25th week of 2017 patent applcation highlights part 84 |
Patent application number | Title | Published |
20170180368 | SECURITY MODEL FOR DATA TRANSFER USING A SHIPPABLE STORAGE DEVICE - Data may be securely stored onto a shippable data storage device in order for the client data to be protected during shipment to the remote storage service provider. The service provider prepares a shippable storage device and ships it to the client. The service provider also sends client-keys and security information to the client, separate from the shippable storage device. A client-side data transfer tool authenticates the shippable storage device using the security information. The data transfer tool generates keys to encrypt the customer data. The data transfer tool then uses the client-keys received from the service provider to encrypt the tool-generated keys. The encrypted data and the encrypted tool-generated keys are transferred onto the shippable storage device. The shippable storage device is then shipped back to the service provider, which decrypts the tool-generated keys and the encrypted data before importing the data. | 2017-06-22 |
20170180369 | DYNAMIC INTRINSIC CHIP IDENTIFICATION - An apparatus, method, system, and program product are disclosed for intrinsic chip identification. One method includes receiving first counter information from a device, determining whether such information matches second counter information, receiving first frequencies from the device, determining whether each frequency of such frequencies is within a predetermined range of a corresponding frequency of second frequencies, receiving a response to a challenge sent to the device, determining whether the response matches an expected response, and granting authentication. Granting authentication may include granting authentication in response to: the first counter information matching the second counter information; each frequency of the first frequencies being within the predetermined range of a corresponding frequency of the second frequencies; and the expected response matching the response. The expected response may be updated over time. The security apparatus may include circuitry that is shared with circuitry outside the security apparatus for computations other than authentication. | 2017-06-22 |
20170180370 | COMMUNICATION SYSTEM AND INFORMATION COLLECTION METHOD EXECUTED IN COMMUNICATION SYSTEM - An information collection method includes determining whether or not a vehicle satisfies predetermined conditions when a target device receives a test mode start request from an collection device, and when it is determined that the vehicle satisfies the predetermined conditions, starting the test mode. In the test mode, update of a predetermined counter is stopped. The collection device generates a first MAC based on the count value received from the target device and transmits an attack information acquisition request with the first MAC to the target device. If the attack information acquisition request with the first MAC is received from the collection device, the target device generates a second MAC based on the stopped count value, determines that the host device is normal in a case where the first MAC and the second MAC coincide with each other, and transmits the attack information to the collection device. | 2017-06-22 |
20170180371 | AUTHORIZING DEPLOYABLE RESOURCES BASED ON PERSONAL INFORMATION OBTAINED FROM WEARABLE DEVICES - Authorizing deployable resources based on personal information obtained from wearable devices is disclosed. A processor-based controller automatically receives personal information about a deployable resource via a wearable device configured to be worn by the deployable resource. The personal information is based on information determined by the wearable device while the wearable device is being worn by the deployable resource. The controller automatically compares the personal information of the deployable resource to a criterion associated with a task and automatically determines, based on the comparing, whether the deployable resource is permitted to proceed with the task. If the controller determines that the deployable resource is permitted to proceed with the task, the controller permits the deployable resource to proceed with the task. | 2017-06-22 |
20170180372 | PROJECT DOCUMENTATION SHARING AND COLLABORATION IN A CLOUD-BASED ENVIRONMENT - A cloud-based document management system provides a user access to project documentation. The document management system includes a plurality of mobile and testing devices running a client application and a cloud-based server device configured to couple to the plurality of mobile and testing devices. The server device includes at least one database configured to store a plurality of project documents and a processor configured to process a request from the client application. The request specifies access for a user to one or more of the plurality of project documents. The request includes user's authentication information. The processor is further configured to authenticate the user based on the received authentication information. The processor is also configured to grant the user access to the requested one or more project documents in response to successfully authenticating the user. | 2017-06-22 |
20170180373 | Browser Attestation Challenge and Response System - Systems and methods for screening unauthorized devices are provided. More particularly, a challenge that includes a first set of data can be generated. The challenge can require a browser of a requesting device to perform a browser task with respect to the first set of data to generate a second set of data. The challenge can be provided to the requesting device and a response to the challenge can be received. The response can include the second set of data generated by the browser of the requesting device through performance of the browser task. It can be determined whether the browser of the requesting device is an authorized browser based, at least in part, on the second set of data. Whether or not the requesting device is authorized to access a resource can be based, at least in part, on whether the browser is an authorized browser. | 2017-06-22 |
20170180374 | RESULT REPORTING FOR AUTHENTICATION, AUTHORIZATION AND ACCOUNTING PROTOCOLS - In general, techniques are described for provided result reporting via authentication, authorization and accounting (AAA) protocols. An authorization server comprising a control unit may be configured to perform the techniques. The control unit may authorize a network access server to allow an endpoint device to access one or more services in accordance with a network access protocol. The control unit may also request, in accordance with the network access protocol, a result from the network access server as to whether the one or more authorized services are presently provided for use by the endpoint device. | 2017-06-22 |
20170180375 | SYSTEM AND METHOD FOR PUSH AUTHORIZATION - Disclosed are a system and a method for push authorization. The system and the method are used for push authorization of an information transaction providing seamless authorization mechanism allowing users to receive authorization requests. The system comprises a push request generator (PRG), a plurality of applications/systems connected to the push request generator (PRG), a push authorization node (PAN) and a plurality of client devices. The system and the method allow users to be in complete control of the authorization process/function/system and at the same time increase efficiency and reliability. | 2017-06-22 |
20170180376 | SENSITIVE INFORMATION PROCESSING METHOD, DEVICE AND SERVER, AND SECURITY DETERMINATION SYSTEM - A sensitive information processing method, device and server, and a security determination system. The method includes acquiring to-be-processed information in a page; determining whether the to-be-processed information is sensitive information according to a preset sensitive information identification strategy; performing processing according to a preset sensitive information processing strategy when the to-be-processed information is sensitive information, to form processed sensitive information; and substituting the corresponding to-be-processed information in the page with the processed sensitive information, to form a page with the processed sensitive information. By using the example embodiments of the present application, identification and processing for sensitive information in a page returned to a user may be completed on a server terminal, which improves the security of the sensitive information in the page. | 2017-06-22 |
20170180377 | SOURCE DEVICE AND SYSTEMS AND METHODS OF VERIFYING AN AUTHENTICATION USING DYNAMIC SCORING - A source device for systems and methods of verifying an authentication based on dynamic scoring is disclosed, wherein the source device is configured to receive at least one identification feature from a user, and to communicate the identification feature to a verification unit. The verification unit is configured to generate a base verification score associated with the user based on at least one identification input, the identification input comprising the identification feature, a feature validity rating, and a source device validity rating, to receive a request to access a service, wherein the verification unit compares the base verification score with a service authorization threshold associated with the service, and to grant access to the service when the base verification score meets the service authorization threshold. | 2017-06-22 |
20170180378 | MEDIATED ACCESS TO RESOURCES - Today's user is facing an ever increasing number of cyber threats from infectious software to scam artist phishing for their passwords and other personal information. Accordingly, a technique is provided to mediate a user's access to electronic resources, which can include malware and sites that trick the user into giving their password. Based on information known about the resource at the time the user accesses it, the technique can warn the user that the resources is suspicious and it is not safe to provide their password. Even if the resource is safe, the technique can warn the user not reuse their password, thereby promoting good password hygiene. | 2017-06-22 |
20170180379 | ENFORCEMENT OF DOCUMENT ELEMENT IMMUTABILITY - In some embodiments, techniques for computer security comprise parsing an electronic document; determining that a first element of the electronic document specifies immutability of a second element of the electronic document; setting an immutability indicator associated with the second element of the electronic document; receiving a request to modify the second element of the electronic document; determining that the immutability indicator associated with the second element of the electronic document is set; and responsive to determining that the immutability indicator associated with the second element of the electronic document is set, preventing the second element of the electronic document from being modified. | 2017-06-22 |
20170180380 | NETWORK ACCESS SECURITY FOR INTERNET OF THINGS (IoT) DEVICES - A network device receives, from an Internet of Things (IoT) device, a Domain Name System (DNS) query that includes a domain name for resolving a network address associated with a remote server with which the IoT device intends to communicate. The network device retrieves the domain name from the DNS query, determines an identity associated with the IoT device, and determines one or more valid domains associated with the determined IoT device identity. The network device compares the domain name retrieved from the DNS query with the determined one or more valid domains associated with the determined IoT device identity, and allows or denies network access to the IoT device based on the comparison. | 2017-06-22 |
20170180381 | METHOD FOR PREVENTING DEACTIVATION OF ONLINE SERVICES IN A VEHICLE - A method for preventing deactivation of online services in a vehicle. The method includes generating a configuration message that contains details of what online services that are active in the vehicle cannot be deactivated, wherein the generation takes place on a computer unit that is at least temporarily connected to the vehicle; transmitting the configuration message to the vehicle; reading the configuration message in the vehicle; and disabling the option of deactivating online services in the vehicle in accordance with the configuration message. | 2017-06-22 |
20170180382 | Method and Apparatus for Using Software Defined Networking and Network Function Virtualization to Secure Residential Networks - A service provider device includes a controller having a memory and a processor. The controller is configured to receive a device access request from the client device via a residential network, the server provider device being located external to the residential network and detect a communication type identifier associated with the device access request. The controller is configured to establish a secure communication channel between the client device and a middlebox associated with the detected communication type identifier and provide communication between the client device and the server device via the secure communication channel between the client device. | 2017-06-22 |
20170180383 | WIFI ACCESS MANAGEMENT SYSTEM AND METHODS OF OPERATION THEREOF - A WiFi access management system and methods of operation are disclosed. In one embodiment, a method comprises receiving, at a server, a wireless access profile and a wireless access list from a securing client device; transmitting an invitation message to an accessing client device associated with the wireless access list; receiving, at the server, a request from the accessing client device to connect to a wireless network associated with the wireless access profile in response to the invitation message; determining, using a processing unit of the server, an operating system of the accessing client device; creating, using the processing unit, a customized configuration file associated with the wireless network based on the operating system of the accessing client device, the wireless access profile, and the wireless access list; and transmitting the customized configuration file using a second encryption protocol to the accessing client device through the server communication unit. | 2017-06-22 |
20170180384 | CONTROLLING ACCESS TO ONLINE RESOURCES USING DEVICE VALIDATIONS - Systems and methods of verifying a user are provided. In particular, a request to engage in a verification process to gain access to an online resource can be received. The request can be provided by a first user device associated with a user. A validation request associated with a second user device associated with the user can be received. The validation request can include a device profile associated with the second user device. It can then be determined whether to validate the second user device based at least in part on the device profile. When it is determined to validate the second user device, the first user device can be granted access to the online resource. | 2017-06-22 |
20170180385 | DYNAMIC CONTENT AUTHENTICATION FOR SECURE MERCHANT-CUSTOMER COMMUNICATIONS - According to various embodiments, the Message Authentication Engine is given permission to access dynamically changing content provided by a buyer system. The Message Authentication Engine receives a purchase request from the buyer system for an item from a vendor system. Based on the purchase request, the Message Authentication Engine retrieves a portion of the dynamically changing content from a client device of the buyer system. The Message Authentication Engine provides to the vendor system the portion of the dynamically changing content provided by the buyer system. The vendor system sends a message to the buyer system with a copy of the portion of the dynamically changing content as a visual verification that the vendor system can be trusted. | 2017-06-22 |
20170180386 | SECURELY ROUTING SENSOR DATA FROM SENSORS TO A TRUSTED EXECUTION ENVIRONMENT (TEE) - Various configurations and methods for providing a secure transfer of data from computing device sensors to a Trusted Execution Environment (TEE) are disclosed. As disclosed, various data flows, data sequences, and configurations are provided to allow sensor data to maintain integrity and confidentiality while being accessed by trusted agents of a TEE. In an example, a microcontroller-based TEE is operated to communicate with a sensor hub via a secure hardware channel. The microcontroller-based TEE is configured to receive the sensor data via the secure hardware channel, and communicate the sensor data to other trusted agents in the computing system via secure communications. Other variations of secure communications among multiple sensors, trusted agents, TEEs, and third party services are also disclosed. | 2017-06-22 |
20170180387 | INFORMATION PROCESSING APPARATUS, COMPUTER-READABLE RECORDING MEDIUM, AND INFORMATION PROCESSING SYSTEM - An information processing apparatus includes: a correspondence-information storage unit configured to store therein correspondence information in which, with each piece of application identification information for identifying installed applications, usage authorization information related to usage authorization of the applications is associated; a specifying unit configured to, when a first request including the application identification information and requesting the usage authorization information is received from any of the applications, specify the usage authorization information associated with the application identification information included in the first request based on the correspondence information; and a notifying unit configured to notify the application of a requesting source of the first request of the usage authorization information specified by the specifying unit. | 2017-06-22 |
20170180388 | System For Providing Layered Security - A system for providing layered security is disclosed. In particular, the system may include determining a state of a first device of a device ecosystem and a state of a second device of the device ecosystem. Based on the states of the first and second devices, the system may include calculating a confidence score for the device ecosystem. If the confidence score satisfies a threshold score for enabling access to a selected system, the system may include transmitting an access code to the device ecosystem. Based on the access code, the system may enable the device ecosystem to access the selected system. If, however, the confidence score does not satisfy the threshold score, the system may include requiring the device ecosystem to provide additional authentication information in order to access the selected system. | 2017-06-22 |
20170180389 | SECURING SERVICES AND INTRA-SERVICE COMMUNICATIONS - A security service enables service providers to register available services. Prospective service consumers may register with the security service to access a particular registered service, and may specify conditions for access that are subject to approval by the corresponding service provider. Based on the registrations of the service provider and the service consumer, the security service can define access policies that may be enforced to control the conditions under which a service consumer accesses or utilizes the particular service. Additionally, changes to the access policies may be propagated to running services in near real time. Some implementations enable masking of information provided to particular service consumers based on determined needs of each service consumer for access to particular information. In some instances, the service providers may provide log information to the security service, which may be monitored to identify anomalies, security breaches or the like. | 2017-06-22 |
20170180390 | CONSUMER AND BUSINESS ANTI-COUNTERFEITING SERVICES USING IDENTIFICATION TAGS - Methods and systems for tag-based identification include reading a counterfeit-proof identification tag using a sensor in a user device. Features of the identification tag are extracted in accordance with a feature extraction function, using a processor, to generate a tag bit sequence. A challenge function is applied to the extracted features to generate a result. The result is transmitted to a remote server to authenticate the identification tag. | 2017-06-22 |
20170180391 | SECURE OVER-THE-AIR UPDATES - In an example, there is disclosed a computing apparatus having: a network interface to communicate with a second device; a contextual data interface to receive and store contextual data; and one or more logic elements comprising a contextual security agent, operable to: receive a contextual data packet via the network interface; compare the contextual data packet to stored contextual data; and act on the comparing. The contextual data packet may optionally be provided out of band, and may be used to authenticate a substantive data packet, such as a patch or update. | 2017-06-22 |
20170180392 | METHOD AND DEVICE FOR TRANSMITTING SOFTWARE - A method for transmitting software in which a checker generates two random numbers. The checker calculates a cryptographic key based on the second random number based on a measured hardware function of the device. The checker encrypts the software into a cryptogram using the key, and transmits the cryptogram to the device. The checker transmits the first random number to the device, and receives a checksum from the device. The checker calculates a reference value based on the first random number and an emulated random access memory of the device, with the aid of the measured hardware function and a predefined cryptographic hash function. The checker subjects the checksum to a check based on the reference value, and if the check is successful, the checker transmits the second random number to the device. | 2017-06-22 |
20170180393 | CONFIDENTIAL MESSAGE EXCHANGE USING BENIGN, CONTEXT-AWARE COVER MESSAGE GENERATION - Systems and methods are disclosed permitting a sender to send a secret and secure message to a recipient. An application on a sender device interfaces with known message generating tools to permit a user to generate a message. The local application encrypts the message (and optional attachments) based on public/private key pairing negotiated with the server given the recipient device id. The sender device transmits the cipher text to the server. The server generates a benign, text-based, context-appropriate message and delivers same to a recipient device by way of a known messaging service. The benign message provides a secret clue to the recipient that an encrypted message is available. Recipient may then access and decrypt the encrypted message, such as from the server in response to a successful challenge (e.g., password request). | 2017-06-22 |
20170180394 | SYSTEMS AND METHODS FOR AUTOMATIC DETECTION OF MALICIOUS ACTIVITY VIA COMMON FILES - The present disclosure describes systems and methods for detection and mitigation of malicious activity regarding user data by a network backup system. In a first aspect, a backup system receiving and deduplicating backup data from a plurality of computing devices may detect, based on changes in uniqueness or shared rates for files, atypical modifications to common files, and may take steps to mitigate any potential attack by maintaining versions of the common files prior to the modifications or locking backup snapshots. In a second aspect, the backup system may monitor file modification behaviors on a single device, relative to practices of an aggregated plurality of devices. Upon detection of potentially malicious modification activity, a previously backed up or synchronized store of data may be locked and/or duplicated, preventing any of the malicious modifications from being transferred to the backup system. | 2017-06-22 |
20170180395 | SECURED HOME NETWORK - Malware detection logic executed by a secured device residing in a home network may receive a message from an unsecured device of a first unsecured network and intended for a destination device of the home network, the destination device comprising a security client. The malware detection logic may establish a secure communication channel between the malware detection logic of the secured device and the security client of the destination device. The malware detection logic may execute a validation test on the message to determine that the message includes malware. The malware detection logic may report an alarm to the security client of the destination device. The malware detection logic may transmit information related to the malware to a cloud computing server. The malware detection logic may prevent an application associated with the destination device from processing the message. | 2017-06-22 |
20170180396 | Evasive Intrusion Detection in Private Network - There are provided measures for enabling evasive intrusion detection in a private network. Such measures could exemplarily include a system for intrusion detection in a private network, said private network including a plurality of endpoints and an endpoint security system for monitoring security of the plurality of endpoints, said system including an intrusion scanning entity for scanning the plurality of endpoints in the private network for indications of an intrusion from outside of the private network, and an intrusion notifying entity for collecting intrusion scanning information for the plurality of endpoints in the private network from the intrusion scanning entity, wherein the intrusion scanning entity and the intrusion notifying entity are set up uniquely for the private network on the basis of intrusion suspicion information from the endpoint security system. | 2017-06-22 |
20170180397 | Thin Client Unit apparatus to transport intra-vehicular data on a communication network - A vehicular data tunnel Thin Client Unit (TCU) apparatus includes a circuit to couple onto an Internet Protocol (IP) secure Ethernet transitory data communication medium. A circuit can transform and reverse serial data frames into and out of Internet Protocol packets including an encrypted IP packet. It includes a circuit to dispose of CAN data frames which are inconsistent with any mission of locally attached CAN or LIN compatible devices. The method of operation includes: receiving and dynamically installing configuration data to connect to an Ethernet medium as a terminus or as a relay in a ring, subscribe to a Intranet Vehicle Private Network, determine Quality of Service priority and recipient identification, receive and transform LIN and CAN data frames to IP packets, encrypt and decrypt packets for transmission, and conduct sender verification and data frame consistency. | 2017-06-22 |
20170180398 | AUTOMATIC DETECTION OF HIDDEN LINK MISMATCHES WITH SPOOFED METADATA - Example methods and systems directed to an Alert Manager are described. According to various embodiments, the Alert Manager detects receipt of a message. The message includes a selectable functionality for accessing an external resource and message data indicative of a source of the message. The Alert Manager predicts when a recipient of the message will interact with the selectable functionality. Prior to the recipient's predicted interaction with the selectable functionality, the Alert Manager generates a message alert feature based on a degree of a difference between the external resource and the source of the message. | 2017-06-22 |
20170180399 | Service Assurance and Security of Computing Systems Using Fingerprinting - Providing detection of computing application malfunctions by performing at least the following: collecting a plurality of computing events that correspond to a computing application and a plurality of addresses associated with the plurality of computing events, generating an event trace that comprises the plurality of computing events and the plurality of addresses, constructing at least one sample fingerprint that represents a current behavior of the computing application using at least the event trace, comparing the at least one sample fingerprint with a behavior model that represents an expected operation of the computing application; and determining whether the computing application is malfunctioning based upon the comparison of the at least one sample fingerprint and the behavioral model. | 2017-06-22 |
20170180400 | SYSTEM AND METHOD FOR CONTROLLING ACCESS TO DATA OF A USER DEVICE USING A SECURITY APPLICATION THAT PROVIDES ACCESSIBILITY SERVICES - Disclosed are systems and methods for controlling access to data of a user device using a security application that provides accessibility services. An exemplary method comprises: executing, on the user device, the security application and one or more user applications; intercepting, by an interception module of the security application using a plurality of accessibility API functions, data accessed by a user application being executed on the user device; determining, by a categorization module of the security application, a category of intercepted data; intercepting, by the interception module using the accessibility API functions, one or more events of user's interaction with a user interface of the user application; and determining, by an access control module of the security application, an access control policy that specifies and controls whether to allow a user's access to the intercepted data based on the category of intercepted data and types of intercepted events. | 2017-06-22 |
20170180401 | Protection Against Malicious Attacks - There provided a method, including executing on a processor the steps of: monitoring DNS related network traffic including domain name-to-IP key value pairs, monitoring at least such non-DNS related network traffic that is targeting routable IP addresses, determining whether the monitored non-DNS related network traffic is related to a domain name, in the event that the monitored non-DNS related network traffic is determined to be related to a domain name, searching the monitored DNS related network traffic for a matching domain name, in the event that the matching domain name is found in the search, determining whether IP addresses related to the matching domain names also match, and in the event that the IP addresses related to the matching domain names do not match, determining that an internal name-to-IP resolution from a local configuration file is used for the domain name and triggering an alert. | 2017-06-22 |
20170180402 | Detection of Coordinated Cyber-Attacks - A method of detecting coordinated attacks on computer and computer networks via the internet. The method includes using a web crawler to crawl the world wide web to identify domains and subdomains and their associated IP addresses, and to identify links between domains and subdomains, and storing the results in a database. When an IP address is identified as malicious or suspicious, the IP address is used as a lookup in the database to identify the associated domain and subdomain, and linked domains and subdomains. Those linked domains and subdomains are then identified as malicious or suspicious. | 2017-06-22 |
20170180403 | SYSTEM AND USER CONTEXT IN ENTERPRISE THREAT DETECTION - A transfer of master data is executed in a backend computing system. The master data includes user data and system data. The transfer of master data includes receiving user data associated with a particular user identifier in the backend computing system, transferring the received user data to an event stream processor, receiving system data associated with a particular log providing computing system in the backend computing system, transferring the received user data to the event stream processor, and executing a transfer of log data associated with logs of computing systems connected to the backend computing system. | 2017-06-22 |
20170180404 | EFFICIENT IDENTIFICATION OF LOG EVENTS IN ENTERPRISE THREAT DETECTION - A first set of log entries is identified. A plurality of log entry classes occurring in the first set of log entries is determined. Each log entry in a given log entry class has a same number, type, and ordering of components. A vector of component type identifiers is determined for each log entry class. Each identifier in a vector for a given log entry class identifies a position and type of a component included in a log entry belonging to the given log entry class. A classification tree is created using the vectors. An unclassified log entry not included in the first set of log entries is identified. A log entry class is assigned to the unclassified log entry using the classification tree to create a classified log entry. One or more security threat patterns are evaluated using the classified log entry. | 2017-06-22 |
20170180405 | SECURITY INDICATOR ACCESS DETERMINATION - According to an example, security indicator access determination may include determining a security indicator that is received from a first entity by a security indicator sharing platform for sharing with a second entity. A rule associated with identification of a third entity that has access to the security indicator may be analyzed. The third entity may be different from the second entity, and if the second entity belongs to a community, the third entity may not be in the community of the second entity. A determination may be made as to whether to identify the third entity based on the analysis of the rule. In response to a determination that the third entity is to be identified or not to be identified, the third entity may be identified to the first entity, or not identified to the first entity. | 2017-06-22 |
20170180406 | AGGREGATION OF NETWORK TRAFFIC SOURCE BEHAVIOR DATA ACROSS NETWORK-BASED ENDPOINTS - Aggregation of network traffic source behavior data across network endpoints may be implemented. Indications of endpoint-specific network traffic directed to different network endpoints may be received. Aggregate traffic source behavior data may be generated across multiple aggregation levels. One or more traffic aggregation nodes may be implemented for each aggregation level to maintain different respective portions of the aggregate traffic source behavior data. Different granularity of the aggregate traffic source behavior data may be maintained at each of the aggregation levels. An indication of traffic source behavior for traffic sources may be provided such that responsive actions, such as traffic control actions, may be performed with regard to the traffic sources. | 2017-06-22 |
20170180407 | NETWORK PROTECTION SYSTEM USING LINKOGRAPHS - A method and apparatus for managing an attack on a computer system. A computer identifies actions taken by an adversary in the computer system and links connecting the actions over time using an ontology defining linking rules for linking the actions over time. The computer creates a graph of the actions with the links connecting the actions over time. The graph shows a number of patterns of behavior for the adversary. The computer then identifies a protective action to take with respect to the computer system using the graph of the actions taken by the adversary. | 2017-06-22 |
20170180408 | SYSTEM FOR DETERMINING EFFECTIVENESS AND ALLOCATION OF INFORMATION SECURITY TECHNOLOGIES - Disclosed is a computerized system for determining the collective effectiveness of information security technologies. The system typically includes a processor, a memory, and an information security analysis module stored in the memory. The system for is typically configured for: determining a security score for each element of a security technology defense matrix, a first dimension of the security technology defense matrix corresponding to a plurality of resource classes, and a second dimension of the security technology defense matrix corresponding to a plurality of security operational functions; determining a defense-in-depth score for each resource class and each security operational function; determining an aggregate security score; and providing the aggregate security score the defense-in-depth scores for each resource class and each security operational function to a user computing device. The system may be configured to provide technology deployment recommendations. Based on such recommendations, additional security technologies may be deployed. | 2017-06-22 |
20170180409 | SYSTEM AND METHOD FOR PERFORMING REMOTE SECURITY ASSESSMENT OF FIREWALLED COMPUTER - Methods and systems for scanning an endpoint terminal across an open computer network are disclosed. An exemplary method includes providing a scanner engine in a computer server in communication with an open computer network, and establishing a secure connection across the open computer network between the scanner engine and a scanner agent installed on the endpoint terminal in communication with the open computer network. Commands for collecting data regarding the endpoint terminal are sent from the scanner engine across the secure connection to the scanner agent. The scanner engine then receives the collected data from the scanner agent across the secure connection, analyzes the data to assess a current posture of the endpoint terminal, and determines any updates for the endpoint terminal from the analysis. Updates are sent across the secure connection to the scanner agent for installation on the endpoint terminal, and the secure connection may then be terminated. | 2017-06-22 |
20170180410 | CLOUD-BASED SECURITY PROFILING, THREAT ANALYSIS AND INTELLIGENCE - An automated software vulnerability scanning and notification system and method provide an automated detection and notification regarding a software vulnerability. The operation of the system and the method includes obtaining software vulnerability information, periodically scanning a web application and a corresponding web server associated with an operator, and evaluating the periodic scans relative to the software vulnerability information to detect software vulnerabilities. Upon detection of a software vulnerability, a notification message is provided automatically to the operator regarding the software vulnerability. | 2017-06-22 |
20170180411 | EXPOSURE OF AN APPARATUS TO A TECHNICAL HAZARD - Embodiments of the invention are directed to systems, methods and computer program products for determining exposure of an apparatus to a technical hazard and prioritizing technical hazards. An exemplary system is configured to: determine an impact associated with a technical hazard on the apparatus, the impact being initiated by a second apparatus; determine a probability of occurrence of the technical hazard; and determine the exposure of the apparatus based on the impact and the probability. | 2017-06-22 |
20170180412 | ENHANCED DATA SECURITY THROUGH UNIQUENESS CHECKING - A system records use of values used in cryptographic algorithms where the values are subject to uniqueness constraints. As new values are received, the system checks whether violations of a unique constraint has occurred. If a violation occurs, the system performs actions to mitigate potential compromise caused by exploitation of a vulnerability caused by violation of the uniqueness constraint. | 2017-06-22 |
20170180413 | Secure Analysis Application For Accessing Web Resources Via URL Forwarding - Embodiments described herein may be directed to systems, methods, apparatuses, devices, computer program products, computer-executable instructions, and/or applications for securely and anonymously accessing web resources and customizable attribution of identity. In accordance with the present disclosure, a user may inspect and analyze a webpage as well as the underlying source code from an “arm's length” using a secure analysis application to prevent exposure on the user's local machine. The secure analysis application may provide increased flexibility in masking and/or modifying the user's digital persona to external websites. Additionally, the secure analysis application may be integrated with a translation service to translate textual web content without the web content provider being alerted that a translation is taking place. | 2017-06-22 |
20170180414 | Distributed Rate Limiting - Some embodiments provide distributed rate limiting to combat network based attacks launched against a distributed platform or customers thereof. The distributed rate limiting involves graduated monitoring to identify when an attack expands beyond a single server to other servers operating from within the same distributed platform distribution point, and when the attack further expands from one distributed platform distribution point to other distribution points. Once request rates across the distributed platform distribution points exceed a global threshold, a first set of attack protections are invoked across the distributed platform. Should request rates increase or continue to exceed the threshold, additional attack protections can be invoked. Distributed rate limiting allows any server within the distributed platform to assume command and control over the graduated monitoring as well as escalating the response to any identified attack. | 2017-06-22 |
20170180415 | TWO-STAGE HASH BASED LOGIC FOR APPLICATION LAYER DISTRIBUTED DENIAL OF SERVICE (DDoS) ATTACK ATTRIBUTION - Methods and systems for a two-stage attribution of application layer DDoS attack are provided. In a first table just a hash index is maintained whereas the second stage table keeps the string parameter corresponding to the application layer attribute under attack. A linked list maintains a plurality of rows if there is hash collision in the first table. The second table is aged out and reported periodically with details of large strings. | 2017-06-22 |
20170180416 | System For Distributing Virtual Entity Behavior Profiling In Cloud Deployments - A system for distributing virtual entity behavior profiling in cloud deployments is disclosed. In particular, the system may include conducting entity behavior profiling closer to where data and data logs are generated, such as at a hypervisor server, in a distributed fashion. By doing so, the system may reduce bandwidth consumption typically associated with transferring data to a central processing system, may be able to use more data collected closer to sources of data generation, and may provide faster reaction times because of the faster processing of data enabled by the system. Additionally, the system may assist with reducing false positives associated with malware detection and other compromises associated with entities by aggregating the results of distributed computations at different sites. | 2017-06-22 |
20170180417 | MITIGATION OF COMPUTER NETWORK ATTACKS - Various techniques for mitigating computer network attacks are disclosed herein. In one embodiment, a method includes receiving indications of denial of service attacks from multiple target computing systems and determining one or more sources from which the denial of service attacks are deemed to originate in response to the received indications of denial of service attacks from the target computing systems. The method also includes negotiating with the network aggregation point for permission to divert network traffic originated from the one or more of the determined sources and destined to the target computing systems to the gateway. | 2017-06-22 |
20170180418 | ACCURATE REAL-TIME IDENTIFICATION OF MALICIOUS BGP HIJACKS - A system and method for detecting malicious hijack events in real-time is provided. The method may include receiving routing data associated with a Border Gateway Protocol (BGP) event from at least one BGP router. The method may further include processing the routing data to generate a list of features representing ownership and various other details relating to origin and upstream equipment. The method may further include generating a hijack detection model using the routing data and the list of features, where a machine learning technique, such as Positive Unlabeled learning technique is employed. The machine learning technique may include at least one data input and a probability output; wherein, the data input couples to receive a set of historically confirmed BGP hijacking data and the routing data, while the probability output transmits a probability value for the malicious event which may be calculated based upon the data input. Finally, the method may include classifying the BGP event as a malicious event or a benign event using the BGP hijack model. This classification may be implemented using a threshold cut-off value and comparing this threshold with the probability generated by the machine learning technique. | 2017-06-22 |
20170180419 | HEARING DEVICE WITH COMMUNICATION PROTECTION AND RELATED METHOD - A hearing device includes: a processing unit configured to compensate for hearing loss of a user of the hearing device; and an interface; wherein the processing unit is configured to: receive a session request for a session via the interface, obtain and store a session key, encrypt the session key based on a hearing device key, send a session response comprising the encrypted session key, and receive session data in the session via the interface. | 2017-06-22 |
20170180420 | Reconfigurable Antenna Based Solutions For Device Authentication And Intrusion Detection In Wireless Networks - Channel based authentication schemes for intrusion detection that operates at the physical layer are described that apply the capabilities of a pattern reconfigurable antenna for improved performance. Performance gains are achieved by the schemes as a function of the number of antenna modes. The first scheme relies on a channel based fingerprint for differentiating between transmitters whereas another scheme poses the intruder detection problem as a generalized likelihood ratio (GLR) test problem that operates on the channel realizations corresponding to different modes present in a reconfigurable antenna. The benefits of these two schemes over single element antennas are demonstrated. General guidelines are provided on how to choose the different elements of the decision metric in order to realize better performance for physical layer based authentication schemes based on any diversity scheme. | 2017-06-22 |
20170180421 | Deception using Distributed Threat Detection - Methods and systems for deception using distributed threat detection are provided. Exemplary methods by an enforcement point, the enforcement point communicatively coupled to a first data network and a second data network, the enforcement point not providing services in the second data network, include: receiving, from a first workload in the second data network, a data packet addressed to a second workload in the second data network, the data packet requesting a service from the second workload; determining the data packet is for unauthorized access of the second workload, the determining using at least some of a 5-tuple of the data packet; identifying a deception point using the service, the deception point being in the first data network and including a decoy for the service; and redirecting the data packet to the deception point in the first data network. | 2017-06-22 |
20170180422 | SECURITY INSPECTION OF MASSIVE VIRTUAL HOSTS FOR IMMUTABLE INFRASTRUCTURE AND INFRASTRUCTURE AS CODE - A method and system are provided for performing a security inspection of a set of virtual images in a cloud infrastructure. The method includes merging the virtual images into a tree structure having a root and a plurality of leaves such that child leaves and a parent leaf to the child leaves have common ones of the virtual images. The method further includes identifying a security violation in a given one of the virtual images at a given one of the plurality of leaves. The method also includes applying a bisection method against a path in the tree from the root to the given one of the plurality of leaves to find a particular one of the virtual images that is a root cause of the security violation. The method additionally includes performing a corrective action for any of the plurality of images having the security violation. | 2017-06-22 |
20170180423 | SERVICE RULE CONSOLE FOR CREATING, VIEWING AND UPDATING TEMPLATE BASED SERVICE RULES - Some embodiments of the invention introduce cloud template awareness in the service policy framework. Some embodiments provide one or more service rule processing engines that natively support (1) template-specific dynamic groups and template-specific rules, and (2) dynamic security tag concepts. A service rule processing engine of some embodiments natively supports template-specific dynamic groups and rules as it can directly process service rules that are defined in terms of dynamic component groups, template identifiers, template instance identifiers, and/or template match criteria. Examples of such services can include any kind of middlebox services, such as firewalls, load balancers, network address translators, intrusion detection systems, intrusion prevention systems, etc. | 2017-06-22 |
20170180424 | FILE FILTER - Method for transferring files to a destination folder on a computer. At least one rule to a transfer of files to a destination folder on a destination computer system are received. A filter file is generated, wherein the filter file includes the least one rule specific to the transfer of files to the destination folder. During transfer of files to the destination folder on the destination computer, attributes of each file are compared to the at least one rule specific to the transfer of files to the destination folder. Upon attributes of a compared file violating a rule of the at least one rule specific to the transfer of files to the destination folder, transfer of the violating file to the destination folder is prevented. | 2017-06-22 |
20170180425 | IMPLEMENTING SECURITY IN A SOCIAL APPLICATION - Implementing security in social applications includes inferring a closeness level of a connection to a user's profile of a social application based on a closeness policy and implementing a security level individualized to the connection based on the closeness level. | 2017-06-22 |
20170180426 | WEB FILTERING SYSTEM AND METHOD - A system and method for web filtering, including: generating an institutional policy dashboard that enables an institution that issued a computing device to a minor user to select a set of institutional web access policies sanctioned by the institution; generating a parental policy dashboard that enables a parent of the minor user to select to a set of parental web access policies sanctioned by the parent; filtering web content accessed by the minor user via the computing device by enforcing the parental and the institutional web access policies; and reporting to the parent a set of web accesses undertaken by the minor user via the computing device. | 2017-06-22 |
20170180427 | CLIPBOARD HARDENING - A software module executes in a first isolated execution environment. The module determines the first environment has caused data to the written to a first clipboard maintained by the first environment. The module consults policy data to determine whether the data should additionally be written to a second clipboard maintained by a second isolated execution environment. The policy data does not allow one or more types of clipboard objects to be written to the second clipboard even if they were written to the first clipboard at the initiation of or approved by a user to prevent the user from introducing a potentially hazardous type of object into the second clipboard. Upon the module determining that the policy data allows the data to be written to the second clipboard, the software module causes the data to written to the second clipboard. | 2017-06-22 |
20170180428 | POLICY-BASED CONFIGURATION OF INTERNET PROTOCOL SECURITY FOR A VIRTUAL PRIVATE NETWORK - A method for performing policy-based configuration of IPSec for a VPN is provided. According to one embodiment, a request for a VPN connection to be established between a network device and a peer network device is received by the network device from the peer network device. Responsive to receipt of the request, the VPN connection is established by the network device in accordance with a policy associated with the request without requiring manual entry of VPN settings by a network administrator of the network device. The policy includes multiple VPN settings for the VPN connection and is configured by a network administrator of the peer network device via a policy page displayed to the network administrator via a user interface of the peer network device. | 2017-06-22 |
20170180429 | RESOLVING COMPETING HANDOVER CONDITIONS IN WIRELESS NETWORKS - One aspect includes a method of operating a user terminal adapted for wireless telecommunications using any of a plurality of different radio access technologies including a Circuit Switched, CS, access and a Packet Switched, PS access. The PS access includes access via a Long Term Evolution, LTE, network and WiFi access via a Wireless Local Area Network, WLAN. The method includes: (i) making a determination to switch from a PS LTE access to a WiFi access, (ii) switching to WiFi access, and (iii) ignoring or rejecting a command received to hand over to a CS access. Other aspects include a user terminal, a telecommunications network entity, and a method of operating a telecommunications network entity. | 2017-06-22 |
20170180430 | VOIP CALL QUALITY - A method, system, and/or computer program product improve Voice over Internet Protocol (VoIP) call quality during a VoIP session. A VoIP session is established between an initial focus VoIP node and multiple slave VoIP nodes, where the initial focus VoIP node uses a first type of codec for the VoIP session. A user focus code score (UFCS) describes a VoIP call quality for each of the nodes based on predetermined network conditions related to use of a certain type of codec and nodal hardware specifications. The UFCSs are ranked to identify a highest-ranked VoIP node. The highest-ranked VoIP node is reclassified as a new focus VoIP node for the VoIP session, and the initial focus VoIP node is reclassified as a slave VoIP node. Thereafter, there is a simultaneous switching of 1) the focus and 2) the type of codec used in the VoIP session. | 2017-06-22 |
20170180431 | CENTRAL CONFERENCING ROUTING SERVER - Aspects of the present disclosure involve systems, methods, computer program products, and the like, for collaboration conferencing with multiple participants over a communications network, and more specifically for a conferencing routing service for managing and routing collaboration participants. | 2017-06-22 |
20170180432 | A Method and Apparatus for Establishing an Additional Session to an Anonymous User - The invention is about a method in a network node ( | 2017-06-22 |
20170180433 | METHODS AND SYSTEMS FOR TRANSFERRING HOTSPOT SESSION - Methods, electronic devices and systems for transferring hotspot session are provided. The methods include detecting an event to transfer a hot spot session of an electronic device which is a host access point in a network to a different electronic device, in response to detecting the event, determining at least one different electronic device from among the plurality of electronic devices as a target access point of the network, and sending a request for hotspot session transfer and client configuration details corresponding to a plurality of client devices which are coupled to be communicable with the electronic device to the at least one different electronic device, wherein, in response to the at least one different electronic device receiving the hotspot session transfer request through the communication interface, the at least one different device operates as a host access point providing a hotspot session in the network. | 2017-06-22 |
20170180434 | METHOD AND APPARATUS FOR JOINING ELECTRONIC CONFERENCE - According to the present invention, even while a chat opening process is in progress, users can join chats by means of a simple procedure from a video game machine. Once a chat has been opened, an invitation signal can further be transmitted to other chat guests. A video game machine of an expected guest receiving the invitation signal displays a screen prompting the guest to enter the chat room, and the expected guest can join the chat by transmitting an enter room signal to a database. At this time, a chat answer signal indicating that the expected guest accepts the invitation from a chairman is transmitted from the expected guest to the chairman. | 2017-06-22 |
20170180435 | MULTI-DETERMINISTIC DYNAMIC LINEAR CONTENT STREAMING - Embodiments provide techniques for providing custom digital broadcast video streams. Embodiments include receiving, at a content streaming server, a first video stream to transmit to a client device. A user profile corresponding to a current session on the client device is determined. One or more custom video modifications to apply to the first video stream are also determined, based on the determined user profile. Embodiments apply the determined one or more custom video modifications to the first video stream to create a modified video stream. The modified video stream is then transmitted to the client device. | 2017-06-22 |
20170180436 | Upload of Multimedia Content - A full multimedia content is broadcasted or multicasted to end users from a network node ( | 2017-06-22 |
20170180437 | METHOD AND APPARATUS FOR DETECTING PACKET LOSS IN STAGGERCASTING - In a staggercasting system, a receiver estimates a delivery time of a packet from a main stream and, if the packet from the main stream is not received at the estimated delivery time, the receiver substitutes a corresponding packet from the stagger stream. As a result, a loss can be detected quicker since the receiver does not have to wait until detection of a missing sequence number and, therefore, the receiver can accommodate the time of presentation such that the user does not suffer a loss in quality of service. | 2017-06-22 |
20170180438 | Methods and Systems for Overlaying and Playback of Audio Data Received from Distinct Sources - Methods, systems, and/or devices for overlaying and playing back audio data for user vocals and media content received from distinct devices and systems at a media presentation system are described herein. In one aspect, a media presentation system receives, from a remote server, a first data stream for a first media item, and plays the first media item. While playing the first media item, a second data stream for audio data that includes vocals is received from an application at a client device distinct from the remote server. The vocals are overlaid with the first media item to generate a composite data stream, which includes combining the first and second data streams, and the media presentation system plays the overlaid vocals. | 2017-06-22 |
20170180439 | METHODS AND DEVICES FOR RESPONDING TO A STREAMING REQUEST, ACCESS NODE AND METHOD FOR OPERATING THE SAME - In order to allow for efficient network layer access at locations within an access network where network elements are installed that operate on the data link layer, a method for responding to a streaming request related to a content stream to be delivered by a content delivery network to a node connected to a private network of a customer of an operator of a fixed access network is provided. The method includes receiving the streaming request; determining a source address of the streaming request; deciding on whether the request shall be served by a content delivery network entity belonging to the private network, wherein the deciding is based on the determined source address; and returning an address of the content delivery network entity to the node if a result of said deciding is that the request shall be served by the content delivery network entity. | 2017-06-22 |
20170180440 | INFORMATION MANAGEMENT SYSTEM AND METHOD OF DELIVERING DATA ASSOCIATED WITH MACHINE - A method of delivering data associated with a machine to an off board system is provided. The method includes capturing data by an on board system of the machine from at least one of a sensing unit, a control unit and an indication unit of the machine. The method further includes defining a data packet includes a payload and a data identifier. The payload includes the captured data. The method further includes determining one or more transfer parameters associated with the machine by the on board system and streaming the data packet based on the one or more transfer parameters by the on board system. The method further includes transferring the data packet from the on board system to a gateway and delivering the data to the off board system by the gateway. | 2017-06-22 |
20170180441 | SYSTEM AND METHOD OF OPTIMIZING DIGITAL MEDIA PROCESSING IN A CARRIER GRADE WEB PORTAL ENVIRONMENT - A computer implemented method includes storing generated digital media created by each portal server of a plurality of portal servers in a destination accessible by at least one of a plurality of HTTPD servers in response to a request for web content including the generated digital media. Additionally, the method includes determining that a subsequent request for digital media received by an HTTPD server of the plurality of HTTPD servers is for generated digital media created by any of the plurality of portal servers in the destination and accessible by the HTTPD server. Furthermore, the method includes serving the generated digital media from the HTTPD server to a browser. | 2017-06-22 |
20170180442 | TELEMETRY BASED FEEDBACK FOR IMPROVED MEDIA STREAMING - Apparatuses, methods and storage medium associated with telemetry based feedback for improved media streaming are disclosed herein. In embodiments, an apparatus may include one or more processors, devices, and/or circuitry to obtain telemetry data corresponding to a plurality of sources, and to utilize the telemetry data to determine whether neighboring peer-to-peer wireless media streams associated with the plurality of sources are to operate at a same time on a same channel or are presently operating at the same time on the same channel. The one or more processors, devices, and/or circuitry may be to transmit signaling associated with a channel change recommendation in response to determining that the neighboring peer-to-peer wireless media streams are to operate at the same time on the same channel or are presently operating at the same time on the same channel. Other embodiments may be described and/or claimed. | 2017-06-22 |
20170180443 | SYSTEM AND METHOD FOR GENERATING PERSONALIZED CLUSTERS OF MULTIMEDIA CONTENT ELEMENTS - A system and method for generating personalized multimedia content element clusters. The method includes determining, based on at least one interest, at least one personalized concept, wherein each personalized concept represents one of the at least one user interest; obtaining at least one multimedia content element related to a user; generating at least one signature for the at least one multimedia content element, each generated signature representing at least a portion of the at least one multimedia content element; determining, based on the generated at least one signature, at least one multimedia content element cluster, wherein each cluster includes a plurality of multimedia content elements sharing a common concept of the at least one personalized concept; and creating at least one personalized multimedia content element cluster by adding, to each determined cluster, at least one of the at least one multimedia content element sharing the common concept of the cluster. | 2017-06-22 |
20170180444 | METHOD AND DEVICE FOR GENERATING A DESCRIPTION FILE, AND CORRESPONDING STREAMING METHOD - The present invention relates to a method and device for generating a description file about a video sequence at a server device for a client device, to retrieve a video segment and containing a region of interest. The method comprising for each video segment, determining a time interval during which the detected region of interest is spatially included in a same frame region in the video sequence; and generating a description file comprising spatial information describing the frame region and temporal information describing a duration at least equal to the determined time interval. | 2017-06-22 |
20170180445 | ADVERTISEMENT DATA ACQUISITION METHOD AND ELECTRONIC EQUIPMENT - A method for obtaining advertisement data is provided according to the present disclosure, which includes: reading program data in a live file; sending request information for obtaining the advertisement data to an advertisement server, when an advertisement identification preset in the program data is read; receiving the advertisement data sent by the advertisement server in response to the request information; and writing the advertisement data to a position indicated by the advertisement identification in the live file. An electronic device for obtaining advertisement data is further provided according to the present disclosure. | 2017-06-22 |
20170180446 | MEDIA STREAMING THROUGH SECTION CHANGE DETECTION MARKERS - Apparatuses, methods and storage medium associated with media streaming through section change detection markers are disclosed herein. In an example, an apparatus may include one or more processors, devices, and/or circuitry to identify a plurality of section change transitions of content of the media file. The one or more processors, devices, and/or circuitry may be to select at least some of the identified section change transitions, and generate metadata responsive to the selecting. The one or more processors, devices, and/or circuitry may be to transmit the generated metadata over an electronic network for delivery to a streaming client. | 2017-06-22 |
20170180447 | DYNAMIC DATA COMPRESSION - A method for dynamic data compression includes receiving, at a first computer system, a request for data from a second computer system. A distance factor is determined, based, at least in part, on distance separating the first computer system and the second computer system. A processor loading factor is determined, based, at least in part, on one or more processor utilization percentages of the first computer system, and a network bandwidth factor is determined, based, at least in part, on bandwidth utilization of data transport fabric interconnecting the first computer system and the second computer system. A data compression selection index is calculated, based, at least in part, on the distance factor, the processor loading factor, and the network bandwidth factor. The requested data is compressed, when indicated by the calculated data compression selection index, and transmitted from the first computer system to the second computer system. | 2017-06-22 |
20170180448 | AUTOMATICALLY PROVIDING MEDIA ITEMS IN ENVIRONMENTS WITH LIMITED NETWORK PERFORMANCE - A media server provides media items to clients via a network. In some instances, limited network performance of the network makes streaming or on-demand downloading of media items infeasible. In these instances, the media server automatically provides media items to clients for download as network performance allows. Media items may be provided to clients without interrupting the activities of users of the clients, and without active monitoring or watching by users. Clients may issue notifications to users when provided media items are ready for presentation, and clients may present the media items for users to consume. | 2017-06-22 |
20170180449 | ENVIRONMENTALLY ADAPTIVE AND SEGREGATED MEDIA PIPELINE ARCHITECTURE FOR MULTIPLE STREAMING SESSIONS - Systems and methods monitor a system including a remote desktop, a trusted mobile instance, and a delivery handler. The delivery handler can determine if the system is overloaded and to take the appropriate measures to maintain a negotiated minimal QoS and adapt as necessary when the conditions vary. Additionally, the systems and method can address security issues by separating privileges that are typically bundled together in conventional systems, and by applying isolation mechanisms to exposed areas of the system. | 2017-06-22 |
20170180450 | INFORMATION PROVIDING SYSTEM, APPARATUS AND METHOD FOR INFORMATION PROCESSING, AND COMPUTER PROGRAM PRODUCT - An information providing system includes the following elements. An IC card stores card ID. An information providing terminal reads out the card ID of the IC card, provides information to the IC card, and transmits the card ID and the information provided to the IC card or the ID of the provided information to a management server. The management server receives the card ID and the information provided to the IC card or the provided information ID from the information providing terminal, has a database to manage the card ID and the provided information such that the card ID is associated with the provided information, acquires the information provided to the IC card from the database in response to an information request from a client terminal, and supplies the provided information to the client terminal. The client terminal displays the provided information supplied from the management server. | 2017-06-22 |
20170180451 | SYSTEM AND METHOD FOR REMOTELY ACCESSING A LOCAL COMPUTER NETWORK VIA A WEB INTERFACE - Embodiments of this invention relate to remote access of a local computer network. More specifically, embodiments of this invention relate to a computer system and computer-implemented method for receiving instructions from a remote user to establish remote access to a local computer network, and responding by receiving one or more unique identifiers configured to identify the local computer network and establishing secure remote access to the local computer network. Instructions are received from the remote user via a web interface. | 2017-06-22 |
20170180452 | PERFORMANCE OF SECURE MOBILE APPLICATIONS - A request for a first resource by a user is received. In response to receiving the request for a first resource, a second resource is determined based on the first resource and a resource usage pattern of the user. A response to the request for the first resource is provided. The response includes the first resource and the second resource. | 2017-06-22 |
20170180453 | APPARATUS AND METHOD FOR TRANSMITTING STREAMING DATA IN WIRELESS COMMUNICATION SYSTEM - The present disclosure relates to a pre-5 | 2017-06-22 |
20170180454 | TRACKING A STATUS OF A FILE TRANSFER USING FEEDBACK FILES CORRESPONDING TO FILE TRANSFER EVENTS - A device may receive a set of feedback files associated with a file transfer from a first device to a second device. A feedback file, of the set of feedback files, may include a timestamp corresponding to an event associated with the file transfer. The device may determine configuration information associated with the file transfer. The configuration information may include timing information, associated with the event, that identifies an expected time associated with the event. The device may determine status information associated with the file transfer. The status information may be determined based on the timestamp corresponding to the event and the timing information associated with the event. The device may provide the status information. | 2017-06-22 |
20170180455 | DELEGATION OF DETAILED CONTENT AND APP REVIEWS BETWEEN NEARBY DEVICES - A method is provided for allowing a user to write and submit a review of an application. The method comprises receiving, from a first computing device, a request to write a review of an application, detecting whether one or more second computing devices are in the vicinity of the first computing device, determining whether the first computing device or one of the one or more second computing devices is to be used to write the review, and initiating a rating user-interface (UI) to be displayed over the determined computing device, and receiving from the determined computing device the written review. | 2017-06-22 |
20170180456 | METHOD, DEVICE, AND SYSTEM FOR CONTROLLING NETWORK DEVICE AUTO-PROVISIONING - A method, device, and system for controlling network device auto-provisioning is provided. The method includes: acquiring network topology information that is in a live network and of a network device, where the network topology information includes an interface and an IP address of an uplink device directly connected to the network device. The method also includes detecting whether the network topology information in the live network matches preset network topology information; and if the network topology information in the live network matches the preset network topology information, sending, by a network management device to the network device, information about enabling the File Transfer Protocol (FTP) or Trivial FTP (TFTP), and an identifier of an operating system file and/or an identifier of a configuration file, so that the network device acquires the operating system file and/or the configuration file. | 2017-06-22 |
20170180457 | SHARING VIDEO FOOTAGE FROM AUDIO/VIDEO RECORDING AND COMMUNICATION DEVICES - Video footage captured by A/V recording and communication devices may be readily uploaded to the cloud and shared with a requesting party, such as a law enforcement agency. When a request is received from a requesting party for video footage, a set of videos meeting the criteria specified by the requesting party may be determined. Consent requests may then be sent to users associated with each of the A/V recording and communication devices that recorded the videos meeting the criteria specified by the requesting party. When user consents to share the videos are received, the video footage may be provided to the requesting party. | 2017-06-22 |
20170180458 | COLLABORATIVE MULTI-MEDIA, MULTI-CHANNEL COGNITIVE VISUAL ANALYTICS RATIONALE AUTHORING AND PLAYBACK - Various embodiments provide a multi-channel collaborative visual analytics (CVA) system, method and computer program product for coordinating collaborative data exploration. The system comprises a central CVA server and a plurality of client devices. The CVA server has a plurality of local channels and a global channel. Each client device is coupled to one or more local channels of the central CVA server by one or more WebSockets and communicates state change event data of a distributed-web-connected application to the central CVA server. The central CVA server manages both real-time delivery and recorded playback of the state change events for the plurality of client devices. The CVA system further comprises a persistent store that stores the state change events from the plurality of client devices for deferred playback. | 2017-06-22 |
20170180459 | BUILDING DEPLOYMENT PIPELINES FOR A PRODUCTION COMPUTING SERVICE USING LIVE PIPELINE TEMPLATES - Techniques are presented for managing a deployment pipeline using an inheritable and extensible source code template—generally referred to as a live pipeline template (LPT). As described, live pipeline templates may be used to manage deployment pipelines which, in turn, are used to launch, maintain, and update the services and systems used to host and provide computing services. | 2017-06-22 |
20170180460 | SYSTEMS AND METHODS OF CAPTURING AND DISTRIBUTING IMAGING CONTENT CAPTURED THROUGH UNMANNED AIRCRAFT SYSTEMS - In some embodiments, systems and methods are provided to capture and distribute imaging content. Some embodiments, provide remote inspection systems, comprising: an unmanned aircraft system (UAS) base station control system that wirelessly communicates with an UAS, and comprises: a wireless transceiver; a control circuit; and a memory wherein the control circuit: receives imaging content, captured by a camera of the UAS; establishes a network connection with a content distribution system and activate a distribution session; and communicates the imaging content to the content distribution system that enables multiple remote authorized rendering systems to access the networked content distribution system over the Internet, join the distribution session, and receive over the Internet in real time the imaging content allowing each of the rendering systems to visually play back the imaging content such that a user at each of the multiple rendering systems can watch the imaging content in real time. | 2017-06-22 |
20170180461 | SYSTEM AND METHOD FOR AUTOMATICALLY INITIATING AN INTEGRATED VIRTUAL PRIVATE NETWORK CONNECTION FOR ESTABLISHING A COMMUNICATIONS SESSION - A system and method for initiating a VPN connection for the purposes of establishing an indirect connection to a network resource through the VPN includes an initiation device, an end target, and a VPN server. The process through which a VPN connection is initiated in order to establish a connection to a network destination through the VPN begins with the initiation device being directed to or otherwise attempting the access a target network destination. This connection attempt is then held, either because the destination is blocked or because it defines a secure address that requires a secure connection. Then, the initiation device contacts a VPN server and establishes a connection to the VPN server's network. Once connected to the VPN server's network, the initiation device allows the connection to be made to the target network destination through the initiation device's connection the VPN server's network. | 2017-06-22 |
20170180462 | METHOD AND APPARATUS FOR CREATING AND MANAGING CONTROLLER BASED REMOTE SOLUTIONS - A method and apparatus for creating and managing a controller based remote solution is provided. The method comprises receiving, at a code virtualization server (CVS) from a graphical user interface (GUI), an input of a solution comprising a controller communicably coupled with and operable to control a sensor and/or an actuator, a condition at the at the sensor and/or the actuator, an action for execution by the controller upon the condition being met, and at least one parameter for the solution. A program (AGCP) for the controller is automatically generated on the CVS based on the input solution. The program comprises code to check if the condition is met, and to execute the action when the condition is met. The AGCP is downloaded to a storage on the user device, or sent to the at least one controller, for installation on the at least one controller. | 2017-06-22 |
20170180463 | METHOD, DEVICE AND SYSTEM FOR INVOKING LOCAL SERVICE ASSEMBLY BY BROWSER - A method, an apparatus and a system for invoking a local service component by a browser are provided. The method includes receiving, by a client terminal, a connection request based on a cross-domain communication protocol initiated by a browser terminal; performing, by the client terminal, validity verification of the connection request; and if the connection request passes the validity verification, establishing, by the client terminal, a communication connection with the browser terminal based on the cross-domain communication protocol to allow the browser terminal to invoke a local service component. The present disclosure can achieve an invocation of a local service component by most mainstream browsers, and has a better security of communications. | 2017-06-22 |
20170180464 | Evaluating The Efficacy Of An Advertisement Campaign - Methods for A/B testing to evaluate the efficacy of an advertisement campaign are disclosed. An advertisement request is received via an IP network from a publisher connected to the IP network. The advertisement request comprises information including a device identifier of a device requesting a resource from the publisher over the IP network. A determination is made to respond to the advertisement request or not on the basis of the information in the advertisement request. In response to determining to respond to the advertisement request, a hash of the device identifier is evaluated to determine whether the device belongs to a control group or not. In response to determining that the device belongs to the control group, no response is made to the advertisement request. | 2017-06-22 |
20170180465 | METHOD, INFORMATION PROCESSING APPARATUSES AND NON-TRANSITORY COMPUTER-READABLE STORAGE MEDIUM - A method using a first information processing apparatus and a load balancing apparatus, the first information processing apparatus being configured to operate as a plurality of virtual machines, the method includes transmitting, by the first information processing apparatus, a plurality of packets to the load balancing apparatus, receiving, by the first information processing apparatus, one or more packets included in the plurality of packets distributed by the load balancing apparatus, deciding, by the first information processing apparatus, a first threshold related to a load of the plurality of virtual machines based on a ratio of a number of the one or more packets to a number of the plurality of packets, and deleting, by the first information processing apparatus, one or more virtual machines included in the plurality of virtual machines when the load of the plurality of virtual machines is less than the first threshold. | 2017-06-22 |
20170180466 | Allocation of Transmission Attempts - For a communication between two UEs that passes through a network node, a total number of transmission attempts for a same set of data is divided between first and second data transmission attempt(s). The first data transmission attempt(s) are allowed to be performed from a first one of the two UEs toward the network node. The second data transmission attempt(s) are allowed to be performed from the network node or from a second network node toward a second one of the two UEs. Performance of the first and second data transmission attempt(s) is coordinated based on the division to cause communication of the set of data from the first UE to the second UE. A single network node may perform the first and second data transmission attempts, or a first network node performs the first data transmission attempts while a second network node performs the second data transmission attempts. | 2017-06-22 |
20170180467 | Method, Device and System for Data Processing based on P2P Network - Disclosed are a method, an electronic device and a system for processing data based on a P2P network. The method includes: first of all, receiving, by a P2P server, node information of a nonlicet P2P node sent by a P2P node, wherein the node information of the nonlicet P2P node is sent by the P2P node when a presence of the nonlicet P2P node is detected, the nonlicet P2P node is a P2P node that sends false data, whose accumulative number is greater than or equal to a preset number threshold, to the P2P node; then performing statistical calculation on report numbers of times respectively corresponding to nonlicet P2P nodes according to the node information of the nonlicet P2P node; finally detecting whether a nonlicet P2P node whose report number of times is greater than or equal to a preset threshold is present; and eliminating the nonlicet P2P node whose report number of times is greater than or equal to the preset threshold from the P2P network if the nonlicet P2P node is present. | 2017-06-22 |