25th week of 2017 patent applcation highlights part 83 |
Patent application number | Title | Published |
20170180268 | PER-STAGE ASSIGNMENT OF PIPELINES AGENTS - The customization of a communication pipelines having multiple stages. For each stage, a set of agent(s) is/are identified as available for adding to that stage. Furthermore, any stages that already have an agent assigned are identified. In response to receiving a user selection of an agent to be assigned to a particular stage, that does not already have an agent assigned, the selected agent is assigned to the stage. An enforcement agent enforces that there be only one agent assigned at most to each stage. Assignments of agents are made per stage. This allows the functionality of the agent to be simplified more towards augmenting the functionality of the stage. Accordingly, the logic of the agent is simplified, thereby making it more likely that there will be a healthy quality of agents available to select from for each stage. | 2017-06-22 |
20170180269 | Publisher-Subscriber Queue Provisioning - Methods and systems related to implementations of provisioning publisher-subscriber queues are described. The implementations include receiving, by a computing apparatus, a data queue request from a publisher. The computing apparatus may generate at least one of a publisher data queue, a publisher information queue, or an access queue. The computing apparatus may further control access to the publisher data queue based on the access queue and the publisher information queue. | 2017-06-22 |
20170180270 | ADAPTIVE FABRIC MULTICAST SCHEMES - Described herein are devices and techniques for distributing application data. A device can communicate with one or more hardware switches. The device can receive, from a software stack, a multicast message including a constraint that indicates how application data is to be distributed. The constraint including a listing of the set of nodes and a number of nodes to which the application data is to be distributed. The device may receive, from the software stack, the application data for distribution to a plurality of nodes. The plurality of nodes being a subset of the set of nodes equaling the number of nodes. The device may select the plurality of nodes from the set of nodes. The device also may distribute a copy of the application data to the plurality of nodes based on the constraint. Also described are other embodiments. | 2017-06-22 |
20170180271 | TECHNIQUES FOR EMBEDDING FABRIC ADDRESS INFORMATION INTO LOCALLY-ADMINISTERED ETHERNET MEDIA ACCESS CONTROL ADDRESSES (MACS) AND A MULTI-NODE FABRIC SYSTEM IMPLEMENTING THE SAME - Techniques for embedding fabric addressing information within Ethernet media access control (MAC) addresses is disclosed herein and allows a multi-node fabric having potentially millions of nodes to feature Ethernet encapsulation without the necessity of a lookup or map to translate MAC addresses to fabric-routable local identifiers (LIDs). In particular, a locally-administered MAC address may be encoded with fabric addressing information including a LID. Thus a node may exchange Ethernet packets using a multi-node fabric by encapsulating each Ethernet packet with a destination MAC address corresponding to an intended destination. As the destination MAC address may implicitly map to a LID of the multi-node fabric, the node may use an extracted LID value therefrom to address a fabric-routable packet. To this end, a node may introduce a fabric-routable packet encapsulating an Ethernet packet onto a multi-node fabric without necessarily performing a lookup to map a MAC address to a corresponding LID. | 2017-06-22 |
20170180272 | SYSTEM AND METHOD FOR ACCELERATING NETWORK APPLICATIONS USING AN ENHANCED NETWORK INTERFACE AND MASSIVELY PARALLEL DISTRIBUTED PROCESSING - The amount of data being delivered across networks is constantly increasing. This system and method demonstrates an improved system and method for establishing secure network connections with increased scalability and reduced latency. This approach also includes arbitrary segmentation of incoming network traffic, and dynamic assignment of parallel processing resources to execute application code specific to the segmented packets. The method uses a modified network state model to optimize the delivery of information and compensate for overall network latencies by eliminating excessive messaging. Network data is application generated, and encoded into pixel values in a shared framebuffer using many processors in parallel. These pixel values are transported over existing high speed video links to the Advanced Network Interface Card, where the network data is extracted and placed directly on to high speed network links. | 2017-06-22 |
20170180273 | ACCELERATED NETWORK PACKET PROCESSING - Devices and techniques for accelerated packet processing are described herein. The device can match an action to a portion of a network data packet and accelerate the packet-processing pipeline for the network data packet through the machine by processing the action. | 2017-06-22 |
20170180274 | Packets Processing - Various examples of the present disclosure may provide a packet processing method. A control device may receive a packet from an access switch. If VM address information in the packet is not associated with a port on the access switch for receiving the packet, the control device may send an instruction to the access switch instructing the access switch to associate the VM address information with the port on the access switch for receiving the packet, so that the access switch associates the VM address information with the port on the access switch for receiving the packet. The VM address information may comprise: a VLAN ID, an IP address and an MAC address. | 2017-06-22 |
20170180275 | DYNAMIC JITTER BUFFER SIZE ADJUSTMENT - In a particular implementation, a method includes dynamically adjusting a size of a buffer of a receiving terminal based on a comparison of a signal quality metric associated with a wireless communication channel between the receiving terminal and a transmitting terminal to a signal quality threshold. The method also includes storing a first set of data packets of a plurality of data packets in the buffer. The first set of data packets are received at the receiving terminal from the transmitting terminal. The method further includes outputting reconstructed speech based on the first set of data packets and replacement packets that are generated based at least in part on the first set of data packets. The replacement packets are associated with a set of unreceived data packets of the plurality of data packets. | 2017-06-22 |
20170180276 | AUTOMATIC SUGGESTIONS AND OTHER CONTENT FOR MESSAGING APPLICATIONS - A messaging application may automatically analyze content of one or more messages and/or user information to automatically provide suggestions to a user within a messaging application. The suggestions may automatically incorporate particular non-messaging functionality into the messaging application. The automatic suggestions may suggest one or more appropriate responses to be selected by a user to respond in the messaging application, and/or may automatically send one or more appropriate responses on behalf of a user. | 2017-06-22 |
20170180277 | NETWORK AWARE APPLICATION DEPENDENT ADAPTIVE PROTOCOL SELECTION FOR IOT COMMUNICATIONS - Disclosed in some examples are methods, systems, and devices which perform automatic selection of an application-layer communication protocol based upon one or more communication characteristics of the sending application and one or more characteristics of the network connection between the sending device and the recipient. The selection of which protocol to use may be made on a message-by-message basis, periodically at various intervals (e.g., every predetermined time period), once upon application initialization, or the like. By dynamically selecting an application-layer communications protocol, an application may leverage the advantages of a specific protocol given the communication characteristics of the application and characteristics of the network connection at that time. | 2017-06-22 |
20170180278 | CONTACT MATCHING METHOD, INSTANT MESSAGING CLIENT, SERVER AND SYSTEM - A computer-implemented method of providing matching information to prospective first and second users is performed at a server, the method including: receiving first audio data and first user information; receiving second audio data, and second user information; storing a first timestamp of the first audio data and first user information and a second timestamp of the second audio data and second user information; performing analysis processing on the first audio data to obtain first feature information, and performing analysis processing on the second audio data to obtain second feature information; judging whether the first timestamp and the second timestamp and the first feature information and the second feature information match; and if the first and second times of receipt and the first and second feature information match, sending the first user information to the second user and sending, by the server, the second user information to the first user. | 2017-06-22 |
20170180279 | PROVIDING INTEREST BASED NAVIGATION OF COMMUNICATIONS - Interest based navigation of communications is provided. In some examples, an application, such as a communication application, receives a communication from a source. The communication is parsed to identify an interest and a participant account associated with the communication. The communication application assigns the communication to an interest container associated with the interest and to an account container associated with the participant account. Furthermore, the communications are presented in the interest container and in the account container within a navigation user interface (UI). | 2017-06-22 |
20170180280 | EVENT DETECTION USING INQUIRIES - Inquiry data from one or more sources (e.g., client devices) may be analyzed to determine if key terms, date terms, and locality terms are indicative of an event to occur at a locality during one or more dates. Events that are detected may be communicated (e.g., via an electronic message(s)). An owner of a property may receive the electronic message(s) that are communicated for detected events and the owner may act to garner interest in stays at their property. Travelers searching for a property to stay at during the event may receive the electronic message(s) in the form of an offer (e.g., an email, a text message, a Tweet, a newsletter, etc.). The inquiry data may be received in real time and/or may be accessed from a data store. The Inquiry data may be curated to remove non-essential information and/or to include edited key terms, date terms, and locality terms. | 2017-06-22 |
20170180281 | PROVIDING TASK ORIENTED ORGANIZATION OF COMMUNICATIONS - Task oriented organization of communications is provided. A communication application initiates operations to organize communications in response to received communications. The communications are analyzed to parse a shared task information. A communication is created from the communications automatically based on a shared task or manually based on a user input. The communication group integrates the shared task information. Next, the communication group is presented with the shared task information. | 2017-06-22 |
20170180282 | Messaging Service - A method is provided for allocating a messaging mailbox located in a communications network to a user. The method performs the following actions in a messaging mailbox management device: receiving from a communication terminal, via the communications network, a request for a messaging mailbox, the request including user identification information, the identification information being different from a contact identifier of the user that can be reached on a communications network of a telecommunications operator to which the user subscribes; recording the received identification information in association with a messaging mailbox identifier; and sending a message in reply to the request, via the communications network, to the communication terminal. The message includes the messaging mailbox identifier. | 2017-06-22 |
20170180283 | TIME CONVERSION IN AN INSTANT MESSAGE - Embodiments of the present invention provide methods, program products and systems for displaying a corrected time included in the text of an instant message. One or more processors determine that an instant message sent from a first user to a second user includes a first time and a first time zone corresponding to the first time and determine that the first time zone corresponding to the first time does not match a second time zone. The one or more processors convert the first time to a second time, wherein the second time is determined based, at least in part, on the first time, the first time zone, and the second time zone. The one or more processors cause the second time to be displayed to the second user. | 2017-06-22 |
20170180284 | SYSTEMS AND METHODS FOR INVOKING CHATBOTS IN A CHANNEL BASED COMMUNICATION SYSTEM - The disclosed systems and methods join a user to a sub-channel within a primary communication channel. A message from the user comprises a user identifier and a text communication. The communication is compared to each tag in each set of tags in a plurality of sets of tags, each set of tags being uniquely associated with (i) a different chatbot in one or more chatbots associated with the sub-channel or (ii) a different node within a plurality of nodes in a chatbot. The communication is routed to a first chatbot in the one or more chatbots, or a first node within the first chatbot, on the basis of being associated with a tag that best matches the communication. A responsive message by the first chatbot within the sub-channel includes the user identifier, thereby facilitating a conversation between the user and an enterprise data source associated with the sub-channel. | 2017-06-22 |
20170180285 | IMPORT CONTENT ITEMS FROM EMAIL - An example computer-implemented method to download and organize attachments from messages includes downloading a message attachment and related message metadata from a messaging database such as an email attachment. The example computer-implemented method can then include indexing the message attachment using the message metadata. The example method can then include identifying a year of receipt and a sender of the message and present the attachment in a collection organized by year of receipt and sender. | 2017-06-22 |
20170180286 | METHOD, PUBLIC ACCOUNT SERVER, AND MOBILE TERMINAL FOR SENDING AND GENERATING CARDS - A method, a public account server, and a mobile terminal for sending and generating a card are disclosed. The method includes: acquiring user information and card information of the mobile terminal; generating card data for the mobile terminal by using a preset card data model according to the user information and the card information of the mobile terminal; and sending the card data to the mobile terminal, so that the mobile terminal receives the card data, acquires a card template corresponding to the card data, and generates the card by using the card data and the card template. | 2017-06-22 |
20170180287 | NETWORK-ENABLED METHOD FOR FAMILY MEMBERS WITH SHARED INTERESTS OR FUTURES TO MUTUALLY ASSIST ONE ANOTHER - A social networking device and method that creates a new virtual private network and interface for family members that have shared interests in each other's health, finances, travel, calendars, special events, debts, and physical access to assets. Fundamental to these interests are their individual respective commitments to help one another, and need for automation to assist them with the means needed to be made aware and the tools needed to be effective. A generic family-hub mobile app is downloaded to corresponding mobile devices and independently used by each family member to invite others to join a new family-hub VPN, enroll, share personal information, and access graphical user interfaces (GUI). Several dashboards in the GUI are included with scoreboards for the health, finances, travel, calendars, special events, debts, and physical access to assets of the other enrolled family members. | 2017-06-22 |
20170180288 | PERSONAL MUSIC COMPILATION - Exemplary methods, apparatuses, and systems receive, from a first user of a network service, an identifier associated with an account within the network service for a second user and data that is descriptive of the second user. Based upon the descriptive data, a plurality of candidate songs is selected and presented to the first user. A selection of a plurality of the candidate songs is received from the first user. A media object including the selected songs as a musical compilation is generated and published to the network service. In response to receiving an interaction with the media object, the network service plays the musical compilation. | 2017-06-22 |
20170180289 | Publish-Subscribe Message Transformation - Technology for publish-subscribe message transformations is provided. In one example, a publish-subscribe messaging method may include identifying a definition of a transformation rule for transforming a message received from a publisher. The message may be received from the publisher at a broker. The message may identify a topic and may include message data. A determination may be made as to whether the message is associated with a transformation rule for transforming the message. The method may further include transforming the message as defined by the transformation rule and sending the transformed message to a destination. | 2017-06-22 |
20170180290 | SELECTIVE CONTENT DISSEMINATION BASED ON SOCIAL MEDIA CONTENT ANALYSIS - A computer implemented method for selective dissemination of social media content is provided. The computer implemented method receives social media content associated with a first user at a social networking site and classifies the social media content associated with the first user into at least one social network community. The computer implemented method inhibits access to the social media content associated with the first user by at least one of a second user and another user not within the at least one social network community and outputs for display a first notification to the user. | 2017-06-22 |
20170180291 | METHODS AND SYSTEMS FOR PROCESSING ELECTRONIC MESSAGES - Programmer input in a programming language in received, where the programmer input defines a behavior of an executable electronic object. One or more computers generate the executable electronic object according to the programmer input. An electronic message corresponding to invoking the executable electronic object is received, and in response to receiving the electronic message, the executable electronic object is invoked by one or more computers. | 2017-06-22 |
20170180292 | COMMUNICATION CONTROL METHOD AND INFORMATION PROCESSING APPARATUS - A communication control method is for performing a process executed by a computer including a processor. The process includes storing, in a storage device of an information processing apparatus, a correspondence relationship of a first user, a second user associated with the first user, and a third user associated with the second user; receiving, at the information processing apparatus, a message from the first user to the third user, from a terminal of the first user; and sending, by the information processing apparatus, the message received from the terminal of the first user as a message from the second user, to a terminal of the third user. | 2017-06-22 |
20170180293 | CONTEXTUAL TEMPORAL SYNCHRONIZATION MARKERS - Embodiments include method, systems and computer program products for contextual temporal synchronization markers. In some embodiments, a client application of a user device may be initiated to display messages of a data feed. Data from a sensor associated with the user device may be obtained. A current position in the data feed may be obtained. A contextual stream may be generated using the data from the sensor and the current position in the data feed. The contextual stream may be stored. | 2017-06-22 |
20170180294 | AUTOMATIC SUGGESTIONS FOR MESSAGE EXCHANGE THREADS - A system and method for identifying an entity from a message exchange thread and generating a suggestion that is directed to the entity, such as a suggestion for a user to take an action on the entity. A suggestion application receives at least one electronic message from a message exchange thread, identifies an entity that can be actionable from the electronic message, determines contextual indicators of the entity, determines whether the entity is actionable based on the contextual indicators, and responsive to the entity being actionable, provides a suggestion that is directed to the entity to a participant(s) of the message exchange thread. | 2017-06-22 |
20170180295 | OFFLINE PROMPTS OF ONLINE SOCIAL NETWORK MENTIONS - A system, method and apparatus for executing scripts to provide offline prompts in a social networking application are provided. A social networking application operating on a mobile device in an offline mode receives an input comprising a sequence of characters from a user of the mobile device. The social networking application executes a script that was received by the mobile device while being operated in an online mode. The script analyzes each character of the user input as each character is received by the mobile device, and generates a prioritized list of social network contact identifiers, wherein the prioritized list is a prediction of social network contact identifiers associated with the content of the user input and data associated with the script. The social networking application further causes the prioritized list of social network contact identifiers to be provided to the user in response to the user input. | 2017-06-22 |
20170180296 | METHODS FOR DELIVERING ELECTRONIC MAILS ON REQUEST, ELECTRONIC MAIL SERVERS AND COMPUTER PROGRAMS IMPLEMENTING SAID METHODS - Method for delivering electronic mails on request from an electronic mail server to at least one remote client via an internet network, said method being characterized in that said electronic mail server exchanges data with at least one storage server and in that it comprises a delivery step comprising the operations of:
| 2017-06-22 |
20170180297 | PROVIDING SOCIAL INSIGHT IN EMAIL - A social insight is provided in an email. A communication application initiates operations to provide the social insight by receiving action(s) performed on the email by a recipient from a tracking service. The tracking service is authorized to track the action(s) and provide the action(s) for analysis. The action(s) are also tracked in real time. A feedback is generated based on the action(s). The feedback is presented to a participant within the email or a conversation associated with the email. | 2017-06-22 |
20170180298 | COGNITIVE MESSAGE ACTION RECOMMENDATION IN MULTIMODAL MESSAGING SYSTEM - Technical solutions are described for action recommendation in a multimodal messaging system. An example method includes accessing a prior message received by a user. The method also includes identifying a first set of attributes associated with the prior message. The method also includes identifying a prior action selected by the user in response to the prior message. The method also includes receiving a new message directed for the user. The method also includes identifying a second set of attributes associated with the new message. The method also includes generating a list of recommended actions in response to the new message based on a comparison of the first set of attributes and the second set of attributes. The method also includes presenting the list of recommended actions to the user. | 2017-06-22 |
20170180299 | System and Method for Expanded Messaging Indicator - In one embodiment, a method includes, by a client computing device of a first user, providing a user interface for presentation. The client computing device may receive data associated with an action in progress on a client computing device of second user. The data may indicate that a message is being composed or seen using the client computing device of the second user. The client computing device of the first user may automatically present an indicator on the user interface based on the received data. | 2017-06-22 |
20170180300 | Method for initiating activities on a computing device on the basis of information Related to electronic messages and/or gyroscope - Disclosed is a method for initiating activities on a computing device on the basis of information related to electronic messages and/or gyroscope. The present invention can be used for the initiation of one or more of the following five activities: (1) collecting information about when and how long a user of a computing device reads a message in a feed of a social network; (2) displaying an internal message in a social network application; (3) sending a set of messages to users of a social network application; (4) sending a message to a list of users of a social network application; (5) sending a personalized message; and (6) providing a bonus to contacts who share the received message with other contacts. | 2017-06-22 |
20170180301 | SUGGESTING A MESSAGE TO USER TO POST ON A SOCIAL NETWORK BASED ON PRIOR POSTS DIRECTED TO SAME TOPIC IN A DIFFERENT TENSE - A method, system and computer program product for improving the quality of the posts in a social network. A topic of a post to a social network environment is identified using natural language processing. The tense of the post directed to the identified topic is detected using natural language processing. The post is transformed to a suggested post of a second tense directed to the same topic to the user using natural language processing. A suggested message to be posted by the user to the social network in a third tense (e.g., past tense) based on the posts directed to the identified topic in the first and second tenses (e.g., future and present tenses) is generated using natural language processing thereby forming a past/present/future pairing of posts. By forming a past/present/future pairing of posts, a more complete and understandable view of the user's personal history may be obtained. | 2017-06-22 |
20170180302 | Media Plug-In for Third-Party System - In one embodiment, a method includes receiving a request to display a media plug-in on a third-party website hosted by a third-party system, determining media content associated with the request to display the media plug-in, and determining whether the third-party website is being viewed by a user that is currently logged in to the social-networking system. The method further includes determining one or more user-selectable objects based at least on the determined media content and the determination of whether the user is currently logged in to the social-networking system and providing the determined one or more user-selectable objects for display in the media plug-in on the third-party website. The third-party system is separate from the social-networking system. The user-selectable objects, once selected, cause an action related to the determined media content. | 2017-06-22 |
20170180303 | ROUTING MESSAGES BASED ON MESSAGE TYPE OF MESSAGES - Various embodiments of systems and methods to route a plurality of messages are described herein. Initially a plurality of messages are received from a plurality of service providers. Next the plurality of messages are analyzed to determine a first message, from the plurality of messages, corresponding to a first message type and a second message, from the plurality of messages, corresponding to a second message type. Based on the determined first message type and the second message type, the first message is routed to a first route point and the second message is routed to a second route point. | 2017-06-22 |
20170180304 | INTER VEHICLE COMMUNICATION SYSTEM - A method and network for transmitting a message from a sender to a recipient wherein the sender has no previous knowledge of the recipient's identity. A method is provided for registering a user with a web-enabled database service by providing correlating data on the user's identity and vehicle license plate number and/or other vehicle identifying information. A sender observing a vehicle can send a message to the recipient by logging onto the service and sending a message including the license plate number of the vehicle or other vehicle identifying information. The service will forward the message to the recipient by looking up the vehicle information, discerning the most appropriate communications method(s), and causing the message to be transmitted to the recipient or stored for later delivery. | 2017-06-22 |
20170180305 | CONFIGURING A PROTOCOL ADDRESS OF A NETWORK DEVICE USING AN ADDRESS RESOLUTION PROTOCOL REQUEST - A device may monitor a network port for an address resolution protocol (ARP) request from a sender device. The device may detect the ARP request based on monitoring the network port for the ARP request. The device may identify a target protocol address included in the ARP request. The device may configure a protocol address of the device using the target protocol address. | 2017-06-22 |
20170180306 | GATEWAY REGISTRY METHODS AND SYSTEMS - A gateway device for managing a set of two or more local management devices at a location. A system for networks at a plurality of locations. A method of operating a gateway device in a control network. A method for storing information to operate a gateway device in a control network. A method for storing information to operate a replacement gateway device in a control network. | 2017-06-22 |
20170180307 | Global Contact-Point Registry for Peer Network Devices - Previous solutions to the problem of maintaining up-to-date network device addressing, fail to provide systems or processes that efficiently share and obtain addressing information of networking devices in a given network. By contrast, and to that end, various implementations disclosed herein include systems, methods and apparatuses that generate a registry request message, where the registry request message includes a first portion characterized by a first write privilege and a second portion characterized by a second write privilege different from the first write privilege. The systems, methods and apparatuses convey the registry request message to a shared contact point network entity, and obtain a response message addressed from the shared contact point network entity, where the response message includes peer addressing information corresponding to one or more peer network devices associated with the aforementioned systems, methods and apparatuses. | 2017-06-22 |
20170180308 | ALLOCATION OF PORT ADDRESSES IN A LARGE-SCALE PROCESSING ENVIRONMENT - Systems, methods, and software described herein enhance addressing of services in a large-scale processing environment. In one implementation, a method of operating a control node of a large-scale processing environment includes receiving a request to configure a virtual cluster with data processing nodes on one or more hosts, and identifying services associated with the data processing nodes. The method further provides generating port addresses for each service in the data processing nodes, wherein services on a shared host of the one or more hosts are each provided a different port address. The method also includes allocating the port addresses to the services in the virtual cluster. | 2017-06-22 |
20170180309 | SELECTIVE IP ADDRESS ALLOCATION FOR PROBES THAT DO NOT HAVE ASSIGNED IP ADDRESSES - Systems and methods for managing communication in an IP network between a server and a probe that does not maintain an IP address by selectively restricting which IP addresses that are identified as active in the network may be borrowed for the probes. Restriction of IP addresses may include a black list to exclude specific IP addresses, a white list from which IP addresses can be drawn or both. This permits control over which IP addresses may be borrowed by probes, reducing false alarms, alerts or other network concerns caused by unexpected IP traffic on a particular IP address in the network. | 2017-06-22 |
20170180310 | METHOD, EQUIPMENT, SYSTEM AND COMPUTER STORAGE MEDIUM FOR IMPLEMENTING NUMBER PORTABILITY ANNOUNCEMENT - A method, a device and a storage medium for processing a communication service in a circuit switch domain are provided. The method may include: judging, when a communication service being currently processed by a communication terminal is a voice call service or a short message service in a circuit switch domain, whether a switching condition for switching the communication service onto a real-time communication tool in a packet switch domain of the communication terminal is met; if it is met, switching the communication service onto the real-time communication tool in the packet switch domain of the communication terminal. | 2017-06-22 |
20170180311 | SYSTEMS AND METHODS FOR MANAGING NETWORK ADDRESS INFORMATION - Systems, methods and apparatus for managing network address information. In some embodiments, an appropriate address authority is queried to obtain information useful for address mapping. For example, the address authority may be selected by determining whether an address to be mapped is within one or more blocks of addresses for which the address authority is authoritative. In some further embodiments, address mapping information may be distributed from an address authority to a network device, so that the network device may perform address mapping using locally available information. | 2017-06-22 |
20170180312 | METHODS AND SYSTEMS FOR IDENTIFICATION OF A DOMAIN OF A COMMAND AND CONTROL SERVER OF A BOTNET - Methods and apparatuses for identifying a domain of a command and control server of a botnet are described. Upon receipt of a request to register a domain for a service that includes a proxy server, where the proxy server is to receive and process traffic for that domain if registration is successful, a determination of whether the domain was generated by a domain generation algorithm (DGA) is performed. Responsive to determining that the domain was generated by the DGA, performing at least one of: denying registration of the domain for the service, and accepting registration of the domain for the service and causing the proxy server to monitor communications received to and from the domain | 2017-06-22 |
20170180313 | Associating Geolocation Data With IP Addresses - Methods associating geolocation data received via an Internet Protocol (IP) network with IP addresses are disclosed. A plurality of advertisement requests are received from a plurality of publishers connected to the IP network. Each advertisement request comprises an IP address and geolocation data comprising the latitude and longitude of a device requesting a resource from the publisher. A first table is constructed having records indexed by IP address and values that are the geolocation data of each advertisement request. Cluster analysis is then carried out on the records to identify clusters of records that have the same IP address and geolocation data that meet a density threshold. A centroid for each cluster and a confidence level for the centroid are then evaluated. The IP addresses, the latitude and longitude of the centroid and the confidence level of each cluster are then written to a second table. | 2017-06-22 |
20170180314 | ATTESTATION DEVICE CUSTODY TRANSFER PROTOCOL - A custody transfer of a device can include sending a start of transfer request to an attestation device over a short range wireless communication channel, a nonce is received from the attestation device in association with the start of transfer request, and the nonce is signed at the particular gateway device. The signed nonce is sent to the attestation device, a transfer confirmation message is received from the attestation device, and a transfer message is sent to a management system to report a transfer in custody of the attestation device involving the particular gateway device and another gateway device. | 2017-06-22 |
20170180315 | NETWORK INTERFACE CARD RATE LIMITING - Systems and methods for limiting the rate of packet transmission from a NIC to a host CPU are provided. According to one embodiment, data packets are received from a network by the NIC. The NIC is coupled to a host central processing unit (CPU) of a network security device through a bus. A status of the host CPU is monitored by the NIC. A rate limiting mode indicator is set by the NIC based on the status. When the rate limiting mode indicator indicates rate limiting is inactive, then the received data packets are delivered or make available to the host CPU for processing. When the rate limiting mode indicator indicates rate limiting is active, then rate limiting is performing by temporarily stopping or slowing the delivery or making available of the received data packets to the host CPU for processing. | 2017-06-22 |
20170180316 | METHOD AND APPARATUS FOR FEDERATED FIREWALL SECURITY - In one embodiment, a method includes receiving capability information from an end host at a centralized security matrix in communication with a firewall and a plurality of end hosts, verifying at the centralized security matrix, a trust level of the end host, assigning at the centralized security matrix, a firewall function to the end host based on the trust level and capability information, and notifying the firewall of the firewall function assigned to the end host. Firewall functions are offloaded from the firewall to the end hosts by the centralized security matrix. An apparatus and logic are also disclosed herein. | 2017-06-22 |
20170180317 | Intercepting Intra-Network Communication for Smart Appliance Behavior Analysis - A system and method for intercepting intra-network traffic for smart appliance behavior analysis. A network traffic hub is configured to intercept network traffic between a switch and a router. A smart appliance sends a message to the router, such as a DHCP request when the smart appliance joins the network. The router sends a response to the smart appliance. The network traffic hub intercepts and modifies the response to instruct the smart appliance to send all future intra-network traffic through the network traffic hub and the router. In some embodiments, the network traffic hub alters a network mask in the response message to instruct the smart appliance to send traffic through the network traffic hub. The network traffic hub then extracts data from the network traffic and uses that data for behavior analysis of smart appliances. | 2017-06-22 |
20170180318 | Dual Memory Introspection for Securing Multiple Network Endpoints - Described systems and methods enable protecting multiple client systems (e.g., a corporate network) from computer security threats such as malicious software and intrusion. In some embodiments, each protected client operates a live introspection engine and an on-demand introspection engine. The live introspection engine detects the occurrence of certain events within a protected virtual machine exposed on the respective client system, and communicates the occurrence to a remote security server. In turn, the server may request a forensic analysis of the event from the client system, by indicating a forensic tool to be executed by the client. Forensic tools may be stored in a central repository accessible to the client. In response to receiving the analysis request, the on-demand introspection engine may retrieve and execute the forensic tool, and communicate a result of the forensic analysis to the security server. The server may use the information to determine whether the respective client is under attack by malicious software or an intruder. | 2017-06-22 |
20170180319 | DATAPATH PROCESSING OF SERVICE RULES WITH QUALIFIERS DEFINED IN TERMS OF TEMPLATE IDENTIFIERS AND/OR TEMPLATE MATCHING CRITERIA - Some embodiments of the invention introduce cloud template awareness in the service policy framework. Some embodiments provide one or more service rule processing engines that natively support (1) template-specific dynamic groups and template-specific rules, and (2) dynamic security tag concepts. A service rule processing engine of some embodiments natively supports template-specific dynamic groups and rules as it can directly process service rules that are defined in terms of dynamic component groups, template identifiers, template instance identifiers, and/or template match criteria. Examples of such services can include any kind of middlebox services, such as firewalls, load balancers, network address translators, intrusion detection systems, intrusion prevention systems, etc. | 2017-06-22 |
20170180320 | CREATING AND DISTRIBUTING TEMPLATE BASED SERVICE RULES - Some embodiments of the invention introduce cloud template awareness in the service policy framework. Some embodiments provide one or more service rule processing engines that natively support (1) template-specific dynamic groups and template-specific rules, and (2) dynamic security tag concepts. A service rule processing engine of some embodiments natively supports template-specific dynamic groups and rules as it can directly process service rules that are defined in terms of dynamic component groups, template identifiers, template instance identifiers, and/or template match criteria. Examples of such services can include any kind of middlebox services, such as firewalls, load balancers, network address translators, intrusion detection systems, intrusion prevention systems, etc. | 2017-06-22 |
20170180321 | DATAPATH PROCESSING OF SERVICE RULES WITH QUALIFIERS DEFINED IN TERMS OF DYNAMIC GROUPS - Some embodiments of the invention introduce cloud template awareness in the service policy framework. Some embodiments provide one or more service rule processing engines that natively support (1) template-specific dynamic groups and template-specific rules, and (2) dynamic security tag concepts. A service rule processing engine of some embodiments natively supports template-specific dynamic groups and rules as it can directly process service rules that are defined in terms of dynamic component groups, template identifiers, template instance identifiers, and/or template match criteria. Examples of such services can include any kind of middlebox services, such as firewalls, load balancers, network address translators, intrusion detection systems, intrusion prevention systems, etc. | 2017-06-22 |
20170180322 | GENERATING WIRELESS APPLICATION FIREWALL SPECIFIC VALIDATION RULE - Various embodiments of systems and methods to generate web application firewall specific validation rule are described herein. Initially a web service metadata is processed to retrieve a plurality of data parameters from the web service metadata. Next a common validation rule is generated based on the retrieved one or more data parameters. The common validation rule is then modified to generate the web application firewall specific validation rule. | 2017-06-22 |
20170180323 | SYSTEM AND METHOD FOR SECURING VIRTUALIZED NETWORKS - Systems and methods for securing a dynamic virtualized network are provided. According to one embodiment, a network policy of a dynamic virtualized network is received by an SDN controller of the dynamic virtualized network. The network policy includes network policy elements which each identify (i) an authorized endpoint, (ii) a network access device, and (iii) a port of the network access device with which the authorized endpoint is associated. A security policy for the dynamic virtualized network is generated based on the network policy, by, for each network access device, creating a set of appropriate security measures for the network access device. Each security measure specifies how network traffic in the dynamic virtualized network is to be processed by a port of the network access device. Finally, the security policy is applied to each affected network access device. | 2017-06-22 |
20170180324 | CLOUD COMPUTING GATEWAY, CLOUD COMPUTING HYPERVISOR, AND METHODS FOR IMPLEMENTING SAME - Embodiments of the present invention provide a cloud gateway system, a cloud hypervisor system, and methods for implementing same. The cloud gateway system extends the security, manageability, and quality of service membrane of a corporate enterprise network into cloud infrastructure provider networks, enabling cloud infrastructure to be interfaced as if it were on the enterprise network. The cloud hypervisor system provides an interface to cloud infrastructure provider management systems and infrastructure instances that enables existing enterprise systems management tools to manage cloud infrastructure substantially the same as they manage local virtual machines via common server hypervisor APIs. | 2017-06-22 |
20170180325 | TECHNOLOGIES FOR ENFORCING NETWORK ACCESS CONTROL OF VIRTUAL MACHINES - Technologies for enforcing virtual machine network access control include a network computing device that includes a plurality of virtual machines. The network computing device is configured to receive an access request from a virtual function assigned to a requesting virtual machine of the network computing device. The network computing device is additionally configured to determine a first privilege level assigned to the requesting machine and a second privilege level assigned to the destination virtual machine, and determine whether the requesting virtual machine is authorized to access the destination virtual machine based on a comparison of the first and second privilege levels. Upon determining the requesting virtual machine is authorized to access the destination virtual machine, the network computing device is additionally configured to allow the requesting virtual machine access to the destination virtual machine. Other embodiments are described herein. | 2017-06-22 |
20170180326 | SECURE TRANSMISSION OF LOCAL PRIVATE ENCODING DATA - A method of secure transfer of local private encoding data between a first communication device and a second communication device, the first communication device and the second communication device being operable to communicate with each other via a communication connection there between, a respectively adapted first communication device, a respectively adapted second communication device, a system comprising such first and second communication devices and also a computer program product for carrying out the above method. | 2017-06-22 |
20170180327 | SYSTEM AND METHOD FOR USING UNIQUE DEVICE IDENTIFIERS TO ENHANCE SECURITY - A method for detection and use of device identifiers to enhance the security of data transfers between electronic devices. A first electronic device can transmit access data to a second electronic device. The access data can be associated with a first access code that can be generated based at least in part on data representing a device identifier of the first electronic device. A device identifier can uniquely identify the first electronic device from a plurality of electronic devices. Transferring the access data can involve transforming the first access code into a second access code that can include data representing a device identifier associated with the second electronic device. Transforming the first access code into the second access code can facilitate access to a resource associated with the access data for a second user, but not for a first user. | 2017-06-22 |
20170180328 | VEHICLE COMMUNICATION NETWORK SECURITY SYSTEM AND METHOD - A vehicle communication network security system) includes one or more processors configured to be disposed onboard a vehicle system traveling together along a route. The processors examine one or more characteristics of an incoming data signal received by the processors from a communication device disposed onboard the vehicle system. The processors determine whether the incoming data signal is a secure data signal or an insecure data signal based on the one or more characteristics, communicate the incoming data signal to one or more onboard systems of the vehicle system for use by the one or more onboard systems in controlling operation of the vehicle system responsive to determining that the incoming data signal is the secure data signal, and prevent the incoming data from being communicated to the one or more onboard systems responsive to determining that the incoming data signal is the insecure data signal. | 2017-06-22 |
20170180329 | RECEIVING APPARATUS AND PACKET PROCESSING METHOD THEREOF - The present disclosure provides a receiving apparatus for preprocessing at least one segment data packet to a data packet. The receiving apparatus includes a packet parser, a data memory, a decrypt engine, a transmission engine, a header processing unit and a controller. The packet parser fetches segment-packet-header information from a segment packet header of each segment data packet. The decrypt engine decrypts an encrypted data of each segment data packet to obtain a segment payload and a QUIC private header including sequence information. The transmission engine transmits the segment payload to a specific location of a system memory. The header processing unit calculates packet information and updates the segment packet header stored in the data memory to generate a packet header. The controller controls the transmission engine based on the sequence information to output the packet header to the system memory for generating the data packet. | 2017-06-22 |
20170180330 | METHOD AND ELECTRONIC DEVICE FOR VEHICLE REMOTE CONTROL AND A NON-TRANSITORY COMPUTER READABLE STORAGE MEDIUM - Disclosed are an method and electronic device for vehicle remote control and a non-transitory computer readable storage medium includes: receiving an encrypted remote control instruction sent by a server through a pre-established encrypted network connection with the server, the remote control instruction being sent to the server by a user terminal; decrypting the received encrypted remote control instruction, and successively verifying the validity, legality and rationality of the decrypted remote control instruction; executing the remote control instruction when all the validity, legality and rationality pass the verification; and, sending a result of instruction execution to the server through the encrypted network connection after the remote control instruction has been executed. | 2017-06-22 |
20170180331 | TECHNIQUES FOR SECURE DATA EXTRACTION IN A VIRTUAL OR CLOUD ENVIRONMENT - Techniques for secure data extraction in a virtual or cloud environment are presented. Desired data from a Virtual Machine (VM) or an entire VM is extracted and encrypted with a key. This key is sealed to a machine or a group of machines. The encrypted data is then migrated and successfully used on startup for instances of the VM by having the ability to access the sealed key (and unsealing it) to decrypt the encrypted data. | 2017-06-22 |
20170180332 | SYSTEM AND METHOD TO PROVIDE SERVER CONTROL FOR ACCESS TO MOBILE CLIENT DATA - Systems and methods for protecting a data item include, upon initiation of transfer of the data item from a server to a client device, determining a sensitivity score and a current protection, level of the data item. A policy is applied to determine an appropriate protection for the data item based upon the sensitivity score and the current protection level. A protected data item is provided to the client device by applying the appropriate protection to the data item | 2017-06-22 |
20170180333 | ELECTRONIC AUTHORIZATION SYSTEM AND METHOD - An electronic authorization system comprising a data source system configured to transmit transaction data. A secure data system is coupled to the data source system over an open network, the secure data system is configured to receive the transaction data from the data source system, generate a unique encrypted identifier for the transaction data and to transmit the unique encrypted identifier to the data source system. The data source system is configured to receive the unique encrypted identifier and replace payment card data associated with the transaction data in a database with the unique encrypted identifier. | 2017-06-22 |
20170180334 | DATA SECURITY UTILIZING DISASSEMBLED DATA STRUCTURES - Various examples are directed to machines and methods for disassembling and reassembling data structures. An ordered set of functions may be applied to a data array comprising a plurality of data units, each associated with a unique coordinate set. Data units returned by the ordered set of functions may be written in order to one or more disassembled data containers. | 2017-06-22 |
20170180335 | MANAGING ACCESS TO RESOURCES - Methods and systems for managing access to a resource by one of a plurality of applications. The method comprises: storing, in a first storage area associated with a first application, a first credential for use in accessing the resource; receiving, at a second application, a message comprising data for determining that the first application stores a validated credential for accessing the resource; sending a request for the validated credential from the second application to the first application; receiving the first credential at the second application from the first application in response to the request sent; and storing the first credential in a second storage area associated with the second application; wherein the message received at the second application is received from a server system, remote from the plurality of applications, which maintains data indicating a subset of the plurality of applications which store respective validated credentials for accessing the resource. | 2017-06-22 |
20170180336 | APPARATUSES, SYSTEMS AND METHODS FOR CONSTRUCTING UNIQUE IDENTIFIERS - An apparatus for producing unique user specific identifiers including capturing user specific biometric data, kinetic data, biokinetic data, kinetic data and biometric data, biokinetic data and biometric data, and kinetic data, biokinetic data and biometric data and generating unique user specific identifiers. | 2017-06-22 |
20170180337 | TECHNIQUES TO VERIFY LOCATION FOR LOCATION BASED SERVICES - Techniques to verify a participant's visit to a specific location are described. An embodiment may provide a system that generates a pattern that is unique to the location, and that may further be unique to a date or time, a transaction, or other criteria. Participants may capture the pattern, for example, using a mobile device, and transmit the pattern to a verification system. The verification system may decode, translate, decrypt or otherwise obtain information from the pattern. The information obtained from the pattern may be used to verify that the pattern came from the location. The participant may then receive credit for the visit. Other embodiments are described and claimed. | 2017-06-22 |
20170180338 | MANAGEMENT APPARATUS, COMPUTER PROGRAM PRODUCT, SYSTEM, DEVICE, METHOD, INFORMATION PROCESSING APPARATUS, AND SERVER - According to an embodiment, a management apparatus manages pieces of information held by a plurality of devices. The apparatus includes storage, one or more processors, and a transmitter. The storage stores therein the pieces of information held by the devices. The processors generate a list of inspection values indicating the pieces of information stored in the storage. The processors generate determination information for determining, in a state where the list is concealed, whether a provided value is included in the list. The transmitter transmits the determination information to the respective devices. | 2017-06-22 |
20170180339 | SUPPRESSION OF AUTHORIZATION RISK FEEDBACK TO MITIGATE RISK FACTOR MANIPULATION IN AN AUTHORIZATION SYSTEM - Dynamic risk communication associated with a computer device may include automatically detecting one or more security risk factors for the computer device based on current context information associated with the computer device. Whether an attempt is being made via the computer device to manipulate the one or more risk factors in an attempt to reduce a security level of a computer-implemented authentication procedure may be determined. Responsive to determining that the attempt is being made to manipulate the one or more risk factors, a new challenge for additional identification may be communicated for presentation on a user interface device of the computer device while suppressing one or more security risk factors from being presented on the user interface device. Responsive to determining that an attempt is not being made to manipulate the one or more risk factors, the new challenge and one or more security risk factors may be communicated. | 2017-06-22 |
20170180340 | System, Apparatus And Method For Safety State Management Of Internet Things (IoT) Devices - In one embodiment, a device includes: at least one processor; at least one sensor to sense an environmental condition; and a storage to store instructions that, when executed by the at least one processor, enable the device to: receive an encrypted nonce from a safety controller; decrypt the encrypted nonce using a value obtained from an entropy multiplexing seed tree generated by the device based at least in part on an initialization seed value received from the safety controller; responsive to decryption of the nonce, update a portion of a shared memory associated with the device to identify a safety state of the device; and encrypt a second nonce using the value obtained from the entropy multiplexing seed tree and send the encrypted second nonce to the safety controller. Other embodiments are described and claimed. | 2017-06-22 |
20170180341 | SIMPLIFIED SENSOR INTEGRITY - An apparatus is provided that includes at least one processor device, an energy storage module to power the apparatus, memory to store a secret such that powering down and restarting the apparatus causes the secret to be lost, logic executable by the at least one processor device to generate attestation data using the secret that data abstracts the secret, and a communications interface to send the attestation data to another device. | 2017-06-22 |
20170180342 | BASE STATION, CONTROL METHOD, AND STORAGE MEDIUM - A base station includes a reception unit that receives a first communication parameter including first security information and an identifier of a first wireless network established by another base station, a generation unit that generates second security information in which a security method defined in the first security information is changed to a security method having a higher security level, and an establishment unit that establishes a second wireless network that uses a second communication parameter including the identifier and the second security information and has the identifier. | 2017-06-22 |
20170180343 | Browser Extension for Limited-Use Secure Token Payment - Methods and systems for a browser extension system are disclosed. In some embodiments, a browser extension server includes a communication device configured to communicate with a first computing device executing a browser extension application and a web browser application and a second computing device executing an authentication application. The browser extension server further includes a memory storing instructions, and a processor configured to execute the instructions to perform operations. The operations may include receiving from the first computing device an indication of a financial service account associated with the first computing device, detecting a payment field in a web page provided by the computing device through the web browser application and, in response, generating a secure token mapped to the financial service account. The operations may further include sending the second computing device an authentication request, receiving an authentication response, and populating the payment field with the secure token. | 2017-06-22 |
20170180344 | USER AUTHENTICATION OF APPLICATIONS ON THIRD-PARTY DEVICES VIA USER DEVICES - In one embodiment, a first computing device receives an access token from a second computing device, the access token being generated by the second computing device for a specific software application executing on a specific computing device; stores the access token; receives a request for the access token from a software application executing on a third computing device; verifies whether the software application is the same as the specific software application and the third computing device is the same as the specific computing device for which the access token is generated; and sends the access token to the third computing device only when the software application is the same as the specific software application and the third computing device is the same as the specific computing device for which the access token is generated. | 2017-06-22 |
20170180345 | MULTI-FACTOR USER AUTHENTICATION BASED ON USER CREDENTIALS AND ENTRY TIMING - A method of performing operations on an account server processor includes receiving authentication query messaging through a network interface from a user terminal. The authentication query messaging contains an account identifier and a credential string of characters. An elapsed time associated with the user entering characters of the credential string through a user interface of the user terminal is determined responsive to the authentication query messaging. A combination of the account identifier, the credential string, and the elapsed time is authenticated to generate an authentication result. The operations further include selectively communicating through the network interface toward the user terminal based on the authentication result, information that is fetched from a memory of an accounts database using the account identifier. Related account server processors and methods by user terminals are disclosed. | 2017-06-22 |
20170180346 | SOFTWARE CONTAINER REGISTRY SERVICE - A request to store, in first data store associated with a customer of a computing resource service provider, a software image is received, the request including a set of layers of the software image to be stored. As a result of successful authentication of the request, based at least in part on a security token included with the request, a subset of layers of the software image that have not previously been stored in the first data store are determined, based at least in part on first metadata obtained from a second data store, the subset of layers in the first data store are stored, second metadata about the subset of layers are stored in the second data store, and the software image is caused to be launched in a software container of an instance based at least in part on the subset of layers. | 2017-06-22 |
20170180347 | DISTRIBUTED PASSWORD VERIFICATION - Distribution of verification of passwords for electronic account. Password verification is distributed (divided) across multiple entities to reduce potential exposure in the event of a server exposure. | 2017-06-22 |
20170180348 | FAIR, SECURED, AND EFFICIENT COMPLETELY AUTOMATED PUBLIC TURING TEST TO TELL COMPUTERS AND HUMANS APART (CAPTCHA) - A mechanism is described for facilitating fair, secured, and efficient completely automated public turing test to tell computers and humans apart (CAPTCHA) according to one embodiment. A method of embodiments, as described herein, includes receiving distinctive data relating to a user, where the distinctive data includes a video clip of the user, where the distinguishing data is captured using one or more cameras. The method may further include recognizing one or more features of the user from the video clip to determine whether the user is a human, and testing one or more characteristics of the user or the video clip to determine whether the human is a live human. The method may further include allowing access to the user to an application, if the user is determined to be the live human. | 2017-06-22 |
20170180349 | METHOD AND APPARATUS FOR PROVIDING A PROFILE - A method for downloading a profile by a terminal and the terminal for performing the same are provided. The method includes acquiring information including an access token for transmitting a profile request to a profile server, transmitting a first message including the access token and a universal integrated circuit card (UICC) information of the terminal to the profile server, receiving a second message including a verification result from the profile server, and receiving a profile package corresponding to the access token from the profile server. The present disclosure relates to a communication method and system for converging a 5 | 2017-06-22 |
20170180350 | Device Association - A method of associating a first device with a second device is disclosed. The first device through a connected speaker broadcasts a request for association using an audio signal. The broadcasted audio signal is received by the second device through its microphone. The first and second devices then cooperatively verifies a security code and upon a successful verification of the security code, the first and the second devices are enabled to communicate with each other. | 2017-06-22 |
20170180351 | SINGLE SIGN-ON AUTHENTICATION VIA BROWSER FOR CLIENT APPLICATION - In one embodiment, a method includes initiating at a client application at a client device, a single sign-on authentication with a security device, receiving at the client application, a session identifier and location of a web portal for the single sign-on authentication from the security device, and passing the session identifier and location of the web portal from the client application to a browser installed at the client device, for use by the browser in performing the single sign-on authentication at the client device. An apparatus and logic are also disclosed herein. | 2017-06-22 |
20170180352 | SINGLE (SOCIAL) LOGIN AUTHENTICATION AND USER-CENTRIC PORTAL - The present disclosure provides methods, systems, and computer program products for authenticating a user across multiple platforms using a single social login including: obtaining, using a processor, a social login associated with a user; obtaining, using the social login, user information from a plurality of merchants; displaying, on a display device, a user portal comprising a plurality of items from a portion of the plurality of merchants, based on the user information; receiving, using the processor, user input associated with one or more of the plurality of items; and performing, using the processor, an action based on the user input. | 2017-06-22 |
20170180353 | DISTRIBUTED SINGLE SIGN ON TECHNOLOGIES INCLUDING PRIVACY PROTECTION AND PROACTIVE UPDATING - Technologies for distributed single sign-on operable to provide user access to a plurality of services via authentication to a single entity. The distributed single sign-on technologies provide a set of authentication servers and methods for privacy protection based on splitting secret keys and user profiles into secure shares and periodically updating shares among the authentication servers without affecting the underlying secrets. The correctness of the received partial token or partial profiles can be verified with non-interactive zero-knowledge proofs. | 2017-06-22 |
20170180354 | USE OF CERTIFICATES USING A POSITIVE LIST - Methods and apparatuses for using certificates using a positive list are provided. This involves a message, wherein the message includes a certificate for a device, the certificate has a signature for checking an authenticity of the certificate and a piece of admissibility information for ascertaining an admissibility of the certificate using a positive list, being taken as a basis for carrying out authorization for the device subject to the check and the ascertainment. The disclosed can be used in industrial or medical environments. | 2017-06-22 |
20170180355 | METHOD AND SYSTEM FOR HAND HELD TERMINAL SECURITY - A computer implemented method and apparatus for authenticating a field tool by a field device comprising: receiving, on a field device, an authentication certificate; verifying the authentication certificate using a trust anchor certificate on the field device; securing communication between the field tool and the field device with a key generated by a key derivation method using exchanged certificates; receiving a field tool task authorization certificate; verifying the authorization certificate using a trust anchor certificate on the field device; receiving a task request to perform a task by the field tool; and determining whether the task is authorized based on the task authorization certificate; and performing the task on the field device when it is determined the task is authorized. | 2017-06-22 |
20170180356 | CHAIN OF TRUST IDENTIFICATION SYSTEM AND METHOD - Embodiments of a system and method for creating a chain of trust are generally described herein. A method may include generating a private secret value, determining a public test value using the private secret value, sending, from a first device in a trusted environment with a second device and a third device, the public test value to the second device, receiving, at the first device outside the trusted environment, a challenge from the third device, determining a verification to the challenge using the private secret value, sending, from the first device outside the trusted environment, the verification to the second device, and receiving, at the first device outside the trusted environment, confirmation from the third device that the verification was successfully verified by the second device and the third device. | 2017-06-22 |
20170180357 | ACCESS POINT SELECTION AND AUTHENTICATION FOR IOT DEVICE - The present disclosure is directed to access point selection and authentication for an Internet of Things (IoT) device in a wireless local area network. A device encodes a device class identifier in a request frame, the device class identifier to identify a device class type of a device. The device transmits the request frame from the device to an access point and decodes a support code encoded in the response frame received at the device from the access point in response to the device class identifier. The device determines that the access point is capable of associating with the device based at least in part on the response frame. | 2017-06-22 |
20170180358 | HANDLING ENCODED INFORMATION - A method comprises a portable device obtaining a graphical encoded information item which is displayed on a display of a computing apparatus, decoding the encoded information from the encoded information item, and transmitting a first message to first server apparatus, the first message including the decoded information and a first identifier identifying the device or a user of the device, wherein the decoded information includes an apparatus identification information item for allowing identification of the computing apparatus, and the first server apparatus receiving the first message from the device, establishing the identity of the user of the device, wherein establishing the identity of the user comprises using the first identifier to determine if the user is registered with the first server apparatus in response to establishing the identity of the user, authorising the user to access a service, and providing the service to the user via the computing apparatus using the apparatus identification information item or sending a second message to a second server apparatus, the second message including the apparatus identification information item and indicating that the user is authorised to access the service provided by the second server apparatus, the second server apparatus responding to receipt of the second message by providing the service to the user via the computing apparatus using the apparatus identification information item. | 2017-06-22 |
20170180359 | METHOD AND SYSTEM FOR TRACKING AN ELECTRONIC DEVICE AT AN ELECTRONIC DEVICE DOCKING STATION - A system and method for identifying an electronic device user and tracking the electronic device at a docking station is provided. The system includes a CPU, a database containing data corresponding to individual device users, a user identification station, and docking stations. The CPU has access to the database and is communicatively linked to the user identification station and the docking stations. The docking stations have indicators. A device user has an identifying feature corresponding to data for the user in the database. The user identification station is configured to sense the identifying feature of the device user and send this information to the CPU. The CPU is configured to compare the information on the identifying feature to data in the database, and if matching, to instruct one of the docking stations to activate the indicator. | 2017-06-22 |
20170180360 | SYSTEM FOR SECURING USER IDENTITY INFORMATION AND A DEVICE THEREOF - Embodiments of present disclosure relates to system for securing user identity information comprising an authentication device associated to a computing device for authenticating the user identity information. The authentication device comprises a control unit, a user interface, a memory, a bio-metric sensor, and a communication interface. The control unit receives authentication request from the computing device and/or second authentication device. The control unit receives secure identity input towards authentication request from the user. The control unit verifies the received secure identity input with pre-stored user secure identity information and transmits the secure identity input to computing device and second authentication device for verifying secure identity input with the pre-stored user secure identity information. The control unit authenticates the user identity information based on matching of the secure identity input with the pre-stored user secure identity information. | 2017-06-22 |
20170180361 | MOBILE DEVICE-BASED AUTHENTICATION WITH ENHANCED SECURITY MEASURES PROVIDING FEEDBACK ON A REAL TIME BASIS - The tracking of user authentication is disclosed. A first user biometric data set is received from a mobile device on an authentication server, and a second user biometric data set is received from a site resource on the authentication server. The second user biometric is transmitted from the site resource in response to receipt of an authentication command from the mobile device on the site resource. The user is rejected for access to the site resource in the event of an authentication failure. A security procedure is initiated on at least one of the mobile device and a remote physical device separate from the mobile device in response to the rejecting of the user for access to the site resource. | 2017-06-22 |
20170180362 | IDENTITY AUTHENTICATION METHOD AND APPARATUS, TERMINAL AND SERVER - A method, an apparatus, a terminal, and a server for identity authentication are disclosed. The method includes: receiving dynamic face authentication prompt information sent by a server during identity authentication of a user; obtaining gesture recognition information of the dynamic face authentication prompt information by recognizing a facial gesture presented by the user; and sending the gesture recognition information to the server to enable the server to confirm that the identity authentication is successful for the user in response to verifying that the gesture recognition information is consistent with the dynamic face authentication prompt information. Using the embodiments of the present application, a highly secure authentication can be performed on an identity of a user through dynamic face authentication. As compared with existing authentication methods using an authentication password, authentication information will not be stolen by a malicious third party, thus improving the reliability of authentication. Moreover, a user may be recognized as a live user through dynamic face authentication, thereby further improving the accuracy of identity authentication and reducing potential security risks during authentication. | 2017-06-22 |
20170180363 | USER PROFILE SELECTION USING CONTEXTUAL AUTHENTICATION - In embodiments, apparatuses, methods and storage media (transitory and non-transitory) are described that are associated with user profile selection using contextual authentication. In various embodiments, a first user of a computing device may be authenticated and have an access control state corresponding to a first user profile established, the computing device may select a second user profile based at least in part a changed user characteristic, and the computing device may present a resource based at least in part on the second user profile. In various embodiments, the computing device may include a sensor and a user profile may be selected based at least in part on an output of the sensor and a previously stored template generated by a machine learning classifier. | 2017-06-22 |
20170180364 | SOURCE DEVICE AND SYSTEMS AND METHODS OF VERIFYING AN AUTHENTICATION USING DYNAMIC SCORING - A source device for systems and methods of verifying an authentication based on dynamic scoring is disclosed, wherein the source device is configured to receive at least one identification feature from a user, and to communicate the identification feature to a verification unit. The verification unit is configured to generate a base verification score associated with the user based on at least one identification input, the identification input comprising the identification feature, a feature validity rating, and a source device validity rating, to receive a request to access a service, wherein the verification unit compares the base verification score with a service authorization threshold associated with the service, and to grant access to the service when the base verification score meets the service authorization threshold. | 2017-06-22 |
20170180365 | CIRCUIT DEVICE AND A COMMUNICATION APPARATUS - An application program relating to a process of an integrated circuit is stored in a virtual integrated circuit storage area server apparatus. Following a mutual authentication between the IC and the virtual storage area server apparatus through a portable communication function unit, the server apparatus executes the application program. Additionally, through the IC, the portable communication function unit, a wireless communication line, and a network, communicate with an IC_R/W apparatus and perform a process relating to a service in collaboration with each other. | 2017-06-22 |
20170180366 | APPARATUS AND METHOD FOR SECURE OVER THE AIR PROGRAMMING OF A COMMUNICATION DEVICE - A system that incorporates the subject disclosure may perform, for example, receiving an over-the-air programming message that is utilizing a hypertext transfer protocol where the over-the-air programming message including programming data for use by the mobile communication device, converting the over-the-air programming message to a short message service transport protocol to generate an adjusted message that includes the programming data, and providing the adjusted message to a universal integrated circuit card of the mobile communication device via a baseband proxy operating in a device processor of the mobile communication device. Other embodiments are disclosed. | 2017-06-22 |
20170180367 | System And Method For Encrypted And Authenticated Electronic Messaging Using A Central Address Book - A system and method for encrypted and authenticated electronic messaging using a central address book is disclosed herein. In some embodiments, a system for encrypted and authenticated electronic messaging includes a computer system for electronic communication between a sender client and a recipient client, a central address book, and an encrypted message. The central address book includes for each user an alias, a public key, and an address encoded with the public key. The computer system automatically electronically transmits the central address book to each user of the central address book when updated. The encrypted message includes a recipient alias, a recipient public key, and a recipient address encoded with the recipient public key. The recipient public key and the recipient address encoded with the recipient public key are used by the sender client to authenticate the recipient to the sender. | 2017-06-22 |