06th week of 2017 patent applcation highlights part 64 |
Patent application number | Title | Published |
20170041295 | SECURE DEVICE AND PROXY FOR SECURE OPERATION OF A HOST DATA PROCESSING SYSTEM - Secure device and proxy operation include generating, using a processor, a first proxy and a first proxy companion paired with the first proxy and providing the first proxy to a host data processing system for installation therein. The first proxy in the host data processing system and the first proxy companion communicate. A proxy change event for the host data processing system is detected. Responsive to the detecting, a second proxy and a second proxy companion paired with the second proxy are generated. The second proxy is provided to the host data processing system for installation therein. | 2017-02-09 |
20170041296 | SYSTEMS AND METHODS OF SECURE DATA EXCHANGE - In embodiments of the present invention, improved secure exchange system features include a federated search facility, hybrid encryption management (adjustable encryption key management), anonymous IRM, disassembled storage of data as chunks rather than files, asynchronous notification process/integrated file upload and messaging, an identity facility, multi-factor authentication, dynamic access authorization, and various enhancements to a customizable exchange system. | 2017-02-09 |
20170041297 | UNIFIED SOURCE USER CHECKING OF TCP DATA PACKETS FOR NETWORK DATA LEAKAGE PREVENTION - Systems and methods are directed towards network data leakage prevention (DLP). More specifically, the systems and methods are directed towards using TCP (Transmission Control Protocol) data packets in conjunction with the DLP monitor. The network DLP utilizes TCP data packets to carry source user identity. With the source user identity, the DLP monitor can determine if sensitive data can be transmitted based on the provided user information and corresponding DLP policies for each user. Furthermore, the DLP monitor can determine if sensitive data can also be transmitted for particular users in situations where multiple users share the same IP address. | 2017-02-09 |
20170041298 | SYSTEM FOR ACCESSING DATA - The present disclosure relates to a computer system for inserting multiple data items in a relation, the relation being stored on a server computer of the computer system, the relation comprising data items, wherein the data items are encrypted with a first encryption method in the relation, wherein the data items form a partially ordered set in the relation, the partial order being formed with respect to the data items in non-encrypted form. The computer system further comprises a client system, wherein for inserting multiple encrypted data items in the partially ordered set: the client system is configured for determining that the multiple data items have a same insert position in the partially ordered set; sorting the multiple encrypted data items in accordance with a linear order corresponding to the order in which the encrypted data items are stored in the relation with respect to the partial ordered set, wherein depending on the insert position the sorting is performed in ascending or descending order; encrypting the multiple data items using the first encryption method; and the server system is configured for inserting the encrypted data items in the partially ordered set consecutively in their sorted order. | 2017-02-09 |
20170041299 | Systems and Methods for Controlling Email Access - Embodiments of the disclosure relate to proxying one or more email resources in transit to the client devices from the email services, removing one or more email attachments from the email resources, and encoding the stripped email attachments based at least in part on one or more cryptographic keys. | 2017-02-09 |
20170041300 | ELECTRONIC APPARATUS TO PREDICT PREFERENCE OF USER AND PROVIDE INFORMATION AND CONTROL METHOD THEREOF - An electronic apparatus is provided. The electronic apparatus includes, a communicator including communication circuitry, a storage, and at least one processor. The communication circuitry communicates with a plurality of user terminals and an external apparatus. The storage stores information of a plurality of users and a plurality of pieces of content. The at least one processor is configured to receive encrypted preference data of the user to first content from among the plurality of pieces of content from at least one among the plurality of user terminals through the communication circuitry, to transmit the encrypted preference data to the external apparatus, to receive characteristic data generated by applying an external operation and a re-encryption to the decrypted preference data from the external apparatus, to apply an internal operation to information of the plurality of users and the plurality of pieces of content through the received characteristic data, to predict a preference of the user to second content different from the first content based on the information subjected to the internal operation of the plurality of users and the plurality of pieces of content, and to provide the predicted preference information of the user to the second content. Thus, the operation may be performed efficiently and distributed with the external apparatus. | 2017-02-09 |
20170041301 | METHODS AND APPARATUS TO IDENTIFY MEDIA DISTRIBUTED VIA A NETWORK - Methods, apparatus, systems and articles of manufacture to monitor media presentations are disclosed. An example method includes extracting first network packet parameters from a first network packet received at a media device when retrieving a first encrypted web page, storing the first network packet parameters in association with identifying information for the first encrypted web page, extracting second network packet parameters from a second network packet received at the media device from an unknown encrypted web page, when the extension does not collect identifying information for the unknown encrypted web page, comparing the second network packet parameters to the first network packet parameters, and identifying the unknown encrypted web page as the first encrypted web page when the comparison of the second network packet parameters to the first network packet parameters has a similarity above a threshold. | 2017-02-09 |
20170041302 | SYSTEM AND METHOD FOR INITIALIZING A SHARED SECRET SYSTEM - Embodiments as described herein provide systems and methods for sharing secrets between a device and another entity. The shared secret may be generated on the device as a derivative of a secret value contained on the device itself in a manner that will not expose the secret key on the device and may be sent to the entity. The shared secret may also be stored on the device such that it can be used in future secure operations on the device. In this manner, a device may be registered with an external service such that a variety of functionality may be securely accomplished, including, for example, the generation of authorization codes for the device by the external service based on the shared secret or the symmetric encryption of data between the external service and the device using the shared secret. | 2017-02-09 |
20170041303 | SYSTEM AND METHOD FOR KEY MANAGEMENT AND USER AUTHENTICATION - A system and method are presented for key management and user authentication. Secure SSH access may be performed through a public/private set of SSH keys where a user uploads a public SSH key to a key management application. The private SSH key remains with a device associated with a user. The public SSH key is distributed across multiple regions to instances and is region agnostic. Public SSH keys may be distributed and synchronized in a large cloud computing environment where public SSH keys associated with users may be added or removed in order to rebuild system security. | 2017-02-09 |
20170041304 | Managing a Device Cloud - Particular embodiments of a gateway computing device provide a provisioning service for access credentials to a restricted network, wherein the provisioning service is accessible by an open network. A messaging protocol for the open network may only recognize messages relating to one of a set of services provided by the gateway computing device, including the provisioning service. The gateway computing device may receive, from a client device, a request to connect to the restricted network, wherein the request was sent using the open network. Upon determining whether the client device is authorized to access the restricted network, the gateway computing device may send a response to the client device using the open network. | 2017-02-09 |
20170041305 | APPARATUS AND METHOD FOR PROCESS AUTHENTICATION IN REDUNDANT SYSTEM - Disclosed herein is an apparatus and method for authenticating a process. According to the method for authenticating a process, a neighboring node transmits adjacent authentication data to an execution node, the execution node authenticates a process to be executed by comparing local authentication data with the adjacent authentication data, and the execution node executes the corresponding process. | 2017-02-09 |
20170041306 | SYSTEMS AND METHODS FOR AUTHENTICATING PHOTOGRAPHIC IMAGE DATA - The present disclosure provides systems and methods for authenticating photographic data. In one embodiment, a method comprises providing an image authentication application for use on a client device, the application configured to control image capture and transmission; receiving an image data file from the application at the authentication server comprising a photographic image captured by the application and metadata associated therewith; applying a watermark to the photographic image to create a watermarked image; applying date and time information to the tagged image; applying location information to the tagged image; creating a web address associated with the image data file; uploading the photographic image, the tagged image, or both to the web address; and transmitting an authenticated image file to the client device, the authenticated image file comprising one or more of: the watermarked image, the photographic image, the date and time information, geographic information, and the web address. | 2017-02-09 |
20170041307 | IDENTITY AUTHENTICATION METHOD AND DEVICE - Embodiments of the present disclosure disclose an identity authentication method and device. The method comprises: receiving, by an identity authentication server, an identity authentication request transmitted by a third-party platform; determining, according to the phone number, an ID of a first identity authentication client by searching a pre-stored correspondence; if the first identity authentication client is online, transmitting a user information request; transmitting an authentication success message to the third-party platform if a user information response carrying the user information is received and the user information is consistent with user information stored in the identity authentication server; or transmitting an authentication fail message to the third-party platform if the user information is inconsistent with user information stored in the identity authentication server, or if a user information response carrying the user information is not received. | 2017-02-09 |
20170041308 | DYNAMIC IDENTITY SWITCHING - Techniques are disclosed for dynamically switching user identity when generating a web service request by receiving, at a client application, an invocation of a web service, the invocation associated with a first authenticated user identity of a first user, identifying a second user identity, verifying that a switch from the first user identity to the second user identity is permitted by switching rules, including the second user identity in a service request when the switch is permitted, and communicating the service request to the web service. The switching rules can include associations between initial user identities and permitted user identities. Verifying that a switch is permitted can include searching the associations for an entry having an initial user identity that matches the first authenticated user identity and a new user identity that matches the second user identity, wherein the switch is permitted when the entry is found. | 2017-02-09 |
20170041309 | AUTHENTICATING APPLICATION LEGITIMACY - Facilities are provided herein to address application phishing by determining whether an application is a legitimate application it purports to be. Optical code(s) are displayed on a display device in association with an application to be authenticated for a user as being a legitimate application. Based on imaging the optical code(s) using a camera of a device of a user, data of the optical code(s) are obtained. It is automatically determines, based on the obtained data of the optical code(s), whether the application to be authenticated is authenticated as being the legitimate application, and based on this, an indication of whether the application is authenticated as being the legitimate application is provided for the user by the device. | 2017-02-09 |
20170041310 | RIGHTS CONTROL METHOD, CLIENT, AND SERVER - The present invention relates to the field of mobile communications technologies, and in particular, to a right control method, a client, and a server, so as to resolve a technical problem in the prior art that there is no method that can better control a right of a user. In embodiments of the present invention, the server can send right information corresponding to a login account to the client, so that the client controls access right of the login account, which does not cause too much burden on the server; a manner is more direct in which the client controls the access right of the login account, thereby reducing control time and generating higher control efficiency. | 2017-02-09 |
20170041311 | COMMUNICATION TERMINAL, COMMUNICATION METHOD, PROGRAM, AND COMMUNICATION SYSTEM - There is provided a communication terminal including a transmission controller configured to allow transmission of, to a verification target device, authentication information for authenticating the verification target device based on first information acquired from an information processing device, and a verification unit configured to verify validity of the verification target device based on a response to the authentication information and second information acquired from the information processing device, the second information being associated with the first information. | 2017-02-09 |
20170041312 | TRANSACTION PROCESSING METHOD AND CLIENT BASED ON TRUSTED EXECUTION ENVIRONMENT - A transaction processing client based on a trusted execution environment is disclosed. The client verifies a server in a secure environment, obtains a public key of the server upon successful verification, generates a session key and encrypts the session key using the public key in the secure environment, transmits the encrypted session key to the server in a normal environment, encrypts pre-obtained transaction information using the session key in the secure environment, and transmits the encrypted transaction information to the server in the normal environment. The present disclosure effectively ensures the security of user login information and user private information. | 2017-02-09 |
20170041313 | METHODS AND SYSTEMS FOR SECURING PROOFS OF KNOWLEDGE FOR PRIVACY - Embodiments described herein relate to securing the privacy of knowledge used to authenticate a user (i.e., Proof of Knowledge (PoK) test(s)). In some embodiments, a client device is operable to receive a first encryption key and encrypted test(s) from a PoK server. The client device also receives a second encryption key from a Relying Party (RP) server. The client device can decrypt the encrypted test(s) by using the first encryption key and the second encryption key to thereby render decrypted test(s). The client device is further operable to obtain answer(s) for the decrypted test(s), send a communication to the PoK server based on the answer(s), and receive a communication from the RP server that authorizes a user of the client device to access service(s) administered by the RP server. | 2017-02-09 |
20170041314 | BIOMETRIC INFORMATION MANAGEMENT METHOD AND BIOMETRIC INFORMATION MANAGEMENT APPARATUS - In a biometric information management method, a first comparison result is acquired by comparing first biometric input information with registered first biometric authentication information and a second comparison result is acquired by comparing second biometric input information with registered second biometric authentication information. Further, satisfaction or non-satisfaction of a predetermined authentication information compensation condition is determined based on the first comparison result and the second comparison result. If a result of the determining satisfies the authentication information compensation condition, the first biometric authentication information is compensated by using the first biometric input information or the second biometric authentication information is compensated by using the second biometric input information. | 2017-02-09 |
20170041315 | Proximity-Based System for Automatic Application or Data Access and Item Tracking - A system and method provide automatic access to applications or data. A portable physical device, referred to herein as a Personal Digital Key or “PDK”, stores one or more profiles in memory, including a biometric profile acquired in a secure trusted process and uniquely associated with a user that is authorized to use and associated with the PDK. The PDK wirelessly transmits identification information including a unique PDK identification number, the biometric profile and a profile over a secure wireless channel to a reader. A computing device is coupled to the reader. An auto login server is coupled to the reader and the computing device and launches one or more applications associated with a user name identified by the received profile. | 2017-02-09 |
20170041316 | Access Control for Internet of Things Devices - Requesting, by a requesting device, from an Internet of Things (IoT) device, an IoT device identifier over a communication link between the devices. Requesting, by the requesting device from an authorization device over a communication network including at least one TCP/IP link, authorization to command the IoT device to perform an action. Determining, by the authorization device, an authorization of the requesting device to command the identified IoT device to perform the requested action based on the IoT device identifier, the requesting device identifier, and the command. For a requesting device determined authorized, transmitting an encrypted authorization to the requesting device over the communication network. Relaying, by the requesting device to the IoT device via the first communication link, the authorization. Decrypting, by the IoT device, the authorization and performing the action specified therein. | 2017-02-09 |
20170041317 | Encapsulating Commands Within a Control Wrapper For Split Entry or Approval - Methods, systems, and computer-readable media for reviewing inputted commands and preventing the execution of accidentally or maliciously entered adverse commands are disclosed. These commands may be operating system commands, resource commands, device commands, application commands, and so on. Some aspects of the disclosure provide ways to split entry and/or approval of commands prior to their execution. In some aspects, execution of the command may be undone or reversed if the command is not successfully validated. Commands may be encapsulated in a control wrapper to identify commands subject to split approval or co-entry process, and criteria regarding the commands or the user(s) entering the commands may be used to determine whether co-entry or split approval and/or post-execution validation is required. Indications of approval or denial of a command may be transmitted to other computing devices to reduce or eliminate malicious or accidental activity. | 2017-02-09 |
20170041318 | Secure Access by a User to a Resource - In a method of approving access to a server network from any terminal requesting access, a communication request is sent from the terminal to a server on a first communication path. An image containing a series of symbols is communicated to the user on a communication path different from the first path. From the image the user calculates a response based upon a particular pattern in the image defining certain symbols which are then used in an operation to determine from the symbols a response which is different from the symbols. A comparison is made between the response received and a previously stored response to assess whether access should be allowed. | 2017-02-09 |
20170041319 | SHARING REGULATED CONTENT STORED ON NON-REGULATED STORAGE PLATFORMS - Methods and systems of storing and managing regulated content items on a non-regulated storage platform are provided. A representation of a regulated content item representing content of the regulated content item is created. The content of the regulated content item is subject to one or more regulations and the regulated content item is stored on the non-regulated storage platform. The representation of the regulated content item is provided to the non-regulated storage platform for storage. The representation of the regulated content item is configured to be accessible on the non-regulated storage platform. A request to access the regulated content item using the representation of the regulated content item is received. The regulated content item is retrieved from the non-regulated storage platform in response to the received request. | 2017-02-09 |
20170041320 | CREDENTIAL-FREE IDENTIFICATION AND AUTHENTICATION - A method of authenticating a user so that the user can access a website without entering a unique user credential. A user accesses a target and is presented with an authentication code and an address, and the user sends a message containing the authentication code to that address. Alternatively, the user is pre-supplied with an address and is presented only with an authentication code when the user accesses the target. The user's identity is authenticated by comparing an aspect of the metadata of the message with known metadata aspects, and the user is authenticated by comparing the authentication key presented to the user with the one received in the message. Both the user and the user's identity are authenticated in a single step without requiring the user to input any unique user credential. | 2017-02-09 |
20170041321 | METHOD AND SYSTEM FOR PROVIDING ROOT DOMAIN NAME RESOLUTION SERVICE - Disclosed are method and system for providing root domain name resolution service, wherein the method for providing root domain name resolution service comprises: acquiring DNS resolution records of domain names within a predefined region; establishing an authorization information database of all-level nodes of DNS according to the resolution record; initiating a virtual root node providing root domain name resolution service; and responding to a root domain name resolution request within the predefined region according to data in the authorization information database by the virtual root node. The scheme of the present invention can utilize the DNS resolution records within the predefined region, to establish a DNS authorization information database as a data foundation of the virtual root node providing root domain name resolution service, thereby automatically providing DNS root resolution service within the region and reducing an Internet risk. | 2017-02-09 |
20170041322 | Encapsulating Commands Within a Control Wrapper For Multiple Level Review - Methods, systems, and computer-readable media for reviewing inputted commands and preventing the execution of accidentally or maliciously entered adverse commands are disclosed. These commands may be operating system commands, resource commands, device commands, application commands, and so on. Some aspects of the disclosure provide ways to approve commands prior to their execution, or validate commands subsequent to their execution. In some aspects, execution of the command may be undone or reversed if the command is not successfully validated. Commands may be encapsulated in a control wrapper to identify commands subject to pre-execution approval process and/or the post-execution validation, and criteria regarding the commands or the user entering the commands may be used to determine whether pre-execution approval and/or post-execution validation is required. Indications of approval or denial of a command may be transmitted to other computing devices to reduce or eliminate malicious or accidental activity. | 2017-02-09 |
20170041323 | Registration and Credential Roll-out for Accessing a Subscription-based Service - A user may access a subscription-based service via a system comprising one or more devices with one or more separate domains where each domain may be owned or controlled by one or more different local or remote owners. Each domain may have a different owner, and a remote owner offering a subscription-based service may have taken ownership of a domain, which may be referred to as a remote owner domain. Further, the user may have taken ownership of a domain, which may be referred to as a user domain. In order for the user to access the subscription-based service, registration and credential roll-out may be needed. An exemplary registration and credential roll-out process may comprise registration of the user, obtaining credentials from the remote owner and storing the credentials. | 2017-02-09 |
20170041324 | SYSTEMS AND METHODS FOR PERSONAL PROPERTY INFORMATION MANAGEMENT - The present disclosure describes systems and methods of personal property information management. A method of personal property information management may comprise receiving personal property information from a user, associating user information with personal property item information, creating a personal property information record and providing a personal property information report. A method may include providing a personal property information report to a law enforcement database. Systems suitable to perform methods of personal property information management are also provided. | 2017-02-09 |
20170041325 | METHOD AND SYSTEM OF NETWORK CONNECTION CONTROL FOR MOBILE TERMINALS - A method of network connection control for mobile terminals, includes: classifying network access points accessible to a mobile terminal according to their security levels, and applications of the mobile terminal according to the security level of the networks that the applications are allowed to connect to; setting applications of different security level to connect to the network through access points at corresponding security levels; setting the security level of each network access point and application of the mobile terminal; and searching the security level of the application and the security levels of the network access points that the application is allowed to connect to. | 2017-02-09 |
20170041326 | LOCATION DRIVEN SOFTWARE LICENSING - location based licensing of software on a computer. A given software product has certain locations or regions authorized. While the computer executing the software remains within the authorized region or regions, at least one factor in a multi-factor authorization scheme is satisfied, and software remains licensed and operational. When the computer is removed from these regions, the software is not licensed and is prevented from executing. The check for location occurs periodically such that were the computer moving, the license status of the software dynamically updates. When going to a new region where a license has not been previously purchased, the system prompts the user to purchase a license for that new region. Upon purchase, the software continues to operate as previous. | 2017-02-09 |
20170041327 | SYSTEM AND METHOD FOR AUTHORIZING AND VALIDATING USER AGENTS BASED ON USER AGENT LOCATION - An embodiment of a method includes receiving a request from a user agent to use a communication network, determining that the user agent is not recognized on the communication network, and requiring submission of location information prior to allowing the user agent to use the network. An embodiment of a system includes a recognition module configured to determine whether the communication device is recognized in response to a request to use a communication network from the communication device, a notification module configured to notify the communication device that the communication device is not recognized, wherein notification that the communication device is not recognized indicates that location information must be submitted prior to the communication device using the communication network; and a location update module configured to receive submitted location information and update the location of the communication device based on the location information. | 2017-02-09 |
20170041328 | SYSTEMS AND METHODS FOR AUTHENTICATING PHOTOGRAPHIC IMAGE DATA - The present disclosure provides systems and methods for authenticating photographic data. In one embodiment, a method comprises providing an image authentication application for use on a client device, the application configured to control image capture and transmission; receiving an image data file from the application at the authentication server comprising a photographic image captured by the application and metadata associated therewith; applying a watermark to the photographic image to create a watermarked image; applying date and time information to the tagged image; applying location information to the tagged image; creating a web address associated with the image data file; uploading the photographic image, the tagged image, or both to the web address; and transmitting an authenticated image file to the client device, the authenticated image file comprising one or more of: the watermarked image, the photographic image, the date and time information, geographic information, and the web address. | 2017-02-09 |
20170041329 | METHOD AND DEVICE FOR DETECTING AUTONOMOUS, SELF-PROPAGATING SOFTWARE - A method and a device for detecting autonomous, self-propagating malicious software in at least one first computing unit in a first network, wherein the first network is coupled to a second network via a first link, having the following method steps: a) generating at least one first indicator which specifies a first behaviour of the at least one first computing unit; b) generating at least one second indicator which specifies a second behaviour of at least one second computing unit in the second network; c) transmitting the at least one first indicator and the at least one second indicator to a correlation component; d) generating at least one correlation result by correlating the at least one first indicator with the at least one second indicator; e) outputting an instruction signal if, when a comparison is made, a definable threshold value is exceeded by the correlation result, is provided. | 2017-02-09 |
20170041330 | SYSTEMS AND METHODS FOR PHISHING AND BRAND PROTECTION - This disclosure describes systems, methods, and computer-readable media related to phishing and brand protection via copycat detection. In some embodiments, a temporary page profile associated with a webpage may be generated. The temporary page profile may include an image component, a geometry component, a style component, and a link component. One or more baseline page profiles may be retrieved. The temporary page profile and the one or more baseline page profiles may be compared. It may be determined that the temporary page profile does not match the one or more baseline page profiles. An alert may be generated to display to a user indicating that fraud has been detected for the webpage. | 2017-02-09 |
20170041331 | AIR-BASED AND GROUND-BASED SECURITY INFORMATION AND EVENT MANAGEMENT SYSTEM - A system, method, and computer readable media for detecting and mitigating the effects of a cyber event on an aircraft's network including an air-based security module and a ground-based security module that monitor the aircraft's networks and detect cyber events. A collaboration module facilitates communications between the air-based security module and the ground-based security module, and also switches the communications between the modules to an alternate, secure channel when a cyber event is detected. A simulation module that is independent from, but functionally substantially equivalent to, the air-based security module simulates network events that are detected on board the aircraft while the aircraft is in flight. A cyber agent module mitigates the effect of a cyber event on the aircraft's network while the aircraft is in flight based on information from the simulation module that is communicated by the ground-based security module to the air-based security via the collaboration module. | 2017-02-09 |
20170041332 | DOMAIN CLASSIFICATION BASED ON DOMAIN NAME SYSTEM (DNS) TRAFFIC - Techniques are provided herein for classifying domains based on DNS traffic so that domains that are malicious or associated with malicious activity can be identified. Malicious domains are identified by analyzing, at a server having network connectivity, traffic between one or more clients and one or more Domain Name System (DNS) resolvers, detecting a spike in the traffic for a particular domain, and categorizing queries in the spike based on one or more query features. The particular domain is classified based on the categorizing. | 2017-02-09 |
20170041333 | DOMAIN CLASSIFICATION BASED ON DOMAIN NAME SYSTEM (DNS) TRAFFIC - Techniques are provided herein for classifying domains based on DNS traffic so that domains that are malicious or associated with malicious activity can be identified. Traffic between one or more domain name system (DNS) resolvers and one or more authoritative name servers hosted on the Internet is analyzed analyzing at a server having network connectivity. A mismatch between a hostname and Internet Protocol (IP) information for the hostname is detected in the traffic and domains included in the traffic are classified based on the detecting. | 2017-02-09 |
20170041334 | DETECTING PAST INTRUSIONS AND ATTACKS BASED ON HISTORICAL NETWORK TRAFFIC INFORMATION - A device may receive information that identifies an attack signature for detecting an intrusion. The device may determine a device configuration that is vulnerable to the intrusion, may determine an endpoint device associated with the device configuration, and may determine a time period during which the endpoint device was associated with the device configuration. The device may determine an endpoint identifier associated with the endpoint device during the time period, and may identify network traffic information associated with the endpoint identifier during the time period. The device may apply the attack signature to the network traffic information, and may determine whether the endpoint device was subjected to the intrusion during the time period based on applying the attack signature to the network traffic information. The device may selectively perform an action based on determining whether the endpoint device was subjected to the intrusion. | 2017-02-09 |
20170041335 | SYSTEMS, METHODS, USER INTERFACES, AND COMPUTER-READABLE MEDIA FOR INVESTIGATING POTENTIAL MALICIOUS COMMUNICATIONS - A data analysis system receives potentially undesirable electronic communications and automatically groups them in computationally-efficient data clusters, automatically analyze those data clusters, automatically tags and groups those data clusters, and provides results of the automated analysis and grouping in an optimized way to an analyst. The automated analysis of the data clusters may include an automated application of various criteria or rules so as to generate an ordered display of the groups of related data clusters such that the analyst may quickly and efficiently evaluate the groups of data clusters. In particular, the groups of data clusters may be dynamically re-grouped and/or filtered in an interactive user interface so as to enable an analyst to quickly navigate among information associated with various groups of data clusters and efficiently evaluate those data clusters. | 2017-02-09 |
20170041336 | SIGNATURE RULE PROCESSING METHOD, SERVER, AND INTRUSION PREVENTION SYSTEM - A signature rule processing method, a server, and an intrusion prevention system is provided. The method includes: performing, by a cloud server, correlation analysis on signature rule usage status information of each security device connected to the cloud server and a latest signature rule set published by the cloud server, to obtain a most active threat signature rule identification list, and sending, by the cloud server, update information to each security device to update a signature rule after generating the update information according to the most active threat signature rule identification list. The present invention is applicable to the field of network security systems. | 2017-02-09 |
20170041337 | Systems, Methods, Apparatuses, And Computer Program Products For Forensic Monitoring - Systems, methods, apparatuses, and computer program products are provided for forensic monitoring. A system may include a forensic analysis apparatus and one or more monitored apparatuses. A monitored apparatus may monitor activity on the monitored apparatus and extract forensic data based at least in part on monitored activity. The forensic data may be transferred from the monitored apparatus to the forensic analysis apparatus for processing and analysis. | 2017-02-09 |
20170041338 | SOFTWARE PROGRAM IDENTIFICATION BASED ON PROGRAM BEHAVIOR - Operations performed by a software application instance executed by a computing device are monitored. A determination is made that a particular operation performed matches an application signature representing a particular software application. In response, a match score is added to a total score for the software application. In response to determining that the total score is greater than or equal to a threshold, the software is classified. | 2017-02-09 |
20170041339 | DIFFUSING DENIAL-OF-SERVICE ATTACKS BY USING VIRTUAL MACHINES - A system for diffusing denial-of-service attacks by using virtual machines is disclosed. In particular, the system may receive, from a measurement probe, a network transaction measurement associated with a first node in a network. Based on the network transaction measurement, the system may determine if the network transaction measurement satisfies a threshold measurement value. If the network transaction measurement satisfies the threshold measurement value, the system may determine that an attack is occurring at the first node in the network. The system may then identify one or more nodes that have capacity for handling traffic intended for the first node. Once the one or more nodes are identified, the system may launch virtual machines at the one or more nodes to handle legitimate traffic intended for the first node. | 2017-02-09 |
20170041340 | DETECTION OF MANIPULATION OF APPLICATIONS - The present invention relates to a solution to improve the security of applications. Particularly, the invention relates to the control of the whole lifecycle of data traffic between a client and a server applying also internal data flow system within the server only for editable data. The invention presents a method for detection of manipulation of data ( | 2017-02-09 |
20170041341 | Polymorphic Treatment of Data Entered At Clients - A computer-implemented method includes identifying, in web code to be served to a client, presence of code for generating a form; generating additional, executable code to be run on the client device, the additional, executable code being arranged to identify user input on the client device and modify the form so that data from the user input is received into one or more alternative fields of the form other than a first field to which a user performing the input directed the input; receiving a request from the client device based on completion of input into the form; and converting data from the received request so that data for the one or more alternative fields of the form is directed to the first field of the form for processing by a web server system that initially generated the web code. | 2017-02-09 |
20170041342 | SYSTEM AND METHOD OF UTILIZING A DEDICATED COMPUTER SECURITY SERVICE - Disclosed are systems and method for utilizing a dedicated computer security service. An exemplary method includes storing in an electronic database rules that indicate when to use either a first cloud service or a second cloud service for one of the security services, receiving a request from a client computer to access the security service, determining parameters relating to the received request, applying the parameters to the plurality of rules to determine an instruction indicating whether to transmit the request to the first cloud service or the second cloud service; and transmitting the request to either the first cloud service or the second cloud service, based on the instruction, to use the at least one security service. | 2017-02-09 |
20170041343 | NETWORK ACCESS WITH DYNAMIC AUTHORIZATION - In one embodiment, a method includes receiving at an enforcement node, a request to access a network from an endpoint, transmitting at the enforcement node, the access request to a policy server, receiving at the enforcement node from the policy server, a dynamic authorization comprising a plurality of ranks, each of the ranks comprising a policy for access to the network by the endpoint, assigning the endpoint to one of the ranks and applying the policy associated with the rank to traffic received from the endpoint at the enforcement node during a communication session between the endpoint and the network, assigning the endpoint to a different rank, and applying the policy associated with the rank to traffic received from the endpoint during the communication session. An apparatus and logic are also disclosed herein. | 2017-02-09 |
20170041344 | DYNAMIC MANAGEMENT OF ENTERPRISE POLICIES - A method includes receiving a notice of a policy violation of an enterprise usage policy by a managed application on a user device wherein the managed application is managed by a mobile application management module on the user device, retrieving the enterprise usage policy from a policy database. The method further includes determining a modification precedence of the active condition and the active restriction, selecting one of the active condition and the active restriction for modification in response to the modification precedence, modifying the selected one of the active condition and the active restriction in response to the notice of the policy violation to provide a modified enterprise usage policy, and transmitting the modified enterprise usage policy to the user device. | 2017-02-09 |
20170041345 | SECURITY CONTROL FOR AN ENTERPRISE NETWORK - A computing device detects that another computing device has connected to a network. The computing device determines whether the other computing device is valid and whether the computing device is being utilized for one or more suspicious activities. Based on determining that the other computing device is being utilized for one or more suspicious activities, the computing device determines a location of the other computing device, determines whether a user associated with the other computing device can be identified, and based on determining that the user associated with the other computing device cannot be identified, disables the other computing device, and transmits an alert to security personnel. | 2017-02-09 |
20170041346 | ACCURATE LICENSE COUNTING IN SYNCHRONIZED SERVERS - Several embodiments include a policy-bound token distribution system. The system can include a back-office server that issues policy-bound tokens to local main distribution servers. A local main distribution server can distribute a policy-bound token to a digital environment to authorize an operator to take advantage of a protected resource. The system can rely on a backup server to distribute the policy-bound tokens whenever the distribution service of the local main distribution server is unavailable. To prevent run-time leakage from the backup server, the backup server can synchronize its distribution state with the local main distribution server and the back-office server. The distribution state can include distribution transaction records between the backup server and client devices. Throughout the system, each distribution transaction record can be assigned unique transaction ID to prevent multiple accounting of the same distribution transaction record from different servers. | 2017-02-09 |
20170041347 | Application-based security rights in cloud environments - This disclosure provides the ability for a cloud application to specify its security requirements, to ability to have those requirements evaluated, e.g., against a specific cloud deployment environment, and the ability to enable the application to control a cloud-based security assurance service to provision additional security technology in the cloud to support deployment (or re-deployment elsewhere) of the application if the environment does not have the necessary topology and security resources deployed. To this end, the application queries the service by passing a set of application-based security rights. If the security capabilities provided by the security assurance service are sufficient or better than the application's security rights, the application functions normally. If, however, the security environment established by the security assurance service is insufficient for the application, the application is afforded one or more remediation options, e.g., issuing a request to upgrade the security environment, or the like. | 2017-02-09 |
20170041348 | CONTEXT-AWARE PATTERN MATCHING ACCELERATOR - Methods and systems for improving accuracy, speed, and efficiency of context-aware pattern matching are provided. According to one embodiment, a packet stream is received by a first stage of a CPMP hardware accelerator of a network device. A pre-matching process is performed by the first stage to identify a candidate packet that matches a string or over-flow pattern associated with IPS or ADC rules. A candidate rule is identified based on a correlation of results of the pre-matching process. The candidate packet is tokened to produce matching tokens and corresponding locations. A full-match process is performed on the candidate packet by a second stage of the CPMP hardware accelerator to determine whether it satisfies the candidate rule by performing one or more of (i) context-aware pattern matching, (ii) context-aware string matching and (iii) regular expression matching based on contextual information, the matching tokens and the corresponding locations. | 2017-02-09 |
20170041349 | INSTALLING CONFIGURATION INFORMATION ON A HOST - Certain embodiments provide means for managing automated access to computers, e.g., using SSH user keys and other kinds of trust relationships. Certain embodiments also provide for managing certificates, Kerberos credentials, and cryptographic keys. Certain embodiments provide for remediating legacy SSH key problems and for automating configuration of SSH keys, as well as for continuous monitoring. | 2017-02-09 |
20170041350 | Applying Security Policy to an Application Session - Applying a security policy to an application session, includes recognizing the application session between a network and an application via a security gateway, determining by the security gateway a user identity of the application session using information about the application session, obtaining by the security gateway the security policy comprising network parameters mapped to the user identity, and applying the security policy to the application session by the security gateway. The user identity may be a network user identity or an application user identity recognized from packets of the application session. The security policy may comprise a network traffic policy mapped and/or a document access policy mapped to the user identity, where the network traffic policy is applied to the application session. The security gateway may further generate a security report concerning the application of the security policy to the application session. | 2017-02-09 |
20170041351 | REAL-TIME PLACESHIFTING OF MEDIA CONTENT TO PAIRED DEVICES - Methods, devices, and systems are provided for placeshifting a media program. An exemplary method involves a media device storing identification information for a client device coupled to a network and receiving a request to transfer a media program available for presentation on a primary display device in a first format via the media device. In response to the request, a peer-to-peer communication session with the client device over the network is established using the identification information and an encoded content stream corresponding to the media program is transferred to the client device via the peer-to-peer communication session. | 2017-02-09 |
20170041352 | PUBLISH/SUBSCRIBE NETWORK ENABLED FOR MULTIMEDIA SIGNALING CONTROL, METHOD FOR INITATING A SESSION WITHIN THE NETWORK AND RESPECTIVE NETWORK DEVICE - A method for initiating a session within a publish/subscribe network, comprises: publishing a first topic by a first user interface of a first device, the topic identifying the first user interface and including an address-identifier identifying a second user interface of another device, triggering a request to start a session, starting a first media endpoint ( | 2017-02-09 |
20170041353 | CALL FLOW SYSTEM AND METHOD FOR USE IN A VOIP TELECOMMUNICATION SYSTEM - A method of establishing a communication link between a mobile terminal of a wireless network and a subscriber of a network, such as an enterprise network, and/or a residential network. | 2017-02-09 |
20170041354 | METHOD AND APPARATUS FOR MANAGEMENT OF COMMUNICATION CONFERENCING - Aspects of the subject disclosure may include, for example, detecting another communication device during a communication session, adjusting without interruption the communication session to add the other communication device responsive to a determination according to conferencing information that the other communication device is authorized to join in the communication session, and controlling access by the other communication device to the communication session according to user input. Other embodiments are disclosed. | 2017-02-09 |
20170041355 | CONTEXTUAL INFORMATION FOR AUDIO-ONLY STREAMS IN ADAPTIVE BITRATE STREAMING - A method is provided to presenting contextual information during adaptive bitrate streaming to allow play of an audio-only variant. The method includes receiving an audio-only variant of a video stream, calculating bandwidth headroom, receiving contextual information that provides descriptive information about visual components of the video stream that has a bitrate less than the bandwidth headroom, and presenting the contextual information to users while playing the audio-only variant. | 2017-02-09 |
20170041356 | Methods and Systems to Customize a Vehicle Computing System Based on an Electronic Calendar - A vehicle system includes a processor programmed to output a shared screen for a meeting at a vehicle display configured to output infotainment settings. The processor is in communication with the vehicle display and a nomadic device. The processor is programmed to parse a calendar associated with the nomadic device for a meeting within a predefined or selected time window or period. The processor is further programmed to identify login information for the meeting, establish a communication link for the meeting based on the identified login information, and output a shared screen for the meeting at the display based on the vehicle being in a predefined state. | 2017-02-09 |
20170041357 | METHODS AND SYSTEMS FOR VIRTUAL CONFERENCE SYSTEM USING PERSONAL COMMUNICATION DEVICES - Systems and methods are described herein for providing a virtual conference using a master device implemented with a personal communication device (PCD), including determining, by the master device, a latency for each of a plurality of satellite devices connected to the master device. The master device then determines an uplink buffer duration based on a difference between a highest latency and a lowest latency among the plurality of satellite devices. The master device determines a processing time for an uplink data packet, the processing time being determined based, at least in part, on the uplink buffer duration. The master device then performs signal processing at the processing time for the received uplink data packets. | 2017-02-09 |
20170041358 | METHODS AND SYSTEMS FOR VIRTUAL CONFERENCE SYSTEM USING PERSONAL COMMUNICATION DEVICES - Systems and methods are described herein for providing a virtual conference with a master device connected to a plurality of satellite devices, including: receiving, by the master device, uplink data packets from a plurality of channels, each of the plurality of channels is associated with one of the plurality of satellite devices, and dividing, by the master device, the plurality of channels into two or more groups based on a conversation captured in the uplink data packets of each of the plurality of channels. The master device selects one group from the two or more groups for output. The master device also transmits downlink data packets corresponding to the selected group for the plurality of satellite devices. | 2017-02-09 |
20170041359 | DEVICE FOR CAPTURING AND STREAMING VIDEO AND AUDIO - A portable communications device captures a plurality of data records from a camera and streams the data records to another, external device after detecting a first trigger event and a second trigger event. The portable communications device may initiate streaming of captured data records following detection of only one high confidence trigger event. Data records streamed to an external communications management system are protected from deliberate, inadvertent, or accidental alteration or deletion, thereby protecting the integrity of captured audio and video data. Data records may be stored in a buffer memory in the device when a communications link to an external device is not available, then streamed from the device after a communications link has been established. | 2017-02-09 |
20170041360 | STATUS MONITORING OF UNCONNECTED WIRELESS BROADCAST DEVICES - The system and method of the present disclosure relates to technology for monitoring a broadcast device that is non-network connected. A wireless device monitors for a broadcast message transmitted wirelessly by the broadcast device. Upon discovery of the broadcast message, the wireless device transmits information from the broadcast message to a remotely located sever via a network. The server stores the broadcast information and determines the status (e.g., online or offline) of the broadcast device. The status is determined based on the detection time (e.g., the last seen time of the broadcast device by the wireless device) and an offline threshold value (e.g., a predetermined time period) that is compared to the current time or time upon which the server received the broadcast information. As a result of the comparison, the server determines whether the broadcast device is online or offline. | 2017-02-09 |
20170041361 | HYBRID POCKET ROUTER - A method, an apparatus, and a computer program product for wireless communication are provided. The apparatus may be an MBMS receiver device. The MBMS receiver device receives at least one packet associated with an MBMS service. A configuration for providing the at least one packet to a UE is determined. The configuration may be one of a plurality of different configurations. The plurality of configurations may include at least a first configuration and a second configuration. The MBMS receiver device processes the received at least one packet based on the configuration. The MBMS receiver device sends the processed at least one packet to the UE based on the configuration. | 2017-02-09 |
20170041362 | METHOD FOR TRANSMITTING BROADCASTING CONTENTS IN REAL-TIME AND DEVICE FOR SAME - A real-time broadcasting contents transmission method and device are disclosed. In an embodiment, the device stores a streaming list which is information about one or more streaming contents received from a contents providing server. When a request being transmitted to the contents providing server is received from a terminal device through the communication unit, the device determines whether the requested streaming content is registered in the streaming list. If the requested streaming content is registered in the streaming list, the device branches the streaming content received from the contents providing server and then, after delay for a predetermined time, transmits the streaming content to the terminal device. | 2017-02-09 |
20170041363 | System and Method for Assembling and Playing a Composite Audiovisual Program Using Single-Action Content Selection Gestures and Content Stream Generation - A system and method for providing a composite audiovisual program for rendering by a video player. The method includes receiving a request for available program segments and sending information relating to the available program segments. Selection information corresponding to selected ones of the available program segments that have been selected for inclusion in a play queue is also received. Available program segments may be selected in response to a single gesture provided through a user interface of an application program including the video player. The method further includes receiving requests for a sequence of segment files identified by variant playlist information associated with the selected ones of the available program segments. The sequence of segment files may be provided by a media repository such that the sequence of segment files are rendered by the video player without buffering between the selected ones of the available program segments. | 2017-02-09 |
20170041364 | System and Method for Multiplexed Video Stream Decoding in Web Browser - A system and method for real time streaming and decoding of multiple simultaneous streams within a web browser is disclosed. In a preferred embodiment, a stream manager of the web browser stores decoder context data for each of the streams. The stream manager then provides the frames in conjunction with the decoder context data for consumption by a decoder of the web browser, which decodes the frames, presents the frames for display, and updates the decoder context data with the frame data of the decoded frames. In another embodiment, the stream manager is integrated within the decoder. | 2017-02-09 |
20170041365 | SYSTEM AND METHOD FOR CREATING AND MANAGING GEOFEEDS - The disclosure relates to systems and methods of burning, snapshotting, streaming and curating geofeeds, each geofeed including a plurality of geofeed content items that are aggregated from a plurality of content providers using respective requests formatted specifically for individual ones of the plurality of content providers, where each individual set of a plurality of content is relevant to one or more geographically definable locations. Archives of a geofeed may be generated by burning portions or all of the geofeed content items and/or generating snapshots of geofeeds at different times. A real-time geofeed may be streamed by continuously or periodically obtaining newly available geofeed content items and updated a geofeed stream in real-time. Collections of geofeed content items may be curated in order to organize and follow geofeed content items of interest. | 2017-02-09 |
20170041366 | SEGREGATION OF ELECTRONIC PERSONAL HEALTH INFORMATION - A dynamic secure mobile network is provided to enable the transfer and storage of private data. The dynamic secure mobile network can provide secured communication channels that segregates different types of data and allows for protected data streams to be sent via different secured channels than non-protected data. The enhanced wireless mobile network can support consistent compliancy/privacy and security policies across all networks. | 2017-02-09 |
20170041367 | METHOD AND SERVER FOR SEARCHING FOR DATA STREAM DIVIDING POINT BASED ON SERVER - Embodiments of the present invention provide a method for searching for a data stream dividing point based on a server. In the embodiments of the present invention, a data stream dividing point is searched for by determining whether at least a part of data in a window of M windows meets a preset condition, and when the at least a part of data in the window does not meet the preset condition, a length of N*U is skipped, so as to obtain a next potential dividing point, thereby improving efficiency of searching for a data stream dividing point. | 2017-02-09 |
20170041368 | Cloud Queue Synchronization Protocol - An example implementation may involve a computing system receiving, from a media playback system over the network interface, a request to initiate playback of the particular cloud queue at a first media item. The computing system assigns a playhead pointer to a position within the particular cloud queue that corresponds to the first media item and transmits, to the media playback system over the network interface, an instruction that causes one or more playback devices of the media playback system to initiate playback of the particular cloud queue at the first media item. While the one or more playback devices play back the particular cloud queue, the computing system updates the assigned position of the playhead pointer to indicate the currently playing media item of the particular cloud queue. | 2017-02-09 |
20170041369 | RELAYING DEVICE, COMMUNICATION SYSTEM, AND COMMUNICATION METHOD - A relaying device is provided, which can mediate by using communications of a wireless apparatus without clipping off the beginning of verbal communication. The relaying device includes: a network interface that receives an audio signal as a group of packet trains via a network; a wireless apparatus interface to which a wireless apparatus is connected; a voice buffer that temporarily stores the audio signal; and a control unit that starts temporarily storing the audio signal in the voice buffer and requests the wireless apparatus to reserve a channel, when a leading packet of the group of packet trains is received, and that reads the temporarily stored audio signal from the voice buffer and transfers the audio signal to the wireless apparatus, after receiving from the wireless apparatus a reply indicating that a channel has been reserved. | 2017-02-09 |
20170041370 | RELAYING DEVICE, COMMUNICATION SYSTEM, AND COMMUNICATION METHOD - A relaying device is provided, which can mediate by using communications of a wireless apparatus without clipping off the beginning of verbal communication. The relaying device includes: a network interface that receives an audio signal as a group of packet trains via a network; a wireless apparatus interface to which a wireless apparatus is connected; a voice buffer that temporarily stores the audio signal; and a control unit that starts temporarily storing the audio signal in the voice buffer and requests the wireless apparatus to reserve a channel, when a leading packet of the group of packet trains is received, and that reads the temporarily stored audio signal from the voice buffer and transfers the audio signal to the wireless apparatus, after receiving from the wireless apparatus a reply indicating that a channel has been reserved. | 2017-02-09 |
20170041371 | APPARATUS AND METHOD FOR PROVIDING STREAMING CONTENT - A method and apparatus for an adaptive Hypertext Transfer Protocol (HTTP) streaming service using metadata of media content are provided. The media content may include a sequence of one or more periods. The metadata may include a start time attribute and/or a duration attribute of each of the periods. The metadata may determine a start time of each of the periods, and a start time of each of segments included in each of the periods. A terminal may access segments included in each of the periods, may decode and render data of media content included in the segments, and may play back the media content. | 2017-02-09 |
20170041372 | CONTENT INSERTION IN STREAMING MEDIA CONTENT - A method includes accessing, at a media content provider system, a media stream corresponding to a first media content item. The method further includes generating a media content file based on the media stream and a second media content item that is different than the first media content item. A first portion of the media content file may include media data of the media stream, and a second portion of the media content file may include header data and an indicator of a location of the second media content item. | 2017-02-09 |
20170041373 | Rules Engine for Connected Devices - In one embodiment, a method includes receiving notifications of events associated with the connected devices, evaluating a plurality of event sequences that include two or more events occurring within a particular time period, and generating a plurality of rules based on the evaluated event sequences. The method further includes receiving a notification of a first event associated with a first connected device on the network, determining that a first rule of the plurality of rules is based on the first event, and sending one or more instructions to connected devices in accordance with the first rule. | 2017-02-09 |
20170041374 | EYE CONTACT-BASED INFORMATION TRANSFER - A method, computer program product and system for eye contact-based information transfer. Communication is established by a computer device between a first head mounted device worn by a first user and a second head mounted device worn by a second user. Gaze tracking establishes through gaze tracking of the first head mounted device and the second head mounted device that the first head mounted device and the second head mounted device have made eye contact. Responsive to an input to at least one of the first head mounted device and the second head mounted device made while the first head mounted device and the second head mounted device have established eye contact, a computer device transfers a file between the first head mounted device and the second head mounted device. | 2017-02-09 |
20170041375 | GENERATING CONTENT FRAGMENTS FOR CONTENT DISTRIBUTION - Disclosed are various examples for specifying portions of content files that can be stored on a client device. A content file stored in a remote storage area can be segmented into content fragments. A manifest file that specifies which portions of the content file correspond to content fragments can also be generated. The manifest file and content fragments can be packaged into a content package file that is stored on a client device and interpreted by a content proxy server. | 2017-02-09 |
20170041376 | DATA-SHARING SYSTEM AND METHOD - The present invention provides a data-sharing system, including a media server, a first device and a second device. The media server has a media server address and is configured to store at least one media file. The first device is configured to download the media file from the media server according to the media server address, and play the media file on a media player program. The first device further outputs file information corresponding to the media file according to a switching signal. The second device is configured to receive the file information from the first device, stream the media file from the media server according to the file information, and play the media file on the media player program. | 2017-02-09 |
20170041377 | FILE TRANSMISSION METHOD AND APPARATUS, AND STORAGE MEDIUM - This disclosure discloses a file transmission method and apparatus, and a storage medium, and belongs to the field of communications among devices. The method includes scanning, at a first terminal device, to detect one or more terminal devices that are in a connectable state with the first terminal device, establishing a communication connection between the first terminal device and a second terminal device selected from the one or more terminal devices, and transmitting a control command to the second terminal device through the communication connection. The control command instructs the second terminal device to perform an operation that is delectable. Further, the method includes receiving a signal indicative of an instruction for transmitting a file to the second terminal device, and transmitting the file to the second terminal device. | 2017-02-09 |
20170041378 | SYSTEM AND METHOD FOR SYNCHRONIZED INTERACTIVE MULTIMEDIA PROCESSING AND DELIVERY - Synchronized playback and distribution of multimedia data within wireless mesh networks that include a gateway device and a remote device. The gateway device may include gateway storage unit with enumerated storage blocks, together forming the file, a transmitter transmitting the enumerated storage blocks from the storage unit. The remote device may include a storage unit with allocated storage block divided into enumerated storage blocks, a first bitmap mapped to the enumerated storage blocks, a receiver receiving an enumerated block and a processing unit for correlating the received enumerated block to a correlated enumerated storage block and correlating an enumerated storage block with a correlated stored bit in the first bitmap, setting the correlated stored bit in the first bitmap, storing the received enumerated block, building a list of missing blocks, and adding to a missing blocks list, and a transmitter transmitting the missing blocks list. | 2017-02-09 |
20170041379 | Cloud Application Processing Method, Cloud Application Deployment Method, and Related Apparatus and System - A cloud application processing method and related apparatus are provided. The method is performed by a cloud service provider, and may include determining that a working state of a first virtual machine satisfies a condition for adding a virtual machine, determining, according to an emergency policy corresponding to a first application running on the first virtual machine, a second application that has an emergency relationship with the first application, and instructing a second virtual machine on which the second application is hosted to run the first application deployed on the second virtual machine, creating a third virtual machine, deploying and starting the first application on the third virtual machine, and instructing the second virtual machine to stop running the first application after the first application is started on the third virtual machine. | 2017-02-09 |
20170041380 | MEDIA FILE SHARING, CORRELATION OF METADATA RELATED TO SHARED MEDIA FILES AND ASSEMBLING SHARED MEDIA FILE COLLECTIONS - The present invention provides for systems and methods for communicating media files and creating a collection of media files, also referred to herein as a master media file. In addition, the systems and methods of the present invention provide for the creation of automatic metadata and compilation of metadata associated with the collection of media files. The present invention is able to bond devices, referred to herein as slave devices, such as media capture devices, presence devices and/or sensor devices and instruct the slave devices, particularly the media capture devices, to communicate captured media files with a specified set of metadata included. | 2017-02-09 |
20170041381 | Managing a Device Cloud - Particular embodiments of a gateway computing device may provide a provisioning service for access credentials for a restricted network. The gateway computing device may receive, from a client device, a request for the access credentials, wherein the request was sent over an open network using a restricted-packet-size protocol designed to limit power usage by devices sending messages using the protocol. The gateway computing device may segment data comprising the access credentials into a plurality of packets, wherein the plurality of packets conform to the restricted-packet-size protocol. Finally, the gateway computing device may send, over the open network to the client device, the segmented data using the restricted-packet-size protocol. | 2017-02-09 |
20170041382 | SYSTEM AND METHOD FOR PROVIDING ADDITIONAL FUNCTIONALITY TO EXISTING SOFTWARE IN AN INTEGRATED MANNER - An improved system and method are disclosed for improving functionality in software applications. In one example, the method includes a computing entity having a network interface, a processor, and a memory configured to store a plurality of instructions. The instructions include instructions for a superblock application having instructions for a function block included therein. The function block is configured to provide functions that are accessible to the superblock application via an application programming interface (API). The functions are provided within the superblock application itself and are accessible within the superblock application without switching context to another application on the computing entity. | 2017-02-09 |
20170041383 | INFORMATION OBJECT OBTAINING METHOD, SERVER, AND USER EQUIPMENT - The present invention provides an information object obtaining method, a server, and user equipment, including: receiving, by a name resolution server NRS, an information object IO request message sent by the user equipment, where the IO request message carries an identifier of an IO; and sending, by the NRS according to the identifier of the IO, information about a node storing the IO and attribute information of the IO stored in the node to the user equipment. In technical solutions of the present invention, a name resolution server NRS receives an information object IO request message sent by user equipment, where the request message carries an identifier of an IO; the NRS sends, according to the identifier of the IO, information about a node storing the IO and attribute information of the IO stored in the node to the user equipment. | 2017-02-09 |
20170041384 | CLOUD SERVICE BROKER APPARATUS AND METHOD THEREOF - A cloud service broker apparatus and method thereof are provided. The cloud service broker apparatus includes a controller configured to provide a brokerage service between a plurality of cloud service providers and a cloud service user by dividing a cloud service requested by the cloud service user into a plurality of cloud service segments and distributing each of the cloud service segments to each of the clouds. | 2017-02-09 |
20170041385 | DYNAMIC HEALTHCHECKING LOAD BALANCING GATEWAY - A method for providing a dynamic healthchecking gateway is provided. The method may include receiving an application request. The method may also include determining if a plurality of load balancing information is available for the application request. The method may further include in response to determining that a plurality of load balancing information is not available for the application request, registering the requested application in a repository. The method may include monitoring the availability of a plurality of servers and the availability of the requested application. The method may additionally include determining an available runtime instance based on the monitoring. The method may also include forwarding the received application request to the determined available runtime instance. | 2017-02-09 |
20170041386 | PROVISIONING A TARGET HOSTING ENVIRONMENT - A method for dynamically provisioning a target platform to host an application with one or more application program interfaces (APIs) is provided. The method determines whether one or more APIs are supported on one or more of at least two hosting platforms and whether one or more instructions for the application are permitted to be executed on the one or more of the hosting platforms, and executes the one or more instructions for the application on a supported and permissible platform having the lowest performance metric for running the application. | 2017-02-09 |
20170041387 | METHODS AND SYSTEMS FOR WORKLOAD DISTRIBUTION - This invention relates to methods and systems for workload distribution, particularly in data centers, more particularly data centers which use fresh air cooling. Embodiments of the invention provide methods and systems which calculate a load value for each server which takes account of both the temperature of the server and its current job queue, and determine the server to which an incoming job should be allocated on the basis of the load values of the available servers. | 2017-02-09 |
20170041388 | Controlling a Device Cloud - In one embodiment, a method includes receiving a natural-language message including an authorization request to authorize a first user access to one or more of a number of connected devices associated with a second user; parsing the natural-language message; identifying, based on the parsed natural-language message, the first user and one or more of a number of connected devices; implicitly determining that the first user is authorized to access the identified one or more of the number of connected devices based on a calculated strength of a relationship between a node representing the first user in a social graph and a node representing the second user in the social graph satisfying a pre-determined threshold; and providing, based on the implicit authorization, access to the identified one or more of the number of connected devices. | 2017-02-09 |
20170041389 | SYSTEM AND METHOD FOR UNIFIED SYNCHRONIZATION OF RELATIONSHIP CONNECTIONS ACROSS MULTIPLE SOCIAL NETWORK DATABASES - A system and method for unified synchronization of relationship connections across multiple social network databases is disclosed. In one aspect, the method includes logging in a first user to a first user account through a first wireless mobile device controlled by the first user, wherein the first user account comprises a logical connection to a plurality of the first user's social network accounts. The method further includes discovering a second wireless mobile device or account associated with a second user. The method further includes selecting more than one of the first user's social network accounts via input from the first user, and generating an invitation to connect to the second user's account, wherein the invitation comprises a connection invitation for the second user to connect to at least one of the selected social network accounts of the first user. | 2017-02-09 |
20170041390 | N-WAY SYNCHRONIZATION OF DESKTOP IMAGES - Methods and systems for n-way cloning and synchronization of a user desktop image are provided. Example embodiments provide a Cloning and Synchronization System (“CSS”) which binds a server stored CVD object representing the user's desktop image to one or more endpoint devices. Each endpoint device receives a clone of the CVD object that comprises one or more layers of the server CVD depending upon the suitability of the endpoint device hardware and operating system to the server stored desktop. The cloned CVDs in the endpoint devices are then kept synchronized by synchronization operations. In one embodiment, the CSS allows only one endpoint device to act as a master device and push up changes to the server CVD. These changes are then pushed down to the other devices using different synchronization methods dependent upon the layer. | 2017-02-09 |
20170041391 | DATA SHARING IN A CLOUD - A system, a method, and a computer program product for sharing data in a cloud are provided. A request for accessing data associated with a first entity is generated. A sharing policy associated with the first entity is accessed. Access to a portion of the data is provided based on at least one parameter contained within the sharing policy. The access to the portion of the data is provided using at least one integrated view. | 2017-02-09 |
20170041392 | METHOD OF DISTRIBUTING A FILE AND A COMPUTING SYSTEM EMPLOYING SAME - A computerized method and system are disclosed for distributing a file opened on a first computing device. The first computing device identifies and saves the file to a file-download location; starts a file-distribution service for downloading the copy of the file from the file-download location; generates a URL indicating the file-download location; generates a presentation, such as a QR code, of the URL; and presents the generated presentation, e.g., on a display thereof. At least a second computing device acquires the QR code; obtains the URL from the obtained QR code, and uses the URL to download the file from the file-download location. | 2017-02-09 |
20170041393 | Rebalancing And Elastic Storage Scheme With Elastic Named Distributed Circular Buffers - A method implemented by a network element (NE) in a network, comprising composing a first network storage entity by mapping a plurality of logical storage units to a plurality of physical storage units in a physical storage system according to a first storage metric associated with the plurality of physical storage units, arranging the plurality of logical storage units sequentially to form a logical circular buffer, and designating a current logical storage unit for writing data and an upcoming logical storage unit for writing data after the current storage unit is fully written, and rebalancing the physical storage system while the physical storage system is actively performing network storage operations by relocating at least one of the logical storage units to a different physical storage unit according to a second storage metric associated with the plurality of physical storage units. | 2017-02-09 |
20170041394 | Large-Scale Storage and Retrieval of Data with Well-Bounded Life - A method comprising receiving one or more data storage specifications from a tenant, determining that a plurality of physical storage units in a physical storage system comprises a sufficient system capacity to provision data storage for the tenant, sending a storage request message to request creation of a network storage entity for the tenant according to the data storage specifications, and receiving a storage response message indicating a first of a plurality of logical storage units allocated to the network storage entity according to the data storage specifications, wherein the plurality of logical storage units are distributed across the plurality of physical storage units, and wherein the plurality of logical storage units are arranged in a sequential order to form a logical circular buffer. | 2017-02-09 |