04th week of 2017 patent applcation highlights part 64 |
Patent application number | Title | Published |
20170026369 | AUTHENTICATION OF A USER DEVICE USING TRAFFIC FLOW INFORMATION - A device may receive traffic flow information that includes user device identifiers. The device may receive, from a user device accessing an application associated with a third party service, an authentication request to authenticate the user device with a third party device that provides the third party service. The request may include a session token that identifies a session, an application identifier that identifies the application, and a user device identifier that identifies the user device. The device may determine to authenticate the user device based on whether the user device identifier matches one of the user device identifiers included in the traffic flow information. The device may provide, to the third party device, the session token and an indication of whether the user device has been authenticated to permit the third party device to allow or deny access to the third party service. | 2017-01-26 |
20170026370 | Authenticating Communications - The method of authenticating the source of a communication is disclosed. The method includes executing a clock for an operation period. The method also includes receiving a communication from a remote device at a communication time corresponding to a time interval of a plurality of time intervals sequentially covering the operation period. Each time interval has an associated authentication value. The communication includes a commitment value. The method also includes determining whether the commitment value matches the authentication value associated with the time interval corresponding to the communication time. The method also includes processing the communication when the commitment value matches the authentication value associated with the time interval corresponding to the communication time. The authentication value associated with the time interval corresponding to the communication time includes a hash digest of a hash function applied to the authentication value associated with a sequentially subsequent time interval. | 2017-01-26 |
20170026371 | User Equipment Credential System - A user equipment in a communications system, the user equipment comprising: a memory arranged to store at least one identifier associated with the user equipment; a transceiver arranged to communicate with a node in the communication system, wherein the transceiver is arranged to receive the at least one identifier from the node in the communications system, wherein the at least one identifier is used by the user equipment to authenticate the user equipment to at least one further node in the communications system. | 2017-01-26 |
20170026372 | COMMON INTERNET FILE SYSTEM PROXY AUTHENTICATION OF MULTIPLE SERVERS - Techniques are described for a proxy system to provide a client device with transparent access to multiple network file servers. The proxy system may appear to the client device as a single network file server. The proxy may be configured to forward requests received from the client device to multiple servers as well as provide responses from the server back to the client. Further, the proxy system may authenticate itself, as the client, to each of the multiple network servers using authentication credentials supplied by the client. After prompting a user to submit credentials to establish a session with a first network server, the proxy system may send a session timeout error code, prompting the client to submit a fresh authentication request used by the proxy system to establish a session with a second network server. | 2017-01-26 |
20170026373 | COMMUNICATION RELAY DEVICE, COMMUNICATION NETWORK, AND COMMUNICATION RELAY METHOD - A communication relay device that is situated between a corresponding communication node and a bus in a communication network in which a plurality of communication nodes mutually perform a data communication through the bus. A storage configured to store therein pieces of identification information that are likely to be included in data transmitted by the corresponding communication node. A processor configured to perform first authentication processing between the communication relay device and a management device that is connected to the bus, and to perform second authentication processing according to a result of comparing identification information included in data transmitted by the corresponding communication node with the pieces of identification information stored in the storage. A transceiver configured to report, to the management device, a result of the second authentication processing when the first authentication processing has been successful. | 2017-01-26 |
20170026374 | SYSTEM AND METHOD FOR PROXYING FEDERATED AUTHENTICATION PROTOCOLS - A system and method that include receiving a service provider identity request through a federated authentication protocol; transmitting a proxy identity request to a configured identity provider; receiving an identity assertion; facilitating execution of a second layer of authentication; determining a proxy identity assertion based on the identity assertion and the second layer of authentication; and transmitting the proxy identity assertion to the service provider. | 2017-01-26 |
20170026375 | SECURE ONLINE GAMING REGISTRATION SYSTEM WITH PRIVACY CONTROLS - An online gaming registration system allows online gaming patrons to register once and use this registration to create online gaming accounts with gaming Web sites, thereby avoiding having to show proof of residency, age and other requirements set by regulatory entities multiple times. Residency rules and other requirements vary from one jurisdiction to another and the present invention addresses some of the issues that arise from this. An online gaming Web site receives a login from an online player over the Internet. The site determines that the player has an account with the online gaming site and that the account is linked to an online gaming registration system account. The online gaming site receives claims-based data relating to the online player and accepts the player as verified for online gaming at the gaming Web site. | 2017-01-26 |
20170026376 | AUTHORIZATION DELEGATION SYSTEM, CONTROL METHOD, AUTHORIZATION SERVER, AND STORAGE MEDIUM - An authorization delegation system includes a resource server that provides a service and an authorization server that performs authorization delegation for authorizing a cooperation server, which is a client apparatus, access to user data that the resource server has based on authorization information. The authorization server receives an authorization delegation request for requesting the authorization delegation, and retrieves a refresh token based on the received authorization delegation request. Additionally, the authorization server determines whether or not the retrieved refresh token is valid, and if it is determined that the refresh token is valid, invalidates the refresh token. | 2017-01-26 |
20170026377 | RESOURCE MANAGEMENT IN A PRESENTATION ENVIRONMENT - Aspects of the present disclosure are directed toward managing resources in a presentation environment. Aspects are directed toward collecting, using a set of monitoring devices, context information with respect to a presentation. Aspects are also directed toward determining, based on the context information for the presentation, a subject matter group and a set of access rules for the set of network devices. Aspects are also directed toward identifying, based on the subject matter group, a first set of resources. Aspects are also directed toward establishing, based on the set of access rules and the first set of resources, a first subset of the first set of resources for the set of network devices of the presentation environment. | 2017-01-26 |
20170026378 | CLUSTERED FILESYSTEMS FOR MIX OF TRUSTED AND UNTRUSTED NODES - A cluster of computer system nodes share direct read/write access to storage devices via a storage area network using a cluster filesystem. At least one trusted metadata server assigns a mandatory access control label as an extended attribute of each filesystem object regardless of whether required by a client node accessing the filesystem object. The mandatory access control label indicates the sensitivity and integrity of the filesystem object and is used by the trusted metadata server(s) to control access to the filesystem object by all client nodes. | 2017-01-26 |
20170026379 | PROXY AUTHORIZATION OF A NETWORK DEVICE - Some methods enable a first device to assist a second device in becoming authenticated with a content management system. The content management system can receive user credentials or an elevated access token from the first device. The content management system can respond to the first device with an access token for use by the second device. Alternatively, the content management system can send the access token directly to the second device. The second device can then use the access token for authenticated communications with the content management system. | 2017-01-26 |
20170026380 | METHOD AND SYSTEM FOR SECURE AUTHENTICATION - A method and system for accessing a resource associated with a resource control entity that includes receiving, by a ledger, a request, corresponding to a user, to access the resource; obtaining, in response to the request, user metadata; sending to the user a ledger authentication token, which a credential application uses to verify that the ledger is a valid ledger; receiving, from the credential application, a public key encrypted payload including signature entries; decrypting, by the ledger, the encrypted payload using a payload secret key to obtain the signature entries and other user data; obtaining results of a verification by successively verifying each of the signature entries until a scoring threshold associated with the resource is met, and transmitting, to the resource control entity, a notification including the results of the verification, which the resource control entity uses to determine whether to grant the user access to the resource. | 2017-01-26 |
20170026381 | CONTENT ACCESS VALIDATION SYSTEM AND METHOD - To provide validation information to web publishers indicative of the presence of operational malicious software protection systems on user computing devices, an evaluation system resident on a web publisher server can cause web content, including validation request data, to be transmitted from the publisher server to a computing device. A submission system resident on the computing device can analyze the web content for the validation request data, and can cause the validation information to be transmitted from the computing device to the evaluation system based on the analysis. Upon receiving the validation information, the evaluation system can analyze it to determine the likelihood that content delivered to the computing device will be viewed by a real user (and not by automated computer programs). | 2017-01-26 |
20170026382 | DEVICE MANAGEMENT SYSTEM - A system comprises a policy storage separately located relative to the user device, the policy database arranged to store information indicative of at least one usage policy set applicable to at least one respective user device. The system is arranged to store user device identification information for each user device associated with the system, the user device identification information being indicative of and unique to a user device associated with the system and being stored separately relative to the user device. The system is also arranged to associate a usage policy set with a user device using the device identification information unique to the user device. The system is also arranged to determine a usage request from a user device and to allow or deny the usage request based on the at least one usage policy set associated with the user device. | 2017-01-26 |
20170026383 | Anonymous Application Wrapping - Methods and systems are disclosed for providing approaches to anonymous application wrapping on a mobile device. The methods and systems may include receiving, by a controller service, a request to associate a first application executing on a client device with the controller service, and obtaining, by the controller service, a first application identifier associated with the first application. The methods and systems may also include receiving, by the controller service from an application service, a request for a first service and a conditional application identifier, and configuring, by the controller service and based on the request for the first service, the first application with a second set of one or more policy instructions used to control the first application. | 2017-01-26 |
20170026384 | CONTEXT-BASED ANALYTICS AND INTELLIGENCE - According to some implementations, context-based information is provided. The method can establish a first context for a user to start a process of correlation of information from multiple sources. The method can then authorize the user to access information from one or more sources of information. The method can request the first information from the one or more sources of information based on the first context. Based on the first information received from the one or more sources of information, the method can revise the first context to generate a second context. The method can use the second context to correlate second information from the one or more sources of information. The method can filter the second information for the user to determine a relevant subset of information. Eventually, the method can send the relevant subset of information to a client device associated with the user. | 2017-01-26 |
20170026385 | METHOD AND SYSTEM FOR PROXIMITY-BASED ACCESS CONTROL - A system, method and computer program product for proximity-based access control, including a physical token device having a programmable computing device, a memory storage device, and a wireless radio device having a limited range; and a user device that couples to the physical token device over one of: a wireless interface to the wireless radio device integrated into the physical token, and a physical interface to the physical token with electrical connectivity between the physical token and the user device. The programmable computing device is configured to only allow the user device to access the memory storage device over the wireless or physical interface when the physical token device is either within the limited range of the wireless radio device, or physically attached such that electrical connection is possible, respectively. | 2017-01-26 |
20170026386 | IN-VEHICLE NETWORK SYSTEM, FRAUD-DETECTION ELECTRONIC CONTROL UNIT, AND FRAUD-DETECTION METHOD - In a fraud-detection method for use in an in-vehicle network system including a plurality of electronic control units (ECUs) that exchange messages on a plurality of buses, a plurality of fraud-detection ECUs each connected to a different one of the buses, and a gateway device, a fraud-detection ECU determines whether a message transmitted on a bus connected to the fraud-detection ECU is malicious by using rule information stored in a memory. The fraud-detection ECU transmits an error message including a message identifier of a message determined to be malicious. The gateway device receives updated rule information transmitted to a first bus among the buses, selects a second bus different from the first bus, and transfers the updated rule information only to the second bus. A fraud-detection ECU connected to the second bus acquires the updated rule information and updates the rule information stored therein by using the updated rule information. | 2017-01-26 |
20170026387 | MONITORING ACCESS OF NETWORK DARKSPACE - A system includes one or more “BotMagnet” modules that are exposed to infection by malicious code. The BotMagnets may include one or more virtual machines hosing operating systems in which malicious code may be installed and executed without exposing sensitive data or other parts of a network. In particular, outbound traffic may be transmitted to a Sinkhole module that implements a service requested by the outbound traffic and transmits responses to the malicious code executing within the BotMagnet. Dark space in a network (unused IP addresses, unused ports and absent applications, and invalid usernames and passwords) is consumed by a BotSink such that attempts to access Darkspace resources will be directed to the BotSink, which will engage the source host of such attempts. | 2017-01-26 |
20170026388 | Phishing Training Tool - According to one embodiment, an apparatus is configured to communicate a first plurality of phishing emails to a first plurality of users, each phishing email of the first plurality of phishing emails is of a first type or a second type. The apparatus is configured to determine a first response rate of the first plurality of users to phishing emails of the first type and to determine a second response rate of the first plurality of users to phishing emails of the second type. The apparatus is configured to determine a second plurality of phishing emails comprising phishing emails of the first type and the second type, wherein an aggregate response rate of a second plurality of users to the second plurality of phishing emails is predicted to be closer to a target response rate than one or more of the first response rate and the second response rate. | 2017-01-26 |
20170026389 | PHISHING WARNING TOOL - According to one embodiment, an apparatus includes a memory and a processor. The processor is configured to receive an email and to detect a click of a button that indicates that a user should be warned about the email being a phishing email. In response to detecting the click of the button, the processor can generate a new email and add a deactivated representation of the received email to the new email. The processor may communicate the new email to the user. | 2017-01-26 |
20170026390 | Identifying Malware Communications with DGA Generated Domains by Discriminative Learning - Techniques are presented to identify malware communication with domain generation algorithm (DGA) generated domains. Sample domain names are obtained and labeled as DGA domains, non-DGA domains or suspicious domains. A classifier is trained in a first stage based on the sample domain names. Sample proxy logs including proxy logs of DGA domains and proxy logs of non-DGA domains are obtained to train the classifier in a second stage based on the plurality of sample domain names and the plurality of sample proxy logs. Live traffic proxy logs are obtained and the classifier is tested by classifying the live traffic proxy logs as DGA proxy logs, and the classifier is forwarded to a second computing device to identify network communication of a third computing device as malware network communication with DGA domains via a network interface unit of the third computing device based on the trained and tested classifier. | 2017-01-26 |
20170026391 | SYSTEM AND METHOD FOR THE AUTOMATED DETECTION AND PREDICTION OF ONLINE THREATS - A method for monitoring online security threats comprising of a machine-learning service that receives data related to a plurality of features related to internet traffic metrics, the service then processes said data by performing operations selected from among: an operation of ranking at least one feature, an operation of classifying at least one feature, an operation of predicting at least one feature, and an operation of clustering at least one feature, and as a result the machine learning service outputs metrics that aid in the detection, identification, and prediction of an attack. | 2017-01-26 |
20170026392 | SYSTEM AND METHOD OF DETECTING MALICIOUS MULTIMEDIA FILES - Systems and methods for detection of malicious exploitations in a multimedia file are disclosed. In one embodiment, such an approach includes parsing the compiled bytecode of a multimedia file to detect identified key instructions and determine if such key instructions are repeated in specific patterns that signify the presence of malicious exploitation. The approach may also include examining the contents of the constant pool table in a compiled multimedia file to detect specific shellcode strings that are indicative of presence of malicious exploitation. When the bytecode or the constant pool table indicates that malicious exploitation is present, an approach may be utilized to reduce instances of false positive identification of malicious exploitation. | 2017-01-26 |
20170026393 | METHODS, SYSTEMS AND APPLICATION PROGRAMMABLE INTERFACE FOR VERIFYING THE SECURITY LEVEL OF UNIVERSAL RESOURCE IDENTIFIERS EMBEDDED WITHIN A MOBILE APPLICATION - The present disclosure discloses a method of allowing Web View to verify the security level of a web content and inform the user with regards to the security and blocks web contents that are determined harmful or inappropriate. In one embodiment of the present disclosure, the Web View checks a trusted data source to see if the visited web content has been labeled or flagged as safe or unsafe by initiating a connection to a trusted third-party database using a to determine whether or not the URL is associated with a domain that has been classified or labeled as safe or unsafe. The Web View then informs the user about the security level of the web content through a visual indicator or it can redirect the user to a warning page explaining why access to the site is prohibited, or it can block access without warning. | 2017-01-26 |
20170026394 | IDENTIFYING THREATS BASED ON HIERARCHICAL CLASSIFICATION - A system and a method are disclosed for identifying network threats based on hierarchical classification. The system receives packet flows from a data network and determines flow features for the received packet flows based on data from the packet flows. The system also classifies each packet flow into a flow class based on flow features of the packet flow. Based on a criterion, the system selects packet flows from the received packet flows and places the selected packet flows into an event set that represents an event on the network. The system determines event set features for the event set based on the flow features of the selected packet flows. The system then classifies the event set into a set class based on the determined event set features. Based on the set class, the computer system may report a threat incident on an internetworking device that originated the selected packet flows. | 2017-01-26 |
20170026395 | Extracting forensic indicators from activity logs - A method for computer system forensics includes receiving an identification of a time of occurrence of an anomalous event in a computer network including multiple host computers. Logs of activity of entities in the computer network are collected. A comparison is made between first entries in at least one of the logs collected within a predefined time interval of the time of the occurrence of the anomalous event, and second entries in the at least one of the logs collected outside the predefined time interval. Based on the comparison, a forensic indicator associated with the anomalous event is extracted from the logs. | 2017-01-26 |
20170026396 | SYSTEMS AND METHODS FOR IDENTIFYING INFORMATION RELATED TO PAYMENT CARD BREACHES - Approaches for determining a potential merchant breach are described. A system can acquire card transaction data from one or more sources such as merchants or financial institutions, in some instances at a predetermined time interval. Cards associated with the card transaction data can be analyzed to determine the health of a particular card, including the likelihood that the particular card has been compromised. A set of cards are accumulated, and their associated health data is stored. Based on the information obtained from a source, and the health associated with a set of cards, a potential date where a merchant was breached can be determined and fraudulent purchases can be prevented. | 2017-01-26 |
20170026397 | MONITORING DEVICE MONITORING NETWORK - A monitoring device configured to monitor a network to which plural controllers are connected which includes a decoder configured to extract target data belonging to a target data group from data received from the plural controllers, a first comparator configured to determine whether an immutable part of the target data is known or anomalous, a second comparator configured to determine whether a reception interval of the target data group is normal or anomalous, a third comparator configured to determine whether the number of the target data having been received and included in the target data group is normal or anomalous, and determine whether each reception interval between the target data is normal or anomalous, and a warning counter configured to individually count the number of anomalies determined by the first comparator, the number of anomalies determined by the second comparator, and the number of anomalies determined by the third comparator. | 2017-01-26 |
20170026398 | Identifying anomalous messages - A method for computer system forensics includes receiving an identification of an anomalous message transmitted by a host computer in a computer network comprising multiple host computers. Messages transmitted by the host computers are monitored so as to detect, for each monitored message, a respective process that initiated the message. Responsively to the identification, a forensic indicator is extracted of the respective process that initiated the anomalous message. | 2017-01-26 |
20170026399 | Delaying Phishing Communication - According to one embodiment, an apparatus is configured to store a plurality of phishing scores, each phishing score of the plurality of phishing scores indicating a likelihood that a user of a plurality of users will respond to a phishing email. The apparatus is configured to receive an email, to select a first subset of the plurality of users based on the phishing score of each user in the first subset, and to select a second subset of the plurality of users based on the phishing score of each user in the second subset, wherein each user in the second subset is determined to be more likely to respond to a phishing email than each user in the first subset. The apparatus is configured to communicate the email to the first subset and to communicate the email to the second subset based on the first subset's responses to the email. | 2017-01-26 |
20170026400 | Domain age registration alert - Systems and methods of identifying a security risk by monitoring and generating alerts based on attempts to access web domains that have been registered within a short period of time and are therefore identified as “high-risk,” including identifying an attempt to access a domain; receiving a registration date of the domain; and detecting a security risk based on the registration date of the domain. | 2017-01-26 |
20170026401 | SYSTEM AND METHOD FOR THREAT VISUALIZATION AND RISK CORRELATION OF CONNECTED SOFTWARE APPLICATIONS - A system and method for identifying security threats for software applications in a computing environment and correlating risks of the security threats. An exemplary method includes collecting security issues of target systems in the computing environment, identifying connections of each target system with connection indicating the target system's ability to access an additional system in the computing environment by a software applications, determining a connection weight for each identified connection that indicates the target system's ability to access the additional system using the identified connection, prioritizing the security threats based on the security issues of each target system and the connection weights for each identified connection, and selecting remediation actions based on the prioritization of the security threats. | 2017-01-26 |
20170026402 | DETECTING STORED CROSS-SITE SCRIPTING VULNERABILITIES IN WEB APPLICATIONS - A system for detecting security vulnerabilities in web applications, the system including, a black-box tester configured to provide a payload to a web application during a first interaction with the web application at a computer server, where the payload includes a payload instruction and an identifier, and an execution engine configured to detect the identifier within the payload received during an interaction with the web application subsequent to the first interaction, and determine, responsive to detecting the identifier within the payload, whether the payload instruction underwent a security check prior to execution of the payload instruction. | 2017-01-26 |
20170026403 | ASSESSMENT OF NETWORK PERIMETER SECURITY - A method and system. All Transmission Control Protocol (TOP) and User Datagram Protocol (UDP) ports on a gateway computer at a network perimeter of a network are scanned to determine whether an unauthorized application outside the network perimeter and/or at least one unauthorized service from the unauthorized application is available within the network perimeter via the gateway computer. Penetration tests are executed on the gateway computer to attempt to exploit a vulnerability of the gateway computer as revealed by scanning the ports on the gateway computer. A first component associated with a first respective connection to the network is identified. It is determined that the first component complies with a corresponding industry benchmark for security. A second component associated with a second respective connection to the network is identified. It is determined that the second component complies with a corresponding security policy of a company associated with the network. | 2017-01-26 |
20170026404 | DENIAL OF SERVICE PROTECTION FOR IP TELEPHONY SYSTEMS - A system and method for protecting components of an IP telephony network whereby a protection scheme is enabled upon detection of resource exhaustion within the network that prevents delivery of incoming messages. Resource exhaustion may result from denial of service attacks and/or malfunctions in automated dialing systems. Once a protection scheme is enabled, the system activates mechanisms for identifying calling parties that are suspected of contributing to the resource exhaustion condition. These suspected calling parties may be placed in a blocked sender list, either manually or automatically. Calling parties may be presented with a challenge function in order to determine whether the call is being made by an automated dialing system. The system blocks incoming calls from calling parties identified in the blocked sender list either permanently or for a specified time duration. The protection scheme remains enabled for a specified duration or until the resource exhaustion condition has subsided. | 2017-01-26 |
20170026405 | METHOD AND DEVICE FOR CATEGORIZING A STREAM CONTROL TRANSMISSION PROTOCOL (SCTP) RECEIVER TERMINAL AS A MALICIOUS SCTP RECEIVER TERMINAL - A method and a device are provided for categorizing a Stream Control Transmission Protocol (SCTP) receiver terminal ( | 2017-01-26 |
20170026406 | A Method for Providing a Connection Between a Communications Service Provider and an Internet Protocol, IP, Server, Providing a Service, as well as a Perimeter Network, Comprising the IP Server, and an IP Server Providing the Service - A method of providing at least one communications service provider a connection to an Internet Protocol, IP, server in a perimeter network, the IP server providing a service over a public IP network, the method comprising the steps of detecting, in the perimeter network, an irregularity in IP traffic arriving at the perimeter network over the public IP network, disregarding, in the perimeter network, IP traffic arriving at the perimeter network over the public IP network, and enabling, in the perimeter network, a connection between the IP server and the at least one communications service provider for the service provided by the IP server over at least one private IP network. | 2017-01-26 |
20170026407 | COORDINATED DETECTION AND DIFFERENTIATION OF DENIAL OF SERVICE ATTACKS - According to one embodiment, an analyzer module (AM) within a same protected network and on-premise with a web application server (WAS) detects and distinguishes between types of Denial-of-Service (DoS) attacks. The AM tracks whether test HTTP messages, which include test HTTP request messages that a signal generation module (SGM) is configured to transmit to the WAS and test HTTP response messages that the WAS is expected to transmit in response to the test HTTP request messages, are timely received. The AM is aware of a timeliness that the SGM is expected to transmit the test HTTP request messages and that the WAS is expected to transmit the test response HTTP messages. The AM detects an occurrence of a DoS attack and identifies the type of the DoS attack based upon the result of the tracking indicating that a number of the test HTTP messages have not been timely received. | 2017-01-26 |
20170026408 | DETECTION OF SPOOF ATTACKS ON LOCATION BROADCASTING BEACONS - Spoof attacks on location based beacons are detected. A stream of beacons (e.g., IBEACONS) comprising at least a unique source identifier is generated. The stream of beacons is broadcast over a wireless communication channel to mobile devices within range. A list of broadcasted beacons is stored in a table along with a time and location of broadcast. Subsequent to broadcasting, a stream of beacons is detected. The detected beacon stream comprises a unique source identifier along with a time and a location of broadcast. The unique source identifier, the time and the location of at least one beacon of the detected beacon stream can be compared to the unique source identifier, the time and the location of at least one beacon of the broadcast beacon stream. Responsive to a match between the unique source identifiers and a mismatch of at least one of the time and locations, it is determined that the broadcast beacon stream has been spoofed by the detected beacon stream. Once a spoof has been detected, various remediation actions can be taken, such as sending alerts to admin, cautioning end users, and other security mode procedures. | 2017-01-26 |
20170026409 | PHISHING CAMPAIGN RANKER - According to one embodiment, an apparatus includes a memory and a processor. The memory is configured to store a plurality of phishing scores, each phishing score of the plurality of phishing scores indicating a likelihood that a user will delete a phishing email. The processor is configured to determine that a plurality of phishing campaigns are occurring. For each phishing campaign of the plurality of phishing campaigns, the processor is configured to determine that a plurality of users deleted a phishing email of the phishing campaign and to determine a priority score for the phishing campaign based on the phishing score of each user of the plurality of users. The processor is further configured to rank the plurality of phishing campaigns based on the priority score of each phishing campaign, wherein the phishing campaign of the plurality of phishing campaigns with the highest rank is presented first. | 2017-01-26 |
20170026410 | Phishing Campaign Ranker - According to one embodiment, an apparatus is configured to store a plurality of phishing scores, each phishing score of the plurality of phishing scores indicating a likelihood that a user will respond to a phishing email The apparatus is communicatively coupled to the memory and is configured to determine that a plurality of phishing campaigns are occurring. For each phishing campaign of the plurality of phishing campaigns, the apparatus is configured to determine that a plurality of users responded to the phishing campaign and to determine a priority score for the phishing campaign based on the phishing score of each user of the plurality of users. The apparatus is further configured to rank the plurality of phishing campaigns based on the priority score of each phishing campaign, wherein the phishing campaign of the plurality of phishing campaigns with the highest rank is reviewed first. | 2017-01-26 |
20170026411 | PHISHING SOURCE TOOL - According to one embodiment, an apparatus includes a memory and a processor. The processor is configured to receive a forwarded email and to determine a plurality of keywords in the forwarded email. The processor is further configured to search an email server using the plurality of keywords and to determine that an email message from the plurality of email messages is the original email corresponding to the forwarded email. The processor is also configured to attach a portion of the determined email message to the forwarded email. | 2017-01-26 |
20170026412 | NAT TRAVERSAL FOR LOCAL IP ACCESS - A node is provided that includes a home base station collocated with a local gateway (L-GW) providing access to a local Internet Protocol (IP) network. The node performs an establishment procedure with a security gateway (SeGW), and discriminates a packet. The node uses a first interface configured at the L-GW and a second interface which is configured between the home base station and a gateway for the home base station. The first and second interfaces are tunneled through a same IP security (IPsec) tunnel opened between the home base station and the SeGW. The home base station for the first interface uses a first IP address that is either same as or different from a second IP address used by the home base station for the second interface. The node uses either distinct ranges of Tunnel Endpoint Identifiers (TEIDs) or the first and second IP addresses to discriminate the packet. | 2017-01-26 |
20170026413 | AUTOMATED MULTI-LEVEL FEDERATIO NADN ENFORCEMENT OF INFORMATION MANAGEMENT POLICIES IN A DEVICE NETWORK - Methods, apparatus, systems, and non-transitory computer-readable media for managing a plurality of disparate computer application and data control policies on a computing device, especially a computing device connected to a computer network, are described. In one example, at least one policy distribution point is provided that includes least one policy distribution point including at least one information management policy. A plurality of policy enforcement points, including a first policy enforcement point operating at a first policy enforcement level, and a second enforcement point operating at second policy enforcement level, are also provided. A first policy element to the first policy enforcement point, and a second policy element to the second policy enforcement point, are allocated. A management compartment in computer memory in communication with said computing device including one or more computer applications, data, and metadata specified and controlled by the information management policy is also provided. | 2017-01-26 |
20170026414 | Methods Circuits Devices Systems and Functionally Associated Computer Executable Code for Managing a Data Access Network - Disclosed are methods, circuits, devices, systems and functionally associated computer executable code for managing a data access network. There may be provided a data access network including one or more client access nodes and an internet gateway including a TLS proxy. A network performance boosting appliance may receive data extracted from encrypted communication sessions traversing the gateway in order to boost the data access network's performance. | 2017-01-26 |
20170026415 | System and Methods for Secure Utilization of Attestation in Policy-Based Decision Making for Mobile Device Management and Security - Policy-based client-server systems and methods for attestation in managing and securing mobile computing devices. Attestation provides the means to make efficient, secure, and reproducible use of knowledge possessed by trusted expert parties and authorities within the expression and enforcement of policies for controlling use of, and access to, onboard software and hardware, network capabilities, and remote assets and services. Aspects of secure attestation of applications that use shared and dynamically loaded libraries are presented, as well as potential business models for attestation used in such a policy-based system. The system of the present invention resolves attestation record conflicts using digital certificates and digital signatures. | 2017-01-26 |
20170026416 | AUTOMATED COMPLIANCE CHECKING THROUGH ANALYSIS OF CLOUD INFRASTRUCTURE TEMPLATES - Systems and methods for determining a state of an information technology (IT) environment are disclosed. A server accesses an infrastructure-as-code (IaC) template for the IT environment, where the IT environment is virtualized and cloud-based. The server deconstructs, using a parser for the IaC template, the IaC template to a graph database representation of the IT environment, wherein the graph database representation implements a predefined cloud resource ontology (CRO). The server determines, using the graph database representation, the state of the IT environment. The server provides, as a digital transmission, an output corresponding to the determined state of the IT environment. | 2017-01-26 |
20170026417 | SYSTEMS, METHODS, AND DEVICES FOR SMART MAPPING AND VPN POLICY ENFORCEMENT - Aspects of the embodiments are directed to systems, methods, and computer program products to program, via a northbound interface, a mapping between an endpoint identifier (EID) and a routing locator (RLOC) directly into a mapping database at a mapping system; receive, from a first tunneling router associated with a first virtual network, a mapping request to a second virtual network, the first router compliant with a Locator/ID Separation Protocol, the mapping request comprising an EID tuple that includes a source identifier and a destination identifier; identify an RLOC based, at least in part, on the destination identifier of the EID tuple from the mapping database; and transmit the RLOC to the first tunneling router implementing an high level policy that has been dynamically resolved into a state of the mapping database. | 2017-01-26 |
20170026418 | AUTOMATED GENERATION OF ACCESS CONTROL RULES FOR USE IN A DISTRIBUTED NETWORK MANAGEMENT SYSTEM THAT USES A LABEL-BASED POLICY MODEL - An access control rule authorizing communication between a plurality of managed servers within an administrative domain is determined. Communication information describing past communication between the plurality of managed servers is obtained. A subset of managed servers from the plurality of managed servers is identified by grouping the plurality of managed servers based on the obtained communication information. A group-level label set is determined to associate with the subset of managed servers. Role labels are determined for managed servers in the subset of managed servers. A managed server is associated with one role label. Based on the group-level label set and the role labels, an access control rule is generated authorizing communication between a first managed server of the subset of managed servers and a second managed server. The access control rule is stored as part of an administrative domain-wide management policy. | 2017-01-26 |
20170026419 | SOFT WEBSITE BLOCK OVERRIDE - Methods, systems, and apparatus, including computer programs encoded on computer storage media, for overriding a soft website block. One of the methods includes receiving, from a user device, a request to access a resource, determining, using a first policy group for the user device, that the user device should be prevented from accessing the resource, providing, to the user device and based on determining that the user device should be prevented from accessing the resource, instructions for the presentation of a user interface including a user credentials field, receiving user credentials from the user device, determining that the user credentials are the same as credentials used to log onto the user device, and allowing the user device access to the resource. | 2017-01-26 |
20170026420 | DEVICE-TYPE BASED CONTENT MANAGEMENT - Examples of systems and methods for device-type content management are described herein. In an example, at least one of a community policy and a community-device type policy may be generated. The community policy may be generated for a community defined for an enterprise and may be enforced on a plurality of user devices registered with the community. Further, the device-community policy may be enforced on a user device, from among the plurality of user devices, based on a device-type of the user device. The device-community policy may indicate a management service to be used to realize the community policy. Further, a management service agent (MS agent) may be provided to the user device, based on the management service indicated by the device-community policy. The MS agent may provide for managing enterprise content on the user device as indicated by the community policy. | 2017-01-26 |
20170026421 | APPARATUS AND METHOD FOR SUPPORTING BACK-UP AND RESTORE OF ENVIRONMENT FOR PERFORMING A FUNCTION - An electronic device is provided. The electronic device includes a memory having a first memory area for storing an instruction that provides a normal operating mode and a second memory area for storing an instruction that provides a secure operating mode, and a processor configured to implement a secure mode management module that is configured to receive configuration information associated with the secure operating mode from at least one external electronic device and to store at least one function corresponding to the configuration information in the second memory area. | 2017-01-26 |
20170026422 | System and Method for Using Software Defined Networking in Internet Protocol Multimedia Subsystems - Software Defined Networking (SDN) is used in IMS in order to provide a mechanism to forward (Internet Protocol) IP packets and provide a simplified solution to the complex signaling path of IMS according to directives from an SDN Controller. SDN is used in at least three particular scenarios. In the first scenario, communications are simplified using SDN directed signaling disaggregation. In the second scenario, SDN is used to direct media function chaining. In the third scenario, the system can be used as an SDN based media relay. | 2017-01-26 |
20170026423 | METHOD AND APPARATUS FOR AN I-CSCF TO ASSIGN TO A USER EQUIPMENT A S-CSCF SERVER IN AN IMS SYSTEM - A method for assigning to a terminal device (UE) a service server (SS) carried out by an IS, by any of the SSs, and by the UDB in a cooperative/corresponding manner. A “first reallocation (IS/SS/UDB) procedure” and a “second reallocation (IS/SS/UDB) procedure” are correspondingly performed within the IS, the SS and the UDB. The first reallocation procedure allows, via IS/SS/UDB processing and interactions, storing by the UDB, in relationship with at least one of the user identifiers of a UE, a mark indicating that the UE has been assigned to a replacement SS to substitute another SS that has failed. The second reallocation procedure allows, also via IS/SS/UDB processing and interactions, utilization of the mark to trigger a new SS reallocation of the UE to a SS when the UE sends a subsequent registration message. | 2017-01-26 |
20170026424 | SNAP-IN INVOCATION FOR CALL RECONSTRUCTION - During a Session Initiation Protocol dialog setup, a media gateway or container executes or initiates two or more applications that provide features during a conference call. The applications are applied to messages or data in the conference call based on a sequence order established during the setup of the conference call. The sequence order and the application identities are stored in a shared database. When a failure occurs during the conference call, the applications are reestablished in the reconstructed or reestablished conference call. The application reconstruction includes reinitiating the applications with the same sequence as previously established before the failure. As such, the user has the same features applied in the same way before and after the failure, which improves the systems performance and expected operation. | 2017-01-26 |
20170026425 | METHOD AND APPARATUS FOR ENABLING COMMUNICATIONS BETWEEN USERS - A method and device are provided for creating and utilizing a database which enables ascribing a plurality of communication addresses to each of a plurality of users' entries comprised therein, and wherein each of the plurality of communication addresses is associated with a different communication application, allowing a user who wishes to communicate with another user while applying a certain communication application, to communicate with that other user who uses a different communication application. | 2017-01-26 |
20170026426 | CALL HOLD METHOD AND TERMINAL - Embodiments of the present invention provide a call hold method and a terminal. The method includes: when an originating call of a terminal triggers a CS voice service, sending first indication information to an IMS sublayer by using a CC sublayer, so that the IMS sublayer detects whether an IMS voice session exists; sending signaling to a network if the IMS voice session exists, where the signaling is used to trigger a hold procedure of the INS voice session, so that the IMS voice session is in a hold state; and after the terminal completes establishment of a mobility management connection, establishing, according to second indication information, a second CS session corresponding to the IMS voice session, where the second CS session is in a hold state, thereby avoiding a case of session abnormality. | 2017-01-26 |
20170026427 | Systems and computer program products and methods and media for operating a scalable, private practice tele-consultation service - A scalable social network communication system includes a store-and-forward infrastructure to receive a first-level consultation request from a consultation requestor; a social network coupled to the store-and-forward infrastructure to select and pass the first-level consultation request to a predetermined advisor on the first-level social network, wherein the store-and-forward infrastructure allows the first-level advisor to extract, compile and forward all or portions of the first-level consultation request to next-level advisors located in the same or in a different social network domain to be further resolved, and subsequently integrate and combine all partial returned resolutions into a final compound resolution to be passed back to the original consultation requestor. | 2017-01-26 |
20170026428 | PROMPTING SOCIAL NETWORKING SYSTEM USERS TO PROVIDE ADDITIONAL USER PROFILE INFORMATION - A social networking system presents questions to a user on an interface associated with the social networking system to elicit information about the user that is missing from the user's profile or is otherwise outdated. The questions are selected based on a number of factors, such as the need for or value of the information item, probability of a response, or cost of collecting the information item. In presenting the selected question, the social networking system prompts a user for information about the user in a an interface associated with a page from the social networking system, an application external to the social networking system, or using a push notification or prompt. The questions may be formatted in various ways, such as an explicit question, confirmation, a selection of responses, or social context to encourage the user to respond to the question. | 2017-01-26 |
20170026429 | MEETING SUPPORT APPARATUS, METHOD FOR EXECUTING MEETING SUPPORT PROCESS, AND NON-TRANSITORY COMPUTER-READABLE RECORDING MEDIUM - A method includes reporting area information identifying a predetermined area to the predetermined area, transmitting an application when terminal identification information identifying a terminal is received from the terminal that received the area information, receiving first tag information transmitted in response to an operation performed by the application, retaining the received first tag information, managing second tag information shared in a meeting held by the terminal and another terminal, determining a target share information to be newly shared according to the first tag information and the second tag information, transmitting a proposal proposing that the target share information be shared to the terminal retaining the target share information, and updating the second tag information based on tag information including a tag and importance information of the target share information newly shared in a case of receiving a response from the application indicating that the terminal accepts the proposal. | 2017-01-26 |
20170026430 | Cloud Queue Access Control - Techniques relate to a cloud queue facilitating access to a cloud queue via an authorization token. In an example implementation, a computing system receives, over a network interface from a media playback system, an authorization token corresponding to a cloud queue of media items at the computing system and a request by the media playback system for access to the cloud queue of media items. The computing system determines that the authorization token is valid and in response to the determination, provides, to the media playback system, the requested access to the cloud queue of media items, the providing comprising transmitting information associated with at least one of the media items of the cloud queue. Thereafter, the computing system determines that the media playback system is eligible for a renewed authorization token and, in response, transmits, to the media playback system, the renewed authorization token. | 2017-01-26 |
20170026431 | MULTICAST MECHANISM FOR WIRELESS DEVICES - This disclosure describes methods, apparatus, and systems related to a multicast mechanism. A device may determine a multicast session with one or more multicast devices. The device may determine one or more multicast data frames. The device may determine a conditional block acknowledgment request associated with the one or more multicast data frames. The device may cause to send the one or more data frames to at least one of the one or more multicast devices. The device may cause to send the conditional block acknowledgment request to the one or more multicast devices. | 2017-01-26 |
20170026432 | TRANSMITTING APPARATUS, RECEIVING APPARATUS, AND CONTROL METHODS THEREOF - A transmitting apparatus is provided. The transmitting apparatus includes: an L1 signaling generator configured to generate L1 signaling including first information and second information; a frame generator configured to generate a frame including a payload including a plurality of sub frames; and a signal processor configured to insert a preamble including the L1 signaling in the frame and transmit the frame. The first information includes information required for decoding a first sub frame among the plurality of sub frames. Therefore, a processing delay in a receiving apparatus is reduced. | 2017-01-26 |
20170026433 | INTERNET PROTOCOL BROADCASTING - Methods, apparatuses, and systems are provided for improving utilization of a communications system through various atom-based techniques for enhancing the viewing experience for Internet protocol content. Some embodiments exploit atom-based processing to determine which content atoms to broadcast (e.g., multicast) over which channels to which subscribers. Other embodiments make atom-based filtering, caching, and/or other determinations at the user terminal. For example, low-level (e.g., physical layer) filtering may be used to limit the amount of user-layer processing needed, and to facilitate delivery of content to those users most likely to desire that content. Still other embodiments allow users to create customized channels of cached content for viewing as a shared channel. Embodiments include techniques for addressing synchronization of channel content and viewing, and social networking, for subscribers to the shared channel. The shared channels may be further used to facilitate social networking among subscribers. | 2017-01-26 |
20170026434 | STREAMING MEDIA DELIVERY SYSTEM - Streaming media, such as audio or video files, is sent via the Internet. The media are immediately played on a user's computer. Audio/video data is transmitted from the server under control of a transport mechanism. A server buffer is prefilled with a predetermined amount of the audio/video data. When the transport mechanism causes data to be sent to the user's computer, it is sent more rapidly than it is played out by the user system. The audio/video data in the user buffer accumulates; and interruptions in playback as well as temporary modem delays are avoided. | 2017-01-26 |
20170026436 | STREAMING MEDIA DELIVERY SYSTEM - Streaming media, such as audio or video files, is sent via the Internet. The media are immediately played on a user's computer. Audio/video data is transmitted from the server under control of a transport mechanism. A server buffer is prefilled with a predetermined amount of the audio/video data. When the transport mechanism causes data to be sent to the user's computer, it is sent more rapidly than it is played out by the user system. The audio/video data in the user buffer accumulates; and interruptions in playback as well as temporary modem delays are avoided. | 2017-01-26 |
20170026437 | URL Parameter Insertion and Addition in Adaptive Streaming - A method implemented by a client device for media content streaming. The method includes obtaining a media presentation description (MPD) for the media content, wherein the MPD comprises a uniform resource locator (URL) template for construction of URLs, inserting one or more query parameters in a query string portion of a URL, wherein the query string portion follows a path portion of the URL, wherein the one or more parameters are specified to be inserted in the query string portion of the URL based on the URL template, wherein the one or more parameter values are dynamic, and wherein the one or more parameter values are gathered and provided by the client device, sending a media request comprising the URL to a streaming server, and receiving one or more segments of a media content from the streaming server in response to the media request. | 2017-01-26 |
20170026438 | ADJUSTING NETWORK OPERATIONS BASED ON USER FEEDBACK - A system comprising a broadcast facility, one or more players, and an analytic service center. The broadcast facility may be configured to provide a plurality of streams. The one or more players may be configured to receive at least one of the plurality of streams and provide feedback on a user experience. The analytic service center may be configured to receive the feedback from the one or more players. | 2017-01-26 |
20170026439 | DEVICES AND METHODS FOR FACILITATING VIDEO AND GRAPHICS STREAMS IN REMOTE DISPLAY APPLICATIONS - Source and sink devices are adapted to facilitate streaming of screen content data. According to one example, a source device can capture video data and graphics data for one or more frames. The video data may be transmitted via a first protocol path and the graphics data may be transmitted via a second protocol path, where the second protocol path is different from the first protocol path. The sink device may receive the video data and graphics data, and may render the video data and graphics data for the one or more frames. Other aspects, embodiments, and features are also included. | 2017-01-26 |
20170026440 | HOME AUTOMATION SYSTEM AND METHOD INCLUDING REMOTE MEDIA ACCESS - A device includes a first interface, and a processor. The first interface connects to a wide area network and communicates with a first electronic device via the wide area network. The processor is configured to initiate transmission of a request while the processor is disconnected from a local area network. The processor is configured to initiate transmission of a second request to a second electronic device via the first interface. The second electronic device is located in a facility remote to the residential gateway. The processor is further configured to receive media content sent from the second electronic device responsive to the second request. | 2017-01-26 |
20170026441 | Real-Time Partitioned Processing Streaming - Embodiments related to processing data sets in real-time by using a distributed network to generate and process partitioned streams. Messages are assigned to partition streams. Within each stream, each of a set of processors perform a designated task. Results from the task are transmitted (directly or indirectly) to another processor in the stream. The distributed and ordered processing can allow results to be transmitted while or before the results are stored. | 2017-01-26 |
20170026442 | Sharing Television and Video Programming through Social Networking - In particular embodiments, one or more computer systems of a social-networking system identify a user viewing video content on a first display device, identify the video content being viewed on the first display device by the user, and determine a second display device associated with the identified user. The one or more computer systems of the social-networking system determine an action related to the video content being viewed by the user on the first display device and provide one or more instructions to the determined second display device to display a call-to-action associated with the determined action. | 2017-01-26 |
20170026443 | METHODS, SYSTEMS, AND MEDIA FOR RESUMING PLAYBACK OF MEDIA CONTENT ACROSS MULTIPLE DEVICES - Systems and methods for facilitating cross device resumable media content consumption. In an aspect, a system includes an update component that receives a media statistics update where the media statistics update includes information identifying an account, media content identification information, and a first playback time position associated with media content. A monitoring component is also included that identifies when the account accesses the media content associated with the media content identification information. A resume component is also included that plays back the media content at the first playback time position in response to identifying an access of the media content associated with the account. | 2017-01-26 |
20170026444 | POLICY DRIVEN MEDIA CONSUMPTION FRAMEWORK - Disclosed are various examples of providing a client device with media content based on policies applied to the client devices. A computing device receives a request for media content from a client device. A computing device also receives a device identifier and a current device context from the client device. The computing device identifies a policy applicable to the requested media content based at least in part on the current device context. The computing device then selects a component of the media content to send to the client device based at least in part on the applicable policy. Finally, the computing device sends the selected component of the media content to the client device. | 2017-01-26 |
20170026445 | Selection of Resolutions for Seamless Resolution Switching of Multimedia Content - Systems and methods for the selection of resolutions for seamless resolution switching of multimedia content in accordance with embodiments of the invention are disclosed. In one embodiment of the invention, a source encoder includes a processor configured by a source encoder application to receive multimedia content, where the multimedia content comprises video data having a primary resolution and a primary sample aspect ratio and encode the video data as a set of alternative streams, where a plurality of the streams in the set of alternative streams have different maximum bitrates and resolutions, the resolution of each of the plurality of streams comprises a width and height that are both an integer number of pixels, and both the width and height of each of the plurality of streams is a common fraction of the width and height of the corresponding primary resolution. | 2017-01-26 |
20170026446 | METHODS AND NODES FOR TRANSMISSION OF A SYNCHRONOUS DATA OVER PACKET DATA NETWORK - Methods, system, nodes and computer program for transmission of a synchronous data stream having a bitrate, over an asynchronous packet data network between a transmitter node and a receiver node comprising: packaging, by the transmitter node, the synchronous data stream into data packets, transmitting, by the transmitter node, the data packets onto the asynchronous packet data network with a fixed packet rate defined by a first clock frequency which corresponds to the average distance in time between two consecutive data packets transmitted onto the asynchronous packet data network, which is independent of the bitrate of the synchronous data stream, receiving, by the receiver node, the data packets from the asynchronous packet data network detecting, by the receiver node, the fixed packet rate, and based on the fixed packet rate, regenerating, by the receiver node, the first clock frequency by detection of the distance in time between two consecutive data packets received from the asynchronous packet data network. | 2017-01-26 |
20170026447 | DIRECTORY LIMIT BASED SYSTEM AND METHOD FOR STORING MEDIA SEGMENTS - A system and method for facilitating directory limit based storage scheme for uploading media segments in multiple directories at one or more media servers. Directory limit parametric information may be signaled in an MPD document for enabling a DASH client device to construct URLs based on the received directory parametric information via a modified/extended SegmentTemplate element of the MPD document. | 2017-01-26 |
20170026448 | SENDING A COMMAND WITH CLIENT INFORMATION TO ALLOW ANY REMOTE SERVER TO COMMUNICATE DIRECTLY WITH CLIENT - A process that executes client software in a computer, hereinafter client process, starts execution of at least a portion of server software, hereinafter listener. The client process retrieves from the listener, an identifier of a port in the computer, at which the listener waits to receive one or more messages, which may contain commands. The client process connects to a server process in another computer and sends only to the server process, at least a command and client information that includes at least the port identifier of its listener. Any remote computer(s) that may receive and execute the command, use the client information to send back information related to the command, directly to the port identifier of the listener started by the client process. Any messages received at the listener's port identifier are processed, e.g. by displaying any output generated in execution of the command by the remote computer(s). | 2017-01-26 |
20170026449 | Optimizing Bandwidth Usage and Improving Performance for Web Page Caching - Improving of bandwidth usage and performance for web page caching. Responsive to a subsequent request for a web page, a server only returns the set of web page portions of the requested web page that are not in a browser cache, have expired, and/or have changed. | 2017-01-26 |
20170026450 | METHOD AND SYSTEM FOR DATA PROCESSING IN MULTIPLE DATA SOURCES BASED ON HTTP PROTOCOL - A system and method for data processing in multiple data sources based on HTTP protocol comprises: A) information receiving device receiving a data-processing request submitted by an application unit based on HTTP protocol, the data-processing request comprising a data source instance, a table entity model and an operation instruction; B) a data source management center distributing the data-processing request to a target database according to a configuration of the data source management center; C) the target database executing the received data-processing request and returning a result of processing to the integrated system; and D) data transforming unit converting the result to an object recognizable to application unit, and returning the object to the application unit. The system and method can reduce data fragments, alleviate developer's burden of data processing, reduce cost of encoding for database query, and enhances the security of the database. | 2017-01-26 |
20170026451 | APPARATUS AND METHOD FOR PROVIDING STREAMING CONTENT - A method and apparatus for an adaptive Hypertext Transfer Protocol (HTTP) streaming service using metadata of content are provided. The metadata may include one or more BaseURL elements. Uniform Resource Locators (URLs) of segments forming media may be generated based on the BaseURL elements. Additionally, a URL of a segment may be generated by mapping a BaseURL element among the BaseURL elements to a sourceURL attribute of the segment. Segments indicated by generated URLs may be identical to each other. | 2017-01-26 |
20170026452 | PROVIDING A USER WITH VIRTUAL COMPUTING SERVICES - Systems and methods for providing a user with virtual computing services are disclosed. In one embodiment, a method for providing virtual computing services to a specific user, may comprising: detecting a request generated from a user device of the specific user to access data; in which the data is not accessible by applications installed on the user device; identifying a file type of the data; and providing the specific user access to a remote application or a virtual desktop, in which the remote application or the virtual desktop is configured to allow the specific user to open, execute, edit, and/or access the data. | 2017-01-26 |
20170026453 | REMOTE CONTEXTUAL ACCESS TO OPERATING SYSTEM DESKTOPS - Methods, systems, and techniques for remote contextual access to an operating system desktop are provided. Example embodiments provide a desktop state agent the harvests information from a user's desktop regarding state of various objects such as open documents, recent documents, links, shared links, bookmarks, upcoming events, and/or recent emails. The harvested information is translated to html or other web browser recognized language where possible and uploaded to be accessible to a web server configured to respond to requests for desktop state using a web address. In one embodiment, the RCAS allows access to a user's desktop transparently—without the user needing to take explicit action. Further, a remote mobile device can render the desktop data without using a session or connection to the user's desktop machine and without use of a remote desktop protocol. | 2017-01-26 |
20170026454 | METHODS AND APPARATUS FOR MONITORING A PORTABLE DEVICE - Methods and apparatus for monitoring a portable device are disclosed herein. An example method includes connecting to a portable device using a shell. Whether the shell has an elevated privilege on the portable device is verified. In response to detecting that the shell does not have the elevated privilege, the elevated privilege is gained. A packet capturer is installed on the portable device using the elevated privilege, the packet capturer to capture packets to produce media exposure data, the elevated privileges to enable the packet capturer to capture packets after disconnection of the shell from the portable device. | 2017-01-26 |
20170026455 | INFORMATION PROCESSING APPARATUS, INFORMATION PROCESSING METHOD, AND NON-TRANSITORY COMPUTER READABLE MEDIUM - An information processing apparatus includes an acquisition unit and a help controller. The acquisition unit acquires information indicating whether help information is stored in any of information processing apparatuses within the same group as the information processing apparatus. The help controller performs control based on the information acquired by the acquisition unit so as to cause an information processing apparatus within the group to acquire the help information from an external help management apparatus if the help information is not stored in any of the information processing apparatuses within the group or to cause an information processing apparatus within the group to acquire the help information from another information processing apparatus storing the help information in the group if the help information is stored in any of the information processing apparatuses within the group. | 2017-01-26 |
20170026456 | File Tagging and Sharing Systems - A music sharing system that links an audio file to a location, and to music sharing systems that permit a first user to associate an audio file with a particular location, and share this information with a second user. | 2017-01-26 |
20170026457 | Multimedia File Transmission Apparatus and Method - A multimedia file transmission method, which relates to the fields of data transmission and image processing, includes acquiring network information; determining a transmission version of a multimedia file according to the network information, where different transmission versions are corresponding to different multimedia file quality; and transmitting the multimedia file according to the transmission version. The network information is automatically acquired, and the transmission version of the multimedia file is automatically determined according to the network information, which not only saves an operation of manually selecting, by a user, a transmission version and reduces operation complexity, but also improves appropriateness of determining a transmission version. | 2017-01-26 |
20170026458 | RECEPTION APPARATUS, RECEPTION METHOD, TRANSMISSION APPARATUS, AND TRANSMISSION METHOD - A reception apparatus and a reception method, by which a file is received in an MMT system. On a transmission side, a resource constituting an application, information mapping a URL, which indicates a location in an application, on a location on an MMT transmission path of broadcasting or the like, and information indicating a unit of display and a link relationship in the application are transmitted. On a receiver side, access ranges to hierarchical file data when a data broadcasting application is executed, and location information and size of the file data in each access range are acquired, and the application is effectively pre-cached. | 2017-01-26 |
20170026459 | Coordinating Actions Across Platforms - A coordinating server for coordinating between a first computerized service and a second computerized, the first service operating based on different platforms. The coordinating server provides a directory comprising a respective action ID for each of a plurality of predefined types of action that can be performed by a human user through a user device of the user. An ID of the first service is mapped to one of said action types, thereby defining an event that will be deemed to occur when the user performs the respective type of action whilst using the first service. The second service can then subscribe to this event. Further, the coordinating server issues a respective instance of a platform agnostic code module to each of the first service and the second service, for enabling the first service and second service to interact with the coordinating server. | 2017-01-26 |
20170026460 | USER DEFINED GEOGRAPHICAL ZONES FOR CHAT PLATFORMS - The innovation disclosed and claimed herein, in one aspect thereof, comprises systems and methods of creating and managing social networking chat platforms according to user defined geographical zones. The system and method facilitates users to create user defined geographical zones on a map. The geographical zones correlate to physical areas in the world. Chat interfaces are created and associated with the geographical zones. Chat privileges can be arbitrated according to user location, user status, or the like. | 2017-01-26 |
20170026461 | INTELLIGENT LOAD BALANCER - Systems, methods, and computer-readable media for an intelligent load balancer. In some embodiments, a system can analyze activity data for egress links associated with a network. The system can also receive a service request originating from a remote device. Next, the system can select a server in the network for receiving the service request. Based on the activity data, the system can also select an egress link from the egress links for communicating data associated with the service request from the network to a remote destination location, such as the remote device. The system can then send a signal to the selected server which can include the service request and an indication of the egress link to be used for the data associated with the service request. The system can also later change the selected egress link for the service request if the system subsequently identifies a better egress link. | 2017-01-26 |
20170026462 | LOAD BALANCING METHOD, APPARATUS AND SYSTEM - The present invention discloses a load balancing method, apparatus and system. In the present invention, a network management and control center of a basic network system interacts with a service management and control center of a network service system, and determines a load balancing policy according to entity information about service function execution entities in the network service system; and the network management and control center generates an execution flow table according to the load balancing policy, and controls a network device to perform a load balancing operation according to the execution flow table. The present invention is applicable to a network service system comprising a service function execution entity in a transparent mode, so as to implement load balancing processing on the service function execution entity in transparent mode in the network service system. | 2017-01-26 |
20170026463 | WIRELESS NETWORK CLOUD COMPUTING RESOURCE MANAGEMENT - A method, performed by a server device, may include receiving a request to activate an application session, the request being received from a user equipment on behalf of a particular application installed on the user equipment. The method may further include determining one or more application requirements associated with the particular application; determining conditions associated with one or more application servers; selecting a particular one of the one or more application servers based on the determined one or more application requirements and based on the determined conditions; and setting up the application session between the user equipment and between the selected particular one of the one or more application servers. | 2017-01-26 |
20170026464 | ALLOCATION OF SERVICE ENDPOINTS TO SERVERS - An aspect of the present disclosure provides for allocation of service endpoints to servers. In an embodiment, an endpoint table is maintained to specify currently allocation of respective service endpoints to corresponding server systems. Upon occurrence of a condition requiring reallocation of a first set of service endpoints currently allocated to a first server system, the first set of service endpoints are reallocated among the operational server systems (typically the server systems other than the first server system). The endpoint table is accordingly updated in accordance with the reallocation. When a packet is thereafter received directed for delivery to a target service endpoint, the packet is delivered to one of the operational server systems, which is indicated as being allocated the target service endpoint in the updated endpoint table. | 2017-01-26 |
20170026465 | METHODS, DEVICES AND SYSTEMS FOR INITIATING, FORMING AND JOINING MEMBERSHIPS IN DISTRIBUTED COMPUTING SYSTEMS - A computer-implemented method of deploying a membership of nodes in a distributed computing system may comprise selecting nodes to be part of a membership of nodes; creating a membership task identifying a membership creator node as the node that is creating the membership and comprising a membership target identifying at least one node of the distributed computing system that is to become a member of the membership; and creating a beacon configured to send a create membership message to each identified node, the create membership message comprising at least an identity of the membership task and an identification of the membership. Upon receiving a response from a node in the membership target, the node from which the response was received may be removed from the beacon. The membership may be deployed when a response has been received from each of the nodes identified in the membership target. | 2017-01-26 |
20170026466 | COMPUTING SYSTEM FOR MANAGING DATA - Various embodiments are described for systems and methods for managing data. The system may include a device group configured for peer-to-peer communications, the device group including a computing device and one or more peer computing devices. The system includes a cross device application programming interface (API) that is implemented as a device group API client executed on the computing device and each of the peer computing devices. Each device group API client includes a permissions module that is configured to determine whether a request satisfies a device-group-specific permission for access to data stored on any device associated with the device group. Upon authorization of the request, a file storage module is configured to retrieve and output the requested file. | 2017-01-26 |
20170026467 | DYNAMIC WINDOW ADJUSTMENTS IN A STREAMING ENVIRONMENT - A first stream operator can receive a first tuple including a first set of attributes to be stored in a first window and a second tuple including a second set of attributes to be stored in a second window. The first window and the second window can each have an eviction policy. In response to triggering the eviction policy for the first window and the second window, the first tuple stored in the first window can be compared with the second tuple stored in the second window. Based upon the comparing, it can be determined that the first tuple and the second tuple go outside of a join threshold. In response to determining that the first tuple and the second tuple go outside of a join threshold, the eviction policy of the first window can be altered. | 2017-01-26 |
20170026468 | ADAPTIVE GOSSIP PROTOCOL - Systems, methods, and computer-readable media for an adaptive gossip protocol. A node in a cluster can detect a gossip protocol synchronization triggering event which can include an indication that the node has received data from a second node via a gossip protocol, an update to data maintained by nodes in the cluster, and/or an operation. In response to the triggering event, the node can determine a dynamic gossip interval for disseminating data from the node to other nodes via a gossip protocol, the dynamic gossip interval being based on a synchronization state associated with the cluster and/or one or more gossip protocol events associated with the cluster. Next, the node can select a third node in the cluster for disseminating the data from the node to the third node. The node can then transmit the data to the third node via the gossip protocol based on the dynamic gossip interval. | 2017-01-26 |
20170026469 | NETWORK-BASED ELASTIC STORAGE - A request to change one or more storage characteristics associated with a virtual storage device is received. Communications identifying the virtual storage device are routed, via a network, to a first storage endpoint. One or more operations are performed in accordance with the request. A configuration of the network is updated to route communications identifying the virtual storage device to a second storage endpoint. | 2017-01-26 |