16th week of 2020 patent applcation highlights part 47 |
Patent application number | Title | Published |
20200117729 | TECHNIQUE FOR GENERATING A CHANGE CACHE DATABASE UTILIZED TO INSPECT CHANGES MADE TO A REPOSITORY - In one embodiment, techniques are provided for generating a change cache database utilized to inspect changes made to a repository. Specifically, each of a plurality of client devices may maintain and make changes to a local briefcase representing an infrastructure and obtained from the repository. Information associated with each of the changes may be maintained and stored in a changeset at the client device and then transmitted and stored at a modeling hub services software. A change cache database may be generated at a client device based on locally generated changesets and/or received changesets. The change cache database includes a plurality of tables that store summary information from the changesets. The client device that generated and stores the change cache database may search the change cache database to determine what changes have been made to the repository. | 2020-04-16 |
20200117730 | DATABASE MANAGEMENT - A database management system (DBMS) comprises one or more transaction processing engines (such as SQL engines) configured to execute a series of database transactions, each being executed according to one or more commands received in at least one transaction execution message so as to cause a change of state of the database from a previous state to a new state. The DBMS is configured to generate a series of transaction log records and provide the series of transaction log records to a blockchain network for storing in a blockchain secured by the blockchain network. Each transaction log record corresponds to one of the database transactions and comprises (i) the one or more commands according to which it was executed and (ii) results of its execution. The series of transaction log records constitutes an immutable audit log from which database is fully recoverable for auditing purposes. | 2020-04-16 |
20200117731 | SYSTEM FOR PERFORMING A LINEAGE CONTROL IN A DATA NETWORK - A system for validating a dataflow graph is disclosed. The system receives an input dataflow graph and compares the input dataflow graph to each of a plurality of pre-learned dataflow graphs. Each of the pre-learned dataflow graphs is associated with an occurrence rate. Then, the system identifies a pre-learned dataflow graph that matches the input dataflow graph and identifies an occurrence rate associated with the pre-learned dataflow graph. The system compares the occurrence rate with a pre-defined threshold for validating the input dataflow graph. If the occurrence rate exceeds the pre-defined threshold, the system determines that the input dataflow graph is a valid dataflow graph. | 2020-04-16 |
20200117732 | ANALYSIS AND DETERMINATION OF RELATIVE CONSISTENCY OF IDENTIFIED RELATIONSHIPS - Techniques for analysis of relationship consistency are provided. A plurality of relationships is extracted from a plurality of documents, and a binary matrix is generated based on the plurality of relationships. A first relationship, of the plurality of relationships, is identified to be verified. A score of the first relationship in the binary matrix is set to a predefined value. Further, a factorization is performed on the binary matrix to produce a first matrix and a second matrix. A first consistency score is calculated for the first relationship by multiplying at least a portion of the first matrix and a second matrix. The first consistency score is ranked as compared to at least one other consistency score associated with at least one other relationship of the plurality of relationships. Finally, an indication of the first relationship is provided, based on the ranking. | 2020-04-16 |
20200117733 | BLOCKCHAIN INTEGRATION LAYER - A blockchain integration layer uses mappings, for each blockchain of a plurality of blockchains, to integrate blockchain data into a database. A user interface may be presented that allows a user to view the blockchain data from the database, create data for the blockchain in the database, or both. Based on the created data for the blockchain in the database, the blockchain integration layer may modify the blockchain to store the created data. Standardized mappings are used to define the transformations to be used to convert data stored in blockchain blocks into a usable format for external systems. A set of JavaScript object notation (JSON) objects, one for each supported message type, may be used to define the set of transformations to support a blockchain. Using multiple sets of JSON objects, the blockchain integration layer integrates multiple blockchains with the external systems. | 2020-04-16 |
20200117734 | PERFORMING ROOT CAUSE ANALYSIS FOR INFORMATION TECHNOLOGY INCIDENT MANAGEMENT USING COGNITIVE COMPUTING - Methods and systems for performing root cause analysis for information technology incident management using cognitive computing are disclosed. A method includes: generating, by a computing device, a cache including a plurality of links between causes and solutions; obtaining, by the computing device, information about a current incident; generating, by the computing device, search keys from the information about the current incident using natural language processing; searching, by the computing device, the cache using the search keys; iteratively generating, by the computing device, new search keys using results from a previous search and searching the cache using the new search keys; and displaying, by the computing device, solutions based on results from the searching and the iteratively generating and searching. | 2020-04-16 |
20200117735 | METHOD FOR IDENTIFYING COMPLEX TEXTUAL PATTERNS CONTAINING KEYWORDS WITHIN DATA RECORDS - Technology for the improved processing of search queries is provided. Embodiments of the present invention are directed to simple and efficient methods, system, and computer storage media for improving search systems to find relevant search results based on the one or more keywords of the search query. Chain search metadata is used to complete a search query. The chain search metadata includes links that comprise the chain structure and define how a search is performed. Each link include a trie data structure and maximum keyword length, before section, and an after section. In one embodiment a search is performed first from the collected execution metrics. | 2020-04-16 |
20200117736 | ENABLING DATA FORMAT SPECIFIC DATABASE FUNCTIONALITIES OVER EXISTING DATA TYPES BY MARKING OPERAND VALUES - Functionalities of new data types are enabled for data stored using native data types (“recognized data types”) supported by DBMSs. Values having a latent data type may be stored using a recognized data type of a DBMS. That is, a value stored in a database table may be recognized by a DBMS as having a recognized data type (e.g., character string) but the value may also include information that indicates the value conforms to a particular latent data type. DBMSs compile database statements. The database statement can contain multiple expressions that may specify a latent data type or that may have a recognized data type but that also imply latent data types. By determining that various expressions have latent data types, operations that rely on the expressions as having a latent data type may be validated in a query and executed accordingly. | 2020-04-16 |
20200117737 | FAST HETEROGENEOUS MULTI-DATA SOURCE SEARCH AND ANALYTICS - Embodiments of the present invention provide for a method, system and computer program product for fast heterogeneous multi-data source search and analytics. In an embodiment of the invention, a method includes receiving a specification of multiple different data sources in a search and analytics engine, establishing communicative links between the engine and the data sources, and identifying a data source type and corresponding data fields storing respective data for each data source. The method further includes specifying a multi-hop graph traversal query implicating data across the different data sources, decomposing the query into constituent components and mapping each of the constituent components to each of the data sources based upon the corresponding data fields. The method even further includes formulating a specific query for each of the data sources, transmitting each query to each data source and populating in a knowledge graph each result set received for each query. | 2020-04-16 |
20200117738 | SEMANTIC CONCEPT DISCOVERY OVER EVENT DATABASES - A concept discovery method, system, and computer program product include preparing a concept index for concepts built over a set of input data having input terms, building a vector representation of the concepts in the input data, receiving a set of query terms as an additional input, mapping the set of query terms to the concepts in the concept index, calculating at least one of a co-occurrence score for each of the concepts in the concept index by measuring their frequency of co-occurrence with the input terms' concepts and a similarity score for each of the concepts in the concept index by measuring the similarity of their vector representations according to a vector similarity measure, and ranking the concepts with respect to their relevance to the input terms by the at least one of the co-occurrence score and the similarity score. | 2020-04-16 |
20200117739 | ARTIFICIAL INTELLIGENCE BASED PROBLEM DESCRIPTIONS - Techniques regarding providing artificial intelligence problem descriptions are provided. For example, one or more embodiments described herein can comprise a system, which can comprise a memory that can store computer executable components. The system can also comprise a processor, operably coupled to the memory, and that can execute the computer executable components stored in the memory. The computer executable components can include, at least: a query component that generates key performance indicators from a query, determines a subset of key performance indicators that individually have a performance below a threshold, and maps the subset of key performance indicators to operational metrics; a learning component that generates, using artificial intelligence, problem descriptions from one or more of the subset of key performance indicators or the operational metrics and transmits the problem descriptions to a database. | 2020-04-16 |
20200117740 | DATA ANALYTICS PLATFORM WITH INTERACTIVE NATURAL LANGUAGE QUERY INTERFACE - A data analytics system comprises a data source configured to store a plurality of data sets. A dialog manager generates a context-based data query responsive to identifying a context of a natural language query based, at least in part, on a prior natural language query within a conversation. An analytics engine is configured to run queries on the data source responsive to the context-based data query and then generate an output result. The dialog manager generates an interactive data visualization of the output result with a prompt for a follow-up query on the data source. The prompt for the follow-up query is related to the context of the natural language query. | 2020-04-16 |
20200117741 | TRANSFER BETWEEN DIFFERENT COMBINATIONS OF SOURCE AND DESTINATION NODES - According to a present invention embodiment, items are transferred between source and destination nodes. A search is performed for one or more source nodes and one or more destination nodes based on search criteria. Graphical representations of the source and destination nodes resulting from the search are generated and presented on a user interface. A graphical connector is manipulated to connect a first quantity of source nodes to a second quantity of destination nodes on the user interface, wherein at least one from a group of the first quantity and the second quantity represent a plurality of nodes from the user interface. One or more items are transferred from the first quantity of source nodes to the second quantity of destination nodes based on connections indicated by the graphical connector. | 2020-04-16 |
20200117742 | DYNAMICALLY SUPPRESSING QUERY ANSWERS IN SEARCH - A method for determining whether to dynamically suppress a candidate query answer designated for inclusion in search results includes instantiating a plurality of filtering rules for assessing suppression of a candidate query answer. The filtering rules include one or both of a pattern rule and a site rule. The method further comprises receiving a query, and, after receiving the query, retrieving one or more candidate query answers previously associated with the query. The method further comprises, for each candidate query answer, dynamically suppressing the candidate query answer from a curated position having enhanced prominence within search results relative to a plurality of other result entries, if either or both of a pattern rule and a site rule match the query. The method further includes returning search results including up to one candidate query answer in the curated position, responsive to a candidate query answer not being dynamically suppressed. | 2020-04-16 |
20200117743 | ISOLATING A NETWORK STACK FOR PLUGGABLE DATABASES - Techniques are described herein for isolating a network stack in a multitenant container DBMS. A first and second pluggable database are established within a container database. A first network stack is assigned to the first pluggable database and a second network stack is assigned to the second pluggable database. A request is received to connect to the first pluggable database and a connection is established to the first pluggable database using the first network stack. A request is received to connect to the second pluggable database and a connection is established to the second pluggable database using the second network stack. | 2020-04-16 |
20200117744 | COUNTER-BASED COMPACTION OF KEY-VALUE STORE TREE DATA BLOCK - Aspects of the present disclosure provide for operations of a key-value tree data structure that merges key-value pair data of a node, in a key-value tree data structure using counter values. | 2020-04-16 |
20200117745 | DYNAMIC DATA MOVEMENT USING APPLICATION RELATIONSHIPS WITH ENCRYPTION KEYS IN DIFFERENT ENVIRONMENTS - A method by a computer of a computing system to import or export data while maintaining relationships is provided. A request is received export data from a source database or import data to a destination database. When the request is a request to export data, the export data and data to be excluded from exporting is determined. An extraction pointer to the export data and an exclusion pointer to the data to be excluded from export is determined. An export JSON object is created that includes export relationships, the location of the export data, the location of data to be excluded, and input values for source database tables that are designated as export visitable tables. The export visitable tables are prepared to support export of the export data, which is extracted to a designated format while preserving the export relationships the data to export has with the export visitable tables. | 2020-04-16 |
20200117746 | SYSTEM FOR TRANSFORMATION OF DATA STRUCTURES TO MAINTAIN DATA ATTRIBUTE EQUIVALENCY IN DIAGNOSTIC DATABASES - The invention provides a comprehensive data transformation system, method and computer program product structured for transformation of data structures to maintain data attribute equivalency in diagnostic databases. In some embodiments, the present invention is configured to determine a first source data structure based on at least received user information. The source data structure is typically comprises a comprising a first coding type. In addition, the present invention is configured to determine one or more source attributes associated with the first source data structure. Moreover, the present invention is configured for transforming the first source data structure to a first target data structure of a second coding type such that one or more target attributes associated with the first target data structure are equivalent to the one or more source attributes. | 2020-04-16 |
20200117747 | ACTOR-BASED INFORMATION SYSTEM - A method for accessing information. A computer system receives a request for a piece of the information stored in a location between client computer systems and sources of the information. The information has formats for the information in the location. The formats for the information are controlled by the sources of the information. Each of the sources is assigned to control a group of portions of the information in the location. The computer system identifies the piece of the information corresponding to the request. The computer system returns a response to the request for the piece of the information, enabling simplifying access to the information in different formats. | 2020-04-16 |
20200117748 | SYNCHING AND READING ARRANGEMENTS FOR MULTI-REGIONAL ACTIVE/ACTIVE DATABASES - Improvements enabling real-time or near-real-time synching of data of one region's DB with another region's DB, especially when server arrangements associated therewith do not allow multiple masters to access and write to their respective DBs. Further, the examples are directed to improvements enabling synching of data from one regional server arrangement to another and vice versa, without replicating a same write data redundantly back into the DB which had originally written such data. | 2020-04-16 |
20200117749 | INTELLIGENT SPACE RELEASE IN ASYNCHRONOUS MIRROR JOURNAL VOLUMES - A method for more intelligently managing storage space in journal volumes is disclosed herein. In one embodiment, such a method includes maintaining, on a primary storage system, a change recording data structure that documents updated storage elements of a primary volume on the primary storage system. The method further determines in which extents of the primary volume the updated storage elements reside. These extents are recorded in an extent-based data structure. The method transmits the extent-based data structure from the primary storage system to a secondary storage system that is in an asynchronous mirroring relationship with the primary storage system. The extent-based data structure is then read at the secondary storage system. The method frees, from a journal volume on the secondary storage system, extents that are not recorded in the extent-based data structure. A corresponding system and computer program product are also disclosed herein. | 2020-04-16 |
20200117750 | Highly Resilient Synchronous Replication With Automatic Recovery - In one aspect, automatic recovery of a synchronous replication session in response to an error is provided for a storage system that includes a source and target sites. During an active sync replication session in which a state machine indicates the system is operating in sync, an aspect includes monitoring input/output (IO) operations. Upon determining an occurrence of the error in which data has been persisted at the source site but not at the target site, an aspect includes discontinuing replication to the target site and transitioning the state machine from a sync state to a tripped state. Upon determining, during the tripped state, resources exist to conduct sync replication remote data transfer operations, transition the state machine to an async_to_sync state. The async_to_sync state causes the storage system to initiate a recovery operation to return the source and target sites to the sync state. | 2020-04-16 |
20200117751 | CONTEXT-AWARE COMPUTING APPARATUS AND METHOD OF DETERMINING TOPIC WORD IN DOCUMENT USING THE SAME - Provided are a context-aware computing apparatus and a method of determining a topic word in a document using the same. The context-aware computing apparatus includes a memory configured to store information including a word graph in which semantic relationships among words are recorded in a network form, and a processor connected to the memory. The processor extracts content words from an acquired document by analyzing the document, clusters, in the word graph, word associations lying within a certain semantic distance from the position of each content word in the word graph, determines a centroid vector, which is a semantic center, for the content words and the word associations, determines topic words in order of increasing semantic distance from the determined centroid vector among the content words and the word associations, and provides the determined topic words. | 2020-04-16 |
20200117752 | Context Aware Document Advising - An approach is provided in which an information handling system determines a current focus of a user composing a document. The current focus is based on a set of text in proximity to a current cursor location in the document. Next, the information handling system identifies a query based at least in part upon the current focus and queries a database using the identified query. In turn, the information handling system presents reference recommendations to the user that are generated from the query. | 2020-04-16 |
20200117753 | IMPORTING DOCKETING DATA - Methods and systems for importing docketing data are provided. The method includes retrieving, from a storage device, a first data structure that includes docketing information for a plurality of matters from a source docketing system; searching a publicly available database to retrieve information associated with the first matter; verifying that data in at least one field of the first matter matches data in a corresponding field of the retrieved information; automatically detecting existence of an error in the first matter based on a combination of two or more fields of the first matter; and storing the first matter in a target docketing system. | 2020-04-16 |
20200117754 | SYSTEM AND METHOD FOR SEARCHING AUDIO DATA - An audio search system is configured to perform a native search of one or more audio input files in response to a search query. The audio search system is connected to a corpus of audio files representing words, syllables, and characters that may be found in an audio input file. The audio search system has a memory storing instructions and a processing device configured to execute the instructions to receive a search query for searching one or more audio input files, convert the search query into an audio search expression, identify one or more meta-tags in the audio search expression, select a machine learning model based on the one or more meta-tags, and use the machine learning model to search the one or more audio input files for segments of the audio input file that are results of the search query. | 2020-04-16 |
20200117755 | INTELLIGENT VIDEO BRIDGE FOR A CLOSED CIRCUIT TELEVISION SYSTEM - An intelligent video bridge analyzes, indexes and searches live and stored video across multiple existing disparate CCTVs. Through the intelligent video bridge, third parties such as law enforcement can concurrently access and search video feeds from a range of CCTVs, allowing the third party to more easily track persons or vehicles of interest as they move throughout the community and pass within range of different CCTV systems. | 2020-04-16 |
20200117756 | REST APPLICATION PROGRAMMING INTERFACE PARADIGMS FOR BIG DATA ANALYTICS - Embodiments of the present disclosure provide a query paradigm that enables named function chaining and nesting to create complex query structures for advanced data analytics. Initially, a REST request uniform resource identifier (URI) is received from a REST client or Hypertext Transfer Protocol (HTTP) client at a REST API. The REST query URI comprises a syntax of functions with named parameters as URI path segments over a HTTP GET call and forms a function tree. The REST request URI is communicated to a request parser that converts the REST request URI into a backend query. The backend query normalizes the function tree into a normalized tree in accordance with a structure of a target of the REST request URI. The backend query is utilized to query data form the target of the REST request URI. Data responsive to the backend query is provided to the REST client or HTTP client. | 2020-04-16 |
20200117757 | REAL-TIME MONITORING AND REPORTING SYSTEMS AND METHODS FOR INFORMATION ACCESS PLATFORM - A new ecosystem monitoring solution provides novel features including a dashboard service, a dashboard notifier, a near real time query processor. The dashboard service can continuously aggregate, through the dashboard notifier and optionally dashboard agents, metadata from disparate ecosystem components of a complex computing platform or ecosystem. The metadata include metrics of crawling, data ingestion, and content enrichment activities and health information of the disparate ecosystem components. The metrics are processed with respect to a time window utilizing an expression tree dynamically constructed by the query processor. The query processor can navigate the expression tree to form collection models. Each collection has aggregation functions for aggregating a set of metrics specified in a view model. Responsive to a view request, the view model can be dynamically updated utilizing the collection model and communicated to a user device for rendition and presentation of a view through a dashboard user interface. | 2020-04-16 |
20200117758 | DYNAMICALLY ENHANCING QUERY RESULTS - A method, computer program product, and system for enhancing dynamically enhancing query results. A processor(s) monitors computing activities performed by a user, via a client. The processor(s) analyzes the computing activities to identify data comprising a user profile: elements relevant to the user and relationships. The processor(s) generates a knowledge graph with the data. The processor(s) obtains input from the user. The processor(s) executes one or more queries on one or more data sources to retrieve standard search results. The processor(s) analyzes the input and the search results to identify segments of the input and the search results relevant to items comprising the data in the graph and defines links between the items, the data, and the segments. The processor(s) generates contextual search results that include the standard search results, a portion of the items, and a portion of the links and transmits the contextual search results, to the client. | 2020-04-16 |
20200117759 | AUTOMATIC ANALYSIS OF DIGITAL MESSAGING CONTENT METHOD AND APPARATUS - Disclosed are systems and methods for improving interactions with and between computers searching, hosting and/or providing systems supported by or configured with personal computing devices, servers and/or platforms. The methods and systems analyze digital message content in digital communication systems to automatically identify shared user interest(s), to automatically create computerized relationship matrix data identifying user connections, or relationships, using identified shared user interest(s), and to automatically provide a recommendation using the shared user interest and user relationships formed using the shared user interest. | 2020-04-16 |
20200117760 | TRANSMITTING CONTENT ITEMS USING SEARCH HISTORY PROFILES - One or more computing devices, systems, and/or methods for transmitting content items using search history profiles are provided. For example, a first request to access a web page may be received. The first request may be associated with a device. The first request may be analyzed to determine a query. The query may be stored in a search history profile associated with the device. The search history profile may comprise indications of a plurality of queries. A second request for content may be received from a second device associated with the search history profile. Responsive to receiving the second request, a content item may be selected from a content items database based upon the query. The content item may be transmitted to the second device. The device may be the same as the second device. Alternatively and/or additionally, the device may be different than the second device. | 2020-04-16 |
20200117761 | GRAPH VIEWS TO IMPROVE USER INTERFACE RESPONSIVENESS - The described technology is directed towards evaluating client-specific information and possibly other information to determine whether to return less data than is available for a data item in response to a request for graph node data to a data service, and/or return expanded graph node data. When a request for graph data is received, client-specific information is used at least in part by a data service in determining whether to return a virtual graph node comprising a relatively lightweight set of information relative to the full set of information maintained in a main (graph) node. The client-specific information is also used in determining whether to return expanded data beyond that requested, e.g., for caching at the client in anticipation of it likely being needed by the client. | 2020-04-16 |
20200117762 | REACHABILITY GRAPH INDEX FOR QUERY PROCESSING - Techniques are described for generating and re-using reachability graphs for efficient execution of queries. In an embodiment, a query is received for execution on a data graph. Such a query may include one or more expressions for edges in the data graph, which when executed select one or more paths in the data graph to generate results for the query. The system uses a repository to store reachability graphs and may determine whether a reachability graph for an expression of the query for the data graph is stored in a repository. Such a reachability graph is generated by applying the expression on the data graph to qualify or disqualify the edges in the data graph to be included as part of edges of the reachability graph. For example, an edge in a reachability graph exists between two vertices when at least one edge of the data graph has qualified between two vertices of the data graph that correspond to the two vertices of the reachability graph. Based on determining that the reachability graph for the expression is stored in the repository, the system executes the query on the reachability graph without re-applying the expression on the data graph and generates the results for the query. | 2020-04-16 |
20200117763 | RELATIONAL INTERVAL TREE WITH DISTINCT BORDERS - In one embodiment, a searchable interval associated with a database is defined, and an interval tree corresponding to the searchable interval is generated. The interval tree comprises a plurality of interval nodes arranged in a plurality of tiers, wherein the plurality of interval nodes correspond to a plurality of tree intervals that collectively span the searchable interval, and wherein the plurality of tree intervals comprise interval boundaries that are distinct among the plurality of tiers. A database query comprising an interval query parameter is then received, and one or more responsive data records corresponding to the database query are identified, wherein the one or more responsive data records are identified from a plurality of data records in the database based on the interval tree and the interval query parameter. The one or more responsive data records are then retrieved from the database, and a response to the database query is generated based on the one or more responsive data records. | 2020-04-16 |
20200117764 | Validator and Optimizer for Quantum Computing Simulator - The disclosed techniques relate to validating and optimizing a quantum computing simulator. A quantum computing simulator executes a quantum executable file to obtain a first result. A second result is received from a quantum computer which also computes the quantum executable file. The hardware metadata associated with the quantum computer, and defining hardware conditions during a time in which the quantum executable file was executed to create the second result, is also received. In response to determining a difference between the first result and the second result, updated hardware metadata is created based on the received hardware metadata associated with the quantum computer. The quantum computing simulator performs a second execution of the quantum executable file based at least in part on the updated hardware metadata to obtain a third result. | 2020-04-16 |
20200117765 | INTERFACE FOR VISUALIZING AND IMPROVING MODEL PERFORMANCE - Performance of a first generated model can be monitored while the first generated model is deployed for use on live data. The monitoring can include determining a first performance value of the first generated model. Performance of a second generated model can be monitored while the second generated model is deployed for use on live data. The monitoring can include determining a second performance value of the second generated model. A plot including a first axis and a second axis can be rendered. The first axis can include a characterization of a first performance metric and the second axis can include a characterization of a second performance metric. A first graphical object at a first location characterizing the first performance value and a second graphical object at a second location characterizing the second performance value can be rendered. Related apparatus, systems, techniques and articles are also described. | 2020-04-16 |
20200117766 | PRECISE VERIFICATION OF A LOGIC PROBLEM ON A SIMULATION ACCELERATOR - A computer system includes a hardware accelerator and host processor. The hardware accelerator executes a simulation of a first logical model according to a plurality of simulation cycles. The host processor determines a fault checkpoint based on a logic fault that occurs in response to executing the simulation. The host processor verifies removal of the logic fault based on rerunning the simulation from the fault checkpoint. | 2020-04-16 |
20200117767 | FAST, EFFICIENT REAL-TIME ELECTRO-MAGNETIC SYSTEMS SIMULATOR THAT DYNAMICALLY ACCEPTS USER INPUT - A method is described. The method includes calculating electric and/or magnetic fields in free space in response to: i) respective positions and motions of one or more charges and/or one or more current loops in the free space; ii) charges on nodes in the electrical circuit in the free space; iii) charge motions in the electrical circuit. The method includes calculating new respective positions and motions of the one or more charges and/or one or more current loops in the free space in response to respective forces applied to the one or more charges and/or the one or more current loops by the electric and/or magnetic fields. The method includes calculating new charges on nodes within the electrical circuit and new charge motions within the electrical circuit in response to the new positions and motions of the one or more charges and/or one or more current loops in free space, the charges on the nodes in the electrical circuit and the charge motions in the electrical circuit. The method includes concurrently rendering on a display of the computing system respective images of the one or more charges and/or one or more current loops according to the new respective positions and motions and the new charge motions within the electrical circuit. The method includes repeating the above to fluidly render on the display respective inter-active behaviors of the one or more charges and/or the one or more magnetic current loop in the free space and the charge motions in the electrical circuit. | 2020-04-16 |
20200117768 | BUFFER-BAY PLACEMENT IN AN INTEGRATED CIRCUIT - Aspects include performing integrated circuit design. A processor identifies a child block of an integrated circuit for placement of a buffer-bay to insert a buffer in a portion of the integrated circuit reserved for the child block. The buffer-bay is divided into a plurality of buffer-bay segments. Parent-level routing information and one or more boundary conditions are analyzed to determine a plurality of placement options for the buffer-bay segments. A best possible placement is selected from the plurality of placement options for the buffer-bay segments as a planned buffer-bay layout. A routing of the integrated circuit is performed based on the planned buffer-bay layout. | 2020-04-16 |
20200117769 | METHOD OF DESIGNING MEMORY SYSTEM BY CONSIDERING POWER CHARACTERISTICS, METHOD OF FABRICATING MEMORY SYSTEM, AND COMPUTING SYSTEM FOR DESIGNING MEMORY SYSTEM - A method of designing a memory system, which includes a semiconductor device and a power supply circuit supplying power to the semiconductor device via a board power distribution network, includes analyzing power characteristics of respective components of the power supply circuit by using a power characteristic model of the power supply circuit, and analyzing power characteristics of the memory system. The power characteristic model of the power supply circuit includes an encrypted model. | 2020-04-16 |
20200117770 | DEVICE, METHODS, AND GRAPHICAL INTERFACES FOR DETERMINATION AND PREDICTION OF CHEMICAL TECHNOLOGY SYSTEM PARAMETERS - System and calculation method for parameters of a chemical technology system, which are not measured directly or indirectly, on the basis of values of measured chemical technology system parameters with the use of the mathematical models and a portable computing device with a dedicated graphical interface. | 2020-04-16 |
20200117771 | CONTENTS BLOCKCHAIN PLATFORM - A platform and method for content management is disclosed. A content right management method includes receiving contents from a user, and generating a create key for a right for the contents by encrypting the contents using encryption information, in which the create key includes a copyright of the contents and a creation right of the contents. | 2020-04-16 |
20200117772 | PRESENTING CONTENT PROTECTED BY MULTIPLE DRMS - Examples are disclosed related to presenting on a client device configured for a first digital rights management technology (DRM-1) content that is protected by a second digital rights management technology (DRM-2). One example provides a computing device configured to receive a request from an application for a DRM-2 license acquisition challenge, forward the request to a DRM-2 license acquisition challenge generator, receive a DRM-2 license acquisition challenge and DRM-2 state information, send the DRM-2 license acquisition challenge to the application, receive, from the application, a DRM-2 license acquisition response, generate a DRM-1 license acquisition challenge incorporating the DRM-2 license acquisition challenge, the DRM-2 license acquisition response, and the DRM-2 state information, send the DRM-1 license acquisition challenge to a remote DRM-1 license acquisition server, receive a DRM-1 license acquisition response comprising a key and a license policy, enforce the license policy for content protection, and decrypt content using the key. | 2020-04-16 |
20200117773 | 3D Printer and Inventory Control and Distribution System for 3D Designs - A digital platform enables 3D printing where the designs are protected from piracy/redistribution. A single board computer (SBC) communicates with a first server and a second server. The SBC requests a unique hardware ID from the first server, which assigns and sends the ID to the SBC. The SBC submits the ID and a secret key to the second server to request registration of a user and a printer, and the second server sends private certs, a client ID, and a unique public identifier to the SBC. The second server also receives and stores 3D print designs through a designer portal, and on-demand displays the designs in a GUI screen. The SBC user may purchase a 3D print design, and the second server, in response, sends an access token to the SBC. The SBC redeems the access token for a selected 3D print, and the second server adjusts geode for the selected 3D design for the particular printer, and streams the adjusted geode to the printer through the SBC, thereby protecting the code from unauthorized user/replication. | 2020-04-16 |
20200117774 | PROACTIVE SECURITY SYSTEM BASED ON CODE POLYMORPHISM - A method, and processor for securing a host platform of a computing device are presented. The method includes generating, by a security processor, a first graph based on at least a portion of executable code, wherein the executable code is executed by a main processor of the host platform; generating a metadata file based on the generated first graph; polymorphing the executable code based on the generated metadata file; generating a second graph based on the polymorphed code; creating slices of the polymorphed code; executing at least one slices of the created slices by the security processor, wherein the security processor is apart from the main processor; polymorphing the at least one of executed slice; and pairing the least polymorphed slice with the polymorphed code. | 2020-04-16 |
20200117775 | METHOD FOR PROCESSING DATA - Method for processing data, in which a Petri net is encoded, written into a memory and read and executed by at least one instance, wherein transitions of the Petri net read from at least one tape and/or write on at least one tape symbols or symbol strings, with the aid of at least one head. [FIG. | 2020-04-16 |
20200117776 | ESTABLISHING ACCESS SESSIONS - A method, apparatus, and computer program are disclosed. The method may be performed by one or more processors and may comprise receiving an indication of a request from a client device. The request is for establishing an access session to perform one or more actions on data of a data processing platform and includes a client identifier. The method may also comprise establishing a challenge session associated with the request. The challenge session indicates one or more challenges required of a user associated with the client identifier to successfully respond to in order to establish the requested access session. The method may also comprise sending a challenge identifier associated with a first challenge of the challenge session to the client device using the client identifier for requesting the first challenge from a user manager, and receiving from the user manager a post-challenge response, indicative of a success or a failure of a first challenge response received at the user manager to the first challenge. | 2020-04-16 |
20200117777 | SECURE STORAGE DEVICES, WITH PHYSICAL INPUT DEVICE, FOR SECURE CONFIGURATION IN A CONFIGURATION-READY MODE - A secure storage device includes a physical key input device, a secure memory and a controller. The controller arbitrates access by a host to securely configure the device based on the device's mode of operation. The controller determines whether the device is in a configuration-ready mode based on information within the device. Only when the device is in the configuration-ready mode, the device may be configured by the host. When a device is in a non-configuration-ready mode, the device is prevented from being configured by the host, but the device can be set to the configuration-ready mode, for example, by nullifying configuration data (e.g., PINs), by creating new encryption key(s), and by setting the mode to the configuration-ready mode. A null PIN is unusable to unlock the device after being locked. A new encryption key is unusable to decrypt data previously stored in the device, making such data unrecoverable. | 2020-04-16 |
20200117778 | Authentication System - A system and method for authentication are described herein. An authentication downrequest is received at a combiner proxy ( | 2020-04-16 |
20200117779 | AUTHENTICATING USERS OF COMMUNAL COMPUTING DEVICES USING A LIMITED SEARCH SCOPE - A user provides an identification (ID) signal (e.g. a biometric ID signal like a self-snapshot) to a trusted cloud-based provider. When the user attempts to authenticate with the cloud-based provider, a similar ID signal (e.g. another self-snapshot) for the user is captured and provided to the cloud-based provider. The cloud-based provider then obtains a secondary ID signal, or a combination of secondary ID signals, and utilizes the secondary ID signal, or signals, to identify a subset of user records to be searched for the ID signal. The subset of the records, rather than all of the user records, can then be searched for the ID signal. The cloud-based provider can then authenticate the user based on the results of the search of the subset of the user records. | 2020-04-16 |
20200117780 | MULTI-FACTOR BIOMETRIC AUTHENTICATION - A biometric sensor can be integrated into a user device to enable multifactor biometric authentication of a user on the user device. The biometric sensor can comprise at fingerprint scanner and a heartrate detector, the heartrate detector further comprising an optical input device and a light emitting diode (LED). The fingerprint scanner comprises a camera encircling the edge of the biometric sensor and detects and scans the users fingerprint to compare to a stored fingerprint to authenticate the users fingerprint. The heartrate detector can determine a heartrate of the user. Based on the detected heartrate of the user and utilizing a validation profile it can be determined if the user is, for example, a live person, is under duress, or sleeping. If the heartrate data is validated by the user device within certain allowable parameters, and the fingerprint of the user is authenticated, access to the user device is enabled. | 2020-04-16 |
20200117781 | METHOD AND APPARATUS FOR DYNAMICALLY ADJUSTING BIOMETRIC USER AUTHENTICATION FOR ACCESSING A COMMUNICATION DEVICE - Improved user authentication of a communication device is provided by expanding voice biometric authentication with a dynamically updated user profile formed of non-voice usage parameters. The non-voice usage parameters are collected during successful voice authentications to establish non-voice compensation controls. When a failed voice biometric authentication attempt is followed by a valid PIN entry, then a false rejection is determined, and a voice biometric threshold is adjusted to reduce the individual user-based false rejection rate along with the enablement of the non-voice usage controls. | 2020-04-16 |
20200117782 | METHOD AND ELECTRONIC DEVICE FOR OBTAINING BIOMETRIC INFORMATION IN SECTION IN WHICH IMAGE DATA IS NOT TRANSMITTED TO DISPLAY - The present invention relates to a method by which an electronic device including a biosensor obtains biometric information in a section in which image data is not transmitted to a display. An electronic device according to various embodiments of the present invention comprises: a display; a biosensor formed in at least a portion of the display; and a processor functionally connected with the display, and the biosensor, wherein the processor can extend a blank section of a reference signal, which is any one of a plurality of signals for driving the display in a state of sensing the biometric information of a user, and can drive the biosensor in the extended blank section of the reference signal so as to sense the biometric information of the user. The present invention can also include additional various embodiments. | 2020-04-16 |
20200117783 | TECHNIQUES FOR FINGERPRINT DETECTION AND USER AUTHENTICATION - We present several unique techniques for using touch sensor arrays to detect fingerprint information and authenticate a user. | 2020-04-16 |
20200117784 | INFORMATION PROCESSING DEVICE, INFORMATION PROCESSING METHOD, AND INFORMATION PROCESSING PROGRAM - An information processing device includes a first specifying unit for specifying identification information on a user who operates the information processing device and identification information on each of one or more other users who use the information processing device while sharing the information processing device with the user, and a second specifying unit for referring to a first storage unit which has stored a range of operable information corresponding to a combination of identification information on users, to specify a range of operable information to a combination of the identification information specified by the first specifying unit. | 2020-04-16 |
20200117785 | VERIFICATION SYSTEM - A device includes memory and a processor. The device receives biometric information. The device receives location information. The device analyzes the received biometric information with stored biometric information. The device analyzes the received location information with stored location information. The device determines whether the received biometric information matches the stored biometric information. The device determines whether the received location information matches the stored location information. The device sends an electronic communication that indicates whether the received biometric information matches the stored biometric information and whether the received local information matches the stored location information. | 2020-04-16 |
20200117786 | WEARABLE DEVICE AND METHOD OF OPERATING THE SAME - A wearable device includes a display; a sensor configured to obtain a biometric information of a user; a memory configured to store at least one instruction; and at least one processor configured to execute the at least one instruction to: based on an event related to executing an application, identify execution of biometric authentication associated with the application; based on the identification, display a message indicating information corresponding to the biometric authentication to be performed in the wearable device; obtain, by the sensor, the biometric information of the user wearing the wearable device; identify authority using the obtained biometric information and registered biometric information stored in the memory; and display, by the display, a screen associated with the executed application based on the identified authority. | 2020-04-16 |
20200117787 | Method of Unlocking Control, Mobile Terminal, and Storage Medium - Disclosed in the embodiments of the present application is an unlocking control method, the method may include: acquiring scenario parameters of a mobile terminal; acquiring environment parameters of the mobile terminal; selecting a target multi-biometric recognition mode corresponding to the scenario parameters and the environment parameters out of M pre-stored multi-biometric recognition modes; and acquiring S pieces of biometric verification information by means of a target biometric acquisition module corresponding to the target multi-biometric mode, and unlocking the mobile terminal when the S pieces of biometric verification information are successfully verified. | 2020-04-16 |
20200117788 | Gesture Based Authentication for Payment in Virtual Reality - A computer implemented method includes receiving training input corresponding to multiple different prompted user gestures, training a machine learning system on the training input, receiving an authentication input based on an authentication gesture performed by the user, and associating the authentication input with a transaction authentication operation utilizing the machine learning system in a virtual environment. | 2020-04-16 |
20200117789 | UNLOCKING PASSWORDS IN AUGMENTED REALITY BASED ON LOOK - A method of using a head-mounted display to enable the display of confidential data includes authenticating a user by placing the HMD on the user's head, moving the HMD by moving the user's head to facilitate the user looking at a series of N objects in a predefined order, and providing access to the confidential data in response to the user looking at the predefined series of N objects in the predefined order and within a predefined time frame. | 2020-04-16 |
20200117790 | AUTHENTICATION SYSTEM, REQUEST APPARATUS, RESPONSE APPARATUS, REQUEST METHOD, AND RESPONSE METHOD - The present invention provides an authentication system including a request apparatus, wherein the request apparatus comprises a generation module, configured to generate a three-dimensional image or a multi-dimensional image; the three-dimensional image or the multi-dimensional image is configured for the authentication of the three-dimensional image or multi-dimensional image. The invention also provides a request apparatus, a response device, a request method and a response method. The authentication system, the request apparatus, the response apparatus, the request method and the response method provided by the invention can perform identity verification by three-dimensional images or multi-dimensional images, thereby avoiding leakage of verification information and ensuring financial security and information security of the user. | 2020-04-16 |
20200117791 | CONSENTED AUTHENTICATION - An example system may include a processor and memory, wherein the processor is configured to perform one or more of acquire a first biometric sample of a user, compare the first biometric sample of the user against a pre-recorded second biometric sample, in response to the match, access shared data of the user stored on a blockchain, generate a question based on the shared data, receive an answer to the question from the user, and authenticate the user based on the answer to the question and the first biometric sample. | 2020-04-16 |
20200117792 | INDEXABLE AUTHENTICATION SYSTEM AND METHOD - An indexable authentication system is provided for authenticating users across multiple sessions. The indexable authentication system may include an authentication server, security component, communication component, credential database, authentication credential, credential index medium, origin terminal, access provisioning component, content filtering component, payment processing component, and provider aspects. A method for authenticating users across multiple sessions using the indexable authentication system is also provided. | 2020-04-16 |
20200117793 | DIGITALLY SIGNED DATA - An example print supply includes a non-transitory computer-readable medium. The non-transitory computer-readable medium includes data. The data includes an indication of a schema for the data. The data also includes an indication of an identifier. The data includes an indication of a digital signature. The digital signature is usable to authenticate a type of the data, the schema, and the identifier. The print supply also includes a communication interface. The communication interface is to output the data from the non-transitory computer-readable medium. | 2020-04-16 |
20200117794 | REESTABLISHING VOLTAGE PROFILES OF ELECTRONIC CONTROL UNITS AFTER RESET - Systems, apparatuses, and techniques for establishing “ground truth” are provided. Particularly, establishing ground truth for electronic control units on a communication network after a context change has occurred are provided. Circuitry and instructions to generate unique feature sets from messages (e.g., transmitted by ECUs after a context change) and to match the unique feature sets to unique feature sets from ECU fingerprints to establish ground truth for the ECUs after the context shift. | 2020-04-16 |
20200117795 | SYSTEM AND METHOD FOR GENERATING AND AUTHENTICATING A TRUSTED POLYMORPHIC AND DISTRIBUTED UNIQUE HARDWARE IDENTIFIER - A system and method for the generation of a trusted polymorphic and distributed unique hardware identifier (ID) are provided. The method includes checking a device for a current ID; selecting a polymorphic policy setting randomly when no current ID is detected, wherein the polymorphic policy setting defines a functionality of at least one function of the device; selecting functional steps of the at least one function randomly, wherein the functional steps are selected from a number of states of a finite-state machine (FSM) used to construct the at least one function; pairing an output DNA mechanism to the at least one function; and generating the unique ID based on the paired DNA mechanism, its structure and its functional operation. | 2020-04-16 |
20200117796 | SYSTEM AND METHOD FOR ANALYZING A LOG IN A VIRTUAL MACHINE BASED ON A TEMPLATE - Disclosed is a method for analyzing a log for conducting an antivirus scan of a file. The method includes opening a file in a virtual machine. The opening of the file includes execution of a guest process having a thread in a virtual processor of the virtual machine. A plurality of events in the thread of the guest process is intercepted. Registers associated with a system call made during execution of the first thread of the guest process are determined. Execution of the thread of the guest process is halted. In a log associated with the opening of the file, information is saved indicating events intercepted during execution of the thread in an altered guest physical memory page, and context data of the virtual processor. Using at least one template having rules, the saved log is analyzed to determine whether the file opened in the virtual machine is harmful. | 2020-04-16 |
20200117797 | AGENT INJECTION VIA COMMAND HIJACKING - Embodiments of the present disclosure relate to command modification. Initially, a first command is received from a user. The first command may include a target process that is issued to an operating system via a shell. Utilizing a pre-execution hook of the shell, the first command is hijacked before the first command is executed by the operating system. The first command may be passed to an agent injection engine that parses the first command and identifies at least a portion of the first command to be modified. A handler may be identified that is utilized by the agent injection engine to modify the first command to create a second command. The second command injects an agent that is not preloaded into memory into the target process and is executed by the operating system. The first command is prevented from being executed by the operating system. | 2020-04-16 |
20200117798 | Event Monitoring - A computing device may detect events such as a break-in, fire, flood, movement of people between different areas or zones within a defined area, cyberattacks, movement of devices away from the defined area, etc. If an event is detected, the computing device may take action to protect devices, data on the devices, and/or accounts accessible by the devices. The devices may encrypt, backup data, and/or delete data. The computing device may communicate with other computing devices about events that have been detected. | 2020-04-16 |
20200117799 | GRAPHICAL USER INTERFACE TOOL FOR CONFIGURING A VEHICLE'S INTRUSION DETECTION SYSTEM - A system for configuring an intrusion detection system. The system includes an input device, a display device, and an electronic processor. The electronic processor is configured to receive input, via the input device. The input the electronic processor receives includes a previous configuration file, a databus configuration file, and user input. The electronic processor is also configured to run, with an intrusion detection system configuration tool, a simulation of communication on a vehicle communication system based on the input received and display, on the display device, results of running the simulation with the intrusion detection system configuration tool. The electronic processor is further configured to output a new configuration file and a file configured to be uploaded to a vehicle. | 2020-04-16 |
20200117800 | Securing Electronic Data by Automatically Destroying Misdirected Transmissions - A method for securing data by embedding the data in a data structure and utilizing a sensor device to detect transfer of the data structure. The data is embedded such that the data is only accessible by first executing an executable program. If the executable program determines that the device attempting to access the data (the accessing device) does not have permission to access the data, then the executable program destroys all or a portion of the data. If the data structure is transferred to another device, a sensor device positioned to detect the data structure when transferred will identify the data. If the sensor device determines that the data structure is not permitted to be transferred, then the sensor device destroys all or a portion of the data. | 2020-04-16 |
20200117801 | USE OF AN APPLICATION CONTROLLER TO MONITOR AND CONTROL SOFTWARE FILE AND APPLICATION ENVIRONMENTS - In embodiments of the present invention, a framework for an extensible, file-based security system is described for determining an appropriate application, application environment, and/or access or security control measure based at least in part on a file's reputation. In response to the selection of a file, an application controller may be used to select a software application from two or more software applications to open the selected file, based at least in part on the selected file's reputation. If launched, a software application may be configured to open the file in an environment, such as a virtual machine, quarantined environment, and the like, that is appropriate for the file based at least in part on the reputation information. A software application may be a secure software application configured to manage secure files, or an insecure software application configured to manage insecure files. The selected file, and communications relating to the selected software application, may be managed according to the selected software application's secure or insecure configuration. Further, the selected software application may associate reputation information with all files that are modified and/or created by the selected software application, including at least in part, reputation information matching that of the selected file. | 2020-04-16 |
20200117802 | SYSTEMS, METHODS, AND MEDIA FOR IDENTIFYING AND RESPONDING TO MALICIOUS FILES HAVING SIMILAR FEATURES - Systems, methods, and media for identifying and responding to malicious files having similar features are provided. More particularly, in some embodiments, systems for identifying and responding to malicious files having similar features are provided, the systems comprising: a memory; and a hardware processor coupled to the memory and configured to: receive feature information extracted from a file, wherein the feature information includes at least two of static feature information, environmental feature information, and behavioral feature information; create clusters based on the feature information; determine if a file corresponding to one of the clusters is malicious; and report to a plurality of endpoints that other files corresponding to the one of the clusters is malicious. | 2020-04-16 |
20200117803 | USING OBJECT FLOW INTEGRITY TO IMPROVE SOFTWARE SECURITY - The present disclosure is directed to a method of creating an object flow integrity (OFI) library module, capable of redirecting an object-like programmatic call, by initiating a multi-pass, recursive process to analyze a module's interfaces, function parameters, and data types. In another aspect, a method is disclosed to modify the binary code of an untrusted module to enable its usage of the OFI library module. In another aspect, during runtime operations of an untrusted module, the OFI library module can receive an object from a caller module, substitute a proxy object, stored in a secure location, and continue the programmatic call using the proxy object. | 2020-04-16 |
20200117804 | SECURE MANAGEMENT AND EXECUTION OF COMPUTING CODE INCLUDING FIRMWARE - Secure management of computing code is provided herein. The computing code corresponds to computing programs including firmware and software that are stored in the memory of a computing device. When a processor attempts to read or execute computing code, a security controller measures that code and/or corresponding program, thereby generating a security measurement value. The security controller uses the security measurement value to manage access to the memory. The security measurement value can be analyzed together with integrity values of the computing programs, which are calculated while holding the reset of the processor. The integrity values indicate the validity or identity of the stored computing programs, and provide a reference point with which computing programs being read or executed can be compared. The security controller can manage access to memory based on the security measurement value by hiding or exposing portions of the memory to the processor. | 2020-04-16 |
20200117805 | SECURE BOOTING METHOD, APPARATUS, DEVICE FOR EMBEDDED PROGRAM, AND STORAGE MEDIUM - The present disclosure provides a secure booting method, apparatus, device for an embedded program and a storage medium. The method includes: when a boot program is running, acquiring data of an application program, including signature information, public key information, parameter information, encrypted data, and a digital check code; performing signature check according to the signature information; performing integrity check according to the digital check code if the signature check passes; and performing data decryption according to the public key information and the parameter information if the integrity check passes. The present disclosure may improve information security. | 2020-04-16 |
20200117806 | Securely Booting a Service Processor and Monitoring Service Processor Integrity - Mechanisms for booting a service processor are provided. With these mechanisms, the service processor executes a secure boot operation of secure boot firmware to boot an operating system kernel of the service processor. The secure boot firmware records first measurements of code executed by the secure boot firmware when performing the boot operation, in one or more registers of a tamper-resistant secure trusted dedicated microprocessor of the service processor. The operating system kernel executing in the service processor enables an integrity management subsystem of the operating system kernel which records second measurements of software executed by the operating system kernel, in the one or more registers of the tamper-resistant secure trusted dedicated microprocessor. | 2020-04-16 |
20200117807 | IMPLEMENTING PACKAGE VULNERABILITY ASSESSMENT FOR MICROCONTAINERS - A system for determining vulnerability of an application container is provided. The system receives a report associating a first version of a software package with a vulnerability and a second version of the software package as being an update that fixes the vulnerability. The system receives the first version and the second version of the software package. The second version has one or more files that correspond to files in the first version. The system identifies a changed file in the first version of the software package that is different from a corresponding file in the second version of the software package. The system identifies a container file in an application container that matches the changed file in the first version of the software package. The system associates the identified container file with the vulnerability. | 2020-04-16 |
20200117808 | Electronic System Vulnerability Assessment - A method and apparatus for assessing vulnerability in a system of electronic devices, comprises determining a distinguishing characteristic of a version of a computer program as installed in a usable format to distinguish that version from at least one further version; identifying an indication of a defect giving rise to vulnerability to malicious activity in code or data used by the distinguished version; maintaining a mapping between the distinguished and the indication; scanning the system for presence of the distinguished version; determining that a vulnerable portion is used by the distinguished version; and in response indicating with a vulnerability indicator that the electronic device is vulnerable to the malicious activity according to the mapping; assigning a risk value associated with the installed instance; and emitting an alert signal identifying the vulnerability and indicating the risk value associated with the installed instance. The scanning is further controlled to prevent exposure of sensitive code and data. | 2020-04-16 |
20200117809 | INTERRUPTING EXPORT OF MEMORY REGIONS - Apparatus for processing data comprises memory access circuitry to enforce ownership rights of a plurality of memory regions within a first memory, a given memory region among the plurality of memory regions having a given owning process specified from among a plurality of processes. The given owning process has exclusive rights to control access to given owned data stored within the given memory region. The memory access circuitry is responsive to a first export command for the given memory region received from a first export command source to perform a first export operation to encrypt the given owned data to form given encrypted data and to store the given encrypted data in the second memory. The memory access circuitry is responsive to a second export command for the given memory region received from a second export command source while the first export operation is being performed to determine whether said second export command source has higher priority position within a control hierarchy than the first export command source and, when the second export command source has a higher priority, to interrupt the first export operation and to perform a second export operation specified by the second export command, and when the second export command source has a lower priority, to continue to perform the first export operation and to block performing of the second export operation. | 2020-04-16 |
20200117810 | IMPLICIT INTEGRITY FOR CRYPTOGRAPHIC COMPUTING - In one embodiment, a processor includes a memory hierarchy and a core coupled to the memory hierarchy. The memory hierarchy stores encrypted data, and the core includes circuitry to access the encrypted data stored in the memory hierarchy, decrypt the encrypted data to yield decrypted data, perform an entropy test on the decrypted data, and update a processor state based on a result of the entropy test. The entropy test may include determining a number of data entities in the decrypted data whose values are equal to one another, determining a number of adjacent data entities in the decrypted data whose values are equal to one another, determining a number of data entities in the decrypted data whose values are equal to at least one special value from a set of special values, or determining a sum of n highest data entity value frequencies. | 2020-04-16 |
20200117811 | PROCESSOR HARDWARE AND INSTRUCTIONS FOR SHA3 CRYPTOGRAPHIC OPERATIONS - A microcoded processor instruction may invoke a number of microinstructions to perform a round of a SHA3 operation using a circuit that includes a first stage circuit to perform a set of first bitwise XOR operations on a set of five input blocks to yield first intermediate output blocks; perform a set of second bitwise XOR operations on a first intermediate block and a rotation of another first intermediate block to yield second intermediate blocks; and perform a set of third bitwise XOR operations on a second intermediate block and an input block to yield third intermediate blocks. The circuit further includes a second stage circuit to rotate bits within each of the third intermediate blocks to yield a set of fourth intermediate blocks, and a third stage circuit to perform an affine mapping on bits within each of the fourth intermediate blocks to yield a set of output blocks. | 2020-04-16 |
20200117812 | ACCESS TO A SERVICE - The present invention relates to a method for determining an access right to a communication service, the method comprises: generating at least one token for at least one terminal device; receiving data from at least one sensor device, the data comprising at least information from which a position of the terminal device is derivable; determining, by the network controller, an access right to the communication service by: determining the position of the terminal device from the data from which a position of the terminal device is derivable, comparing the position of the terminal device with a reference value, and generating, in accordance with a result of the comparison, an indication representing a right to access to the communication service. The invention also relates to a network controller, a communication system and a computer program product. | 2020-04-16 |
20200117813 | METHOD FOR SECURING A DIGITAL DOCUMENT - A method for securing a digital document comprising first and second types of data, where a set of data of the second type is previously identified in an initial version of the document. For each data of the second type, an identifier is allocated to the data and an entry comprising the data is stored in a secure storage unit. The identifier comprises a display value and a link value. The data is reachable in the secure storage unit through the link value. The secure storage unit is configured to use access rules for authorizing or denying a request initiated by a user for accessing data of the second type contained in an entry of the secure storage unit. An updated version of the digital document is generated by replacing each data of the second type by its allocated identifier in the initial version of the digital document. | 2020-04-16 |
20200117814 | SEMICONDUCTOR DEVICE AND CONTROL METHOD - The semiconductor device includes a control unit having redundant processors, a memory storing target data, a secure memory storing a key used for encryption or decryption processing, an cryptographic unit, a secure processor instructing cryptographic processing to the cryptographic unit in response to a request from the control unit, a first bus coupled to the control unit, the memory, the cryptographic unit, and the secure processor, and a second bus coupled to the secure memory, the cryptographic unit, and the secure processor. The control unit communicates with the memory via a predetermined error detection mechanism, the cryptographic unit includes a plurality of cryptographic processors that independently perform cryptographic processing on target data using a key based on an instruction, and each of the plurality of cryptographic processors includes a data transfer unit that performs data transfer with the memory via the error detection mechanism. | 2020-04-16 |
20200117815 | DATA MANAGEMENT FOR MULTI-TENANCY - In one implementation, a first access behavior is determined. The first access behavior is for accessing a first dataset associated with a first tenant of a storage system, and the first dataset is stored in a first data node in the storage system. A second access behavior is determined. The second access behavior is for accessing a data entry that is to be added into a second dataset associated with a second tenant of the storage system, and the second dataset is stored in at least one data node in the storage system. In response to a deviation between the first access behavior and second access behavior being above a predefined threshold, the data entry is stored into the first data node. | 2020-04-16 |
20200117816 | METHODS FOR SECURING AND ACCESSING A DIGITAL DOCUMENT - The invention is a method for securing a digital document. An initial version of the digital document contains a set of data. The method comprises:
| 2020-04-16 |
20200117817 | UTILIZING HEURISTIC AND MACHINE LEARNING MODELS TO GENERATE A MANDATORY ACCESS CONTROL POLICY FOR AN APPLICATION - A device processes, with a model, an application to identify a set of file paths with process identifiers. The device identifies patterns associated with the set of file paths with process identifiers, and determines positions of random elements in each file path of the set of file paths with process identifiers. The device processes the patterns and the positions of the random elements to train a machine learning model, and utilizes the machine learning model to generate a first set of rules to identify files required for execution of the application, and a second set of rules to identify files not required for execution of the application. The device generates a mandatory access control policy based on the first set of rules and the second set of rules, and provides the mandatory access control policy to be implemented by an operating system of a client device. | 2020-04-16 |
20200117818 | SECURE DATA SHARING - A computer-implemented method is provided for secure data sharing. The method comprises: storing, by a data owner or an entity authorized by the data owner, via a data management user interface, in a decentralized data storage, data in an encrypted format; storing, via the data management user interface, in a blockchain, information indicating the data owner and a reference to the data stored in the decentralized data storage; and storing, by the data owner, via the data management user interface, in the blockchain, information indicating consent given to one or more authorized users for using the data. | 2020-04-16 |
20200117819 | FILE SYSTEM METADATA PROTECTION - Techniques are disclosed relating to securely storing file system metadata in a computing device. In one embodiment, a computing device includes a processor, memory, and a secure circuit. The memory has a file system stored therein that includes metadata for accessing a plurality of files in the memory. The metadata is encrypted with a metadata encryption key that is stored in an encrypted form. The secure circuit is configured to receive a request from the processor to access the file system. In response to the request, the secure circuit is configured to decrypt the encrypted form of the metadata encryption key. In some embodiments, the computing device includes a memory controller configured to receive the metadata encryption key from the secure circuit, retrieve the encrypted metadata from the memory, and decrypt the encrypted metadata prior to providing the metadata to the processor. | 2020-04-16 |
20200117820 | ELECTRONIC SYSTEMS OF ELECTRONIC TERMINALS AND SERVERS FOR SECURING INFORMATION INTEGRITY IN THE DISTRIBUTED TECHNOLOGICAL ENVIRONMENT AND METHODS OF USING THEREOF - In some embodiments, the present invention provides for a computer-implemented method, including: electronically receiving, first terminal data where the first terminal data includes at least one first alphanumerical data sequence; electronically generating at least one first computer-generated barcode; electronically storing the first terminal data and the at least one first computer-generated barcode in at least one database residing in a non-transient computer memory; automatically and electronically transmitting the at least one first computer-generated barcode to the at least one first terminal machine; electronically receiving second terminal data; automatically validating, in real-time, the user input as being representative of the user output. | 2020-04-16 |
20200117821 | EDIT DISTANCE COMPUTATION ON ENCRYPTED DATA - One embodiment provides a method, including: receiving, at a third-party storage provider and from a data owner, a plurality of encrypted documents, wherein each of the plurality of encrypted documents is encrypted by the data owner using at least one encryption key; receiving, from a query user, an encrypted query, wherein the query is encrypted using the at least one encryption key; computing an edit distance value between the encrypted query and at least a portion of the plurality of encrypted documents, wherein the computing comprises communicating with an entity to work together to compute the edit distance value; the communicating comprising (i) providing, from the third-party storage provider to the entity, an encrypted function of an edit distance matrix and (ii) receiving an encrypted edit distance value computed by the entity from the encrypted function; and returning the encrypted edit distance value to the query user. | 2020-04-16 |
20200117822 | DYNAMIC AUTHORIZATION MATRIX AND RELATED SYSTEMS, METHODS, AND COMPUTER PROGRAM PRODUCTS - A method includes performing, by a processor, operations including: generating an approval routing matrix that is configured to associate a route with at least one a plurality of roles for accessing a record in a storage medium, the record being representative of a matter for approval, receiving a request to approve the matter, generating an assignment matrix based on the approval routing matrix, the assignment matrix being configured to specify an order in which the at least one of the plurality of roles are granted access to the record, allowing access to the record to at least one user associated with the at least one of the plurality of roles, respectively, in the order specified in the assignment matrix, and determining whether the matter is approved based on input received by the at least one user associated with the at least one of the plurality of roles, respectively. | 2020-04-16 |
20200117823 | SELECTIVE EXCHANGE OF TRANSACTION DATA - An example operation may include one or more of receiving, by an account manager node, a request to register a client application executed on a peer connected to a blockchain network of a plurality of participants, wherein the client application generates a transaction data, registering, by an account manager node, the client application, deriving, by the account manager node, a webhook URL from a registration data of the client application, receiving, by the account manager node, a notification of a commitment of the transaction data on the blockchain, and in response to the receiving of the notification of the commitment of the transaction data, sending, by the account manager node, a decryption key for the transaction data to an authorized subset of the participants based on the webhook URL. | 2020-04-16 |
20200117824 | CONSENT-BASED DATA PRIVACY MANAGEMENT SYSTEM - For example, a data set comprising a plurality of data fields, including at least one field containing personal information, can be received. Meta-information for the data set can be reviewed, which includes a categorization for the data set comprising a first parameter specifying field data type, and, for fields comprising personal information, a second parameter specifying personal data consent information. The data set may be converted into a columnar data storage format using the meta-information, and the at least one data field comprising personal information may be stored in at least one column marked as comprising personal information, and at least one personal information privacy control may be applied to the at least one marked column. | 2020-04-16 |
20200117825 | DATABASE MANAGEMENT - A database transaction is executed in a computer of a system of networked computers having secure processing enclaves. Within the secure processing enclave, a database transaction log record for the executed database transaction is generated and cryptographically secured using a private key held in secure storage of the secure processing enclave. A state of the distributed database is recorded in a series of transaction log records which is replicated in distributed computer storage accessible to the networked computers. Consensus messages are transmitted and received via secure communication links between the secure processing enclaves of the networked computers, to incorporate the database transaction log record into the series of transaction log records in accordance with a distributed consensus protocol, which is implemented based on consensus protocol logic held within the secure processing enclave. | 2020-04-16 |
20200117826 | DATA ACCESS POLICY MANAGEMENT - A method for automated data access management can include creating a project that manages data access to data sources by a plurality of users, wherein each user has user attributes indicating data access policies for the data sources. The method can also include performing project equalization for the project, wherein the project equalization determines a set of user attributes shared by the users. Additionally, the method can include modifying the user attributes of each user for the project, wherein the user attributes of each user are modified to conform to the set of user attributes determined by the project equalization, and detecting a query to retrieve data from the data source. The method can include modifying the query to produce a modified query by applying the modified user attributes associated with the project to the query and retrieving the data from the data source based on the modified query. | 2020-04-16 |
20200117827 | PURPOSE-BASED DATA ACCESS CONTROL - Method, apparatus and product for purpose-based data access control. Having a data about a subject, for which usage is approved for a purpose, a first encryption key associated with the first purpose is obtained. A link pointing to a first alias of the data is generated, the first alias being associated with the first purpose. The link pointing to the first alias is encrypted with the first encryption key to obtain a first encrypted link; and access is provided to the first encrypted link, whereby access to the data is obtainable by decrypting the first encrypted link with the first decryption key to obtain the first alias and using the first alias to access the data. In some cases, a second link for a second can be similarly generated. Upon revocation of approval, a corresponding alias is eliminated to prevent access thereby. The links may be retained in a decentralized ledger, such as a blockchain. | 2020-04-16 |
20200117828 | OBFUSCATING AUDIBLE COMMUNICATIONS IN A LISTENING SPACE - A system, method and program product for obfuscating audible messages in a listening space A system is provided that includes an orchestrator having: an invocation detection system that triggers an obfuscation event; a system for selecting injector nodes in the listening space for the obfuscation event; and a key management system that distributes keys, derived from a natural interface key, to the injector nodes to cause the injector nodes to inject sounds into the listening space to obfuscate an audible message broadcast by a source node for a target node; and a machine learning system that calculates the natural interface key based on interactions captured from the source node in the listening space. | 2020-04-16 |