08th week of 2016 patent applcation highlights part 63 |
Patent application number | Title | Published |
20160057050 | DEVICES, METHODS, AND SYSTEMS FOR PACKET REROUTE PERMISSION BASED ON CONTENT PARAMETERS EMBEDDED IN PACKET HEADER OR PAYLOAD - Devices, methods, and systems are described for the execution of packet reroute authorization based on payload specific parameters embedded in either the payload or packet header. The described methods may be used for media production systems. The methods may also be configured for other applications in any packet based routing environment to provide payload or execution description parameters embedded in either the payload or packet header for routing control of any packet based traffic. | 2016-02-25 |
20160057051 | INTEGRATION OF LMR AND IP NETWORKS - Integration of a land mobile radio (LMR) communications system and other wireless IP based systems such as LTE by way of a multi bearer router. The LMR system may be either trunked or conventional. The multi bearer router maintains LMR IDs and also IP addresses for base stations, multi bearer terminals and other components of the integrated system. | 2016-02-25 |
20160057052 | METHOD AND SYSTEM OF CHECKPOINT AND ROLLBACK RECOVERY FOR FORWARDING STATES OF A SOFTWARE-DEFINED NETWORKING (SDN) SYSTEM - Methods implemented in an electronic device are disclosed for checkpoint and rollback recovery in a SDN system. The method utilizes message identifiers to indicate an order of consistent states of forwarding tables of a plurality of network elements of the SDN system. The SDN controller of the SDN system receives a request to recover the network to a previous state, and identifies a consistent state of forwarding table for each of the plurality of network elements utilizing the message identifiers associated the consistent states, where the identified consistent states represent the previous state of the network without the identified consistent states being captured at the same time at the plurality of network elements. The SDN controller indicates the identified consistent state for each of the plurality of the network elements to a corresponding network element, where the corresponding network element makes its forwarding table consistent with the identified consistent state. | 2016-02-25 |
20160057053 | Light-Weight Fork Channels for Clustering - A method for light-weight fork channels for clustering is disclosed. The method includes receiving, by a processing device, a message at a main channel used for group communication between processes executed by the processing device, identifying a fork channel identifier (ID) and a fork stack ID in a header of the message, processing the message with a fork stack corresponding to the fork stack ID in the header of the message, the fork stack comprising a subset of protocols of a main protocol stack of the main channel, and providing the message to a fork channel corresponding to the fork channel ID, wherein the fork channel to utilize the fork stack to separate messages for the fork channel from the main channel. | 2016-02-25 |
20160057054 | Path Selection in Hybrid Networks - Systems and methods for controlling legacy switch routing in one or more hybrid networks of interconnected computers and switches, including generating a network underlay for the one or more hybrid networks by generating a minimum spanning tree (MST) and a forwarding graph (FWG) over a physical network topology of the one or more hybrid networks, determining an optimal path between hosts on the FWG by optimizing an initial path with a minimum cost mapping, and adjusting the initial path to enforce the optimal path by generating and installing special packets in one or more programmable switches to trigger installation of forwarding rules for one or more legacy switches. | 2016-02-25 |
20160057055 | BINDING IEEE 802.11 MAC FRAMES TO LOGICAL CHANNELS - An IEEE 802.11 media access control (MAC) frame (or contents thereof) at a transmitter apparatus includes information from which a logical channel carrying traffic can be identified, so that a receiver apparatus, when unpacking the IEEE 802.11 MAC frame (or contents thereof), is able to route the traffic to the appropriate radio link control (RLC) entity associated with the logical channel. An evolved Node B (eNB) that is also an access point (AP) distinguishes conventional uplink wireless local area network (WLAN) traffic from traffic that is to be routed to an RLC layer. | 2016-02-25 |
20160057056 | IN NIC FLOW SWITCHING - Methods, apparatus, and systems for implementing in Network Interface Controller (NIC) flow switching. Switching operations are effected via hardware-based forwarding mechanisms in apparatus such as NICs in a manner that does not employ use of computer system processor resources and is transparent to operating systems hosted by such computer systems. The forwarding mechanisms are configured to move or copy Media Access Control (MAC) frame data between receive (Rx) and transmit (Tx) queues associated with different NIC ports that may be on the same NIC or separate NICs. The hardware-based switching operations effect forwarding of MAC frames between NIC ports using memory operations, thus reducing external network traffic, internal interconnect traffic, and processor workload associated with packet processing. | 2016-02-25 |
20160057057 | Systems and Methods for Optimized Route Caching - A method for optimized route caching includes comparing a destination address of a network packet to a first set of prefixes in a routing cache, and comparing the destination address to a second set of prefixes in a full routing table when a longest matching prefix for the destination address is not found in the routing cache. The method further includes copying the longest matching prefix and a set of sub-prefixes of the longest matching prefix from the full routing table to the routing cache, and forwarding the network packet. | 2016-02-25 |
20160057058 | CPP BUS TRANSACTION VALUE HAVING A PAM/LAM SELECTION CODE FIELD - Within a networking device, packet portions from multiple PDRSDs (Packet Data Receiving and Splitting Devices) are loaded into a single memory, so that the packet portions can later be processed by a processing device. Rather than the PDRSDs managing and handling the storing of packet portions into the memory, a packet engine is provided. A device interacting with the packet engine can use a PPI (Packet Portion Identifier) Addressing Mode (PAM) in communicating with the packet engine and in instructing the packet engine to store packet portions. Alternatively, the device can use a Linear Addressing Mode (LAM) to communicate with the packet engine. A PAM/LAM selection code field in a bus transaction value sent to the packet engine indicates whether PAM or LAM will be used. | 2016-02-25 |
20160057059 | METHOD AND DEVICE FOR CONTROLLING TRAFFIC OF MOBILE ROUTER - A method and a device for controlling traffic of a mobile router are provided. The method includes: generating a traffic control widget and displaying the traffic control widget on a control interface of the mobile router according to a total amount of traffic available to the mobile router; receiving a traffic operation on the traffic control widget; and limiting traffic of the mobile router according to the traffic operation. | 2016-02-25 |
20160057060 | Analyte Monitoring System and Methods - Methods and systems for providing data communication in medical systems are disclosed. | 2016-02-25 |
20160057061 | Learning Or Emulation Approach to Traffic Engineering in Information-Centric Networks - A method implemented in a network element (NE) configured to operate in an information centric network (ICN), comprising receiving a plurality of test traffic flows, wherein the test traffic flows are copies of a number of traffic flows received in a forwarding plane of the ICN during a defined interval; emulating the ICN at a state determined at an arrival time of the test traffic flows to the NE and defined based on a plurality of active traffic flows in the ICN; measuring a first impact of a plurality of first candidate paths for a first test traffic flow from the test traffic flows in the emulated ICN to the active traffic flows; selecting one of the first candidate paths based on the first impact measurement; measuring a second impact of a plurality of second candidate paths for a second test traffic flow from the test traffic flows in the emulated ICN to active traffic flows and the selected first candidate test path; selecting one of the second candidate paths based on the second impact measurement; and constructing a plurality of forwarding rules based on the state and the candidate paths selections. | 2016-02-25 |
20160057062 | System and Method for Improving Network Performance Using a Connection Admission Control Engine - The disclosed embodiments include a method, apparatus, and computer program product for modifying a three-dimensional geocellular model. For example, one disclosed embodiment includes a system that includes at least one processor and at least one memory coupled to the at least one processor. The memory stores instructions that when executed by the at least one processor performs operations that includes gathering network performance information regarding data flow communicated with a client of a network over a plurality of connections utilizing performance information packets; and automatically balancing the data flow of the plurality of connections between access points of the network that are available to the client using connection admission control engines. | 2016-02-25 |
20160057063 | TRANSFER DEVICE, CONTROL DEVICE AND COMMUNICATION METHOD - A transfer device operates within a network including a plurality of transfer devices and a control device. The transfer device includes a processor and a network connecting device. The network connecting device receives a packet. When a packet received from any of the plurality of transfer devices does not satisfy a process condition notified from the control device, the processor performs control such that a request message is not transmitted until a specified time period elapses from reception of the received packet. The request message is a message for requesting the control device to notify the transfer device of a process applicable to the received packet. When process information, which is information representing the process applicable to the received packet, has been obtained by the time the specified time period elapses, the processor processes the received packet in accordance with the process information. | 2016-02-25 |
20160057064 | DEADLINE DRIVEN CONTENT DELIVERY - Examples of the present invention present a method of controlling content delivery in a network. A global quality of experience measure, QoE | 2016-02-25 |
20160057065 | RE-MARKING OF PACKETS FOR QUEUE CONTROL - A method and apparatus for changing a packet tag status value from a first value to a different value upon said packet arriving at a buffer if there already is a packet in the buffer queue having the same first status value. A sequence of tag status values ( | 2016-02-25 |
20160057066 | TECHNOLOGIES FOR ALIGNING NETWORK FLOWS TO PROCESSING RESOURCES - Technologies for aligning network flows to processing resources include a computing device having multiple processing nodes, a network switch, and a network controller operating in a software-defined network. Each processing node of the computing device may include a processor, memory, and network adapter. The network switch may receive a network packet and request forwarding information from the network controller. The network controller may determine flow information corresponding to the network packet that indicates the application targeted by the network packet and the processing node executing the application. The flow information may be transmitted to the computing device, which may program a flow filter in the network adapter of the processing node executing the application. The network controller may also transmit forwarding information to the network switch, which may forward the received network packet to the network adapter of the processing node executing the application based on the forwarding information. | 2016-02-25 |
20160057067 | SYSTEMS AND METHODS FOR PROVIDING FINE GRAINED CONTROL OVER MSS VALUES OF TRANSPORT LAYER CONNECTIONS - Systems and methods of providing fine grained control over MSS values of transport layer connections. A device intermediary to a plurality of clients and a plurality of servers can identify a first MSS value based on a MTU value of a VLAN interface responsive to a request to establish a transport layer connection. Device determines that a MSS value of the VLAN is less than the first MSS value. Device updates, responsive to the determination, the first MSS value to a second MSS value corresponding to the MSS value of the VLAN. Device determines that an MSS value specified by a profile configured for a virtual server of the device is less than the second MSS value. Device updates the second MSS value to the MSS value of the profile responsive to determining that the MSS value specified by the profile is less than the second MSS value. | 2016-02-25 |
20160057068 | SYSTEM AND METHOD FOR TRANSMITTING DATA EMBEDDED INTO CONTROL INFORMATION - An apparatus executes a transmission-side process on target data to be transmitted to another apparatus through a communication path. The transmission-side process generates transmission data including payload information and control information, where the control information includes the target data and address information indicating a destination address of the target data. The another apparatus includes a queue area configured to store pieces of information as queueing data so as to prevent a piece of information from being overwritten by another piece of information. The apparatus controls transmission of the transmission data to the another apparatus by embedding the target data into the control information included in the transmission data. The another apparatus stores the control information included in the received transmission data into the queue area as queuing data, and extracts the embedded target data from the control information stored in the queue area. | 2016-02-25 |
20160057069 | PACKET ENGINE THAT USES PPI ADDRESSING - Within a networking device, packet portions from multiple PDRSDs (Packet Data Receiving and Splitting Devices) are loaded into a single memory, so that the packet portions can later be processed by a processing device. Rather than the PDRSDs managing and handling the storing of packet portions into the memory, a packet engine is provided. The PDRSDs use a PPI (Packet Portion Identifier) Addressing Mode (PAM) in communicating with the packet engine and in instructing the packet engine to store packet portions. The packet engine uses linear memory addressing to write the packet portions into the memory, and to read the packet portions from the memory. | 2016-02-25 |
20160057070 | SYSTEMS AND METHODS FOR IMPLEMENTATION OF JUMBO FRAME OVER EXISTING NETWORK STACK - This disclosure is directed generally to systems and methods for implementation of Jumbo frames in an existing network stack. In some embodiments, a connection handler of a device receives data having a size greater than an Ethernet frame size. That data includes header data and payload data. The device partitions the data into segments including a first segment and a second segment. The first segment includes the header data and a first portion of the payload data, while the second segment includes a second portion of the payload data. The device stores the first and second segments in first and second network buffers, respectively, of a pool of network buffers. The device forms a packet chain of the first and second network buffers having a size greater than the Ethernet frame size. The device transmits the packet chain via a network connection. | 2016-02-25 |
20160057071 | Network Platform as a Service Layer for Open Systems Interconnection Communication Model Layer 4 Through Layer 7 Services - According to one aspect of the concepts and technologies disclosed herein, a cloud computing system can include a hardware resource and a Network Platform as a Service (“NPaaS”) layer. The NPaaS layer can expose a cloud service for use by a service that operates within at least one of layer 4 through layer 7 of the Open Systems Interconnection (“OSI”) communication model. The cloud service can include a database service, an application container service, a resource broker service, a load balancer service, a domain name system (“DNS”) service, a state persistence service, a probe service, or a combination thereof. The NPaaS also can receive a request for the cloud service, and in response to the request, can provide the cloud service. | 2016-02-25 |
20160057072 | OPTIMIZING RESOURCE CONFIGURATIONS - Systems and methods for monitoring the performance associated with fulfilling resource requests and determining optimizations for improving such performance are provided. A processing device obtains and processes performance metric information associated with processing a request corresponding to a set of resources. The processing device uses the processed performance metric information to determine a resource configuration to be associated with the set of resources. In some embodiments, in making such a determination, the processing device assesses performance metric information collected and associated with subsequent requests corresponding to the content associated with the set of resources and using each of a variety of alternative resource configurations. The processing device may also consider a number of factors. Aspects of systems and methods for generating recommendations to use a particular resource configuration to process a subsequent request corresponding to the content associated with the set of resources are also provided. | 2016-02-25 |
20160057073 | MANAGING HYBRID CLOUD PLACEMENT POLICIES - Placing an application on a private portion and a public portion of a hybrid computing environment for processing. An application may be received for placement and processing. A primary processing objective and a split preference of the application may be determined. The split preference indicates whether the application can be processed using one or both of the private portion and the public portion of the hybrid computing environment. The application may be placed on one or both of the private portion and the public portion of the hybrid computing environment for processing, based on the primary processing objective and based on the split preference. | 2016-02-25 |
20160057074 | COMBINING BLADE SERVERS BASED ON WORKLOAD CHARACTERISTICS - To perform a workload, a plurality of virtual machines (VMs) may be assigned to a plurality of blade servers. To assign the VMs, a computing system uses the characteristics of the workloads that will be executed by the virtual machines such as the number of processors or the amount of memory, storage the workload is estimated to use, and the like. Based on these workload characteristics, the computing system determines an optimal solution for deploying the VMs onto the blade servers. In one embodiment, the computing system determines whether two or more of the blade servers should be stitched together. For example, the computing system compares the workload characteristics of one of the virtual machine to the combined available resources of at least two of the blade servers. If the combined available resources satisfy the workload characteristics, the computing system stitches the blade servers together. | 2016-02-25 |
20160057075 | Load Adaptation Architecture Framework for Orchestrating and Managing Services in a Cloud Computing System - According to one aspect of the concepts and technologies disclosed herein, a cloud computing system can include a load adaptation architecture framework that performs operations for orchestrating and managing one or more services that may operate within at least one of layers 4 through 7 of the Open Systems Interconnection (“OSI”) communication model. The cloud computing system also can include a virtual resource layer. The virtual resource layer can include a virtual network function that provides, at least in part, a service. The cloud computing system also can include a hardware resource layer. The hardware resource layer can include a hardware resource that is controlled by a virtualization layer. The virtualization layer can cause the virtual network function to be instantiated on the hardware resource so that the virtual network function can be used to support the service. | 2016-02-25 |
20160057076 | Equitable Sharing of System Resources in Workflow Execution - A method may be practiced in a distributed computing environment that provides computing resources to a plurality tenants. The method includes acts for allocating a limited set of system resources to the tenants. The method includes identifying a resource slice. The method further includes identifying an executing tenant workload. Checkpoint characteristics are identified for the executing tenant workload. Based on the checkpoint characteristics and the resource slice, a task eviction event is identified. | 2016-02-25 |
20160057077 | INTELLIGENT DATA CENTER SELECTION - In embodiments, a data center selection system can select a chosen data center (DC) for an order submitted to a cloud computing system using a preprocessing layer and a rules engine that incorporates action/algorithm-based selection using data center metrics to determine the chosen DC. In various embodiments, the data center selection system retrieves order information, objectives, rules, algorithms, and other data defined by an administrator. The data center selection system can then retrieve data center information aggregated from various data centers. Using order information received from an order management system, the data center selection system can utilizes the preprocessing layer, the rules engine, and the algorithm-based selection to select the chosen DC. The data center selection system can send an order request to the chosen DC in which to provision services for the order request. | 2016-02-25 |
20160057078 | LOSSLESS ADJUSTMENT METHOD OF ODUFLEX CHANNEL BANDWIDTH AND ODUFLEX CHANNEL - The embodiments of the present invention relate to the field of communications technologies, and disclose a lossless adjustment method of ODUflex channel bandwidth and an ODUflex channel. The lossless adjustment method includes: respectively adjusting, according to bandwidth adjustment indication request information, a time slot occupied by an ODUflex frame in a higher order optical channel data unit at an egress side of each network node on an ODUflex channel; and adjusting, according to rate adjustment indication information, a transmission rate of the ODUflex frame of each network node on the ODUflex channel, to enable the transmission rate of each network node on the ODUflex channel to be unified. | 2016-02-25 |
20160057079 | PPI ALLOCATION REQUEST AND RESPONSE FOR ACCESSING A MEMORY SYSTEM - Within a networking device, packet portions from multiple PDRSDs (Packet Data Receiving and Splitting Devices) are loaded into a single memory, so that the packet portions can later be processed by a processing device. Rather than the PDRSDs managing and handling the storing of packet portions into the memory, a packet engine is provided. The PDRSDs use a PPI (Packet Portion Identifier) Addressing Mode (PAM) in communicating with the packet engine and in instructing the packet engine to store packet portions. A PDRSD requests a PPI from the packet engine in a PPI allocation request, and is allocated a PPI by the packet engine in a PPI allocation response, and then tags the packet portion to be written with the PPI and sends the packet portion and the PPI to the packet engine. | 2016-02-25 |
20160057080 | MESSAGE TRANSMISSION AND RECEPTION DEVICE, AUTOMATIC METER READING SYSTEM, AND MESSAGE TRANSMISSION AND RECEPTION METHOD - A message transmission/reception device preferentially processing high priority messages even in a multi-vendor environment where presence/absence of priority control function depends on each vendor. The message transmission/reception device receives, through a relay, an upstream direction message transmitted from a communication terminal to an application server, and transmits, through the relay to the communication terminal, a downstream message transmitted from the application server to the communication terminal. When receiving a high priority message, the number of messages passed by the high priority message during a period from transmitting the high priority message from the relay to receiving the high priority message is calculated. A threshold determining the amount of messages to be transmitted to the relay device is adjusted based on the calculated message number. The amount of messages to be transmitted is controlled based on comparing the number of downstream messages accumulated in the relay and the threshold. | 2016-02-25 |
20160057081 | PPI DE-ALLOCATE CPP BUS COMMAND - Within a networking device, packet portions from multiple PDRSDs (Packet Data Receiving and Splitting Devices) are loaded into a single memory, so that the packet portions can later be processed by a processing device. Rather than the PDRSDs managing the storing of packet portions into the memory, a packet engine is provided. The PDRSDs use a PPI addressing mode in communicating with the packet engine and in instructing the packet engine to store packet portions. A PDRSD requests a PPI from the packet engine, and is allocated a PPI by the packet engine, and then tags the packet portion to be written with the PPI and sends the packet portion and the PPI to the packet engine. Once the packet portion has been processed, a PPI de-allocation command causes the packet engine to de-allocate the PPI so that the PPI is available for allocating in association with another packet portion. | 2016-02-25 |
20160057082 | OUT-OF-OFFICE NOTIFICATION MECHANISM FOR EMAIL CLIENTS - A method for an out-of-office message notification system to notify at least one sender who has sent an email in a pre-defined time span prior to a start time associated with an out-of-office notification being set by a user is provided. The method may include identifying an unresponded email within a plurality of unresponded emails in an inbox received within the pre-defined time span prior to the start time associated with the out-of-office notification being set by a user. The method may also include sending an out-of-office message notification to the sender associated with the unresponded email. | 2016-02-25 |
20160057083 | SYSTEMS AND METHODS FOR VIRTUAL INTERACTION - In one aspect, at least one processor may receive a first user input and identify one or more first keywords from the first user input to determine one or more previously recorded outputs corresponding to the first keywords. The previously recorded outputs may correspond to a virtual character, such as a celebrity. Further, the at least one processor may select one of the determined previously recorded outputs and output the selected previously recorded output corresponding to the virtual character. The at least one processor may also identify one or more second keywords from at least the first user input, temporarily store the second keywords in memory in association with at least one portion of the user input, receive a second user input, and determine another previously recorded output based at least in part on the temporarily stored keywords associated with the first user input. | 2016-02-25 |
20160057084 | LOCATION-BASED COMMUNICATION SYSTEM AND METHOD FOR IMPROVING CUSTOMER EXPERIENCE - A communication system comprises a server for receiving one or more requests or messages from one or more location-enabled user devices. The server typically stores the requests and retrieve them based on location information stored along with the requests. The server notifies a user when another user transmits a message while near or at one of the user's previous requests. In some instances, the users may be customers and providers. | 2016-02-25 |
20160057085 | SYSTEM AND METHOD FOR PROVIDING A MESSAGING INTERFACE - Computer-implemented systems and methods for providing a simplified messaging interface are provided for allowing users to initiate and engage in messaging conversations. In some embodiments, the systems and methods reduce the overhead involved in initiating and/or engaging in messaging conversations. In addition, the messaging interface may allow users to initiate and/or engage in conversations without having to open a separate standard messaging window for every conversation. Further, the simplified messaging interface may be used in conjunction with a standard messaging interface. | 2016-02-25 |
20160057086 | Method and System for Cross Device Notification - Method and system for cross device notification (CDN) are provided. An incoming event is received at a first device associated with a user. The first device detects one or more active devices associated with the user other than the first device. Whether the user reacts to the incoming event is detected on the first device. Whether a CDN is needed is determined based on whether the one or more active devices are detected and/or whether the user reacts to the event within a predetermined time period. If a CDN is needed, the CDN is generated and transmitted to the one or more active devices. | 2016-02-25 |
20160057087 | PROCESSING MEDIA MESSAGES BASED ON THE CAPABILITIES OF THE RECEIVING DEVICE - When a user requests to send a media message to a contact, a sending device retrieves the device parameter of a receiving device used by the contact to receive messages. Based on the retrieved device parameters, the sending device processes a media file to be included with the media message. The sending device processes the media file to reduce the size of the media file and for the media file not to exceed the display capabilities of the receiving device. The sending device sends the media message with the processed media file to the receiving device of the contact via a messaging system. | 2016-02-25 |
20160057088 | METHOD AND APPARATUS FOR TRANSMITTING INFORMATION - Embodiments of the present invention provide a method and apparatus for transmitting information. In one embodiment of the present invention, there is provided a method for transmitting information, comprising: creating an activity in response to having received inputted information from a user U; looking up a first number of users matching the activity in contact information of the user U; adding the first number of users into a candidate list; transmitting a notification of the activity to users in the candidate list; wherein the contact information comprises at least one address book through which the user U communicates with a plurality of other users via at least one communication channel. In other embodiments of the present invention, there is further provided apparatuses for transmitting information. | 2016-02-25 |
20160057089 | Method and Apparatus for Managing Blind-Carbon-Copy Account Replies in E-Mail Communications - A apparatus and method for managing blind-carbon-copy replies in e-mail communications includes an electronic computing device configured to detect | 2016-02-25 |
20160057090 | DISPLAYING PRIVATE INFORMATION ON PERSONAL DEVICES - A computing device is described that includes one or more processors and at least one module operable by the one or more processors to determine whether the computing device is currently designated to display private information, receive an incoming communication, responsive to determining that the incoming communication includes private information, determine whether one or more individuals other than a user to whom the incoming communication is directed are proximate to the first computing device, and, responsive to determining that one or more individuals other than the user to whom the incoming communication is directed are proximate to the first computing device, determine, based on a type of the first computing device, whether to display private information. The at least one module is further operable by the one or more processors to, responsive to determining to display the private information, output, for display, an indication of the incoming communication. | 2016-02-25 |
20160057091 | ELECTRONIC COMMUNICATIONS MANAGEMENT SYSTEM AND METHOD - A system and methods that prioritize email based on the use of cryptographic signatures are described. The system can allow email to be received without blocking a subset of the email. When email is received, the system can determine whether the email is received from an approved user who has exchanged public keys with the email recipient and determines whether the email includes one or more cryptographic signatures. Emails with signatures that are successfully verified can be identified as having a higher priority level than emails without the cryptographic signatures. The emails with the higher priority level can be presented to the recipient in a priority inbox. Emails without the signatures can be placed in a different folder, which is not presented to the user by default, but can be presented to the user in response to a request from the user. | 2016-02-25 |
20160057092 | Event-Based Comment Grouping for Content Items - A method for event-based comment grouping for content items is disclosed. The method includes identifying comments corresponding to a content item, the comments comprising playback timestamp information transformed into selectable links to access a corresponding portion of the content item during playback of the content item, dividing the content item into a plurality of time interval segments, grouping the received comments into the time interval segments based on the playback timestamp information of each comment, selecting a time interval segment of the time interval segments, and providing comments corresponding to the selected time interval segment for display during playback of the content item. | 2016-02-25 |
20160057093 | METHOD AND APPARATUS FOR DISPLAYING CONTENT - A method is provided comprising: displaying a first screen including a plurality of messages received from at least a first contact and a second contact; detecting a selection of the first contact; in response to the selection, hiding from the first screen a first message in the plurality that is received from the first contact. | 2016-02-25 |
20160057094 | METHOD AND SYSTEM FOR MAINTAINING AND MANAGING SOCIAL CAPITAL - Methods, systems, and techniques managing a user's social capital to maximize his or her networking potential are provided. Example embodiments provide a SoCap application and tools to manage and maximize a user's capital. In one embodiment, the SoCap application facilitates making, managing, and/or nurturing connections through relationships with one or more individuals or business entities. Each entity is associated with an influence score that reflects, for example, the entity's connections to other entities, the strength of those connections, and the importance of the entity's affiliations with companies. In some embodiments, the SoCap application is a web-based application that leverages contacts from electronic mail applications, phone devices, social networks, professional networks, and CRM applications. | 2016-02-25 |
20160057095 | Methods and Systems for Providing Current Email Addresses and Contact Information for Members within a Social Network - Methods and systems for providing current email addresses or contact information to members within a social network are described. In one described method, an email program application requests an email address for a member within a social network. Using profile information associated with the member, the email address is provided to the email program application which sent the request. The email address is then entered into the send-to parameter field of an email message. In another described method, contact information associated with a first member of a social can be provided to a second member of the social network. The contact information is provided if the relationship between the first and second members is an authorized relationship. The contact information associated with the first member can be used to update the contact information for the first member in an electronic address book associated with the second member. | 2016-02-25 |
20160057096 | MOBILE SOCIAL INTERACTION - A question associated with a first user may be obtained. A search link may be determined based on content of the first question. A response may be obtained. Updates to a content graph may be initiated, including an addition of a question node and a first link indicating asking of the question by the first user, and an addition of a response node and a second link indicating an answer relationship between the question and the response, and a third link indicating answering of the question from a second user, the second user associated with the first user via a friend link indicating a friend connection relationship between nodes associated with the first user and the second user. | 2016-02-25 |
20160057097 | Controlling Notification Based on Power Expense and Social Factors - In one embodiment, a computer system determines a wireless transmit cost for each of one or more outgoing messages for a first user, and transmits to the first user's mobile device at least one of the one or more outgoing messages based on the mobile device's power state and respective wireless transmit costs of the one or more outgoing messages. | 2016-02-25 |
20160057098 | Reducing Broadcast Flooding in a Software Defined Network of a Cloud - A mechanism is provided for reducing network load in a software defined network. The mechanism is executed by a virtual machine hypervisor. The mechanism receives a network broadcast request sent by a source virtual machine node; acquires a first destination address in the network broadcast request; and reads a predefined mapping rule of the first destination address and a second destination address. An address of a node in the software defined network is configured by using the predefined mapping rule. The mechanism derives the second destination address corresponding to the first destination address according to the mapping rule. The mechanism responds to the network broadcast request by using the derived second destination address. | 2016-02-25 |
20160057099 | Computing Device with Remote Contact Lists - In one implementation a computer-implemented method includes generating a group of telephone contacts for a first user, wherein the generating includes identifying a second user as a contact of the first user based upon a determination that the second user has at least a threshold email-based association with the first user; and adding the identified second user to the group of telephone contacts for the first user. The method further includes receiving a first request to connect a first telephone device associated with the first user to a second telephone device associated with the second user. The method also includes identifying a contact identifier of the second telephone device using the generated group of telephone contacts for the first user, and initiating a connection between the first telephone device and the second telephone device using the identified contact identifier. | 2016-02-25 |
20160057100 | SYSTEM AND METHOD FOR AUTOMATIC CONFIGURATION OF DOMAIN NAMES BY THIRD PARTIES - Systems and methods for creating custom domain name links are provided. At least one server communicatively coupled to a network receives a request to create a custom domain name link to a third party service. The request identifies a custom domain name. The at least one server retrieves, from a third party service link database, an entry for the third party service specifying how to create the custom domain name link for the third party service and the at least one server creates the custom domain name link in accordance with the entry retrieved from the third party service link database. | 2016-02-25 |
20160057101 | ASSET DETECTION SYSTEM - A pluggable asset detection engine is used to identify devices within a network. The pluggable asset detection engine includes a set of pluggable discovery sensors and is adapted to identify particular address information of a particular computing device within a network, using a first pluggable discovery sensor in the set of discovery sensors, and send an identification of the particular address information of the particular computing device to an asset management system for inclusion of the particular address information in an asset repository managed by the asset management system. | 2016-02-25 |
20160057102 | Methods and System for Allocating an IP Address for an Instance in a Network Function Virtualization (NFV) system - A method for allocating an IP address for an instance in a NFV system includes obtaining a first requirement of IP address allocation from VNFD by a first node in the NFV system. A second requirement of IP address allocation for the instance is determined according to the first requirement. Then the second requirement is sent to a second node in the NFV system that allocates the IP address for the instance. | 2016-02-25 |
20160057103 | Correlating nameserver IPv6 and IPv4 addresses - Nameserver addresses are correlated in a multi-tier name server hierarchy comprising a first level authority for a domain, and one or more second level authorities to which the first level authority delegates with respect to a particular sub-domain associated with the domain. Preferably, the first level authority is IPv4-based and at least one second level authority is IPv6-based. The first level authority responds to a request issued by a client caching nameserver (a “CCNS”) and returns an answer that includes both IPv4 and IPv6 authorities for the domain. The CCNS is located at an IPv4 source address that is passed along to the first level authority with the CCNS request. The first level authority encodes the CCNS IPv4 source address in the IPv6 destination address of at least one IPv6 authority. Then, when the CCNS then makes a follow-on IPv6 request (with respect to the sub-domain) directed to the IPv6 authority, the IPv6 authority knows both the IPv6 address of the CCNS (as well as its IPv4 address. The IPv6 authority maintains the IPv4-IPv6 correlation. Over time, the IPv6 authority builds up a database of these CCNS IPv6-IPv4 associations. | 2016-02-25 |
20160057104 | Multiple Subscriber Videoconferencing System - A system, method, and device for use in videoconferencing. The method typically includes installing a videoconferencing services switch at an access point to an IP network, and registering a plurality of subscribers for videoconferencing services. Each subscriber typically has a plurality of endpoints. The method further includes receiving subscriber-specific settings to be applied to multiple videoconferencing calls from the plurality of endpoints associated with each subscriber. The method further includes storing the subscriber-specific settings at a location accessible to the switch, and configuring the switch to connect calls from the plurality of endpoints at each subscriber based on the corresponding subscriber-specific settings. | 2016-02-25 |
20160057105 | RELAY DEVICE, METHOD FOR SELECTING COMMUNICATION METHOD, AND PROGRAM - A connection setting server part | 2016-02-25 |
20160057106 | System and Method to use Common Addresses on Different Interfaces in a Management Controller without Conflict - A management controller includes a first data communication interface for communicating with a first network interface, a second data communication interface for communicating with a second network interface, and a processor. The first network interface provides a first network interface mode that permits a processing system to access a network, an operating system-to-management controller (OS-to-MC) pass-through mode that permits the management controller to access the processing system, and a network-to-management controller (Net-to-MC) pass-through mode that permits the management controller to access the network. The second network interface permits the management controller to access a management station. The management controller provides a common Media Access Control address and a common Internet Protocol address to the first data communication interface and to the second data communication interface without causing conflict on the network. | 2016-02-25 |
20160057107 | APPLICATION PROGRAMMING INTERFACE WALL - Application programming interfaces (APIs) can be unintentionally exposed and allow for potentially undesirable use of corporate resources. An API call filtering system configured to monitor API call requests received via an endpoint and API call responses received via a supporting service of an API or web service. The API call filtering system enables enterprises to improve their security posture by identifying, studying, reporting, and securing their APIs within their enterprise network. | 2016-02-25 |
20160057108 | METHOD FOR LOAD-BALANCING IPSEC TRAFFIC - Systems, methods and apparatus for distributing IPsec traffic across multiple IPsec processing units (PUs) by controllably allocating a specific range of one or more IPSec parameters of the IPsec traffic to each PU. | 2016-02-25 |
20160057109 | SECURE COMMUNICATION CHANNEL USING A BLADE SERVER - Systems and methods to manage a network include a security blade server configured to perform a security operation on network traffic, and a controller configured to virtualize a plurality of network devices. The controller is further configured to program the network traffic to flow through the security blade server to create a secure network channel. A software defined environment may includes an application program interface (API) used to program the flow of the network traffic. The controller may use the API to virtually and selectively position the security blade server as waypoint for the network traffic. | 2016-02-25 |
20160057110 | SECURITY CHALLENGE ASSISTED PASSWORD PROXY - Systems, apparatus, and methods of authentication utilizing contextual data to authenticate individuals and prevent security breaches are described herein. An example proxy engine may monitor interactions with a computing device to obtain contextual data unique to a user. The contextual data may be utilized to generate unique challenge questions in response to requests for access to a secure resource, and may eliminate the need for a user to remember credentials to access the resource. Challenge questions may be limited to a single use and vary in difficulty in proportion to the value of the resource. In response to correct responses to challenge question(s), the proxy engine may access a vault containing a credential authorizing access to the resource. The vault and proxy engine may be entirely contained on the computing device or they may be implemented on a remote apparatus accessed via an application or interface on the computing device. | 2016-02-25 |
20160057111 | CLIENT/SERVER SECURITY BY AN INTERMEDIARY RENDERING MODIFIED IN-MEMORY OBJECTS - In an embodiment, a method comprises intercepting, from a server computer, a first set of instructions that define one or more objects and one or more operations that are based, at least in part, on the one or more objects; generating, in memory, one or more data structures that correspond to the one or more objects; performing the one or more operations on the one or more data structures; updating the one or more data structures, in response to performing the one or more operations, to produce one or more updated data structures; rendering a second set of instructions, which when executed by a remote client computer cause the remote client computer to generate the updated data structures in memory on the remote client computer, wherein the second set of instructions are different than the first set of instructions; sending the second set of instructions to the remote client computer. | 2016-02-25 |
20160057112 | INFORMATION PROCESSIING DEVICE, INFORMATION PROCESSING METHOD, AND PROGRAM - Provided is an information processing device including: a data processing unit that performs a content playback process; and a communication unit that communicates with a server, wherein the content is content that has a segment region configured with a plurality of pieces of variation data which can be respectively decrypted by different keys, and for which a plurality of playback paths can be configured according to variation data which is selected as a playback object, wherein each piece of variation data is data for which a variation data identifier can be analyzed from decrypted data, and wherein the data processing unit receives playback path information which is allowed to be played from the server through the communication unit, and selects variation data from the segment region so as to perform content playback, according to the playback path information received from the server. | 2016-02-25 |
20160057113 | ENCRYPTION METHOD AND INFORMATION PROCESSING DEVICE - An encryption method for packaging, encrypting, and transmitting a plurality of contents included in a web application to a communication device, the encryption method includes: acquiring performance information relating to performance of the communication device; determining, by circuitry, an encryption algorithm to be applied to each of the plurality of contents, based on the performance information; performing first encryption processing on the plurality of contents using the encryption algorithm respectively; performing second encryption processing on identification information that identifies the encryption algorithm used for the plurality of contents respectively; packaging encrypted contents and encrypted identification information, the encrypted identification information being stored in a location specified by the communication device; and transmitting the encrypted contents and the encrypted identification information, which are packaged, to the communication device. | 2016-02-25 |
20160057114 | CRYPTOGRAPHIC COMMUNICATION DEVICE, CRYPTOGRAPHIC COMMUNICATION METHOD, AND NON-TRANSITORY STORAGE MEDIUM STORING PROGRAM - When a device is connected to a home gateway, if a common connection method is selected, a not-high-security connection method is inevitably selected even for a connection of a high-capability device. In a cryptographic communication system according to the present disclosure, it is possible to select a high-security connection method taking into account a processing capability of the device. Furthermore, the connection method is allowed to be updated and thus when the security level of the connection method hitherto selected is imperiled, the connection method may be updated so as to maintain a high security level. | 2016-02-25 |
20160057115 | INTELLIGENT SECURITY ANALYSIS AND ENFORCEMENT FOR DATA TRANSFER - An approach is provided for managing a message being transferred from a mobile device. A sensitivity level of data in the message payload is determined prior to sending the message to a wireless access point (WAP) en route to a destination device. If the payload data has a first sensitivity level, the mobile device sends the message to a first secure WAP having encryption at a threshold strength at a network layer and utilizes a protocol having encryption at an application layer. If the data has a second sensitivity level, the mobile device (a) sends the message to the first secure WAP without utilizing the protocol or (b) sends the message to a second, less secure WAP having encryption at a lesser strength and utilizes the protocol. If the data has a third sensitivity level, the mobile device sends the message to the second WAP without utilizing the protocol. | 2016-02-25 |
20160057116 | METHOD FOR NETWORK COMMUNICATION PAST ENCRYPTION DEVICES - This disclosure is directed to techniques for providing communication between devices in different networks wherein the communication must first pass through an encryption mechanism and the devices do not have the stand-alone capability to encrypt or decrypt the communication. According to these techniques, an adapter may determine certain fields in a data packet that remain unencrypted when the data packet passes through the encryption mechanism. The adapter may then process those fields in such a way that, when the data packets are received by a second adapter, the second adapter may read those fields and obtain information. | 2016-02-25 |
20160057117 | SYSTEM AND METHOD FOR MANAGING SECURE COMMUNICATIONS IN AN AD-HOC NETWORK - The present invention provides a system and method for managing secure communications in an ad-hoc network having three or more users including a first user, a second user and a third user. Each user is associated with at least one communication device, and has a set of keys associated with the user for managing secure communications between the at least one communication device of the user and the at least one communication device of another one of the three or more users. Each set of keys includes a private key and a public key, where the public key is shared with the communication device of the other ones of the three or more users with which the user has been authenticated, and the private key is used to decrypt communications encrypted using the corresponding public key from the same set of keys. When the second user of the three or more users has been authenticated by the first user, in addition to receiving the associated public key of the second user, the first user receives a value defining a share authority level, which defines the authority of the first user relative to the second user to provide peer key sharing with the third user. | 2016-02-25 |
20160057118 | COMMUNICATION SECURITY SYSTEM AND METHOD - A communication security system includes a secure communication application module and a chip module. The communication security system is installed in a mobile device. Accordingly, the communication security system of the present invention allows mobile devices of users to encrypt and decrypt communication data between the users. A communication security method includes the steps of generating keys, requesting a key exchange by a first mobile device, receiving a key exchange by a second mobile device, receiving a key exchange by the first mobile device, activating a key by the second mobile device, activating a key by the first mobile device, and starting secure communication between the first and second devices. Thus, the encrypted communication can avoid theft and unauthorized falsification. | 2016-02-25 |
20160057119 | METHOD AND APPARATUS FOR SECURE DELEGATION OF COMPUTATION - A method for delegating a computational burden from a computationally limited party to a computationally superior party is disclosed. Computations that can be delegated include inversion and exponentiation modulo any number m. This can be then used for sending encrypted messages by a computationally limited party in a standard cryptographic framework, such as RSA. Security of delegating computation is not based on any computational hardness assumptions, but instead on the presence of numerous decoys of the actual secrets. | 2016-02-25 |
20160057120 | SYSTEM AND METHOD TO ENABLE PKI- AND PMI- BASED DISTRIBUTED LOCKING OF CONTENT AND DISTRIBUTED UNLOCKING OF PROTECTED CONTENT AND/OR SCORING OF USERS AND/OR SCORING OF END-ENTITY ACCESS MEANS - ADDED - A central server configured with an Attribute Authority (“AA”) acting as a Trusted Third Party mediating service provider and using X.509-compatible PKI and PMI, VPN technology, device-side thin client applications, security hardware (HSM, Network), cloud hosting, authentication, Active Directory and other solutions. This ecosystem results in real time management of credentials, identity profiles, communication lines, and keys. It is not centrally managed, rather distributes rights to users. Using its Inviter-Invitee protocol suite, Inviters vouch for the identity of Invitees who successfully complete the protocol establishing communication lines. Users establish and respond to authorization requests and other real-time verifications pertaining to accessing each communication line (not end point) and sharing encrypted digital files. These are auditable, brokered, trusted-relationships where such relationships/digital agreements can each stand-alone (for privacy) or can leverage build-up of identity confidence levels across relationships. The service is agnostic to how encrypted user content is transported or stored. | 2016-02-25 |
20160057121 | SECURED NETWORK ARCHITECTURE - A secure storage for an X.509v3 digital certificate is provided ( | 2016-02-25 |
20160057122 | WIRELESS OUT-OF-BAND AUTHENTICATION FOR A CONTROLLER AREA NETWORK - In one embodiment, a method comprising without user intervention: receiving encrypted first information from a device over a wired medium; decrypting the encrypted first information; and communicating second information over a wireless medium based on the first information. | 2016-02-25 |
20160057123 | PUSHING A VIRTUAL DESKTOP SESSION FROM AN AUTHENTICATED DEVICE USING IMAGE SCANNING - Image scanning and encoding technologies can be utilized to authenticate devices to virtual desktops and to transfer virtual desktop sessions between devices. One device (e.g., PC or laptop) may encode certain information into an image that is displayed on a display screen, while another mobile device equipped with a digital camera (e.g., mobile phone or tablet) can be used to scan the image on the display screen. Once the image is scanned, it can be decoded by the mobile device to get the information encoded in the image (e.g., device ID, session ID, etc.). The information obtained from the image can be used to authenticate a device or to transfer a virtual desktop session between the devices. | 2016-02-25 |
20160057124 | System and Method for Authentication in Distributed Computing Environments - The present invention relates to a method and system for managing profiles for use with touch systems. A user logs into a communal device using a pointer paired with a mobile device. The communal device is authenticated and retrieves the user's profile. The user profile is used to setup a workspace on the communal device. The workspace is granted access to the user's content on a content server. When the communal device has multiple users, each workspace may be shared or not depending on the user's requirements. Each pointer is individually identified to a particular user and workspace. | 2016-02-25 |
20160057125 | INFORMATION PROCESSING METHOD AND SYSTEM - Disclosed are an information processing method and system. The first terminal sends operation request information to an electronic signature token. The electronic signature token generates a joint password and a signature message, adjusts the joint password to obtain a first processing password, and sends the signature message and the first processing password to the first terminal. The first terminal notifies a first verification device to verify the signature message, and if the verification is successful, the first verification device notifies a background system server to preprocess the operation request information for obtaining preprocessed information. The electronic signature token outputs prompt information. A second terminal obtains the joint password according to the prompt information and notifies a second verification device to verify the joint password, and if the verification is successful, the second verification device triggers the background system server to perform a response process of the operation request information. | 2016-02-25 |
20160057126 | ESTABLISHING AND MAINTAINING AN IMPROVED SINGLE SIGN-ON (SSO) FACILITY - A login page is sent, by a backend server system, to a browser executing on a client associated with a user; and an authentication process is performed by the backend server system with the client. The logic page is intercepted by a proxy, and a modified logic page is generated by the proxy by adding a routine to the logic page. The modified logic page is forwarded to the browser, and the routine causes the browser to loads an asynchronous engine configured to execute a login process with an authentication profiling service to retrieve login information for the back-end server, and complete the authentication process. | 2016-02-25 |
20160057127 | APPARATUS AND METHOD FOR SECURE AUTHENTICATION OF A COMMUNICATION DEVICE - A system that incorporates the subject disclosure may perform, for example, receiving a baseline credential and an external credential, mapping the external credential to the baseline credential in a secure element memory, receiving a request for an authentication from a secure device processor of the communication device where the request for the authentication includes a user credential inputted into the communication device, comparing the user credential with the baseline credential to verify the authentication, and providing the authentication and the external credential to the secure device processor without providing the baseline credential to enable the secure device processor to provide the external credential to an external entity device that is remote from the communication device. Other embodiments are disclosed. | 2016-02-25 |
20160057128 | STRENGTH-BASED PASSWORD EXPIRATION - A password application system receives a credential for a first privilege of a plurality of privileges whereby the first privilege corresponds to a first set of credential requirements and the plurality of privileges have a second privilege that corresponds to a different set of credential requirements. The system determines whether the credential for the first privilege satisfies the first set of credential requirements. If the credential satisfies this set of credential requirements, the system enables the credential to be used for access in accordance with the first privilege. | 2016-02-25 |
20160057129 | ADAPTIVE POLICIES AND PROTECTIONS FOR SECURING FINANCIAL TRANSACTION DATA AT REST - A system, method, and computer-readable medium for challenge-response authentication are provided. A plurality of codes is received over a communication network based on input provided by way of a user interface displaying a plurality of images. An alphanumeric string is generated based on the received plurality of codes and based on a table that associates each one of the plurality of codes with a respective one of the plurality of images and with a respective one of a plurality of alphanumeric characters. A determination is made as to whether to grant authorization based on whether the generated alphanumeric string matches an alphanumeric user identifier stored in a memory device in association with a user. | 2016-02-25 |
20160057130 | SINGLE SIGN-ON TO WEB APPLICATIONS FROM MOBILE DEVICES - A mobile device may include an authenticator and a processor. The authenticator may store a first secret corresponding to a second secret stored on a server and generating a key based upon the first secret. The processor may embed the key in data communicated to the server to request access from the server. | 2016-02-25 |
20160057131 | SECURE CONNECTION CERTIFICATE VERIFICATION - One or more computer processors identify a first certificate that is used to establish a secure Internet connection. One or more computer processors identify a stored second certificate that shares at least one attribute with the first certificate. One or more computer processors determine a policy action based, at least in part, on a result of a comparison between an attribute of the first certificate and an attribute of the second certificate. | 2016-02-25 |
20160057132 | MANAGEMENT OF DIGITAL CERTIFICATES - Various embodiments are directed to a computer-implemented method for displaying a map of certificate relationships. A method can include retrieving certificate information for two or more servers and storing the retrieved certificate information in a memory. In addition, the method can include receiving a command to generate a map of certificate relationships. The command includes a command scope that identifies at least a first server of the two or more servers. Further, the method can include generating the map from the retrieved certificate information and rendering the map on a display device. The map includes the first server and a device having a certificate relationship with the first server. | 2016-02-25 |
20160057133 | SECURE CONNECTION CERTIFICATE VERIFICATION - One or more computer processors identify a first certificate that is used to establish a secure Internet connection. One or more computer processors identify a stored second certificate that shares at least one attribute with the first certificate. One or more computer processors determine a policy action based, at least in part, on a result of a comparison between an attribute of the first certificate and an attribute of the second certificate. | 2016-02-25 |
20160057134 | Updating of a Digital Device Certificate of an Automation Device - The invention relates to an automation device ( | 2016-02-25 |
20160057135 | ACCESSING VIRTUAL DESKTOPS VIA IMAGE SCANNING - Image scanning and encoding technologies can be utilized to authenticate devices to virtual desktops and to transfer virtual desktop sessions between devices. One device (e.g., PC or laptop) may encode certain information into an image that is displayed on a display screen, while another mobile device equipped with a digital camera (e.g., mobile phone or tablet) can be used to scan the image on the display screen. Once the image is scanned, it can be decoded by the mobile device to get the information encoded in the image (e.g., device ID, session ID, etc.). The information obtained from the image can be used to authenticate a device or to transfer a virtual desktop session between the devices. | 2016-02-25 |
20160057136 | COMPUTER NETWORK SYSTEM WITH SINGLE-KEY QUICK SECURE LOGIN FUNCTION - A computer network system with single-key quick secure login includes an end-use intelligent communication device with a control interface; an account number and password management software, executed in the communication device, encrypting and saving the account number and password data entered by the user; a login key, located in the control interface, so as to obtain and send out the encrypted account number and password data by single-key operation; a decryption server, decrypting the encrypted account number and password data; and an application server, receiving the account number and password data decrypted by the decryption server. Therefore, when the user wants to log in the application server, he presses the login key, the encrypted account number and password can be sent to the decryption server for decryption, so as to prevent the hackers from stealing the data entered by the user, and the login is quick and more convenient. | 2016-02-25 |
20160057137 | MULTI-FACTOR AUTHENTICATION TECHNIQUES - An authentication technique with a teaching phase and authentication phase. In the teaching phase, authentication information is collected for a user in at least two categories, wherein one category relates to measurable physical characteristics of the user, another category relates to communication resources available to the user; and a third category relates to knowledge possessed by the user. In the authentication phase, some of the collected authentication information is used to formulate challenge(s) for presentation to the user. Response(s) to the formulated challenge(s) is/are received from the user and correctness of the received response is determined based at least partially on comparison with at least a portion of the collected authentication information. A correctness metric is calculated for the response(s). The user is authenticated if the correctness metric meets or exceeds a first threshold value. | 2016-02-25 |
20160057138 | SYSTEM AND METHOD FOR DETERMINING LIVENESS - Systems and methods are provided for recording a user's biometric features and determining whether the user is alive (“liveness”) using mobile devices such as a smartphone. The systems and methods described herein enable a series of operations whereby a user using a mobile device can capture a sequence of images of a user's face. The mobile device is also configured analyze the imagery to identify and determine the position of facial features within the images and the changes in position of features throughout the sequence of images. Using the change in position of the features, the mobile device is further configured to determine whether the user is alive by identifying gestures and comparing the identified gestures to a prescribed combination of facial gestures that are uniquely defined for the particular user. | 2016-02-25 |
20160057139 | COMMUNICATION SESSION TRANSFER BETWEEN DEVICES - Methods and apparatuses, including computer program products, are described for communication session transfer between a plurality of computing devices. A first computing device detects a presence of a second computing device in proximity to the first device, where the first device has established a first session with a remote computing device, and obtains first user authentication data. The first device establishes a wireless connection to the second device. A first token is transmitted to the second device. A second token and second user authentication data are received from the second device. The tokens and the user authentication data is authenticated. The first device transmits, to the second device, information indicating a state of the first communication session to enable the second device to establish a second communication session with the remote device, where the second communication session is established using the state of the first communication session. | 2016-02-25 |
20160057140 | MULTIDEVICE AUTHENTICATION - Aspects of the invention can log a user into a primary device in a more efficient manner. For example, aspects of the invention may eliminate the need for the user to supply user credentials directly to a primary device. Instead, the companion device recognizes relevant primary devices located proximate to the companion device and automatically initiates a user login to the primary device without user intervention. Aspects of the invention can automatically login a user to known and unknown primary devices. | 2016-02-25 |
20160057141 | NETWORK SYSTEM COMPRISING A SECURITY MANAGEMENT SERVER AND A HOME NETWORK, AND METHOD FOR INCLUDING A DEVICE IN THE NETWORK SYSTEM - The network system comprises a security management server and a first device is added to the network system by creating a one-time code on the security management server, which is used for connecting the device to the security management server. A server certificate is sent to the device, and a user device certificate generated in the device is sent to the security management server. The user device certificate is signed with an administrator key on the security management server, which signed user device certificate is sent from the security management server to the device and which is used by the device for communication with a further device of the network system. The network system is in particular a secured home network. | 2016-02-25 |
20160057142 | COMMUNITY-BASED DE-DUPLICATION FOR ENCRYPTED DATA - Technologies for de-duplicating encrypted content include fragmenting a file into blocks on a computing device, encrypting each block, and storing each encrypted block on a content data server with associated keyed hashes and member identifications. The computing device additionally transmits each encrypted block with an associated member encryption key and member identification to a key server. As part of the de-duplication process, the content data server stores only one copy of the encrypted data for a particular associated keyed hash, and the key server similarly associates a single member encryption key with the keyed hash. To retrieve the file, the computing device receives the encrypted blocks with their associated keyed hashes and member identifications from the content data server and receives the corresponding member decryption key from the key server. The computing device decrypts each block using the member decryption keys and combines to blocks to generate the file. | 2016-02-25 |
20160057143 | FAMILIAR DYNAMIC HUMAN CHALLENGE RESPONSE TEST CONTENT - Embodiments of the invention are directed to human challenge response test delivery systems and methods. Specifically, embodiments of the present invention are directed to secure human challenge response test delivery services of configurable difficulty for user devices. One embodiment of the present invention is directed to methods and systems for implementing a familiar and dynamic human challenge response test challenge repository created from transaction data. The dynamic human challenge response test challenge repository may be created by a server computer receiving a plurality of transaction data. Challenge items may be extracted from the transaction data using an extraction algorithm. Furthermore, in some embodiments a challenge message may be sent to a requestor, a verification request may be received, and the verification request may be compared to the challenge message. Another embodiment may be directed at using user information in a human challenge response test to mutually authenticate a user and a service provider. | 2016-02-25 |
20160057144 | DETERMINING USER AUTHENTICATION REQUIREMENTS ALONG A CONTINUUM BASED ON A CURRENT STATE OF THE USER AND/OR THE ATTRIBUTES RELATED TO THE FUNCTION REQUIRING AUTHENTICATION - Systems, apparatus, methods, and computer program products are provided for determining a user's authentication requirements/credentials for function requiring authentication based on determining a location along an authentication continuum. The location along the authentication continuum defines the degree of authentication/credentials required to access the function and is determined based on a current state of the user and/or function attributes. The more or less that is known about the current state of the user the more or less likely the user is the user that is attempting to access the function and, thus, the authentication requirements required to access the function can be adjusted according (increased or decreased). | 2016-02-25 |
20160057145 | SYSTEMS AND METHODS FOR AUTHENTICATION USING A DEVICE IDENTIFIER - Systems and methods are disclosed which may allow a user having a mobile device to automatically authenticate to a server using a device identifier associated with the mobile device. An access point may be configured to send the device identifier as well as additional identifying information to the server so that the device identifier can be accurately matched to the mobile device. Then, when the mobile device submits a credential during authentication, the device identifier and the credential may be matched such that the next time the server receives the device identifier from the access point, the mobile device may be automatically authenticated. | 2016-02-25 |
20160057146 | SYSTEMS AND METHODS FOR MULTI-STAGE IDENTITY AUTHENTICATION - Certain implementations of the disclosed technology may include systems and methods for multi-stage identity authentication. A method is provided that includes receiving a set of identity information associated with a subject and querying one or more public or private databases with at least a portion of the set of identity information. The method includes receiving independent information responsive to the querying. The method includes determining zero or more first indicators of fraud risk and producing one or more identity proofing queries derived from the independent information. Based at least in part on a comparison of the one or more proofing queries and a query response, the method includes determining zero or more second indicators of fraud risk and evaluating a fraud score. Responsive to evaluating the fraud score, the method includes initiating one or more of authentication enrollment and multi-factor authentication of the subject. | 2016-02-25 |
20160057147 | MODIFYING PERMISSION TREES IN A VIRTUALIZATION ENVIRONMENT - A processing device receives a permission request indicating a user and an entity. The processing device modifies a permissions database to generate a modified database view. Using the modified database view, the processing device determines whether the user has permission to access the entity and returns an indication of whether the user has permission to access the entity. | 2016-02-25 |
20160057148 | Computer Implemented Methods And Apparatus For Providing Access To An Online Social Network - Disclosed are systems, apparatus, methods, and computer-readable storage media for providing access to an online social network. The online social network can be specific to an organization having one or more internal users. In some implementations, a request message is received from a requesting user to access social network data of the online social network. The requesting user is identified as an external user of the organization, and it is determined that the requesting user has an authorized status. Access to only a portion of the social network data is provided to the authorized requesting user. | 2016-02-25 |
20160057149 | Device-Based Authentication For Secure Online Access - Methods, systems, and computer-readable media for providing device-based authentication for secure online access are provided. An authentication request is received from an online service. The authentication request may be associated with a login request received by the online service from a user. The authentication request may further indicate a list of device identifiers for computing devices connected to a provider network and previously designated by the user as authorized to access the online service. Communication logs collected from the provider network are analyzed to determine whether the login request originated from one of the authorized computing devices based on the list of device identifiers. If it is determined that the login request originated from one of the authorized computing devices, an indication is returned to the online service that the login request was received from an authorized computing device. | 2016-02-25 |