49th week of 2021 patent applcation highlights part 71 |
Patent application number | Title | Published |
20210385169 | COMMUNICATION APPARATUS GENERATING AND ELIMINATING REDUNDANT DATA PACKETS - Apparatuses, systems, and techniques to eliminate redundant data packets. In at least one embodiment, a communication apparatus generates redundant data packets, and sends them in multiple packet streams. In at least one embodiment, a communication apparatus eliminates redundant data packets from received packet streams. | 2021-12-09 |
20210385170 | SYSTEMS AND METHODS FOR INTELLIGENT THROUGHPUT DISTRIBUTION AMONGST APPLICATIONS OF A USER EQUIPMENT - A method of distributing throughput intelligently amongst a plurality of applications residing at a User Equipment (UE) is provided. The method includes receiving, at the UE, recommended bit rate (RBR) information from a network node, the RBR information indicating a throughput value allocated to the UE, allocating a codec rate from the allocated throughput value to at least one voice over internet protocol (VoIP) application from the plurality of applications, and allocating, from remaining throughput value of the allocated throughput value, a bit rate to each of a plurality of non-VoIP applications from the plurality of applications, based on corresponding throughput requirement associated with the plurality of non-VoIP applications. | 2021-12-09 |
20210385171 | SOFTWARE LOAD BALANCER TO MAXIMIZE UTILIZATION - A load balancer receives a sequence of requests for computing service and distributes the requests for computing service to a computing node in an ordered list of computing nodes until the computing node reaches its maximum allowable compute capability. Responsive to an indication that the computing node has reached its maximum allowable compute capability, the load balancer distributes subsequent requests for computing service to another computing node in the ordered list. If the computing node is the last computing node in the ordered list, the load balancer distributes a subsequent request for computing service to a computing node other than one of the computing nodes in the ordered list of computing nodes. If the computing node is not the last computing node in the ordered list, the load balancer distributes a subsequent request for computing service to another computing node in the ordered list of computing nodes. | 2021-12-09 |
20210385172 | DYNAMIC DISSEMINATION OF INFORMATION TO NETWORK DEVICES - Information may be dynamically disseminated to network devices. In some embodiments, a data structure may be populated with first-type values and second-type values, a first delay time may be assigned to a first value of the first-type values based on the first value being associated with a first priority and a second delay time may be assigned to a second value of the first-type values based on the second value being associated with a second priority, and data structure information may be obtained from the data structure. The data structure information may be delivered such that the delivery of the data structure information to a first network device associated with the first value reflects the first delay time and the delivery of the data structure information to a second network device associated with the second value reflects the second delay time. | 2021-12-09 |
20210385173 | COMMUNICATIONS METHOD, APPARATUS, AND SYSTEM - This application discloses a communications method and related communications apparatus and system. The method includes recovering, by a first node, when detecting that a first packet is lost, the first packet according to a local recovery mechanism. The first packet is a packet obtained based on a packet sent by at least one first terminal to at least one second terminal, and the first node is a node on a network path between each first terminal and a second terminal communicating with the first terminal. The method further includes adding a first identification information related to local recovery, and sending the first packet. This application can reduce a transmission delay and improve transmission efficiency. | 2021-12-09 |
20210385174 | INTERNET OF THINGS DATA TRANSMISSION METHOD AND SYSTEM - Disclosed are an Internet of Things data transmission data and system. The method comprises a downlink transmission step: obtaining first downlink data delivered by an Internet of Things platform; parsing the first downlink data to obtain a target meter of a metering task and a forwarding priority in a first packet; obtaining second downlink data; adding the second downlink data to an asynchronous delivery queue according to the forwarding priority; and delivering the second downlink data to the target meter according to the asynchronous delivery queue, so that the target meter completes the metering task. The present method makes full use of concentrators as intermediate devices while maintaining the integrity of core task data, lowers the channel requirement due to asynchronous execution and is especially suitable for periodic metering tasks. | 2021-12-09 |
20210385175 | USER INTERFACES FOR MESSAGES - In some embodiments, an electronic device presents representations of messaging conversations. In some embodiments, an electronic device indicates which messages are replies to other messages in a messaging conversation. In some embodiments, an electronic device creates and presents links (e.g., rich links) to contacts in a messaging conversation (e.g., “mentions”). In some embodiments, an electronic device presents indications of messages that are replies to other messages. In some embodiments, an electronic device presents options to create a link (e.g., a rich link) to contacts in a messaging conversation (e.g., “mentions”) using a suggested entry user interface element. | 2021-12-09 |
20210385176 | METHOD AND SYSTEM FOR RESOLVING PRODUCER AND CONSUMER AFFINITIES IN INTERACTION SERVICING - A system and a method for processing a message on a processing platform, such as a Kafka processing platform, are provided. The method includes: acquiring a plurality of partitions from the messaging platform; designating a first partition from among the plurality of partitions as a sticky partition; generating a plurality of routing keys that are configured to route messages to the sticky partition; using a first routing key from among the plurality of routing keys to identify a first service subscription; subscribing to a second service using the first routing key; and receiving a message transmitted by the second service. | 2021-12-09 |
20210385177 | INFORMATION PROCESSING APPARATUS AND NON-TRANSITORY COMPUTER READABLE MEDIUM - An information processing apparatus includes a processor configured to: perform control so that processing is executed on content data in accordance with an attribute of a receiver of the content data; and send the content data to the receiver. | 2021-12-09 |
20210385178 | MESSAGING SYSTEM COMPRISING AN AUXILIARY DEVICE COMMUNICATIVELY COUPLED WITH A CLIENT DEVICE - A notification system to display notifications at a client device by performing operations that include: coupling, via a communication pathway, a client device with an auxiliary device, the auxiliary device comprising a receiver configured to receive data packets from a pager network; receiving, at the auxiliary device, a data packet that comprises a reference to a data object; and causing the auxiliary device to transmit the reference to the data object to the client device via the communication pathway. | 2021-12-09 |
20210385179 | REPLY INTERFACE WITH SELECTABLE STICKERS FOR MESSAGING SYSTEM - Aspects of the present disclosure involve a system comprising a computer-readable storage medium storing a program and method for providing a reply interface with selectable stickers for sending in a message. The program and method provide for receiving, by a first device of a first user, a media content item provided by a second device of a second user; determining, in response to receiving the media content item, a set of stickers for displaying with the media content item; and displaying, by the first device, the media content item together with a first reply interface and a second reply interface for sending a reply message to the second device. The first reply interface includes the set of stickers, each of which is selectable by the first user for sending to the second device. The second reply interface includes an input box for sending message content to the second device. | 2021-12-09 |
20210385180 | CONTEXT SENSITIVE AVATAR CAPTIONS - Systems and methods are provided for performing operations including: receiving, by a messaging application, input that selects an option to generate a message using an avatar with a caption; presenting, by the messaging application, the avatar and a caption entry region proximate to the avatar; populating, by the messaging application, the caption entry region with a text string comprising one or more words; determining, by the messaging application, context based on the one or more words in the text string; and modifying, by the messaging application, an expression of the avatar based on the determined context. | 2021-12-09 |
20210385181 | Unsubscribe and Delete Automation - Methods, computer-readable media, software, and apparatuses may assist a consumer in unsubscribing from unwanted mailing list traffic and email based relationships. A consumer's discovered accounts and subscriptions may be listed and displayed to the consumer. For each identified account or subscription, an unsubscribe and deletion action may be determined and automated for the consumer. | 2021-12-09 |
20210385182 | MEDIA OBJECT DISTRIBUTION - A method that comprises receiving at a network connected server from a first client terminal, a message comprising, an user application ID of a user selecting a media object using a user interface presented on a display of the first client terminal and the media object, generating a web document which presents a browser user interface and the media object when accessed by a browser, the web document having a network accessible storage address, sending the network accessible storage address from the network connected server to allow a browser installed in a second client terminal to use of the network accessible storage address to display the media object the browser user interface, identifying a usage of the browser user interface for inputting a reaction to the media object by a user of the second client terminal, and forwarding the reaction to the first client terminal using the sender user ID. | 2021-12-09 |
20210385183 | MULTI-FACTOR AUTHENTICATION FOR ACCESSING AN ELECTRONIC MAIL - Systems and methods for facilitating secure access to email messages based on multi-factor authentication are provided. According to one embodiment, an electronic mail (email) addressed to an email recipient is received by a mail transfer agent (MTA) associated with a mail server. A security policy is assigned to the email by the MTA based on one or both of metadata associated with the email and content of the email. When the security policy calls for multi-factor authentication of the email recipient, the email recipient is caused to be notified regarding existence of the email by the MTA and instructed to complete a multi-factor authentication process in order to access the email. Responsive to successful completion of the multi-factor authentication process, the email is permitted by the MTA to be accessed by the email recipient. | 2021-12-09 |
20210385184 | USER INTERFACES FOR MESSAGES - In some embodiments, an electronic device presents representations of messaging conversations. In some embodiments, an electronic device indicates which messages are replies to other messages in a messaging conversation. In some embodiments, an electronic device creates and presents links (e.g., rich links) to contacts in a messaging conversation (e.g., “mentions”). In some embodiments, an electronic device presents indications of messages that are replies to other messages. In some embodiments, an electronic device presents options to create a link (e.g., a rich link) to contacts in a messaging conversation (e.g., “mentions”) using a suggested entry user interface element. | 2021-12-09 |
20210385185 | COMMUNICATION EXCHANGES AND METHODS OF USE THEREOF - In some embodiments, the instant invention provides for a computer-implemented method that includes the following steps: administering, by a first specifically programed computer system of a communications exchange, an electronic delivery of a first electronic distribution from a first sender to a first recipient, where the mediating includes: receiving from a first source of a plurality of sources, a first electronic distribution of the first sender, receiving from the first sender, a plurality of sender attributes of the first sender and a plurality of sender rules of the first sender that define how electronic distributions of the first sender to be delivered; receiving the plurality of recipient attributes of the first recipient and the plurality of recipient rules of the first recipient; matching the first electronic distribution of first sender to the first recipient; transmitting, the first electronic distribution of first sender to first channel of the first recipient. | 2021-12-09 |
20210385186 | COMMUNICATING SINGLE-ADDRESS REPLY MESSAGES TO ALL ADDRESSES OF RECIPIENTS OF A GROUP MESSAGE - Implementations set forth herein relate to subjecting a message to a group rule that causes any message, in a message thread that includes the message, to include certain addresses, regardless of the addresses that are incorporated, by a user, into an address field of a reply message. The group rule can reduce a number of messages that are not provided to a group of intended recipients because of message originators omitting the intended recipients on important messages. Furthermore, this can reduce a number of messages that are sent to compensate for certain reply messages not being received by all intended recipients. A group rule can be modified by any recipient that does not desire to be included in the group rule, and a group rule can expire when one or more conditions are satisfied, thereby causing certain messages to no longer be subject to the group rule. | 2021-12-09 |
20210385187 | METHOD AND DEVICE FOR PERFORMING DOMAIN NAME RESOLUTION BY SENDING KEY VALUE TO GRS SERVER - This application discloses a method and a device for performing domain name resolution by sending a key value to a GRS server, and relates to the field of mobile communications, to ensure proper business running on an electronic device, ensure network security, and protect user privacy. A solution is as follows: After receiving an input of a user, the electronic device may obtain a key value and an identifier in response to the input, where the identifier may be an IP address or a domain name. In this case, the electronic device may send the key value to a GRS server identified by the identifier, so that the GRS server performs domain name resolution to return the IP address. Based on the returned IP address, the electronic device can access a resource on a server identified by the IP address, to provide the business service for the user. | 2021-12-09 |
20210385188 | Communication Between a Controller and a Controlled Device Over a Wireless Network - A method of communication between a controlled device and a controller over a 3GPP wireless network performed at a source interface device. The method comprises: splitting ( | 2021-12-09 |
20210385189 | APPLICATION AND NETWORK SLICE SECURITY PROFILE MAPPING FOR SECURE TUNNELING - A mobile network gateway receives, from a user equipment device (UE), a session request for a session between the UE and an application hosted by a hosting device, where the session request includes an application identifier (ID) associated with the application. The mobile network gateway identifies a network slice of a mobile network based on the application ID and an ID associated with the UE, and retrieves a security profile from memory based on the application ID and the identified network slice. The mobile network gateway establishes a secure tunnel between the gateway and the hosting device using the retrieved security profile, and forwards data units associated with the requested session between the UE and the hosting device via the secure tunnel. | 2021-12-09 |
20210385190 | USER SECURITY CREDENTIALS AS AN ELEMENT OF FUNCTIONAL SAFETY - An industrial safety architecture integrates employee identity and enterprise-level security policy into plant-floor functional safety systems, allowing control and safety systems on the plant floor to regulate safe interactions with hazardous controlled machinery based on user identity or role. The architecture leverages existing employee identity and security policy data maintained on the corporate level of an industrial enterprise to manage identity- and/or role-based control and safety on the plant level. Safety authority systems at both the corporate level and the plant level of the industrial enterprise obtain employee and security policy data from corporate-level systems and provides this data in as SIL-rated manner to industrial control and safety systems on the plant floor, where the identity and security policy information is used by functional safety systems to control access to industrial systems as a function of user identity, role, certifications, or other qualifications. | 2021-12-09 |
20210385191 | Reliable Data Transfer Protocol for Unidirectional Network Segments - A unidirectional transfer protocol allows data to be transmitted from a non-secure network into a secure network. A non-secure gateway may receive data and/or information, intended for the secure network, from one or more devices. The gateway may fragment the data and/or information into smaller chunks and transmit the chunks to a secure gateway via a unidirectional communication channel. The secure gateway may verify the chunks using one or more rules and reassemble the chunks when the data is validated. The reassembled data may be sent across a secure network enclave. The unidirectional transfer protocol may provide a hardware-agnostic solution for transmitting data over a unidirectional communication channel. | 2021-12-09 |
20210385192 | ACCESS TO HOME OPERATOR SERVICES WITH SEPARATE WIRELESS NETWORK - Certain aspects of the present disclosure provide techniques for accessing home operator services with the home subscription using radio access from a subscription on a separate operator. A method that may be performed by a user equipment (UE) includes obtaining a data connection with a first wireless network based on a first subscription, obtaining a tunnel connection with a gateway of a second wireless network through the data connection based on a second subscription associated with the second wireless network, and communicating with the second wireless network through the tunnel connection using the data connection. | 2021-12-09 |
20210385193 | METHOD FOR CONFIGURING DEVICE RESOURCES BASED ON NETWORK IDENTIFICATION AND SYSTEM THEREFOR - A method for configuring resources at an information handling system may include determining, during initialization, a wide area network (WAN) Internet Protocol (IP) address associated with the information handling system, and retrieving a list of trusted IP addresses from a storage location at the information handling system. The method may further include configuring a first resource at the information handling system to operate in a first state in response to determining that the WAN IP address is included at the list of trusted IP addresses, and configuring the first resource at the information handling system to operate in a second state in response to determining that the WAN IP address is not included at the list of trusted IP addresses. | 2021-12-09 |
20210385194 | SYSTEM AND METHOD FOR USING PRIVATE NATIVE SECURITY GROUPS AND PRIVATE NATIVE FIREWALL POLICY RULES IN A PUBLIC CLOUD - A system and method for using private native security groups and private native firewall policy rules for a private cloud computing environment and a public cloud computing environment uses a public cloud gateway for routing data traffic between at least a cloud network created in the public cloud computing environment and the private cloud computing environment. For each of some private native firewall policy rules that has any of newly created private native security groups as one of source and destination, a cloud native security group (CNSG) rule object with an CNSG outbound rule object and an CNSG inbound rule object for the public cloud is created and at least one of the CNSG outbound rule object and the CNSG inbound rule object is updated so that the private native firewall policy rule can be used in the cloud network. | 2021-12-09 |
20210385195 | SELECTIVE TRANSPORT LAYER SECURITY ENCRYPTION - A device may transmit a packet for communicating via a tunnel. The packet may be associated with a protocol. The device may determine that the packet has been dropped by a security device. The device may selectively encrypt, after determining that the packet has been dropped, the packet using a null encryption for transport layer security (TLS) or a combination of encryption associated with the protocol and TLS encryption to generate an encrypted packet. The device may transmit the encrypted packet for communicating via the tunnel. | 2021-12-09 |
20210385196 | Privacy Preserving Uni-directional Communication Device - In an industrial system, a data capture apparatus can be configured to operate as a unidirectional communication connection between a private network and a public network. The data capture apparatus can be further configured to collect raw data from the private network. The raw data can define a data distribution. The data capture apparatus can be further configured, based on the data distribution of the raw data, to generate anonymized or synthetic data that represents the raw data. The anonymized data can be transmitted over the unidirectional communication connection to a receiver machine of the data capture apparatus. In some cases, the receiver machine can send the anonymized data to an analysis system within the public network, such that the raw data can be analyzed by the analysis system, based on the anonymized data that represents the raw data, without the analysis system obtaining the raw data. | 2021-12-09 |
20210385197 | METHODOLOGY FOR BLINDED MESSAGING - Systems and methods for “blinded” messaging, wherein, a user can draft and send targeted communications to groups of other users having specific characteristics selected by the sending user, but the identification of the recipients is not provided to the sender. The system also permits the recipients to respond or engage in interact discussion with the sender, again without revealing any personal or identifying information about the recipient in question. This preserves anonymity and protects privacy. The systems and methods may be implemented in the context of a career or educational opportunity on-line services platform, which matches candidates to opportunities such as schools or jobs. Providers of such positions may also create on the platform career pathway profiles that are linked together to create an emergent, organic web of career paths for students and job-seekers to research and browse. | 2021-12-09 |
20210385198 | COMPUTING SYSTEM WITH INTELLIGENT DATA PROVENANCE - A computing system can engage in intelligent data provenance with a data storage device connected to a host as part. The data storage device can have a provenance module that employs a trust circuit to maintain a chain of title ledger where the chain of title ledger logs a provenance of the data storage device since the data storage device was manufactured. | 2021-12-09 |
20210385199 | METHOD AND SERVER FOR AUTHENTICATION USING CONTINUOUS REAL-TIME STREAM AS AN AUTHENTICATION FACTOR - The present invention discloses a method and a server for authentication adaptive to a secured application. The method comprising encrypting a part of continuous streams of random real-time data using a user's public key to form a first encrypted data when the request is received from a first entity, transmitting the first encrypted data to the first entity, wherein the first entity communicates the first encrypted data to a second entity, receiving a second encrypted data from the second entity, wherein the second encrypted data is created by decrypting the first encrypted data using a user's private key and encrypting the decrypted data using the user's private key, authenticating the second encrypted data received from the second entity by comparing data decrypted from the second encrypted data with the part of continuous streams of random real-time data stored in the authentication server and initiating action based on authentication. | 2021-12-09 |
20210385200 | BLOCKCHAIN-BASED SERVICE DATA ENCRYPTION METHODS AND APPARATUSES - Blockchain-based service data encryption methods and apparatuses are provided wherein by a first derived key is obtained by a node device of a key receiver, the first derived key distributed by a node device of a key distributor, wherein the first derived key is derived from a derived key of the key distributor based on a service data permission type of the key receiver and service data is encrypted based on the first derived key to obtain encrypted service data. The encrypted service data is sent to a blockchain, so that the encrypted service data is recorded in a distributed database of the blockchain after the blockchain performs consensus verification on the encrypted service. Because the derived key of the key distributor can decrypt the service data encrypted by the first derived key, the key distributor can decrypt, monitor, and manage service data uploaded by the key receiver. | 2021-12-09 |
20210385201 | SYSTEMS AND METHODS FOR SECURE MULTI-PARTY COMMUNICATIONS USING APROXY - Embodiments extend protocols for secure communication between two parties to allow a party to securely communicate with multiple parties using a single message. For example, the sending party can determine a unique shared secret for each recipient and encrypt data for a recipient using a session key generated from the corresponding shared secret. The encrypted data can be combined into a single message, and each recipient can decrypt only the subset of the message that it is authorized to. | 2021-12-09 |
20210385202 | SECURE WIRELESS COOPERATIVE BROADCAST NETWORKS - Cryptographically secure data communications between layered groups of devices in a wireless cooperative broadcast network encrypts datagrams twice prior to transmission by a source device, first using an inner layer key that is shared by a first group of devices, and second using an outer layer key that is shared by a second group of devices; the devices of the first group being members of the second group. Received datagrams are recovered by first decrypting with the outer layer key and second decrypting with the inner layer key. | 2021-12-09 |
20210385203 | ENCAPSULATED ENCRYPTED PACKET HANDLING FOR RECEIVE-SIDE SCALING (RSS) - Example methods and computer systems for encapsulated encrypted packet handling for receive-side scaling (RSS). One example may comprise a first computer system performing encryption and encapsulation on a first inner packet to generate a first encapsulated encrypted packet that includes (a) a first security protocol header and (b) a first outer header configured based on a first security association (SA). The first encapsulated encrypted packet may be forwarded to cause receive-side processing using a first core of a second computer system based on the first outer header. The first computer system may further perform encryption and encapsulation on a second inner packet to generate a second encapsulated encrypted packet that includes (a) a second security protocol header (b) a second outer header configured based on a second SA. The second encapsulated encrypted packet may be forwarded to cause receive-side processing using a second core based on the second outer header. | 2021-12-09 |
20210385204 | ACOUSTIC SIGNAL-BASED AUTHENTICATION TO A CONTENT DELIVERY PLATFORM - Acoustic data in an acoustic signal broadcasted by a subscriber device is received at a content presentation device. The acoustic data may include an authentication token that is generated by a content delivery platform for authenticating the content presentation device to the content delivery platform and content privilege information for a content consumer. The authentication token and the content privilege information are decoded from the acoustic data. A validation request that includes the authentication token is transmitted by the content presentation device to the content delivery platform to authenticate the content presentation device to the content delivery platform. In response to the content presentation device being authenticated by the content delivery platform, the content privilege information is transmitted by the content presentation device to the content delivery platform to obtain access to at least one category of multiple categories of program content segments from the content delivery platform. | 2021-12-09 |
20210385205 | ESTABLISHING A TRUSTED SESSION WITH A SMART SPEAKER - A trusted session is to be established between a smart speaker and a computer server. The computer server may receive an instruction to initiate a trusted session with the smart speaker. The instruction includes an indication of an account linking token for linking a first and second account associated with the smart speaker and the computer server, respectively. The computer server generates a session token and sends it to the smart speaker for acoustic signalling. The acoustic signal is captured by a mobile device and used to reconstruct the session token. The computer server receives the reconstructed session token along with identifying information from the mobile device. The computer server system uses the identifying information to confirm that the mobile device is associated with the second accord. Upon so confirming, the computer server may establish a trusted session between the first smart speaker and the computer server system. | 2021-12-09 |
20210385206 | METHOD AND SYSTEM FOR BLOCKCHAIN BASED CYBER PROTECTION OF NETWORK ENTITIES - A system and method for controlling authorization to a protected entity are provided. The method includes: receiving an access request for access to the protected entity, wherein the access request is received from a client device; in response to the access request, causing the client device to perform an admission process that includes performing at least one game; monitoring a distributed database to identify at least one admission transaction designating admission criteria; determining if the admission criteria satisfy a set of conditions for accessing the protected entity; identifying, on the distributed database, completion results of the at least one game, wherein whether the admission criteria satisfies the set of conditions for accessing the protected entity is determined based on the results of the at least one game; and granting access to the protected entity by the client device when the admission criteria satisfies the set of conditions. | 2021-12-09 |
20210385207 | CROSS-PLATFORM SINGLE SIGN-ON ACCESSIBILITY OF A PRODUCTIVITY APPLICATION WITHIN A SOFTWARE AS A SERVICE PLATFORM - A Cross-Platform Single Sign On (CP-SSO) experience is provided herein to enable users to access multiple services via a single login when working across different platforms. A user may work across different platform when using multiple devices, when using multiple browsers on a single device, or when an integrated application requires a separate login for access within a host web application or portal service. A proxy token service manages login requests and authentication tokens after a given service has been logged into once by a user, so that the user does not need to provide login credentials on subsequent requests for the given service. By enabling a CP-SSO experience, network efficiency is improved, and the user experience is also improved as users do not need to supply authentication credentials as frequently and may freely choose to use multiple platforms instead of limiting usage to a single platform. | 2021-12-09 |
20210385208 | SYSTEMS AND METHODS FOR CREDENTIALS DISTRIBUTION - A method by a management server is described. The method includes receiving a credentials request from a requesting management node. The credentials request includes a public key of the requesting management node. The method also includes determining whether the management server has credentials encrypted for the requesting management node in a local cache. The credentials are encrypted using the public key of the requesting management node and cannot be decrypted by the management server. The method further includes sending the encrypted credentials to the requesting management node when the management server has the encrypted credentials. The requesting management node can decrypt the encrypted credentials using a private key. | 2021-12-09 |
20210385209 | INFORMATION COMMUNICATION METHOD, INFORMATION COMMUNICATION SYSTEM AND METHOD - An information communication method and an information communication system are capable of securely using user information. An information communication method includes a step of uniquely setting a first network address authenticated by a certificate authority in a terminal device in advance. The method also includes uniquely setting a second network address authenticated by the certificate authority in a server in advance and associating the first network address with user information. The method further includes making a communication connection between the terminal device and the server, in which the server refers to the user information. | 2021-12-09 |
20210385210 | SYSTEMS, METHODS, AND STORAGE MEDIA FOR ABSTRACTION AND ENFORCEMENT IN AN IDENTITY INFRASTRUCTURE - Systems, methods, and storage media for abstraction and enforcement of protected resources in an identity infrastructure are disclosed. Exemplary implementations may: identify one or more protected resources for one or more identity domains of an identity infrastructure; receive, at the identity infrastructure, a dataflow pertaining to first identity data for a first identity domain; request the first identity session based at least in part on the first identity data; receive a request to access a first protected resource of the one or more protected resources; accept the first identity session by the first protected resource; and provide the first user access to the first protected resource. | 2021-12-09 |
20210385211 | SYSTEM AND METHOD FOR GENERATING AND USING DIGITAL TIME TOKENS - Systems and methods for generating one or more digital tokens for transmission among users is disclosed. The method comprises the steps of connecting a user to a computer based system via a set of login credentials. Further, the user is allowed to select one or more digital tokens to be sent to other users. Further, one or more users are selected as recipients. A value is determined for the one or more tokens to be sent to the other users. Furthermore, a set of content is input into a message associated with the one or more tokens. The tokens along with the message are transmitted from one user to the other. Upon successful transmission, the method updates one or more account balances for the one or more users and/or recipients. | 2021-12-09 |
20210385212 | SYSTEM AND METHOD FOR ASSESSING AUTHENTICITY OF A COMMUNICATION - Disclosed is a method and system for assessing the authenticity of a communication. The method comprises receiving data of the communication by the processor between one or more participants. Further, extracting one or more features by the processor from the data by using data extraction techniques. Further, comparing the one or more features by the processor with predefined threshold features stored in a feature repository. Further, generating, one or more authenticity attributes by using one or more trained Artificial Intelligence (AI) models applied over the one or more features, along with results of the comparing. Each of the one or more authenticity attributes generates a recommendation output, providing the authenticity of the communication. | 2021-12-09 |
20210385213 | DEVICE-TO-DEVICE AUTHENTICATION METHOD AND PROGRAM BASED ON VIRTUAL AUTHENTICATION CODE - A device-to-device authentication method based on a virtual authentication code is provided. The method includes transmitting a first code, receiving a second code reflecting an authentication result for the first code from a verification device, wherein the second code includes a hash value and role information for the client device generated by the verification device based on the first code, generating a third code that is the virtual authentication code, based on the first code and the second code; and transmitting the third code to at least one second device related to the role information. | 2021-12-09 |
20210385214 | PREAUTHORIZED DOMAIN JOIN - Disclosed are various approaches for preauthorizing the joining of a client device to a domain managed by a cloud-based directory service. An authorization token can be generated prior to a client device joining the domain. The authorization token can be subsequently installed on a client device at an OEM facility. When a user first logs into the client device, the client device can send the authorization token to the cloud-based directory service in lieu of administrative credentials to prove that the client device has been previously authorized to join the domain. | 2021-12-09 |
20210385215 | METHOD AND SYSTEM FOR CONTEXT AWARE FRICTIONLESS AUTHENTICATION BASED ON AUTHENTICATION SCORES - Described embodiments provide systems and methods for context aware frictionless authentication. A server may determine authentication method information, contextual scores and contextual weights of a device, in connection with a user request to access a resource via the device. The authentication method information may include a weight and a completion duration for each of a plurality of authentication methods available via the device. The server may determine an authentication score for each of the plurality of authentication methods using the authentication method information, the contextual scores and the contextual weights of the device. The server may identify a first authentication method from the plurality of authentication methods, according to the determined authentication score. The server may authenticate the user request via the first authentication method using a first device that supports the first authentication method. | 2021-12-09 |
20210385216 | PERSONAL IDENTITY SYSTEM - A service provider may offer an identity proofing service that can be used to generate verifiable credentials (VCs) with customer-selected attributes. The VCs may use cryptographic signatures to indicate proof of identity certified by, for example, a telecommunications service provider. After a one-time process to obtain the VCs and associate them with a shell identity, the customer with a client device may use the VCs as a form of authentication for relying parties in a two-way (e.g., peer-to-peer) authentication process. | 2021-12-09 |
20210385217 | ASSISTED THIRD-PARTY PASSWORD AUTHENTICATION - Disclosed herein are system, method, and apparatus for assisted third-party password authentication. The method performed at a client device includes creating a secure connection from an inline frame associated with a first application on the client device to an authorization server for accessing a second application. The method includes identifying, by the inline frame, one or more events that represent inputs for a user authorization credential, and proxying, by the inline frame, the identified one or more events to the authorization server using the secure connection. The method includes receiving an authorization code from the authorization server in response to the proxying. The method includes redirecting, by the inline frame, the authorization code to the application on the client device. The method includes transmitting, from the client device to the authorization server, the authorization code to receive an access token for accessing the second application. | 2021-12-09 |
20210385218 | SECURITY PROTECTION AGAINST THREATS TO NETWORK IDENTITY PROVIDERS - Disclosed embodiments relate to systems and methods for security protection against threats to network identity providers. Techniques include identifying a first request from a client for access to a secure network resource; redirecting the client to an identity provider. The identity provider may be configured to authenticate the client and provide the client with data signed using a first identity provider key. Further techniques include identifying a second request from the client, the second request including a doubly-signed version of the data, verifying the doubly-signed version of the data using a second identity provider key corresponding to the first identity provider key and a second client key corresponding to the first client key; and allowing, conditional on a result of the verifying, the client to access the secure network resource. | 2021-12-09 |
20210385219 | METHOD AND SYSTEM FOR DATA SECURITY WITHIN INDEPENDENT COMPUTER SYSTEMS AND DIGITAL NETWORKS - A system and method for authentication, authorization, and access management based on personally identifiable information and data sets pertaining to individual identity and its attributes within independent computer systems and digital networks. | 2021-12-09 |
20210385220 | BASIC SERVICE SET (BSS) COLOR-BASED CONTAINMENT AND MITIGATION - Operation of a wireless network access point (AP) to communicate with a first set of one or more wireless client devices using a wireless protocol in which spatial reuse of channels is supported via at least a dynamically configurable basic service set (BSS) identifier of the wireless AP. The BSS identifier is utilized to identify overlapping BSSs (OBSSs). A first set of one or more wireless client devices communicate using a wireless protocol in which spatial reuse of channels is supported via at least a dynamically configurable BSS identifier of the wireless AP. The BSS identifier is utilized to identify OBSSs. Unauthorized network activity is detected based on the BSS identifier and a received BSS identifier associated with the received transmissions. A dynamic adjustment is made to one of the BSS identifiers of the AP or the received BSS identifier in response to detected unauthorized network activity. | 2021-12-09 |
20210385221 | PROVISIONING RESOURCES FOR ACCESS BY AN UNTRUSTED COMPUTER NETWORK - A system securely provisions a resource for access by computing systems of an untrusted network. The provisioning is performed securely such that at no stage during the process the computing systems of the untrusted network have direct access to the computing systems of the trusted network. The system creates a temporary network connected to the trusted network and provisions the requested resource in the temporary network. The system connects the temporary network to the trusted network for provisioning of the resource. The system disconnects the trusted network from the temporary network before connecting the untrusted network to the temporary network for providing access to the resource. | 2021-12-09 |
20210385222 | IDENTITY MANAGEMENT CONNECTING PRINCIPAL IDENTITIES TO ALIAS IDENTITIES HAVING AUTHORIZATION SCOPES - A principal database is described in which each entry includes one principal identity, and one or more alias identities that may each have an authorization scope. Principal identity attributes include a principal identifier and login credentials, and alias identity attributes include an authorization scope and login credentials. Responsive to successfully authenticating the user for a first application (a multiple-identity application), based on the alias identity login credentials, an access token containing both the alias identity attributes and the principal identity attributes is transmitted to the first application, causing the first application to grant a scope of access based on the authorization scope. Responsive to a request to authenticate the user for a second application (a single-identity application), the access token is transmitted to the second application without re-authenticating the user, causing the second application to grant a scope of access based on the principal identifier. | 2021-12-09 |
20210385223 | DATA ISOLATION IN BLOCKCHAIN NETWORKS - Implementations of this specification include receiving a synchronization request from a light-weight node of the blockchain network including an identity of the light-weight node; identifying one or more permissions associated with the identity of the light-weight node; determining an original world state structure associated with the block height and including a plurality of account records; identifying based on the one or more permissions, a subset of the plurality of account records that are authorized for access by the light-weight node; generating an isolated world state structure based on the original world state data structure including only the subset of the plurality of account records that are authorized for access by the light-weight node; sending a response to the light-weight node that includes the isolated world state data structure. | 2021-12-09 |
20210385224 | METHOD AND SYSTEM FOR AUTHENTICATION DATA PASSING - Described embodiments provide systems and methods for sharing authentication data between devices for access to application or web resources. The access manager on a first device may receive a first request for a credential maintained at the first device. The credential may be to access a resource via a second device. The access manager may initiate, responsive to the request, a second request for an approval at the first device or the second device. The access manager may access, responsive to receiving the approval, the credential from a secure store. The secure store may securely maintain information of a plurality of credentials. The access manager may transmit the credential to the second device to authenticate a user to access the resource. | 2021-12-09 |
20210385225 | COMPUTERIZED DEVICE AND METHOD FOR AUTHENTICATING A USER - The invention relates to a device and a method for authenticating a user utilizing an internet access client ( | 2021-12-09 |
20210385226 | SYSTEMS AND METHODS FOR CONTINUOUS AUTHENTICATION - In some aspects, a method for revoking access to a network application on a client device. The method includes establishing, by a client application on a client device responsive to authenticating a user, access to one or more network applications of one or more first servers of a first entity via an embedded browser of the client application, receiving, by the client application, a notification from a second server of a second entity that access for the user to a network application of the one or more network applications is to be revoked, and performing, by the client application responsive to the notification, one or more revoking actions based at least on a policy. | 2021-12-09 |
20210385227 | Method and Apparatus For Information exchange Over a Web Based Environment - Traditional information sharing will delete a file in order for stop sharing the file, and after shared a message, the message cannot be stopped for sharing. This invention discloses method and system for user posting (sharing) or un-posting (stop sharing) files, folders, and messages by deploying dynamic workspace technology. The stop sharing file or folder will not delete actual file or folder, so that the file or folder can be shared again to other users without requiring to recreate the file or folder. The un-post message operation facilitates a user to delete or withdraw his/her previously posted message from user interface (UI) of a recipient such that the user can avoid embarrassing if the message is not proper. Specially, a sharing control list is provided to user to control stop sharing files, otherwise, the user may do not remember how many files being shared with how many recipients. | 2021-12-09 |
20210385228 | METHOD, APPARATUS, AND COMPUTER PROGRAM PRODUCT FOR SELECTIVELY GRANTING PERMISSIONS TO GROUP-BASED OBJECTS IN A GROUP-BASED COMMUNICATION SYSTEM - Embodiments of the present disclosure provide methods, systems, apparatuses, and computer program products that provide for an improved, more efficient, and more stable system of networked computing devices. The embodiments disclose an apparatus and system that enable client devices to selectively grant to third party applications permissions to access group-based communication objects of a group-based communication system. The apparatus and system further enable client devices to selectively grant to third party applications permissions to take specific actions with regards to the group-based communication objects within the system. To accomplish the improvements, the disclosed systems, apparatuses, and computing devices maintain a record of the permissions granted to third party applications in a permissions table stored in a computer storage device. The permissions table may be modified to expand the permissions granted to the third party application without requiring a new authentication process that issues a new authenticating token. Further, third party applications are installed at a group level and not at a user level within the system, which increases system stability and efficiency. | 2021-12-09 |
20210385229 | DEVICE ZONING IN A NETWORK GATEWAY DEVICE - The disclosure is directed to a network gateway device (“gateway”) that provides various network management features, including a device zoning feature in which client computing devices (“client devices”) connected to the gateway are assigned to different device zones. The client devices connected to the gateway form a local area network (LAN) of the gateway, and can access an external network, e.g., Internet, using the gateway. Each of the device zones has a specific set of network access privileges. Different device zones can have different network access privileges and can provide device isolation in the LAN at different degrees. | 2021-12-09 |
20210385230 | Agentless Security Services - There is disclosed in one example a computing apparatus, including: a hardware platform including a processor, a memory, and a network interface; and instructions encoded within the memory to instruct the processor to: receive an incoming packet via the network interface; extract from the incoming packet a source port and a source internet protocol (IP) address; correlate the source port and source IP to a device identifier (ID); receive a network policy for the device ID; and apply the network policy to the incoming packet. | 2021-12-09 |
20210385231 | DISTRIBUTED DATA AUTHENTICATION AND VALIDATION USING BLOCKCHAIN - An electronic device of a content producer generates a chunk of data, associates a location-independent name with the chunk of data, generates a signature for the chunk of data, attaches the signature to the chunk of data, and transmits the chunk of data, with the signature attached, to one or more user devices in response to respective requests. The signature is generated based on the data in the chunk, using a private key of the electronic device. The electronic device also stores information, including a specification of a public key associated with the private key, in a first ledger entry of a blockchain, to provide the one or more user devices with access to the public key. A user device may obtain the public key and use it to verify the chunk of data. | 2021-12-09 |
20210385232 | INNOCENT UNTIL PROVEN GUILTY (IUPG): ADVERSARY RESISTANT AND FALSE POSITIVE RESISTANT DEEP LEARNING MODELS - Techniques for providing innocent until proven guilty (IUPG) solutions for building and using adversary resistant and false positive resistant deep learning models are disclosed. In some embodiments, a system, process, and/or computer program product includes storing a set comprising one or more innocent until proven guilty (IUPG) models for static analysis of a sample; performing a static analysis of content associated with the sample, wherein performing the static analysis includes using at least one stored IUPG model; and determining that the sample is malicious based at least in part on the static analysis of the content associated with the sample, and in response to determining that the sample is malicious, performing an action based on a security policy. | 2021-12-09 |
20210385233 | TARGET AWARE ADAPTIVE APPLICATION FOR ANOMALY DETECTION AT THE NETWORK EDGE - Customized DL anomaly detection models and generated and deployed on disparate edge devices. Configuration-related information is fetched from the edge devices and, based on the configuration/capabilities of the edge device, at least one master deep learning-based anomaly detection model is selected, which are customized based on the configuration/capabilities of the edge device. Customization involves limiting the volume of the predictors/variables and optimizing the iterations used to determine anomalies and/or make predictions. The customized models are subsequently packaged in edge device-specific formats, such as a customized set of binaries in C language or the like. The resulting customized DL anomaly detection application is subsequently deployed to the edge device where it is executable without the need for specialized hardware or communication with network entities, such as cloud nodes or servers. | 2021-12-09 |
20210385234 | DYNAMIC REMOTE BROWSING - A method for an electronic device for managing one or more browsing tabs of a browsing sessions is provided. The method receives a request for a browsing tab. The method determines whether to process the request for the browsing tab locally on the electronic device based on one or more parameters associated with at least one of the electronic device or a destination associated with the request. When it is determined to process the request locally, the method performs the browsing tab locally on the electronic device. However, when it is determined not to process the request locally, the method sends the request for the browsing tab to a remote server to perform the browsing tab remotely on the remote server. | 2021-12-09 |
20210385235 | SECURITY ANALYSIS ASSISTANCE APPARATUS, SECURITY ANALYSIS ASSISTANCE METHOD, AND COMPUTER-READABLE RECORDING MEDIUM - A security analysis assistance apparatus | 2021-12-09 |
20210385236 | SYSTEM AND METHOD FOR THE AUTOMATED DETECTION AND PREDICTION OF ONLINE THREATS - A method for monitoring online security threats comprising of a machine-learning service that receives data related to a plurality of features related to internet traffic metrics, the service then processes said data by performing operations selected from among: an operation of ranking at least one feature, an operation of classifying at least one feature, an operation of predicting at least one feature, and an operation of clustering at least one feature, and as a result the machine learning service outputs metrics that aid in the detection, identification, and prediction of an attack. | 2021-12-09 |
20210385237 | SYSTEMS AND USER INTERFACES FOR DYNAMIC AND INTERACTIVE INVESTIGATION OF BAD ACTOR BEHAVIOR BASED ON AUTOMATIC CLUSTERING OF RELATED DATA IN VARIOUS DATA STRUCTURES - Embodiments of the present disclosure relate to a data analysis system that may automatically generate memory-efficient clustered data structures, automatically analyze those clustered data structures, automatically tag and group those clustered data structures, and provide results of the automated analysis and grouping in an optimized way to an analyst. The automated analysis of the clustered data structures (also referred to herein as data clusters) may include an automated application of various criteria or rules so as to generate a tiled display of the groups of related data clusters such that the analyst may quickly and efficiently evaluate the groups of data clusters. In particular, the groups of data clusters may be dynamically re-grouped and/or filtered in an interactive user interface so as to enable an analyst to quickly navigate among information associated with various groups of data clusters and efficiently evaluate those data clusters in the context of, for example, a fraud investigation. | 2021-12-09 |
20210385238 | Systems And Methods For Anomaly Detection - Systems and methods for anomaly detection are described. One aspect includes defining a computing device group comprising a plurality of networked computing devices. The networked computing devices are associated with a computer network. One or more statistical parameters associated with the computing device group are calculated. A set of communication data associated with a networked computing device is received. An operating point geometric distance of the networked computing device relative to the one or more statistical parameters is computed. This operating point geometric distance is based at least in part on the set of communication data. An anomaly is detected based on the operating point geometric distance. | 2021-12-09 |
20210385239 | METHODS AND APPARATUS FOR ANOMALY DETECTION AND RECOVERY - Methods, apparatus, systems and articles of manufacture are disclosed for anomaly detection and recovery. An apparatus to isolate a first controller in an autonomous vehicle includes a first controller to control a reference signal of the autonomous vehicle via a communication bus, a second controller to control the reference signal of the autonomous vehicle when the first controller is compromised, and a message neutralizer to neutralize messages transmitted by the first controller when the first controller is compromised, the neutralized messages to cause the first controller to become isolated from the communication bus. | 2021-12-09 |
20210385240 | LOW-COMPLEXITY DETECTION OF POTENTIAL NETWORK ANOMALIES USING INTERMEDIATE-STAGE PROCESSING - In an embodiment, a computer implemented method receives flow data for a network flows. The method extracts a tuple from the flow data and calculates long-term and short-term trends based at least in part on the tuple. The long-term and short-term trends are compared to determine whether a potential network anomaly exists. If a potential network anomaly does exist, the method initiates a heavy hitter detection algorithm. The method forms a low-complexity intermediate stage of processing that enables a high-complexity heavy hitter detection algorithm to execute when heavy hitters are likely to be detected. | 2021-12-09 |
20210385241 | DETECTION DEVICE AND DETECTION METHOD - A feature calculation unit ( | 2021-12-09 |
20210385242 | METHODS AND SYTEMS FOR IMPLEMENTING A PHISHING ASSESSMENT - A system, method, and computer program product for implementing a phishing assessment of a target computer network that includes a phishing assessment platform for generating parameters for the phishing assessment; generating the phishing assessment parameters includes identifying a target domain name for the phishing assessment; identifying a pseudo domain name based on the target domain name; generating a pseudo web page using one or more features and attributes of an entity; and implementing the phishing assessment using the pseudo domain name and pseudoweb page. | 2021-12-09 |
20210385243 | System and Method for Performing Remote Security Assessment of Firewalled Computer - Methods and systems for scanning an endpoint terminal across an open computer network are disclosed. An exemplary method includes providing a scanner engine in a computer server in communication with an open computer network, and establishing a secure connection across the open computer network between the scanner engine and a scanner agent installed on the endpoint terminal in communication with the open computer network. Commands for collecting data regarding the endpoint terminal are sent from the scanner engine across the secure connection to the scanner agent. The scanner engine then receives the collected data from the scanner agent across the secure connection, analyzes the data to assess a current posture of the endpoint terminal, and determines any updates for the endpoint terminal from the analysis. Updates are sent across the secure connection to the scanner agent for installation on the endpoint terminal, and the secure connection may then be terminated. | 2021-12-09 |
20210385244 | ELECTRONIC CONTROL DEVICE, FRAUD DETECTION SERVER, IN-VEHICLE NETWORK SYSTEM, IN-VEHICLE NETWORK MONITORING SYSTEM, AND IN-VEHICLE NETWORK MONITORING METHOD - A gateway that notifies a fraud detection server located outside a vehicle of information about an in-vehicle network system including an in-vehicle network includes: a priority determiner that determines a priority using at least one of: a state of the vehicle including the in-vehicle network system; an identifier of a message communicated on the in-vehicle network; and a result of fraud detection performed on the message; a frame transmitter-receiver that transmits and receives the message communicated on the in-vehicle network; a frame interpreter that extracts information about the in-vehicle network based on the message received by the frame transmitter-receiver; and a frame uploader that notifies the fraud detection server of notification information including the priority and the information about the in-vehicle network. | 2021-12-09 |
20210385245 | SECURITY SYSTEM FOR DETECTING MALICIOUS ACTOR'S OBSERVATION - A website vulnerability test is performed by automatically checking that a website has not been compromised by malicious third party scripts. A system can test a dynamic behavior of a website that indicates a functional user flow through the website. A set of rules are applied against a log of dynamic behavior of the website, as well as static code of the website, to identify potential compromise by malicious scripts. Some rules can be configured for detecting modification of a third party script, or modified behavior of a third party script, in an attempt to detect security monitoring activity against the script and hide its presence from the security monitoring activity. | 2021-12-09 |
20210385246 | APPARATUS AND METHOD FOR DISTINGUISHING BETWEEN LEGITIMATE AND MALICIOUS BRANCHES OF A SPLIT BLOCKCHAIN - Nodes determine a first measure of difficulty for a first branch of a split blockchain and a second measure of difficulty for a second branch of the split blockchain. The first measure of difficulty is based on a measure of block generation frequency of each node that mined for the split blockchain during a window that comprises blocks of the first branch. The second measure of difficulty is based on a measure of block generation frequency of each node that mined for the split blockchain during a window that comprises blocks of the second branch. One of the first branch and the second branch is identified as a legitimate branch based on a comparison of the first measure of difficulty and the second measure of difficulty. | 2021-12-09 |
20210385247 | Secure Cloud Communication Architecture - A cloud communication architecture addresses shortcomings of traditional security protocols (e.g., SSL/TLS) in cloud computing, providing security for data-in-transit and authenticity of cloud users (CUs) and cloud service providers (CSPs). The architecture also protects the communication channel against attacks such as man-in-the-middle (MITM) (including eavesdropping, sniffing, identity spoofing, data tampering), sensitive information disclosure, replay, compromised-key, repudiation and session hijacking attacks. The architecture includes a high-performance cloud-focussed security protocol. The protocol efficiently utilizes the strength and speed of features such as symmetric block encryption with Galois/Counter mode (GCM), cryptographic hash, public key cryptography, and ephemeral key-exchange, and provides faster reconnection facility for supporting frequent connectivity and dealing with connection trade-offs. Embodiments have enhanced security against the above-noted attacks, and are superior to TLSv1.3 (the latest stable version among the SSL successors) in performance, bandwidth consumption, and memory usage at the server-side. | 2021-12-09 |
20210385248 | SYSTEM AND METHOD FOR SECOND FACTOR AUTHENTICATION TO PERFORM SERVICES - A system and method are disclosed that leverage multi-factor authentication features of a service provider and intelligent call routing to increase security and efficiency at a customer call center. Pre-authentication of customer support requests reduces the potential for misappropriation of sensitive customer data during call handling. A contactless card uniquely associated with a client may provide a second factor of authentication via a backchannel to reduce the potential for malicious third-party impersonation of the client prior to transfer of the call to the customer call center. Pre-authorized customer support calls may be intelligently and efficiently routed directly to call center agents, without incurring further delay. During call handling, call center agents may initiate further client authentication processes, including contactless card authentication requests, over one or more different communication channels for authorizing access to sensitive information or to allay suspicion. | 2021-12-09 |
20210385249 | DATA STORAGE SYSTEM WITH POWERED MOVE ATTACK PROTECTION - A data storage system can consist of a network controller connected to a data storage device and a remote host. An attack mitigation strategy may be generated with an attack module connected to the network controller in response to detected data storage conditions in the data storage device. The attack mitigation strategy can be executed with the attack module by sending separate first and second security queries to the data storage device over time. At least a powered move attack can then be identified based on the second security query. | 2021-12-09 |
20210385250 | MONITORING A PRIVACY RATING FOR AN APPLICATION OR WEBSITE - A method, non-transitory computer readable medium, and policy rating server device that receives a request from a client computing device for one or more privacy ratings. The request identifies at least one application, such as an application installed on the client computing device for example. A policy associated with the identified application is obtained. The obtained policy is analyzed to identify a plurality of key words or phrases associated with use by the at least one application of functionality of, or personal information stored on, the client computing device. One or more privacy ratings are generated based on numerical values assigned to each of the identified key words or phrases, the generated one or more privacy ratings are output to the client computing device in response to the request. | 2021-12-09 |
20210385251 | SYSTEM AND METHODS FOR INTEGRATING DATASETS AND AUTOMATING TRANSFORMATION WORKFLOWS USING A DISTRIBUTED COMPUTATIONAL GRAPH - A system and methods for integrating datasets and automating transformation workflows using a distributed computational graph comprising modules that represent various stages within a data processing workflow. The system detects new datasets and automatically selects or assembles a workflow to process the new data, and integrates new data through a series of identification, transformation, and metadata enrichment pipelines. | 2021-12-09 |
20210385252 | Dynamic, Runtime Application Programming Interface Parameter Labeling, Flow Parameter Tracking and Security Policy Enforcement Using API Call Graph - A multi-API security policy that covers multiple API calls of a transaction is dynamically enforced at runtime, without access to the specification or code of the APIs. Calls made to APIs of the transaction are logged, and the logs are read. Data objects used by the APIs are identified. Specific data labels are assigned to specific fields of the data objects, consistently identifying data fields of specific types. Linkages are identified between specific ones of the multiple APIs, based on the consistent identification of specific types of data fields. An API call graph is constructed, identifying a sequence of API calls made during the transaction. The call graph is used to enforce the security policy, by tracking the flow of execution of the multi-API transaction at runtime, and detecting actions that violate the security policy. Security actions are taken responsive to the detected actions that violate the policy. | 2021-12-09 |
20210385253 | CLUSTER DETECTION AND ELIMINATION IN SECURITY ENVIRONMENTS - Disclosed herein are methods, systems, and processes to detect valid clusters and eliminate spurious clusters in cybersecurity-based computing environments. A cluster detection and elimination model is trained by accessing a dataset with raw data that includes data points associated with computing devices in a network and applying two or more different clustering methodologies independently to the dataset. The resulting cluster detection and elimination model is used to compare two or more clusters to determine whether a cluster from one clustering methodology matches another cluster from another clustering methodology based on centroid locations and shared data points. | 2021-12-09 |
20210385254 | SYSTEMS AND METHODS FOR DEPLOYING CONFIGURATIONS ON COMPUTING DEVICES AND VALIDATING COMPLIANCE WITH THE CONFIGURATIONS DURING SCHEDULED INTERVALS - Deploying configurations on computing devices and validating compliance with the configurations during scheduled intervals. Particular embodiments described herein include computing devices that send a requests to a management platform at different time periods for lists of configurations that are assigned to those computing devices at those different time periods. Received lists include identifiers of the configurations that are assigned to the those computing devices during the different time periods. Local agents on the computing devices use the received lists to determine if each of the configurations in that list are implemented. If a configuration is not implemented on a computing device, the local agent on that computing device implements that configuration or alerts the management platform that the configuration could not be implemented. | 2021-12-09 |
20210385255 | LAWFUL INTERCEPTION CHAIN IN SERVICE PROVIDING NETWORKS - Methods and devices employed in providing lawful interception (LI) by products related to a service session of an LI target as a unique chain. The packets sent to a legal enforcement agency are chained and have shorter headers. The number of packets is reduced by including both intercept-related information (IRI) and content of communications (CC) in the same packet if time-wise appropriate. | 2021-12-09 |
20210385256 | SECURE LAWFUL INTERCEPTION IN NETWORK ELEMENTS - A mechanism is provided that enables hiding identities of a target subscriber that is to be subject of lawful interception, LI, when the intercept access point, IAP, is outside the network operator part of the LI domain. Monitoring of data traffic such as over-the-top, OTT, services is enabled while at the same time hiding LI target identities to a network element, NE, containing the IAP. A secure memory area in the NE is dedicated to the LI functionality necessary to intercept and report interception data to the operator part of the LI domain. The interface between the NE and the operator part of the LI domain is the use of a secure injection channel via which the necessary LI software and target information are conveyed between the NE and the operator part of the LI domain. | 2021-12-09 |
20210385257 | ENRICHED CALLING BASED CALL ROUTING - Systems, methods and apparatuses for implementing enriched calling services for devices may include a first User Equipment (UE) that sends a call request to an IP Multimedia Subsystem (IMS) Core network and a presence server. The IMS core network may determine that the first UE supports enriched calling services and may enable the first UE to perform an enriched calling operation. The IMS core network may forward the call request to a terminating device, such as a second UE and/or a computing device, with the enriched calling operation. | 2021-12-09 |
20210385258 | ENRICHED CALLING BASED CALL TYPE NOTIFICATION - Systems, methods and apparatuses for implementing enriched calling services for devices may include a first User Equipment (UE) that sends a call request to an IP Multimedia Subsystem (IMS) Core network and a presence server. The IMS core network may determine that the first UE supports enriched calling services and may enable the first UE to perform an enriched calling operation. The IMS core network may forward the call request to a terminating device, such as a second UE and/or a computing device, with the enriched calling operation. | 2021-12-09 |
20210385259 | SYSTEM FOR PROVIDING EFFICIENT DELIVERY OF MEDIA CONTENT TO THE MASSES - A system for providing efficient delivery of media content to the masses is disclosed. In particular, the system may include receiving requests for content from a plurality of user devices. The system may then include synchronizing fulfillment timeframes for delivering the content based on a preset time interval. In response to the requests, the system may deliver the content, such as via a satellite network, to a storage device, such as, but not limited to, a digital video recorder, a video-ready-access device equipped with a satellite receiver and antenna, a digital subscriber line access multiplexer equipped with a satellite received and antenna, or any combination thereof, based on the preset time interval. The system may then include causing the storage device to deliver the requested content to the plurality of user devices via a wireless network communicatively linked to the plurality of user devices. | 2021-12-09 |
20210385260 | SYSTEMS AND METHODS FOR ESTABLISHING A SHARED AUGMENTED REALITY SESSION - Methods and systems of establishing a shared augmented reality session between a first computing device and a second computing device are disclosed. The first and second computing devices perform proximity device discovery using a first data communication technology. The first and second computing devices then perform real-time network communication using a second data communication technology. Once the real-time network communication is established, the first and second computing devices perform coordinate space synchronization using the second data communication technology. | 2021-12-09 |
20210385261 | AUTOMATIC AD-HOC MULTIMEDIA CONFERENCE GENERATOR - Aspects of the subject disclosure may include, for example, a method including steps of determining, by a processing system including a processor, a topic in a social media stream, offering, by the processing system, a conference concerning the topic, wherein said offer is made in the social media stream, receiving, by the processing system, acceptances to participate in the conference, and hosting, by the processing system, the conference. Other embodiments are disclosed. | 2021-12-09 |
20210385262 | INFORMATION PROCESSING SYSTEM, INFORMATION PROCESSING METHOD, AND RECORDING MEDIUM RECORDING INFORMATION PROCESSING PROGRAM - An information processing system includes: a reception processor which receives a display request for displaying a display screen of a first user terminal on one or a plurality of display devices, from the first user terminal of a first user among a plurality of users participating in a conference; a specifying processor which specifies a first display application for enabling the display screen to be shared by all users participating in the conference, of display applications which can be used in the first user terminal and the one or plurality of display devices, when the display request has been received by the reception processor; and an output processor which outputs a display instruction including information of the first display application specified by the specifying processor, to the first user terminal. | 2021-12-09 |
20210385263 | VIDEO CONFERENCE ENHANCEMENTS FOR EDUCATION - A virtual conferencing system is described for implementing a plurality of user interface configurations for an administrator and for a plurality of users to access via computing devices. The virtual conferencing system includes a user interface configuration for an administrator to place users in a specific location within a virtual environment and provide users with visual and audio feedback. The virtual conferencing system also includes a virtual breakout room configuration for the administrator to distribute a subset of users into breakout rooms and access each breakout room simultaneously. The virtual conferencing system also includes a virtual waiting room configuration for the administrator to place users within a waiting room including an audio and visual element for any desired amount of time. | 2021-12-09 |
20210385264 | SYSTEMS AND METHODS FOR PROVIDING AUDIO-VIDEO STREAMS WITH ALTERNATIVE CONTENT - Systems, devices, and methods for providing alternative content in audio-video streams are disclosed. A manifest data structure including data reflective of a plurality of content segments is generated. At least one alternative content indicator, each indicating one of said plurality of content segments as being an alternative content segment is obtained. The manifest data structure is modified to remove data reflective of those of said plurality of content segments that are not indicated by said one of said alternative content indicators as being an alternative content segment. Upon receiving a request from a client device to view alternative content, the modified manifest data structure is sent to the client device. | 2021-12-09 |
20210385265 | METHOD, APPARATUS, AND DEVICE FOR DETERMINING QUALITY OF AUDIO AND VIDEO STREAM, AND COMPUTER-READABLE STORAGE MEDIUM - A method for determining quality of an audio and video stream includes: obtaining a key indicator for a target audio and video stream, the key indicator including at least one of the following indicators within a reference time period: a maximum quantity of continuously lost packets, an average packet receiving time interval, an average packet receiving time interval variance, or a quantity of stream interruptions; and determining a QoE of the target audio and video stream based on the key indicator. | 2021-12-09 |
20210385266 | ARTIFICIAL INTELLIGENCE BASED IMAGING SYSTEMS AND METHODS FOR INTERACTING WITH INDIVIDUALS VIA A WEB ENVIRONMENT - Artificial intelligence-based systems and methods are described for interacting with individuals via a web environment. A provisioning server is configured to receive a request from a web browser, executing on a client device, for a predefined imaging code stored in a memory of the provisioning server. The provisioning server responds to the request by transferring the predefined imaging code to the web browser. The predefined imaging code is configured to be executed by the client device to load, into a memory of the client device, one or more images of an individual; and determine, based on image analysis of the one or more images of the individual, one or more personal attributes of the individual. | 2021-12-09 |
20210385267 | FILE CONTAINERIZATION AND MANAGEMENT - This disclosure is directed to embodiments of systems and methods for containerizing files and managing policy data applied to the resulting containers. In some of the disclosed embodiments, a computing system determines that a file stored in storage medium is to be included in a container to be sent to at least one computing component associated with a device including a user interface. The computing system determines that the file is of a particular type and also determines code that can be used to access files of the particular type. The computing system combines the file and the code into the container such that container is configured to be executed by the at least one computing component so as to cause content of the file to be presented by the user interface. The computing system then sends the container to the at least one computing component. In some implementations, the container may further include policy information defining at least one of whether, how, where, when, or by whom the file can be accessed using the code. A communication link may be established between the computing system and the container at the at least one computing component and an instruction may be sent via the communication link that causes a change to the policy information. | 2021-12-09 |
20210385268 | METHODS AND SYSTEMS FOR DE-CENTRALIZED DATA SHARING WITH ENFORCED DATA USAGE CONTROL FOR CROSS-PARTY DATA ANALYTICS - Systems and methods for controlling data usage in a distributed environment among multiple entity domains. A method include steps of: receiving, in a local entity domain, a data consuming application comprising or identifying at least a first analytics task, wherein the first analytics task processes data inputs to produce first output data; determining availability of the data inputs; interpreting data usage policies, or data control policies, to determine atomic actions to be executed, wherein at least one of the data usage policies indicates that one of the data inputs for the first analytics task must remain in a remote entity domain; and executing the atomic actions, wherein the atomic actions include dispatching the first analytics task to the remote entity domain for remote execution of the first analytics task and receiving the first output data of the first analytics task from the remote entity domain. | 2021-12-09 |