36th week of 2022 patent applcation highlights part 68 |
Patent application number | Title | Published |
20220286401 | PRIORITY-BASED FLOW CONTROL MESSAGING FOR PORT EXTENDER - A port extender provides individual flow control for ports multiplexed from a network device. The port extender is configured to multiplex a network device port across the front panel ports on the port extender. The port extender also determines that an input buffer for the network device port is overloaded, and generates a Priority-based Flow Control (PFC) frame identifying that the network device port is congested. The port extender sends the PFC frame via the network device port to the network device. The PFC frame causes the network device coupled to the network device port to discontinue sending data for transmission from the plurality of ports on the port extender. | 2022-09-08 |
20220286402 | METHOD AND APPARATUS FOR CONTROLLING DATA PACKET SENDING, MODEL TRAINING METHOD AND APPARATUS, AND SYSTEM - A controlling data packet sending method. The method for controlling data packet sending includes: obtaining a plurality of control models, where the plurality of control models corresponds to a plurality of conditions; selecting, based on a first condition, a first control model corresponding to the first condition from the plurality of control models, the first control model is used to process a transmission parameter of any network in at least one network; processing, by using the first control model, a transmission parameter of a first network accessed by an end node, to obtain a first control parameter required for sending the data packet of the first application by the end node by using the first network; and controlling sending of the data packet of the first application based on the first control parameter. | 2022-09-08 |
20220286403 | Methods, Apparatus and Machine-Readable Media Relating to Transmission and Reconstruction of Data Streams Using Data Duplication - The disclosure provides, inter alia, a method performed by a wireless receiving node for receiving a data stream from one or more wireless transmitting nodes, the data stream comprising a sequence of data items. The method comprising: receiving an indication of an algorithm from a wireless transmitting node of the one or more wireless transmitting nodes; receiving a plurality of data packets from the one or more wireless transmitting nodes, each data packet comprising respective duplicate copies of data items belonging to the data stream; and utilizing the algorithm to select, based on respective times at which the data packets are received, for each position in the sequence, one or more of the duplicate copies of data items for reconstruction of the data stream. | 2022-09-08 |
20220286404 | RESOURCE MANAGEMENT APPARATUS, RESOURCE MANAGEMENT SYSTEM, AND RESOURCE MANAGEMENT METHOD - A resource management apparatus, a resource management system, and a resource management method. The resource management apparatus stores in one or more memories, positional relation of a resource and reservation information related to a reservation of the resource, in response to receiving a usage start request for starting a use of the resource from a communication terminal, determines whether one or more resources in surroundings are secured based on the positional relation and the reservation information, identifies the resource as an available resource in response to a determination that the one or more resources in the surroundings are not secured, and transmits usage information regarding the use of the available resource to the communication terminal. | 2022-09-08 |
20220286405 | METHOD FOR CONTROLLING COMMUNICATION AVAILABILITY IN A CYBER-PHYSICAL SYSTEM - The present subject matter relates to a method comprising: determining that a communication of data in a cyber-physical system may not fulfil an availability criterion. An emergency schedule of resources may be determined for enabling a communication of further data in the system in compliance with the availability criterion. The emergency schedule of resources may be used for communication of further data in the system in case the communication of the data does not fulfill the availability criterion. | 2022-09-08 |
20220286406 | DYNAMIC ALLOCATION OF BANDWIDTH TO VIRTUAL NETWORK PORTS - A disclosed method and system for allocating bandwidth among a plurality of virtual network ports assigned to a plurality of virtual machines accesses assignment information indicating which virtual network ports are assigned to which virtual machines. A network bandwidth manager (NBM) receives network utilization information indicating the network utilization of each virtual network port/The NBM further receives virtual machine priority information indicative of a derived priority for each of the plurality of virtual machines. The NBM configures bandwidth parameters for each of the virtual network ports based on the assignment information, network utilization information, and the virtual machine priority information. | 2022-09-08 |
20220286407 | On-Demand Compute Environment - An on-demand compute environment comprises a plurality of nodes within an on-demand compute environment available for provisioning and a slave management module operating on a dedicated node within the on-demand compute environment, wherein upon instructions from a master management module at a local compute environment, the slave management module modifies at least one node of the plurality of nodes. | 2022-09-08 |
20220286408 | SYSTEMS AND METHODS FOR INTELLIGENT APPLICATION GROUPING - A method is described that comprises collecting communication data travelling among a plurality of computing nodes in a networked environment. The method includes using the communication data to create a plurality of connectivity records, wherein each connectivity record comprises a communication between a source computing node and a destination computing node of the plurality of computing nodes. The method includes associating the communication with an application context and protocol. The method includes processing the plurality of connectivity records to eliminate connectivity records that meet at least one criteria, wherein the plurality of connectivity records includes associated application contexts and protocols, wherein a first portion of the plurality of connectivity records comprises the eliminated connectivity records, wherein a second portion of the plurality of connectivity records comprises the remainder of the connectivity records. The method includes building a graph using the second portion of the connectivity records. | 2022-09-08 |
20220286409 | METHOD AND APPARATUS FOR CONFIGURING QUALITY OF SERVICE POLICY FOR SERVICE, AND COMPUTING DEVICE - This application provides a method and apparatus for configuring a quality of service policy for a service, and a computing device, and belongs to the field of network communications technologies. The method includes: obtaining a first data flow forwarded by a virtual switch; determining service information of the first data flow, where the service information includes a service type of the first data flow and an access path of the first data flow; determining, based on the service information of the first data flow, a quality of service QoS policy matching the first data flow; and configuring devices on the access path based on the matched QoS policy. According to this application, efficiency of configuring a quality of service policy for a service can be improved. | 2022-09-08 |
20220286410 | NETWORK QUALITY OF SERVICE CONTROLLER - Apparatus, systems, and methods for managing a network. One or more network devices on a network and a QoS policy are periodically evaluated. A QoS operational status of the network is evaluated and a remediation action is implemented based on the evaluation of the QoS operational status of the network and the evaluation of the QoS policy, the remediation action comprising adjusting a bandwidth allocation for each of one or more queues. | 2022-09-08 |
20220286411 | Authorizations Associated With Externally Shared Communication Resources - Various embodiments of the present disclosure are directed to a group-based communication apparatus that is configured to enable end-users (e.g., non-admin users) to initiate, by way of client devices, generation of a shareable resource associated with a group-based communication resource identifier to efficiently authorize communication between client devices associated with different organization identifiers in group-based communication interfaces associated with a shared group-based communication resource identifier. | 2022-09-08 |
20220286412 | REAL-TIME, TIME AWARE, DYNAMIC, CONTEXT AWARE AND RECONFIGURABLE ETHERNET PACKET CLASSIFICATION - An ultra-high speed electronic communications device includes: a network communications interface; a memory; and one or more processing units, communicatively coupled to the memory and the network communications interface, wherein the memory stores instructions configured to cause the one or more processing units to: receive a data packet using the network communications interface; determine a classification of the data packet based, at least in part, on a plurality of factors, wherein the plurality of factors comprises a rate at which the data packet was received and a time at which the data packet was received; select, based at least in part, on the classification, an operation from a plurality of operations, wherein the plurality of operations comprises a cut-through operation and a store-and-forward operation; and perform the selected operation. | 2022-09-08 |
20220286413 | METHOD, SYSTEM, AND COMPUTER PROGRAM FOR PROVIDING ONLINE CHATROOM SERVICE - A chatroom providing method includes searching for a consultation product corresponding to a user request; processing payment for the consultation product selected from the result of the search; and providing a one-to-one conversation by activating a chatroom between a user and an expert who has registered the consultation product for which the payment has been completed. A guide information associated with the consultation product is configured and provided in the chatroom as a chatbot message. | 2022-09-08 |
20220286414 | DIRECTED CONNECTIONS ON A COMMUNICATION PLATFORM - A dynamic communication link provided. Briefly, a process aggregates content from content providers in the form of triggers (e.g., QR codes, newsfeeds, etc.). Here, the content is related to information of interest to users. In the example of newsfeeds, the process curates a newsfeed for a user by assembling articles, each article selected for the user based upon data in a user profile, data associated with the article, combinations thereof, etc. Upon initiation of the trigger, the communication platform initiates an ability to carry out a direct communication between the user and a specific representative of a content provider that is associated with the trigger, where the direct communication is independent of the trigger. | 2022-09-08 |
20220286415 | Dynamic Subscription and Message Routing on a Topic Between Publishing Nodes and Subscribing Nodes - A system for dynamic message routing on a topic between publishing nodes and subscribing nodes includes a plurality of message queues, at least one topic/node table, a subscribing module, a publishing module, and other modules to send messages between one or more publisher and one or more subscribers. These modules are coupled together by a bus in a plurality of nodes and provide for the dynamic message routing on a topic between publishing nodes and subscribing nodes. The message queues store messages at each node for delivery to subscribers local to that node. The topic/node table lists which clients subscribe to which topics, and is used by the other modules to ensure proper distribution of messages. The subscribing module is use to establish a subscription to a topic for that node. The publishing module is used to identify subscribers to a topic and transmit messages to subscribers dynamically. The other modules include various devices to optimize message communication in a publish/subscribe architecture operating on a distributed computing system. The present invention also includes a number of novel methods including: a method for publishing a message on a topic, a method for forwarding a message on a topic, a method for subscribing to messages on a topic, a method for automatically removing subscribers, a method for direct publishing of messages, and methods for optimizing message transmission between nodes. | 2022-09-08 |
20220286416 | METHOD AND APPARATUS FOR GENERATING ACCOUNT INTIMACY - A method for generating an account intimacy includes: obtaining a set of accounts in an instant messaging (IM) group; obtaining a communication frequency between two accounts in the set of accounts within a preset time period; generating a communication network graph based on the communication frequency; obtaining an embedding vector of each account output by a graph model, in which the graph model is trained based on the communication network graph; and generating an intimacy between two accounts based on the embedding vectors of the two accounts. | 2022-09-08 |
20220286417 | CONTENT MANAGEMENT SYSTEM WITH INTEGRATED EMAIL SERVICE - Disclosed herein are techniques for combining content management system functionality with an email or messaging server. A system can associate an email with a content item, through express attachment, direct reference such as a link, indirect reference, or otherwise. The system can store the associated content item within content item storage or identify a stored content item that is identical to the content item that is associated with the email. The system can then enhance email service functionality with the stored content item. For example, the system can present the stored content item or information about the stored content item along with the email. The system can also automatically grant permissions to the stored content item with participants of the email. | 2022-09-08 |
20220286418 | DYNAMICALLY CONTROLLED PERMISSIONS FOR MANAGING THE COMMUNICATION OF MESSAGES DIRECTED TO A PRESENTER - The techniques disclosed herein provide dynamic permissions for controlling messages directed to a presenter of a communication system. For example, during a presentation of an online meeting, a system may selectively permit private messages to be sent to a presenter from designated participants. The private messages sent from the designated participants are displayed to the presenter in a manner that does not allow the other participants to see the messages. For instance, if the presenter is sharing a screen from a computer, the system can determine a set of permitted users allowed to send messages to the presenter. The system configures permissions to cause the messages to be displayed in a manner that allows the presenter to view the messages along with their presentation content, while restricting or suppressing the display of the messages to other non-permitted users. The system restricts the non-permitted users from sending messages to the presenter. | 2022-09-08 |
20220286419 | SYSTEM AND METHOD FOR IMPROVING DETECTION OF BAD CONTENT BY ANALYZING REPORTED CONTENT - Systems, methods and products for increasing efficiency of resource usage by determining the reliability of reporters of unwanted messages and prioritizing evaluation of messages based on the reliability scores. Reports of unwanted messages are evaluating to determine whether they are bad. If an unwanted message is bad, a score for the reporter is updated to reflect a positive credit. A set of safe rules are applied to the message to determine whether it is safe and if the message is determined to be safe, the reporter score corresponding to the reporter is updated to reflect a non-positive (zero or negative) credit. If the message is determined to be neither bad nor safe, the message is entered in a reevaluation queue and, after a waiting period, the message evaluation is repeated using updated threat information, and the reporter score is updated according to the reevaluation. | 2022-09-08 |
20220286420 | SYSTEM FOR BRIDGING, MANAGING, AND PRESENTING SMARTPHONE & OTHER DATA FILES WITH TELEPHONY INTERACTIONS - A system for interfacing with mobile carrier networks, mobile application-equipped devices, social media networks, and individual and Enterprise user's databases, contacts, pictures, videos, and text is disclosed. A data link is connected to a mobile carrier network to receive user application and other data. Additional data links are connected to a user's stored smartphone content, including contacts, pictures, videos and other stored information as well as databases and an application-equipped device to obtain and exchange information in determining data selection, routing, presentation, and updating instructions. A user interface is connected to the system to accept configurable conditions for determining selection, routing and sharing instructions. There is a data conversion function for each data source. Synchronization between stored user preferences to automated or semi-automated updates and routes is provided by application driven consumer defined preferences. | 2022-09-08 |
20220286421 | INFORMATION PROCESSING METHOD, INFORMATION PROCESSING DEVICE, AND RECORDING MEDIUM - An information processing method executed by a computer to control notification by a plurality of terminals (first terminal and second terminal) associated with an appliance includes: obtaining information defining, for each state of a plurality of possible states of the appliance, whether the state is a predetermined state that requires the notification by all of the first terminal and the second terminal; obtaining a state of the appliance; determining whether the state of the appliance obtained is the predetermined state; performing control to cause all of the first terminal and the second terminal to make the notification, when it is determined that the state of the appliance is the predetermined state; and performing control to cause a specific terminal out of the first terminal and the second terminal to make the notification, when it is determined that the state of the appliance is not the predetermined state. | 2022-09-08 |
20220286422 | Message Processing Method and Apparatus - Embodiments of the present invention relate to the field of communications technologies, and provide a message processing method and apparatus, to resolve a prior-art problem that intelligence of a notification message processing method is relatively low. In the embodiments of the present invention, an importance level of each application is determined based on a historical use feature of each application, and then a notification manner of a notification message of each application is determined based on the importance level of each application, so that when a notification message is received, the notification message is displayed in the notification manner corresponding to the application to which the notification message belongs. Solutions provided in the embodiments of the present invention are suitable for use during notification message processing. | 2022-09-08 |
20220286423 | Message Queue Architecture and Interface for a Multi-Application Platform - Non-volatile memory may contain definitions of: (i) a plurality of message queue implementations respectively associated with different queue behaviors, the different queue behaviors specified by corresponding sets of modes, and (ii) an application programming interface (API) through which applications can access one or more message queues. One or more processors may be configured to: create a message queue of a particular message queue type, supported by a corresponding message queue implementation, by specifying a set of modes corresponding to a queue behavior; receive, from a producing application and by way of the API, one or more messages for the message queue; store the one or more messages in a data structure associated with the message queue; receive, from a consuming application and by way of the API, a request to read from the message queue; and provide a message from the message queue to the consuming application. | 2022-09-08 |
20220286424 | SELECTION OF AN EGRESS IP ADDRESS FOR EGRESS TRAFFIC OF A DISTRIBUTED CLOUD COMPUTING NETWORK - A map of IP addresses of a distributed cloud computing network to one or more groupings is stored. The IP addresses are anycast IP addresses for which compute servers of the distributed cloud computing network share. These IP addresses are to be used as source IP addresses when transmitting traffic to destinations external to the cloud computing network. The map is made available to external destinations. Traffic is received at the distributed cloud computing network that is destined to an external destination. An IP address is selected based on the characteristic(s) applicable for the traffic and the map. The distributed cloud computing network transmits the traffic to the external destination using the selected IP address. | 2022-09-08 |
20220286425 | Method and Apparatus for Establishing End-to-End Network Connection, and Network System - A method for establishing an end-to-end network connection includes obtaining, by a first node, super node information from a server, obtaining, by the first node, a network address translation (NAT) type of the first node, obtaining, by the first node, a NAT type of a to-be-connected second node from the server, determining, by the first node based on the NAT type of the first node and the NAT type of the second node, whether to use a relay node, and selecting, by the first node, the relay node from super nodes to establish a connection to the second node. | 2022-09-08 |
20220286426 | NETWORK ADDRESS COMPRESSION FOR ELECTRONIC DEVICES - The subject technology provides an in-place encoding of a network identifier that compresses the network identifier without mapping the network identifier to a another server or service, such as URL shortening service. The network identifier may be compressed using segmented encoding operations that segment the network identifier, and encode the characters of the network identifier using a first set of encoding operations for a first portion of the network identifier and a second set of encoding operations for a second portion of the network identifier. Template encoding may also be provided for network identifiers that conform to a predefined template format. | 2022-09-08 |
20220286427 | DYNAMIC VPN ADDRESS ALLOCATION - Methods and related systems are presented that relate to automatically avoiding address conflicts when establishing a secure communications link over a public network between a local computer, associated with a local network, and a remote device, located outside the local network. Local network addresses on the local network reserved for use, and a block of local network addresses that do not conflict with the reserved local network addresses, are identified. At least one local network address is selected from the block and assigned as an address of the local device for use in communicating with the remote device securely over the public network. Communication is facilitated with the remote device using the network driver based on the assigned at least one local network address. | 2022-09-08 |
20220286428 | Cloud-based 5G security network architectures with workload isolation - Cloud-based 5G security, implemented in a Multi-Access Edge Compute (MEC) system, includes steps of receiving a request for compute resources from User Equipment (UE); validating a user of the UE for the compute resources; responsive to the user being authorized, creating a connection between the UE and a destination of the compute resources; responsive to the user being unauthorized, rendering the compute resources as hidden from the UE. The steps can include utilizing a cloud-based system for control and signaling the connection. | 2022-09-08 |
20220286429 | Cloud-based 5G security network architectures with secure edge steering - Cloud-based 5G security, implemented in a Multi-Access Edge Compute (MEC) system, includes steps of receiving a request for a workload from User Equipment (UE) via a Radio Access Network (RAN); determining a path to the workload; creating a tunnel to the workload; and steering the request to the workload via the tunnel that is independent of any underlying mobile network for the RAN. The tunnel can be encrypted and used on a per-application and per-session basis. | 2022-09-08 |
20220286430 | SYSTEM AND METHOD FOR IMPLEMENTING A SMART FAILOVER MODULE - Various methods, apparatuses/systems, and media for implementing a smart failover module is disclosed. A processor detects an application specific system fault or degradation event in a first availability zone (AZ) on which an application is running during normal runtime of the application; determines, in response to detecting the application specific system fault or degradation event, whether the application includes an active-passive application infrastructure in which the first AZ is paired with a passive AZ; enables traffic, in connection with running or deployment of the application, on the passive availability zone in response to determining that the application includes an active-passive application infrastructure; and disables traffic from the first AZ on which the application specific system fault or degradation has been detected in response to determining that the application does not include an active-passive application infrastructure and/or in response to enabling traffic on the passive AZ. | 2022-09-08 |
20220286431 | DNS RESOLVER-ASSISTED DOMAIN NAME-BASED ACCESS CONTROL - A domain name system (DNS) resolver includes a processor and a non-transitory computer-readable media storing instructions that, when executed by the processor, causes the processor to perform operations including receiving, from a client device, a request for an internet protocol (IP) address associated with a domain name, determining the IP address associated with the domain name, sending first data defining the IP address associated with the domain name to the client device, and sending second data defining the IP address associated with the domain name to a firewall device, the second data including an identification of the client device. | 2022-09-08 |
20220286432 | DISCOVERING EMAIL ACCOUNT COMPROMISE THROUGH ASSESSMENTS OF DIGITAL ACTIVITIES - Introduced here are threat detection platforms designed to discover possible instances of email account compromise in order to identify threats to an enterprise. In particular, a threat detection platform can examine the digital activities performed with the email accounts associated with employees of the enterprise to determine whether any email accounts are exhibiting abnormal behavior. Examples of digital activities include the reception of an incoming email, transmission of an outgoing email, creation of a mail filter, and occurrence of a sign-in event (also referred to as a “login event”). Thus, the threat detection platform can monitor the digital activities performed with a given email account to determine the likelihood that the given email account has been compromised. | 2022-09-08 |
20220286433 | APPARATUS AND METHOD FOR SECURITY OF INTERNET OF THINGS DEVICE - Disclosed are an apparatus and a method for Internet of Things (IoT) device security. The method includes unifying a port in a first IoT device for communication, receiving, by the first IoT device, a packet from a second IoT device through the port, identifying whether the packet in the first IoT device is in a preset packet form, verifying content of the packet in the first IoT device when the packet is in the preset packet form, and opening the port for providing a service in the first IoT device when the verifying of the packet content is successful. | 2022-09-08 |
20220286434 | DETECTING HOMOGRAPHS OF DOMAIN NAMES - Various techniques for detecting homographs of domain names are disclosed. In some embodiments, a system, process, and/or computer program product for detecting homographs of domain names includes receiving a DNS data stream, wherein the DNS data stream includes a DNS query and a DNS response for resolution of the DNS query; applying a homograph detector for each domain in the DNS data stream; and detecting a homograph of a domain name in the DNS data stream using the homograph detector. | 2022-09-08 |
20220286435 | DYNAMIC VARIANCE MECHANISM FOR SECURING ENTERPRISE RESOURCES USING A VIRTUAL PRIVATE NETWORK - Disclosed are various examples for securing enterprise resources using a virtual private network. At least one computing device that can authenticate a client device for a virtual private network (VPN) connection based on a first device identifier received from the client device and a second device identifier received from a remote management service. The at least one computing device can determine that a network event associated with the client device has been observed and execute a machine learning routine to identify a pattern of access for the client device. A network access anomaly is determined in response to a network interaction of the client device deviating from the pattern of access for the client device. A remedial action is performed based on an anomaly type associated with the network access anomaly. | 2022-09-08 |
20220286436 | SYSTEMS AND METHODS FOR PORTABLE COMPUTING DEVICE PROTECTION - Various approaches for providing intermediary threat detection. In some cases, the intermediary threat detection is performed by a communication control port that operatively couples with a portable computing device to protect the portable computing device from network based vulnerabilities and exploits. | 2022-09-08 |
20220286437 | SYSTEM AND METHOD FOR ANONYMOUS PROVIDER TO RECEIVER COMMUNICATION - An automated system comprising a processor and a database are described. The processor executes communication software reading: at least one image corresponding to an identifier of a blood product from a donor; and at least one database storing at least one communication from a receiver of the blood product. The communication software executed by the processor determines an intermediary from the identifier and contacts the intermediary to obtain contact information of the donor. | 2022-09-08 |
20220286438 | MACHINE LEARNING TECHNIQUES FOR MITIGATING AGGREGATE EXPOSURE OF IDENTIFYING INFORMATION - Systems and methods mitigate aggregate exposure of identifying information using machine learning. A privacy monitoring system identifies entities and corresponding entity types by applying a set of domain-specific neural networks, each trained to recognize a particular entity type, to media data extracted from two or more content items associated with a user. The privacy monitoring system computes a privacy score indicating a cumulative privacy risk for potential exposure of identifying information associated with the user from the two or more content items by identifying connections between the identified entities. The connections between the entities are weighted according to the entity types and contribute to the privacy score. A reporting subsystem outputs an indication of a recommended action for mitigating the cumulative privacy risk. | 2022-09-08 |
20220286439 | MULTI-INDEPENDENT LEVEL SECURITY FOR HIGH PERFORMANCE COMPUTING AND DATA STORAGE SYSTEMS - Systems, methods, and apparatus for a MILS HPC, data storage system (DSS) system architecture that incorporates a multi-crypto module (MCM) to provide end-to-end multi-independent level security (MILS) protection. Configuration of each MCM enables a high performance computing (HPC) resource to compute different security domains with the associated security level keys from a key/node manager. The HPC resource can be dynamically re-allocated to different security level domain(s) by the key/node manager. In one embodiment, the DSS stores encrypted data regardless of the domains. | 2022-09-08 |
20220286440 | Secure Media Delivery - Systems and methods for secure content delivery are described, whereby a software application is provided to a plurality of client devices, the software application configured to implement an application code library. A respective application code library is provided to each one of the plurality of client devices, wherein each application code library implements a respective cryptography key. A CDN cryptographically verifies that a received request was generated using the respective application code library of the requesting client device, before delivering content to the software application on the requesting client device. Other embodiments are also described and claimed. | 2022-09-08 |
20220286441 | SEMI-INTERACTIVE ONE-WAY TRANSFER OF DATA TO AN ISOLATED NETWORK - The present embodiments relate to providing near real-time communications from a public network to a private network. A first computing device in a public network can obtain data packets to be provided to the private network from an application executing on the first computing device. A trust module executed by the first computing device can authenticate the user, application, and the data packets to be provided to the private network and add metadata relating to the sending user, recipient user, etc. The data packets can be forwarded to the private network via a cross-domain system (CDS). The metadata and the digital signature on the data packets can be verified by a trust module executing on a second computing device in the private network. The second computing device can receive the data packets and store the data packets for subsequent actions to be performed in the private network. | 2022-09-08 |
20220286442 | Key Distribution Method, Key Receiving Method, First Key Management System, and First Network Element - The present invention disclose a key distribution method. The method includes obtaining, by a first key management system, a shared key of a first network element, where the shared key of the first network element is generated according to a key parameter obtained after the first network element performs authentication or a root key of the first network element; obtaining a service key, where the service key is used to perform encryption and/or integrity protection on communication data in a first service between the first network element and a second network element; performing encryption and/or integrity protection on the service key by using the shared key of the first network element, to generate a first security protection parameter; and sending the first security protection parameter to the first network element. According to present invention, data can be protected against an eavesdropping attack in a sending process. | 2022-09-08 |
20220286443 | AUTHENTICATION OF SERVICE REQUESTS USING A COMMUNICATIONS INITIATION FEATURE - Described are computer-based methods and apparatuses, including computer program products, for facilitating communications initiated through a social networking account. A detected message communicated using a social networking account can be determined to satisfy a response criteria. Code for displaying a communications initiation feature on a customer communications apparatus associated with the social networking account can be transmitted. Selection information representing a selection of the communications initiation feature can be received and can include a parameter associated with the selection and origin information. The selection information can be validated by determining that the selection is associated with the social networking account and by comparing the parameter with a stored credential associated with the communications initiation feature. When the selection is validated, the communications can be facilitated. | 2022-09-08 |
20220286444 | WEB INTEGRATION, TIMING, ACCESS, AND DISTRIBUTION CONTROL - The present disclosure provides systems and techniques for improved back-end integration of third-party content and an administrative framework allowing for user experience management for a computer-based environment. Described herein, for example, are approaches to improving secure access to multiple web-based systems, integrating web-based content, and controlling timing of web interaction. The problems addressed herein relate to coordinating access and delivery of web content from and to multiple sources and multiple users in an integrated and time-controlled manner. | 2022-09-08 |
20220286445 | GENERATION OF A PERSONA KEY - Generating a persona key based on at least internet protocol session information associated with a user equipment and user data associated with the user equipment is disclosed. The disclosed subject matter can enable communication of the persona key to a capturing device to enable a portion of information from a user profile correlated to the persona key to be communicated to a receiving device. In some embodiments, the persona key can further be based on time, date, location, user input, etc. The persona key can be a dynamic representation of identification that can be more secure than conventional static representations. Additionally, the persona key can be communicated by optical, audio, or electromagnetic techniques that can avoid a user having to speak an account number, password, username, etc., to provide access to the portion of the information from the user profile. | 2022-09-08 |
20220286446 | AUTHENTICATION CREDENTIAL WITH EMBEDDED AUTHENTICATION INFORMATION - Techniques include securely accessing data associated with authorization of an identity, the identity being capable of accessing an access-controlled network resource based on assertion of an authentication credential to an entity associated with the access-controlled network resource; generating a secret data element based on the data associated with authorization of the identity and based on application of a first secret logic algorithm; and making the secret data element available to be embedded in the authentication credential. The entity associated with the access-controlled network resource is configured to: validate the identity based on the secret data element being included in the authentication credential; and access the data associated with authorization of the identity based on application of a second secret logic algorithm to the secret data element. | 2022-09-08 |
20220286447 | PROVIDING SECURITY SERVICES VIA FEDERATION-BASED NETWORK DURING ROAMING - Aspects described herein include a method and related network device and computer program product. The method includes authenticating an identity of a user of a client device associated with an access network provider. Authenticating the identity of the user includes receiving, from an identity provider, a credential associated with the identity and information identifying a network-based security service to be provided to the client device. The method further includes establishing, using the credential and the received information, a secure connection between the access network provider and a security service provider that is capable of providing the network-based security service to the client device. | 2022-09-08 |
20220286448 | ACCESS TO DATA STORED IN A CLOUD - Digital rights management is extended such that control over the access to data stored in a cloud remains with the originator of the data. The access information is coordinated between a rights application in the cloud and a rights server outside the cloud. A rights policy is used for fine-grained regulation of the access for users (user groups), computers (client, server) and validity periods. The access limits actions that can be performed with the data, such as a server application being provided with access to index said data without being able to access the complete contents of the data in the process. The access extension may be used for any type of distributed data processing in which the data are intended to be protected against unauthorized access operations. | 2022-09-08 |
20220286449 | SMART CARD DEVICE, DEVICE FOR GENERATING VIRTUAL CODE FOR AUTHENTICATION, METHOD OF GENERATING VIRTUAL CODE FOR AUTHENTICATION USING THE SAME, AND SERVER FOR VERIFYING VIRTUAL CODE FOR AUTHENTICATION - Provided are a smart card device, a device for generating a virtual code for authentication, a method of generating a virtual code for authentication using the same, and a server for verifying a virtual code for authentication. The method includes transmitting time data to a card upon tagging of the card in which an IC chip has been embedded, receiving, from the card, a virtual code for primary authentication generated based on the time data, generating a virtual code for secondary authentication by using the virtual code for primary authentication, transmitting at least one of the virtual code for primary authentication and the virtual code for secondary authentication to a server, and requesting the server to perform verification on the at least one. | 2022-09-08 |
20220286450 | SYSTEM AND METHOD FOR PASSWORDLESS LOGINS - A login system allows users to access computer systems without using a password. The passwordless system and method can use other information to securely and reliably identify true authorized system users. The identity of a user can be associated with their mobile device. The login can be based upon a minimal amount of information such as a name and a phone number which can be stored as an identification record for each of the users in a database. | 2022-09-08 |
20220286451 | INFORMATION PROCESSING SYSTEM, INFORMATION PROCESSINGMETHOD, AND PROGRAM - An information processing system ( | 2022-09-08 |
20220286452 | Deep Learning for Behavior-Based, Invisible Multi-Factor Authentication - Biometric behavior-based authentication may be enhanced by using convolutional deep neural networks to learn subject-specific features for each subject. The advantage is two-fold. First the need for a domain expert is eliminated, and the search space can be algorithmically explored. Second, the features that allow each subject to be differentiated from other subjects may be used. This allows the algorithm to learn the aspects of each subject that make them unique, rather than taking a set of fixed aspects and learning how those aspects are differentiated across subjects. The combined result is a far more effective authentication in terms of reduction of errors. Behavior-based, invisible multi-factor authentication (BIMFA) mays also automate the responses to authentication second and third factor requests (something you have and something you are). BIMFA leverages continuous, invisible behavioral biometrics on user devices to gain a continuous estimate of the authorization state of the user across multiple devices without requiring any explicit user interaction or input for authentication. As a result, BIMFA can demonstrate that a device is under the control of the authorized user without requiring any direct user interaction. | 2022-09-08 |
20220286453 | BLOCK-CHAIN ENABLED SERVICE PROVIDER SYSTEM - A distributed ledger, e.g., blockchain, enabled operating environment includes a user device that accesses services of a service device by leveraging the decentralized blockchain. For example, a user device can lock/unlock a door (e.g., service device) by interfacing with a smart contract stored on the decentralized blockchain. The user device provides parameters, such as payment, that satisfies the variables of the smart contract such that the user device can access the service device. The service device regularly retrieves information stored in the smart contract on the decentralized blockchain. For example, the retrieved information can specify that the user device is authorized to access the service device or that the service device is to provide a service. Therefore, given the retrieved information, the service device provides the service to the user device. | 2022-09-08 |
20220286454 | SECURING COMPUTER NETWORKS WITH VIRTUAL NETWORKS - In one embodiment, a method is provided. The method includes receive, by a networking device, a request from a first computing device, to connect to the networking device. The method also includes creating a first network. The first network is one of a set of networks of the networking device. The first computing device is one of a set of computing devices that are connected to the network device. Each network of the set of networks is initially isolated from other networks of the set of networks when the network is created. Each network of the set of networks comprises a respective computing device of the set of computing devices. The method further includes assigning the first computing device to the first network. | 2022-09-08 |
20220286455 | APPLICATION IDENTIFICATION - This disclosure describes techniques for identifying an application (e.g., accessing application) that is attempting to access a resource. In some examples, access may be managed by an authentication service. When an access request is received at the authentication service from an application on a client device, the authentication service may ask the application to communicate with an identification agent on the client device. The identification agent may perform one or more tests to discover the identity of the application. In some cases, the identification agent may send the identity of the application to the authentication service. The authentication service may then allow or deny access by the accessing application to the resource based at least in part on the discovered identity. | 2022-09-08 |
20220286456 | Methods, Systems and Computer Program Products for Secure Remote Hardware Access Through Cross-Device Authentication - The present invention relates to cross-device authentication technologies. In particular, the present invention relates to methods, systems and computer program products for enabling cross-device authentication, including for implementation within cloud based service systems, and even more particularly for implementation within cloud gaming systems. | 2022-09-08 |
20220286457 | MANAGING PERMISSIONS FOR COMPUTING DEVICES IN COMPUTER NETWORKS - In one embodiment, a method is provided. The method includes receiving a registration message from a network device. The registration request indicates that a first computing device has connected to the computing devices. The method also includes determining a category for the first computing device based on the registration message. The method further includes determining a set of rules for the computing device based on the category. The method further includes transmitting the set of rules to the network device. The set of rules indicates permissions for the first computing device. Each network of the set of networks is initially isolated from other networks of the set of networks when the network is created. Each network of the set of networks comprises a respective computing device of the set of computing devices. | 2022-09-08 |
20220286458 | SYSTEMS AND METHODS FOR ONBOARDING AND MANAGING APPLICATIONS OVER NETWORKS - This disclosure relates to systems, methods, and apparatuses for determining access models for applications. The access models can be determined using various techniques described herein. The access models can enable the applications to be onboarded into the enterprise system and, in some cases, can be utilized by an identity and access management (IdAM) system and/or identity and governance administration (IGA) system to facilitate ongoing identity management and access control functions for the applications in the enterprise system. | 2022-09-08 |
20220286459 | METHODS AND SYSTEMS FOR MEMORY TRACING IN ASSET MANAGEMENT SYSTEMS - Techniques are disclosed for tracing memory components in asset management systems. A computing device may receive an indication that a new device has been connected to a network. The computing device receives a first set of memory specifications from the new device and a second set of memory specifications from a SoV database. The computing device then generates a memory-asset data structure that stores a third set of memory specifications, each memory specification of the third set of memory specifications being a memory specification that is in both the first set of memory specifications and the second set of memory specifications. The computing device assigns, memory specifications of the third set of memory specifications, a data privacy level that is based on a sensitivity of data stored in the component of the new device. The computing device may then transmit the memory-asset data structure. | 2022-09-08 |
20220286460 | Generating and Implementing Organizational Security Policies - Methods, systems, devices, and tangible non-transitory computer readable media for generating and implementing security policies are provided. The disclosed technology can include accessing a security request associated with generating a security policy based in part on organizational data that includes one or more organizational records. The security request can include one or more rules associated with the security policy. Based at least in part on the security request, the one or more rules that are in compliance with one or more policies associated with the organizational data can be determined. Furthermore, the security policy can be generated based at least in part on the one or more rules that are in compliance with the one or more policies. Furthermore, operations associated with implementing the security policy can be performed. | 2022-09-08 |
20220286461 | PERFORMING AUTHENTICATION - Preference data is received. The received preference data is compared to stored preference data associated with a user with which the received preference data is associated. A determination is made whether to authorize an action based at least on the comparison. The preference data is received as a selection. | 2022-09-08 |
20220286462 | DATA TRANSFER DISCOVERY AND ANALYSIS SYSTEMS AND RELATED METHODS - In various aspects, a data transfer discovery and analysis system may query an entity computing system to identify access credentials for third-party computing systems and scan each access credential to determine associated permissions provided by each access credential on the entity computing system. The data transfer discovery and analysis system may further inspect access logs to identify actual data transfers between the entity computing system and third-party computing systems as well as other access activity associated with each of the credentials. The system can generate and store a mapping of all actual data transfers (e.g., based on the access log data) and potential data transfers (e.g., based on particular access permissions) between/among the entity computing system and the third-party computing systems. By analyzing access logs to determine actual data transfers executed under each particular access credential, the data transfer discovery and analysis system can identify unused and/or underutilized access permissions. | 2022-09-08 |
20220286463 | Managing Admin Controlled Access of External Resources to Group-Based Communication Interfaces via a Group-Based Communication System - Embodiments of the present disclosure relate to managing admin-controlled access of external resources to group-based communication interfaces associated with an organization, via a group-based communication system including APIs for improved external resource permissioning, provisioning, and access handling. Embodiments include methods, computer program products, apparatuses, and systems configured to receive an external resource access request, determine an organization identifier, obtain an admin response indication, set an external resource permission status for the external resource based on the admin response indication, and cause rendering of the requested group-based communication interface based on the admin response indication. Embodiments further relate to provisioning and handling requests for services associated with an external resource by managing one or more single-interface access tokens linked to a multi-interface access token. | 2022-09-08 |
20220286464 | AUTHORIZATION METHOD AND APPARATUS - Example authorization methods and apparatus are described. In one example authorization method, a first network device and a second network device send a first registration request and a second registration request to a third network device, respectively. The first network device further sends a token request to the third network device. The third network device sends a token response including a token to the first network device. The first network device sends a service request including the token to the second network device. In response to determining that the first network device has the permission to access the second network device, the second network device sends a service response to the first network device. | 2022-09-08 |
20220286465 | TENANT USER MANAGEMENT IN CLOUD DATABASE OPERATION - A method of tenant user management in cloud database operation can be implemented. The method can receive an original job request from a user for a database service, wherein the original job request can include a login credential of the user. The method can authenticate the login credential of the user by a scheduler, verify the user has privileges for the original job request by the scheduler, create a modified job request from the original job request by the scheduler based on a predefined role corresponding to the privileges of the user, send the modified job request from the scheduler to a database service platform, and allocate an instance of database service to the user in response to the modified job request. | 2022-09-08 |
20220286466 | EFFECTIVE PERMISSIONS FROM IAM (IDENTITY AND ACCESS MANAGEMENT) POLICIES - The technology disclosed herein enables generation of effective permissions between principals and resources from access policies. In a particular embodiment, a method includes, in an effective permissions service, retrieving one or more access policies that define access permissions between a principal and a resource of the plurality of resources. The method also includes determining an effective permission defining the access of the principal to the resource based on the access policies and defining the effective permission in a canonical format. The method further includes storing the effective permission for reference when the principal attempts to access the resource. | 2022-09-08 |
20220286467 | Managing Application Constraints across Platforms - A computer-implemented technique is described herein for defining and applying constraints that regulate a supervisee's interaction with applications. In one implementation, the technique provides a user interface presentation to a supervisor that lists a set of applications that run on plural application execution platforms. The user interface presentation also allows the supervisor to set platform-agnostic constraint information for any identified application. The platform-agnostic constraint information, once set for an application, constrains interaction by a supervisee with all versions of that same application. That is, the constraint information is said to be agnostic with respect to platform in the sense that it applies to a variety of application execution platforms that run the application. In one example, the platform-agnostic constraint information specifies a permitted amount of an activity that the supervisee is permitted to perform across all versions of an application. | 2022-09-08 |
20220286468 | System and Method for Digital Imaging and Communications in Security Standard Compliance Validation - A system and method for digital imaging and communications in security (DICOS) standard compliance validation. The system and method may validate both communication messages and files for compliance with the DICOS standard. In some embodiments, the system includes a processor for communicating with a test subject and a memory having program instructions stored thereon for performing a compliance test of the test subject to determine if the test subject is complaint with the DICOS standard. Execution of the instructions by the processor causes the processor to carry out the steps of: confirming that a transmitted DICOS message, e.g., a response or request, from the test subject is compliant with the DICOS standard; logging any errors in the transmitted DICOS message from the test subject in a validation report; and transmitting a simulated DICOS message, e.g., a response or request, to the test subject. In some embodiments, the steps further include, in response to the transmitted DICOS message, accessing a DICOMDIR file stored in the memory. The DICOMDIR file may be configured as a directory for DICOM file sets stored the memory. Transmitting the simulated DICOS message to the test subject may be performed in response to accessing the DICOMDIR file stored in the memory. Also, a DICOM file may be stored or retrieved from memory in response to accessing the DICOMDIR file stored in the memory. | 2022-09-08 |
20220286469 | PACKET PROCESSING METHOD, APPARATUS, AND SYSTEM - This application discloses a packet processing method, apparatus, and system, and belongs to the communications field. In the packet processing method, a first device receives a first packet sent by a second device. The first packet includes identifier information and first authentication information of an Ethernet ring. The first device is an edge device of the Ethernet ring, and the second device is a device outside the Ethernet ring. The first device verifies the validity of the first packet based on the identifier information and the first authentication information. The first device processes the first packet after verifying that the first packet is valid. This method improves the security of Ethernet ring networks. | 2022-09-08 |
20220286470 | FACILITATION OF NETWORK PROTECTION FOR 5G OR OTHER NEXT GENERATION NETWORK - Network abnormalities can be mitigated using several levels of responses based on the type of abnormality and the operational level impact. The invention details methods of utilizing software intelligence to orchestrate a variety of network controls to enable the network to protect itself. For scenarios where the software intelligence determines to have low operational impact, certain actions would be applied, such as prompt the network to send a text to a mobile device alerting a user of the mobile device to perform a firmware upgrade while for other, more urgent scenarios, the network can prompt a more rigorous response such as terminating access. The combination of intelligent network observation along with a variety of controls provides an effective network protection. | 2022-09-08 |
20220286471 | Honeypot Network with Dynamically Updated Alert Modules for Detecting Anomalous Connections - Analyzing and reporting anomalous internet traffic data by accepting a request for a connection to a virtual security appliance, collecting attribute data about the connection, applying an alert module to the data, and automatically generating an alert concerning an identified incident. An alert system for analyzing and reporting the anomalous internet traffic data. A processor to analyze and report anomalous internet traffic data. | 2022-09-08 |
20220286472 | ANOMALOUS USER ACCOUNT DETECTION SYSTEMS AND METHODS - Autoencoder-based anomaly detection methods have been used in identifying anomalous users from large-scale enterprise logs with the assumption that adversarial activities do not follow past habitual patterns. Most existing approaches typically build models by reconstructing single-day and individual-user behaviors. However, without capturing long-term signals and group-correlation signals, the models cannot identify low-signal yet long-lasting threats, and will incorrectly report many normal users as anomalies on busy days, which, in turn, leads to a high false positive rate. A method is provided based on compound behavior, which takes into consideration long-term patterns and group behaviors. The provided method leverages a novel behavior representation and an ensemble of deep autoencoders and produces an ordered investigation list. | 2022-09-08 |
20220286473 | ANOMALY DETECTION SYSTEM AND ANOMALY DETECTION METHOD - An anomaly detection system is a system in an in-vehicle network system that includes one or more ECUs mounted on a vehicle and in which the vehicle and a server are capable of communicating with each other through a plurality of communication routes. The anomaly detection system includes: an anomaly detector that detects an anomaly in the vehicle; a determiner that determines, out of the plurality of communication routes, a communication route for transmitting anomaly detection result information indicating a result of detection of the anomaly in the vehicle to the server, according to occurrence of a specific anomaly; and an anomaly detection result transmitter that transmits the anomaly detection result information to the server using the communication route determined. | 2022-09-08 |
20220286474 | CONTINUOUS SCORING OF SECURITY CONTROLS AND DYNAMIC TUNING OF SECURITY POLICIES - Techniques, methods and/or apparatuses are disclosed that enable of cyber risks on assets of networks to be evaluated in presence of security controls on the assets. In this way, effect of security controls already in place may be quantified. A novel scoring technique is presented. Also, use of causal inference is in the context of security risk assessment is described. | 2022-09-08 |
20220286475 | AUTOMATIC GENERATION OF VULNERABITY METRICS USING MACHINE LEARNING - Techniques, methods and/or apparatuses are disclosed that enable generation of vulnerability vectors of newly identified vulnerabilities (e.g., CVEs). Based on the textual description of the vulnerability, vulnerability vectors are generated. The generated vulnerability vectors may represent a prediction of how a third party vulnerability scorer (e.g., US NVD) would score the identified vulnerability. | 2022-09-08 |
20220286476 | CROSS-CHANNEL NETWORK SECURITY SYSTEM WITH TIERED ADAPTIVE MITIGATION OPERATIONS - Embodiments of the invention are directed to a system, method, or computer program product for cross-channel network security with tiered adaptive mitigation operations. In this regard, the invention is structured for dynamic detection of security events associated with network devices and resources, and triggering real-time mitigation operations across a plurality of resource channels. The invention provides a novel method for employing activity data to construct and implement mitigation actions for de-escalating authorization tiers that are adapted to the specific attributes of the activity data, in order to prevent security exposure associated with the activity. Another aspect of the invention is directed to determining whether to continue the tiered adaptive mitigation actions and/or trigger a security proceed signal. | 2022-09-08 |
20220286477 | SYSTEM AND METHOD FOR IMPLEMENTING A BEHAVIOR DRIVEN ARCHITECTURE MODULE - Various methods, apparatuses/systems, and media for implementing a behavior driven architecture module is disclosed. A processor operatively connected to a database a communication network. The processor accesses the database to obtain patterns information data, data contracts information data, and dependencies information data associated with an application's architecture; implements a natural language processing algorithm to describe behavior of the application's architecture and to build a plurality of contexts data providing characteristics information related to each component of the application's architecture; implements a conversational artificial intelligence algorithm to receive input responses to fill in missing gaps corresponding to the application' architecture; integrates the received input responses with the patterns information data, data contracts information data, and dependencies information data associated with the application's architecture; and generates, in response to integrating, a graph having a unique shape that describes the characteristics information related to each component of the application's architecture. | 2022-09-08 |
20220286478 | METHODS AND SYSTEMS FOR HONEYFILE CREATION, DEPLOYMENT, AND MANAGEMENT - A method of automatically manipulating a lifecycle of a honeyfile on a file system, includes: implementing a learning algorithm on a file system; identifying a real file; training the learning algorithm by observing temporal events involving the real file; training a model with the learning algorithm; implementing a user agent on the file system; creating a honeyfile on the file system; deploying the honeyfile on the file system; using the trained model to generate user agent actions; evaluating the honeyfile; and either: deleting the honeyfile; or re-using the trained model to generate user agent actions to automatically modify the honeyfile. | 2022-09-08 |
20220286479 | DETERMINING REACHABILITY OF OBJECTS DEPLOYED IN A CLOUD ENVIRONMENT FROM TO EXTERNAL NETWORK - A method and system for determining reachability of objects deployed in a cloud environment to an external network is presented. The method includes identifying a plurality of network paths in the cloud environment, wherein each network path includes at least two objects deployed in the cloud environment; statistically analyzing each object in each respective network path to determine its reachability properties; analyzing the reachability properties determined for each object to determine if the respective object is reachable through its respective network path from at least a network external to the cloud environment; and saving each object together with its respective network path and reachability properties in a database. | 2022-09-08 |
20220286480 | SYSTEM AND METHOD FOR SPECIFYING AND MANAGING PREDEFINED POLICIES FOR CONTAINERIZED WORKLOADS - A method and system for specifying and managing pre-defined policies for containerized workloads is provided. The system includes policy management module for receiving updates from an application developer, a specification of the policy profile for a containerized application and an associated link element and storing the container image containing the link element associated with the policy profile in a container registry of a policy server; a profile handler module which detects and monitors events of containerized applications, detects a link element associated with policy profile, fetches containerized application with link element from container registry and transmits policy profile to a policy controller module; and a policy controller module which obtains recommended policies of policy profile from policy server or a static file, screens recommended policies, receives updates from a security administrator and updates recommended policies in accordance with updates, and sends recommended policies to profile handler module. | 2022-09-08 |
20220286481 | MANAGING ADMISSION OF UNRECOGNIZED DEVICES ONTO AN ENTERPRISE NETWORK - A threat management facility detects a device on an enterprise network and determines whether the device is one of a set of managed devices for the enterprise network. When the device is not one of the set of managed devices, the threat management facility may selectively direct the device to a portal that provides support to the user of the device while the device awaits admission to the enterprise network. As the user interacts with the portal, the portal may manage admission of unrecognized devices onto the enterprise network while making efficient use of network administrator resources. | 2022-09-08 |
20220286482 | DATA PROCESSING SYSTEMS AND METHODS FOR PERFORMING ASSESSMENTS AND MONITORING OF NEW VERSIONS OF COMPUTER CODE FOR COMPLIANCE - In various embodiments, a data map generation system is configured to receive a request to generate a privacy-related data map for particular computer code, and, at least partially in response to the request, determine a location of the particular computer code, automatically obtain the particular computer code based on the determined location, and analyze the particular computer code to determine privacy-related attributes of the particular computer code, where the privacy-related attributes indicate types of personal information that the particular computer code collects or accesses. The system may be further configured to generate and display a data map of the privacy-related attributes to a user. | 2022-09-08 |
20220286483 | DETERMINING A RISK PROBABILITY OF A URL USING MACHINE LEARNING OF URL SEGMENTS - Systems, methods, and apparatuses enable a machine learning model to determine a risk probability of a URL. A query configurator receives a URL in a query and normalizes the URL. The normalized URL is segmented into a plurality of segments. The plurality of segments is serially provided to the machine learning model trained to provide an indication of risk associated with the URL. The indication of risk associated with the URL can be a probability value based on one or more risk probabilities determined for segment-segment transitions of the URL. A security service compares the probability value of the URL to a threshold value and performs a security action based on a result of comparing the probability value to the threshold value. | 2022-09-08 |
20220286484 | RULES ENGINE FOR SELECTIVELY GRANTING ACCESS TO SECURED RESOURCES - Systems and methods for providing least privilege access to a resource within a secured server are disclosed. The systems and method can include receiving an access request from a client requesting access to the resource, the access request comprising a role or policy associated with the client and one or more actions associated with the resource. A rules engine can be initialized, the engine defining one or more rules usable by the system to determine whether the access request complies with a least privilege policy. The systems and method can analyze the role or policy and the access request with the rules engine to determine whether the access request complies with the least privilege policy. When the access request complies with the rules, access to the resource can be granted; when the access request does not comply with the rules, access to the resource can be denied. | 2022-09-08 |
20220286485 | METHOD AND APPARATUS FOR PROVIDING MEDIA RESOURCES IN A COMMUNICATION NETWORK - Aspects of the subject disclosure may include, for example, providing a request associated with a call session to a server, wherein the request includes capability information associated with user equipment. A codec is identified according to the capability information to obtain an identified codec, which facilitates media service to the user equipment. The media service is accessed from a media resource function, which in turn, is accessed by the server responsive to the identified codec. An operable resource identifier is identified responsive to a search of a codec table, wherein the server accesses the operable resource identifier associated with the media resource function from a domain name server responsive to the resource identifier not being available at the codec table. Other embodiments are disclosed. | 2022-09-08 |
20220286486 | METHOD AND SYSTEM FOR INTEGRATING INTERNET OF THINGS (IOT) DEVICES AND MOBILE CLIENT AUDIOVISUAL INTO A VIDEO CONFERENCING APPLICATION - A method, a server, and a non-transitory computer readable medium are disclosed for sharing content. The method includes running, on a server, a video conferencing application, the video conferencing application configured to share audiovisual content between one or more first devices and the server; establishing, on the server, a video conferencing session, the video conferencing session connecting a second device to the server; receiving, on the server, content from the second device; and sharing, by the server, the content received from the second device joining the video conferencing session as a new participant with the one or more first devices on the video conferencing application. | 2022-09-08 |
20220286487 | Method and System for Interactive Usage of Product or Service Cards Implemented in Real-Time Communication System - The present disclosure is directed to a system and method for a content display located in the chat messaging system. It facilitates communication between at least a first and a second user and further enables content sending in a more efficient and faster way. This disclosure enables users to work with complimentary and different real-time communication systems and enables the display of interactive elements presenting objects in an application. Such display may be personalized and lead to external sources like a web page or other catalog of data with further explanation necessary to purchase or order. Furthermore, the disclosure improves the storage of content that will be displayed upon a frequency of usage and distribute such storage upon two types of memory that communicate over the network. | 2022-09-08 |
20220286488 | SYSTEMS AND METHODS FOR MOVING CONTENT BETWEEN VIRTUAL AND PHYSICAL DISPLAYS - Systems, methods, and non-transitory computer readable media for transferring virtual content to a physical display device are disclosed. An extended reality environment may be presented in a room via a wearable extended reality appliance configured to be paired with multiple display devices located in the room. Each display device may be associated with a unique network identifier. Input to cause presentation of a specific virtual object in the extended reality environment on a target display device and image data depicting the target display device may be received. The image data may be analyzed to identify the target display device. A network identifier of the target display device may be determined. A communications link with the target display device may be established. Data representing the specific virtual object may be transmitted to the target display device, to enable the target display device to present the specific virtual object. | 2022-09-08 |
20220286489 | SYSTEM AND METHOD OF STREAMING CONTENT BETWEEN PEER DEVICES IN A BROADCAST ENVIRONMENT - A system is provided for streaming broadcast media content between peer devices in a media distribution network. The system includes a virtual router panel that includes a notification service controller that receives a data communication request from two or more peer devices and a data communication handshaking controller selects a delivery protocol between the two devices based on exchanging communication candidates that identify peer addresses. A media streaming tunnel generator establishes a streaming tunnel between the first device and the second device based on the respective delivery protocol selected by the data communication handshaking controller; and an encoder packetizes video, audio and ancillary grains directly as packets of the broadcast media content to be streamed directly from the first device to the second device via the established streaming tunnel without multiplexing. | 2022-09-08 |
20220286490 | VIDEO DELIVERY EXPEDITION SYSTEMS, MEDIA AND METHODS - The VIDEO DELIVERY EXPEDITION APPARATUSES, METHODS AND SYSTEMS (“VDE”) transform Internet content data access request via VDE components into media content playback at a client device. In one implementation, the VDE may issue a notification or a user interface element to a user after delivery of a process one data from the server to a client; and trigger a background delivery of a process two data, wherein the triggering occurs when the user initiates playback of said process one data. | 2022-09-08 |
20220286491 | METHOD FOR THE DIRECT RECORDING AND STREAMING OF AI GENERATED DIGITAL CONTENT FROM A PRODUCT APPARATUS ASSOCIATED WITH UNIQUE IDENTIFICATION - A method and apparatus for the direct streaming of video or audio generated using Artificial Intelligence Generative Adversarial Networks (GAN) via mobile devices, wearable devices and mobile networks using unique identification associated to a product apparatus is disclosed, capable of receiving a text or audio as primary information, and additional parameters such as video, audio and image for AI GAN algorithms processing, which uses Machine Learning, to create the A/VR video or audio output to be associated with product unique identification. The unique identifications used by this invention can be, but not limited to these types: ZARCode, NFT (Non-Fungible Token), Uniform Resource Locator (UIRL) and Uniform Resource Identifier (URI). The unique identification can be encoded on product apparatus using visible or concealed code technologies such as Barcode, QR Code, Datamatrix, Near Field Communication (NFC)) tags, ZARImage, and other technologies leveraging AI Intelligent Imaging Processing and Optical Character Recognition (OCR). | 2022-09-08 |
20220286492 | CONTENT DELIVERY SYSTEM, CONTENT DELIVERY METHOD, AND RECORDING MEDIUM RECORDING CONTENT DELIVERY PROGRAM - A content delivery system includes: a code generator that generates an information code associating identification information of a content with identification information of a display device playing the content; a content player that causes the display device to display the content and the information code; an information reader that reads the identification information of the content and the identification information of the display device from the information code displayed on the display device; a post processor that posts, to a message management server, post data including the identification information of the content and the identification information of the display device read by the information reader; and an effect measurement device that measures an effect of the content on the basis of information on the post data. | 2022-09-08 |
20220286493 | SYSTEMS AND METHODS FOR AUGMENTING ELECTRONIC CONTENT - Systems and methods for managing and processing multimedia content. Chat content from a chat session among users on a network is accessed, including at least an item of video chat content associated with a phone number of a chat participant. Location information associated with the chat content is determined. Chat content location information is compared with predefined location information associated with projects or activities to identify a corresponding matching project or activity. A multimedia document comprising chat content associated with the matching project or activity is generated, wherein the item of video chat content is displayed in association with a play control and in association with an identifier of the chat participant. The item of video chat content in the multimedia document may be played in response to a user activation of the play control. | 2022-09-08 |
20220286494 | Cached web probes for monitoring user experience - Techniques for using web probes for monitoring user experience including use of caching to prevent a surge of web probes on destination servers and for detecting web probe traffic through a proxy including where the traffic is encrypted. A method implemented by a proxy includes receiving a response to a first web probe to a destination server; caching data associated with the response to the first web probe in a cache; receiving a request for a second web probe to the destination server; and serving a response to the second web probe utilizing the data in the cache in lieu of forwarding the second web probe to the destination server. | 2022-09-08 |
20220286495 | Domain Name Query Method and Related Device - A domain name query method and a related device. The method includes: An HTTPDNS server receives an HTTP request packet sent by a terminal device; the HTTPDNS server constructs a DNS query packet based on the HTTP request packet, and sends the DNS query packet to an authoritative DNS server; receives a DNS reply packet sent by the authoritative domain name server; and constructs an HTTP reply packet based on the DNS reply packet, and sends the HTTP reply packet to the terminal device, where the HTTP reply packet carries the IP address of the to-be-accessed site. | 2022-09-08 |
20220286496 | APPLICATION SHARING METHOD, ELECTRONIC DEVICE AND COMPUTER-READABLE STORAGE MEDIUM - This application provides an application sharing method, an electronic device, and a computer-readable storage medium. The method includes: receiving target application identification information and target device information; displaying, in a case that a first electronic device is connected to a target electronic device corresponding to the target device information, a running interface of a target application in a virtual screen; and sharing the running interface of the target application displayed in the virtual screen with the target electronic device | 2022-09-08 |
20220286497 | Method for Handling of an Inbound SCTP Packet at an SCTP Load Balancer and Tunneling Methodology - Methods and systems for handling of an inbound Stream Control Transmission Protocol (SCTP) packet at an SCTP load balancer (SCTP LB) are described. In one embodiment a method includes receiving, at the SCTP LB, an SCTP packet; determining, by the SCTP LB, which tunneling mechanism to use for the SCTP packet; and tunneling the SCTP packet to a correct back-end server for further processing of the SCTP packet. | 2022-09-08 |
20220286498 | SERVICE REQUEST MESSAGE SENDING METHOD, DISTRIBUTED DATABASE ARCHITECTURE AND COMPUTER READABLE STORAGE MEDIUM - A service request message sending method, a distributed database architecture and a computer readable storage medium are disclosed. The method includes: receiving (S | 2022-09-08 |
20220286499 | APPARATUS AND METHOD FOR AUTOSCALING SERVICE SHARED IN CLOUD - Disclosed herein are an apparatus and method for autoscaling a service shared in a cloud. The apparatus may include memory in which at least one program is recorded and a processor for executing the program, and the program may perform autoscaling by which at least one second service for performing the same function as a first service is additionally generated or deleted depending on a load that is incurred when multiple clients call the first service in the cloud. The at least one second service may be set to one of two or more execution types having different response times depending on a response time required by each of the multiple clients. | 2022-09-08 |
20220286500 | METHODS AND APPARATUSES FOR TRANSMITTING MESSAGES - One or more embodiments of this specification provide methods and apparatuses for transmitting messages. A method includes: determining a blockchain message from two or more message queues stored in a relay node in a blockchain relay communication network based on a message transmission policy, the message transmission policy being configured to transmit blockchain messages in the blockchain relay communication network based upon a priority identifier representing a priority of a blockchain message to be transmitted in the blockchain relay communication network; obtaining identifier from the blockchain message, and determining one or more target blockchain nodes in the blockchain relay communication network corresponding to the identifier; determining a target relay node connected to the one or more target blockchain nodes in the blockchain relay communication network; and transmitting the blockchain message to the one or more target blockchain nodes through the target relay node. | 2022-09-08 |