| 47th week of 2021 patent applcation highlights part 71 |
| Patent application number | Title | Published |
|---|
| 20210367854 | METHOD FOR DATA COLLECTION USING MULTIPLE NETWORK DATA ANALYTICS FUNCTIONS DEVICE - A data collection method using a plurality of network data analytics function devices is disclosed. The data collection method may provide to a consumer NF device by discovering an NWDAF device associated with a target entity and acquiring data collected by the NWDAF device or analytics information that is a result of analyzing the data by the NWDAF device. | 2021-11-25 |
| 20210367855 | NETWORK-AWARE WORKLOAD MANAGEMENT USING ARTIFICIAL INTELLIGENCE AND EXPLOITATION OF ASYMMETRIC LINK FOR ALLOCATING NETWORK RESOURCES - Systems which support an asymmetric link define rules and policies in each individual physical layer. An asymmetric link is a physical layer with a different number of transmit versus receive lanes. Asymmetric links enable physical layers to optimize performance, power, and system resources based on the required data bandwidth per direction across a link. Modern applications exhibit large demands for high memory bandwidth, i.e., more memory channels and larger bandwidth per channel. The utilization data, patterns) of link usage, and/or patterns) of lane usage may be gathered to exploit the facilities provided by asymmetric links. An engine includes AI-fueled analytics to monitor, orchestrate resources, and provide optimal routing, exploiting asymmetric links, lane polarity, and enqueue-dequeue in a computing ecosystem. | 2021-11-25 |
| 20210367856 | METHOD AND SYSTEM FOR PROVIDING SEAMLESS DATA TRANSFER BETWEEN COMMUNICATION DEVICES - Disclosed herein is a method and a data transfer system for providing seamless data transfer between communication devices. Properties of data to be transferred, status of network parameters and power associated with the communication devices are monitored in real time. Further, communication protocols available at the communication devices and a need to switch between the communication protocols are determined. Splitting of the data into subsets of data and sequencing the subsets of data are performed using a neural network, which is trained based on properties of the data, data storage space of the communication devices, speed of data transfer and a communication channel available for the data transfer. The optimum communication protocols are identified based on order of priority value and contention value. The subsets of data are transferred using identified optimum communication protocols, until a change in the monitored status is detected to switch the optimum communication protocols. | 2021-11-25 |
| 20210367857 | Open-Source Architecture for Remote Physical or Remote Physical-Media Access Control Device - A remote node device including a hardware layer, a hardware abstraction layer, and a software stack operating on the hardware abstraction layer. The software stack including an open-source cloud-based operating system integrated with a service provider defined abstraction layer configured to coordinate functionality of the software stack, virtualized software components such as a virtualized Converged Cable Access Platform (vCCAP) implemented in docker containers where the vCCAP is configured to command and control the remote node device with respect to a customer premise equipment. The software layer of the remote node device includes different types of YANG data models for model-driven management and model-driven telemetry from the remote node device and a customer premise equipment to a service provider back-office system. | 2021-11-25 |
| 20210367858 | Information Processing Method in M2M and Apparatus - An information aggregation method includes receiving an aggregation resource creation request, determining an identifier of an aggregated resource and an aggregation manner according to the aggregation resource creation request, creating an aggregation resource according to the determined identifier of the aggregated resource and the determined aggregation manner, where an attribute of the aggregation resource includes the identifier of the aggregated resource and the aggregation manner, and performing information aggregation according to the created aggregation resource. | 2021-11-25 |
| 20210367859 | SYSTEM AND APPROACH FOR REMOTE ROOM CONTROLLER AND DEVICE DIAGNOSTICS AND HEALTH MONITORING - The disclosure reveals a system and approach for remote health monitoring and diagnostics of room controllers, networks and devices. A master room controller may be used to open a system health page or a diagnostic page for other controllers. A system health page may provide an overview of virtually all of the other room controllers. A tool of the present system may be used to trouble shoot issues remotely at another room controller in lieu of doing a visit to the respective room controller. A user may navigate from the system health page to virtually any place on the room controller to diagnose issues. The navigation may be done by hyper linking from the system health page. The healthy controllers may be hidden from the page so that the unhealthy systems can be viewed in one shot. | 2021-11-25 |
| 20210367860 | SYSTEM AND METHOD FOR DETERMINING SUBSCRIBER EXPERIENCE IN A COMPUTER NETWORK - A method for determining subscriber experience in a computer network including: defining a plurality of features influencing subscriber experience; initializing a weight for each of the features of the plurality of features; determining a feature value for at least one subscriber for each of the plurality of features; determining a subscriber score for the at least one subscriber based on the feature values and the weight of the feature; determining at least one subscriber with a subscriber score outside a predetermined threshold; and performing a subscriber response action for each subscriber with the subscriber score outside of the predetermined threshold. | 2021-11-25 |
| 20210367861 | Optimizing Communication in Distributed Computing Network - A computing system includes a distributed computing cluster including a plurality of computing nodes interconnected by an interconnect network over which the computing nodes of the plurality of computing nodes communicate with each other by passing messages. The computing nodes are configured with a first parameter governing transmissions of messages by the computing nodes over the interconnect network. The computing nodes are configured to accumulate messages for transmission as a group of messages according to the first parameter, and the computing system is configured to limit injections of computing requests into the distributed computing cluster according to a second parameter. A controller is configured to receive at least one predetermined service level requirement and to control a value of the second parameter and a value of the first parameter to control a computational throughput of the distributed computing cluster while complying with the at least one service level requirement. | 2021-11-25 |
| 20210367862 | PERSONALIZED SERVERLESS FUNCTIONS FOR MULTI-TENANT CLOUD COMPUTING ENVIRONMENT - A system and method are disclosed associated with a multi-tenant cloud computing environment. The system may receive information about a serverless function workload (e.g., a NodeJS, Java function or ABAP workload) to be launched in the cloud computing environment. A tenant associated with the serverless function workload to be launched may be identified and, based at least in part on the identified tenant, an objective function (e.g., throughput, latency, cost, etc.) for the serverless function workload to be launched may be identified. A recommendation service platform may then iteratively configure tuning parameters of the cloud computing environment using Bayesian optimization (e.g., to reach a global optimum using a Gaussian process) and the determined objective function. The system may then arrange for the serverless function workload to be executed in the cloud computing environment in accordance with the configured tuning parameters. | 2021-11-25 |
| 20210367863 | MANAGEMENT DEVICE AND NETWORK MANAGEMENT METHOD - [Problem] To improve performance of NS management. | 2021-11-25 |
| 20210367864 | CLOSED LOOP MONITORING BASED PRIVILEGED ACCESS CONTROL - In some examples, closed loop monitoring based privileged access control may include identifying a ticket that includes a specification of an incident that is to be remedied and determining an intent of the ticket. A privileged access command library may be analyzed to determine a plurality of privileged access steps that can be performed to remedy the incident. A source file associated with procedures that were performed to remedy the incident may be analyzed. A plurality of events may be identified using the source file and filtered based on the plurality of privileged access steps that can be performed to remedy the incident. At least one event that includes at least one other privileged access step that is not one of the plurality of privileged access steps that can be performed to remedy the incident may be identified, and instructions may be generated to remedy the identified event. | 2021-11-25 |
| 20210367865 | DISCONNECTION MONITORING TERMINATING DEVICE AND DISCONNECTION MONITORING METHOD - It is possible to appropriately avoid erroneous call disconnection between interconnected networks at a low cost without modifying an apparatus in the network. A disconnection monitoring termination apparatus | 2021-11-25 |
| 20210367866 | DEVICES, SYSTEMS AND METHODS FOR WIRELESS COMMUNICATION SYSTEM EMPLOYING OVERLAPPING FREQUENCY BANDS - According to embodiments, methods, devices and systems can include monitoring all of a first channel for a first monitoring period. After the first monitoring period, monitoring at least one narrow band for at least a first narrow band signal. In response to detecting the first narrow band signal, establishing a network connection over the narrow band, wherein the at least one narrow band has a frequency range less than one half that of the first channel. | 2021-11-25 |
| 20210367867 | SEGMENTED TRACEROUTE FOR SEGMENT ROUTING TRAFFIC ENGINEERING - Techniques are described for selectively pinging certain devices along a segment routing label switched path (LSP) to detect failures in the segment routing LSP. For example, an ingress device comprises one or more processors operably coupled to a memory that are configured to: in response to a request to verify connectivity of a segment routing LSP, configure a FEC stack specifying a stack of segment routing labels for the segment routing LSP; for each of the one or more devices identified from the FEC stack: generate a respective MPLS connectivity request packet for a respective device identified from an outermost FEC of the FEC stack; send the MPLS connectivity request packet to the respective device; receive an MPLS connectivity response packet that verifies connectivity of the respective device; and in response, update the FEC stack by removing the outermost FEC of the FEC stack that identifies the respective device. | 2021-11-25 |
| 20210367868 | INTELLIGENT SERVERLESS FUNCTION SCALING - A plurality of serverless function invocations are received. A quantity of serverless function invocations of the plurality of serverless function invocations that corresponds to a particular type of serverless function invocation are determined. A number of serverless functions are scaled at a determined rate in view of the quantity of serverless function invocations corresponding to the particular type of serverless function invocation. | 2021-11-25 |
| 20210367869 | DETECTION BLOCK SENDING AND RECEIVING METHOD, AND NETWORK DEVICE AND SYSTEM - This application provides example detection block sending and receiving methods, and network devices and systems. One example detection block sending method includes obtaining, by a network device, an original bit block data flow. At least one detection block is generated, and the at least one detection block is inserted into a position of at least one idle block in the original bit block data flow. The bit block data flow including the at least one detection block is then sent. | 2021-11-25 |
| 20210367870 | METHOD, APPARATUS AND SYSTEM FOR DIAGNOSING NETWORK PERFORMANCE - An aspect of the present disclosure discloses a method for diagnosing a network performance in an apparatus for diagnosing network performance connected to a switching device provided between a first entity and a second entity. The method may include: obtaining at least one mirrored packet for at least one packet transmitted between the first entity and the second entity based on mirroring from the switching device, calculating performance related indicator representing performance of a network service associated with the first entity and the second entity based on at least a part of information included in the at least one mirrored packet, and storing the calculated performance related indicators. | 2021-11-25 |
| 20210367871 | SYSTEMS AND METHODS FOR UTILIZING A NEURAL NETWORK MODEL TO PERFORM PACKET CAPTURE DATA ANALYSIS - A device may receive packet data identifying packets exchanged between client devices via a network of network devices. The device may classify the packet data based on timestamps and protocols associated with the packets and to generate classified packet data. The device may group the classified packet data into packet data sets corresponding to packet flows between pairs of the client devices. The device may select a packet data set, from the packet data sets, based on one or more filtering criteria. The device may process the packet data set to determine whether the packet data set is associated with one or more problem packets. The device may perform one or more actions based on determining whether the packet data set is associated with one or more problem packets. | 2021-11-25 |
| 20210367872 | ENHANCED FRAME EXCHANGE AND MULTI-LINK DEVICE MESSAGING FOR SECURE COMMUNICATIONS - This disclosure describes systems, methods, and devices related to enhanced frame exchange. A device may generate a first subset of a plurality of fields, wherein the first subset is mandatory in a probe request frame. The device may generate a second subset of the plurality of fields, wherein the second subset is optional in the probe request frame regardless of capability information of the device. The device may generate the probe request frame comprising the first subset and the second subset. The device may cause to send the probe request frame to an access point (AP) device. | 2021-11-25 |
| 20210367873 | INTERSPERSED MESSAGE BATCHING IN A DATABASE SYSTEM - A message batching configuration may be determined for transmitting a message to recipients. The message batching configuration may include two or more message batches, a respective recipient count for each message batch, a respective time delay between each message batch, and a performance metric for evaluating the message. The message is transmitted in accordance with the message batching configuration. The transmission of subsequent message batches is halted when it is determined that the designated performance metric fails to meet a designated performance metric threshold. | 2021-11-25 |
| 20210367874 | INSPECTING NETWORK PERFORMANCE AT DIAGNOSIS POINTS - A data-driven approach to network performance diagnosis and root-cause analysis is presented. By collecting and aggregating data attribute values across multiple components of a content delivery system and comparing against baselines for points of inspection, network performance diagnosis and root-cause analysis may be prioritized based on impact on content delivery. Recommended courses of action may be determined and provided based on the tracked network performance analysis at diagnosis points. | 2021-11-25 |
| 20210367875 | ANOMALY DETECTION METHOD AND STORAGE MEDIUM - An anomaly detection method executed by a computer, the anomaly detection method includes identifying, for each of target periods, a prediction value to be a reference for determining whether an anomaly occurs in the target period; identifying a corrected prediction value acquired by correcting the prediction value of a first target period based on the prediction value and a measured values of a second target period before the first target period; setting one of the prediction value and the corrected prediction value corresponding to the first target period as an upper limit value and the other as a lower limit value; and determining whether the anomaly occurs in the first target period by using a reference defined by the upper limit value and the lower limit value. | 2021-11-25 |
| 20210367876 | RADIO NETWORK NODE, USER EQUIPMENT (UE) AND METHODS PERFORMED IN A WIRELESS COMMUNICATION NETWORK - Embodiments herein relate to, e.g., a method performed by a user equipment, UE, for handling signal measurements. The UE determines whether one or more conditions are fulfilled for indicating that a radio condition is below a certain level. In response to determining that one or more conditions are fulfilled and thereby indicating the radio condition is below a threshold, the UE transmits a report with restricted content. | 2021-11-25 |
| 20210367877 | FILE CONTROL FOR DATA PACKET ROUTERS USING CONSENSUS AND INTER-PLANETARY FILE SYSTEM (IPFS) - Packet routers route data packets based on existing topology files. The packet routers hash the existing topology files into content-addressed objects and exchange the content-addressed objects. One of the routers modifies its topology file into a new topology file, hashes the new topology file into a new content-addressed object, and transfers the new content-addressed object to the other packet routers. The packet routers exchange the content-addressed objects, and in response, exchange the topology files. The routers establish a consensus on the new topology file based on the existing topology files. The one packet router routes additional data packets based on the new topology file in response to the consensus. In some examples, the content-addressed objects comprise Inter-Planetary File System (IPFS) objects. | 2021-11-25 |
| 20210367878 | VINE: ZERO-CONTROL ROUTING USING DATA PACKET INSPECTION FOR WIRELESS MESH NETWORKS - A MANET protocol, comprising: receiving a data packet (DP) from a current sender (CS) by a recipient, defining: an identity of the CS, a prior sender (PS) from which CS received DP, and a target recipient (ID), a count (HC) of hops previously traversed by DP, and a sequence identifier (SI); updating a forwarding table (FT) to mark CS as being reachable in one hop, and PS as being reachable in two hops via CS as next hop; determining if ID is the recipient; determining whether to rebroadcast by recipient, if and only if the SI is not present in a list of prior SIs; and selectively rebroadcasting DP by recipient in dependence on said determining, modified by: replacement of CS with an identity of the recipient, PS with CS, and ID with a next hop from the FT if present, and incrementing HC. | 2021-11-25 |
| 20210367879 | PER-PROVIDER ORIGIN PULL - Systems, methods, and software are disclosed herein for routing in-bound communications to an infrastructure service. In an implementation, an infrastructure service receives a request from an end point for content associated with an origin. The service sends a connection request to the origin from an initial network address. After detecting a failure of the origin to respond to the connection request, the service sends multiple connection requests to the origin from different network addresses. Upon receiving one or more replies to the connection requests, the service identifies which reply was received first and a network address to which the reply was sent. The service proceeds to establish a connection with the origin using the identified network address and obtains the content from the origin over the connection. The infrastructure service may then send the content to the end point. | 2021-11-25 |
| 20210367880 | NETWORK FAULT LOCATING METHOD AND APPARATUS - This application provides a network fault locating method and apparatus in an IP network. In this solution, a router automatically reports status information, and a controller determines, based on the status information, whether a communication path is faulty. If a fault exists, the controller may indicate a router on the communication path to perform fault locating. The fault locating can be completed without waiting for manual intervention, so that operation and maintenance efficiency in the IP network is improved. After completing the fault locating, the router reports location information of a fault point to the controller, and the controller may perform troubleshooting at the fault point, so that the fault can be quickly rectified. | 2021-11-25 |
| 20210367881 | Dynamic Multihoming Management System for Reliable Data Transmission in a Robotic System - A dynamic multihoming management system for reliable data transmission in a robotic system. The system maintains links for data transmission between nodes. Data is categorized into different classes each associated with a set of requirements for data transmission. A first data class is functional safety data associated with a first set of requirements including a latency level below a first threshold. A second data class is associated with a second set of requirements. The system determines a set of links that satisfy the first set and the second set of requirements and selects a link as an active link to transmit data. The system monitors link status by calculating fitness metrics using different combination of factors for each class of data. Responsive to detecting a degradation in quality of the active link, the system determines to select a new active link for transmitting the safety data based on fitness metrics. | 2021-11-25 |
| 20210367882 | DEVICES AND METHOD FOR CONTROLLING NETWORK ROUTING CONFIGURATIONS - A device for controlling network routing configurations is configured to obtain a predicted traffic matrix and a plurality of traffic matrices, and to determine, from a plurality of clusters, arranged in a hierarchical structure over the predicted traffic matrix and the plurality of traffic matrices, a first cluster allocated to a lower hierarchy level that contains the predicted traffic matrix. Each of the clusters is associated with a routing configuration, and the plurality of clusters are allocated to at least two different hierarchy levels. The device selects, from the plurality of clusters, a second cluster allocated to a higher hierarchy level that includes at least the first cluster and a third cluster allocated to the lower hierarchy level that contains a current traffic matrix, determine a second routing configuration associated with the second cluster; and activate the second routing configuration as a network routing configuration. | 2021-11-25 |
| 20210367883 | BITMASK ROUTE TARGET IN TARGETED DISTRIBUTION OF INFORMATION USING A ROUTING PROTOCOL - Techniques are described by which a routing protocol, such as border gateway protocol (BGP), is extended to control propagation and importation of information using route targets (RTs) specified as bitmasks that encode link administrative group information. For example, a network control device (e.g., controller) is configured to allocate one or more subset of resources (e.g., nodes or links) of an underlay network to each of one or more virtual networks established over the underlay network. The controller generates a bitmask encoded with link administrative group information of the one or more links. The controller then outputs, to a plurality of provider edge (PE) routers that are participating in a respective virtual network, a routing protocol message to advertise the one or more subset of resources, wherein the routing protocol message includes a route target specified as the bitmask. | 2021-11-25 |
| 20210367884 | SUPPORT FOR MULTIPLE VIRTUAL NETWORKS OVER AN UNDERLAY NETWORK TOPOLOGY - Techniques are described for supporting multiple virtual networks over an underlay network. The techniques may provide support for network slicing and enhanced virtual private networks (VPNs) over an underlay network. In general, the techniques include allocating a subset of resources (e.g., nodes and/or links) of the underlay network to a particular virtual network, and advertising the subset of resources to provider edge (PE) routers that are participating in the virtual network. A network controller device may advertise the subset of resources for the virtual network to the respective PE routers using BGP-LS (Border Gateway Protocol-Link State). Based on the advertisements, each of the PE routers generates a restricted view of the full underlay network topology for the virtual network and, thus, only uses the subset of resources in the restricted view to generate routing and forwarding tables for the virtual network. | 2021-11-25 |
| 20210367885 | ANOMALY FLOW DETECTION DEVICE AND ANOMALY FLOW DETECTION METHOD - An anomaly flow detection device and an anomaly flow detection method thereof are provided. The device can retrieve a plurality of training data transmitted between a monitored network and an external network, preprocess a plurality of packet headers of the pluralities of training data to obtain a plurality of training feature vectors, construct a flow recognition model with an unsupervised learning method, input the pluralities of training feature vectors to the flow recognition model to train the flow recognition model, retrieve a plurality of testing data transmitted between the monitored network and the external network, preprocess a plurality of packet headers of the pluralities of testing data to obtain a plurality of testing feature vectors, input the pluralities of testing feature vectors to the flow recognition model to identify whether the pluralities of packet headers of the pluralities of testing data are normal or abnormal, and determine the flow of the monitored network is abnormal according to the recognition result of the flow recognition model. | 2021-11-25 |
| 20210367886 | PHYSICAL LAYER PREAMBLE DESIGN - This disclosure provides methods, devices and systems for generating packet preambles. Some implementations more specifically relate to preamble designs that support gains in data throughput achievable in accordance with the IEEE 802.11be amendment, and future generations, of the IEEE 802.11 standard. Among other examples, the preamble designs of the present implementations may allow for more reliable packet detection, more accurate channel estimation, and more robust decoding of signal field (SIG) symbols. Additionally, or alternatively, the preamble designs of the present disclosure may be implemented with different lengths, modulation schemes, or transmit power compared to preamble designs that conform to existing versions of the IEEE 802.11 standard. | 2021-11-25 |
| 20210367887 | FLOW CLASSIFICATION APPARATUS, METHODS, AND SYSTEMS - Apparatus, methods, and systems for tuple space search-based flow classification using cuckoo hash tables and unmasked packet headers are described herein. A device can communicate with one or more hardware switches. The device can include memory to store hash table entries of a hash table. The device can include processing circuitry to perform a hash lookup in the hash table. The lookup can be based on an unmasked key include in a packet header corresponding to a received data packet. The processing circuitry can retrieve an index pointing to a sub-table, the sub-table including a set of rules for handling the data packet. Other embodiments are also described. | 2021-11-25 |
| 20210367888 | SYSTEMS AND METHODS FOR CONGESTION CONTROL IN AN INTEGRATED ACCESS AND BACKHAUL NETWORK - An intermediate IAB node may determine whether congestion data satisfies a first threshold and may provide the congestion data to a parent IAB node when the congestion data satisfies the first threshold to cause the parent IAB node to apply local congestion control. | 2021-11-25 |
| 20210367889 | Method for Utilization-based Traffic Throttling in a Wireless Mesh Network - A system and method for managing congestion in a multi-hop wireless network, employing congestion notification messages. The technology has three main components: a mechanism at the Medium Access (MAC) layer for determining when a given source or transit node is deemed congested; a mechanism at the Network Layer (NL) determining how to propagate this information to applications, including suitably combining overload indications received from neighbors; and a mechanism at the Transport Layer (TL) of each source of traffic for determining when a source is generating excessive traffic, and combining it with Medium Access Control (MAC)-based overload indication from downstream nodes, thus providing a multi-layer approach to traffic throttling. | 2021-11-25 |
| 20210367890 | System and Method for LACP Enhancements - A method, computer program product, and computer system for splitting, by a computing device, a plurality of physical Ethernet ports into at least two logical devices, wherein the at least two logical devices may have different media access control (MAC) addresses. A first device of the at least two logical devices may be used in an independent mode. A second device of the at least two logical devices may be used as a slave interface. A selective bypass schema may be executed for traffic on the plurality of physical Ethernet ports. | 2021-11-25 |
| 20210367891 | DYNAMIC OUTROUTE LOAD BALANCING AND MULTICAST - An apparatus, system, and method for balancing traffic loads on beam outroutes that contain both multicast and unicast traffic. An outroute is designated for supplying at least multicast traffic within a beam of a satellite communication system. Terminals interested in receiving the multicast traffic are moved to the designated outroute. Traffic loads on all outroutes within the beam, including the designated outroute, are compared to determine if variations in the traffic loads exceed a predetermined threshold. A load balancing routine is performed to redistribute the traffic loads on all outroutes, while excluding any terminal that is actively receiving the multicast traffic from the load balancing routine. | 2021-11-25 |
| 20210367892 | SYSTEM AND METHOD FOR SERVICE LEVEL AGREEMENT ASSURANCE IN TRANSPORT DOMAIN - A method, a system, and a non-transitory storage medium are described in which an adaptive packet scheduling and policy service is provided. The adaptive packet scheduling and policy service may provide adaptive packet scheduling in a transport domain of a network based on adaptive packet scheduling policies and network information. The adaptive packet scheduling and policy service may be applied to assured network services. The adaptive packet scheduling and policy service may also provide transport domain budgeting based on service level agreement violations associated with transport devices in the transport domain. | 2021-11-25 |
| 20210367893 | SETTING DEVICE, PARAMETER SETTING METHOD, AND STORAGE MEDIUM STORING PROGRAM - A setting device to set a parameter for transmission queues at an Ethernet switch, the setting device including a processor. The processor is configured to assign associations between an attribute associated with a transmission frame and a plurality of the queues having different priorities, set a parameter for a high priority queue having a priority equal to or higher than a threshold based on an adverse condition transmission schedule having transmission timings less desirable than those of a preset transmission schedule, and set a parameter for a low priority queue having a priority of less than the threshold using processing that is different from processing for setting the parameter for the high priority queue. | 2021-11-25 |
| 20210367894 | TRAFFIC DETECTION METHOD, APPARATUS, AND SYSTEM - A traffic detection method, apparatus, and system are provided. A first network device obtains a packet, where the packet is any packet of the traffic. The first network device adds a detection flag and detection indication information to the packet to update the packet, where the detection flag is used to indicate a position of the detection indication information, where the detection indication information includes a first flag, and the first flag is used to indicate whether the traffic is to-be-detected traffic. The first network device sends an updated packet to a second network device. According to this method, traffic performance is detected, and flexibility and extensiveness of traffic performance detection are improved. | 2021-11-25 |
| 20210367895 | METHOD AND MODULE OF PRIORITY DIVISION AND QUEUE SCHEDULING FOR COMMUNICATION SERVICES IN SMART SUBSTATION - A method for dividing communication services in smart substation into different priorities, the method including: determining the priority of a message to be sent according to the service type and its priority definition; the communication services includes trip message, state change message, sampled value message, device status message, time synchronization message, and file transfer message; the corresponding priority is respectively defined as 7, 6, 5, 4, 3, 1; and filling the user priority field of IEEE802.1Q label in a message header with a binary value corresponding to its priority. | 2021-11-25 |
| 20210367896 | Service Packet Processing Method, Apparatus, and System - A service packet processing method, apparatus, and system, the method including receiving, by a first network device, a first packet, where the first packet includes a first service path identifier, and the first service path identifier indicates a first service path for transmitting the first packet, generating, by the first network device, a second packet based on the first packet, where the second packet includes a second service path identifier indicating a second service path, and the second service path identifier is different from the first service path identifier, and sending, by the first network device, the second packet via the second service path. | 2021-11-25 |
| 20210367897 | ROUND-TRIP TIME SIGNALING - Various aspects of the present disclosure generally relate to wireless communication. In some aspects, a first wireless node may receive, from a second wireless node, a round-trip time timing advance indicator, wherein the round-trip time timing advance indicator is different from a timing advance indicator used for an uplink transmission timing advance message. In some aspects, the first wireless node may synchronize a timing configuration of the first wireless node to at least one of the second wireless node or a third wireless node based at least in part on the round-trip time timing advance indicator. Numerous other aspects are provided. | 2021-11-25 |
| 20210367898 | METHOD AND SYSTEM FOR PRIORITIZING NETWORK TRAFFIC DATA UNITS - In general, the embodiments relate to systems and methods for receiving and processing network traffic data units (NTDUs) by one or more edge devices in order to generate a global ordering of NTDU. | 2021-11-25 |
| 20210367899 | METHOD AND APPARATUS FOR PROCESSING DATA IN WIRELESS COMMUNICATION SYSTEM - A terminal and a method are provided. A radio link control (RLC) packet data unit (PDU) associated with a bearer is received. It is identified whether an RLC service data unit (SDU) obtained from the RLC PDU is complete or a segment. In case that an out of order delivery is configured for an RLC entity associated with the bearer, and that the first RLC SDU is complete, a first RLC SDU acquired from the RLC PDU is transferred from the RLC entity to a packet data convergence protocol (PDCP) entity regardless of an order of a sequence number of the RLC PDU. A reordering function is performed based on a PDCP PDU obtained from the first RLC SDU, in case that the PDCP entity is associated with the RLC entity configured with the out of order delivery. Another RLC PDU associated with the bearer is received. | 2021-11-25 |
| 20210367900 | ORDERED SETS FOR HIGH-SPEED INTERCONNECTS - A system and apparatus can include a port for transmitting data; and a link coupled to the port. The port can include a physical layer device (PHY) to decode a physical layer packet, the physical layer packet received across the link. The physical layer packet can include a first bit sequence corresponding to a first ordered set, and a second bit sequence corresponding to a second ordered set, the first bit sequence immediately adjacent to the second bit sequence. The first ordered set is received at a predetermined ordered set interval, which can occur following a flow control unit (flit). The first ordered set comprises eight bytes and the second ordered set comprises eight bytes. In embodiments, bit errors in the ordered sets can be determined by checking bits received against expected bits for the ordered set interval. | 2021-11-25 |
| 20210367901 | DETECTING FAULTY RESOURCES OF A RESOURCE DELIVERY SYSTEM - One example disclosed method involves a computing system determining that a first shared computing resource, included among a plurality of shared computing resources managed by a controller, is potentially faulty. The system may configure the controller to identify the first shared computing resource with a tag, the tag configured to cause the controller, in response to a client requesting the controller for access to a first application, to assign the first shared computing resource to deliver the first application to the client. The system may instruct the client to request the controller for access to the first application. The system may determine that the first shared computing resource is faulty based on the client being unable to access the first application at a time of application of the tag to the first shared computing resource. The system may take a corrective action with respect to the first shared computing resource. | 2021-11-25 |
| 20210367902 | METHOD AND DEVICES FOR DOMAIN NAME BANDWIDTH ADJUSTMENT - The present disclosure provides a method and related devices for domain name bandwidth adjustment. The method includes: receiving domain name bandwidth information reported by each on-site bandwidth management server and based on the domain name bandwidth information, determining a target domain name having the domain name bandwidth exceeding a specified bandwidth threshold; determining a to-be-adjusted bandwidth corresponding to the target domain name, and allocating the to-be-adjusted bandwidth among a plurality of sites; determining a bandwidth control threshold of the target domain name for the corresponding site; and generating a flow control instruction containing the bandwidth control threshold, and sending the generated flow control instruction to the on-site bandwidth management server at the corresponding site, where the on-site bandwidth management server adjusts the domain name bandwidth of the target domain name in each node server at the site. | 2021-11-25 |
| 20210367903 | SYSTEMS AND METHODS FOR GENERATING NETWORK FLOW INFORMATION - A packet forwarding network may include switches that forward network packets between end hosts. A monitoring network may be coupled to the forwarding network. A controller may control switches in the monitoring network to forward network packets tapped from the forwarding network to network flow information generation circuitry. The controller may provide configuration information such as record description information to the network flow information generation circuitry. Based on the configuration information, the network flow information generation circuitry may dynamically generate instructions that generate network flow information records. A set of network flow information records may be stored in a repository at the network flow information generation circuitry. The repository may include hash values associated with each of the stored network flow information records. By dynamically generating instructions to populate network flow information records, extraneous generalized instructions may be omitted and network flow information may be more efficiently generated. | 2021-11-25 |
| 20210367904 | PROCESSING DATA USING REMOTE NETWORK COMPUTING RESOURCES - Embodiments include methods for managing the processing of data and performing computing tasks of a wireless device using computing resources of a remote network computing device. A wireless device and a network computing device may dynamically track factors affecting a round-trip latency of a computing task. The wireless device and the network computing device may generate and send metadata including the factors and a latency budget for the computing task. The wireless device and the network computing device may adjust a processing time for processing data related to the computing task based the received metadata and the latency budget. | 2021-11-25 |
| 20210367905 | SPECULATIVE RESOURCE ALLOCATION FOR ROUTING ON INTERCONNECT FABRICS - Methods and systems related to speculative resource allocation for routing on an interconnect fabric are disclosed herein. One disclosed method includes speculatively allocating a collection of resources to support a set of paths through an interconnect fabric. The method also includes aggregating a set of responses from the set of paths at a branch node on the set of paths. If a resource contention is detected, the set of responses will include an indicator of a resource contention. The method will then further include transmitting, from the branch node and in response to the indicator of the resource contention, a deallocate message downstream and the indicator of the resource contention upstream, and reallocating resources for the multicast after a hold period. | 2021-11-25 |
| 20210367906 | CONVERGED NETWORK INTERFACE CARD, MESSAGE CODING METHOD AND MESSAGE TRANSMISSION METHOD THEREOF - The invention provides a converged network interface card, a message coding method and a message transmission method thereof. The converged network interface card comprises a PCIE host interface processing module, a high speed network card core logic, a crossbar switch XBAR, an Ethernet network card core logic, an Ethernet message dicing/slicing module, a physical layer, a high speed network/Ethernet message conversion module EoH, and a high speed network/Ethernet configurable network port. The invention supports customized high speed interconnection interface and a standard Ethernet interface on a set of network hardware, and supports three working modes on a set of physical hardware (high speed network mode, Ethernet mode and EoH mode transmitting Ethernet messages over the high speed network), implements seamless compatibility between the high speed network/Ethernet, and flexibly supports multimode applications such as scientific computing and cloud computing. | 2021-11-25 |
| 20210367907 | SWITCH IDENTIFICATION METHOD AND NON-TRANSITORY COMPUTER-READABLE RECORDING MEDIUM - A switch identification method in by a computer includes sending a first packet to a first virtual switch emulating a first physical switch, and identifying a second virtual switch that is an allocation destination to which the first virtual switch allocates the first packet, and referring, to a storage unit that stores a switch correspondence information that associates a second physical switch that is an allocation destination of the first physical switch with the second virtual switch, and identifying the second physical switch that is the allocation destination to which the first physical switch allocates a second packet emulated by the first packet. | 2021-11-25 |
| 20210367908 | Wide Elastic Buffer - A receiving device uses an elastic buffer that is wider than the number of data elements transferred in each cycle. To compensate for frequency differences between the transmitter and the receiver, the transmitting device periodically sends a skip request with a default number of skip data elements. If the elastic buffer is filling, the receiving device ignores one or more of the skip data elements. If the elastic buffer is emptying, the receiving device adds one or more skip data elements to the skip request. To maintain the ordering of data despite the manipulation of the skip data elements, two rows of the wide elastic buffer are read at a time. This allows construction of a one-row result from any combination of the data elements of the two rows. The column pointers are adjusted appropriately, to ensure that they continue to point to the next data to be read. | 2021-11-25 |
| 20210367909 | INTELLIGENT MESSAGE PROCESSING SYSTEM - An intelligent message processing system includes: a service provider server configured to generate and send a message related to a customer service; a user terminal configured to receive a beginning message from the service provider server, make the beginning message pop up based on user situation information, and perform automatic dialogue through an interactive application program interface (API) when a message is received from an intelligent proxy server after the user selects the beginning message; and an intelligent proxy server configured to act as a proxy for processing the message related to the customer service instead of the service provider server through the interactive API by communicating with the user terminal, receive an additional/following-up service message about the user from the service provider server, and perform automatic dialogue with the user terminal through the interactive API based on the additional/following-up service message when the user selects the beginning message. | 2021-11-25 |
| 20210367910 | Method and System of Converting Email Message to AI Chat - Embodiments disclosed herein generally relate to a system and method for initiating an interactive chat via HTTP request. A web server of an organization computing system receives the HTTP request from a web client executing on a remote client. The HTTP request is triggered by a selection of a dialogue request embedded in an electronic mail message. The web server transmits an API call to a back-end computing system of the organization computing system based on information included in the HTTP request. The back-end computing system parses the API call to identify a user identifier corresponding to a user of the remote client device and a request identifier corresponding to the selected dialogue request embedded in the electronic mail message. The back-end computing system initiates the interactive chat via a text-based communication channel. The back-end computing system generates and transmits an electronic message comprising a response to the dialogue request. | 2021-11-25 |
| 20210367911 | METHODS, SYSTEMS, AND MEDIA FOR GENERATING CONTEXTUALLY RELEVANT MESSAGES - Methods, systems, and media for generating contextually relevant messages are provided. In some embodiments, a method for generating contextually relevant messages is provided, the method comprising: requesting content from a content source; receiving a content item; causing the content item to be presented using a display device; causing an endorsement indication corresponding to an endorsing user to be concurrently presented with the content item, wherein a user associated with the request for content and the endorsing user are social connections; receiving user input selecting the endorsement indication; causing a temporary messaging interface including a temporary message from the user to the endorsing user to be presented; causing a permanent message to be created based on the temporary message and received user input; and causing the permanent message to be presented to the endorsing user. | 2021-11-25 |
| 20210367912 | SYSTEM AND METHOD FOR REGULATING ELECTRONIC MESSAGE TRANSMISSIONS - Systems and methods for regulating electronic messages transmissions. A message delay system is disposed between one or more first entities and a second entity within at least one network. Electronic messages are received from among at least one the first entities and the second entity at one or more message arrival times. A message delay component applies a delay to each received electronic message, based on a predefined delay time common to all of the first entities and a first entity delay offset associated with a first entity that is associated with the received message. The first entity delay offset is based on a geographical origin of the first entity relative to a geographical origin of the second entity. Each delayed message is transmitted to a designated recipient via the network, where the designated recipient is among the second entity and the first entities. | 2021-11-25 |
| 20210367913 | Systems and Methods for Triggering Redisplay of a Postponed Message - A method of postponing an electronic message is performed at a computing device having one or more processors and memory. The memory stores one or more programs configured for execution by the one or more processors. The device displays a first electronic message for a user of the computing device and receives user input to postpone the first electronic message. In response to the user input, the device displays a plurality of postponement locations in a user interface window and receives user selection of a postponement location from the displayed plurality of postponement locations. The device then inhibits display of the first electronic message at the computing device. When it is subsequently determined that the computing device is at the first postponement location, the device redisplays the first electronic message. | 2021-11-25 |
| 20210367914 | FEATURED CONTENT COLLECTION INTERFACE - Systems and methods are provided for receiving a first plurality of media content items during a first time interval, identifying, from the first plurality of media content items, a first subset of media content items based on a first characteristic, and identifying, from the first subset of media content items, a second subset of media content items based on a second characteristic. The systems and methods are also provided for generating a first sequenced content collection including the first subset and the second subset and causing a first content collection interface to be displayed by the first computing device, the first content collection interface comprising the first sequenced content collection. | 2021-11-25 |
| 20210367915 | SYSTEM AND METHOD OF RECEIVING, MANAGING, CONTROLLING, SAVING AND SHARING INFORMATION CONTENT OF SOCIAL MEDIA PLATFORMS AND OTHER APPLICATIONS - A system and method for aggregating content, social sharing and instant messaging of saved electronic content to a memory location includes an administrator for controlling and allocating storage quota, based on a subscription type of one or more users. The user receives the electronic content on his computing device by selecting a text from the electronic content or the user can select the document by pressing the copy menu, which causes a pop-up user interface. The user can save the electronic content in one click directly on the user device or to a server as well as collaborate on the instant messaging platform to chat or share electronic content with other users. | 2021-11-25 |
| 20210367916 | PHYSICAL SERVICE COMMUNICATION PROXY DOMAIN - Systems, methods, apparatuses, and computer program products for implementing a physical service communication proxy domain A method may include interconnecting a first network element with one or more service communication proxy domains, each associated with one or several internet protocol addresses or fully qualified domain names used for the interconnection. The method may also include registering the first network element with a network repository function by sending a service operation to the network repository function. Further, the service operation may include profile information of the first network element. In addition, the profile information may include one or more service communication proxy domains, each associated with one or several internet protocol addresses or fully qualified domain names. | 2021-11-25 |
| 20210367917 | DOMAIN NAME BASED VANITY TELEPHONE NUMBER ASSIGNED TO A DOMAIN NAME REGISTRANT - A method for a domain name registrar to assign one or more customized vanity phone numbers to a domain name registrant is provided. The domain name registrar may register a domain name to a domain name registrant. The domain name registrar may determine tokens (words or acronyms) from, as non-limiting examples, the domain name, WHOIS data for the domain name, and/or data from a website pointed to by the domain name and/or operated by the domain name registrant. Using the tokens, the domain name registrar may generate a plurality of vanity phone numbers and determine which of those are available. The domain name registrar may present the available vanity phone numbers to the domain name registrant for assignment to the domain name registrant. | 2021-11-25 |
| 20210367918 | USER PERCEPTIBLE INDICIA FOR WEB ADDRESS IDENTIFIERS - A security enhancement technique provides users of an application program with a perceptible cue, such as a visual or audible indication, that a domain and/or link is safe according to a list of safe domains/sites and links. Each identified domain and/or link is compared with domains and/or links defined in a trusted list. The trusted list is maintained by an enterprise system administrator or is provided via an internet browser program. Advantages of this technique are that the user can easily identify domain names that are trusted and does not need to examine each URL path to determine whether or not the domain and/or link is safe. Users may be motivated to scrutinize domains and/or links that are not indicated to be trusted, reducing security breaches. | 2021-11-25 |
| 20210367919 | CENTRALIZED REQUEST VALIDATION - Systems and techniques that facilitate centralized request validation are provided. In various embodiments, a central validation server can comprise an input component. In various cases, the input component can receive a validation instruction from a gateway service. In various aspects, the validation instruction can be based on a request received by the gateway service from a client. In various instances, the request can be handleable by an operational flow path through a plurality of domain services that are downstream of the gateway service. In various embodiments, the central validation server can comprise a central validation specification component. In various aspects, the central validation specification component can store a plurality of request validation specifications respectively corresponding to the plurality of domain services. In various embodiments, the central validation server can comprise an output component. In various instances, the output component can transmit, in response to the validation instruction, the plurality of request validation specifications to the gateway service. In various aspects, the gateway service can validate the request based on the plurality of request validation specifications. In various embodiments, the gateway service can determine that the request fails to satisfy at least one of the plurality of request validation specifications. In various cases, the gateway service can return an error to the client without invoking any of the plurality of domain services. | 2021-11-25 |
| 20210367920 | Cloud-based tunnel protocol systems and methods for multiple ports and protocols - Systems and methods include establishing a control channel of a tunnel utilizing a first encryption technique, wherein the tunnel is between a local node including one or more processors and a remote node, and wherein the control channel includes a session identifier; establishing a data channel of the tunnel utilizing a second encryption technique, wherein the data tunnel is bound to the control channel based on the session identifier; performing, over the control channel, device authentication and user authentication of one or more users associated with the remote node, wherein each of the one or more users includes a user identifier; and, subsequent to the device authentication and the user authentication, exchanging data packets over the data channel with each data packet including a corresponding user identifier. The first encryption technique can be one of TLS and SSL, and the second encryption technique can be one of TLS and DTLS. | 2021-11-25 |
| 20210367921 | PREMISES MANAGEMENT CONFIGURATION AND CONTROL - Disclosed are methods, systems, and devices for management of a premises. The premises may comprise one or more devices, such as a gateway device, a control device, or a premises device. The gateway device may receive data and send the data to the control device. The data may comprise a command, an update, a configuration, or other information. Communication between the control device and any of the other devices at the premises may be configurable by a server device. | 2021-11-25 |
| 20210367922 | SYSTEM ON CHIP FIREWALL MEMORY ARCHITECTURE - In described examples, a system on a chip (SoC) and method for sending messages in the SoC include determining locations of initiator-side firewall block and receiver-side firewall block memories using respective pointers to the firewall block memories stored in a single, contiguous memory. Addresses of the pointers within the single memory depend on respective unique firewall identifiers of the firewall blocks. An exclusive security configuration controller uses the pointers to configure the firewall blocks over a security bus which is electrically isolated from a system bus. The system bus is used to send messages from sending functional blocks to receiving functional blocks. The initiator-side firewall block adds a message identifier to messages. The message identifier depends on the initiator-side firewall block's configuration settings. The receiver-side firewall block controls permission for the receiving functional block to access the message, depending on the message identifier and the receiver-side firewall block's configuration settings. | 2021-11-25 |
| 20210367923 | SYSTEMS AND METHODS FOR DETECTING AND DYNAMICALLY RATE LIMITING ACCOUNT DISCOVERY AND TAKEOVER ATTEMPTS - Methods and systems are presented for detecting and dynamically rate limiting unauthorized attempts to obtain user account information from an online service provider. An online system is configured with a request rate limit and a list of user identifiers associated with accounts at risk of being compromised. The system receives requests, each associated with a user identifier, from one or more devices. The system determines what amount of user identifiers associated with the requests match user identifiers on the list over a period of time. If the amount meets or exceeds a threshold, the system reduces the request rate limit for devices that made a request associated with user identifiers matching those on the list. | 2021-11-25 |
| 20210367924 | DNS PROXY THAT AUTOMATICALLY CLEARS IP ADDRESSES IN FIREWALL ACCORDING TO DNS QUERIES OF CLEARED DOMAIN NAMES - A walled garden system includes a firewall controlling access between a first network and a second network at least by allowing connection requests originating from a user device on the first network to a destination IP address on the second network in response to determining that the destination IP address matches a cleared IP address on a cleared IP addresses list. A controller receives a domain name service (DNS) reply from a DNS server on the second network, and determines whether a domain name specified within the DNS reply matches a cleared domain name on a cleared domain names list. In response to determining that the domain name specified within the DNS reply matches the cleared domain name on the cleared domain names list, the controller adds a resolved IP address specified in the DNS reply to the cleared IP addresses list as a new cleared IP address. | 2021-11-25 |
| 20210367925 | AUTONOMOUS ALERTING BASED ON DEFINED CATEGORIZATIONS FOR NETWORK SPACE AND NETWORK BOUNDARY CHANGES - Introduced here are Internet monitoring platforms configured to define, monitor, and assess the boundary of a private network associated with a client. By monitoring the entire Internet, a private network, and relationships between these networks, an Internet monitoring platform can discover changes in the boundary of the private network that is defined by those assets on the private network capable of interfacing with a public network, such as the Internet. The Internet monitoring platform may, in response to discovering the boundary of the private network has experienced a change, identify an appropriate remediation action by mapping the change to a technological issue, a relevant business relationship, etc. For example. If the Internet monitoring platform discovers that the boundary of the private network has expanded due to the introduction of a new cloud computing asset, the Internet monitoring platform may automatically reconfigure a network tool so that traffic generated by the new computing device is examined. | 2021-11-25 |
| 20210367926 | Methods and Apparatus for Operating and Managing a Constrained Device within a Network | 2021-11-25 |
| 20210367927 | Network Address Translation With Filters Using Hierarchical Rules - A system administrator can specify NAT mappings to perform NAT translations in a switch. The administrator can specify an ACL to filter packets to be translated. Filter rules generated from the ACL are stored in a first memory store in a switch and NAT rules generated from the NAT mappings are stored in a second memory store separate from the first memory store. When a packet matches one of the filter rules a tag that identifies the ACL is associated with the packet. When the tagged packet matches one of the NAT rules, the packet is translated according to the matched NAT rule. | 2021-11-25 |
| 20210367928 | MULTI-LAYER NAVIGATION BASED SECURITY CERTIFICATE CHECKING - Generally discussed herein are devices, systems, and methods for secure cloud application provisioning. A method can include, while providing access to the cloud application, receiving data indicating a first universal resource locator (URL) entered in a search bar of a web browser associated with the cloud application has changed to a second URL, determining whether the second URL has a valid certificate, and in response to determining the second URL is associated with the cloud application and a valid certificate for the second URL exists, providing resources for the second URL and the valid certificate to the web browser or in response to determining the second URL is not associated with the application, re-directing the web browser away from the proxy server. | 2021-11-25 |
| 20210367929 | Systems and Methods For Packet Spreading Data Transmission With Anonymized Endpoints - A packet-spreading data transmission system with anonymized endpoints facilitates enhanced fortified private communications between a plurality of arbitrary devices via a plurality of communication channels or networks. The data transmission system receives at a source endpoint device a message of arbitrary length. The message includes a destination address associated with a destination endpoint device. Both source endpoint device and the destination endpoint device are selected from a plurality of arbitrary devices. The received message are fragmented and agilely transmitted, via a plurality of communication channels, from the source endpoint device to the destination endpoint device. | 2021-11-25 |
| 20210367930 | METHOD OF AND SYSTEM FOR SECURE DATA EXPORT FROM AN AUTOMOTIVE ENGINE CONTROL UNIT - A method of secure data export from an automotive ECU to a requesting entity includes receiving a signed request, the request transmitting a first public encryption key. The signature is verified using a second public key stored in the automotive ECU. Further, the requesting entity is authenticated. Only upon successful verification and authentication the automotive ECU generates a random symmetric key for encrypting the data to be exported. The symmetric key is encrypted using the first public key received in the request, and unencrypted data is deleted. The encrypted data is exported to the requesting entity, which decrypts the symmetric key using a first private key associated with the first public key, and decrypts the data encrypted with the symmetric key. | 2021-11-25 |
| 20210367931 | Cryptanalysis Method and System - A cryptanalysis method comprising: | 2021-11-25 |
| 20210367932 | EFFICIENT STORAGE OF DATA IN A DISPERSED STORAGE NETWORK - A data segment is encrypted to produce an encrypted data segment, and a data tag associated with the data segment is generated. The encrypted data segment is encoded to generate a set of encoded data slices. At least a read-threshold number of encoded data slices are required to reconstruct the encrypted data segment. A set of write slice requests, which includes the set of encoded data slices and the data tag, is transmitted to a DSN memory. A determination is made, based on the data tag, whether a first encoded data slice of the set of encoded data slices is a duplicate of a second encoded data slice already stored within the DSN memory. If it is a duplicate, rather of storing the first encoded data slice, a reference to a location of the second encoded data slice is stored. | 2021-11-25 |
| 20210367933 | METHOD AND SYSTEM TO ENSURE THAT ALL PARTICIPANTS IN THE GENERATION OF A PROTECTED DATA SET OR DATA STREAM THROUGH ENCRYPTION ARE REQUIRED TO PROVIDE THEIR PERMISSION FOR THE DATA TO BE RETRIEVED THROUGH DECRYPTION - The present invention comprises a system that will ensure the privacy of multiple participants being recorded during an activity that is considered to be confidential due to legal, professional, and/or other concerns. Video, audio, telemetry, and other information is encrypted using identifying credentials, such as identifying physical devices, knowledge of specific codes or information, and/or biologically originated identifiers, from all parties in a manner such that all, or a pre-determined specific subset, of the parties must provide the original credentials in order to decrypt the encrypted information. This system assures that no individual can access the encrypted information without the active participation of the required other members who provided encryption credentials. | 2021-11-25 |
| 20210367934 | SECURE SYSTEM AND METHOD FOR PREVENTING CROSS-SITE CREDENTIAL REUSE - A system for preventing cross-site credential reuse includes: a plurality of secure services hosted on at least one server, each of the plurality of secure services having its own set of credentials; a central database for storing data relating to credentials associated with the plurality of secure services; whereby at least one of the plurality of secure services communicates with the central database to determine whether a credential is used across more than one of the plurality of secure services. | 2021-11-25 |
| 20210367935 | NETWORK SECURITY DYNAMIC ACCESS CONTROL AND POLICY - A network security system and method implements dynamic access control for a protected resource using run-time contextual information. In some embodiments, the network security system and method implements a dynamic access ticket scheme for access control where the access ticket is based on run-time application context. In other embodiments, the network security system and method implements policy enforcement actions in response to detected violations using application programming interface (API) to effectively block detected policy violations without negatively impacting the operation of the application or the user of the application. In some embodiments, the network security system uses enterprise social collaboration tools to interact with the end-user or with the system administrator in the event of detected security incidents. | 2021-11-25 |
| 20210367936 | AUTHENTICATION SYSTEM AND AUTHENTICATION METHOD USING PERSONAL ELECTRONIC IDENTITY GADGETS - An authentication system for use with personal electronic identity gadgets of at least one user of services in that the personal electronic identity gadgets are configured to authenticate to a main service provider and are configured to trigger synchronization of data storages of service providers. The system has a data storage of an authentication system server component of at least one main service provider. The data storage is synchronizable with data storage(s) of server component(s) of at least one other service provider, either directly or via personal electronic identity gadgets, and the authentication system server component of the at least one main service provider is configured for mapping personal electronic identity gadgets to the account of the user of services. The system offers an authentication method that allows to recover from emergencies and/or increase the user comfort and/or increase security. | 2021-11-25 |
| 20210367937 | CONTROL DEVICE AND CONTROL METHOD - An object of the present invention is to provide a control device and control method that make it possible to prevent an unnecessary authentication process from being executed. | 2021-11-25 |
| 20210367938 | BIOMETRICALLY-ENHANCED VERIFIABLE CREDENTIALS - Biometrically-enhanced verifiable credentials of an individual. In one embodiment, an electronic device including a biometric capture circuitry, a memory, and an electronic processor. The biometric capture circuitry configured to capture one or more biometrics of an individual. The memory storing a digital identity application. The electronic processor, when executing the digital identity application, is configured to receive the one or more biometrics of the individual that are captured by the biometric capture circuitry, generate a biometric token of the individual based on the one or more biometrics, receive identity information of the individual, generate biometrically-enhanced verifiable credentials including the identity information and the biometric token, and control the memory to store the biometrically-enhanced verifiable credentials. | 2021-11-25 |
| 20210367939 | SECURE VERIFICATION OF AN INDIVIDUAL USING WIRELESS BROADCASTS - The present disclosure relates to systems, methods, and computer-readable media for securely verifying an identity of a user of a client device based on a signal transmitted by the client device. For example, systems disclosed herein include registering a client device and facility device via a cloud computing system to enable the client device and facility device to securely communicate a signal via a wireless connection. The systems disclosed herein additionally include determining whether a trigger condition applies based on a position of the client device relative to the facility device. The systems disclosed herein further include maintaining and updating a subset of user verification information to include personal verification of a registered user of the client device. Using the subset of user verification information, a biometric scanning device may efficiently and accurately verify an identity of an individual associated with the client device. | 2021-11-25 |
| 20210367940 | AUTHENTICATION SYSTEM FOR PROVIDING BIOMETRICS-BASED LOGIN SERVICE - The present invention relates to an authentication system for providing a biometrics-based login service, the authentication system comprising: a biometrics authentication server; a target client, and a personal information authentication server, wherein a control method of the personal information authentication server in the authentication system comprises the steps of: checking, before a biometrics authentication process is performed, whether mutual trust exists between the personal information authentication server and the target client; obtaining, after it is determined that mutual trust exists between the personal information authentication server and the target client, biometrics for authentication from the target client; checking whether mutual trust exists between the personal information authentication server and the biometrics authentication server; providing, when it is determined that mutual trust exists between the personal information authentication server and the biometrics authentication server, the biometrics for authentication to the biometrics authentication server; obtaining a personal information protection key for unlocking protection of personal information that corresponds to the target client; and decrypting the personal information. | 2021-11-25 |
| 20210367941 | PARTICIPANT-MANAGED, INDEPENDENT-TRUST AUTHENTICATION SERVICE FOR SECURE MESSAGING - An anonymous authentication service for an invulnerable secret key authentication and encryption token distribution service. Applications place a small code segment within their communications protocol, thereby allowing network participants the full benefit of perfectly secure authenticated and encrypted message traffic without concern for third party key management. This is the world's first participant-managed, independent-trust secure messaging key distribution capability. | 2021-11-25 |
| 20210367942 | Method and Apparatus for Secure Interaction Between Terminals - A method and an apparatus for secure interaction between terminals, where the method includes indicating or indirectly indicating, by a companion terminal with an embedded Universal Integrated Circuit Card (eUICC), a Hypertext Transfer Protocol (HTTP) over Secure Socket Layer (HTTPS) Uniform Resource Locator (URL) including security information to a primary terminal such that the primary terminal initiates establishment of a local Transport Layer Security (TLS) connection according to the HTTPS URL, receiving, by the companion terminal, an HTTP request from the primary terminal using the local TLS connection, completing establishment of an HTTPS session when the companion terminal determines that the HTTP request includes the security information, and receiving, by the companion terminal, an operation instruction for the eUICC from the primary terminal using the HTTPS session. | 2021-11-25 |
| 20210367943 | METHOD AND SYSTEM FOR PROVIDING ACCESS TO DATA STORED IN A SECURITY DATA ZONE OF A CLOUD PLATFORM - A method and a system for providing access by an application to data stored in a security data zone of a cloud platform are provided. The method includes determining, in response to a query received from a querying application of the cloud platform, credentials for a security data zone based on determining whether a first access token included in the received query belongs to an application registered at an access manager module of the cloud platform, and whether the user specified in the received query is allowed to use the registered application. The method also includes determining a second access token to the querying application generated based on the determined credentials. The querying application uses a returned second access token to obtain access to data stored in the security data zone to be processed by the querying application. | 2021-11-25 |
| 20210367944 | REST API provided by a local agent to detect network path of a request - Systems and methods implemented by a user device include receiving a request, from an application executed on the user device, to identify a network path for a destination; determining the network path to the destination including ports, addresses, and inline proxies; and providing details of the network path to the application. | 2021-11-25 |
| 20210367945 | Method and System to Capture and Find Information and Relationships - A method and system to improve the computer in light of the global information network with numerous computer devices services, and apps, so that a user can capture and find information with high security and usability. The invention makes all information potentially searchable on the Internet, and distinguishes finding the existence of an object of information from its access, and the ability for a searcher to request access to an object that is not permitted, and to enable the object owner to approve requests. | 2021-11-25 |
| 20210367946 | Determing and Applying Assurance Levels for Application Operations Security - A system and method of providing security for an application. A request to use an application to perform an operation using information is received from an operator by a computer system. In response to receiving the request, an operator identity assurance level of the operator and characteristics of the operation using the information are determined. An operation assurance level for the operation is determined based on the characteristics of the operation using the information. It is determined whether the operator identity assurance level of the operator satisfies the operation assurance level for the operation. The operator is allowed to use the application to perform the operation using the information in response to a determination that the operator identity assurance level of the operator satisfies the operation assurance level for the operation. | 2021-11-25 |
| 20210367947 | DISTRIBUTED COMMUNICATION BETWEEN INTERNET OF THINGS DEVICES - Technologies for a distributed Internet of Things (IoT) system including a plurality of IoT devices are disclosed. An example first Internet of Things (IoT) device includes at least one processor to execute instructions to access a first message transmitted by a second IoT device, the first IoT device and second IoT device communicatively coupled via a direct communication, identify that the first message is indicative of an administrative event, the administrative event associated with a function of one or more of the first IoT device or the second IoT device, update a status of a system of IoT devices based on the administrative event, the system of IoT devices including the first IoT device and the second IoT device, and send a second message indicative of the administrative event to a universal bus. | 2021-11-25 |
| 20210367948 | GRADUATED AUTHENTICATION IN AN IDENTITY MANAGEMENT SYSTEM - A method and system for graduated security in an identity management system utilize differing levels of time sensitivity, channel security and authentication security to provide a multi-dimensional approach to providing the right fit for differing identity requests. The differing levels of security can be selected by user preference, membersite request or homesite policy. | 2021-11-25 |
| 20210367949 | ELECTRONIC DEVICE AND METHOD FOR PROVIDING LOCATION DATA - An electronic device is provided. The electronic device includes a user interface, a location sensor configured to sense a location of the electronic device, a processor electrically connected with the user interface and the location sensor, and a memory electrically connected with the processor and configured to store a first application program and a second application program. The memory is further configured to store instructions that, when executed, enable the processor to receive first location data with a first degree of accuracy regarding the location of the electronic device from the location sensor, process at least part of the first location data to generate second location data with a second degree of accuracy lower than the first degree of accuracy regarding the location of the electronic device, provide the at least part of the first location data to execute the first application program, and provide at least part of the second location data to execute the second application program. | 2021-11-25 |
| 20210367950 | SECURITY TOOL - A system includes a set of adapter interfaces, a router module, and a processor. Each adapter interface is assigned to a different level of security. The router module sends requests to the adapter interfaces, based on the security levels associated with the devices that submitted the requests. A first adapter interface establishes a first connection to the servers, providing access to a first zone. A second adapter interface establishes a second connection to the servers, providing access to a second zone. The first zone includes a set of resources assigned to the first level of security that is not included in the second zone. Each adapter interface further receives data and applies different levels of security to the data, based on the security levels associated with the devices that submitted the data. | 2021-11-25 |
| 20210367951 | METHOD FOR IMPROVING DATA TRANSMISSION SECURITY - A method for improving data transmission security at a user equipment comprises receiving, from a source network node, a connection release message including instructions for computing a hash value for data to be included in a connection request message; computing the hash value based on the instructions included in the connection release message; calculating a token based on the hash value, and sending, to a target network node, the connection request message including the token. The method may further forward the data from the target network node directly to a gateway after the token has been verified. The method may reduce a signaling overhead by having a fixed-size hash value for data. Furthermore, the method may improve a transmission security by including the token in an RRC message, in which the token is calculated based on the hash value representing the data. | 2021-11-25 |
| 20210367952 | SYSTEMS, METHODS AND COMPUTER PROGRAM PRODUCTS FOR INGRESS EMAIL SECURITY - An ingress server is operable to perform, through a multi-list evaluator, two different validations: one utilizes a sender network address of a sender's server to determine whether to trust, accept, or reject a connection and one utilizes a domain of a sender email address from an envelope to determine whether to accept or reject a message. The multi-list evaluator may perform the validations in two phases. If a connection can be trusted, the connection is accepted and any message over the connection (in a single session) is accepted and no further validation is necessary. Further, in both phases, the multi-list evaluator can utilize a whitelist maintained by the ingress server to override a blacklist provided by a blacklist supplier. This override can reduce false-positives and drastically reduce delays usually associated with correcting false-positives and improve system throughput. | 2021-11-25 |
| 20210367953 | User Behavior Profile Including Temporal Detail Corresponding to User Interaction - A system, method, and computer-usable medium are disclosed for generating a cyber behavior profile comprising monitoring user interactions between a user and an information handling system; converting the user interactions into electronic information representing the user interactions, the electronic information representing the user interactions comprising temporal detail corresponding to the user interaction; and generating a user behavior profile based upon the electronic information representing the user interactions, the generating the user profile including a layer of detail corresponding to the temporal detail corresponding to the user interaction. | 2021-11-25 |
