07th week of 2019 patent applcation highlights part 70 |
Patent application number | Title | Published |
20190052613 | System And Method For Securely Exchanging Data Between Devices - An approach to exchanging data and identity between devices, securely, is provided. The approach includes data encryption, device management, a voting mechanism, message queuing, and encrypted data storing. Using the approach, a user can provide their identity to and share data with an external software or device in a secure manner. Also the user can decide where to store their encrypted data. | 2019-02-14 |
20190052614 | PUBLICLY READABLE BLOCKCHAIN REGISTRY OF PERSONALLY IDENTIFIABLE INFORMATION BREACHES - A registry is utilized to identify personally identifiable information (PII) that has been breached. The registry is a distributed database shared by multiple organizations to track which PII has been breached in other organizations. A first service provider initially receives PII and corresponding signed descriptor from a user. The PII is used to verify an identity of the user and the signed descriptor describes the type of PII that is received. The first service provider queries the registry to determine if the signed descriptor of the user has been written to the registry by a second service provider, indicating that it has been breached at a service provided by the second service provider. If the first service provider uses the breached PII, the breached PII is invalidated by the first service provider. | 2019-02-14 |
20190052615 | NON-DISRUPTIVE SYSTEM FOR VERIFYING DEFAULT PASSWORDS HAVE BEEN CHANGED WIHTOUT CAUSING SECURITY LOCKOUTS - A method for verifying that default passwords have been changed without causing a security lockout, is provided, including enabling user identifiers associated with a plurality of devices, prior to an initial security test, identifying, a default password for a user identifier of each device, attempting a login to each device using the default password for the user identifier of each device, wherein: in response to determining that the login is successful, raising an alert against the user identifier as a security concern and maintaining an enabled state of the user identifier, in response to determining that the login is unsuccessful, disabling the user identifier so that the user identifier is in a non-enabled state, until a security lockout interval elapses, and retrying the login only for each user identifier in an enabled state during one or more subsequent security tests initiated after a predetermined alert interval. | 2019-02-14 |
20190052616 | AUTOMATIC AUTHENTICATION SWITCHING IN ONLINE LIVE CHAT APPLICATIONS - Methods and apparatuses are described for automatic authentication switching in online chat sessions. A server receives a request to establish an online chat session from a first client device, including authentication credentials associated with the first client device. The server establishes an online chat session between the first client device and a second client device via a first authenticated communications channel. The server transmits one or more chat messages between the first client device and the second client device using the first authenticated communications channel. The first client device determines that the online chat session has lost authentication. The first client device automatically switches the online chat session to a second unauthenticated communications channel. The server maintains the established online chat session between the first client device and the second client device via the second unauthenticated communications channel. | 2019-02-14 |
20190052617 | DEVICE AUTHENTICATION - A device includes a microcontroller, memory including secure memory to store a private key, a set of registers, and an authentication engine. The set of registers includes a write mailbox register and a read mailbox register, and message data is to be written to the write mailbox register by a host system. The message data includes at least a portion of a challenge request, and the challenge request includes a challenge by the host system to authenticity of the device. The authentication engine generates a response to the challenge, where the response includes data to identify attributes of the device and a signature generated using the private key. The authentication engine causes at least a portion of the response to be written to the read mailbox register to be read by the host system. | 2019-02-14 |
20190052618 | TECHNIQUES FOR DOMAIN CAPTURE - Techniques for domain capture. In one embodiment, for example, a method comprises detecting an attempt by a personal user account to use the online service where the account is associated with an electronic mail address that belongs to an owner of a domain name service domain. Based on detecting the attempt, the online service prompts the particular personal user account to join a team of user accounts. Upon receiving an acceptance of the particular personal user account to join the team, the personal user account is offered an option between converting the personal user account to a team user account that is a member of the team or changing the electronic mail address associated with the personal user account to a different electronic mail address that is not owned. | 2019-02-14 |
20190052619 | SYSTEMS, APPARATUSES, METHODS, AND NON-TRANSITORY COMPUTER READABLE MEDIA FOR AUTHENTICATING USER USING HISTORY OF USER - Provided is a system and method for authenticating a user using history of the user. One or more example embodiments provide a system and method that enables a server to perform an authentication or an additional authentication of a user based on use history of the user associated with a service when the server provides the service to an electronic device over a network. | 2019-02-14 |
20190052620 | DIRECTIONAL SENSING MECHANISM AND COMMUNICATIONS AUTHENTICATION - The present invention is directed toward an RFID device that includes a motion sensing mechanism. The motion sensing mechanism is adapted to sense motion of the RFID device and then selectively allow or restrict the RFID device's ability to transmit messages, which may include sensitive data, when the RFID device is placed in an RF field. Thus, the motion sensing mechanism is utilized to control access to data on the RFID device to only instances when the holder of the RFID device moves the RFID device in a predefined sequence of motion(s). | 2019-02-14 |
20190052621 | SYSTEMS AND METHODS FOR AUTOMATING SECURITY CONTROLS BETWEEN COMPUTER NETWORKS - A security control (SC) system including one or more security control (SC) computing devices for automating security controls between computer networks is provided. The SC system is configured to receive a request to access a service including a system identifier that identifies a computer system requesting access to a service controlled by the one or more SC computing devices, build a token request based on the request, and correlate the token request to at least one security policy associated with the system identifier. The SC system is also configured to generate an access token in response to the token request, wherein the access token is included in an authorization request, and invoke the service using the authorization request. The SC system is further configured to validate the access token using the at least one security policy and authorize access to the service based on the at least one security policy. | 2019-02-14 |
20190052622 | DEVICE AND METHOD CERTIFICATE GENERATION - A device receives a password from a user, obtains a public key for a cryptographic algorithm for the device, obtains a password verifier by applying a one-way function to a combination of a unique identifier, the password and the public key, generates the certificate comprising the unique identifier, the public key and the password verifier, signs the certificate using a private key corresponding to the public key thereby obtaining a self-signed certificate, and outputs the self-signed certificate. Also provided is the device. | 2019-02-14 |
20190052623 | Authenticating Applications to a Network Service - Authenticating applications to a network service includes authenticating an application with a certificate to access a service provider over a logical connection between the application and the service provider and confirming that the application is using an authorized port of the service provider. | 2019-02-14 |
20190052624 | UNIFIED PROVISIONING OF APPLICATIONS ON DEVICES IN AN ENTERPRISE SYSTEM - The present disclosure relates generally to managing access to an enterprise system using remote devices. Techniques are disclosed for provisioning applications on remote devices to access resources in an enterprise system. Specifically, applications may be automatically configured with access information (e.g., account information) and connection information to access a resource in an enterprise system using a remote device. Configuring an application may include determining an account for accessing a resource using the application. An account may be provisioned if one has not been established. Upon configuring an application, the device access management system may provide a configured application to the remote device(s) for which the application is configured. Once the configured application is received, the application may be automatically installed on the remote device, after which the application may be executed to access a resource. | 2019-02-14 |
20190052625 | GENERATION AND DISTRIBUTION OF SECURE OR CRYPTOGRAPHIC MATERIAL - A user having remote device wants to access an application that requires that the user possess a user application cryptographic credential. If the application needs to verify the identity of the user, the user's remote device performs a cryptographic operation using the user application cryptographic credentials, and sends the result to the application. A configuration for securely distributing the user application cryptographic credentials includes at least one gateway located at an enterprise that is under the control of an enterprise administrator, and a controller that is not located at the enterprise but can be configured by the enterprise administrator to cooperate with the at least one gateway. | 2019-02-14 |
20190052626 | GENERATION AND DISTRIBUTION OF SECURE OR CRYPTOGRAPHIC MATERIAL - A user having remote device wants to access an application that requires that the user possess a user application cryptographic credential. If the application needs to verify the identity of the user, the user's remote device performs a cryptographic operation using the user application cryptographic credentials, and sends the result to the application. A configuration for securely distributing the user application cryptographic credentials includes at least one gateway located at an enterprise that is under the control of an enterprise administrator, and a controller that is not located at the enterprise but can be configured by the enterprise administrator to cooperate with the at least one gateway. | 2019-02-14 |
20190052627 | PRESENCE IDENTIFICATION - Examples associated with presence identification are described. One example includes detecting a presence identifier broadcast by a mobile device. The mobile device belongs to a user. A portion of the presence identifier is generated based on a one-time password seed. The portion of the presence identifier is provided to an identification server. Identifying information associated with the user is received from the identification server. The identification server uses the portion to identify the user based on the one-time password seed. An action is performed based on the identifying information. | 2019-02-14 |
20190052628 | AUTHENTICATE A FIRST DEVICE BASED ON A PUSH MESSAGE TO A SECOND DEVICE - Examples disclosed herein describe authenticating a first electronic device based on a push message to a second electronic device. In one implementation, a processor receives a user identifier from a first electronic device. The processor may select a message communication type based on the user identifier and transmit an authentication information request to a second electronic device using a push message communication of the selected message communication type. The processor may authenticate the user based on the received response to the request and transmit information related to the user authentication to the first electronic device. | 2019-02-14 |
20190052629 | MOBILE NUMBER VERIFICATION FOR MOBILE NETWORK-BASED AUTHENTICATION - A mobile number of a mobile device can be employed as an authorization factor when the mobile device is connected to a WLAN. When a user attempts to interact with a restricted access server via the mobile device, verification functions loaded on the mobile device determine whether the mobile device is connected to a WLAN. If so, the verification functions cause the mobile device to open a port on the cellular network interface of the mobile device and transmit data packets to a mobile device identification server via a cellular network. The mobile device identification server can then determine the mobile number of the mobile device based on the cellular network IP address of the mobile device, and transmit the mobile number to the restricted access server as an authentication factor. | 2019-02-14 |
20190052630 | Secure Communications with Internet-Enabled Devices - A network device allows inbound connections from external addresses to a computer on a local network while forbidding output connections from the computer to that external address unless preceded by an inbound connection therefrom. In some embodiments, the computer is allowed to accept inbound connections from external addresses but is not permitted to initiate outbound connections to other computers in the local network unless preceded by an inbound connection. In some embodiments, a request from an external address is processed by the network device by transmitting network information for the computer to the external address and temporarily changes network rules to allow connections from the external address. In some embodiments, if the computer attempts a disallowed connection, the connection attempt is routed through a proxy server by providing network data for the proxy server to the computer. | 2019-02-14 |
20190052631 | Multifactor Contextual Authentication and Entropy from Device or Device Input or Gesture Authentication - Methods and systems for authenticating a user requesting to access one or more resources via a device are described herein. Authentication may be based on or otherwise rely on a plurality of devices. For example, aspects described herein are directed towards a system and method for receiving a request from a user to access one or more resources via a first device. In response to receiving the request to access the one or more resources, the first device may send, e.g., to a second device, a request for user input of a credential at the second device. The first device may receive a credential from the second device, and the first device may authenticate the user based on the received credential. Additionally or alternatively, the second device may authenticate the user based on an input of a user credential, and the second device may send an indication of a successful authentication to the first device. | 2019-02-14 |
20190052632 | AUTHENTICATION SYSTEM, METHOD AND NON-TRANSITORY COMPUTER-READABLE STORAGE MEDIUM - An authentication system configured to perform an authentication process by using a template generated from biometric data, the authentication system includes a first server, and a second server, wherein the first server includes a first memory, and a first processor configured to generate, based on first identification information of a first service provided by the second server, a first random number used for generating the template from the biometric data, generate a signature random number by electrical signing of the first random number by using a secret key, and transmit the signature random number to the second server, and the second server includes, a second memory, and a second processor configured to verify the electrical signing by using a public key that corresponds to the secret key, and store, into the second memory, the signature random number when verification of the electrical signing succeeds. | 2019-02-14 |
20190052633 | METHODS AND APPARATUS FOR ALLOWING USERS TO CONTROL USE AND/OR SHARING OF IMAGES AND/OR BIOMETRIC DATA - Methods and apparatus for allowing an individual to preserve his/her privacy and control the use of the individual's images and/or personal information by other, without disclosing the identity of the individual to others, are described. In various embodiments the individual seeking privacy provides his/her identifying information, images, and sharing preferences indicating desired level of privacy to a control device which is then stored in a customer record. The control device can be queried to determine if an image or other information corresponds to a user who has restricted use of his/her image or other information in a public manner. Upon receiving a query the control device determines using the stored customer record whether an individual has authorized use of his or her image. Based upon the determination a response is sent to the querying device indicating whether the use of the image and/or individual's information is authorized. | 2019-02-14 |
20190052634 | DYNAMIC GENERATION OF KEY FOR ENCRYPTING DATA IN MANAGEMENT NODE - In an aspect of the disclosure, a method, a computer-readable medium, and an apparatus are provided. The apparatus may be a service processor. The service processor generates a first encryption key at runtime based on unique device data of the service processor and a first logic. The service processor refrains from storing the first encryption key in the storage device. The service processor further encrypts target data based on the encryption key and an encryption algorithm to obtain first encrypted data. The service processor then stores the first encrypted data in a storage device of the service processor. | 2019-02-14 |
20190052635 | METHOD AND SYSTEM FOR ESTABLISHING INTER-DEVICE COMMUNICATION - Establishing inter-device communication is disclosed including receiving, using a first device, an encrypted session key sent by a second device, decrypting, based on a private key of the first device, the encrypted session key in a trusted environment to obtain a decrypted session key, and conducting, based on the decrypted session key, data communications with the second device. | 2019-02-14 |
20190052636 | VERIFYING TERMINAL DEVICE - Methods, devices and apparatus for verifying a terminal device are provided. In one aspect, a method includes: recording a correspondence between a source IP address of an authentication message and an MAC address of the terminal device in a first whitelist after successful authentication is performed for the terminal device based on the authentication message, where the authentication message carries an MAC address of the terminal device; querying the first whitelist based on a source IP address of a data packet when the data packet from the terminal device is monitored; confirming the terminal device is successfully authenticated if the source IP address hits the first whitelist. | 2019-02-14 |
20190052637 | SECURE SYSTEMS ARCHITECTURE FOR INTEGRATED MOTORIZED MOBILE SYSTEMS - Systems and methods are disclosed herein for secure communication of data between motorized mobile systems (MMS) and external devices, systems, networks, and servers. The data may include one or more of user, health, environment, and system data retrieved from one or more sensors located in, on, and around an MMS. The MMS stores and/or transmits the sensor data using secure protocols when the sensor data relates to personal information, such as personal health data, to protect the privacy of the user. | 2019-02-14 |
20190052638 | METHOD AND SYSTEM FOR SECURELY CONNECTING TO FIELD DEVICES IN AN INDUSTRIAL PLANT USING LI-FI AND AUGMENTED REALITY - Methods and systems for identifying and connecting to field devices in an industrial plant. In an example embodiment, steps or operations can be implemented for providing credentials associated with a user through Li-Fi wireless communications, detecting a light pattern associated with the Li-Fi Wireless communications with a light sensor attached to a field device, transmitting a signal from the light sensor to a controller, which decodes the credentials associated with the user, and if the credentials are authorized, allowing the user to obtain device data associated with the field device wherein said data includes a location of said field device within said industrial plant. Such data can be obtained from a control room and/or a server through a wireless data communications network (e.g., wireless bidirectional communications). | 2019-02-14 |
20190052639 | Hierarchical case model access roles and permissions - Hierarchical case model access roles and permissions are described. A system creates, for a child node associated with a parent node in a case model, a reference to a case role associated with the parent node. The system assigns another set of access permissions to the reference. The system determines access to the child node based on the set of access permissions in response to a request associated with the case role to access the child node. | 2019-02-14 |
20190052640 | DEVICE, SYSTEM AND METHOD FOR PROTECTING NETWORK DEVICES - A unidirectional secured network adapter to receive an at least one communication from an at least one device of plurality of devices of the secure network over an unsecured communication protocol which include a privilege data. The unidirectional secured network adapter writes the privilege data in a memory, converts the privilege data from first parallel. data stream to serial data stream and passes the serial data stream through an isolation unit, converts the serial data stream of the privilege data to a second parallel data stream and writes the privilege data in a read only memory. The unidirectional secured network adapter applies an unsecured communication protocol to the privilege data and transmits the privilege data to at least one device of the unsecured network. | 2019-02-14 |
20190052641 | MONITORING SERVICE POLICY MANAGEMENT - The present invention provides a computer implemented method, a system, and a computer program product of monitoring service policy management. In an exemplary embodiment, the computer implemented method, the system, and the computer program product include (1) receiving, by a computer system, a user-id when a new user logs onto a target network, (2) in response to the receiving, fetching, by the computer system, a rule associated with the new user, and (3) replacing, by the computer system, an active rule in a network monitoring service with the fetched rule such that the network monitoring service is configured to use the fetched rule, instead of the replaced active rule, for monitoring network events and creating an alert. | 2019-02-14 |
20190052642 | METHOD FOR ADMINISTERING A COMMUNICATION CHANNEL BETWEEN TWO HOST COMPONENTS OF A MOBILE NFC DEVICE - Disclosed is a method for administering a communication channel between two host components of a mobile NFC device. The method includes a step of updating the whitelist of a first host component, then a step of notifying the update to a second authorised host component. The notifying step informs the second host component of the status of the whitelist of the first host component in order to prevent the transmission of requests to create a communication channel which would then be rejected. Also disclosed is a mobile NFC device. | 2019-02-14 |
20190052643 | CLOUD ACCESS RULE TRANSLATION FOR HYBRID CLOUD COMPUTING ENVIRONMENTS - Examples include cloud access rule translation for a hybrid cloud computing environment. Some examples include translation of a cloud access rule in a cloud-specific format to a canonical format and a determination of whether to allow an application programming interface (API) request for a cloud computing service based on the translated cloud access rule. | 2019-02-14 |
20190052644 | COMPLIANCE BOUNDARIES FOR MULTI-TENANT CLOUD ENVIRONMENT - Aspects of the present disclosure relate to systems and methods for creating compliance boundaries. In one example, compliance boundaries may be implemented via a compliance tool. Data associated with a tenant may be segregated using a plurality of layers defining one or more compliance boundaries. In response to an action initiated by a compliance administrator using the compliance tool for accessing the data, it may be determined which data is within the one or more compliance boundaries associated with the compliance administrator. Access to the data determined to be within the one or more compliance boundaries associated with the compliance administrator may be authorized. | 2019-02-14 |
20190052645 | ENHANCED DATA INTERFACE FOR CONTACTLESS COMMUNICATIONS - An enhanced data interface (EDI) for communications between an application operating on a communication device and an access device can provide enhanced verification between the communication device and access device. The communication process may include the access device sending a request for available applets to a communication device, and receiving a list of available applets from the communication device. The access device may select an untrusted applet identifier, and provide the selected untrusted applet identifier and an entity identifier associated with the access device to the communication device. The communication device can validate the access device as being authorized to access credentials associated with the selected untrusted applet identifier by comparing the entity identifier to a list of trusted entity identifiers, and provide credentials associated with the selected untrusted applet identifier to the access device. | 2019-02-14 |
20190052646 | Method and Apparatus for Providing an Adaptable Security Level in an Electronic Communication - A method of communicating in a secure communication system, comprises the steps of assembling a message at a sender, then determining a frame type, and including an indication of the frame type in a header of the message. The message is then sent to a recipient and the frame type used to perform a policy check. | 2019-02-14 |
20190052647 | Managing Access to User Profile Information via a Distributed Transaction Database - A method, system and computer-usable medium for generating a user behavior profile, comprising: monitoring user interactions between a user and an information handling system; converting the user interactions and the information about the user into electronic information representing the user interactions; generating a unique user behavior profile based upon the electronic information representing the user interactions and the information about the user; storing information relating to the unique user behavior profile within a user behavior profile repository; and, storing information referencing the unique user behavior profile in a user behavior blockchain. | 2019-02-14 |
20190052648 | SYSTEMS AND USER INTERFACES FOR DYNAMIC AND INTERACTIVE INVESTIGATION BASED ON AUTOMATIC CLUSTERING OF RELATED DATA IN VARIOUS DATA STRUCTURES - In various embodiments, systems, methods, and techniques are disclosed for generating a collection of clusters of related data from a seed. Seeds may be generated based on seed generation strategies or rules. Clusters may be generated by, for example, retrieving a seed, adding the seed to a first cluster, retrieving a clustering strategy or rules, and adding related data and/or data entities to the cluster based on the clustering strategy. Various cluster scores may be generated based on attributes of data in a given cluster. Further, cluster metascores may be generated based on various cluster scores associated with a cluster. Clusters may be ranked based on cluster metascores. Various embodiments may enable an analyst to discover various insights related to data clusters, and may be applicable to various tasks including, for example, tax fraud detection, beaconing malware detection, malware user-agent detection, and/or activity trend detection, among various others. | 2019-02-14 |
20190052649 | DETECTING MALWARE ON SPDY CONNECTIONS - In example implementations, a method is provided that is executed by a processor. A multiplexed data stream is received over a single transmission control protocol (TCP) connection that uses a SPDY protocol. The multiplexed data stream contains data packets associated with a plurality of different data streams. A plurality of sub-contexts are generated. Each one of the sub-contexts is associated with a different one of the plurality of different data streams. The data packets are demultiplexed from the multiplexed data stream into a respective one of the plurality of sub-contexts. The plurality of different data streams in the respective one of the plurality of sub-contexts are examined to detect a malware. | 2019-02-14 |
20190052650 | Identifying command and control endpoint used by domain generation algorithm (DGA) malware - A command endpoint used by Domain Generation Algorithm (DGA) malware is identified using machine learning-based clustering. According to this technique, at least one attribute associated with a candidate resolved DNS name is identified. The candidate resolved DNS name has associated therewith a set of names that are failed DNS lookups but that cluster with the candidate resolved DNS name. A set of additional names that share the at least one attribute with the candidate resolved DNS name are then identified. For the set of additional names, an extent to which the set of additional names also clusters with the set of names that are failed DNS lookups is then determined. The candidate resolved DNS name is characterized as associated with the command endpoint when the set of additional names cluster with the set of names that are failed DNS lookups to a configurable degree. | 2019-02-14 |
20190052651 | REAL-TIME PREVENTION OF MALICIOUS CONTENT VIA DYNAMIC ANALYSIS - This disclosure is related to methods and apparatus used to for preventing malicious content from reaching a destination via a dynamic analysis engine may operate in real-time when packetized data is received. Data packets sent from a source computer may be received and be forwarded to an analysis computer that may monitor actions performed by executable program code included within the set of data packets when making determinations regarding whether the data packet set should be classified as malware. In certain instances all but a last data packet of the data packet set may also be sent to the destination computer while the analysis computer executes and monitors the program code included in the data packet set. In instances when the analysis computer identifies that the data packet set does include malware, the malware may be blocked from reaching the destination computer by not sending the last data packet to the destination computer. | 2019-02-14 |
20190052652 | MALWARE HOST NETFLOW ANALYSIS SYSTEM AND METHOD - A system and method for determining malware threats based on behavior of a host/IP address uses netflow data, white lists, black lists and machine learning classification with a model. A white list generation method may be used and a machine learning model validation method. | 2019-02-14 |
20190052653 | AUTOMOTIVE CYBERSECURITY - A module for providing security to an in-vehicle communication network having a bus and at least one node connected to the bus, the module including: a memory having software including a model of an expected behavior of data communications over the portion of the in-vehicle communication network; and a processor that processes, responsive to the software in the memory, a plurality of messages registered from a portion of the in-vehicle network to: determine, based on the model and a context comprising attributes of the plurality of messages, whether or not at least one of the messages complies with the model; and if the at least one message does not comply with the model, then perform at least one action on the message. | 2019-02-14 |
20190052654 | Systems And Methods For Neutralizing Masquerading Attacks In Vehicle Control Systems - A data processing system that provides for active prevention of masquerading attacks comprises a microcontroller, a transceiver, and an active attack prevention module (AAPM) in communication with the microcontroller and the transceiver. The microcontroller enables the data processing system to operate as a node in a vehicle control system (VCS). The transceiver enables the node to communicate with a local area network (LAN) of the VCS. The AAPM enables the node to monitor the LAN for messages. In response to detecting a message on the LAN, the AAPM automatically determines whether the message falsely identifies the node as a source, based on a value in an identifier field in the message. In response to determining that the message falsely identifies the node as the source, the AAPM automatically takes at least one remedial action to neutralize the message. Other embodiments are described and claimed. | 2019-02-14 |
20190052655 | METHOD AND SYSTEM FOR DETECTING MALICIOUS AND SOLICITING ELECTRONIC MESSAGES - The subject matter discloses system and method for identifying malicious and soliciting network messages. According to some embodiments the system monitors the client or the server of the messaging system and/or the service of the messaging system for detecting alerting operations by user of the service. If such operations are detected the system identifies the message that is associated with the operation as a suspicious message. The system then performs enhanced operations in order to determine if the suspicious message is a malicious or soliciting message. | 2019-02-14 |
20190052656 | AUTOMATIC DETECTION OF NETWORK THREATS BASED ON MODELING SEQUENTIAL BEHAVIOR IN NETWORK TRAFFIC - A computer-implemented data processing method comprises: executing a recurrent neural network (RNN) comprising nodes each implemented as a Long Short-Term Memory (LSTM) cell and comprising links between nodes that represent outputs of LSTM cells and inputs to LSTM cells, wherein each LSTM cell implements an input layer, hidden layer and output layer of the RNN; receiving network traffic data associated with networked computers; extracting feature data representing features of the network traffic data and providing the feature data to the RNN; classifying individual Uniform Resource Locators (URLs) as malicious or legitimate using LSTM cells of the input layer, wherein inputs to the LSTM cells are individual characters of the URLs, and wherein the LSTM cells generate feature representation; based on the feature representation, generating signals to a firewall device specifying either admitting or denying the URLs. | 2019-02-14 |
20190052657 | CONTEXT-AWARE NETWORK ON A DATA EXCHANGE LAYER - There is disclosed in one example a data exchange layer (DXL) broker, including: a hardware platform including a processor; and instructions encoded in a memory to instruct the processor to communicatively couple to a DXL fabric configured to operate a one to-many (1:N, N>1) publish-subscribe fabric; provide an interface to authenticate and register DXL endpoints with the DXL broker; and provide DXL messaging, including maintaining a routing table of registered DXL endpoints; receiving from a first registered DXL endpoint a one-to-one (1:1) request for an endpoint of the DXL fabric, wherein the endpoint is not a registered DXL endpoint of the broker; and publishing the 1:1 request to the DXL fabric. | 2019-02-14 |
20190052658 | DNS METADATA-BASED SIGNALING FOR NETWORK POLICY CONTROL - In one embodiment, a device in a network intercepts a Domain Name System (DNS) query sent by a node in the network to a DNS service. The device inserts metadata information about the node into the DNS query before sending the DNS query on to the DNS service. The device extracts policy information regarding the node from a DNS response sent from the DNS service back to the node in response to the DNS query. The device implements a network policy for the node within the network based on the policy information extracted from the DNS response. | 2019-02-14 |
20190052659 | METHODS, SYSTEMS, AND DEVICES FOR DYNAMICALLY MODELING AND GROUPING ENDPOINTS FOR EDGE NETWORKING - Various embodiments described herein disclose an endpoint modeling and grouping management system that can collect data from endpoint computer devices in a network. In some embodiments, agents installed on the endpoints can collect real-time information at the kernel level providing the system with deep visibility. In some embodiments, the endpoint modeling and grouping management system can identify similarities in behavior in response to assessing the data collected by the agents. In some embodiments, the endpoint modeling and grouping management system can dynamically model groups such as logical groups, and cluster endpoints based on the similarities and/or differences in behavior of the endpoints. In some embodiments, the endpoint modeling and grouping management system transmits the behavioral models to the agents to allow the agents to identify anomalies and/or security threats autonomously. | 2019-02-14 |
20190052660 | ENTERPRISE POLICY TRACKING WITH SECURITY INCIDENT INTEGRATION - The present invention relates to methods, processes, and systems for monitoring security policy violations in a computer network. Details of such monitoring include creating a rule according to a security policy, determining if the rule is violated by a value of a variable, and recording security events and comparing the number of events to a threshold. | 2019-02-14 |
20190052661 | SYSTEMS AND METHODS FOR PREVENTING FRAUD - A computer-implemented method of fraud detection comprising receiving a user identification, a standard authentication key, and an alternative authentication key associated with a user. The method includes storing the standard and alternative authentication keys in a user profile associated with the user identification, and storing a contingent action corresponding to the alternative authentication key. The method includes receiving an authorization request including the user identification and an authentication input, and comparing the authentication input with the standard authentication key and the alternative authentication key in the user profile. The method includes determining that the authentication input matches the alternative authentication key. Based on the determination that the authentication input matches the alternative authentication key, the method includes initiating the contingent action stored in the user profile corresponding to the alternative authentication key. The method may include determining if the authorization request matches a third party fraud alert. | 2019-02-14 |
20190052662 | SYSTEMS AND METHODS FOR PROVIDING CYBERSECURITY ANALYSIS BASED ON OPERATIONAL TECHNOLOGIES AND INFORMATION TECHNOLOGIES - The disclosed technology can acquire a first set of data from a first group of data sources including a plurality of network components within an energy delivery network. A first metric indicating a likelihood that a particular network component, from the plurality of network components, is affected by cyber vulnerabilities can be generated based on the first set of data. A second set of data can be acquired from a second group of data sources including a collection of services associated with the energy delivery network. A second metric indicating a calculated impact on at least a portion of the energy delivery network when the cyber vulnerabilities affect the particular network component can be generated based on the second set of data. A third metric indicating an overall level of cybersecurity risk associated with the particular network component can be generated based on the first metric and the second metric. | 2019-02-14 |
20190052663 | APPARATUS FOR ENHANCING NETWORK SECURITY AND METHOD FOR THE SAME - Disclosed herein is an apparatus for enhancing network security, which includes an information collection unit for collecting information about states of hosts that form a network and information about connectivity in the network; an attack surface analysis unit for analyzing attack surfaces by creating an attack graph using the information about the states and the information about connectivity; a security-enhancing strategy establishment unit for establishing a security-enhancing strategy based on the attack graph; and a security-enhancing strategy implementation unit for delivering a measure based on the security-enhancing strategy to a corresponding host, thereby taking a security-enhancing measure. | 2019-02-14 |
20190052664 | SYSTEM AND METHOD FOR ASSESSING CYBERSECURITY RISK OF COMPUTER NETWORK - Systems and methods for assessing cybersecurity risk of a computer network include the use of a risk model application that is configured to determine an initial cyber risk score value based upon an underwriting process. A cyber risk data stream is sent from the client's computer network to the system processor to periodically calculate an updated cyber risk score based upon actual data. The system processor is adapted to use the data stream to generate client information that is accessible by the client via a web-based client portal. In embodiments, the cyber risk data stream can be actively monitored to identify a threat of a cybersecurity breach. | 2019-02-14 |
20190052665 | SECURITY SYSTEM - A computer security system, comprising: a first input, adapted to receive threat data representing security threats; a second input, adapted to receive vulnerability data representing security vulnerabilities; a processor adapted to: identify a specific vulnerability of a computer entity in dependence on the threat data and the vulnerability data; assign the specific vulnerability a risk rating in dependence on the vulnerability data and the threat data; and to generate output data comprising an identifier of the specific vulnerability and its risk rating. | 2019-02-14 |
20190052666 | SCAN ADAPTATION DURING SCAN EXECUTION - In some examples, a system includes a scan execution engine and a scan adaptation engine. The scan execution engine may execute a scan of a web application hosted on a web host. During scan execution, the scan adaptation engine may adapt a subsequent scan portion for later execution based on a scan metric received from a monitoring agent that monitors the web application, the web host, or both. | 2019-02-14 |
20190052667 | SYSTEM AND METHOD FOR AUTOMATED CONFIGURATION OF APPLICATION FIREWALLS - In a system for configuring a web application firewall, one or more parameters of the firewall are adjusted such that a test configured for exposing a vulnerability of an application protected by the application firewall is blocked by the firewall and another test configured to invoke functionality of the application but that does not expose or exploit any security vulnerability is not blocked by the firewall. A notification is provided to a user if such a firewall configuration is not found after a specified number of attempts. | 2019-02-14 |
20190052668 | METHOD, APPARATUS, AND COMPUTER-READABLE MEDIUM FOR GENERATING DATA PROLIFERATION GRAPH - An apparatus, computer-readable medium, and computer-implemented method for generating a data proliferation graph, including receiving a selection of a target data store, identifying a plurality of data stores which have either received data that was previously on the target data store or which have sent data that was subsequently on the target data store, the plurality of data stores being divided into a plurality of proliferation levels corresponding to degrees of separation from the target data store and direction of data propagation relative to the target data store, generating a data proliferation graph, and transmitting at least one portion of the data proliferation graph. | 2019-02-14 |
20190052669 | Biology Based Techniques for Handling Information Security and Privacy - A local segment analysis and security (LSAS) engine method, computer program product, and apparatus are provided. The LSAS engine collects status metrics indicating a current operational status of the computing resources within a first segment of a computing environment, analyzes the status metrics to determine whether the first segment is the target of a first attack, and receives, from another LSAS engine of a second segment of the computing environment, a message indicating a status of the second segment with regard to the second segment being a target of a second attack. The LSAS engine determines a security response action to implement based on the received message and results of the analysis and transmits a control message to a computing resource of the first segment to implement the determined security response action. The security response action is at least one of a segmentation, dilution, or scaffolding security response action. | 2019-02-14 |
20190052670 | EVENT DRIVEN ROUTE CONTROL - Embodiments provide system and methods for a DDoS service using a mix of mitigation systems (also called scrubbing centers) and non-mitigation systems. The non-mitigation systems are less expensive and thus can be placed at or near a customer's network resource (e.g., a computer, cluster of computers, or entire network). Under normal conditions, traffic for a customer's resource can go through a mitigation system or a non-mitigation system. When an attack is detected, traffic that would have otherwise gone through a non-mitigation system is re-routed to a mitigation system. Thus, the non-mitigation systems can be used to reduce latency and provide more efficient access to the customer's network resource during normal conditions. Since the non-mitigation servers are not equipped to respond to an attack, the non-mitigation systems are not used during an attack, thereby still providing protection to the customer network resource using the mitigation systems. | 2019-02-14 |
20190052671 | MULTI-TIERED NETWORK ARCHITECTURE FOR MITIGATION OF CYBER-ATTACKS - A method and system for controlling multi-tiered mitigation of cyber-attacks. The method comprises monitoring at least availability and load of each protection resource in a multi-tiered communication network, wherein each tier in the multi-tiered communication network includes a plurality of protection resources having capacity and security capabilities set according to the respective tier; for each protection resource, computing a current aggregated load metric (ALM); determining based on at least one of the computed ALM and security capabilities of a respective protection resource, if the respective protection resource assigned to a protected entity can efficiently handle a detected cyber-attack against the protected entity; and selecting at least one new protection resource to secure the protected entity, upon determining the protection resource cannot efficiently handle the detected cyber-attack, wherein the selection is based on at least one of the computed ALM and a security capabilities of the at least one protection resource. | 2019-02-14 |
20190052672 | SYSTEM AND METHODS FOR ACTIVE BRUTE FORCE ATTACK PROTECTION - Embodiments are described for provision of a brute force attack protection service to a middleware service, for example in the context of a distributed computing system receiving requests for connection from remote client devices. The brute force attack protection service may avoid relying upon presenting a Turing challenge at client devices for identifying and handling malicious requests for access or resources at the middleware service. | 2019-02-14 |
20190052673 | PASSWORD BREACH REGISTRY - A password breach registry is utilized to secure a service provided by a service provider. The password breach registry is a publicly accessible registry and includes password tokens written by breached service providers. The password tokens indicate passwords used to access breached service providers that may have been breached. A service provider can subscribe to the password breach registry and periodically query the password breach registry to determine if a password token corresponding to a user of a service provided by the service provider has been written to the password breach registry. This may indicate that the user of the service utilizes the same password on other services that have been breached. Upon determining that the password token has been written to the password breach registry, the user can be locked out from the service to prevent a malicious actor from gaining access to the account of the user. | 2019-02-14 |
20190052674 | RELAY DEVICE - The present invention provides a relay device including: a receiving unit that receives instructions; a fuzzing detection unit that detects an illegitimate instruction among the instructions received by the receiving unit; a disguised operation decision unit that decides a disguised operation corresponding to the illegitimate instruction detected by the fuzzing detection unit; and an instruction generation unit that generates an instruction corresponding to the disguised operation decided by the disguised operation decision unit. | 2019-02-14 |
20190052675 | AUTOMATED LIFECYCLE SYSTEM OPERATIONS FOR THREAT MITIGATION - Techniques are described for automatically performing lifecycle operations to mitigate identified threats via an intrusion detection (IDS) system and a lifecycle operations manager (LOM). In one example, a notification from an IDS is received at a LOM, the notification indicating a malicious activity associated with a particular application included in an enterprise software environment monitored by the IDS. The application can be associated with a first endpoint accessible via a navigation target, where the navigation target sends requests received at the navigation target to the first endpoint. In response to receiving the notification, automatically and without user input, the LOM executes at least one countermeasure operation including creating a new copy of the application, associating the new copy of the application with a different second endpoint, and updating the navigation target to cause the navigation target to send requests to the new copy of the application at the second endpoint. | 2019-02-14 |
20190052676 | METHODS AND SYSTEMS FOR PROVIDING SECURITY TO IOT DEVICES OPERATING IN AN ENVIRONMENT - A method of providing security to IOT devices operating in an environment is disclosed. The method may include receiving, using a communication device, a plurality of security profiles associated with a plurality of IOT devices from at least one security database. Further, the method may include storing, using a storage device, the plurality of security profiles. Further, the method may include receiving, using the communication device, a plurality of identifiers associated with the plurality of IOT devices from a customer premises equipment. Further, the method may include retrieving, using the storage device, the plurality of security profiles associated with the plurality of IOT devices based on the plurality of identifiers. Further, the method may include and transmitting, using the communication device, the plurality of security profiles to the CPE. | 2019-02-14 |
20190052677 | COMMUNICATIONS SYSTEM - A communications system includes a transmission device configured to transmit information as a communication message to a network at a predetermined frequency according to a type of information and a reception device configured to receive the transmitted communication message, wherein a first type of information to be transmitted at a first frequency and a second type of information to be transmitted at a second frequency higher than the first frequency are transmitted as different communication messages to the network, and wherein the reception device detects the occurrence of an abnormal state in the network on the basis of the number of receptions of the second type of information until the next first type of information is received after the first type of information is received. | 2019-02-14 |
20190052678 | METHOD AND A SIP PROXY FOR MANAGING CALLS IN A VOICE OVER SIP NETWORK - A method is provided of managing calls in a voice over IP network, and is performed by a SIP proxy. The method includes receiving a registration request issued by a voice over IP terminal to register with the SIP proxy, obtaining from a database the address of at least one voice over IP platform associated with the voice over IP terminal, registering the SIP proxy with a said voice over IP platform, and sending a request to a number portability server suitable for managing incoming calls to said voice over IP terminal, the request requesting the server to associate the telephone number of the voice over IP terminal with a routing prefix associated with the voice over IP platform. | 2019-02-14 |
20190052679 | NOTIFYING CHANGES IN RADIO ACCESS TECHNOLOGY - A method of notifying one or more network nodes in a communications network, comprising an Internet Protocol Multimedia Subsystem, IMS, of a change in RAT used by a user equipment for a communications session, the method comprising at a CSCF prior to set-up of the communications session, indicating by the CSCF to a PCRF that the CSCF requires RAT change notifications for the user equipment, providing a capability indication by the CSCF to the one or more network nodes that the CSCF supports RAT change notifications and receiving from at least one of the one or more network nodes a requirement indication, which indicates that the network node requires RAT change notifications. The method further comprises on receipt of a RAT change notification by the CSCF propagating the RAT change notification to each of the nodes from which a requirement indication has been received. | 2019-02-14 |
20190052680 | METHOD AND SYSTEM FOR REMOTE COMMUNICATION - A system configured for remote communication includes a sensor configured to detect a presence of a first individual, a processor configured to determine an intent of the first individual to establish communication with a remote individual, a communication module configured to communicate the presence and intent to a remote system and further configured to receive an indication of the presence and availability of a second individual at the remote system to communication, and an indicator configured to indicate the second individual's presence and availability to communication. The indicator is configured to indicate a plurality of different presence and availability states for the second individual. | 2019-02-14 |
20190052681 | SHARED TERMINAL DETECTION METHOD AND DEVICE THEREFOR - Provided are a shared terminal detection method and a device therefor. A shared terminal detection server receives web access traffic for connection of a terminal to a web server, transmits a response message for requesting reconnection to an IP detection web page describing a web real-time communication request to the terminal, and acquires a private IP address of the terminal identified by a STUN server, to detect whether the terminal is a shared terminal. | 2019-02-14 |
20190052682 | EARLY-MEDIA SERVICE CONTROL DEVICE, EARLY-MEDIA SERVICE CONTROL METHOD, AND STORAGE MEDIUM HAVING PROGRAM STORED THEREON - When a parameter included in a session start request indicates that a session-start-request-transmitting terminal device has reserved a resource, a parameter value rewrite unit rewrites the value of the parameter into a value indicating the resource unreserved. A session start request transmission control unit controls a communication unit to cause a session start request after the value of the parameter is rewritten to be transmitted to a session-start-request-receiving network. When the parameter value rewrite unit has not rewritten the value of the parameter, the received session start request is transmitted. When receiving a response indicating that a resource is reserved in a session-start-request-receiving terminal device, a calling-in-progress notification transmission control unit controls the communication unit so that calling-in-progress notification is transmitted to the session-start-request-transmitting terminal device. | 2019-02-14 |
20190052683 | Network-Assisted Fabric Pairing - Systems and methods for joining a device to a fabric using an assisting device include an indication to add a joining device to a fabric. If the joining device supports network-assisted fabric pairing, a first connection is established between a commissioning device and the assisting device. The assisting device also connects to a joining device. Through the assisting device, the commissioning device and the joining device establish a communication channel over which fabric credentials may be sent. | 2019-02-14 |
20190052684 | METHOD AND SYSTEM FOR OVER-THE-TOP VOICE FOR INTERNET OF THINGS DEVICES - A method, a device, and a non-transitory storage medium are provided to receive from an end device, a session establishment message pertaining to a voice service that restricts the end device to place a voice call to and receive a voice call from a designated call center; replace a uniform resource identifier of the designated call center included in the session establishment message, with an enterprise identifier included in subscription data pertaining to the end device; select, based on the enterprise identifier, another network device to transmit the session establishment message; and transmit the session establishment message to another device based on the selection. | 2019-02-14 |
20190052685 | Access to a Computer Network - A method of mediating access to a computer network comprises the steps of identifying a user who wishes to access the computer network, obtaining quality of service data specific to the user, generating a token comprising the quality of service data and providing an output derived from the token to the user. Optionally, the method can further comprise receiving a request from the user for access to the computer network and providing access to the computer network to the user according to the token. | 2019-02-14 |
20190052686 | Method, User Equipment, Server, and Apparatus for Implementing Information Sharing - A method, a user equipment, and a server for sharing information, and an apparatus. The method for implementing information sharing includes receiving shared information of another user equipment and location information corresponding to the shared information, where the location information indicates a location for the shared information to be displayed on a desktop of another user equipment; and displaying the shared information according to the location information. In the embodiments of the present disclosure, information or a desktop can be shared in real time between two or more user equipments, so that a user of a user equipment is capable of tracing the status of a user of another user equipment and acquiring information on the shared desktop in real time. | 2019-02-14 |
20190052687 | SEAMLESS SWITCHING BETWEEN MULTICAST VIDEO STREAMS - A packet-based video network including: two or more video data sources, each configured to launch video data packets onto the network as multicast data packets each associated with a multicast group identifier corresponding to that video data source; and a video data destination configured to receive and process video data from a video data source by joining a multicast group corresponding to that video data source, and execute a switching operation to switch from receiving video data from a first video data source to receiving video data from a second video data source by leaving a multicast group of the first video data source and joining a multicast group of the second video data source. The video data destination is configured to process video data corresponding to a video frame which, at end of a frame period, represents a most recently received video frame from the first video data source. | 2019-02-14 |
20190052688 | APPARATUS AND METHOD FOR PROVIDING CONTENT - A method of receiving content in a client is provided. The method may include receiving, from a server, a spatial set identifier (ID) corresponding to a tile group including at least one tile, sending, to the server, a request for first content corresponding to metadata, and receiving, from the server, the first content corresponding to the request. | 2019-02-14 |
20190052689 | METHODS OF STREAMING MEDIA FILE DATA AND MEDIA FILE SERVERS - A media file system, apparatus, computer program product and method are provided for of streaming media file data. An exemplary method includes receiving a request for media file data for a desired time, and determining from the desired time an available segment of media file data, wherein the segment includes media file data from a start time to an end time. The method further including returning the available segment of media file, wherein the step of returning the available segment of media file data includes returning information indicative of the start time to end time covered by the media file data of the available segment. | 2019-02-14 |
20190052690 | INDIVIDUAL ADJUSTMENT OF AUDIO AND VIDEO PROPERTIES IN NETWORK CONFERENCING - Individual adjustment of audio volume and video properties in a computer network conference environment is provided. A method may include providing, via a graphical user interface (GUI) of a viewing participant, a first video stream received from a first device of a first participant, the first video stream having an image attribute set at a first level as indicated by a first user input element of the GUI, providing, via the GUI, a second video stream received from a second device of a second participant, the second video stream having the image attribute set at a second level as indicated by a second user input element of the GUI, and outputting, by the computing device, the received first and second video streams, the first video stream output with the image attribute at an adjusted first level, and the second video stream output with the image attribute at the second level. | 2019-02-14 |
20190052691 | METHOD AND SYSTEM FOR PROVIDING INTERNET APPLICATION SERVICES - Providing Internet application services includes acquiring an invocation command for an Internet application service and opening a service page corresponding to the Internet application service, generating an Internet application service invocation result based on an Internet application service invocation operation performed by a user on the service page, sending the Internet application service invocation result to the Internet application service provider and causing the Internet application service provider to generate invocation result card model data based on the Internet application service invocation result, generating an invocation result display card, and displaying the one or more other Internet application services to the user. | 2019-02-14 |
20190052692 | INTER-APPLICATION COMMUNICATION AND INTEGRATED BROKER - A system for intermediated communication between applications running on the same computer is presented. The system routes communication between a first application and a second application through a data broker on a remote server to avoid direct communication between the applications. The first application may be a desktop application, such as a word processing application, that has an add-in installed to facilitate communication through the data broker. The second application may be a web browser that includes a web client implemented using standard functionality of the web browser, without an application-specific plug-in. The data broker operates on a remote server to receive and direct communication between the applications. By eliminating direct communication between the applications, the data broker improves system security and reliability by utilizing communication protocols and capabilities already existing within the computer. | 2019-02-14 |
20190052693 | Data Caching and Resource Request Response - A data caching method and device, and a resource request response method and device. The data caching method comprise: receiving a resource request for group content belonging to a specific user group, the resource request being sent from a user terminal to an application server by a user; checking if a mapping between the group content and a group caching ID for identifying the user group and a mapping between the user and the group caching ID have been established in the caching server; and returning the group content cached in the caching server to the user terminal in responses to the mapping between the group content and the group caching ID and the mapping between the user and the group caching ID having been established in the caching server. | 2019-02-14 |
20190052694 | Automatic Genre Classification Determination of Web Content to which the Web Content Belongs Together with a Corresponding Genre Probability - A mechanism is provided for automatic genre determination of web content. For each type of web content genre, a set of relevant feature types are extracted from collected training material, where genre features and non-genre features are represented by tokens and an integer counts represents a frequency of appearance of the token in both a first type of training material and a second type of training material. In a classification process, fixed length tokens are extracted for relevant features types from different text and structural elements of web content. For each relevant feature type, a corresponding feature probability is calculated. The feature probabilities are combined to an overall genre probability that the web content belongs to a specific trained web content genre. A genre classification result is then output comprising at least one specific trained web content genre to which the web content belongs together with a corresponding genre probability. | 2019-02-14 |
20190052695 | COMMUNICATION SERVICE METHOD AND COMMUNICATION APPARATUS THEREOF - Each user terminal apparatus is connected with a service business enterprise system by a connection business enterprise system in a state that a live image can mutually be transmitted through the service business enterprise system. An user beforehand sets its live image to be appropriately utilized as an advertisement medium, and chooses selling goods to be advertised. A live image transmitted from the user terminal apparatus of the user who performed the aforesaid setting receives a superposed image, for example, by the superposing the T shirt of the user or the like with the image signal of the selling goods as the advertisement object in the service business enterprise system, and then the processed live image signal is transmitted to the user terminal apparatus of a communication companion. When the communication companion clicks this image signal, the user terminal apparatus of the communication companion is further connected with the sponsor system of the selling goods, and can receive a further explanation of the selling goods and can perform the transactions of the selling goods. | 2019-02-14 |
20190052696 | MOBILE TERMINAL FOR REMOTELY OPERATING DEVICE VIA NETWORK, CONTROL METHOD THEREFOR, STORAGE MEDIUM, AND REMOTE SUPPORT SYSTEM - A mobile terminal which enables direct and efficient remote operation via a network. The mobile terminal mediates communication between a first apparatus and a second apparatus when the first apparatus remotely operates the second apparatus having an application server via a network. In a case where a tunneling communication is established, the mobile terminal displays candidates for an application server to which the mobile terminal is connectable, on a display device of the mobile terminal, and carries out a mediating process including transferring data received from the first apparatus to the application server selected by a user from among the candidates and transferring data received from the selected application server to the first apparatus through the tunneling communication. | 2019-02-14 |
20190052697 | MOBILE-OPTIMIZED FILE TRANSFER MECHANISM BASED ON QR CODE - Described embodiments may provide transferring a file to a mobile device via scanning quick response codes displayed via a display output device. A media device in communication with a server may receive a request to access a file on the server. A file converter of the media device may encode the file obtained from the server into a plurality of quick response (QR) codes. The media device may display the plurality of QR codes via a display output device. A mobile device may scan each of the plurality of QR codes displayed on the display output device. A file downloader of the mobile device may interpret each of the scanned plurality of QR codes to form a file on the mobile device. | 2019-02-14 |
20190052698 | TRANSFERRING DATA BETWEEN BLOCK AND FILE STORAGE SYSTEMS - Provided is a method, computer program product, and system for transferring data between block and file storage systems. A remote server may receive, from a host device, a request to restore data to the host device. The remote server may store the data as one or more objects, with each object corresponding to an extent of a logical volume on the host device. A set of strides on the host device that correspond to the one or more objects may be determined using metadata for the one or more objects. Each of the one or more objects may be split into a set of data pieces using the metadata. Each data piece may then be transmitted from the remote server to the host device. | 2019-02-14 |
20190052699 | CORRELATION ACROSS NON-LOGGING COMPONENTS - Systems are provided for logging transactions in heterogeneous networks that include a combination of one or more instrumented components and one or more non-instrumented components. The instrumented components are configured to generate impersonated log records for the non-instrumented components involved in the transaction processing hand-offs with the instrumented components. The impersonated log records are persisted with other log records that are generated by the instrumented components in a transaction log that is maintained by a central logging system to reflect a complete flow of the transaction processing performed on the object, including the flow through the non-instrumented component(s). | 2019-02-14 |
20190052700 | AUTOMATED CONTENT DELIVERY FOR OFFLINE CONSUMPTION - A device can receive a request to provide content to a set of devices in a service area. The request can include a set of content configuration parameters associated with the content. The device can obtain the content by using the set of content configuration parameters to search a content source. The device can separate the content into a set of content segments using a content configuration parameter of the set of content configuration parameters. The device can provide multicast session instructions to a multicast system to cause the multicast system to provide the set of content segments to the service area using a multicast session. The multicast session can be used by the set of devices to store one or more content segments of the set of content segments. | 2019-02-14 |
20190052701 | SYSTEM, METHOD AND PLATFORM FOR USER CONTENT SHARING WITH LOCATION-BASED EXTERNAL CONTENT INTEGRATION - A methods, systems, device, server, network, platform and apparatus for enabling user to share one or more types of user created, selected or generated contents with one or more external sources content integration. In one embodiment, a system and method are provided in which an input interface to access user-selection of user content to be shared via the content sharing platform and user-selection of a specific external content item, from one or more sources, distinct from said user content and selectable by a given user from said plurality of different specifically selectable external content items, wherein said specific user-selected external content item comprises a specific locally sourced content item selectable by said given user amongst distinctly locally sourced content items corresponding with said location and an integration engine operated by a digital data processor to integrate said specific external content item with said user content to output a sharable integrated content item; and an output interface to share said sharable integrated content item via the content sharing platform on behalf of said given user. | 2019-02-14 |
20190052702 | Apparatus and Method for Multimedia Communication - A system that incorporates teachings of the present disclosure may include, for example, a communication device having a controller to transmit to a media server a request for distribution of media content to one or more targeted recipients according to a user profile associated with the communication device that is stored in the media server. The format of the media content can be adjusted by the media server based at least in part on the user profile. Other embodiments are disclosed. | 2019-02-14 |
20190052703 | GROUP HOST SELECTION METHOD FOR DEVICE-TO-DEVICE NETWORK AND CONTROL PLATFORM FOR SELECTING GROUP HOST - A group host selection method for a device-to-device network and a control platform for selecting a group host are provided. The device-to-device network includes a user device and a gateway device, the group host selection method includes the steps of: calculating a signal reception capability corresponding to a transmission path from the gateway device to the user device; calculating a first computation capability of the gateway device; calculating a second computation capability of the user device; and selecting one of the user device and the gateway device to be a group host according to the signal reception capability and the first computation capability of the gateway device and the second computation capability of the user device. | 2019-02-14 |
20190052704 | Opportunistic Crowd-Based Service Platform - A method and apparatus for providing an opportunistic crowd based service platform is disclosed. A mobile sensor device is identified based on a current location and/or other qualities, such as intrinsic properties, previous sensor data, or demographic data of an associated user of the mobile sensor device. Data is collected from the mobile sensor device. The data collected from the mobile sensor device is aggregated with data collected from other sensor devices, and content generated based on the aggregated data is delivered to a user device. | 2019-02-14 |
20190052705 | MULTI-MODE REMOTE COLLABORATION - Generally discussed herein are systems and apparatuses for multi-mode collaboration between entities in different jurisdictions. According to an example a technique can include determining a location of a remote communication device by at least one of a global positioning system (GPS), low frequency (LF) atomic time radio, earth magnetic signature, internet protocol (IP) address, and cell phone tower triangulation, determine regulations regarding communication from an internal network to the remote device based on the determined location, and configure the remote device to transmit and receive communications in a manner compliant with the determined regulations including one of voice over internet protocol (VOIP) communication, hypertext transfer protocol (HTTP) communication, text communication, voice communication, video communication, and augmented reality communication. | 2019-02-14 |
20190052706 | PIXEL-BASED LOAD BALANCING - Disclosed are methods, systems, and apparatus for load-balancing image-processing jobs based on the number of pixels in the images and/or the nature of the processing that is requested on those pixels. For example, a set of machines may run software to provide various types of image processing services, such as format conversion, recompression, resizing, cropping, among others. These are referred to as image servers. In accordance with the teachings hereof, the load on each image server can be calculated based on the number of pixels in the images that are waiting to be processed in the image server's processing queue, adjusted by the type of processing that is requested on each image. The adjustment typically reflects and adjusts for the relative time needed to perform various types of processing. Load scores can be further adjusted based on the processing capabilities of each image server, in some embodiments. | 2019-02-14 |
20190052707 | Assignment of Processing Resource Based on Session Data - Methods and systems for processing communication systems are disclosed. A request for a communication session can be analyzed to determine a device or pool of devices to process the communication session. Data associated with the communication session, including session description data, can be analyzed using rules that associate types of data with corresponding processing devices. The rules can be based on levels of complexity associated with the data, and different pools of processing devices can be associated with different levels of complexity. Thus, communication sessions assigned a level of complexity can be matched with pools of devices associated with the same level of complexity. | 2019-02-14 |
20190052708 | COORDINATOR OWNERSHIP AUTHENTICATION IN A DISTRIBUTED SYSTEM WITH MULTIPLE STORAGE OBJECT COORDINATORS - Exemplary methods, apparatuses, and systems include a replica node storing a component of a storage object detecting that a primary coordinator for the storage object component is no longer available to serve as primary coordinator. The replica node is within a cluster of nodes storing components of the storage object. In response to detecting that the primary coordinator is no longer available, the replica node updates a first metadata entry indicating that a secondary coordinator for the storage object component is unhealthy. The replica node rejects connection requests from the secondary coordinator in response to the first metadata entry indicating that the secondary coordinator for the storage object component is unhealthy. | 2019-02-14 |
20190052709 | CLUSTERED STORAGE SYSTEM SYNCHRONIZATION - A request to perform a coordinated action is received. The coordinated action comprises a first plurality of operations. In response to reception of the request to perform the coordinated action, a second plurality of operations is performed in preparation for performing the coordinated action. A response to the request to perform the coordinated action is sent. The response to the request to perform the coordinated action comprises an indication that the first device will perform the coordinated action. An indication that the coordinated action is to be performed is received. In response to reception of the indication that the coordinated action is to be performed, the first plurality of operations is performed. | 2019-02-14 |
20190052710 | System for Integrating a Detectable Medical Module - Medical devices and other modules configured in local computing environments can be detected, remotely managed, and integrated with a web application hosted on a server using standard communication protocols and a local agent. Such modules can include hardware devices, such as electrocardiograph (ECG) machines, centrifuges and the like, and/or software modules, such as Electronic Medical Records (EMR). The modules can be detected by a web browser receiving input which can be configured to be initiated by a sensor and/or Application Program Interface (API). The web browser, in turn, can communicate with the remote server for approval of the module. Upon approval, the server can establish a WebSocket communication channel through the browser to an agent executing in the local environment. The server can then push a device profile and/or commands to the agent, including a command to execute source code, and the agent, in turn, can collect data from, and/or execute commands with respect to, the module. | 2019-02-14 |
20190052711 | SYSTEM AND METHOD FOR PEER-TO-PEER CONNECTIVITY - A method in a mobile client device includes: establishing a plurality of connections with a fixed device; selecting, from the plurality of connections, a primary connection and a secondary connection distinct from the primary connection; storing, in a memory: (i) primary connection parameters defining the primary connection; and (ii) secondary connection parameters defining the secondary connection; initiating a data transfer session with the fixed device over the primary connection; and, responsive to detecting a reduction in link quality associated with the primary connection, sending a request to continue the data transfer session over the secondary connection. | 2019-02-14 |
20190052712 | METHODS, SYSTEMS AND APPARATUSES FOR APPLICATION SERVICE LAYER (ASL) INTER-NETWORKING - An method for M2M communications and an M2M node are disclosed. The M2M node provides a communication management function for communication between a first service layer in a first network and a second service layer in a second network. The M2M node receives a first message from a first application in the first service layer. The first message encapsulates a second message. The M2M node determines based on at least a first attribute identifying an expiration time after which the communication management function does not facilitate communication, that the communication management function is available to process the first message. The M2M node determines based on at least a second attribute defining an access control list identifying applications in the first service layer for which the communication management function may provide processing, that the communication management function is available to process the first message from the first application. | 2019-02-14 |