48th week of 2015 patent applcation highlights part 65 |
Patent application number | Title | Published |
20150341327 | BACK-END MATCHING METHOD SUPPORTING FRONT-END KNOWLEDGE-BASED PROBABILISTIC AUTHENTICATION SYSTEMS FOR ENHANCED CREDENTIAL SECURITY - A party can authenticate itself by interacting with multiple servers without revealing the shared secret to any of the involved parties. The stored shared secret is strengthened and broken into shares and saved on the servers. The shared secret is safe against offline brute force attack unless all servers where the shares are stored are compromised. The compromise of any single server, or multiple servers—but less than the maximum number—will not allow the attacker to do a brute force analysis on the shared secret. This back end security enhancement is suitable for probabilistic front end authentication algorithms. | 2015-11-26 |
20150341328 | Enhanced Multi-Level Authentication For Network Service Delivery - One embodiment of an apparatus, e.g. a RADIUS server, includes a processor and a processor-readable storage medium. The memory contains instructions that when executed configure the processor to 1) authenticate a user for access to network services based on user-specific account credentials; and 2) authenticate the user for access to network services based on at least one parameter specific to at least one physical network component used to provide the network services to the user. | 2015-11-26 |
20150341329 | BORDER PROPERTY VALIDATION FOR NAMED DATA NETWORKS - One embodiment provides a system for distributing packets within a trust domain. During operation, the system receives, by an ingress node in the trust domain, a message. The system creates a property vector for the message, where the property vector indicates a number of properties that have been determined for the message. The system generates a first authenticator for the message based on the property vector and a secret key shared by a plurality of nodes in the trust domain. The system transmits the message, the property vector, and the first authenticator to another node in the trust domain, thereby facilitating secure and efficient distribution of messages within the trust domain without requiring intermediate nodes to determine the properties indicated in the property vector. | 2015-11-26 |
20150341330 | METHODS AND APPARATUS FOR DELEGATED AUTHENTICATION TOKEN RETRIEVAL - In some embodiments, a non-transitory processor-readable medium includes code to cause a processor to send, from an authorization client on a device to a client authorization module, an indication of multiple applications installed on the device, and receive, at the authorization client and in response to the indication, multiple application tokens from the client authorization module. Each individual application token from the multiple application tokens received by the authorization client is uniquely associated with an application from the multiple applications installed on the device. The authorization client provides each application its associated application token such that each application from the multiple applications can use that application token in order to be authenticated to an application server associated with the application. | 2015-11-26 |
20150341331 | SECURING A WIRELESS MESH NETWORK VIA A CHAIN OF TRUST - A master beacon device emits a data packet that is received and retransmitted by servant beacon devices in a wireless mesh network that enables the beacon devices to detect the received signal strength indicator (“RSSI”) of beacon devices in proximity. Each servant beacon device transmits survey data packets comprising the RSSIs and hardware identifiers of proximate beacon devices to the master beacon device, which constructs a first virtual map of the mesh network. At a later time, each servant beacon device transmits authentication data packets, which are retransmitted, each retransmitting beacon inserting an RSSI and hardware identifier of the beacon device from which the authentication data packet was received, until they reach the master beacon device, which constructs a second virtual map of the mesh network. The master beacon device compares the first virtual map to the second virtual map to determine if the network is secure. | 2015-11-26 |
20150341332 | Privacy Enhanced Key Management For A Web Service Provider Using A Converged Security Engine - In an embodiment, a security engine of a processor includes an identity provider logic to generate a first key pair of a key pairing associating system user and a service provider that provides a web service and having a second system coupled to the system via a network, to perform a secure communication with the second system to enable the second system to verify that the identity provider logic is executing in a trusted execution environment, and responsive to the verification, to send a first key of the first key pair to the second system. This key may enable the second system to verify an assertion communicated by the identity provider logic that the user has been authenticated to the system according to a multi-factor authentication. Other embodiments are described and claimed. | 2015-11-26 |
20150341333 | METHOD, APPARATUS, AND SYSTEM FOR PROVIDING A SECURITY CHECK - Embodiments of the present application relate to a method, apparatus, and system for providing a security check. The method includes receiving a security verification request sent from a terminal, obtaining first verification element information based at least in part on the security verification request, generating a digital object unique identifier based at least in part on the first verification element information, sending the digital object unique identifier to the terminal, receiving second verification element information from the terminal, and in the event that the first verification element information and the second verification element information are consistent, sending security check pass information to the terminal. | 2015-11-26 |
20150341334 | SYNCHRONIZING AUTHENTICATION SESSIONS BETWEEN APPLICATIONS - Disclosed are various embodiments for synchronizing authentication sessions between applications. In one embodiment, a first authentication token is received from a first application in response to determining that the first application is authenticated with a service provider. A second authentication token is requested from a token exchange service associated with the service provider. The second authentication token is requested using the first authentication token. The second application is configured to use the second authentication token in order to access a resource of the service provider. | 2015-11-26 |
20150341335 | PASSWORD-BASED AUTHENTICATION - A password authentication system includes an access control server configured to control access by a user computer to a resource dependent on authentication of user passwords associated with user IDs. The system further includes a plurality of authentication servers, storing respective secret values. For each user ID, the access control server stores a first ciphertext produced by encrypting the user password associated with that ID using a predetermined algorithm dependent on the secret values. In response to receipt of a user ID and an input password, the access control server communicates with the plurality of authentication servers to implement password authentication, requiring use of the secret values, in which a second ciphertext is produced by encrypting the input password using said predetermined algorithm. The access control server compares the first and second ciphertexts to determine whether the input password equals the user password to permit access to the resource. | 2015-11-26 |
20150341336 | SYSTEM FOR AUTHORIZATION OF ACCESS - A method and device for communication and control of access including an access point containing a screen and camera whereby a visitor who is not preauthorized desires to communicate with a remote entity and uses a smartphone, holding it in line of sight of the camera, which smartphone contains indicia that is transmitted by the camera to the remote entity to obtain access. | 2015-11-26 |
20150341337 | AUTHENTICATION SYSTEM AND NON-TRANSITORY COMPUTER READABLE MEDIUM - An authentication server | 2015-11-26 |
20150341338 | SERIALIZED AUTHENTICATION AND AUTHORIZATION SERVICES - Requests for User Services on networked computers running on different platforms with different Authentication, Authorization and Auditing (AAA) Security Systems are processed through an AAA Services Manager Server and Web Services Servers. The AAA Services Manager Server communicates requests for User Services to Web Services Servers using corresponding URL Web addresses. Web Services correspond to their respective Authentication Security Systems and Authorization Security Systems through which User Services may be obtained. The Web Services Servers act to access, for User validation, the respective Authentication Security Systems and Authorization Security Systems according to their individual languages and computing platform requirements. | 2015-11-26 |
20150341339 | INFORMATION DISPLAY METHOD, TERMINAL, SECURITY SERVER AND SYSTEM - A self-moving tunnel support canopy includes front arch frame, rear arch frame, forward jack, and support jack disposed under the front arch frame. The front arch frame has front arch beams and front longitudinal beams longitudinally disposed along arch upper surfaces of front arch beams and coupled to all the front arch beams. The rear arch frame has rear arch beams and rear longitudinal beams longitudinally disposed along arch upper surfaces of the rear arch beams and coupled to all the rear arch beams. The front longitudinal beams and the rear arch beams are spacedly disposed, and a spacing is configured between the front arch beam and a front-adjacent rear arch beam. One end is coupled to the front arch frame, and the other end of the forward jack is coupled to the rear arch frame. The front arch beam and the rear arch beam are both arch-shaped beams. | 2015-11-26 |
20150341340 | A SYSTEM AND METHOD OF DYNAMIC ISSUANCE OF PRIVACY PRESERVING CREDENTIALS - Method and System for enhanced privacy in privacy-preserving identity solutions. The technology provides for a redirect of a request to generate a proof of an attribute from a service provider to a separator. The separator removes source identification from the attribute-proof request and redirects the attribute-proof request, free of original source identification, to a credential issuer which issues the credential. A security device of the user generates a presentation token from the privacy-preserving credential and presents the presentation token to the service provider as proof of the attribute. Other systems and methods are disclosed. | 2015-11-26 |
20150341341 | APPARATUS AND METHOD FOR SECURING A DEBUGGING SESSION - A device executes debugging instructions received from a debugging computer. The device receives a debugging establishment request from the debugging computer. The device transmits a unique identifier associated with the device and a secured expiration value to the debugging computer. The device receives a transport layer security (TLS) certificate from the debugging computer and establishes a secured and authenticated link with the debugging computer using the TLS certificate. The device enables a debugging mode, responsive to determining that an identifier in the TLS certificate matches the unique identifier and that a secured expiration value in the TLS certificate is valid and within a predefined validity range, and executes, in the debugging mode, debugging instructions received from the debugging computer. | 2015-11-26 |
20150341342 | AUTOMATED STEP-UP DIGITAL CERTIFICATE INSTALLATION PROCESS - Techniques are disclosed for rapidly securing a server in response to request for a high-assurance digital certificate. As described, a CA may issue a basic tier certificate after performing a verification process to confirm that a party requesting a certificate for a given network domain, in fact, has control of that domain. Once issued and provisioned on the server, the server can establish secure connections with clients. At the same time, the CA continues to perform progressive identity verification processes for progressively higher tiers of certificates. Once the identity verification process at each tier is complete, the CA issues a new certificate for the corresponding tier, which may then be provisioned on the server. After performing all of the identity verification processes, the server can issue the requested high-assurance certificate. | 2015-11-26 |
20150341343 | RFID Tag and Method for Operating an RFID Tag - The invention relates to an RFID tag, which comprises a receiving means, a first and a second verification means, and a transmitting means. The receiving means is designed to receive a challenge message sent by an RFID reading device. Said challenge message comprises a challenge data set, which has a digital certificate issued for the RFID reading device by a certification authority and signed by means of a private key of the certification authority and which has a request message, and a digital signature at least of the request message, which digital signature is generated by means of a private key of the RFID reading device. The first verification means is designed to verify the digital certificate by means of a public key of the certification authority. The second verification means is designed to verify the digital signature by means of a public key of the RFID reading device. The transmitting means transmits a response message to the REID reading device if the certificate and the digital signature are verified. By verifying the challenge message, the RFID tag can ensure that the RFID tag transmits a response message only to such a requesting REID reading device that is actually authorized to communicate with said RFID tag. | 2015-11-26 |
20150341344 | SYSTEMS AND METHODS FOR USING IMAGING TO AUTHENTICATE ONLINE USERS - Systems and methods are disclosed for authenticating an identity of an online user. One method includes receiving from the user, through a first device, a request to access a web page associated with the user's online account; transmitting to the user an image that contains a unique ID and a URL of an authentication server; and receiving from the user, through the first device, an authentication request containing the unique ID. The method also includes receiving from the user, through a second device, a log-in ID associated with the user and the unique ID; and authenticating the identity of the user to grant the user access, through the first device, to the web page associated with the user's online account. | 2015-11-26 |
20150341345 | SECURITY SYSTEM - A security system includes a controller manufacturer, a key issuer, and a medium manufacturer. The controller manufacturer writes a controller key Kc and a controller unique ID (IDcu) in the controller at the time of manufacturing the controller, and transmits the controller key Kc to the key issuer. The key issuer generates a medium device key Kmd_i and a medium device key certificate Cert | 2015-11-26 |
20150341346 | Bifurcated Authentication Token Techniques - Bifurcated authentication token techniques are described in which sign-on credentials are separated from corresponding privilege data for resources. During client authentication, a determination is made regarding whether a service provider is configured to support bifurcated authentication token techniques. If the techniques are supported, a lightweight token is issued to the client and corresponding privilege data is stored separately from the token in a centralized authentication database. If a service provider does not support bifurcated authentication token techniques, a traditional, combined authentication token that includes privilege data is issued to the client. The lightweight token contains identity information and a reference to the privilege data, but does not contain the actual privilege data. Therefore, the lightweight cookie token alone is not sufficient to gain access to corresponding resources. Moreover, privileges associated with a lightweight token may be revoked or altered without having to change or invalidate the lightweight token itself. | 2015-11-26 |
20150341347 | METHODS AND SYSTEMS OF ISSUING, TRANSMITTING AND MANAGING TOKENS USING A LOW-LATENCY SESSION SYNDICATION FRAMEWORK - A method of implementing session syndication using a low-latency session syndication framework may include receiving, by an inline frame associated with an authorization provider, a request from a client application for an access token. The inline frame may be embedded in the client application. The method may include sending, by the inline frame, a request for the access token to a computing device associated with the authorization provider, receiving, by the inline frame from the authorization provider, an access token associated with one or more resources of the authorization provider, and providing the access token to the client application. | 2015-11-26 |
20150341348 | System and Method for Safe Login, and Apparatus Therefor - Disclosed is a safe log-in system and method for allowing log-in of a user in association with a plurality of devices, and an apparatus for the same. The safe log-in method for allowing a safe log-in of a communication device which accesses a web site includes: by an authentication data providing device, receiving a request for authentication-related data, which is required for log-in to the web site, from the communication device; by the authentication data providing device, extracting authentication-related data required for log-in to the web site; by the authentication data providing device, transmitting the extracted authentication-related data to the communication device; and by the communication device, attempting log-in authentication to the web site by using the authentication-related data. | 2015-11-26 |
20150341349 | PRIVACY-PRESERVING BIOMETRIC AUTHENTICATION - A method includes receiving a registration input including a first raw biometric template and a user identifier. The first raw biometric template may be representative of unique features of a biometric characteristic of a user associated with the user identifier. The method includes generating a first transformed biometric template by applying a random projection to the first raw biometric template and communicating the first transformed biometric template and the user identifier to an authentication server. The method includes receiving a challenge input including a second raw biometric template and the user identifier. The method includes generating a second transformed biometric template and communicating the second transformed biometric template and the user identifier to the authentication server. The method includes receiving a signal indicative of an authentication decision from the authentication server. | 2015-11-26 |
20150341350 | PRIVACY PRESERVING BIOMETRIC AUTHENTICATION BASED ON ERROR CORRECTING CODES - A method includes transmitting initialization data including an error correction code and a matrix. The method also includes receiving registration data including a transformed registration biometric template, a registration user identifier, and a hashed registration code. The transformed registration biometric template may be determined based on a registration code word selected from the error correction code. The hashed registration code word may be determined by hashing the registration code word using the matrix. The registration user identifier may be associated with a first user described by the transformed registration biometric template. | 2015-11-26 |
20150341351 | Secure data processing method and system - The invention discloses a secure data processing method and system, wherein the secure data processing method comprises the following steps of: a security control server receiving a data upload request from a terminal, and obtaining a file feature, an identification code of the terminal and a directory path of a file with the file feature in the terminal comprised in the data upload request; the security control server judging whether the terminal is a trustable machine and/or judging whether the directory path is a credit directory according to the identification code and/or the directory path, and if the terminal is a trustable machine and/or the directory path is a credit directory, adding the uploaded file feature into a security database, or otherwise, not adding it into the security database; the trustable machine is a terminal in which data is considered as secure data. The invention further provides a secure data processing system implementing the foregoing method. The secure data processing method and system can improve the update efficiency of the secure data. | 2015-11-26 |
20150341352 | ELECTRONIC SHELF LABEL SYSTEM AND OPERATING METHOD THEREOF - Disclosed herein are an electronic shelf label system and an operating method thereof. The electronic shelf label system includes: a main server having product information on products stored therein; an electronic shelf label receiving the product information from the main server, displaying the received product information, and including a near field communication tag having a product recognition identification (ID) pre-stored therein; and a mobile communication terminal reading the product recognition ID, transmitting the read product recognition ID to the main server, receiving the product information from the main server, and displaying the received product information. | 2015-11-26 |
20150341353 | PROCESSING AND VERIFYING DIGITAL CERTIFICATE - A digital certificate of a user is collected. A digest computation of a collecting result of the digital certificate is performed to generate a digital certificate digest of the user. The digital certificate digest is cached. In response to an operation of the user, a service request containing the cached digital certificate digest is transmitted to a service server such that when a service corresponding to the service request is a service for which the digital certificate needs to be verified, the service server executes the service when the verification passes through verification of the digital certificate digest. The techniques of the present disclosure execute the verification operation of the digital certificate along with specific service operations, which reduce the number of certificate verifications and the number of requests for executing the specific service. | 2015-11-26 |
20150341354 | NETWORK RESOURCE MANAGEMENT SYSTEM UTILIZING PHYSICAL NETWORK IDENTIFICATION FOR PRIVILEGED NETWORK ACCESS - The disclosed network resource management system employs a hardware configuration management (HCM) information handling system (IHS) that may couple to a single administered IHS or to multiple administered IHSs via an administrative network. An HCM tool in the HCM IHS may generate, modify and store hardware configuration information, including physical network identifications (PNet IDs), in an HCM database and share the HCM database with the administered IHSs. The administered IHS may be a privileged network access (PNA) IHS. The PNA IHS may receive a privileged network access management (PNAM) database from a PNAM IHS via the administrative network. The PNA tool may extract hardware configuration information, including PNet IDs, from the HCM database and privileged network access information, including PNet IDs, from the PNAM database. The PNA tool may utilize the information, including PNet IDs, to enable the PNA IHS to limit access to privileged networks. | 2015-11-26 |
20150341355 | IDENTIFYING PROTECTED MEDIA FILES - A user can have media files associated with a user account in a shared resource environment, enabling the user to access those files from multiple devices and locations. Instead of uploading each file, a process can scan the files to determine corresponding copies already stored to the shared resource environment, which can be associated with the user account without uploading another copy. In cases where encryption or other protection prevents the content of a file from being verified, a fingerprint of unencrypted records of the file can be generated and compared against an index of fingerprints for previously encountered files. If the fingerprint matches information stored for a media file, and the fingerprint meets at least one validity criterion, a copy of the media file can be associated with the user account even though the user's copy cannot be read, or potentially even played, by a component of the environment. | 2015-11-26 |
20150341356 | LOGIN METHOD AND APPARATUS - A login method and a login apparatus are provided. A third party server receives a login request of a first client and returns an identification code, the first client displays the identification code, and the third party server receives an authentication request of a second client to obtain a user unique identifier of the second client, wherein, the authentication request is sent by the second client according to an address of the third party server contained in the identification code after performing image acquisition to the identification code, and the third party server performs login authentication to corresponding third party account information bound to the user unique identifier and returns a login authentication result. The third party account information bound to the user unique identifier varies depending on the difference in the address information of the third party server contained in the identification code. | 2015-11-26 |
20150341357 | METHOD AND SYSTEM FOR ACCESS CONTROL MANAGEMENT USING REPUTATION SCORES - Security reputation data associated with a party is obtained and/or monitored. The security reputation data associated with the party is then analyzed to assign a security reputation score to the party. The security reputation score assigned to the party is then used to determine access permissions to be provided to the party. It is then either recommended that the determined access permissions be provided to the party, or the determined access permissions are automatically provided to the party. | 2015-11-26 |
20150341358 | METHOD AND SYSTEM FOR DETERMINING TRUSTED WIRELESS ACCESS POINTS - Disclosed are systems and method for determining trusted wireless access points. An example method includes identifying, by a mobile device, one or more wireless access points are available to connect to a network resource; obtaining a plurality of access point characteristics of the one or more wireless access points; obtaining a plurality of network resource characteristics for connecting to the network resource; comparing the plurality of access point characteristics and the plurality of network resource characteristics; determining based on the comparison at least one trusted wireless access points that is acceptable for establishing a connection to the network resource; and establishing a connection to the network resource via the trusted wireless access point. | 2015-11-26 |
20150341359 | Method of Controlling Access to Network Drive, And Network Drive System - A network drive system for controlling access to a network drive based on location information on a communication device according to the present technology includes: a storage unit storing a network drive that stores security data and general data; a receiving unit receiving a request for access to the network drive from a first communication device; a location checking unit checking whether the distance between the first communication device and a second communication device designated as a device for controlling access to the network drive is within a critical value; and a policy setting unit that applies a policy allowing the first communication device to access general data stored in the network drive or applies a policy disallowing the first communication device to access general data stored in the network drive, according to results of the determining by the location checking unit. | 2015-11-26 |
20150341360 | METHOD AND APPARATUS FOR MANAGING A TRANSACTION RIGHT - This invention provides a method for managing a transaction right in a digital rights management server. The transaction right is the right to a transaction of a utilization right of a digital content item. The method comprises steps of obtaining an attribute associated with the digital content item from metadata of the digital content item; and generating the transaction right on the basis of a pre-stored rule and the attribute of the digital content item. Since the transaction right is generated on the basis of the attribute of the digital content item, or in other words, the transaction right is dependent on the attribute of the digital content item, the generated transaction right of digital content items can be different if the corresponding attribute associated with the digital content items are different. Furthermore, in additional to the metadata, the generation of the transaction right only requires the pre-stored rule, resulting in affordable complexity and cost. Since the transaction right is also dependent on the pre-stored rule, the content providers need not to individually set the transaction right for each digital content item, but are still able to set the transaction right by setting the pre-stored rule. | 2015-11-26 |
20150341361 | Controlling a Mobile Device in a Telecommunications Network - A system is described to control a mobile telecommunication device within a telecommunications network, when the mobile device is suspected of being, or has been found to be, infected by malicious software or viruses causing it to behave maliciously or aggressively within the network. The telecommunications network is arranged to identify the telecommunication device and limit the communication between the mobile telecommunication device and the telecommunications network. This may mean limiting the bandwidth of the bearer between the mobile telecommunications device and the telecommunications network or may mean limiting the communications between the mobile telecommunications device and a specific location. In further embodiments the telecommunications network quarantines the identified device by either transferring an attachment of the mobile telecommunications device to a second network, or, maintaining a list of devices and adding the identified mobile telecommunications device to the list. | 2015-11-26 |
20150341362 | METHOD AND SYSTEM FOR SELECTIVELY PERMITTING NON-SECURE APPLICATION TO COMMUNICATE WITH SECURE APPLICATION - A method and system of selectively permitting a non-secure application to communicate with a secure application are described herein. The method can be practiced in a system that support an environment designed to restrict secure applications from processing requests from non-secure applications. In particular, a request can be received from a non-secure application by a system framework and, through the system framework, it can be determined that a secure application is capable of processing the request. The request can be delegated from the system framework to a secure framework. In addition, through the secure framework, it can be determined whether the non-secure application is an authorized non-secure application. If the non-secure application is an authorized non-secure application, the secure application can be permitted to process the request from the non-secure application. | 2015-11-26 |
20150341363 | SYSTEM AND METHOD FOR USING RESOURCES OF A COMPUTER SYSTEM IN CONJUNCTION WITH A THIN MEDIA CLIENT - A computer system including a processor and a memory for retrieving digital media content, storing the digital media content in the memory, and providing the digital media content to a thin media client is provided. | 2015-11-26 |
20150341364 | ATOMICALLY UPDATING TERNARY CONTENT ADDRESSABLE MEMORY-BASED ACCESS CONTROL LISTS - Embodiments described herein provide techniques for atomically updating a ternary content addressable memory (TCAM)-based access control list (ACL). According to one embodiment, a current version bit of the ACL is determined. The current version bit indicates that a rule in the ACL is active is the version flag in the rule matches the current version bit. Through these techniques, a first set of rules can be modified to create a second set of rules (e.g., by insertions, deletions, and replacements, etc.). | 2015-11-26 |
20150341365 | ACCESS CONTROL LIST-BASED PORT MIRRORING TECHNIQUES - Embodiments presented herein describe techniques for selecting incoming network frames to be mirrored using an access control list. According to one embodiment, an incoming frame is received. Upon determining that the incoming frame matches an entry in the access control list, a mirror field of the entry is evaluated. The mirror field identifies at least one mirroring action to perform on the frame. The identified mirroring action is performed on the frame. | 2015-11-26 |
20150341366 | SPECIALIZED NETWORK FILESERVER - A method and apparatus of a portable storage device that provides a specialized network fileserver is described. In an exemplary method, the portable storage device retrieves a list of applications on the portable storage device, where each of the applications has a private filesystem. For each of the applications, the portable storage device determines if that application will share the corresponding private filesystem and adds that private filesystem to a shared filesystem of the portable storage device is that is shareable. The portable storage device further advertises the shared filesystem to a host that is coupled to the portable storage device. | 2015-11-26 |
20150341367 | SYSTEMS AND METHODS FOR SECURE RESOURCE ACCESS AND NETWORK COMMUNICATION - Systems and methods for secure resource access and network communication are provided. A plurality of policies are received on a client device, each policy comprising a respective resource and a respective permission for a respective action that can be performed by a user of the client device in regards to the resource. A first application, which is configured to store data in an encrypted repository on the client device, receives a request to open a resource. The first application determines that one of the policies prohibits access by the resource to the encrypted repository and, based thereon, selects a different second application to open the resource that does not have access to the encrypted repository. The second application then opens the resource. | 2015-11-26 |
20150341368 | AUTHORIZED DELEGATION OF PERMISSIONS - Systems and methods are described for delegating permissions to enable account access to entities not directly associated with the account. The systems determine a delegation profile associated with a secured account of at least one customer. The delegation profile includes a name, a validation policy that specifies principals which may be external to the account and which are permitted to assume the delegation profile, and an authorization policy that indicates the permitted actions within the account for those principals which are acting within the delegation profile. Once the delegation profile is created, it can be provided to external principals or services. These external principals or services can use the delegation profile to obtain credentials for performing various actions in the account using the credentials of the delegation profile. | 2015-11-26 |
20150341369 | Location Aware Shared Spaces - In one embodiment, a geo-social networking system maintains a data store of shared space, wherein each shared space comprises one or more content objects, a location, and one or more privacy settings. The geo-social networking system allows a user read-access to a shared space based on privacy settings associated with the shared space. The geo-social networking system allows a user write-access to a shared space if the user is at the location associated with the shared space. | 2015-11-26 |
20150341370 | SYSTEMS AND METHODS RELATING TO THE AUTHENTICITY AND VERIFICATION OF PHOTOGRAPHIC IDENTITY DOCUMENTS - Identity documents are produced to confirm the identity of an individual and often their rights, such as driver's license, health card, age, and residence. False and counterfeit documents however can be used to commit fraud, gain unauthorized access to services and steal an individual's identity. Embodiments of the invention address verification and authentication of an identity document by correlating the information extracted from the identity document at the time of its presentation as evidence of an individual's identity with the original data relating to the identity document when it was issued to an individual or subsequently verified by an issuing authority of the identity document. | 2015-11-26 |
20150341371 | SYSTEMS AND METHODS TO PROVIDE SECURE STORAGE - Systems and method to provide secure storage are disclosed. An example method includes establishing a secure tunnel between a storage device and an agent, provide a command from the agent to the storage device via the secure tunnel, access first data at the storage device in response to the command, and identify a modification to data stored on the storage device by comparing the first data to second data, wherein the comparison is done using the storage device. | 2015-11-26 |
20150341372 | IDENTIFYING SUSPECTED MALWARE FILES AND SITES BASED ON PRESENCE IN KNOWN MALICIOUS ENVIRONMENT - Disclosed herein is a system and method for identifying potential sources of malicious activity as well as identifying potentially malicious files that originated from suspected malicious sources. Using an anchor event and telemetry data from devices known to have been infected by malicious activity similar events in the telemetry data between two devices can be identified. These satellite events are then used to identify other files that may have been deposited by the satellite event such that those files can be highlighted to a malware researcher. Additionally, the malware protection may be updated based on this analysis to label an associated site with the satellite event as a malicious site such that the site may be blocked or quarantined. | 2015-11-26 |
20150341373 | METHOD AND APPARATUS FOR PREVENTING INSERTION OF MALICIOUS CONTENT AT A NAMED DATA NETWORK ROUTER - An object-forwarding device can block a malicious Content Object from being inserted into an Interest's reverse path over a named data network. During operation, the device can receive a Content Object via a first interface, and can perform a lookup operation in a Pending Interest Table (PIT) to identify a PIT entry for an Interest associated with the Content Object. The device then determines, from the PIT entry, an egress interface used to forward the Interest. If the device determines that the egress interface of the PIT entry matches the first interface for the Content Object, the device forwards the Content Object via a return interface specified in the PIT entry. On the other hand, if the egress interface of the PIT entry does not match the first interface for the Content Object, the device can block the Content Object. | 2015-11-26 |
20150341374 | UNIFIED INTERFACE FOR ANALYSIS OF AND RESPONSE TO SUSPICIOUS ACTIVITY ON A TELECOMMUNICATIONS NETWORK - The invention is a platform for analysis of disparate data sources and automated and or user driven incident response via a single user interface. The platform includes an agent server, message broker, index, correlation engine and user interface. Telemetry sources may include network appliances, mobile devices, and standard terminals. Each telemetry type has interactions that enable incident response from the unified interface. | 2015-11-26 |
20150341375 | PRESENTING LOCATIONS OF USERS AND STATUS OF DEVICES - A non-transitory computer-readable storage medium comprising instructions stored thereon. When executed by at least one processor, the instructions may be configured to cause a computing system to at least maintain at least a first location of a first access monitor and a second location of a second access monitor, receive at least a first notification of access to the first access monitor by a user and a second notification of access to the second access monitor by the user, determine a location of the user based on the maintained first location and second location and the received first notification and/or second notification, and present the determined location of the user. | 2015-11-26 |
20150341376 | DETECTION OF ANOMALY IN NETWORK FLOW DATA - Disclosed is a method | 2015-11-26 |
20150341377 | METHOD AND APPARATUS TO PROVIDE REAL-TIME CLOUD SECURITY - A cloud includes an application delivery controller (ADC) receives traffic intended for a specific application, from a user, the specific application being executed by a virtual machine (VM). The ADC detects the received traffic as an attack traffic, the received traffic being intended for routing through software defined network (SDN) switches. The cloud further includes a controller that is in communication with the ADC and that launches virtual machines (VMs) based on the detected attack traffic. The controller re-configures the SDN switches from routing the received traffic to the VM that is executing the specific application to re-routing the received traffic, as the attack traffic, to one or more of the launched VMs. | 2015-11-26 |
20150341378 | System and Method for Real Time Data Awareness - A system includes a sensor and a processor. The sensor is configured to passively read data in packets as the packets are in motion on a network. The processor is cooperatively operable with the sensor. The processor is configured to receive the read data from the sensor; and originate map profiles of files and file data, both from the read data from the sensor, as the passively read packets are in motion on the network. The processor is also configured to infer a user role for a user who is using the file and the file data and how the user is transferring or accessing the file and the file data. Inappropriate usage being performed by the user can then be detected from the user role and the read data to control access to particular files. | 2015-11-26 |
20150341379 | NETWORK ANOMALY DETECTION - Methods, systems, and apparatus, including computer programs encoded on computer storage media, for determining network related anomaly scores. One of the methods includes generating a network map including at least a plurality of network nodes and a plurality of edges that indicate communications paths between the plurality of network nodes, obtaining first data indicating network activity over the edges and between the plurality of network nodes for a first time period, generating a model of expected network activity over the edges and between the plurality of network nodes for a future time period using the network map and the first data, obtaining second data indicating network activity over the edges and between the plurality of network nodes for a second time period, and determining an anomaly score using a comparison between the second data and the model of expected network activity. | 2015-11-26 |
20150341380 | SYSTEM AND METHOD FOR DETECTING ABNORMAL BEHAVIOR OF CONTROL SYSTEM - Provided are a system and method for detecting an abnormal behavior of a control system by analyzing flows of the control system. Flow information of the control network is collected, and flows are classified according to the collected flow information and a flow group is generated. An abnormal behavior of the control system is detected by analyzing flows of the generate flow group. That is, internal systems of the control network are grouped according to functions, and a situation of a system of a group performing the same function is managed to thus quickly detect an abnormal behavior of the control system. | 2015-11-26 |
20150341381 | APPARATUS AND METHOD FOR COLLECTING HARMFUL WEBSITE INFORMATION - Provided are a harmful site collection device and method for determining a harmful site by analyzing a connection between harmful sites. The harmful site collection device extracts a URL linked to a web page of a harmful site; checks a link circulation on the basis of link information on a web page of the URL linked to the harmful site to determine whether the web page of the URL linked to the harmful site is a harmful site; and, when a URL of a prestored non-harmful site is extracted while the link circulation is checked, stops checking the link circulation that includes the URL of the non-harmful site. Accordingly, the harmful site collection device can more easily determine a harmful site merely with information on a URL linked to a web page and can reduce the amount of computation using information on a URL of a prestored non-harmful site. | 2015-11-26 |
20150341382 | SCALABLE INLINE BEHAVIORAL DDOS ATTACK MITIGATION - Methods and systems for a scalable solution to behavioral Distributed Denial of Service (DDoS) attacks targeting a network are provided. According to one embodiment, a method to determine the scaling treatment is provided for various granular layer parameters of the Open System Interconnection (OSI) model for communication systems. A hardware-based apparatus helps identify packet rates and determine packet rate thresholds through continuous and adaptive learning with multiple DDoS attack mitigation components. The system can be scaled up by stacking multiple DDoS attack mitigation components to provide protection against large scale DDoS attacks by distributing load across these stacked components. | 2015-11-26 |
20150341383 | PROTECT APPLICATIONS FROM SESSION STEALING/HIJACKING ATTACKS BY TRACKING AND BLOCKING ANOMALIES IN END POINT CHARACTERISTICS THROUGHOUT A USER SESSION - Systems and methods for protection against session stealing is described. In embodiments of the present solution, a device intermediary to the client and the server may identify first properties of the client and associate the first properties with the session key. When the device receives subsequent request comprising the session key, the device matches the associated first properties with second properties of the second device that is sending the subsequent request. If there is a match, the subsequent request transmitted to the server. Otherwise, the subsequent request is rejected. | 2015-11-26 |
20150341384 | Randomizing Countermeasures For Fault Attacks - A device may include countermeasure circuitry that provides a countermeasure check that protects device logic. The device may also include enforcement circuitry that non-deterministically enforces the countermeasure check on the device logic so that the device logic is not always protected by a countermeasure action within the countermeasure check. The device may non-deterministically enforce the countermeasure check according to an enforcement rate, and the device may adjust the enforcement rate depending on a priority of the device logic or device logic portion protected by a particular countermeasure check. | 2015-11-26 |
20150341385 | WEB PAGE AND WEB BROWSER PROTECTION AGAINST MALICIOUS INJECTIONS - A method comprising: loading a web page in a web browser, wherein the web page comprises a call to an anti-injection client-side code; loading the anti-injection client-side code in the web browser; and executing the anti-injection client-side code in the web browser, to: (a) intercept an injection of a node into the DOM (Document Object Model) of the web page, (b) compare the injected node with a list, and (c) based on the comparison, permit or block execution of the injected code. | 2015-11-26 |
20150341386 | ENHANCED THREAD HANDLING IN SECURITY HANDSHAKING - Disclosed herein are methods, systems, and software for handling threaded processes in security handshaking between end users and content delivery nodes are presented. In one example, a method of operating a content delivery node includes identifying a secure layer connection request within an application thread, and initiating a new thread for a security handshake process based on the secure layer connection request. The method further includes, in response to completing the security handshake process, returning to the application thread. | 2015-11-26 |
20150341387 | Identification of Web Form Parameters for an Authorization Engine - A method, system and computer-usable medium are disclosed for automating the identification of web form parameters for an authorization engine. A web page containing a set of parameters is received and then processed to identify structured portions it may contain. A target structured portion is then selected and processed to identify a corresponding set of web form parameters. Once identified, the set of web form parameters are then processed to generate a policy with a corresponding set of policy rule parameters. Matching operations are then performed to respectively match individual parameters of the set of web form parameters to individual parameters of the set of policy rule parameters. The policy is then associated with its associated web page URL and the process is repeated, proceeding with selecting another target structured portion to process. | 2015-11-26 |
20150341388 | METHODS AND SYSTEMS FOR PROTECTING A SECURED NETWORK - Methods and systems for protecting a secured network are presented. For example, one or more packet security gateways may be associated with a security policy management server. At each packet security gateway, a dynamic security policy may be received from the security policy management server, packets associated with a network protected by the packet security gateway may be received, and at least one of multiple packet transformation functions specified by the dynamic security policy may be performed on the packets. Performing the at least one of multiple packet transformation functions specified by the dynamic security policy on the packets may include performing at least one packet transformation function other than forwarding or dropping the packets. | 2015-11-26 |
20150341389 | LOG ANALYZING DEVICE, INFORMATION PROCESSING METHOD, AND PROGRAM - A log information collecting unit that collects log information and traffic information output from a plurality of communication devices included in a network; a normalization processing unit that normalizes the log information and traffic information collected by the log information collecting unit; a log information analysis processing unit that extracts, and analyzes according to a predetermined rule, relative log information and traffic information from the normalized log information and traffic information, and determines whether or not there is unauthorized access; and an event information notifying unit that outputs event information including information indicating importance based on a result of the determination by the log information analysis processing unit, are included. | 2015-11-26 |
20150341390 | MODULARIZED SOFTWARE SYSTEM FOR MANAGING A PLURALITY OF DISPARATE NETWORKS - Converged network management application and system is provided that delivers a management platform as a service that can view and/or manage all managed networks in the aggregate, or any one of them individually (including individual devices within the managed networks), in a secure and efficient manner, providing continuously available intelligence in real time on the managed networks and systems, and overcoming integration issues including conflicting address schemas, the need to avoid unnecessary infrastructure, and the need acquire all necessary information in real time within applicable memory and bandwidth constraints. | 2015-11-26 |
20150341391 | SYSTEMS AND METHODS FOR SERVING APPLICATION SPECIFIC POLICIES BASED ON DYNAMIC CONTEXT - Methods, systems and computer readable media for serving application specific policies based on dynamic context are described. In some implementations, the method can include determining a dynamic authentication context for a user including one or more access credentials, and authenticating the access credentials. The method can also include determining an indication of a need for a service-based policy, and generating a dynamic service-based policy based on the dynamic authentication context and an application. The method can further include providing the dynamic service-based policy to the application, and monitoring for a change in the dynamic authentication context. The method can also include updating the dynamic service-based policy. | 2015-11-26 |
20150341392 | METHOD FOR PROVIDING A LAW ENFORCEMENT AGENCY WITH SAMPLED CONTENT OF COMMUNICATIONS - Presented are a method and a node in a Lawful Interception (LI) network, in which the node is configured to provide a Law Enforcement Agency with Intercept Related Information (IRI) and Content of Communications (CC) of data traffic in a digital communications network. The IRI and CC are forwarded to an Intercept Mediation and Delivery unit node (IMDU) of the LI network, wherein the IMDU is configured to sample the content of communications according a certain sampling rate to achieve one or more samples of the CC, and to forward the generated one or more samples to the Law Enforcement Agency. | 2015-11-26 |
20150341393 | SYSTEM AND METHOD FOR INITIATING TELECOMMUNICATIONS SESSIONS THROUGH AN ELECTRONIC MAIL ADDRESS - A system and method of establishing and controlling a telecommunications or multimedia communications sessions over a conventional call signaling protocol is employed to enable such a communications session to the initiated and managed between participants through translated resource identifiers. The method of establishing and controlling a telecommunications or multimedia communications sessions over a conventional call signaling protocol is employed in one embodiment through the provision of a database which includes resource records linked together by user which include an email address and corresponding URIs, the retrieval of a corresponding URI upon the generation of a session invitation which identifies its target recipient by email address, the transmitting of the session invitation to the retrieved URI, and notifying the target recipient by sending a message to the email address used to generate the session invitation. | 2015-11-26 |
20150341394 | METHOD AND SYSTEM TO ENHANCE PERFORMANCE OF A SESSION INITIATION PROTOCOL NETWORK AND ITS ELEMENTS - In accordance with at least one embodiment of the present invention, a communication apparatus includes a communication unit configured to send and receive messages on a network. Each message has a message header configured to include a plurality of header fields, where the message header includes a suppression header field that indicates a request to suppress at least one header field in at least one subsequently sent or received message. The communication apparatus is configured to establish a suppressed header field message exchange session with a peer on the network so that at least one subsequent message exchanged between the communication apparatus and the peer is free of at least one suppressible header field. | 2015-11-26 |
20150341395 | Method And System For Location-Based Communication - A method and system for location-based communication. A selection of a source transceiver from a plurality of available transceivers associated with a source may be received. A telephony session may be initiated with the selected source transceiver. A mobile target transceiver may be geographically located. A result of the geographic location regarding the located mobile target transceiver may be provided. The located mobile target transceiver may be connected to the telephony session. | 2015-11-26 |
20150341396 | REGISTERING A TERMINAL INTO A MULTI-SERVICE NETWORK - A system includes a terminal, a wireless access network, an IP telephony network, a core network gateway from the IP telephony network to the public mobile phone network and a network device, which connects the wireless access network to the IP telephony network and adapts the IP telephony network services to be used by utilizing the circuit-switched signaling protocols of the terminal. A location updating request is received from the terminal over the wireless access network. Location updating is performed via a core network gateway. The network device performs user registration to the IP telephony network using a domain name formed by the phone number of the user and the domain name of the network device or the numeric IP address as the address connection to be registered and as location data in the IP telephony network. | 2015-11-26 |
20150341397 | DATA SHARING SYSTEM AND METHOD - A method and computing system for defining an unrestricted web-based space on a computing device for sharing media content within a social network. The unrestricted web-based space is accessible by non-users of the social network. First media content is received from a first user of the social network. The first media content is shared within the unrestricted web-based space. The first user is enabled to provide location information concerning the unrestricted web-based space to a non-user of the social network. | 2015-11-26 |
20150341398 | DYNAMIC COMMUNICATION LINK MANAGEMENT FOR MULTI-USER CANVAS - A method includes determining where multiple users are interacting with a canvas via user devices, identifying two users that are interacting proximate to each other on the canvas via their user devices, and establishing a communication mechanism between the two users. | 2015-11-26 |
20150341399 | SERVER AND METHOD OF PROVIDING COLLABORATION SERVICES AND USER TERMINAL FOR RECEIVING COLLABORATION SERVICES - A server, method and apparatus for providing collaboration services are provided. The server includes: at least one memory comprising computer executable instructions; and at least one processor configured to process the computer executable instructions to provide a screen comprising a first area for displaying a video of a user and a second area for providing an editable document, and configured to receive a selection corresponding to a point in time of the video and provide the editable document in a state that corresponds to the selected point in time of the video or receive a selection of an edit of the editable document and reproduce the video from a point in time corresponding to the selected edit. | 2015-11-26 |
20150341400 | Ink for a Shared Interactive Space - Techniques for ink for a shared interactive space are described. According to various embodiments, a shared interactive space is presented on devices for different users that are participating in a communication session with one another Ink content applied by a particular user to an instance of the shared interactive space is propagated to other instances of the shared interactive space. According to various implementations, a shared interactive space is invocable in different ways. For instance, different user-initiated invoke events can cause a shared interactive space to be presented, such as while a communication session is in progress. | 2015-11-26 |
20150341401 | SERVER AND METHOD OF PROVIDING COLLABORATION SERVICES AND USER TERMINAL FOR RECEIVING COLLABORATION SERVICES - A server, method and apparatus for providing collaboration services are provided. The server includes a memory configured to store computer executable instructions, and a processor configured to process the computer executable instructions to provide a screen including a first area displaying a video of a user and a second area displaying an editable document. The processor is further configured to process the computer executable instructions to receive a selection of a point in time of the video, and provide the editable document in a state corresponding to the selected point in time of the video. | 2015-11-26 |
20150341402 | SYSTEMS AND MEHTODS FOR PROVIDING AN INTERACTIVE COMMUNITY THROUGH DEVICE COMMUNICATION - A wave device is disclosed. The wave device may include one or more memory devices storing instructions and one or more processors configured to execute the instructions to receive a unique identifier associated with a community and generate a communication including the unique identifier associated with the community and enabling a second wave device to join the community. The one or more processors may be further configured to transmit the communication to the second wave device based on geographic proximity to the second wave device, and share information with the second wave device based on the second wave device joining the community. | 2015-11-26 |
20150341403 | SERVER APPARATUS, DISPLAY APPARATUS, SYSTEM, AND CONTROLLING METHODS THEREOF - Systems, apparatuses and methods for a service providing method are provided. The service providing system includes a display apparatus configured to transmit a request signal for a parameter required for moving image reproduction to a server apparatus, and the server apparatus configured to transmit the parameter parsed from a moving image stream to the display apparatus in response to the request signal for the parameter being received from the display apparatus, and transmit the moving image stream to the display apparatus in response to a moving image request signal being received from the display apparatus. The display apparatus receives the parsed parameter from the server apparatus and stores the received parsed parameter, and the display apparatus reproduces the moving image stream based on the stored parameter in response to the moving image stream being received | 2015-11-26 |
20150341404 | METHOD AND APPARATUS FOR TRANSMITTING STREAMING MEDIA DATA - The present invention discloses a method and an apparatus for transmitting streaming media data and relates to the field of multimedia communication technologies. The method includes: receiving a data request sent by a user equipment UE, where the data request is used to request a media presentation description MPD file from a streaming media server; if the UE does not support a dynamic adaptive steaming over the Hypertext Transfer Protocol HTTP DASH technology, forwarding the data request to the streaming media server, and receiving the requested MPD file that is delivered by the streaming media server according to the data request; and acquiring DASH streaming media data from the streaming media server according to the MPD file, and sending the DASH streaming media data to the UE, where a rate at which the DASH streaming media data is transmitted matches a bit rate selected from the MPD file. | 2015-11-26 |
20150341405 | SYSTEM AND METHOD FOR ROUTING MEDIA - The system and method for streaming media to a viewer and managing the media comprises an enhanced service routing processor (ESRP), a real time switch management system (RTSMS), a name routing processor (NRP), and a managed media switch (MMS). The RTSMS has a reservation system. The ESRP receives media from an owner, manages the media according to media rules and order rules defined by the owner, and distributes the media to one or more switches, such as the MMS, according to the media rules and the order rules. The RTSMS is configured to receive the media rules and to receive a viewer's media request via the reservation server. The reservation system of the RTSMS processes the media request according to the media rules and builds a reservation for the requested media. The RTSMS generates the reservation to the viewer and to the NRP. The NRP receives the reservation data from the viewer and from the RTSMS. The NRP processes the reservation data and locates an MMS that can stream the media to the viewer. The NRP transmits the IP address of the MMS to the viewer and transmits the reservation data to the MMS. The viewer initiates a session or connection with the MMS using the reservation number. If the reservation data from the viewer matches the reservation data from the NRP, the MMS streams the media to the viewer. | 2015-11-26 |
20150341406 | Multimedia Digital Content Retrieval, Matching, and Syncing Systems and Methods of Using the Same - The present invention relates to a multimedia digital content retrieval, matching, and syncing systems and methods of using the same. Specifically, the present systems and methods provide a peer-to-peer live digital portal that lets users share the experience of multimedia content from multiple multimedia services in real-time. | 2015-11-26 |
20150341407 | SYSTEM, METHOD, AND COMPUTER PROGRAM PRODUCT FOR MEDIA PUBLISHING REQUEST PROCESSING - A system, method, and computer program product for publishing transcoded media content in response to publishing service requests from end users. A user request for media content, is processed intelligently, either by directing the processing of the request to one of a set of transcoding servers so as to effectively balance the load among the servers, or by directing the processing of the request to an appropriate alternative means for satisfying the request. Transcoding tasks can be prioritized. Moreover, the current load on any particular transcoding server can be monitored in conjunction with determination of the load to be created by a transcoding task, in order to facilitate server selection. Transcoding can be performed on-demand or in a batch mode. Alternatively, a request can be satisfied by distributing media content that has already been transcoded and is resident in cache memory in anticipation of such requests. | 2015-11-26 |
20150341408 | CONTENT REPLACEMENT IN DOWNSTREAM STREAM PLAYER - When a downstream stream player is streaming content being played on a main radio station, the streaming content can be altered to substitute a different song than the one being played on the main radio station, even if there is a significant difference between the length of the song being played on the main radio station and the substituted song being played on the downstream stream player. After the substituted song has been played, the downstream stream player can resume streaming content from the main radio station. Substitution of the song on the downstream stream player can be performed by using a variable buffer delay, which essentially allows the downstream stream player to substitute different length songs by increasing or decreasing a delay between the play-out of the main station and the play-out of the downstream station. | 2015-11-26 |
20150341409 | SYSTEM AND METHOD FOR ROUTING MEDIA - The system and method for streaming media to a viewer and managing the media comprises an enhanced service routing processor (ESRP), a real time switch management system (RTSMS), a name routing processor (NRP), and a managed media switch (MMS). The RTSMS has a reservation system. The ESRP receives media from an owner, manages the media according to media rules and order rules defined by the owner, and distributes the media to one or more switches, such as the MMS, according to the media rules and the order rules. The RTSMS is configured to receive the media rules and to receive a viewer's media request via the reservation server. The reservation system of the RTSMS processes the media request according to the media rules and builds a reservation for the requested media. The RTSMS generates the reservation to the viewer and to the NRP. The NRP receives the reservation data from the viewer and from the RTSMS. The NRP processes the reservation data and locates an MMS that can stream the media to the viewer. The NRP transmits the IP address of the MMS to the viewer and transmits the reservation data to the MMS. The viewer initiates a session or connection with the MMS using the reservation number. If the reservation data from the viewer matches the reservation data from the NRP, the MMS streams the media to the viewer. | 2015-11-26 |
20150341410 | MEDIA STREAM CUE POINT CREATION WITH AUTOMATED CONTENT RECOGNITION - A media stream cue point creator receives a media stream comprising at least one of an audio portion or a video portion, wherein the media stream lacks at least one indicator of a content segment within the media stream. The media stream cue point creator identifies a first segment of the plurality of segments of the media stream, wherein the segment corresponds to a segment in a segment reference data store, and creates a cue point associated with the first segment, wherein the cue point identifies at least one of a beginning or an end of the first content segment in the media stream. | 2015-11-26 |
20150341411 | Apparatus and Method for Controlling Adaptive Streaming of Media - A method for controlling adaptive streaming of media comprising video content is disclosed. The method comprises the steps of managing a quality representation of the video content according to available resources (step | 2015-11-26 |
20150341412 | Method of Adaptive Downloading of Digital Contents for Several Screens - A method is provided for managing in a local network the adaptive progressive downloading of digital contents by at least one terminal. The terminal is able to simultaneously receive several digital contents to be played back on a screen. The method includes: obtaining an instantaneous downloading bitrate for the at least one terminal; obtaining a priority for each content to be played back on the terminal as a function of a datum relating to the content on the terminal; and requesting downloading of each content according to its level of quality dependent on the priority obtained for the content. | 2015-11-26 |
20150341413 | APPARATUS AND METHOD FOR PROVIDING MEDIA PROGRAMMING - A system that incorporates teachings of the present disclosure may include, for example, receiving a first media stream comprising a first media program by way of a first wireless communication link. Establishment of a second wireless communication link is facilitated with a media processor communicatively coupled to a display device; receiving a request for a second media stream comprising a second media program, wherein the request is received from the media processor by way of the second wireless communication link A transfer is negotiated of operational control of the display device from the media processor to the mobile communication device, and transmitting the second media program to the display device by way of the media processor using the second wireless communication link. Other embodiments are disclosed. | 2015-11-26 |
20150341414 | METHOD AND SYSTEM FOR ACQUIRING WEB PAGES - Acquiring web pages includes acquiring a hypertext transfer protocol (HTTP) request including a first Internet protocol (IP) address, looking up a web page basic framework corresponding to the first IP address, obtaining a plurality of domain names of a plurality of pieces of web page-referenced content corresponding to the first IP address, sending a domain name resolution request to a global load balancer (GSLB), wherein the domain name resolution request includes the plurality of domain names of the plurality of pieces of web page-referenced content, acquiring a plurality of second IP addresses of the plurality of pieces of web page-referenced content, and sending the web page basic framework and the plurality of second IP addresses of the plurality of pieces to a browser. | 2015-11-26 |
20150341415 | DYNAMICALLY UPDATING WEBSITE CONTENT OR WEB SERVICE VIA TEXT MESSAGING - A method is disclosed for dynamically updating the content of a website or a web service via a text message. A text service may receive, at a text phone number, the text message sent by a user from a text device. The text device may have a user phone number. In preferred embodiments, the text service may have a plurality of text phone numbers that may be called by a plurality of users. The text service may produce an action code based, at least in part, on the text message, the text phone number called by the user, the user phone number or some combination thereof. The text service may transmit the action code to one or more hosting servers to alter a website which may then be published. In another embodiment, the text service may transmit the action code to web server(s) that may alter a web service for the user. | 2015-11-26 |
20150341416 | CLOUD MANAGEMENT SYSTEMS AND METHODS FOR EXECUTING APPLICATIONS OF ANDROID SYSTEMS - A cloud management system for executing applications of Android system includes at least one user device and a cloud simulator. The cloud simulator couples to the user device via a network and is arranged for receiving a request from the user device, providing a first virtual phone interface corresponding to the user device to the user device in response to the request, wherein the first virtual phone interface includes respective applications of Android system, receiving an application selection from the user device and performing a first application corresponding to the application selection and returning the execution result for the first application to the user device for displaying via the first virtual phone interface. | 2015-11-26 |
20150341417 | MOBILE DEVICE, CONTROL METHOD THEREOF, MESSAGE SENDING APPARATUS AND MESSAGE SENDING METHOD - Disclosed is a mobile device, a control method thereof, a message sending apparatus and a message sending method. The mobile device includes a wireless communication unit which performs wireless communication via a wireless network; a signal processing unit which processes a signal transmitted/received by the wireless communication unit; a display unit which displays an image based on the signal processed by the signal processing unit; and a control unit which receives a message from a counterpart device, displays the received message on the display unit, remotely accesses a remote device, and controls the remote device to allow the mobile device to access information stored in the remote device. | 2015-11-26 |
20150341418 | METHOD AND SYSTEM FOR CONTROLLING MEDIA INFORMATION DISPLAY ON MULTIPLE TERMINALS - A method of facilitating an operating terminal to control media information displayed on target terminals using a computer server is disclosed. Upon receipt of a search request for target terminals within a local area network from an operating terminal, the computer server identifies a list of online terminals as the target terminals and returns the target terminals to the operating terminal. A user of the operating terminal then generates an operation instruction for controlling media information displayed on the target terminals. In response to the operation instruction, the computer server sends the operation instruction to respective applications running on the target terminals. The respective applications are configured to control the media information displayed on the target terminals in accordance with the operation instruction. | 2015-11-26 |
20150341419 | DEVICE FOR AND METHOD OF TRANSMITTING FILE - A device for transmitting a file comprises a communication unit; an input unit configured to receive a user input for selecting a file to be transmitted to other device; and a controller configured to determine a distance between the device and the other device based on associated information of the other device, determine a transmission method based on the determined distance, and control the communication unit to transmit the file to the other device according to the determined transmission method. | 2015-11-26 |
20150341420 | METHOD AND SYSTEM TO TRANSMIT DATA - In some embodiments, a publication system comprises at least one module which provides, at a publication platform accessible by users via a network, a posting portal to receive entry of data relating to an item or commentary for posting on the publication system. The posting portal includes an interface having a first user interface element to receive the item data or commentary from a user for inclusion in a posting. The module also provides an upload application associated with the interface of the posting portal. The upload application includes a second user interface element to receive from the user, via the second user interface element, a media file for inclusion in the posting. The module also automatically commences transmission of the media file over the network, for inclusion in the posting, in response to a detection that the user has moved away from the first user interface element or moved to the second user interface element. | 2015-11-26 |
20150341421 | SYSTEMS AND METHODS FOR JUST-IN-TIME STATE SHARING - Methods and systems for sharing variable states from an appliance to one or more servers is disclosed. The appliance may identify a script, and identify the variables associated with the script. The variables are shared with the servers so that the servers can execute the script. The script may also be shared with the servers. The script and the variables may be transmitted in-band with other traffic. | 2015-11-26 |
20150341422 | EFFICIENT AND RELIABLE HOST DISTRIBUTION OF TOTALLY ORDERED GLOBAL STATE - An asynchronous distributed computing system with a plurality of computing nodes is provided. One of the computing nodes includes a sequencer service that receives updates from the plurality of computing nodes. The sequencer service maintains or annotates messages added to the global state of the system. Updates to the global state are published to the plurality of computing nodes. Monitoring services on the other computing nodes write the updates into a locally maintained copy of the global state that exists in shared memory on each one of the nodes. Client computer processes on the nodes may then subscribe to have updates “delivered” to the respective client computer processes. | 2015-11-26 |
20150341423 | DISTRIBUTED DYNAMIC ARRANGEMENT OF APPLICATION AGENTS - Autonomous computational processes (“agents”) representing application-specific data items (e.g., representations of real-world entities or events, any-media documents, models, etc.) are provided with application-independent methods and data structures to arrange themselves (according to application specific relationship measures) relative to other such agents even when the agents' ability to sense or communicate with other agents is limited relative to the extent of the overall collection. A continuously executing arrangement decision process executed by each agent modifies the agent's position in the chosen topology (e.g., metric space, graph structure) such that the chosen distance measure between agent positions approximates the relationship structure among the currently available data-items. A separate information exchange process executed by the agents ensures that knowledge about the position and data-item of other agents is made available to the arrangement decision process without requiring high-volume communication. | 2015-11-26 |
20150341424 | PARALLEL COMPUTER SYSTEM AND METHOD FOR CONTROLLING PARALLEL COMPUTER SYSTEM - A parallel computer system includes computing nodes to execute a parallel program for generating computing processes that perform computations and monitoring processes and forming a monitoring hierarchical structure, each monitoring process monitors a monitoring process and a computing process arranged immediately lower than the monitoring process, each of the computing nodes operating as the computing process when the computing process is allocated to the computing node and operating as the monitoring process when the monitoring process is allocated to the computing node. Each of the computing nodes allocated to the monitoring process performs processing that changes the hierarchical structure based on a first target value serving as a target value for the total number of subordinate computing processes of the allocated monitoring process and a second target value serving as a target value for the number of monitoring processes and computing processes arranged immediately lower than the allocated monitoring process. | 2015-11-26 |
20150341425 | MANAGING ACCESS TO DIGITAL CONTENT SOURCES - Access to content may be enabled by receiving an instruction indicating a client request to access content, accessing a list of content sources capable of rendering the content for which access is requested by the client, determining a performance metric for at least two of the content sources, and selecting among the content sources based on the performance metric to identify a content source to be accessed by the client. | 2015-11-26 |
20150341426 | DOCUMENT DISTRIBUTION SYSTEM AND METHOD USING WEBDAV PROTOCOL - A document distribution system and method using a WebDAV protocol. The system includes a WebDAV server and an image forming apparatus configured to scan a document and transmit the scanned document to the WebDAV server by using the WebDAV protocol. The image forming apparatus includes a user interface operable to provide a dialog box including a first user input field to enable a user to designate a Uniform Resource Locator (URL) of the WebDAV server and a second user input field to enable the user to designate a directory of the WebDAV server so as to specify a document storing location within the WebDAV server, the dialog box to provide a connection to the WebDAV server to transmit a document to the WebDAV server using the WebDAV protocol. The image forming apparatus transmits the scanned document to a directory of the WebDAV server designated by using the user interface. | 2015-11-26 |