during compression for communication between a user equipment (UE) and a network entity, comprising placing a plurality of data packets in an uncompressed uplink queue of the UE; determining that an amount of data packets in a compressed uplink queue of the UE fails to satisfy a grant threshold; and transferring one or more of the plurality of data packets to the compressed uplink queue from the uncompressed uplink queue based on the determination that the amount of data packets in the compressed uplink queue fails to satisfy the grant threshold, wherein the one or more of the plurality of data packets in the compressed uplink queue are scheduled for transmission to the network entity as one or more uncompressed data packets. | 2015-09-03 |
20150249611 | INFORMATION PROCESSING DEVICE, INFORMATION PROCESSING METHOD, AND PROGRAM - A microburst detection device acquires from a database, collected information collected from equipment having a buffer and for accumulating in the buffer a packet received. The collected information indicates the number of times the equipment has requested a packet transmission source to halt packet transmission due to a shortage of a free space of the buffer. The microburst detection device also determines whether or not burst traffic to the equipment has occurred, based on the number of times of packet transmission halt request indicated by the collected information. | 2015-09-03 |
20150249612 | Enhanced Motor Drive Communication System and Method - In some embodiments, a motor drive system includes a communication subassembly electrically coupled to a control subassembly for providing communication between the control subassembly and at least one external device. The control subassembly and the communication subassembly transmit and receive control data independently of messaging data, greatly enhancing performance and reducing the workload of processors on the control subassembly and communication subassembly. Additionally, the control subassembly and the communication subassembly transmit message data via sequence count based messaging. Communications between the communication subassembly and the control subassembly may include a series of timeout periods and retries, increasing reliability. | 2015-09-03 |
20150249613 | DISPLAY AWARE TRANSCODER SOURCE SELECTION SYSTEM - Systems and methods for efficiently managing the resources in a delivery system may include managing the processing power of a transcoder. By managing the input selection functions of a tuner and linking the selections with functions of a transcoder, the transcoder may process fewer instructions for a given request, resulting in the ability of the transcoder to support more streams. Modifying the inputs to the transcoder that need to be transcoded, therefore, may enable the media content delivery system to support more inputs and, thereby, more media playback devices. Managing the processing power of a transcoder can more efficiently support the delivery of media content to a media playback device, particularly where the delivery system supports multiple media playback devices. | 2015-09-03 |
20150249614 | PREDICTIVE DELAYCAST FEEDBACK - Systems and methods are described for predictive delaycast feedback in relation to content object queuing and offer and request handling via communications systems. When a subscriber of communications and/or media services requests access to a content object, embodiments can determine where the content object can and/or should be placed in a delaycast queue. The queue can include multiple regions associated with different estimated delivery timeframes. The placement determination can involve determining an appropriate queue location for the requested content object (e.g., an appropriate queue region), and determining an associated promise time for the requested object. | 2015-09-03 |
20150249615 | RESOURCE ADJUSTMENT METHODS AND SYSTEMS FOR VIRTUAL MACHINES - A resource adjustment system and method for virtual machines (VMs) are provided. The method includes: obtaining, by a monitoring module, performance and status information of a first server and at least one VM of the first server; estimating, by an estimating module, the first server and each VM according to the performance and status information and an evaluation index and obtaining a server estimation score of the first server and a virtual machine estimation score of every VM; and finding, by a moving module, a second server according to the performance and status information and the evaluation index when a virtual machine estimation score of at least one first VM of the first server or the server estimation score exceeds a threshold, finding at least one VM suitable to be moved according to a moving order, and moving the at least one VM to the second server. | 2015-09-03 |
20150249616 | APPARATUS AND METHOD FOR SUPPORTING MULTI-HOST ACCESS - The present invention relates to an apparatus and method for supporting multi-host access. According to the present invention, a hub can detect which host transmits a message without a future change of USB layers by allocating a host port ID and providing an individual identifier to each host in a hub PAL. | 2015-09-03 |
20150249617 | ENROLLING A MOBILE DEVICE WITH AN ENTERPRISE MOBILE DEVICE MANAGEMENT ENVIRONMENT - Embodiments of the present application relate to a method, apparatus, and system for enrolling a mobile device with an enterprise network. The method includes receiving, from a mobile device, a request to access an enrollment address. In response to receiving the request to access the enrollment address, determining whether the mobile device is pre-enrolled with the enterprise network, and in the event that the mobile device from which the request to access the enrollment address is received corresponds to the mobile device that is pre-enrolled with the enterprise network, pushing user-specific settings to the mobile device. | 2015-09-03 |
20150249618 | PEER TO PEER OWNERSHIP NEGOTIATION - A method of negotiating memory record ownership between network nodes, comprising: storing in a memory of a first network node a subset of a plurality of memory records and one of a plurality of file system segments of a file system mapping the memory records; receiving a request from a second network node to access a memory record of the memory records subset; identifying the memory record by using the file system segment; deciding, by a placement algorithm, whether to relocate the memory record, from the memory records subset to a second subset of the plurality of memory records stored in a memory of the second network node; when a relocation is not decided, providing remote access of the memory record via a network to the second network node; and when a relocation is decided, relocating the memory record via the network for management by the second network node. | 2015-09-03 |
20150249619 | VIRTUAL COMPUTING ENVIRONMENTS - Methods, systems, and apparatus, including computer program products, for discovering entities in a first portion of a data center network, examining information associated with the discovered entities to determine relationships that exist between pairs of entities in the first portion of the data center network, and generating a specification of the relationships that exist between pairs of entities in the first portion of the data center network based on results of the examining. | 2015-09-03 |
20150249620 | PACKET SHAPING IN A NETWORK PROCESSOR - A circuit operates to manage transmittal of packets in a network packet processor. The circuit includes a packet descriptor manager (PDM), a packet scheduling engine (PSE), and a packet engines and buffering module (PEB). The PDM generates a metapacket and a descriptor from a command signal, where the command signal identifies a packet to be transmitted by the circuit. The PSE compares a packet transmission rate associated with the packet against at least one of a peak rate and a committed rate associated with the packet, and determines an order in which to transmit the packet among a number of packets based on the comparison. Once the packet is scheduled for transmission, the PEB performs processing operations on the packet to produce a processed packet based on instructions indicated in the descriptor. The PEB then causes the processed packet to be transmitted toward the destination. | 2015-09-03 |
20150249621 | DYNAMIC AND ADAPTIVE QUOTA SHARES - Embodiments relate to dynamically allocating access to a shared resource based on quota shares. An aspect includes computing, by a client node, an expected size of quota shares needed by the client node based on a historical rate of resource consumption by the client node. The client node transmits a request for a count of quota shares based on the expected size. The client node receives an indication that the request for the count of quota shares is one of: granted, denied, and granted-in-part. The client node self-rules the shared resource based on the indication. | 2015-09-03 |
20150249622 | CONFLICT DETECTION AND RESOLUTION IN AN ABR NETWORK - A scheme for managing conflict resolution in an ABR streaming environment with respect to a bandwidth pipe serving a customer premises. In one aspect, when a session request is received from a new ABR client launched in the customer premises that includes one or more existing ABR clients having corresponding streaming sessions, a bandwidth forecasting module is configured to forecast bandwidth requirements with respect to the corresponding ABR streaming sessions after accounting for a bandwidth requirement for the new ABR client's session request. A conflict may be detected if any of forecasted bandwidth requirements violates a bitrate threshold policy relative to the corresponding ABR streaming sessions and/or the new session being requested. If there is a conflict, a conflict notification message to the new ABR client is provided and the session request from the new ABR client is rejected. | 2015-09-03 |
20150249623 | CONFLICT DETECTION AND RESOLUTION IN AN ABR NETWORK USING CLIENT INTERACTIVITY - A scheme for managing conflict resolution in an ABR streaming environment with respect to a bandwidth pipe serving a customer premises. In one aspect, when a session request is received from a new ABR client launched in the customer premises that includes one or more existing ABR clients having corresponding streaming sessions, a bandwidth forecasting module is configured to forecast bandwidth requirements with respect to the corresponding ABR streaming sessions after accounting for a bandwidth requirement for the new ABR client's session request. A conflict condition may be detected if any of forecasted bandwidth requirements violates a bitrate threshold policy relative to the corresponding ABR streaming sessions and/or the new session being requested. If there is a conflict, an interactive session may be launched with one or more clients for facilitating user selection of one or more options relative to the impending conflict condition. | 2015-09-03 |
20150249624 | Process and method for expanding reply capabilities within a computer implemented messaging thread network. - A computer implemented messaging process that expands reply capabilities and employs functions for propagating and referencing content data in a messaging network is described. The invention expands comment replies to a special tier of nesting that renders replies to replies as subordinate initial content, which can extend from any nested replies in the network. Furthermore, the process includes functions for transforming special tier content into stand-alone content and special tier content-referencing that allows special tier content to be attached onto any and all existing content in the network. | 2015-09-03 |
20150249625 | USING ANALYTICS TO OPTIMIZE PERFORMANCE OF A MESSAGING SYSTEM VIA TOPIC MIGRATION TO ALTERNATE DELIVERY METHODS - A method and associated systems for using analytics to optimize performance of a messaging system via topic migration to alternate delivery methods. A messaging system delivers messages organized into topics to users by any of several message-delivery mechanisms, such as a publish/subscribe push mechanism and an HTTP polling pull mechanism. A processor analyzes characteristics of messages associated with a particular topic and delivered by a first delivery mechanism, and if it finds that those characteristics render the first delivery mechanism an inefficient or expensive way to deliver those messages, it determines whether a second mechanism would be more efficient or less expensive. If so, the messaging system then migrates all messages associated with the topic to the second mechanism, regardless of an identity or other characteristic of a user that receives messages associated with the topic. | 2015-09-03 |
20150249626 | System and Method of Delivering Notifications - A method includes associating an e-mail address with a media device at a server of a television network. The media device is associated with the television network and the e-mail address is associated with a network device outside of the television network. The method includes receiving, at the server, an e-mail message directed to the e-mail address. The method also includes sending an e-mail notification from the server to the media device responsive to receipt of the e-mail message. The e-mail notification indicates whether the e-mail message includes an attachment. The e-mail notification permits the media device to provide notification of the e-mail message and an indication of whether the e-mail message includes an attachment to an output device coupled to the media device. | 2015-09-03 |
20150249627 | Iterative Method to Successfully Send Large Electronic Messages - Iterative techniques for successfully sending large electronic messages are provided. In one aspect, a method of sending an electronic message is provided. The method includes the steps of: transmitting the electronic message from a sender to a recipient, wherein a size of the electronic message exceeds an electronic message size limit for the recipient; receiving a message from the recipient that the size of the electronic message exceeds the electronic message size limit for the recipient; automatically dividing the electronic message into at least two segments; and transmitting the at least two segments to the recipient. Additionally, the recipient's preferences for receiving large electronic messages from the sender may also be taken into account. | 2015-09-03 |
20150249628 | ASSOCIATING PRIVATE ANNOTATIONS WITH PUBLIC PROFILES - A method of storing data items included in an email message for access by a user in conjunction with an accessing by the user of a profile of a member of the social-networking system is disclosed. An email message from an additional user of a social-networking system is received by the user of the social-networking system. A data item included in the email message is identified upon which a correspondence between the data item included in the email message and a profile of a member of the social-networking system may be determined. An additional data item included in the email message is stored such that the additional data item is accessible by the user of the social-networking system in conjunction with an accessing by the user of the profile of the member. | 2015-09-03 |
20150249629 | Transmitting Rich Media Between a Personal Server and a Mobile Device over a Wide Area Network - A mobile device, such as a cellular telephone or a personal digital assistant (PDA), stores first personal data, such as any one or more of image, video, and audio data. The mobile device transmits the first personal data over a first wide area network (WAN) to a personal server. | 2015-09-03 |
20150249630 | Method and System for Controlling Message of Mobile Terminal and Mobile Terminal - A method and system for controlling a message of a mobile terminal and the mobile terminal including an application platform for receiving a message to be processed of the mobile terminal, which is forwarded by a management platform, wherein the message to be processed is transmitted to the management platform by the mobile terminal. The application platform displays information to be processed in the message to be processed. With the method and system for controlling a message of a mobile terminal, flexibility in control over the message of the mobile terminal is improved, usability in control over the message of the mobile terminal is improved, and the perceptibility of the user over the information to be processed is improved. | 2015-09-03 |
20150249631 | SYSTEM AND METHOD FOR THREADING ELECTRONIC MESSAGES - A system and method includes a network interface device to receive and retransmit electronic messages between a first user and a second user, an electronic data storage configured to store database entries related to electronic messages as received and retransmitted by the network interface device, at least some of the database entries including a latest message in thread flag identifying a latest electronic message in a thread of multiple electronic messages, and a processor. The processor may create a database entry corresponding to a first electronic message, the database entry including the latest message in thread flag indicating that the first electronic message is a latest electronic message of a thread, and change a status of a latest message in thread flag of a database entry corresponding to a second electronic message of the thread to indicate that the second electronic message is not a latest message in the thread. | 2015-09-03 |
20150249632 | SYSTEMS AND METHODS FOR OPTIMIZING MESSAGE NOTIFICATION TIMING BASED ON ELECTRONIC CONTENT CONSUMPTION ASSOCIATED WITH A GEOGRAPHIC LOCATION - Systems and methods are provided for timing message notifications to be provided to mobile device users based on their geographic locations with respect to geographic areas associated with a threshold level of content consumption. The timing of message notifications may be controlled in order to optimize the chances of delivering targeted content to a mobile device user based on the current geographic location of the user's device relative to a threshold level of content consumption area. As mobile device users may be more likely to launch a client application in a place where other users are currently consuming content, a general message notification sent to the user's device located in a geographic area associated with a threshold level of content consumption, may increase the likelihood that the user will launch the client application and thereby, allow targeted content to be delivered to the user's mobile device. | 2015-09-03 |
20150249633 | SYSTEM AND METHOD FOR EMAIL NOTIFICATION - A system and method for generating a notification email within the framework of standard email messaging protocols employs custom headers providing a short, informative notification of the subject of the email. | 2015-09-03 |
20150249634 | GENERAL PURPOSE MESSAGING - Embodiments of the present invention relate to systems and methods for enabling entities, such as issuers, merchants, payment processing networks, and mobile-network operators, to send account-related messages and marketing messages to a user's mobile device in response to a message request sent from the user's mobile device. According to some embodiments, the account-related messages and the marketing messages are sent to the user's mobile device in accordance with message parameters that are defined by the user and that are embedded in the message request. | 2015-09-03 |
20150249635 | SYSTEMS AND METHODS FOR ELECTRONIC COMMUNICATION USING UNIQUE IDENTIFIERS ASSOCIATED WITH ELECTRONIC ADDRESSES - A method and system for electronically communicating with a user knowing only a unique identifier associated with that user is described. An electronic message having an address based upon the unique identifier and consistent with an assigned convention is sent from a portable device and received by a server system. The message sent may include attachments such as, for example, pictures, audio and/or video files. The server system includes or is capable of accessing an electronic repository in which a plurality of unique identifiers are respectively associated with a corresponding plurality of profiles. Upon receipt at the server system, the message and any attachments are stored in association with a profile corresponding to the unique identifier. The server system then facilitates access to the message information and any attachments in accordance with the profile. | 2015-09-03 |
20150249636 | RESOURCE DOWNLOAD METHOD, SERVICE SERVER AND CELLULAR PHONE CLIENT - A resource download method, a service server, and a cellular phone client are described. The service server may determine a geographic area where the cellular phone client is located and an operator to which the cellular phone client belongs to according to an IP address of the cellular phone client received from the cellular phone client. The service server may determine an IP address of a download server according to the geographic area and the operator. The service server may subsequently send the IP address of the download server to the cellular phone client, which may download the resource. | 2015-09-03 |
20150249637 | COMMUNICATIONS APPARATUS AND METHOD - The present invention relates to communications apparatus ( | 2015-09-03 |
20150249638 | REGISTRATION AND USE OF PATTERNS DEFINED BY EXPRESSIONS AS DOMAIN NAMES - A domain name registration service permits registrants to register names that are defined by a regular expression that may include one or more wildcard values in any portion of the domain or subdomain name. A domain name server utilizes pattern matching with regular expressions, such as REGEX systems, to parse incoming domain name requests to identify text strings that conform to the domain defined by the registered regular expression. Other components assign economic value to defined patterns and prevent conflicts between registered patterns and domain names. | 2015-09-03 |
20150249639 | METHOD AND DEVICES FOR REGISTERING A CLIENT TO A SERVER - A method for registering a client to a server connected through a network is disclosed wherein the client being assigned with a determined network address. The method comprises sending by the client to the server, a request comprising a first network address among a sequence of at least one network address; denying by the server the request comprising the first network address among the sequence of at least one network address; sending by the client to the server, a request comprising a second network address; a granting by the server the request comprising the second network address when the second network address is derived from the determined network address and when the first network address among the sequence of at least one network address is derived from a first function using a shared secret between the client and the server and said determined network address of the client. A client device and a server device implementing the registration method are further disclosed. | 2015-09-03 |
20150249640 | DOMAIN NAME VARIANT GENERATION - Domain name variants may be generated and/or displayed by accessing historical domain name information and identifying, based on the accessed historical domain name information a set of swap options. The swap options may include one or more graphemes. Variants of a domain names may be determined based on the identified set of swap options. | 2015-09-03 |
20150249641 | HUMAN USER VERIFICATION OF HIGH-RISK NETWORK ACCESS - Systems and methods for performing a human user test when a high-risk network access is captured by an intermediary security device are provided. According to one embodiment, a request that is sent from a client to a server is captured by an intermediary security device logically interposed between the client and the server. A human user test message is sent by the intermediary security device to the client to verify that the request was initiated by a human user of the client. A response to the human user test message is received by the intermediary security device. It is determined by the intermediary security device whether the response is a correct response to the human user test message. When the determination is affirmative, the request is allowed to pass through the intermediary security device and to be delivered to the server. | 2015-09-03 |
20150249642 | ACCESS CONTROL LISTS FOR PRIVATE NETWORKS OF SYSTEM AGNOSTIC CONNECTED DEVICES - The disclosure relates to using a control service to control external access to APIs of IoT devices on a private network. An external application can request access to an API, and in response, the control service can monitor broadcasts from the IoT devices indicating what APIs they have available. If a match exists, the control service can request user authorization to allow the requested access. The user can grant or deny the requested access, and place limitations on the authorized access. The control service uses this information to open a connection between the requesting application and the IoT device having the requested API, and via this connection, the requesting application can access and control the device running the requested API. | 2015-09-03 |
20150249643 | REGIONAL FIREWALL CLUSTERING IN A NETWORKED COMPUTING ENVIRONMENT - An approach for regional firewall clustering for optimal state-sharing of different sites in a virtualized/networked (e.g., cloud) computing environment is provided. In a typical embodiment, each firewall in a given region is informed of its peer firewalls via a registration process with a centralized server. Each firewall opens up an Internet protocol (IP)-based communication channel to each of its peers in the region to share state table information. This allows for asymmetrical firewall flows through the network and allows routing protocols to ascertain the best path to a given destination without having to take firewall placement into consideration. | 2015-09-03 |
20150249644 | CLOUD-BASED SECURITY POLICY CONFIGURATION - Systems and methods for configuring security policies based on security parameters stored in a public or private cloud infrastructure are provided. According to one embodiment, security parameters associated with a first network appliance of an enterprise, physically located at a first site, are shared by the first network appliance with multiple network appliances of the enterprise by logging into an shared enterprise cloud account. The shared parameters are retrieved by a second network appliance of the enterprise, physically located at a second site, by logging into the shared enterprise cloud account. A VPN client configuration is automatically created by the second network appliance that controls a VPN connection between the first and second network appliances based on the shared parameters. The VPN connection is dynamically established based on the shared parameters when the VPN client configuration permits network traffic to be exchanged between the first and second network appliances. | 2015-09-03 |
20150249645 | SYSTEMS AND METHODS FOR PROVIDING SECURE ACCESS TO LOCAL NETWORK DEVICES - A computer-implemented method for providing secure access to local network devices may include (1) identifying a local area network that provides Internet connectivity to at least one device within the local area network, (2) obtaining, from an identity assertion provider, (i) a shared secret for authenticating the identity of a guest user of the device and (ii) a permission for the guest user to access the device from outside the local area network, (3) storing the shared secret and the permission within the local area network, (4) receiving, via the Internet connectivity, a request by the guest user from outside the local area network to access the device, and (5) providing access to the device in response to validating the request based on the shared secret and the permission. Various other methods and systems are also disclosed. | 2015-09-03 |
20150249646 | HARDWARE SECURITY AGENT FOR NETWORK COMMUNICATIONS - A hardware security agent may include a request inspector configured to receive an alias at the hardware security agent by way of a network interface of an untrusted computer, and a mapper configured to map the alias to corresponding protected data stored within the hardware security agent. The hardware security agent may further include a substitution manager configured to provide the corresponding protected data from the hardware security agent over a network to a target network site. | 2015-09-03 |
20150249647 | ADVANCED SECURITY PROTOCOL FOR BROADCASTING AND SYNCHRONIZING SHARED FOLDERS OVER LOCAL AREA NETWORK - A method, system, and manufacture for securely broadcasting shared folders from one client device to other client devices and synchronizing the shared folders over a local area network. A first client device, associated with a content management system, generates a secure identifier for a shared folder, using a shared secret key that is associated with the shared folder. The first client device announces the secure identifier over a local area network to other client devices on the local area network including a second client device. The first client device receives a synchronization request for the shared folder from the second client device. After authenticating, using the shared secret key, that the second client device has authorization to access the shared folder, the first client device synchronizes the shared folder with the second client device over the local area network. | 2015-09-03 |
20150249648 | ISSUING, PRESENTING AND CHALLENGING MOBILE DEVICE IDENTIFICATION DOCUMENTS - Methods and systems of authenticating electronic identification (ID) documents may provide for receiving a decryption key and an encrypted ID document from a certificate authority server at a mobile device, wherein the encrypted ID document includes a read only document having a photograph of an individual. Additionally, the decryption key may be applied to the encrypted ID document to obtain a decryption result in response to a display request. The decryption result can be output via a display of the mobile device, wherein the encrypted ID document can be sent to a challenge terminal if a challenge request is received. | 2015-09-03 |
20150249649 | SYSTEM AND METHOD TO MERGE ENCRYPTED SIGNALS IN DISTRIBUTED COMMUNICATION SYSTEM - In a computer implemented method for data privacy in a distributed communication system including a plurality of client terminals, the method includes: receiving, from each of the plurality of client terminals, a group of key switch hints generated by said each of the client terminals, wherein each group of key switch hints include a key switch hint corresponding to each other one of the client terminals; receiving, from each of the client terminals, an encrypted data stream; switching each of the encrypted data streams using the key switch hints corresponding to said each other one of the client terminals to generate a respective switched data set for said each of the encrypted data streams, wherein each switched data set includes a plurality of encrypted data representations of said each of the encrypted data streams; and generating an encrypted output data stream for each of the client terminals using the switched data set for each encrypted data stream. | 2015-09-03 |
20150249650 | SYSTEM AND METHOD TO MERGE ENCRYPTED SIGNALS IN DISTRIBUTED COMMUNICATION SYSTEM - In a computer implemented method for data privacy in a distributed communication system, the method includes: storing a plurality of secret keys, each secret key for a respective one of a plurality of client terminals; identifying a mixer key; generating a plurality of key switch hints for the client terminals, each of the key switch hints generated for a respective client terminal of the client terminals, using the mixer key and a respective secret key for each respective client terminal; sending the key switch hints to a mixer; switching a first encrypted data stream received from a first client terminal of the client terminals to an encrypted output data stream using the key switch hints; and sending the encrypted output data stream to a receiving client terminal of the client terminals to be decrypted by the receiving client terminal. | 2015-09-03 |
20150249651 | PROVIDING LOCALIZED CONTENT DELIVERY WITH REMOTE TOKEN AUTHENTICATION - Some embodiments set forth systems and methods enabling a first network to use the resources of various second networks in order to localize delivery of the first network content from the various second networks in a secure manner. Some embodiments provide a token-based authentication scheme to ensure that any configured content access restrictions are effectuated at the first network and any of the second networks providing localized content delivery for the first network. The scheme involves a two phase user authentication, wherein the user is separately authenticated at the first network and the redirected to second network using either the same or different set of access restrictions. The first network exchanges a first encryption key with content providers for encrypting/decrypting the first access restriction and a second encryption key with a second network for encrypting/decrypting the second access restriction. | 2015-09-03 |
20150249652 | ENABLING IMAGE BASED BROADCAST OF REVIEWS - A processor implemented method of enabling image broadcast of reviews includes connecting social media profiles of a user to a web portal, receiving image options at a user interface, displaying a list of reviews, accepting from the user a selection of from the list of reviews, generating a posting queue and publishing the selected review to the social media profile associated with the user in the form of an image. | 2015-09-03 |
20150249653 | METHOD AND SYSTEM FOR AUTHENTICATING AT LEAST ONE TERMINAL REQUESTING ACCESS TO AT LEAST ONE RESOURCE - For authenticating at least one terminal requesting access to at least one resource, an authentication server performs: obtaining for each terminal at least one piece of authentication information; transmitting to a gateway device at least one checking function, or coefficients thereof. Each piece of authentication information is representative of a value such that, when inputted to respective checking function(s), the checking function(s) return(s) a predefined value. The gateway device performs: receiving from one terminal a request for getting access to the resource(s), said request being received in conjunction with a piece of authentication information; retrieving a checking function applicable to the received request; inputting the piece of authentication information provided by the terminal into the retrieved checking function, for obtaining an authentication result; accepting the request for getting access to the resource(s), when the authentication result equals said predefined value; and rejecting the request otherwise. | 2015-09-03 |
20150249654 | SECURITY PROCESSING ENGINES, CIRCUITS AND SYSTEMS AND ADAPTIVE PROCESSES AND OTHER PROCESSES - An electronic circuit ( | 2015-09-03 |
20150249655 | AUTHORIZATION AND AUTHENTICATION BASED ON AN INDIVIDUAL'S SOCIAL NETWORK - In particular embodiments, a method includes accessing a graph data structure comprising a plurality of nodes and a plurality of edges connecting the nodes, receiving, a request to send content relating to the first user to the second user, and prohibiting sending of the content to the second user if the node corresponding to the first user and the second user are connected to each other in the graph data structure through a series of edges and nodes that comprises an unauthorized node. | 2015-09-03 |
20150249656 | NETWORK CONNECTION SHARING METHOD AND NETWORK CONNECTION SHARING SYSTEM - A network connection sharing method is provided. A first electronic device is set as a hotspot by a first application program module of the first electronic device, so that a wireless network is shared by the first electronic device. After a service set identifier and a password of the wireless network are converted into a two-dimensional code image by the first application program module, the two-dimensional code image is outputted from an image output device of the first electronic device. After the two-dimensional code image is read by an image input device of a second electronic device and analyzed by a second application program module of the second electronic device, the service set identifier and the password are acquired. The second electronic device is connected to the wireless network according to the service set identifier and the password. | 2015-09-03 |
20150249657 | REMOTE SIGN-OUT OF WEB BASED SERVICE SESSIONS - Remote sign-out of web based service sessions. As a part of remote sign-out of web based service sessions, a user authentication token is accessed that is used to establish a web based service session and this user authentication token is stored in memory of an authentication server and returned in a cookie to the device. User access and deletion of the user authentication token from memory is accommodated using a device different from that which initially established the web based service session. Upon receipt of a browser request involving the user authentication token, it is determined whether the user authentication token is stored in memory. An access denial indication is provided to a web based service that indicates that the user authentication token is not stored in memory. | 2015-09-03 |
20150249658 | USER DEVICE PERFORMING PASSWORD BASED AUTHENTICATION AND PASSWORD REGISTRATION AND AUTHENTICATION METHODS THEREOF - A password registration method of a user device which uses a password-based authentication manner is provided. The password registration method includes combining a salt to an input password to generate a combination password; expanding the combination password to generate an expanded password of which a data length is increased; compressing the expanded password to output authentication data; and storing the authentication data in an authentication database. | 2015-09-03 |
20150249659 | AUTHORIZATION FLOW INITIATION USING SHORT-TERM WIRELESS COMMUNICATION - In general, aspects of the disclosure are directed towards techniques for initiating an authorization flow with a user to enable a user interface-limited client computing device to obtain access to protected resources hosted by a resource service. In some aspects, a computing device comprises at least one processor. The computing device also comprises a short-range wireless communication module operable by the at least one processor to receive, using short-range wireless communication, an authentication request from a client device. The computing device also comprises an authorization module operable by the at least one processor to receive authorization to provide at least one security credential to the client device, wherein the authorization module is further configured to, responsive to receiving the authorization, send an indication of the authorization to an authentication service. | 2015-09-03 |
20150249660 | AUTHENTICATING LINKED ACCOUNTS - Embodiments of authenticating linked accounts are presented herein. In an implementation, an authentication service provides functionality to form links between a plurality of user accounts. A client may then authenticate by providing credentials for one account in a group of linked accounts, and is permitted access to each account in the group of linked accounts based upon the linking. Thus, a single sign-in of a client to one account may permit the client to obtain services for service providers corresponding to multiple linked accounts, without an individual sign-in to each account. | 2015-09-03 |