04th week of 2020 patent applcation highlights part 66 |
Patent application number | Title | Published |
20200028810 | COGNITIVE RECOGNITION AND FILTERING OF CYBERBULLYING MESSAGES - Aspects of the invention include identifying a user at an electronic device and accessing a profile of the user. The profile includes previously displayed data flagged as causing a negative reaction by the user when displayed to the user. New data for display is received at the electronic device. The new data is analyzed to determine whether it includes at least a subset of the previously displayed data flagged as causing a negative reaction by the user. The new data is displayed on a display of the electronic device based on determining that the new data does not include at least a subset of the previously displayed data flagged as causing a negative reaction. Otherwise, the new data is modified by removing the at least a subset of the previously displayed data from the new data and the modified data is displayed on the display of the electronic device. | 2020-01-23 |
20200028811 | METHOD THAT ALLOWS A PUBLISHER?S WEBSITE TO ALLOW REGISTERED USERS TO UPLOAD AUDIO AND VIDEO CONTENT ON THE PUBLISHER?S WEB83-4 - A method that allows registered users of a publisher's website to upload audio and video content on a thread of the publisher's website and wherein the uploaded content is transcribed, by a backend client comment management program for later retrieval by any user having access to the publisher's website. | 2020-01-23 |
20200028812 | Method and System for Integration of Shared Calendars with Messaging Applications - A method at an electronic device, the method including receiving a message at the electronic device; processing the message to find a potential calendar event; comparing correspondents of the message with membership in at least one shared calendar accessible by the electronic device; selecting a shared calendar based on the comparing; and populating a calendar input field with an identifier of the selected calendar. | 2020-01-23 |
20200028813 | LIVE LOCATION SHARING - Techniques for live location sharing are described. A first mobile device and a second mobile device can communicate with one another using an IM program. The first mobile device can receive a user input to share a location of the first mobile device in the IM program. Sharing the location can include causing the second mobile device to display a location of the first mobile device in an IM program user interface on the second mobile device. Duration of sharing the location can be user-configurable. The second mobile device may or may not share a location of the second device for display in the IM program executing on the first mobile device. | 2020-01-23 |
20200028814 | AUTOMATED BUNDLING OF CONTENT - Non-limiting examples describe automated bundling of content on behalf of a user by an application/service. As an example, a bundle of content may be a bundle of emails created on behalf of a user by an email service. Email data associated with a user account of an email service may be accessed. The email data may be evaluated by applying a bundle generation model that that evaluates the emails for bundling associations. An exemplary bundle generation model may evaluate the email data based on: user signal data from actions pertaining to categorization of specific emails, content and metadata corresponding with the email data, and server side metric analysis of activity corresponding with the user account. A bundle of emails may be automatically generated based on an evaluation result from applying the bundle generation model. The bundle of emails may be transmitted for display in a mailbox of the user account. | 2020-01-23 |
20200028815 | METHOD AND SYSTEM FOR CONTROLLING MESSAGE TRANSMISSION FOR A COMMUNICATION GROUP - A method and system for controlling message transmission for a communication group are disclosed. While a message-on-hold mode remains activated for a first communication group at a first client device: the device, in response to detecting a change in the usage of the first client device: in accordance with a determination that communication suspension criteria are met with respect to the first communication group, prevents transmission of communications in the first communication group to the first client device; and in accordance with a determination that communication resumption criteria are met with respect to the first communication group, temporarily enables transmission of communications in the first communication group to the first client device without deactivating the message-on-hold mode for the first communication group. | 2020-01-23 |
20200028816 | AUTOMATED CLASSIFICATION AND TIME-BASED RELEVANCY PRIORITIZATION OF ELECTRONIC MAIL ITEMS - Automated classification and time-based relevancy prioritization of electronic messages is provided. An electronic mail item is parsed for identifying and extracting attributes for classifying the electronic message and for identifying time-sensitivity associated with the electronic message, and enriched with metadata identifying the classification and the associated time-sensitivity for displaying the electronic message based on the classification and based on relevancy to a receiving user based on the time-sensitivity. | 2020-01-23 |
20200028817 | Method, Apparatus and Product for Delivery of Electronic Messages to Electronically Un-Addressable Entities - A system and method for enabling delivering to a receiver of a message addressed to a non-electronically addressable entity ID associated with the receiver employs a database storing a plurality of verified electronically addressable and non-electronically entity IDs associated with the receiver, and a controller that upon receiving a message addressed to non-electronically addressable entity ID identifies the receiver and enables the receiver access to the message. | 2020-01-23 |
20200028818 | POSTING CONTENT TO SOCIAL MEDIUM - A computer-implemented method of posting content to a social medium comprises receiving content posted by a user along with an associated posting time which indicates when the user selected an option to post the content to the social medium; determining that publication of the content posted by the user is dependent on a trigger; and in response to determining that publication of the content is dependent on the trigger, storing the content with the associated posting time and suspending publication of the content until the trigger is satisfied such that the posting time published with the content indicates a time prior to transmission of the content from an electronic device to a server for publishing. | 2020-01-23 |
20200028819 | METHOD AND SYSTEM FOR CARRYING OUT A SENSITIVE OPERATION IN THE COURSE OF A COMMUNICATION SESSION - The invention relates to a method for carrying out a sensitive operation in the course of a communication between a processing unit and a first service server, said first server being accessible via a first domain name and/or first electronic address. The method comprises the step of using at least one second domain name different from the first and/or a second electronic address different from the first to carry out all or part of the sensitive operation. The invention also relates to a system corresponding to the method and comprising the server and/or the processing unit. | 2020-01-23 |
20200028820 | Network Application Security Policy Generation - Embodiments of the present invention generate network communication policies by applying machine learning to existing network communications, and without using information that labels such communications as healthy or unhealthy. The resulting policies may be used to validate communication between applications (or services) over a network. | 2020-01-23 |
20200028821 | SYSTEM AND METHOD OF UTILIZING NETWORK SECURITY DEVICES FOR INDUSTRIAL DEVICE PROTECTION AND CONTROL - A new network security device/appliance is proposed to not only protect, but also to control and operate an industrial IoT device. Specifically, the network security device is configured to detect and block cyber attacks such as viruses, hacking attempts, and other types of cyber threats launched from an outside network against the industrial IoT device based on a set of configurable rules. In addition, the network security device is further configured to control and operate the industrial IoT device remotely in response to the cyber attacks by issuing and communicating certain instructions/command to the industrial IoT device. Besides accepting and executing control command from the network security device, the industrial IoT device is also configured to send a request to the network security device to make certain adjustments to the rules concerning network traffic directed to the industrial IoT device. | 2020-01-23 |
20200028822 | GRANULAR OFFLOADING OF A PROXIED SECURE SESSION - A device may receive encrypted traffic associated with a secure session. The device may determine, based on the encrypted traffic, information associated with an offload service to be applied to the encrypted traffic associated with the secure session. The information associated with the offload service may indicate whether the encrypted traffic is permitted to bypass inspection by one or more security services. The device may selectively permit the encrypted traffic, associated with the secure session, to bypass inspection by the one or more security services based on the information associated with the offload service. | 2020-01-23 |
20200028823 | USING CRYPTOGRAPHY AND APPLICATION GATEWAY TO ELIMINATE MALICIOUS DATA ACCESS AND DATA EXFILTRATION - A system and method that prevents data access and data exfiltration is disclosed. The system includes a communication interface configured to receive and send encrypted and non-encrypted data, a secure storage device that resides on a gateway the storage device stores a plurality of pre-configured encryption policies and a processing circuit coupled to the storage device and the communication interface. The processing circuit configured to identify confidential data elements in a message payload received at the gateway through the communication interface, apply the encryption policies to each identified confidential data element in the message payload, receive a collection of Group Keys from a key store, encrypt each identified confidential data element in the message payload based on the encryption policies and the Group Keys and store the encrypted identified confidential data elements in a remotely located data storage device accessible through the communication interface. | 2020-01-23 |
20200028824 | MINIMIZING RISK OF LOSING INFORMATION SENT OVER A NETWORK - A method, system and computer program product for securing data transmission. After determining that a message is being created to be sent from a sender to a receiver, the cognitive states of the sender and receiver are measured. A set of feature vectors for the sender and receiver is generated based on the cognitive states of the sender and receiver. The feature vectors are inputted into a long short term memory network, which selects an appropriate level of encryption (encryption strength, encryption algorithm, and mode of transportation in sending the message) to encapsulate the message utilizing the generated set of feature vectors. The message is then encapsulated using the selected level of encryption. In this manner, by using an appropriate level of encryption, the message is less likely to be accessible by unauthorized users thereby reducing the likelihood of unauthorized access or loss of valuable data. | 2020-01-23 |
20200028825 | DEVICES FOR TRANSMITTING AND COMMUNICATING RANDOMIZED DATA UTILIZING SUB-CHANNELS - The disclosure provides for two or more transceiver devices and a system that utilizes one or more encrypters and one or more decrypters comprising one or more communication sources that provides transmission(s) and at least one connector, wherein transmission(s) from one or more communications sources enter a first transceiver through the connector and travels to a randomized encrypted data sub-channels (REDS) encrypter and wherein the (REDS) encrypter securely sends encrypted transmission(s) to a second transceiver. The encrypted transmission(s) enter a second transceiver and are sent to a randomized decrypted data sub-channels (RDDS) decrypter wherein the transmission(s) are decrypted. | 2020-01-23 |
20200028826 | Method for Encrypting an Image, Method for Transmitting an Image, Electronic Device and Computer Readable Storage Medium - A method for encrypting an image, a method for transmitting an image, an electronic device, and a computer readable storage medium are provided. The method for encrypting an image includes steps of extracting an outline of an original image to obtain a binarized outline image and dividing the original image into a first image and a second image based on the binarized outline image. The second image comprises at least one encrypted region of the original image, and the first image comprises the remaining region of the original image other than the at least one encrypted region, the remaining region being an unencrypted region. | 2020-01-23 |
20200028827 | METHOD AND SYSTEM FOR DIGITAL RIGHTS MANAGEMENT OF DOCUMENTS - An improved method and system for digital rights management is described. | 2020-01-23 |
20200028828 | CLOUD KEY ESCROW SYSTEM - Embodiments are directed to storing encrypted data in a data store and to securely providing access to the encrypted data according to a predefined policy. A data storage system receives encrypted data. The data is encrypted using a private key. The data storage system stores the received encrypted data according to a predefined policy. The encryption and the policy prevents the storage system from unencrypting the encrypted data, while the policy allows the encrypted data to be released upon receiving a threshold number of requests from verified third parties. The data storage system implements a verifiable secret sharing scheme to verify that the encrypted data can be reconstituted without the data storage system decrypting the encrypted data. The data storage system can acknowledge that the received encrypted data has been verified and successfully stored. | 2020-01-23 |
20200028829 | SECURITY UNIT FOR AN IOT DEVICE AND METHOD FOR RUNNING ONE OR MORE APPLICATIONS FOR THE SECURED EXCHANGE OF DATA WITH ONE OR MORE SERVERS WHICH PROVIDE WEB SERVICES - A security unit which is suitable for a device, in particular an IOT device, for running one or more applications for a secure data exchange with one or more servers which provide web services is provided. The security unit is designed with the following:—means for imaging original data onto corresponding replacement data and/or vice versa, wherein the original and/or replacement data forms a respective original and/or replacement key and/or can be used to form same—means for detecting a replacement key which is supplied by an application being ran and which corresponds to an original key, and—means for providing a required original key which corresponds to the replacement key using the imaging means in order to allow the original key to be used for the secure data exchange with the server. | 2020-01-23 |
20200028830 | SECURED TRANSFER OF DATA BETWEEN DATACENTERS - In various embodiments, a method of transferring data between datacenters may be performed. The method may include running a first plurality of host programs and a first plurality of encryption units at a first datacenter. The method may further include establishing, between the first datacenter and a second datacenter, secure communication connections between each of the first plurality of encryption units and a corresponding one of a second plurality of encryption units running at the second datacenter. The method may further include transferring, by the first datacenter, data from the first plurality of host programs to a second plurality of host programs running at the second datacenter. | 2020-01-23 |
20200028831 | SYSTEMS AND METHODS FOR MANAGED DATA TRANSFER - Systems and methods are provided for managed file transfer. A managed file transfer server may receive a request from a sender to send a file (bulk data) to a recipient and may determine a location server that is closest to the location of the recipient. A server-to-server transfer can be automatically initiated to move the file to the location server that is closest to the location of the recipient. | 2020-01-23 |
20200028832 | REMOTE AUTHENTICATION AND PASSWORDLESS PASSWORD RESET - Examples are disclosed herein to implement remote authentication and passwordless password reset. An example server includes: at least one processor to forward executable instructions to a client device, the executable instructions, when executed at the client device, to cause the client device to: authenticate a user of an account based on a biometric authentication factor; obtain a local storage key by decrypting an encrypted local storage key with a cloud key obtained from a remote authentication server, the cloud key associated with the client device; decrypt a key bag with the local storage key, the key bag including a content encryption key and an encrypted credential encrypted with the content encryption key, the encrypted credential associated with the user; and decrypt the encrypted credential with the content encryption key to obtain a credential without the user supplying a master password associated with the account. | 2020-01-23 |
20200028833 | TRANSMITTING SURREPTITIOUS DATA ON AN EXISTING COMMUNICATION CHANNEL - A method and system to surreptitiously inject data into a data stream over a communication channel including an error correction encoder circuit to apply an error correction scheme to a data stream to create an unfaulted data, a binary to bit value positioner that converts bits in confidential data to corresponding position value of bits in a packet, and a data stream encoder that flips a bit in the unfaulted data based on the binary to bit value positioner to create a bit-faulted data. | 2020-01-23 |
20200028834 | INFORMATION INTERMEDIATING APPARATUS, INFORMATION PROVIDING APPARATUS, AND INFORMATION ACQUIRING APPARATUS - An information intermediating apparatus in an information transaction system including an information providing apparatus, an information acquiring apparatus and the information intermediating apparatus connected to a communication network, includes: a first receiver that receives second information, of first and second information necessary for restoring transaction object information, and first feature information indicating a feature of the first information; a second receiver that receives second feature information from the information acquiring apparatus, the second feature information being calculated from the first information transmitted to the information acquiring apparatus from the information providing apparatus; a feature information determination unit that determines whether an identity is present between the first feature information and the second feature information; and a transmitter that transmits the second information to the information acquiring apparatus, when the feature information determination unit determines that the identity is present between the first feature information and the second feature information. | 2020-01-23 |
20200028835 | SECURE REMOTE COMPUTER SYSTEM - A system and method for secure cloud computing. The cloud based processing system comprises a user interface, allowing a user to enter and edit data, a proxy server, and a cloud based processing server. The user interface sends data entered by a user to the proxy server, which sends the encrypted data to the cloud based processing server. The proxy server receives editing commands from the user interface, and sends those commands to the cloud based processing server along with the encrypted data. The cloud based processing server receives the encrypted data and editing commands, applies the editing commands to the encrypted data, and sends the edited encrypted data back to the proxy server. | 2020-01-23 |
20200028836 | NETWORK-BASED KEY DISTRIBUTION SYSTEM, METHOD, AND APPARATUS - A method includes executing a mobile threat detection function to determine whether an electronic device is corrupt. The method also includes when determining that the electronic device is not corrupt, identifying whether an encrypted user key (UK | 2020-01-23 |
20200028837 | PASSING AUTHENTICATION TOKEN TO AUTHORIZE ACCESS TO REST CALLS VIA WEB SOCKETS - Various techniques for facilitating communication with and across a clinical environment and a cloud environment are described. For example, a method for authenticating a network device residing in the clinical environment using a token is described. An authentication proxy in the cloud environment can receive a request from a connectivity adapter in the clinical environment and retrieve a security token from an authentication system in the cloud. The connectivity adapter can use the security token to send signed requests to the authentication system. | 2020-01-23 |
20200028838 | ACCOUNT AUTHENTICATION METHOD FOR CLOUD STORAGE, AND SERVER - A method of authenticating an account is provided. A resource access request requesting for accessing, by a first account, a target resource in a cloud storage system is received by a server from a first client, the first account logging in to the first client. In response to the resource access request, a first access right of the first account is determined by the server based on right configuration information corresponding to the target resource, the right configuration information indicating an association relationship between an account and an access right of the account to the target resource. The first account is allowed by the server to access the target resource through the first client based on the first access right indicating that the first account is allowed to access the target resource. | 2020-01-23 |
20200028839 | SYSTEM, METHOD, AND PROGRAM FOR REMOTELY SUPPORTING WORK - A system for remotely supporting work, in which an image taken by a user terminal is shared between the user terminal and a terminal for remotely instructing work to remotely support work, includes: a detection unit that detects an ID or a password contained in the image; a processing unit that processes the image to make the ID and the password invisible if an ID or a password is detected; a display unit that displays the processed image on the terminal for remotely instructing work; and a receiving unit that receives a remote work instruction for the displayed processed image from the terminal for remotely instructing work. | 2020-01-23 |
20200028840 | INFORMATION PROCESSING DEVICE, INFORMATION PROCESSING METHOD, AND PROGRAM - An information processing device makes a communication connection with an external device. The information processing device establishes a service connection with the external device upon determining an input of a determination key from the external device in the determination-key-input-reception time. | 2020-01-23 |
20200028841 | METHOD AND APPARATUS FOR PROVIDING MULTIPLE USER CREDENTIALS - A method for a smart device includes forming with a processor an ephemeral ID signal with a first portion including data associated with a server and a second portion including data not associated with a user of the smart device, outputting with a short-range transceiver the ephemeral ID signal to a plurality of devices including a first device associated with a first system and a second device associated with a second system, receiving with the short-range transceiver from the first device an identifier request, in response to verification of the first portion by the first device, and outputting with the short-range transceiver to the first device a first token associated with the first system in response to the request for the identifier, wherein the first token is not associated with the second computer system. | 2020-01-23 |
20200028842 | ISSUING A CERTIFICATE BASED ON AN IDENTIFICATION OF AN APPLICATION - A request to issue a digital certificate may be received. A hash value corresponding to an application that has provided the request for the digital certificate may be identified. A determination may be made as to whether the hash value corresponding to the application matches with a known hash value. In response to determining that the hash value corresponding to the application matches with the known hash value the digital certificate may be issued to the application. | 2020-01-23 |
20200028843 | Motion Based Authentication - A method for authenticating a user is presented. Responsive to a request for access to a computer resource, a computer system prompts the user making the request to access the computer resource to perform a new motion in an environment in which the user is monitored by a sensor system. Detected biometric data in the new motion performed by the user is identified by the computer system. A determination is made as to whether the user performing the new motion is an authenticated user based on comparing the detected biometric data with stored biometric data for a prior motion performed by the authenticated user. The computer system provides access to the computer resource when the user is identified as the authenticated user. | 2020-01-23 |
20200028844 | SYSTEM AND METHOD FOR PERFORMING USER AUTHENTICATION - A biometric solution based on cardiac activity (Heart Rate Variability) using advanced mathematical calculations, machine learning, or artificial intelligence identified from the forehead, measured through a camera lens on fixed and mobile devices, scopes, virtual reality headsets, rear view mirrors in vehicles and any device where a camera can be used to identify and authenticate a user and diagnostic indicators where needed. This technology can be combined with additional physical and behavioural biometric indicators for further identification, authentification and specific diagnostic readings. This technology will be used to identify individuals, authenticate users for secure online transactions, grant access to countries, facilities and documents granting an AnimaToken from the AnimaCloud. This technology can be used to determine changes in physical health and indicate the introduction of substances to the body. | 2020-01-23 |
20200028845 | SYSTEMS AND METHODS FOR BIOMETRIC AUTHENTICATION OF CERTIFICATE SIGNING REQUEST PROCESSING - A biometric certification request authentication (BCRA) computing device is provided for authenticating a requestor undergoing a certificate signing request process. The BCRA computing device is communicatively coupled to a memory device. The BCRA computing device is configured to receive, from a requestor computing device, a service selection request message that identifies a certificate service type for which the requestor requires a certificate, identify a certificate authority computing device that corresponds to a certificate authority that generates certificates of the certificate service type, transmit, to the requestor computing device, a first biometric sample request message that prompts the requestor to provide a first biometric sample, authenticate the first biometric sample received from the requestor computing device by determining a match between the first biometric sample and a stored biometric sample for the requestor, and based on the authentication, initiate providing the certificate file to the requestor computing device. | 2020-01-23 |
20200028846 | DATA ENCRYPTION AND DECRYPTION USING NEUROLOGICAL FINGERPRINTS - In accordance with one embodiment, a method for securing data is disclosed. The method includes sensing multi-dimensional motion of a body part of a user to generate a multi-dimensional signal; in response to the multi-dimensional signal and user calibration parameters, generating a neuro-mechanical fingerprint; and encrypting data with an encryption algorithm using the neuro-mechanical fingerprint as a key. | 2020-01-23 |
20200028847 | AUTHENTICATION METHOD AND AUTHENTICATION DEVICE - A computer-implemented authentication method includes, when receiving first identification information of a first terminal and first feature information from the first terminal, by referring to relational information indicating relation between identification information of each terminal and identification information of each user, identifying one or more pieces of feature information associated with the first identification information, and performing a first authentication process based on a result of comparison between the identified one or more pieces of feature information and the received first feature information. | 2020-01-23 |
20200028848 | SECURE ACCESS TO APPLICATION INSTANCES IN A MULTI-USER, MULTI-TENANT COMPUTING ENVIRONMENT - Systems and methods for computer security in computer clusters. Techniques provide secure user access to applications that run in shared resource computing environments. A method embodiment commences upon identifying an application digital certificate corresponding to a subject application. The subject application is stored for access by a reverse proxy authorization service that also runs in the shared computing environment. Individual user processes are uniquely identified by corresponding user credentials. The reverse proxy authorization service processes a request to access the subject application, whereupon a generated subject application instance specific to the requestor is installed. Installation includes authentication using the application digital certificate for the subject application and authorization using the requestor's credentials. A second request from a second user to access the same subject application uses the same application digital certificate combined with the second requestor's credentials. The reverse proxy authorization service generates scope-specific access tokens for each generated instance. | 2020-01-23 |
20200028849 | AUGMENTED REALITY SERVICE NEGOTIATION - An augmented reality device engages in a mutual exchange of negotiated services with another device. The negotiation comprises a first exchange of respective zero-knowledge proofs, and second exchange of credentials followed by verification of the credentials by a trusted third party, and further exchanges of information comprising services provided by the augmented reality device to the other device, and vice versa. The services are used, in embodiments, to customize an augmented reality experience. | 2020-01-23 |
20200028850 | PRIVILEGED IDENTITY AUTHENTICATION BASED ON USER BEHAVIORS - Embodiments can provide a method for accessing an endpoint, including: receiving, from a privileged user, a request for accessing the endpoint; providing, by a user behavior analytics device, a risk score with respect to the privileged user, wherein the risk score is calculated based on at least one action performed by the privileged user. If the risk score is lower than a first predefined value, providing access to the endpoint for the privileged user. If the risk score is higher than a second predefined value, denying the request for accessing the endpoint. If the risk score is between the first predefined value and the second predefined value, performing at least one of: providing, by a privileged identity management server, a multi-factor authentication against the privileged user; and rerouting the request for accessing the endpoint for approval. | 2020-01-23 |
20200028851 | SCALABLE CONFIGURABLE UNIVERSAL FULL SPECTRUM CYBERSPACE IDENTITY VERIFICATION TEST - A scalable configurable universal full spectrum cyberspace identity verification test for determining whether or not one specific tested person if the same person as one specific known person. Utilizing cyber resources and predetermined criteria for making cyberspace identity verification test determinations regarding any one specific person who is a sensor observation subject, the cyberspace identity verification test makes cyberspace identity verification test determinations regarding any one specific tested person; makes cyberspace identity verification test determinations at any attainable level of accuracy, including 100% accuracy; makes single, intermittently performed, and constantly performed cyberspace identity verification test determinations; utilizes available cyber resources; interacts with itself or utilized cyber resources to perform possible functions; utilizes data representing recognized characteristics for comparing or determining; utilizes observation data, derived data, useful information or outcomes from comparing for making cyberspace identity verification test determinations; and, reports on any selected aspect of its operations at any time. | 2020-01-23 |
20200028852 | INFORMATION PROCESSING APPARATUS, INFORMATION PROCESSING SYSTEM, AND INFORMATION PROCESSING METHOD - According to an aspect of the embodiments, an apparatus includes an information processing apparatus includes a memory, and circuitry coupled to the memory and configured to accept registration of a device available for a user and an available function of the device, generate a Web application programming interface according to the registration, and also generates a virtual device that responds to access to the Web application programming interface in cooperation with the device, notify a terminal of information including an access method to the Web application programming interface corresponding to an authenticated user, based on a result of user authentication using the terminal, and accept access to the Web application programming interface from the terminal and accesses the device via the virtual device. | 2020-01-23 |
20200028853 | System and Method Providing Security Friction for Atypical Resource Access Requests - A method, system and computer-usable medium for providing security friction to a request for access to a resource based on whether the access request is atypical. In certain embodiments, a request to access the resource based on a user identity is received electronically. The system determines whether the request is typical or atypical. If the request is typical, access to the requested resource is granted. However, if the request is atypical, access to the requested resource is only allowed if the correct information is provided in response to one or more access control methods that provide an amount of security friction that would otherwise not have been asserted if the resource request was typical. In certain embodiments, an elapsed time between access requests based on the user identity is used to determine whether the access request is atypical. | 2020-01-23 |
20200028854 | ONTOLOGY BASED CONTROL OF ACCESS TO RESOURCES IN A COMPUTING SYSTEM - A solution is proposed for controlling access to one or more resources of a computing system. A corresponding method comprises storing a knowledge base, which provides a knowledge of an access control to the resources in conformity with an access control ontology. In response to an update request, the access control ontology is updated according to update assertions obtained from the update request. In response to an access request (for a selected access to a selected resource), the selected access is granted or denied according to a result of an access query (for querying the access control ontology) obtained from the access request. A computer program and a computer program product for performing the method are also proposed. Moreover, a corresponding system (particularly, a control computing machine) is proposed. | 2020-01-23 |
20200028855 | CONNECTIVITY SERVICE USING A BOUNCE BACK APPROACH - Described are systems and methods for managing access to computing services so the computing services can be bounced back. An access manager receives a request to modify a configuration of a computing service to a new configuration. The access manger stores a previous configuration of the computing service, updates the configuration of the computing service from the previous configuration to the new configuration based on information representing the new configuration, and starts a service request timer for the computing service. The access manager receives a subsequent request. When the subsequent request is a reconnect request, the access manager deletes the stored previous configuration. When the subsequent request is not a reconnect request or a new request the access manager returns an error when the service request timer has not expired, or sets the configuration of the computing service to the previous configuration of the computing service when the timer has expired. | 2020-01-23 |
20200028856 | PORT SCRAMBLING USAGE IN HETEROGENEOUS NETWORKS - A method, apparatus, and computer program product for port scrambling usage in heterogeneous networks. Responsive to receiving a communication directed towards a network, wherein port scrambling and port descrambling are employed by the network, a transformation function is applied on a port at which the communication is directed to be received, whereby obtaining a scrambled port, and the communication is redirected to be received at the scrambled port. Responsive to receiving a communication from the network directed outside thereof, an inverse of the transformation function is applied on a port at which the communication is directed to be received, whereby obtaining a descrambled port, and the communication is redirected to be received at the descrambled port. Each device belonging to the network is configured for performing selective port scrambling of outgoing communications and port descrambling of incoming communications by utilizing the transformation function and inverse thereof, respectively. | 2020-01-23 |
20200028857 | Systems and Methods for Reporting Computer Security Incidents - Alert manager software dynamically assembles a security alert as various security scenarios are tested to reach a verdict. Each executed scenario may contribute a scenario-specific message, so the resulting compound security alert indicates an actual line of reasoning used in reaching the respective verdict. The described systems and methods apply, inter alia, to the analysis of high-volume network flows in corporate networks. In some embodiments, flows are pre-tagged with extra metadata to facilitate detection of malware and/or intrusion. | 2020-01-23 |
20200028858 | METHOD, SYSTEM, AND STORAGE MEDIUM FOR SECURE COMMUNICATION UTILIZING SOCIAL NETWORKING SITES - Embodiments disclosed herein provide secure communication among enterprise users utilizing social networking sites. A server computer may encrypt a post intended for a social networking site and forward the encrypted data or may save the post locally and send a placeholder to the social networking site. The server may receive a message from the social networking site containing the encrypted data or placeholder and determine that a recipient is authorized to view the original post. The server may then decrypt the data or retrieve the original post for servicing the request. In this way, authorized users of an enterprise can utilize social networking sites, which are independently owned and operated, to communicate with each other in a secure manner. | 2020-01-23 |
20200028859 | SYSTEMS AND METHODS FOR AUTOMATED RETRIEVAL, PROCESSING, AND DISTRIBUTION OF CYBER-THREAT INFORMATION - Systems and methods are provided for automated retrieval, processing, and/or distribution of cyber-threat information using a cyber-threat device. Consistent with disclosed embodiments, the cyber-threat device may receive cyber-threat information in first formats from internal sources of cyber-threat information using an accessing component of the cyber-threat device. The cyber-threat device may receive cyber-threat information second formats from external sources of cyber-threat information using an accessing component of the cyber-threat device. The cyber-threat device may process the received cyber-threat information in the first formats and the second formats into a standard format using a processing component of the cyber-threat device. The cyber-threat device may provide the processed items of cyber-threat information to a distributor using a distributing component of the cyber-threat device. The cyber-threat device may automatically report information concerning the processed items of cyber-threat information to a device of a user with a reporting component of the cyber-threat device. | 2020-01-23 |
20200028860 | SYSTEM AND METHOD FOR PROVIDING DATA AND DEVICE SECURITY BETWEEN EXTERNAL AND HOST DEVICES - A secure data exchange system comprising a security device including a first external device plug, and a security engine operative to enforce a security policy on data transfer requests received from the host; an external device including a second external device plug; and a host including a first external device port operative to communicatively couple with the first external device plug, a second external device port operative to communicatively couple with the second external device plug, and a driver, e.g., a redirect driver, operative to transfer a data transfer request to the security device before executing the data transfer request. | 2020-01-23 |
20200028861 | PATTERN CREATION BASED ON AN ATTACK PATH - A first Event is identified from a normalized log persistency layer, where the first Event is associated with an attack on a computing system. A plurality of Events are fetched from the normalized log persistency layer, where each fetched Event correlates with its neighboring fetched Event by at least one correlation attribute, and each of the fetched Event and the first Event are presented on a graphical user interface as a chain of events. A workspace is generated, where the workspace comprises a series of attack paths, where each attack path corresponds to one Event in the chain of events. An ETD pattern is created based on the attack paths in the workspace. | 2020-01-23 |
20200028862 | Distributed machine learning for anomaly detection - A tiered machine learning-based infrastructure comprises a first machine learning (ML) tier configured to execute within an enterprise network environment and that learns statistics for a set of use cases locally, and to alert deviations from the learned distributions. Use cases typically are independent from one another. A second machine learning tier executes external to the enterprise network environment and provides further learning support, e.g., by determining a correlation among multiple independent use cases that are running locally in the first tier. Preferably, the second tier executes in a cloud compute environment for scalability and performance. | 2020-01-23 |
20200028863 | Tracing Mechanism for Monitoring and Analysis of Cloud-Based Communication Session Attacks - A tracing mechanism is provided for analyzing session-based attacks. An exemplary method comprises: detecting a potential attack associated with a session from a potential attacker based on predefined anomaly detection criteria; adding a tracing flag identifier to a response packet; sending a notification to a cloud provider of the potential attack, wherein the notification comprises the tracing flag identifier; and sending the response packet to the potential attacker, wherein, in response to receiving the response packet with the tracing flag identifier, the cloud provider: determines a source of the potential attack based on a destination of the response packet; forwards the response packet to the potential attacker based on the destination of the response packet; and monitors the determined source to evaluate the potential attack. The response packet is optionally delayed by a predefined time duration and/or until the cloud provider has acknowledged receipt of the notification. | 2020-01-23 |
20200028864 | NON-HARMFUL INSERTION OF DATA MIMICKING COMPUTER NETWORK ATTACKS - Non-harmful data mimicking computer network attacks may be inserted in a computer network. Anomalous real network connections may be generated between a plurality of computing systems in the network. Data mimicking an attack may also be generated. The generated data may be transmitted between the plurality of computing systems using the real network connections and measured to determine whether an attack is detected. | 2020-01-23 |
20200028865 | MALWARE DETECTION SYSTEM ATTACK PREVENTION - Systems and methods may be used to prevent attacks on a malware detection system. A method may include modeling a time series of directed graphs using incoming binary files during training of a machine learning system and detecting, during a time-window of the time series, an anomaly based on a directed graph of the time series of directed graphs. The method may include providing an alert that the anomaly has corrupted the machine learning system. The method may include preventing or remedying corruption of the machine learning system. | 2020-01-23 |
20200028866 | MONITORING DEVICE, MONITORING METHOD, AND MONITORING PROGRAM - An acquiring unit acquires a packet indicating flow information that is output by a network device at a predetermined sampling rate, and a determining unit determines as abnormal, for each of predetermined traffic patterns, when a sampling error rate is equal to or lower than a predetermined upper limit value and the number of packets acquired in a predetermined count period preceding from a current time or an average value of the number of packets per unit time is equal to or higher than a predetermined detection threshold. | 2020-01-23 |
20200028867 | DIFFERENCING ENGINE FOR DIGITAL FORENSICS - In various embodiments, a forensic scoping application analyzes host instances in order to detect anomalies. The forensic scoping application acquires a snapshot for each host instance included in an instance group. Each snapshot represents a current operational state of the associated host instance. Subsequently, the forensic scoping application performs clustering operation(s) based on the snapshots to generate a set of clusters. The forensic scoping application determines that a first cluster in the set of clusters is associated with fewer host instances than at least a second cluster in the set of clusters. Based on the first cluster, the forensic scoping application determines that a first host instance included in the instance group is operating in an anomalous fashion. Advantageously, efficiently determining host instances that are operating in an anomalous fashion during a security attack can reduce the amount of damage caused by the security attack. | 2020-01-23 |
20200028868 | TECHNOLOGIES FOR SECURE PERSONALIZATION OF A SECURITY MONITORING VIRTUAL NETWORK FUNCTION - Technologies for secure personalization of a security monitoring virtual network function (VNF) in a network functions virtualization (NFV) architecture include various security monitoring components, including a NFV security services controller, a VNF manager, and a security monitoring VNF. The security monitoring VNF is configured to receive provisioning data from the NFV security services controller and perform a mutually authenticated key exchange procedure using at least a portion of the provisioning data to establish a secure communication path between the security monitoring VNF and a VNF manager. The security monitoring VNF is further configured to receive personalization data from the VNF manager via the secure communication path and perform a personalization operation to configure one or more functions of the security monitoring VNF based on the personalization data. Other embodiments are described and claimed. | 2020-01-23 |
20200028869 | Automatic Traffic Classification of Web Applications and Services Based on Dynamic Analysis - An approach is provided that automatically classify network traffic of web applications and services based on a dynamic analysis. The approach scans a resource that corresponds to a named network application and receives, as a result of the scan, network resource identifiers that are accessed by the named network application. Network traffic between users and network resources is monitored, with the monitoring resulting in a set of visited network resource identifiers. The set of resource identifiers is found by matching the visited network resource identifiers with the network resource identifiers returned by the scan. Each of the set of resource identifiers is then matched with the named application. | 2020-01-23 |
20200028870 | Exercising Security Control Point (SCP) capabilities on live systems based on internal validation processing - A security control point (SCP) that protects target computing system is tested in-place and while active. The approach is initiated the SCP receiving and processing one or more “simulated” communication flows. To this end, a test initiator system is configured to generate and transmit communication flows to the SCP being tested. The SCP extracts the encapsulated flow, and then processes that flow through one or more of the SCP's configured protection mechanisms. Thus, the SCP processes the simulated communication flow as though it were a real session, and thus to determine what actions, if any, should be taken with respect to that flow. After processing, the simulated session traffic is shunted or otherwise diverted away from the target computing system. The results of the SCP's processing, however, are output to other systems (e.g., logging or alerting mechanisms), or they are returned to the test initiation system, e.g., for correlation, reporting, and the like. | 2020-01-23 |
20200028871 | USER ENTITY BEHAVIORAL ANALYSIS FOR PREVENTATIVE ATTACK SURFACE REDUCTION - Features of the present disclosure solve the above-identified problem by implementing user and entity behavior analytics (UEBA) system to group one or more computer machines into different clusters based on monitored behavior of the one or more computer machines. Specifically, a network device (e.g., administrator computer system) may monitor the activity of the one or more computer machines for a predetermined time period in order to identify the applications that the computer machines utilize. Based on the clustering and the identifying, the network device may automatically apply different access control policies for different clusters of machines and review those access control policies against future behavior periodically. By clustering machines based on usage behavior patterns and automatically recommending a rule set for deployment, the UEBA system may reduce potential points of failure for cybersecurity breaches. | 2020-01-23 |
20200028872 | DISASTER SCENARIO BASED INFERENTIAL ANALYSIS USING FEEDBACK FOR EXTRACTING AND COMBINING CYBER RISK INFORMATION - Assessing risk of a cyber security failure in a computer network of an entity includes: assessing risk of an entity, using a computer agent configured to collect information from at least publicly accessible Internet elements, and automatically recommending, based at least in part on the assessed risk, changes to reduce the assessed risk to mitigate the theoretical damage. The assessed risk comprises a cyber security failure risk in a computer network of the entity; and the assessing of risk comprises: generating a disaster scenario that comprises elements of a disaster event; modeling the disaster scenario against a profile of the entity; and determining theoretical damage based at least in part on the modeling. | 2020-01-23 |
20200028873 | SYSTEM AND METHOD FOR PROGRAM SECURITY PROTECTION - Systems and methods are provided for program security protection. An exemplary method for program security protection may comprise obtaining data packets transceived by a first program, analyzing similarities among the obtained data packets for a plurality of transmissions, and determining a security threat to the first program based on the analyzed similarities. | 2020-01-23 |
20200028874 | COUNTER INTELLIGENCE BOT - Techniques are provided that facilitate responding to cyberattacks using counter intelligence (CI) bot technology. In one embodiment, a first system is disclosed that comprises a processor and a memory. The memory can store executable instructions that, when executed by the processor, facilitate performance of operations including receiving a request from a second system requesting assistance in association with a cyberattack on the second system, wherein the request comprises information indicating a type of the cyberattack. The operations further comprise selecting a counter intelligence bot configured to respond to the type of cyberattack, and directing the counter intelligence bot to respond to the cyberattack, wherein the directing comprises enabling the counter intelligence bot to respond to the cyberattack by establishing a gateway with the second system and employing the gateway to intercept and respond to traffic associated with the cyberattack on behalf of the second system. | 2020-01-23 |
20200028875 | RELAY ATTACK PREVENTION - A method comprising operating at least one hardware processor for: receiving, using a first transceiver, a radio-frequency (RF) transmission from an RF device; extracting one or more signal samples from said RF transmission, wherein said signal samples are associated with at least one of: (i) a rise transient associated with a data packet of said RF transmission, (ii) a fall transient associated with said data packet, and (iii) a region of said RF transmission occurring between said rise transient and said fall transient; and determining the presence of a second transceiver in the path of said RF transmission, based, at least in part, on processing said signal samples. | 2020-01-23 |
20200028876 | PHISHING DETECTION AND TARGETED REMEDIATION SYSTEM AND METHOD - A system and method exploit information gained by observing abnormal commonality factors from multiple accounts over a predetermined time frame. The presence of an abnormal commonality factor serves as an indication that a group of accounts may have been compromised by a common actor via information gained by successful phishing of multiple users' information to improperly gain access to their respective accounts. Once this commonality associated with phishing is detected, the system provides a mechanism and process to rapidly respond to the phishing-originated attack to minimize information security damage to the affected accounts. | 2020-01-23 |
20200028877 | A FRAMEWORK FOR ACCESS PROVISIONING IN PHYSICAL ACCESS CONTROL SYSTEMS - A framework for access provisioning in a physical access control system (PACS). The framework includes a permissions request interface, the permissions request interface configured to permit a user or an administrator to request for a permission to access/revoke access to a resource, a permissions recommendation module communicating with the permissions request interface to receive the request and recommending a permission to be assigned to, or removed from, the user. The framework also includes a permissions validation module operable to ensure that the permission to be assigned to or to be removed does not violate an existing access control policy, that the permission to be assigned permits access to all permitted resources, or that the permission to be removed from the user denies access to all revoked resources and an approval workflow identification module identifying an approval required to assign or remove the permission. | 2020-01-23 |
20200028878 | SYSTEMS AND METHODS FOR MONITORING COMPUTER AUTHENTICATION PROCEDURES - A method, implemented using an authentication monitoring (AM) computer device, for monitoring an execution of a digital authentication program is provided. The method includes receiving an authentication data file from an authenticating computer device executing the digital authentication program, wherein the authenticating computer device is associated with an authenticating entity, processing the authentication data file to extract at least one authentication value, testing the authentication value against at least one authentication rule associated with the digital authentication program, determining that a stored metric for the authenticating computer device fails to meet a predefined benchmark, wherein the stored metric is associated with the digital authentication program, and initiating an authentication remediation process, wherein the authentication remediation process causes an update to the digital authentication program used by the authenticating computer device. | 2020-01-23 |
20200028879 | QUERYLESS DEVICE CONFIGURATION DETERMINATION-BASED TECHNIQUES FOR MOBILE DEVICE MANAGEMENT - Embodiments described herein are directed to managing device compliance for devices that are connected to an enterprise network. For example, a mobile device manager may provide configuration settings to a computing device, which implements the settings in order to be compliant with an enterprise's data and/or security policy. The mobile device manager also maintains a local reference of each device's configuration settings implemented thereby. When the mobile device manager subsequently performs a determination as to whether the computing device is still in compliance, the mobile device manager simply needs to refer to the local reference to determine the computing device's settings instead of explicitly querying the computing device for its settings. The foregoing techniques may be extended for security baseline compliance determinations, IoT device compliance determinations and compliance determinations for other types of devices, such as devices utilized by business partners of the enterprise that utilize the enterprise's network. | 2020-01-23 |
20200028880 | TECHNOLOGIES FOR SCALABLE SECURITY ARCHITECTURE OF VIRTUALIZED NETWORKS - Technologies for performing security monitoring services of a network functions virtualization (NFV) security architecture that includes an NVF security services controller and one or more NFV security services agents. The NFV security services controller is configured to transmit a security monitoring policy to the NFV security services agents and enforce the security monitoring policy at the NFV security services agents. The NFV security services agents are configured to monitor telemetry data and package at least a portion of the telemetry for transmission to an NFV security monitoring analytics system of the NFV security architecture for security threat analysis. Other embodiments are described and claimed. | 2020-01-23 |
20200028881 | Methods and Nodes in a Lawful Interception System - The present disclosure relates to the problem to deliver correlation information, CN, in case of CC delivery in TDM format to a Monitoring Centers, MC in a circuit switched network and achieving a minimal impact to MCs and/or no impact on the operator network at all. Said problem is solved by using the extension field of calling or called party number for providing the correlation number to a MC from a Mediation Function entity. | 2020-01-23 |
20200028882 | SYSTEM AND METHOD FOR IDENTIFYING IDLE RESOURCES IN COMMUNICATION ENDPOINTS - A request to establish a communication session between a first communication endpoint to a second communication endpoint is received. A determination is made that the request to establish the communication session requires an application to be inserted into the communication session between the first communication endpoint and the second communication endpoint. For example, the application may be a call recording application. A first processing resource in a first idle communication endpoint is selected based on an idleness factor of the first processing resource. The application is sent to the first idle communication endpoint. The application in the first idle communication endpoint is then inserted into the communication session between the first communication endpoint and the second communication endpoint. | 2020-01-23 |
20200028883 | ENHANCED TELECONFERENCING USING NOISE FILTERING, AMPLIFICATION, AND SELECTIVE MUTING - Examples of techniques for enhanced teleconferencing are disclosed. In one example implementation according to aspects of the present disclosure, a computer-implemented method includes monitoring, by a processing device, a teleconference having a plurality of participants, a plurality of participant devices being used to facilitate the teleconference, each of the plurality of participants being associated with one of the plurality of participant devices. The method further includes detecting, by the processing device, a trigger event associated with one of the plurality of participants. The method further includes, responsive to detecting the trigger event associated with the one of the plurality of participants, disabling a mute setting for one of the plurality of participant devices that is associated with the one of the plurality of participants. | 2020-01-23 |
20200028884 | ENHANCED TELECONFERENCING USING NOISE FILTERING, AMPLIFICATION, AND SELECTIVE MUTING - Examples of techniques for enhanced teleconferencing are disclosed. In one example implementation according to aspects of the present disclosure, a computer-implemented method includes monitoring, by a processing device, a teleconference having a plurality of participants, a plurality of participant devices being used to facilitate the teleconference, each of the plurality of participants being associated with one of the plurality of participant devices. The method further includes detecting, by the processing device, a low volume of a channel associated with one of the plurality of participant devices. The method further includes, responsive to detecting the low volume associated with the one of the plurality of participants, amplifying, by the processing device, the channel to increase volume without amplifying other channels associated with other of the plurality of participant devices. | 2020-01-23 |
20200028885 | ARTIFICIAL INTELLIGENCE FOR PROVIDING ENHANCED MICROBLOG MESSAGE INSERTION - A system, method and program product for inserting artificial intelligence (AI) content into a user content stream in a microblog service. A system is provided that includes an AI agent builder that builds and refines an AI agent for a user based on attributes and data associated with a user; a courtship system that periodically measures an affiliation level between the user and the AI agent; and an AI content manager that provides AI content for insertion into a content stream of the user within a microblog service, wherein the AI content is curated based on the affiliation level and a triggering event detected by the AI agent. | 2020-01-23 |
20200028886 | Audio Stagger Casting - A system and method for wirelessly transmitting audiovisual information. A first plurality of packets including audiovisual information may be generated. A second plurality of packets including error correction coding information for the audiovisual information may be generated. Control information for associating the error correction coding information with the audiovisual information may be generated, and a third plurality of packets including the control information may also be generated. The plurality of packets, including the first, second, and third pluralities of packets, may be transmitted to a mobile device in a wireless manner. The control information may inform the mobile device of the association of the first error correction coding information with the audiovisual information. | 2020-01-23 |
20200028887 | Method and system for facilitating the integration of a plurality of dissimilar systems - The present invention is related to a method and system for facilitating the integration of a plurality of dissimilar systems by allowing networks of integration framework installations and/or other compatible B2B servers to inter-operate across corporate enterprise boundaries to integrate the disparate systems operating within each corporate enterprise. | 2020-01-23 |
20200028888 | PROPAGATING AN INTELLIGENT WALKER AGENT IN A NETWORK TO PERFORM A COMPUTATION - In one embodiment, a device in a network receives a path computation agent configured to determine a path in the network that satisfies an objective function. The device executes the path computation agent to update state information regarding the network maintained by the path computation agent. The device selects a neighbor of the device in the network to execute the path computation agent based on the updated state information regarding the network. The device instructs the selected neighbor to execute the path computation agent with the updated state information regarding the network. The device unloads the path computation agent from the device after selecting the neighbor of the device to execute the path computation agent. | 2020-01-23 |
20200028889 | METHOD FOR RESOLVING PROBLEM OF SLOW SHUTDOWN SPEED OF DATA COLLECTION SOFTWARE - A method for resolving the problem of slow shutdown speed of data collection software comprises the following steps: establish a background service process, and establish a communication interface between the background service process and data collection software having an interface, the background service process being used for uploading data received from the data collection software, to a server (S | 2020-01-23 |
20200028890 | Mapping Application Dependencies in a Computer Network - This application is directed to a mapping method performed at a computational machine in a linear communication orbit. The computational machine receives an application definition the linear communication orbit. The application definition specifies criteria for establishing whether the computational machine executes a specified application, a component of the specified application, or communicate with another node executing the specified application or a component of the specified application. While a plurality of events are occurring locally at the computational machine, the computational machine identifies one or more operations meeting the application definition in real-time. The identified one or more operations meeting the application definition, and associated metadata are stored in a local mapping database of the computational machine and returned to the server system through the linear communication orbit in response to a map request received through the linear communication orbit. | 2020-01-23 |
20200028891 | PERFORMING OPTIMIZED COLLECTIVE OPERATIONS IN AN IRREGULAR SUBCOMMUNICATOR OF COMPUTE NODES IN A PARALLEL COMPUTER - In a parallel computer, performing optimized collective operations in an irregular subcommunicator of compute nodes may be carried out by: identifying, within the irregular subcommunicator, regular neighborhoods of compute nodes; selecting, for each neighborhood from the compute nodes of the neighborhood, a local root node; assigning each local root node to a node of a neighborhood-wide tree topology; mapping, for each neighborhood, the compute nodes of the neighborhood to a local tree topology having, at its root, the local root node of the neighborhood; and performing a one way, rooted collective operation within the subcommunicator including: performing, in one phase, the collective operation within each neighborhood; and performing, in another phase, the collective operation amongst the local root nodes. | 2020-01-23 |
20200028892 | DNS RESOLUTION OF INTERNAL TENANT-SPECIFIC DOMAIN ADDRESSES IN A MULTI-TENANT COMPUTING ENVIRONMENT - A method and associated systems for a multi-tenant DNS mechanism. A multi-tenant computing environment hosts multiple private overlay networks, each of which comprises one tenant's domain. A multi-tenant DNS agent receives a DNS request to resolve a domain address located within the multi-tenant environment. The agent examines a special record within the request to determine whether the request requires resolving the domain address to an internal tenant-specific network identifier within a tenant's private network. The agent then forwards the request to a DNS server, notifying the server whether the requested address resolution is tenant-specific. If the request is not tenant-specific, the server performs a conventional DNS lookup. But if the request is tenant-specific, the DNS server instead performs a lookup into a tenant-specific local database that allows the domain address to be resolved to an internal address visible only within the multi-tenant computing environment. | 2020-01-23 |
20200028893 | SYSTEMS AND METHODS FOR INTERACTING WITH MEDIA DEVICES - Systems, methods, and non-transitory computer-readable media can receive at least one request for performing one or more operations, the request originating from a media application running on a media device, the request being broadcasted by the media device over a network to which the computing device is also connected. Information describing the request can be provided through a software application running on the computing device. A determination is made when user operating the computing device has approved the request. The operations are performed by at least the software application running on the computing device. | 2020-01-23 |
20200028894 | REBALANCING STORAGE I/O WORKLOADS BY STORAGE CONTROLLER SELECTION AND REDIRECTION - Systems and methods for rebalancing storage-oriented workloads across resources of a distributed data storage facility. Communications are initiated between a client computing device and a plurality of storage target devices of a distributed storage system. The distributed storage system comprises one or more computing nodes that can host virtualized controllers. A client computing device interfaced with the distributed storage system uses an IP address to access an initial virtualized controller. Upon detecting a change event, conditions of the computing environment are analyzed to determine rebalancing options. Analysis of the rebalancing options results in identification of an alternative virtualized controller. A redirect message that identifies the alternative virtualized controller is sent to the computing device. The client computing device connects to the alternative virtualized controller. Messages are sent between the client computing device and the alternative virtualized controller to access one of the storage target devices for performing storage I/O protocols. | 2020-01-23 |
20200028895 | PRIORITY SWITCHING BASED ON RESOURCE USAGE PATTERNS - A processing device in a system can allocate builds to execute jobs across servers in a distributed server environment such as a continuous integration (CI) or continuous deployment (CD) server environment, determine workload patterns, and store a workload pattern vector including a resource usage pattern for the builds and the servers. The processing device can provide an interface that allows a user to switch priorities of user-owned builds in server environments, even after execution of the jobs has begun. The user's ability to prioritize or reprioritize builds is limited to user-prioritizable builds as determined based on the resource usage patterns of the builds running the jobs. The user can thus prioritize some user-owned builds without adversely affecting builds of other users. | 2020-01-23 |
20200028896 | SYSTEM AND METHOD FOR INTELLIGENTLY MANAGING SESSIONS IN A MOBILE NETWORK - Systems and methods are described for intelligently managing sessions in a mobile network. A selection engine receives a trigger to select a peer node for a subscriber session. The selection engine chooses a peer selector among one or more available peer selectors in response to the trigger and determines whether the chosen peer selector is associated with a fully qualified domain name (FQDN). In response to determining that the chosen peer selector is associated with the FQDN, the selection engine determines whether a domain name system (DNS) server is configured. In response to determining that the DNS server is configured, the selection engine requests a peer list associated with the FQDN from the DNS server and selects the peer node from the peer list. | 2020-01-23 |
20200028897 | LOAD BALANCING SYSTEM - Populating a routing dataset for a load balancing system with service capability data is provided. The approach includes requesting a production environment to perform a service. Based on the production environment indicating that it does not have the capability of performing the requested service, the method includes storing data in a routing dataset, the data including an indicator indicating that the production environment is incapable of performing the service. | 2020-01-23 |
20200028898 | CONTENT DELIVERY NETWORK - A content delivery system comprising one or more one management servers comprising one or more processors for executing a code of one or more management agent instances. The code comprising code instructions to monitor a plurality of delivery servers of a distributed network to update dynamically a content record listing a plurality of content objects according to availability parameter(s) of each delivery server, code instructions to receive a content request from (user) client device to retrieve requested content object(s), code instructions to select preferred delivery server(s) from the delivery servers to provide the requested content object(s) to the client device according to analysis of the availability parameter(s) of each delivery server and code instructions to provide the client device with an IP address of the selected delivery server(s) to allow the client device to retrieve the requested content object(s) via a transmission session established with the selected delivery server(s). | 2020-01-23 |
20200028899 | Load Balancing System, Method, and Apparatus - A load balancing system, method, and apparatus, where the method includes: receiving, by a load balancing device, a first message from a client that is used to request to establish a first Transmission Control Protocol (TCP) connection; sending the first message to a server; receiving a second message from the client that is used to request to establish a second TCP connection; and determining, based on a token of the server included in the second message, that a destination device of the second message is the server, and sending the second message to the server, in order to establish the second TCP connection between the client and the server. | 2020-01-23 |
20200028900 | PEER-TO-PEER NETWORK FOR TELECOMMUNICATION NETWORK TRAFFIC REROUTING - Devices, computer-readable media and methods are disclosed for establishing a peer-to-peer network for rerouting network traffic of a telecommunication network during a network disruption. For example, a processing system may detect a network disruption between a first device and a second device of the telecommunication network. The processing system may identify a first peering device having a connection to the first device of the telecommunication network, identify a second peering device having a connection to the second device of the telecommunication network, and establish a peer-to-peer network via at least the first peering device and the second peering device, wherein at least one of the first peering device or the second peering device is a mobile endpoint device configured to operate as a virtual network function. The processing system may then route network traffic between the first device and the second device via the peer-to-peer network. | 2020-01-23 |
20200028901 | SYSTEM AND/OR METHOD FOR MAINTAINING HIGHLY-AVAILABLE, CONSISTENT, PARTITION-TOLERANT CLUSTERS USING CLIENT VOTERS - Certain example embodiments relate to a distributed computing system including servers organized in a cluster and clients. One server is elected leader and is responsible for maintaining consensus information among the other servers. Each server is configured to determine whether a new leader election is to take place. If so, the respective server requests votes for a new leader from the other server(s) and determines whether it has won by a clear majority. Depending on the implementation, votes from eligible client devices are counted, either in a main election together with server votes, or in a tie-break election (if needed) after server votes. Once a server has won, the other servers are informed accordingly. It therefore is possible to maintain a highly-available, consistent, partition-tolerant cluster in the distributed computing systems, using client voters. | 2020-01-23 |
20200028902 | MULTI-NODE DISCOVERY AND MASTER ELECTION PROCESS FOR CHASSIS MANAGEMENT - In a chassis including a plurality of nodes, a network switch, and a programmable device configured to manage a shared resource of the chassis, a method includes establishing, using the network switch, a dedicated network among baseboard management controllers of respective nodes in the plurality of nodes; and using the dedicated network, automatically selecting a given node from the plurality of nodes to function as a master node to program the programmable device on behalf of all nodes in the plurality of nodes to manage the shared resource of the chassis on behalf of all the nodes in the plurality of nodes. | 2020-01-23 |
20200028903 | Personal Digital Server (PDS) - Personal Digital Server (“PDS”) is a unique computer application for the storage, updating, management and sharing of all types of digital media files, including audio, video, images and documents, irrespective of their format. PDS provides users with a single location to store and access, both locally and remotely, all of their digital media. It also provides the user total control of the overall management of these assets. | 2020-01-23 |
20200028904 | SYSTEMS AND METHODS FOR DEVICE MIGRATION - Methods and systems are described for performing a migration from source networking devices to replacement networking devices. A simulation may be performed of the migration from the source devices to the replacement devices. The simulation may be used to determine whether to proceed with the migration. A technician may be instructed to perform the migration. A verification may be performed to determine whether the migration was successful. The source devices may be decommissioned. | 2020-01-23 |
20200028905 | System and Method for Synchronizing Protocol Analyzers During Wireless Testing - A computer-implemented method for synchronizing wireless testing devices includes (a) in a first protocol analyzer located in a first RF-isolated test chamber, capturing first network packets transmitted to or from a wireless device-under-test (DUT) to generate first test data, (b) in a second protocol analyzer located in a second RF-isolated test chamber, capturing second network packets transmitted to or from the wireless DUT to generate second test data, (c) synchronizing internal clocks of the first and second protocol analyzers such that the first and second protocol analyzers capture the first and second network packets with respect to a synchronized internal clock time, and (d) merging the first and second test data using the synchronized internal clock time. | 2020-01-23 |
20200028906 | METADATA SYNCHRONIZATION SYSTEM - A metadata synchronization system is provided. The metadata synchronization system may include a plurality of metadata elements included in a plurality of applications. The plurality of applications may be coupled to a plurality of application hubs. The plurality of application hubs may be coupled to a federated metadata repository. The plurality of application hubs may be coupled to a governed metadata repository. The system may include crawling the plurality of applications, the plurality of application hubs, the federated metadata repository and the governed metadata repository to ensure that the metadata elements are synchronized across all of the components. In the event that a metadata element is not synchronized across any one of the components, the system may notify interested parties and/or resolve the discrepancy. | 2020-01-23 |
20200028907 | CLUSTERED STORAGE SYSTEM CONFIGURED FOR BANDWIDTH EFFICIENT PROCESSING OF WRITES AT SIZES BELOW A NATIVE PAGE SIZE - A control module of a clustered storage system in one embodiment is configured to receive a write request for a data block of a page, to retrieve an existing content-based signature for the page, to identify from the existing content-based signature a first one of the data modules currently storing the page, and to compute a content-based signature of the data block. The control module is further configured to send the content-based signature of the data block to the first data module, to receive from the first data module an updated content-based signature for the page computed utilizing the content-based signature of the data block, to identify from the updated content-based signature a second one of the data modules that will store the page as updated to include the data block, and to provide information regarding the data block and the updated content-based signature to the second data module for utilization in storage of the updated page. | 2020-01-23 |
20200028908 | Distributed Storage Management In A Spaceborne Or Airborne Environment - Systems, methods, and software described herein provide enhancements for managing data storage in a spaceborne or airborne platform. In one implementation, an airborne device in an airborne platform may identify a request to store a data object in a storage pool provided by a plurality of airborne devices. The airborne device will further identify at least one airborne device for storing the data object from the plurality of airborne devices, and communicate the data object to the at least one airborne device. | 2020-01-23 |
20200028909 | MULTIZONE MIGRATION SERVICES - Embodiments of the disclosure provide systems and methods for migrating cloud-based content between storage locations while maintaining availability of the content being migrated. Embodiments described herein allow data undergoing migration, even data that is inflight, to be accessed, edited, copied, moved, and/or deleted without downtime, blackout periods, or other restrictions. | 2020-01-23 |