04th week of 2017 patent applcation highlights part 63 |
Patent application number | Title | Published |
20170026269 | OAM Packet Processing Method, Network Device, and Network System - An operations, administration, and maintenance (OAM) packet processing method, a network device, and a network system are provided. The method includes receiving a first Internet Protocol (IP) packet, where the first IP packet includes an OAM packet, an IP packet header of the OAM packet includes a first source device identifier (ID) and a first sink device ID, and returning a second IP packet to reply to the OAM packet, where the second IP packet includes an OAM reply packet, an IP packet header of the OAM reply packet includes a second source device ID, a second sink device ID, and a second packet type, the second source device ID is an ID of a local network device, and the second sink device ID is the same as the first source device ID. An IP packet header may be used to carry OAM information, which improves a fault detection capability in an OAM method. | 2017-01-26 |
20170026270 | METHOD AND AN APPARATUS FOR NETWORK STATE RE-CONSTRUCTION IN SOFTWARE DEFINED NETWORKING - Techniques are disclosed for re-construction and tracking of a forwarding state of a network device in communication with a network controller in a Software Defined Network (SDN). The techniques include receiving control messages, where the control messages are messages transmitted from a network controller to a network device. The techniques further includes extracting a subset of control messages from the control messages, where each control message from the subset of control messages caused a change in a forwarding state of the network device; generating, based on the extracted subset of control messages, a directed graph, wherein the directed graph is representative of the forwarding state of the network device; and causing the directed graph to be displayed on a display device. | 2017-01-26 |
20170026271 | DETERMINING CONNECTIONS BETWEEN NODES IN A NETWORK - According to one embodiment of the present invention, a system determines groups of nodes within a network, each group forming a bi-connected component. The system identifies articulation nodes within the network, where each articulation node resides within each connection between a pair of nodes in the network. The system removes from the determined group each node that includes an articulation node between that node and both the source and target nodes to produce a resulting set of nodes. The system determines connections between the source and target nodes based on the resulting set of nodes. Embodiments of the present invention further include a method and computer program product for determining connections between network nodes in substantially the same manners described above. | 2017-01-26 |
20170026272 | DETERMINING CONNECTIONS BETWEEN NODES IN A NETWORK - According to one embodiment of the present invention, a system determines groups of nodes within a network, each group forming a bi-connected component. The system identifies articulation nodes within the network, where each articulation node resides within each connection between a pair of nodes in the network. The system removes from the determined group each node that includes an articulation node between that node and both the source and target nodes to produce a resulting set of nodes. The system determines connections between the source and target nodes based on the resulting set of nodes. Embodiments of the present invention further include a method and computer program product for determining connections between network nodes in substantially the same manners described above. | 2017-01-26 |
20170026273 | Traffic Switching Method, Device, and System - A traffic switching method, a device, and a system where, a software-defined networking (SDN) controller acquires a first state of a target gateway, where the target gateway belongs to an SDN gateway group, the SDN gateway group is used to forward traffic that is transmitted between a first network node and a second network node, and multiple forwarding paths on which multiple gateways in the SDN gateway group are located form multiple equal-cost paths between the first network node and the second network node. The SDN controller sends an Address Resolution Protocol (ARP) entry to the target gateway according to the first state, and changes, of the multiple equal-cost paths, a metric value of a forwarding path on which the target gateway is located from an original value to a first value, where the first value is greater than the original value. | 2017-01-26 |
20170026274 | METHOD FOR PROCESSING PACKET IN NETWORK, FORWARDING DEVICE, AND PACKET PROCESSING SYSTEM - A method for processing a packet in a network, a forwarding device, and a packet processing system are described. By means of embodiments of the present invention, network efficiency can be improved. | 2017-01-26 |
20170026275 | ATTRIBUTE SET_ID IN BORDER GATEWAY PROTOCOL - Present disclosure relates to methods for preparing BGP update messages for transmission and processing received update messages. The methods are based on grouping path attributes common to a plurality of IP address prefixes into respective sets identified with respective set identifiers and, instead of duplicating path attributes in each BGP update message, including a respective identifier referring to a certain set of path attributes provided in an earlier BGP update message when sending subsequent update messages. Grouping of path attributes into individual sets associated with respective identifiers provides significant advantages by enabling re-use of the results of previous processing on both the sending and receiving sides associated with transmission of BGP update messages. In addition, such an approach limits the amount of information transmitted in the control plane because duplicate sets of path attributes may only be transmitted once and merely be referred to in subsequent update messages. | 2017-01-26 |
20170026276 | SIMULATING, VISUALIZING, AND SEARCHING TRAFFIC IN A SOFTWARE DEFINED NETWORK - The present disclosure pertains to systems and methods for simulating data packet routing within a software defined network (“SDN”), visualizing the results of the simulation, and permitting a user to search the resulting simulation. In one specified embodiment, a system may receive from a user a simulation parameter associated with a packet to be simulated in the SDN. A packet based on the at least one simulation parameter may be generated. A response of the SDN to the packet may be simulated by identifying applicable traffic routing rules and identifying a subsequent destination based on the applicable traffic routing rules. A record of the subsequent destination may be added to the simulation result, and the process may continue until a terminating condition is satisfied. | 2017-01-26 |
20170026277 | TRANSMITTING AND RECEIVING DATA BASED ON MULTIPATH - Methods, apparatuses and systems for transmitting and receiving data based on multipath for transmitting data based on multipath include: establishing WiMAX connection-based multiple paths between a first device and a second device; transmitting data frames in a data queue in the multiple paths; obtaining the quality condition of the multiple paths; and based on the quality condition, adjusting the transmission of the data frames in the data queue in the multiple paths. According to one aspect, there is provided a method for receiving data based on multipath, which includes: establishing WiMAX connection-based multiple paths between a first device and a second device; receiving a plurality of data frames in the multiple paths; processing the received plurality of data frames based on quality condition of the multiple paths. There are further provided corresponding apparatuses and systems. | 2017-01-26 |
20170026278 | COMMUNICATION APPARATUS, CONTROL APPARATUS, AND COMMUNICATION SYSTEM - A communication apparatus for transmitting and receiving data is configured to: store assertion information in which a failure detection condition is registered, the failure detection condition including information for identifying data that is not to be received during normal operation; refer to the assertion information when data has been received from another communication apparatus; judge whether or not the received data satisfies the failure detection condition registered in the assertion information; and detect a failure when it is judged that the received data satisfies the failure detection condition registered in the assertion information. | 2017-01-26 |
20170026279 | REPAIR OF FAILED NETWORK ROUTING ARCS USING DATA PLANE PROTOCOL - A network includes routing arcs for routing network traffic to a destination. Each arc comprising nodes connected in sequence by reversible links oriented to direct network traffic to first and second edge nodes through which the network traffic exits the arc. The nodes in the arc detect a first failure. In response, the nodes exchange first management frames to reverse links in the arc so that the network traffic in the arc is directed away from the first failure toward the first edge node of the arc through which the network traffic exits the arc. The nodes detect a second failure in the arc that is spaced apart from the first failure. In response, the nodes exchange second management frames to freeze incoming edges of parent arcs to prevent network traffic in the corresponding parent arc from entering the arc. | 2017-01-26 |
20170026280 | Packet Transmission Method and Apparatus, and Interconnect Interface - A packet transmission method, packet transmission apparatus, and an interconnect interface are presented, where the method includes determining, by a sending node, whether an unrecoverable failure occurs in an active link, and if an unrecoverable failure occurs in the active link, selecting, from multiple communication links, at least one standby link except the active link to send a packet to a receiving node, so that the receiving node sends the packet to a receive end of the active link. In the method, for two nodes in an interconnect system that communicate with each other using multiple Links, when it is determined that an unrecoverable failure occurs in some of the Links, packets in retransmission buffers of transmit ends of the links in which the failure is unrecoverable are sent to a standby link. | 2017-01-26 |
20170026281 | IMPLEMENTING A SOFTWARE DEFINED NETWORK BASED ON EVENT RECORDS - A network switch for implementing a Software Defined Network can include one or more memory resources storing a flow table and including a buffer. The network switch can receive and analyze data packets to generate a lookup key for each respective data packet. Using the lookup key, the network switch can perform a lookup in the flow table to determine a rule number for the respective data packet. Based on the rule number, the network switch can generate an event record for the respective data packet, and store the event record in a block of the buffer. When the block is full, the network switch can stream a set of event records from the buffer to a processing resource to enable the processing resource to update counter tables, external to the network switch, to implement the Software Defined Network. | 2017-01-26 |
20170026282 | Configuration of Data Path Groups in Wireless Networks - Configuration of data path groups in wireless networks is provided. Configuration includes generation and/or removal of data path groups, and can leverage a hop count between a device to be added to the data path group and a defined device within the data path group. By limiting a permitted maximum hop count within a data path group, a mechanism that contains the size of a data path group can be implemented. In some embodiments, the data path group can be embodied in or can include a neighbor awareness networking (NAN) data path group formed within (or, in some instances, logically on top of) a cluster of NAN devices. | 2017-01-26 |
20170026283 | Adding multi-tenant awareness to a network packet processing device on a Software Defined Network (SDN) - “Multi-tenant awareness” is added to a set of one or more packet processing devices in a Software Defined Network (SDN) having a controller. For each of one or more tenants, information in a table associates network protocol address attributes with an Internet Protocol (IP) address unique to the tenant. The table is associated with a multiple-layer translation layer being managed by the SDN controller. As a data packet traverses the translation layer, network protocol address attributes are translated according to values in the table to enable logical routing of the packet (to a given PPD. This translation occurs dynamically (or “on-the-fly”) as packets are “on route” to their destination. By implementing a multi-layer network address translation (NAT), one layer may be used to translate network protocol address source attributes, while a second layer may be used to translate network protocol address destination attributes. | 2017-01-26 |
20170026284 | SEAMLESS MATCH POINT SWITCHING IN MLSE-BASED MODEMS - Method and system for providing seamless match point switching in an adaptive decoder (e.g., an MLSE decoder) that is based on estimation of symbol sequences, according to which statistics regarding samples corresponding to different symbol sequences in alternative match points are collected by a statistics collector, to create a set of figures of merit representing the quality of each alternative match point, while different match points are obtained by changing the delay of symbols decoded by the adaptive decoder and samples entering the statistics collector. A figure of merit of the current match point is compared to the figure of merit of alternative match points. Whenever an alternative match point figure of merit is better than the current match point by a predefined threshold, a decision to switch to the alternative match point is made. Seamless switching to the alternative match point is performed by shifting the sampling phase forward or backward, until obtaining better performance, while performing adaptation of the decoder to the sampling phase shift. | 2017-01-26 |
20170026285 | Methods and Apparatus for Direct Routing Between Nodes of Networks - A network interface of a first computing device is configured to operate according to a bridge table. The bridge table defines a spanning tree protocol for a mesh network and identifies one or more reachable nodes. A communication characteristic between the first computing device and a second computing device of the one or more reachable nodes is determined to exceed a quality threshold. Based on the determination that the communication characteristic exceeds the quality threshold, the spanning tree protocol is overridden and the data is transmitted directly to the second computing device via a direct communication route. | 2017-01-26 |
20170026286 | CONTENT DISTRIBUTION SYSTEM CACHE MANAGEMENT - Content distribution system cache management may be provided. First, a sync packet may be received by a cache server from a first server. The sync packet may include a list indicating a cache server where a chunk is to be stored and the address for the chunk. Next, an address for the chunk may be obtained by the cache server by parsing the sync packet. The cache server may then determine that the chunk is not stored on the cache server by using the address for the chunk. Next, in response to determining that the chunk is not stored on the cache server, a connection may be opened between the first server and the cache server. The cache server may then receive the chunk over the connection and cache the chunk on the cache server. | 2017-01-26 |
20170026287 | AIA ENHANCEMENTS TO SUPPORT L2 CONNECTED NETWORKS - A method for determining a routing for packets aggregated from multiple Layer 2 (L2) networks is provided. An ingress packet is received from an ingress inline network port and is processed to extract a source Media Access Control (MAC) address and a port identifier associated with the source MAC address. The extracted source MAC address of the ingress packet is looked up in a MAC address table. The ingress packet is forwarded to an inline tool device. When an egress packet is received back from the inline tool device it is processed to extract source and destination MAC addresses. The extracted source and destination MAC addresses of the egress packet are looked up in the MAC address table. The egress packet is transmitted to an egress inline port based on the looked up destination MAC address. | 2017-01-26 |
20170026288 | ATTRIBUTE SET_ID IN BORDER GATEWAY PROTOCOL - Present disclosure relates to methods for preparing BGP update messages for transmission and processing received update messages. The methods are based on grouping path attributes common to a plurality of IP address prefixes into respective sets identified with respective set identifiers and, instead of duplicating path attributes in each BGP update message, including a respective identifier referring to a certain set of path attributes provided in an earlier BGP update message when sending subsequent update messages. Grouping of path attributes into individual sets associated with respective identifiers provides significant advantages by enabling re-use of the results of previous processing on both the sending and receiving sides associated with transmission of BGP update messages. In addition, such an approach limits the amount of information transmitted in the control plane because duplicate sets of path attributes may only be transmitted once and merely be referred to in subsequent update messages. | 2017-01-26 |
20170026289 | AIA ENHANCEMENTS TO SUPPORT LAG NETWORKS - A method for maintaining packet's source network identification information while aggregating packets from a plurality of networks is provided. An ingress packet is processed to extract a plurality of packet header fields and port identifier. A first hash index is generated by hashing information associated with the plurality of packet header fields. The extracted port identifier is stored in a hash table using the generated first hash index. The ingress packet is forwarded to one or more inline tool devices. An egress packet received from the one or more inline tools is processed to extract the plurality of packet header fields. A second hash index is generated by hashing information associated with the plurality of packet header fields. The port identifier is retrieved from the hash table based on the generated second hash index. The egress packet is transmitted to a switching device based on the retrieved port identifier. | 2017-01-26 |
20170026290 | FRAME PROCESSING DEVICE AND FRAME PROCESSING METHOD - There is provided a frame processing device includes a plurality of output ports; a table in which a destination address is stored in association with an output port; a buffer configured to store a learned frame, an un-learned frame, and a copy frame generated by copying the un-learned frame; a transfer unit configured to read a second frame from the buffer in an order in which the second frame is stored and transfer the second frame to a predetermined output port; a storage configured to store the destination address of the learned frame; and a controller configured to discard the second frame to be transferred by the transfer unit, when the second frame is the un-learned frame and the destination address of the second frame is stored in the storage, wherein the second frame transferred to the plurality of output ports is output as the first frame. | 2017-01-26 |
20170026291 | ROUTING OF TRAFFIC IN NETWORK THROUGH AUTOMATICALLY GENERATED AND PHYSICALLY DISTINCT COMMUNICATION PATHS - The present disclosure pertains to systems and methods to identify high-priority traffic within a software defined network (“SDN”) and to route such traffic through physically distinct communication paths. Such routing may help to reduce network congestion faced by high-priority traffic and increase the reliability of transmission of such data. Certain embodiments may further be configured to generate a failover communication path that is physically distinct from a primary communication path. Still further, certain embodiments may be configured to suggest enhancements to a network that may improve a reliability criterion. | 2017-01-26 |
20170026292 | COMMUNICATION LINK FAILURE DETECTION IN A SOFTWARE DEFINED NETWORK - The present disclosure pertains to systems and methods of monitoring communication devices and communication links in a software defined network (SDN). In one embodiment a system may include a data bus and a communication interface in communication with the data bus. The system may further include a communication link monitoring subsystem configured to receive an indication of a status of the communication devices and the communication links over time. The system may associate the status of the communication devices and the communication links over time. The system may determine a deviation from normal parameters based on a current status, and may assess a likelihood of a change in the status based on the deviation from normal parameters. If necessary, a traffic rerouting subsystem configured to reroute data traffic to a failover path based on the likelihood of a change in the status. | 2017-01-26 |
20170026293 | COMMUNICATION LOAD BALANCING USING DISTRIBUTED ANTENNA BEAM STEERING TECHNIQUES - A load balancing method for cellular communication systems and communication systems in general is described where beam steering antenna systems on the client or user side of the communication link are used to optimize load balancing among the base stations or nodes. A system controller containing an algorithm is implemented to control the radiation modes from the client or user devices to assign the client or user devices to the various base stations or nodes and to dynamically vary the network load across the cellular or communication system. | 2017-01-26 |
20170026294 | METHOD AND SYSTEM FOR LOAD BALANCING IN A SOFTWARE-DEFINED NETWORKING (SDN) SYSTEM UPON SERVER RECONFIGURATION - In one embodiment, a method for load balancing in a software-define networking (SDN) system includes, upon receiving a packet, determining whether a matching entry for the packet in a server distribution table contains both a current and new server selection. If the matching entry contains both, it is determined whether there is a matching entry for the packet in a transient flow table, where the transient flow table maintains server selections when at least one of the plurality of servers is reconfigured. Upon determining that there is no matching entry for the packet in the transient flow table, the method determines whether the packet is a first packet of a traffic flow. If the packet is the first packet of a traffic flow, the packet is forwarded according to the new server selection of the matching entry in the server distribution table, and the transient flow table is updated. | 2017-01-26 |
20170026295 | Method and apparatus for limiting rate by means of token bucket, and computer storage medium - Provided is a token-bucket-based rate limiting method and apparatus, and a computer storage medium. The method includes that: network node equipment acquires a token bucket parameter according to an attribute of a message, then obtains a current token amount according to a time threshold and the token bucket parameter, compares the current token amount with a current message length, and processes the message according to a comparison result. | 2017-01-26 |
20170026296 | METHOD AND APPARATUS FOR VIRTUALIZED RESOURCE BLOCK MAPPING - Disclosed within is a communication architecture for medium access control (MAC) layer virtualization, where the architecture is made up of: a physical MAC layer, a plurality of physical resource blocks (RBs) associated with the MAC layer, a plurality of virtual medium access control (vMAC) layers, where each vMAC layer corresponds to a separate service group, with each service group programming its own scheduling logic in each vMAC layer, and a plurality of virtual resource blocks (vRBs) associated with each vMAC layer, where the vRBs are filled with data packets according to the scheduling logic in each vMAC instance. The physical MAC layer virtualizes the RBs as vRBs and assigns them to each vMAC layer according to a service level agreement associated with each service group, and each vMAC maps traffic flows of subscribers associated with it onto the assigned vRBs. | 2017-01-26 |
20170026297 | CODE BLOCK SEGMENTATION AND RATE MATCHING FOR MULTIPLE TRANSPORT BLOCK TRANSMISSIONS - Techniques for code block (CB) segmentation and rate matching in wireless deployments that may use CB-level feedback may provide that a transport block group (TBG) may include one or more CBs from multiple transport blocks (TBs). Such TBGs may support retransmissions of one or more CBs from different TBs within a TBG transmission. In certain examples, a TBG size may be determined, and a retransmission size associated with any CBs to be retransmitted are determined. Based at least in part on the TBG size and retransmission size, it may be determined whether a new TB may be included in the TBG. | 2017-01-26 |
20170026298 | JITTER BUFFER LEVEL ESTIMATION - Some implementations involve controlling a jitter buffer size during a teleconference according to a jitter buffer size estimation algorithm based, at least in part, on a cumulative distribution function (CDF). The CDF may be based, at least in part, on a network jitter parameter. The CDF may be initialized according to a parametric model. At least one parameter of the parametric model may be based, at least in part, on legacy network jitter information. | 2017-01-26 |
20170026299 | METHOD AND SYSTEM OF IMPLEMENTING CONVERSATION-SENSITIVE COLLECTION FOR A LINK AGGREGATION GROUP - A method is executed by a network device for implementing conversation-sensitive collection for frames received on a port of a link of a link aggregation group. The network device executes an aggregator to collect the frames for aggregator clients, where each frame is associated with a service identifier and a conversation identifier. The service identifier identifies a data flow at a link level for a service. The conversation identifier identifies the data flow at a link aggregation group level, where each conversation data flow consists of an ordered sequence of frames, and where the conversation-sensitive collection maintains the ordered sequence by discarding frames of conversations not allocated to the port. | 2017-01-26 |
20170026300 | METHOD AND SYSTEM FOR FLEXIBLE CREDIT EXCHANGE WITHIN HIGH PERFORMANCE FABRICS - Method, apparatus, and systems for implementing flexible credit exchange within high performance fabrics. Available buffer space in a receive buffer on a receive-side of a link is managed and tracked at the transmit-side of the link using credits. Peer link interfaces coupled via a link are provided with receive buffer configuration information that specifies how the receive buffer space in each peer is partitioned and space allocated for each buffer, including a plurality of virtual lane (VL) buffers. Credits are used for tracking buffer space consumption and in credits are returned from the receive-side indicating freed buffer space. The peer link interfaces exchange credit organization information to inform the other peer of how much space each credit represents. In connection with data transfer over the link, the transmit-side de-allocates credits based on an amount of buffer space to be consumed in applicable buffers in the receive buffer. Upon space being freed in the receive buffer, the receive-side returns credit ACKnowledgements (ACKs) identifying a VL for which space has been freed. | 2017-01-26 |
20170026301 | STATELESS NETWORK FUNCTIONS - Systems and methods are described for stateless network function virtualization. Embodiments operate in context of a data network, in which network middleboxes are virtualized, for example, for added scalability and fault tolerance. The virtualized middleboxes can implement state-reliant network functions in a manner that decouples the state from the packet processing pipeline, while maintaining reliability and throughput even at very high data rates. Various embodiments include novel packet processing pipeline architectures, novel thread coordination structures (e.g., including batching and buffer pool sub-structures), novel remote state data store structures, and/or other novel features. | 2017-01-26 |
20170026302 | SYSTEMS AND METHODS FOR REORGANIZATION OF MESSAGES IN QUEUING SYSTEMS - A method for the reorganization of messages in queuing systems is disclosed. The method comprising receiving a statement to reorganize one or more messages within an ordered data structure; translating the statement into a first set of instructions for identifying one or more messages on which to perform one or more operations, a second set of instructions for performing the one or more operations on the identified one or more messages, and a third set of instructions for storing, in a memory, the identified one or more messages after the one or more operations have been performed; executing the first set of instructions, the second set of instructions, and the third set of instructions on each message in the ordered data structure; and transmitting the operated upon messages. | 2017-01-26 |
20170026303 | DATA STREAM DIVISION TO INCREASE DATA TRANSMISSION RATES - A method and system for matching bandwidth is provided. The method includes receiving by a first interface device, data. The data is divided into a plurality of data packets and stored within an internal buffer. A first data packet is transmitted to a first communication device communicatively coupled to the first interface device. The first data packet is transmitted from the first communication device to a second interface device via a first communication network. A second data packet is transmitted to a second communication device communicatively coupled to the first interface device. The second data packet is transmitted from the second communication device to the second interface device via a second communication network associated with the second communication device. | 2017-01-26 |
20170026304 | QOS ON A VIRTUAL INTERFACE OVER MULTI-PATH TRANSPORT - A method performed by a first network device for applying Quality-of-Service (QoS) on a virtual interface over a multi-path transport topology. The method includes receiving a packet of the virtual interface from a service home network processing unit (NPU), where the virtual interface has been provisioned with a virtual interface QoS, where the service home NPU has applied the virtual interface QoS on the packet, and where the packet includes a physical transport link identifier (ID) that identifies a physical transport link over which the packet is to be forwarded. The method further includes selecting a virtual adjacency based on metadata included in the packet and using the selected virtual adjacency to select a queue based on the physical transport link ID and store the packet in the selected queue. The method further includes performing scheduling to select the queue and sending the packet over the physical transport link. | 2017-01-26 |
20170026305 | SYSTEM TO PLACE VIRTUAL MACHINES ONTO SERVERS BASED UPON BACKUP RUNTIME CONSTRAINTS - Systems and methods are provided for the allocation of software applications to network nodes. In one embodiment, a method may employ a computer based system to access a list of software applications, determine characteristics of the software applications, and map software applications to network nodes. In another embodiment, a system utilizes characteristics from the software applications and characteristics from reserve power capacity of the network nodes based on the mapping. This information may be implemented using a supervising or distributed application configuration to allow or restrict the initiation of migration of the software applications correlated to the mappings. | 2017-01-26 |
20170026306 | SYSTEMS AND METHODS FOR AUTONOMOUS RESOURCE DISCOVERY, MANAGEMENT, AND STITCHING - The present invention relates generally to management in an autonomous, distributed environment. Aspects of the present invention include employing a distributed, scalable, autonomous resource discovery, management, and stitching system. In embodiments of the present invention a block architecture can be used where each block maintains management of the block rather than the entire environment. In embodiments of the present invention each block includes an autonomous resource discovery, management, and stitching system capable of communicating with autonomous resource discovery, management, and stitching, systems of other blocks to allocate and share resources between blocks. | 2017-01-26 |
20170026307 | System And Method For Remote Managing Applications In A Network Appliance - A computer-implemented method for providing an interface to a first network device using a second device through one or more wired and/or wireless networks is described. The method includes receiving an installation indication at a processor of the first network device from a remote application on a second network device, determining whether a correlated application corresponding to the remote application is installed on the first network device, transceiving data between the correlated application to the second network device based on a determination that the correlated application corresponding to the remote application is installed on the first network device, and downloading the correlated application corresponding to the remote application based on a determination that the correlated application corresponding to the remote application is not installed on the first network device. | 2017-01-26 |
20170026308 | CONTROLLING RESOURCES USED BY COMPUTING DEVICES - Various examples for controlling resources used by client devices are disclosed. A management application executing in at least one computing device can identify client devices executing an instance of a client application that are available for management, where the client application is configured to control at least one function of a respective one of the client devices. A mode of operation can be changed on the at least one computing device where at least one resource is shared with the client devices, such as on a display of the client devices. Through communication between the management application and the client application executing on individual ones of the client devices, access to the at least one function can be restricted while the at least one resource is shared with the plurality of client devices. | 2017-01-26 |
20170026309 | AUTOMATED RECONFIGURATION OF SHARED NETWORK RESOURCES - A resource manager can adjust the amount of capacity in each of a plurality of resource pools using a combination of proactive and reactive approaches. Targets such as an amount of total capacity and an amount of free capacity can be forecast and periodically compared against actual capacity and usage of the pools. A pool balancing algorithm can be used to shift capacity among pools as needed, in order to provide the targeted amount of capacity for each pool before the capacity is needed. When actual usage varies sufficiently from the forecasted usage on which the targets are based, the resource manager can react by reconfiguring resources as needed. | 2017-01-26 |
20170026310 | DETERMINING CAPACITY OF VIRTUAL DEVICES IN A VOICE OVER INTERNET PROTOCOL SYSTEM - A method for determining a capacity of a virtual machine in a VoIP system includes determining a resource configuration of the virtual machine including a number of CPU cores, a CPU clock rate, or a memory size. The virtual machine may be configured as a trunk, conference bridge, phone switch, session border controller, router, or another device in the VoIP system. The method also includes sending the resource configuration from the virtual machine to a VoIP system configuration application. The VoIP system configuration application may be an application running on the virtual machine or an application running on a server separate from the virtual machine. At the VoIP system configuration application, a capacity of the virtual machine is determined based on the resource configuration. The capacity may determine a number and type of telephony features supported by the telephony device in the VoIP system. | 2017-01-26 |
20170026311 | METHOD AND SYSTEM FOR ALLOCATING VIDEO TRANSCODING RESOURCES - Embodiments of this disclosure provide a method and system for allocating transcoding resources so as to address the problem in the prior art of underutilizing transcoding resources so that if there are a large number of videos to be transcoded, the efficiency of transcoding may be seriously reduced. In an embodiment of this disclosure, a resource value to be consumed for transcoding a video corresponding to a transcoding task is determined; and transcoding resources are allocated for the transcoding task from currently allocable transcoding resources upon judging that transcoding resources can be allocated for the transcoding task, according to the transcoding resource value corresponding to the transcoding task, and a condition of occupied transcoding resources, instead of configuring a fixed workload of transcoding, thus improving utilization ratio of the resources so that if there are a number of videos to be transcoded, the efficiency of transcoding will be improved. | 2017-01-26 |
20170026312 | METHODS AND SYSTEMS FOR MANAGING A RESOURCE IN A NETWORKED STORAGE ENVIRONMENT - Methods and systems for a networked storage system are provided. One method includes receiving a resource identifier identifying a resource of a network storage environment as an input to a processor executable application programming interface (API); and predicting available performance capacity of the resource by using an optimum utilization of the resource, a current utilization and a predicted utilization based on impact of a workload change at the resource, where the optimum utilization is an indicator of resource utilization beyond which throughput gains for a workload is smaller than increase in latency in processing the workload. | 2017-01-26 |
20170026313 | Data Processing Method and Apparatus for OpenFlow Network - A data processing method and an OpenFlow network are provided. According to the method, after acquiring an aggregation rule from a controller in the OpenFlow network, a switch in the OpenFlow network performs rule matching on to-be-reported data flows according to the aggregation rule. The switch extracts information about data flows matching the aggregation rule in the to-be-reported data flows. Then the switch packetizes and sends the information to the controller, such that the controller determines, according to the information, a forwarding rule for the data flows matching the aggregation rule in the switch. This method avoids that each to-be-reported data flow is sent to the controller using a Packet_In message respectively, such that control channel bandwidth resources consumed by the Packet_In message are reduced. Utilization of the control channel bandwidth resources is improved. | 2017-01-26 |
20170026314 | BUILT-IN ETHERNET SWITCH DESIGN FOR RTU REDUNDANT SYSTEM - A system includes a remote terminal unit (RTU) controller module. Each RTU controller module comprises a controller board configured to couple to a carrier board that includes first and second Ethernet ports. Each controller module comprises computer processing circuitry including the first and second MACs and configured to select to transmit a packet to the first Ethernet port through the first MAC and to alternatively select to transmit the packet to the second Ethernet port through the second MAC. Each controller module comprises an Ethernet switch configured to receive the packet from the first media access control (MAC) and transmit the packet to the first Ethernet port. Each controller module comprises a physical Ethernet interface (PHY) configured to receive the packet from the second MAC and transmit the packet to the second Ethernet port. The computer processing circuitry, the Ethernet switch, and the PHY are mounted on the controller board. | 2017-01-26 |
20170026315 | POWER EFFICIENCY IMPROVEMENT IN NETWORK EQUIPMENT USING SERVICE GROUP CONSOLIDATION - Particular embodiments provide systems and methods to reduce the average power consumption per subscriber. Particular embodiments select windows of time when network components are under-utilized by subscribers of the network. During periods of under-utilization of a network component, subscribers may be consolidated onto a smaller number of network components by increasing the service group size. The consolidation increases the service group size, which has the effect of lowering bandwidth per subscriber. However, the bandwidth use per subscriber may be lower during this time. The use of the smaller number of network components allows the energy for these components to be used more efficiently. When the subscriber network demands increase, the distribution system places the network components into an active power state and redistributes the subscribers to the newly-activated components. This decreases the service group size, such as back to the original size. | 2017-01-26 |
20170026316 | METHOD, APPARATUS AND DEVICE FOR EXCHANGING NAME CARD - The present disclosure provides a method, apparatus and terminal for exchanging a name card, which relates to mobile communication technologies. The method comprises: binding the contact client with a first Instant Messaging (IM) client through an associated account, the contact client comprising a contact; receiving a selecting signal for selecting at least one name card in the contact; sending the selected at least one name one name card to the first IM client binded with the contact client, the first IM client comprising a first user account, and the first user account having a friendship link; and sharing the selected at least one name card through the first user account with at least one second IM client in the friendship link. | 2017-01-26 |
20170026317 | METHOD AND SYSTEM FOR COMMUNICATING WITHIN A MESSAGING ARCHITECTURE USING A STRUCTURED DATA OBJECT - A method, system, and computer-program product for communicating within a messaging architecture using a structured data object are disclosed. The method includes identifying a structured data object configured to represent structured data, receiving the structured data at a messaging system, generating a message that includes the structured data, and sending the message. The structured data object is configured to be accessed by an application and the messaging system, and includes a request element and a response element. The sending includes transferring the message via the messaging system. | 2017-01-26 |
20170026318 | PROVIDING PERSONAL ASSISTANT SERVICE VIA MESSAGING - The present disclosure relates to systems, methods, and devices for providing personal assistant service via messaging. In particular, one or more embodiments receive a request for personal assistant service in an electronic message from a user, assign the request to an agent, determine an intent of the request, and configure an agent user interface to include one or more options in accordance with the determined intent of the request. | 2017-01-26 |
20170026319 | METHOD AND SYSTEM FOR TRANSFERRING MESSAGES BETWEEN MESSAGING SYSTEMS - A message interchange gateway for transferring messages between a first party and a second party includes an ingress module, arranged to accept at least one message from the first party, a session manger arranged to accept the at least one message from the ingress module, the session manager being further arranged in co-operation with a storage device having data, a message queuing module having at least one session-based message queue, and at least a first session handler having a first session. The first session handler is arranged in co-operation with a first session-based message queue for the processing of the at least one message according to an instruction from the session manager. The instruction is at least partially based on the data, and the first session handler is further arranged to dispatch, after processing, the at least one message from the first session-based message queue to the second party. | 2017-01-26 |
20170026320 | Message Payload Editor - Methods and apparatus, including computer program products, are provided for editing messages via a message-specific user interface. In some implementations, a method may be provided. The method may include receiving, at a user interface, data content of a message corresponding to a business object; presenting, at the user interface, the data content of the message corresponding to the business object, the user interface generated specifically for a type associated with the message; and initiating, at the user interface, at least one of a change and a save to the data content. Related systems, methods, and articles of manufacture are also disclosed. | 2017-01-26 |
20170026321 | METHOD AND SYSTEM FOR ESTABLISHING A COMMUNICATION BETWEEN MOBILE COMPUTING DEVICES - Method and system for initiating and establishing a communication between mobile computing devices, in particular initiating and establishing an online exchange of messages in real time, i.e. instant messaging, with one or more simultaneous users of a computer network. | 2017-01-26 |
20170026322 | ASYNCHRONOUS EVENT-DRIVEN MESSAGING FRAMEWORK FOR A REMOTE VIDEO ASSISTANCE SYSTEM - The present invention provides an over-the-top intermediary application for delivering video assistance services. The invention brokers and coordinates all messaging between user and video assistant multimedia applications/platforms, as well as backend resource allocation infrastructure services. By encapsulating different protocol messages from disparate multimedia clients/vendors and backend infrastructure services into a common standard-based messaging protocol, the present invention is able to provide video assistance services regardless of which multimedia client is implemented by the user or video assistant and is able to readily implement new, emerging multimedia clients and backed infrastructure services in a plugin-like fashion. In addition, the video session broker of the present invention streamlines call workflow, maintains the presence of all user/video assistant endpoints, coordinates video session ignition requests and maintains messaging transport between users, video assistants and backend infrastructure resources. | 2017-01-26 |
20170026323 | ACCESS PREDICTIONS FOR DETERMINING WHETHER TO SHARE CONTENT - Some users (also called sharers) desire to share content with recipients (also called recipients) over a virtual community or other computerized means. Some of the content to be shared (first-order content) may include links, hyperlinks, or other references (links) to additional content (each individually a second-order content). These content layers may continue indefinitely and the content layers may contain links both within and without the domain or virtual community of the first-order content. A sharer may be unaware of whether various recipients have access to any of the various layers of content (first-order or otherwise). Embodiments of the present invention transmit the likelihood for individual recipients to access various layers of content to the sharer. | 2017-01-26 |
20170026324 | TECHNIQUES TO PROMOTE FILTERED MESSAGES BASED ON HISTORICAL REPLY RATE - Techniques to promote filtered messages based on historical reply rate are described. In one embodiment, an apparatus may comprise a messaging interface component operative to receive an incoming message; and transmit the incoming message to a configured delivery mailbox on a client device; and a destination mailbox configuration component operative to determine one or more connection categories between the sender account and the recipient account; determine a predicted reply rate for the incoming message based on the one or more connection categories, a recipient reply history for the recipient account, and a sender reply history for the sender account; configure the delivery mailbox for the incoming message based on the predicted reply rate; identify a most-prominent connection category of the one or more connection categories; and configure the incoming message with a banner message indicating the most-prominent connection category. Other embodiments are described and claimed. | 2017-01-26 |
20170026325 | ELECTRONIC BUSINESS POSTAL SYSTEM - An electronic business postal system collects, clears and delivers electronic business mail through a closed access, secure messaging system. A collection subsystem consists of access portals that are associated with secured system nodes. The access portals provide authenticated users access to the system to send and retrieve electronic business mail that includes postal system electronic delivery addresses, physical delivery addresses, or both. Secured message servers that are associated with the respective access portals process the electronic business mail into uniquely identified messages for delivery over the system nodes and also process received messages to provide the corresponding electronic business mail to the intended recipients through associated access portals. A delivery subsystem directs the messages through the system nodes associated with the senders' access portals to the system nodes associated with the recipients' access portals. A clearance subsystem confirms the integrity of both the messages and their delivery and ensures that each message is delivered once and intact. | 2017-01-26 |
20170026326 | SOCIAL MEDIA MESSAGE DELIVERY BASED ON USER LOCATION - An approach for delaying social media messages is provided herein. A first computing device receives user preferences. The first computing device detects a social media message of a user. The first computing device determines that the user is not in the physical location. The first computing device determines whether to delay the posting of the social media message based on a comparison of the content of the social media message with the received user preferences. | 2017-01-26 |
20170026327 | SOCIAL MEDIA MESSAGE DELIVERY BASED ON USER LOCATION - An approach for delaying social media messages is provided herein. A first computing device receives user preferences. The first computing device detects a social media message of a user. The first computing device determines that the user is not in the physical location. The first computing device determines whether to delay the posting of the social media message based on a comparison of the content of the social media message with the received user preferences. | 2017-01-26 |
20170026328 | TECHNIQUES TO PROMOTE FILTERED MESSAGES BASED ON HISTORICAL REPLY RATE - Techniques to promote filtered messages based on historical reply rate are described. In one embodiment, an apparatus may comprise a messaging interface component operative to receive an incoming message; and transmit the incoming message to a configured delivery mailbox on a client device; and a destination mailbox configuration component operative to determine one or more connection categories between the sender account and the recipient account; determine a predicted reply rate for the incoming message based on the one or more connection categories, a recipient reply history for the recipient account, and a sender reply history for the sender account; configure the delivery mailbox for the incoming message based on the predicted reply rate; identify a most-prominent connection category of the one or more connection categories; and configure the incoming message with a banner message indicating the most-prominent connection category. Other embodiments are described and claimed. | 2017-01-26 |
20170026329 | Certified Email System and Method - A certified email system for providing a time stamp for a presented file, particularly an email, is provided. Preferably a demanding party receives the email; generates a unique HASH; digitally signs the unique HASH; and sends the signed HASH and a time-stamp request call to a web services time-stamp conduit (WSTC). The WSTC receives the request and signed HASH and obtains a trusted time stamp from a Time Stamp Authority using a secure clock. The WSTC sends the time stamp to the demanding party, which sends a time-stamp notification to the original sender of the email and, optionally, the recipient(s) of the email. Multiple branded or customized demanding servers can efficiently run using one web services time-stamp conduit. An integrated detailed billing system capable of pass-through client billing, keyword search functionality, a multi-party content management system, and convenient web-based automated verification (file or HASH) services are provided. | 2017-01-26 |
20170026330 | PREVENTING A USER FROM MISSING UNREAD DOCUMENTS - According to one exemplary embodiment, a processor-implemented method for informing a user that an important unread email (IUE) will be removed from an online communication inbox, wherein the IUE is a high priority email determined by an algorithm is provided. The method may include determining, by the processor, if the online communication inbox associated with the user has received the IUE. The method may also include determining if an email removal event associated with the received IUE will occur within a threshold time. The method may then include displaying a notification to the user of the email removal event based on determining that the email removal event will occur within the threshold time. | 2017-01-26 |
20170026331 | PERSONALIZED DELIVERY TIME OPTIMIZATION - Techniques for optimizing a delivery time for the delivery of messages are described. According to various embodiments, a system determines, for each of a plurality of time intervals, a likelihood of a particular member of an online social network service performing a particular member user action on a particular message content item during the corresponding time interval. The plurality of time intervals are then ranked, based on the determined likelihoods corresponding to the plurality of time intervals. Thereafter, a particular time interval is identified from among the plurality of time intervals that is associated with a highest ranking. The particular time interval is then classified as an optimum personalized message delivery time for the particular member. | 2017-01-26 |
20170026332 | METHODS, SYSTEMS, AND COMPUTER-READABLE MEDIA FOR PROVIDING COMMUNITY-BASED INFORMATION NETWORKS - Methods, systems, and computer-readable media for providing an information network service are described. Some embodiments provide a community information network based on virtual groups or communities. The community information network may use community profiles and affiliations configured to facilitate collaboration the communities and members thereof. In some embodiments, elements may be shared as representations of the actual element. In this manner, a user may delete the shared element and cause the deletions of the representations of the actual element used by other members or communities to access the shared element, such that the element is no longer accessible by other users or communities. | 2017-01-26 |
20170026333 | METHODS AND SYSTEMS FOR A UNIFIED MULTI-MEDIA COMMUNICATIONS SYSTEM - Methods and systems for integrated communications using multi-media channels of communication. The disclosure relates to enabling multi-media communication among users through multiple and varied communication channels using a single interface. The method and system for integrated communication allows users to communicate through multiple channels, without requiring the users to leave the interface, using a robust information set that is enabled by multi-media capabilities. A single interface is provided to allow users to use to communicate to other users through a variety of communication channels. This is assisted by an integration engine that integrates multiple communication channels, as well as a context engine, which allows a user to send context, as well as resources, through the communication channels. | 2017-01-26 |
20170026334 | METHOD FOR RECOVERING IPV6 FAULT IN MOBILE COMMUNICATION NETWORK AND PCRF - There is provided a method for a network fault recovery. The method may be performed by a policy and charging rule function (PCRF) node and comprise: transmitting, to a traffic detection function (TDF), a first request for monitoring a session initiation protocol (SIP) based signal to be routed over a first internet protocol (IP) version based network, if a fault of the first IP version-based network is detected; receiving, from the TDF, a report indicating that the SIP based signal is detected; transmitting a first indication for initiating a IP connectivity access network (IP-CAN) session termination procedure to a packet data network gateway (P-GW). Here, the first indication may include a cause value indicating a reactivation is requested such that the P-GW enables a user equipment (UE) to perform a detach procedure and then a reattach procedure. | 2017-01-26 |
20170026335 | AUTO PROVISIONING OF BULK ACCESS POINTS - Provided are devices, computer-program products, and methods for automatic provisioning of an access point. In some implementations, a network device may connect to a network. Connecting may include automatically receiving a group name. In some implementations, a dynamic host configuration protocol (DHCP) request may be transmitted. A DHCP response message may also be received. The DHCP response message may provide an Internet Protocol (IP) address. The IP addressed may facilitate communication by the network device with the network. Controller information may be received. The controller information may include a controller IP address. Provisioning information may be requested. This request may include the group name and the controller IP address. Provisioning information may be received. Provisioning information may be associated with the controller IP address. The provisioning information may facilitate self-configuration of a network device. The operation of the network device may be configured using the provisioning information. | 2017-01-26 |
20170026336 | METHODS OF USING BEACON MESSAGES TO DISCOVER DEVICES ACROSS SUBNETS - A method of discovering a device to be discovered in a communication network having multiple interconnected nodes includes transmitting, by a discoverer, at least one beacon signal including an IP address to the network. The device to be discovered receives the at least one beacon signal. The device to be discovered configures the IP address located in the at least one beacon signal. Additionally, the device to be discovered transmits an advertisement to a server specified by the discoverer. | 2017-01-26 |
20170026337 | COMMUNICATION MANAGEMENT SYSTEM, COMMUNICATION TERMINAL, COMMUNICATION SYSTEM, AND RECORDING MEDIUM STORING CONTROL PROGRAM - In response to a request for sending second candidate information of a first communication terminal to a second communication terminal, a communication management system adds at least one of the member communication terminals indicated by the second candidate information of the first communication terminal, to first candidate information of the second communication terminal. | 2017-01-26 |
20170026338 | PROTECTING COMMUNICATION LINK BETWEEN CONTENT DELIVERY NETWORK AND CONTENT ORIGIN SERVER - A privatized link between an origin server and a content delivery network is provided. A privatized link can be direct connection that does not route over the internet. Another privatized link is one that rotates IP addresses. An origin server may be assigned to use a set of multiple IP addresses for communication with the content delivery network. However, at any given time, the origin server is only using a small number of IP addresses. When one of the IP addresses being used to communicate with the content delivery network comes under attack, the origin server switches to another IP address in the set in order to continue serving content to the content delivery network via an IP address that is not under attack. | 2017-01-26 |
20170026339 | CENTRALIZED AUTHENTICATION SERVER FOR PROVIDING CROSS-DOMAIN RESOURCES VIA A REST-BASED TUNNEL - In various example embodiments, an authentication server provides a secure communication pathway between a client device and a service provider. The authentication server has been previously authenticated with the service provider and establishes a tunnel for receiving requested information from the service provider. The tunnel is implemented according to Representational State Transfer (“REST”) principles, so the client device can send one or more REST requests to the authentication server, which then redirects such requests to the service provider via the established tunnel. In addition, the client device may be previously authenticated with the authentication server such that the client device does not need to explicitly authenticate to the service provider each time information is requested. In some embodiments, the authentication server may be in communication with intermediary servers, which, in turn, are also authenticated with the service provider, and requests for information are routed through the intermediary servers. | 2017-01-26 |
20170026340 | SECURITY COMPLIANCE FOR CLOUD-BASED MACHINE DATA ACQUISITION AND SEARCH SYSTEM - Disclosed herein are a method, apparatus and system that authenticate a first data forwarder, of a distributed machine data acquisition and search system (MDASS), to a node that regulates traversal of a firewall that protects a protected environment within which the data forwarder operates. The authentication may be performed by using a SOCKS5 authentication process. The method further includes, only after successful completion of the SOCKS5 authentication process, establishing a first connection, through a network, between the first data forwarder and a first indexer of the distributed MDASS, where the first indexer operates outside the protected environment, and sending machine data acquired by the first data forwarder from a machine data source, to the first indexer via the first connection. | 2017-01-26 |
20170026341 | AUTOMATION NETWORK AND METHOD FOR MONITORING THE SECURITY OF THE TRANSFER OF DATA PACKETS - An automation network for monitoring the security of a transfer of data packets includes a first processing device configured to transfer a data packet from an installation component and to the installation component, and a second data processing device which is bidirectionally connected to the first data processing device. The second data processing device generates at least one response packet, when detecting a transmission of the data packet from the first data processing device, and sends the at least one response packet back to the first data processing device. The first data processing device includes a response filter which is configured to execute a check and subsequent rejection/acceptance of the at least one response packet. | 2017-01-26 |
20170026342 | SYSTEMS AND PROCESSES FOR EXECUTING PRIVATE PROGRAMS ON UNTRUSTED COMPUTERS - The present invention provides methods for executing a private computer program on untrusted computers. The present invention also provides for products produced by the methods of the present invention and for apparatuses used to perform the methods of the present invention. | 2017-01-26 |
20170026343 | Anonymous Account Security Exchange - Methods, systems, and computer program products for providing anonymized account security services are disclosed. For example, a computer-implemented method may include an anonymous account security exchange for receiving anonymized user account information for a first user account identified as a security risk from a first organization associated with the first user account, receiving anonymized user account information for a second user account from a second organization associated with the second user account, determining that the anonymized account identifier associated with the first user account matches the anonymized account identifier associated with the second user account, and providing a notification to the second organization indicating that the second user account is associated with a different user account identified as a security risk by another organization. | 2017-01-26 |
20170026344 | Secure Voice and Text Communication - A computerized security peripheral device has a central processing unit (CPU), a power supply, a digital memory; a microphone; a speaker apparatus; first circuitry enabling wireless data transfer to and from a communication device having compatible wireless communication capability; and second circuitry executing coded instructions enabling encryption of audio input at the microphone and decryption of incoming encrypted voice data using one or more keys stored in the digital memory. The audio input at the microphone is converted to an audio data stream that is encrypted using the one or more keys, and then is provided as an encrypted stream through the first circuitry to the network-connected communication device, and wherein encrypted voice data received at the first circuitry is decrypted using the one or more keys, and the decrypted data is provided as voice date to the speaker apparatus. | 2017-01-26 |
20170026345 | SYSTEMS AND METHODS FOR IMPROVING PRECISION OF A LOCATION SENSOR - Systems and methods of cryptographically protecting location data transferred between servers via a network to tune a location engine are described herein. A first encryption module determines a first hash value for each location determination, encrypts the first hash value for each location determination using a first encryption protocol to generate a first encrypted data set, and transmits the first encrypted data set to a server. The first encryption module receives, from the server, a second encrypted data set with second hash values generated by a second encryption module of the server using a second encryption protocol. The first encryption module creates a first double encrypted data set from the second encrypted data set. A tuner compares the first double encrypted data set with a second double encrypted data set received from the server to adjust the location engine. | 2017-01-26 |
20170026346 | Secure Content Access Authorization - A secure content delivery or access method may include coordination among three devices such as servers—a content management server, a delivery server, and an authorization server. A request for content may originate from an authorization server application, and may involve the application obtaining two digitally signed tokens for the request. The first token may be from the authorization server, and may include a content management server identifier for the requested content. The second token may include two identifiers for the content: the first identifier being the content management server identifier, and the second being a delivery server identifier. The first and second tokens may be signed by the authorization server and content management server, respectively, and may be delivered to the delivery server for validation. Successful validation may result in the delivery server providing a content decryption key for the requested content to a device requesting the content. | 2017-01-26 |
20170026347 | Ultra Dense Network Security Architecture and Method - A method for establishing a trust relationship in an ultra dense network is provided. The method comprises receiving, by a user equipment (UE), a reconfiguration request from a macrocell; deriving, by the UE, a user plane encryption key according to information in the reconfiguration request; transmitting, by the UE, a first user plane signaling message to a first microcell in a group of microcells when the UE is attached to the first microcell; and transmitting, by the UE, a second user plane signaling message to a second microcell in the group of microcells when the UE is attached to the second microcell, wherein the first user plane signaling message and the second user plane signaling message are both encrypted according to the user plane encryption key. | 2017-01-26 |
20170026348 | MESSAGE ENCRYPTION - The computer receives customer registration information and encryption parameters from a customer, then transmits them to the server of an entity such as a pharmacy or bank. After the entity utilizes the transmitted encryption parameters to encrypt confidential portions of a message to the customer, the computer captures the message by way of receiving, photographing, scanning, or otherwise obtaining a copy of the message. The computer identifies glyphs in the message indicative of the corresponding encryption parameters as well as where the encrypted portions of the message start/end. Using the identified glyphs and corresponding encryption parameters, the computer decrypts the confidential portions of the message and displays the message in entirety on the computer. | 2017-01-26 |
20170026349 | COMMUNICATION DEVICE FOR IMPLEMENTING SELECTIVE ENCRYPTION IN A SOFTWARE DEFINED NETWORK - The present disclosure pertains to systems and methods for selectively encrypting data flows within a software defined network (SDN). In one embodiment, a communication device may be configured to receive a plurality of unencrypted data packets. The communication device may receive from an SDN controller a criterion used to identify at least one of the unencrypted data flows to be encrypted. Based on the criterion, an encryption subsystem may generate an encrypted data flow the unencrypted data packets based on an encryption key. In some embodiments, the encryption system may parse the packets and encrypt the data payloads without encrypting the routing information associated with the packet. In other embodiments, the encryption subsystem may be configured to encapsulate and encrypt the entire unencrypted data packet. In some embodiments, the encryption subsystem may further be configured to authenticate a sending device and/or to verify the integrity of a message. | 2017-01-26 |
20170026350 | SEARCHABLE ENCRYPTION ENABLING ENCRYPTED SEARCH BASED ON DOCUMENT TYPE - A searchable encryption method enables encrypted search of encrypted documents based on document type. In some embodiments, the searchable encryption method is implemented in a network intermediary, such as a proxy server. The network intermediary encrypts documents on behalf of a user or an enterprise destined to be stored on a cloud service provider. The searchable encryption method encodes document type information into the encrypted search index while preserving encryption security. Furthermore, the searchable encryption method enables search of encrypted documents using the same encrypted index, either for a particular document type or for all encrypted documents regardless of the document type. | 2017-01-26 |
20170026351 | ENCODER, DECODER, SYSTEM AND METHOD FOR TRANSMITTING ENCRYPTED DATA - An encoder for providing encrypted data for transmission via a transmission medium includes an encryption unit that is configured to encrypt data received at the encoder block by block and a processing unit. The processing unit is configured to randomly distribute an encrypted data block to a plurality of channels that are allocated to the transmission medium and to provide a sub-block, which includes part of the encrypted data block, to be transmitted via one of the channels, together with a channel identification allocated to the channel and a code value that is based on the encrypted data in the sub-block to be transmitted and the channel identification, for transmission via the allocated channel of the transmission medium. | 2017-01-26 |
20170026352 | GENERATING BRIDGE MATCH IDENTIFIERS FOR LINKING IDENTIFIERS FROM SERVER LOGS - Systems and methods of matching identifiers between multiple datasets are described herein. A system can transmit a first identifier vector to a third party server. The first identifier vector can include a first identifier, first parameters, and second parameters. The system can receive, from the third party server, the first identifier vector encrypted based on a third-party encryption. The system can receive, from the third party server, a second identifier vector encrypted based on the third-party encryption associated with the third party server. The second identifier vector can include a second identifier, third parameters, and fourth parameters. The system can determine a correlation count between the first identifier vector and the second identifier vector. The system can determine that the first identifier corresponds to the second identifier based on the correlation count. The system can generate one identifier key for both the first identifier and the second identifier. | 2017-01-26 |
20170026353 | MANAGEMENT OF ACCESS SESSIONS - Disclosed are examples of managing access sessions for a computing device. In some examples, a computing device obtains a key and timeout data from secured storage. The computing device determines whether an access session has expired based on the timeout data. Responsive to determining that the access session has expired, the computing device erases the key from the secured storage. | 2017-01-26 |
20170026354 | VEHICLE WIRELESS INTERNET SECURITY - Methods, systems, and computer program products for vehicle wireless internet security are provided. A connection request is received from a mobile device. A data request is transmitted to the mobile device. The data request includes a request for location-based data of the mobile device. A first data is received from the mobile device that corresponds to the data request. A vehicle data is generated that comprises location-based data of the vehicle. A match between the first data and the vehicle data is determined. A match is determined where the location based data of the mobile device is with a pre-determined threshold of the location-based data of the vehicle. | 2017-01-26 |
20170026355 | SECURE ACCESS TO VIRTUAL MACHINES IN HETEROGENEOUS CLOUD ENVIRONMENTS - Systems, methods, and computer-readable media provide for secure access to virtual machines in heterogeneous cloud environments. In an example embodiment, client credentials, such as a public key of a public-private key pair, are provided to a virtual machine in a first cloud, such as a private cloud. The virtual machine can be migrated from the first cloud to a second cloud, such as one of a plurality of heterogeneous public clouds. The virtual machine in the second cloud can be accessed from the first cloud via Secure Shell (SSH) authentication using the client credentials. The client credentials can be updated, and the updated client credentials can be used for subsequent SSH access to the virtual machine in the second cloud. | 2017-01-26 |
20170026356 | METHOD AND APPARATUS FOR GENERATING AN INTELLIGENT PRIMARY KEY FACILITATING FASTER OBJECT RETRIEVAL - Various methods are provided for facilitating a reduction in the number of required search operations during account creation. One example method may comprise causing creation of a user account object configured for storage in a database, the user account object comprising user personal information, causing creation of a user linked account object configured for storage in the database, the user linked account object comprising user credential information, the user linked account object linked the user account object, generating, via processor, an identification field of the user linked account object, generation of the identification field comprising: receiving at least identification information and an account type; accessing a realm; and utilizing a hash function to generate a composite key as a function of the identification information, the account type, and the realm. | 2017-01-26 |
20170026357 | PROXY AUTHENTICATION METHOD AND COMMUNICATION DEVICE - A proxy authentication method executed by a communication device includes acquiring equipment identification information from equipment, the equipment identification identifying the equipment, transmitting the equipment identification information to a server that provides a service according to the equipment, receiving, from at least one of the server and the equipment, a condition relating to a range confined based on at least one of time and distance, and providing, based on the condition, at least one of the equipment identification information and a value relating to the equipment identification information to another communication device estimated to exist in the range. | 2017-01-26 |
20170026358 | SECURITY MIGRATION IN A BUSINESS INTELLIGENCE ENVIRONMENT - In various implementations, local identifiers associated with users may be utilized to enable access one or more functions in a Business Intelligence (BI) Environment. A mapping may be generated to associate local identifiers and users. The mapping may be utilized to enable access in the BI environment by retrieving the local identifier from a mapping and enabling access in the BI environment based on the local identifier. In various implementations, a user may access the system as another user. | 2017-01-26 |
20170026359 | DATA PROVISION SYSTEM - A data provision system includes: a certification issuing unit that transmits business entity certification to a business entity system; a password issuing unit that transmits a password to a user terminal in response to a password issuing request from the user terminal; a validity checking unit that checks validity of the business entity certification and the password transmitted from the business entity system; a personal information requesting unit that requests the user terminal to transmit personal information to the data provision system when the business entity certification and the password are valid; and a personal information transmitting unit that transmits, to the business entity system, the personal information transmitted from the user terminal. | 2017-01-26 |
20170026360 | SAFETY MEASURES FOR A NETWORK, SECURED NETWORK AND METHOD FOR SECURING A NETWORK - Safety measures for a network as provided for example in vehicles or all kinds of rolling stock, which network includes at least a switch provided in front of or between a gateway or access connector and the part of the network to be secured, which switch is at least controlled on the basis of the possible availability of a corresponding key and/or a code sent by a transmitter in the vicinity of the switch. | 2017-01-26 |
20170026361 | Federated Single Sign-On to Hadoop Cluster - Methods, systems, and computer-readable media support provisioning a computer application that is executed on an associated computing component through a primary computing component. Even though different passwords may be associated with a user for the primary and the associated computing components, one aspect is seamless single sign-on to a computer cluster that provides the external computer application so that any user or group membership changes at the primary computing component is transparent to the associated computing component. Users may be restricted service for the application at the edge nodes of the cluster and are then able to access data in directories corresponding to the user's group as configured at the primary computing component. A batch process may be initiated to issue a security token to one more users, thus enabling the user to obtain a service ticket and consequently service for the application. | 2017-01-26 |
20170026362 | TICKET GENERATOR FOR ALTERNATE AUTHENTICATION ENVIRONMENTS - In a computer system, some resources may be protected within an SSO environment, and other resources may be protected in an alternate authentication environment. A user logged into an alternate authentication environment will again be prompted for login credentials when accessing an SSO protected resource. To avoid additional login prompts, credentials authenticated by the alternate authentication environment are used by the SSO environment to identify the user. The credentials are collected from the alternate authentication environment and provided to the SSO resource in the form of a ticket. The SSO resource forwards the ticket to an SSO provider. The SSO provider identifies the user within a user store using the credentials in the ticket. If the SSO provider identifies the user, the SSO provider generates a token and provides the token to the SSO resource. The token is authenticated by the SSO resource and access is granted to the user. | 2017-01-26 |
20170026363 | Visualization of Trust in an Address Bar - Described are a system and method for presenting security information about a current site or communications session. Briefly stated, a browsing software is configured to receive a certificate during a negotiation of a secure session between a local device and a remote device. The certificate includes security information about a site maintained at the remote device. The security information is displayed to a user of the browsing software in a meaningful fashion to allow the user to make a trust determination about the site. Displaying the security information may include presenting a certificate summary that includes the most relevant information about the certificate, such as the name of the owner of the site and the name of the certificating authority of the certificate. | 2017-01-26 |
20170026364 | METHOD AND ROUTER FOR ACCESSING NETWORK - Embodiments of the present invention provide a method implemented on a router for accessing a network, where the method comprises: obtaining an access password sent by a terminal device; performing matching between the access password and each preset access password in an access password list in which at least two preset access passwords are stored; when the access password matches a preset access password in the access password list, determining whether the preset access password is bound to a device identifier list, and when the preset access password is bound to the device identifier list, determining whether a device identifier of the terminal device exists in the bound device identifier list; and when it is determined that the device identifier exists in the device identifier list, allowing the terminal device to access the network. | 2017-01-26 |
20170026365 | MULTI-DEVICE SINGLE NETWORK SIGN-ON - Methods, systems and computer readable media for multi-device single network sign-on are described. For example, a method can include authenticating a first device for network access via a first authentication process, the first device being associated with a user account. The method can also include receiving an access request from a second device associated with the user account, and determining whether the second device is within an access perimeter of the first device. The method can further include permitting the second device to access the network without a second authentication process when the second device is within the access perimeter of the first device. | 2017-01-26 |
20170026366 | Providing a virtual connection for transmitting application data units - Method, comprising authenticating one or more first clients by a server, authenticating one or more second clients by the server and providing at least one application data unit switching by the server such that, when a data packet having a control application data unit is received from one of the first clients at the server, the server sends a data packet having the control application data unit that the received data packet contains to at least one of the second clients, and/or that, when a data packet having a response application data unit is received from one of the second clients at the server, the server sends a data packet having the response application data unit that the received data packet contains to at least one of the first clients. | 2017-01-26 |
20170026367 | CAPTCHA SYSTEMS AND METHODS - Systems and methods for verifying human users through cognitive processes that computers cannot imitate are described herein. Human cognitive language processing techniques may be used to verify human users. Visual patterns and tests may be used to distinguish between humans and computers because computer-based visual recognition is fundamentally different from human visual processing. Persistent plugins and tests may be used to continuously verify human users. | 2017-01-26 |
20170026368 | Portable Device with Bio-Security Code Generating Module - A mobile phone comprises a control unit; a wireless communication module coupled to the control unit; a display coupled to the control unit; an eye light source formed on the mobile phone for projecting a light to at least one user's eye; an eye sensor formed on the mobile phone for receiving light back from the at least one user's eye to generate an eye image; a bio-security code generator for generating a template of a user as a bio-security code; and a bio-security code recognition module for comparing the bio-security code with the captured eye image. | 2017-01-26 |