15th week of 2016 patent applcation highlights part 49 |
Patent application number | Title | Published |
20160105328 | CENTRALIZED APPLICATION PROGRAMMING INTERFACE MONITORING TOOL - Methods and systems for the collecting and monitoring of information related to the performance of application programming interfaces (APIs) are provided. A method includes obtaining one or more various measurements of performance of the APIs, and assessing a performance status for each API based on the obtained one or more various measurements of performance. The method further includes displaying, the performance status for each API and the APIs, and searching for a particular API of the displayed APIs using a search technique configured to compare a keyword indicative of the particular API to all fields of JavaScript Object Notation (JSON) objects that have been used to define the APIs. The method further includes displaying the particular API including the performance status for the particular API, the one or more various measurements of performance for the particular API, and methods of the particular API, as a result of the searching. | 2016-04-14 |
20160105329 | DEFINING A SERVICE-MONITORING DASHBOARD USING KEY PERFORMANCE INDICATORS DERIVED FROM MACHINE DATA - Processing device(s) cause display of a dashboard-creation graphical interface that includes a modifiable dashboard template and a key performance indicator (KPI)-selection interface for selecting a KPI indicating how a service provided by one or more entities is performing at one or more points in time. Each entity is associated with machine data. A KPI is defined by a search query that derives value(s) for the KPI from the machine data associated with the entities that provide the service. The processing device(s) receive through the KPI-selection interface a selection of a particular KPI and a selection of a location in the dashboard template corresponding to a location for displaying a KPI widget in a dashboard based on the dashboard template. The KPI widget provides a representation of value(s) for the particular KPI. The processing device(s) cause display of an identifier for the particular KPI at the location in the dashboard template. | 2016-04-14 |
20160105330 | MONITORING SERVICE-LEVEL PERFORMANCE USING A KEY PERFORMANCE INDICATOR (KPI) CORRELATION SEARCH - One or more processing devices cause display of a graphical user interface (GUI) that includes a correlation search portion that enables a user to specify information for a key performance indicator (KPI) correlation search definition. The KPI correlation search definition includes search information and trigger determination information. The search information identifies KPI values, indicative of the KPI states, in a data store. The trigger determination information includes trigger criteria. The trigger determination evaluates the identified KPI values using the trigger criteria to determine whether to cause a defined action. A contribution threshold for a particular KPI definition is received via the GUI. The contribution threshold corresponds to a particular KPI state. The contribution threshold is stored as trigger criteria information. Each of the KPI values is derived from machine data pertaining to entities identified in a service definition using a search query specified by a KPI definition for the service. | 2016-04-14 |
20160105331 | ELECTRONIC DEVICE AND GATEWAY FOR NETWORK SERVICE, AND OPERATION METHOD THEREFOR - A method of operating an electronic device is provided. The method includes displaying a space drawing visualizing an indoor space and at least one icon related to an execution instruction to be transmitted to a network device, recognizing that an icon selected among the displayed at least one icon is overlapped on an image of the network device included in the space drawing, and transmitting the execution instruction corresponding to the selected icon, to the network device. | 2016-04-14 |
20160105332 | System and Method for Generic Service NFV Orchestration and Management for Converged Services - A system and method for network functions virtualization management and orchestration includes a virtualized infrastructure manager, a network functions virtualization orchestrator coupled to the virtualized infrastructure manager, a virtual network function manager coupled to the network functions virtualization orchestrator, one or more dedicated network services coupled to the network functions virtualization orchestrator, the one or more dedicated network services being orchestrated by the network functions virtualization orchestrator in accordance with a generic network service descriptor, and one or more dedicated network functions coupled to the virtual network function manager, the virtual network function manager configured to manage the dedicated network functions in accordance with a generic network function descriptor. | 2016-04-14 |
20160105333 | LOGICAL NETWORK TRAFFIC ANALYSIS - Some embodiments of the invention provide a method for gathering data for logical network traffic analysis by sampling flows of packets forwarded through a logical network. Some embodiments are implemented by a set of network virtualization controllers that, on a shared physical infrastructure, can implement two or more sets of logical forwarding elements that define two or more logical networks. In some embodiments, the method (1) defines an identifier for a logical network probe, (2) associates this identifier with one or more logical observation points in the logical network, and (3) distributes logical probe configuration data, including sample-action flow entry data, to one or more managed forwarding elements that implement the logical processing pipeline at the logical observation points associated with the logical network probe identifier. In some embodiments, the sample-action flow entry data specify the packet flows that the forwarding elements should sample and the percentage of packets within these flows that the forwarding elements should sample. | 2016-04-14 |
20160105334 | CREATING AN ENTITY DEFINITION FROM A FILE - Processing devices receive a file having entries having data items separated by delimiters. Each data item has an ordinal position. The processing device(s) cause display of a table, having rows and columns, in a graphical user interface. Each data items of a particular entry appears in a respective column of the same row. Each column corresponds to the ordinal position of its respective data item. User input is received designating, for each respective column, a field name and an entity definition component type to which the respective column pertains, and stores for each of the data items of the particular entry a value of an element of an entity definition. The element has the element name designated for the respective column in which the data item appeared, and is associated with an entity definition component having the type designated for the respective column in which the data item appeared. | 2016-04-14 |
20160105335 | SERVICE MONITORING INTERFACE - Services in an operating environment are represented by stored service definitions that identify entities that perform the service. Entity definitions identify machine data pertaining to the entity. A key performance indicator (KPI) of the service characterizes the service on the whole or some aspect of it. Each KPI is defined by a search query that derives a value from machine data identified in the entity definitions. Processing devices cause display of a service-monitoring page having a services summary region and a services aspects region. The summary region displays interactive summary tiles that each correspond to a service and present information about an aggregate KPI that characterizes the service. The aspects region displays interactive aspect tiles that each correspond to a KPI characterizing some aspect of an associated service. Additional information may be included in the service-monitoring page and interaction features enable a user to navigate to enhanced information displays. | 2016-04-14 |
20160105336 | SGT Feature Trace Using Netflow - Tracing of networking feature data may be provided for networking features running on network devices such as routers and switches. Examples of this feature tracing include “SGT tracing”, “Access Control Entry (‘ACE’) tracing”, and “Equal Cost Multipath (‘ECMP’) tracing.” In ACE tracing, a network administrator may desire to trace all the ACEs of Access Control Lists (“ACLs”) a particular packet is subject to. In ECMP, tracing information may be collected as to the ECMP links a particular packet is sent through at each of a plurality of network devices. | 2016-04-14 |
20160105337 | APPARATUS AND METHOD FOR ANALYZING A CONTROL NETWORK - Aspects of the present invention provide isolating and applying a common protocol which may be used by multiple devices across multiple network levels to analyze an entire system of control networks. A generic message may be sent individually to targeted addresses across a network level. If a response is received from a device at a targeted address, such as within a timeout period, a specific message customized to the individual device may be sent to extract further detail about the device, including its connectivity to other devices and networks. The system may continue automatically until resource utilization of the entire system is determined to thereby provide diagnostic and reliability services. | 2016-04-14 |
20160105338 | GRAPHICAL USER INTERFACE FOR ADJUSTING WEIGHTS OF KEY PERFORMANCE INDICATORS - Techniques are disclosed for providing an aggregate key performance indicator (KPI) that spans multiple services and for providing user adjustment to KPI factors via a GUI that enables a user to configure an aggregate KPI with feedback that better characterizes the performance of the services. The GUI may enable a user to select KPIs and to adjust weights (e.g., importance) associated with the KPIs. The weight of a KPI may affect the influence a value of the KPI has on the calculation of an aggregate KPI value (e.g., score). The GUI may provide near real-time feedback concerning the effect the weights have on the aggregate KPI value by displaying the aggregate KPI value (e.g., score) and updating the aggregate KPI value as the user adjusts the weights. | 2016-04-14 |
20160105339 | LOCALE PROFILE FOR A FABRIC NETWORK - Methods and systems for conveying locale information for an electronic device includes receiving, from a remote device and via a network interface of at least one network interfaces, a request for active or available locales for the electronic device. Conveying the locale information also includes sending, to the remote device and via the network interface, a message in a locale profile format including a list of available locales. The message includes a version field that indicates a version of schema used to transmit the list of available locales, an active local field that indicates a locale currently being used by the electronic device, and an available locales field that indicates which locales are available for use by the electronic device. | 2016-04-14 |
20160105340 | REPEATER - A repeater includes a plurality of input-side connectors and a plurality of output-side connectors corresponding to the input-side connectors that are configured such that communication cables connected to the input-side connectors are connected to other communication cables connected to the output-side connectors, and a detection indicating circuit provided between the input-side connectors and the corresponding output-side connectors. The detection indicating circuit includes a detection circuit branching, extracting and outputting a portion of signal transmitted between the input-side connectors and the corresponding output-side connectors, and an indicating circuit for indicating an establishment of information communication according to an output from the detection circuit. | 2016-04-14 |
20160105341 | Determining Asymmetries in a Communication Network - A method for measuring asymmetry in propagation delay of first and second links which connect a first node to a second node of a communication network. The method comprises measuring ( | 2016-04-14 |
20160105342 | INTELLIGENTLY MANAGING PATTERN CONTENTS ACROSS MULTIPLE RACKS BASED ON WORKLOAD AND HUMAN INTERACTION USAGE PATTERNS - A method, system and computer program product for managing pattern contents across multiple racks. The workload usage characteristics of the pattern contents on a primary rack in a domain of racks are collected based on monitoring the workload usage of the pattern contents in the pattern definition and in the deployed pattern. Furthermore, information regarding use of the pattern definition, the deployed pattern and the pattern contents by users (“human interaction usage patterns”) is collected based on monitoring the human interaction usage patterns. The pattern contents are then ranked based on analyzing the collected workload usage characteristics and analyzing the collected information regarding human interaction usage patterns. Once the pattern contents are ranked, those contents that are highly ranked are deemed to be more likely to be utilized in the pattern and therefore are the contents that are copied from the primary rack to the other racks of the domain. | 2016-04-14 |
20160105343 | SYSTEM AND METHOD FOR DETECTION OF ELEPHANT FLOWS - A system and method for detection of elephant flows includes a switching device. The switching device includes one or more ports, a memory, and a control unit coupled to the ports and the memory. The control unit is configured to detect storage locations information included in one or more first messages. The storage locations information identifies a storage node and is forwarded to a computing device. The control unit is further configured to detect opening of a connection between the computing device and the storage node based one or more second messages received for forwarding on one or more of the ports and determine identifying characteristics of an elephant flow based on information associated with the connection. In some embodiments, the control unit is further configured to forward network packets using an altered forwarding strategy when the network packets are associated with the elephant flow | 2016-04-14 |
20160105344 | MESH NETWORK TRANSMISSION DECISIONS BASED ON NODE PERFORMANCE METRICS - Systems and methods for transmission of data through mesh networks are disclosed. Specifically, various techniques and systems are provided for using performance metrics of nodes in a mesh network to make data transmission decisions. Exemplary embodiments of the present invention include a computer-implemented method. The method comprises receiving, at a network device on a network, performance metrics associated with an additional network device on the network; generating performance metrics associated with the network device; storing the performance metrics associated with the network device and the performance metrics associated with the additional network device; and transmitting the performance metrics associated with the network device and the performance metrics associated with an additional network device, wherein when the performance metrics are received, the performance metrics are used to determine whether data will be transmitted to the network device. | 2016-04-14 |
20160105345 | MESH NETWORK TRANSMISSION DECISIONS BASED ON NODE PERFORMANCE METRICS - Systems and methods for transmission of data through mesh networks are disclosed. Specifically, various techniques and systems are provided for using performance metrics of nodes in a mesh network to make data transmission decisions. Exemplary embodiments of the present invention include a computer-implemented method. The method comprises receiving, at a network device on a network, performance metrics associated with an additional network device on the network; generating performance metrics associated with the network device; storing the performance metrics associated with the network device and the performance metrics associated with the additional network device; and transmitting the performance metrics associated with the network device and the performance metrics associated with an additional network device, wherein when the performance metrics are received, the performance metrics are used to determine whether data will be transmitted to the network device. | 2016-04-14 |
20160105346 | SCALABLE FEDERATED POLICY FOR NETWORK-PROVIDED FLOW-BASED PERFORMANCE METRICS - The present disclosure describes methods and systems for providing and enforcing scalable federated policies for network-provided flow-based performance metrics. Due to different security concerns related to different domains, varying group policies can be applied to different domains to ensure proper sharing and receipt of flow-based performance metrics. Some policies can limit the type of performance metric being shared among the nodes in the domain. Some policies allow less information to be exposed by specifying aggregated performance metrics to be shared among the nodes in the domain. A group key management infrastructure can be provided to enforce these group policies in the network in a scalable manner. | 2016-04-14 |
20160105347 | METHOD OF TRACING A TRANSACTION IN A NETWORK - A method is provided for tracking a transaction communicated in a network through nodes connected using sockets, wherein socket data is stored in one or more memory devices. The method includes identifying a start node and a trace-out socket on that node, and for i from 1 to N: by using the socket data, identifying an i | 2016-04-14 |
20160105348 | MEP CONFIGURATION METHOD AND NETWORK DEVICE - In the communications field, an MEP configuration method and an Ethernet device are provided. The method includes: receiving, by an Ethernet device, a CCM message and parsing the CCM message to acquire configuration information in the CCM message and a virtual local area network VLAN of the CCM message; and determining, by the Ethernet device according to configuration information, whether the CCM message is MEP configuration that needs to be configured, and if it is determined that the CCM message is the MEP configuration that needs to be configured, complete the MEP configuration according to the configuration information and the VLAN of the CCM message. A method provided in a specific implementation manner of the present invention has an advantage of configuring MEP configuration automatically. | 2016-04-14 |
20160105349 | NETWORK DEVICE AND METHOD FOR CHANNEL QUALITY ESTIMATION - A method for channel quality estimation is executable by a network device. The network device divides channels into a plurality of groups according to a number of channels available in a competing network environment in which the first network device is located, and selects a representative channel from each of the plurality of groups which is central to the frequencies of each available competing channel. The selected representative channels are each tested and each of the channel quality estimations is taken as channel quality estimation of all channels of a group, to save time in estimating and increase efficiency. | 2016-04-14 |
20160105350 | Method And System For Real-time Modeling Of Communication, Virtualization And Transaction Execution Related Topological Aspects Of Monitored Software Applications And Hardware Entities - A system and method for real-time discovery and monitoring of multidimensional topology models describing structural aspects of applications and of computing infrastructure used to execute those applications is disclosed. Different types of agents are deployed to the monitored application execution infrastructure dedicated to capture specific topological aspects of the monitored system. Virtualization agents detect and monitor the virtualization structure of virtualized hardware used in the execution infrastructure, operating system agents deployed to individual operating systems monitor resource utilization, performance and communication of processes executed by the operating system and transaction agents deployed to processes participating in the execution of transactions, providing end-to-end transaction trace and monitoring data describing individual transaction executions. The monitoring and tracing data of the deployed agents contains correlation data that allows to create a topology model of the monitored system that integrates transaction execution, process execution and communication and virtualization related aspects. | 2016-04-14 |
20160105351 | APPLICATION TESTING - The claimed subject matter includes techniques for providing an application testing service. An example method includes receiving context information from a client system, the context information comprising parameters that describe details of a user interaction with an application under test (AUT). The method also includes receiving a set of potential actions from the client system. The method also includes identifying a selected action from the set of potential actions and sending the selected action to the client system, wherein the AUT is customized based on the selected action. The method also includes receiving reward data from the client system based on a user's interaction with the AUT. The method also includes storing the context information, the selected action, and the reward data to a log of application test data. | 2016-04-14 |
20160105352 | FILE SYSTEM, CONTROL PROGRAM OF FILE SYSTEM MANAGEMENT DEVICE, AND METHOD OF CONTROLLING FILE SYSTEM - A file system includes a plurality of information-processing-devices, a plurality of storage devices and a management device, each connected to a communications network, wherein each information processing devices includes a transmission unit for transmitting state information indicating utilization state of the communications network by the information-processing-device to the management device, and the management device includes a determination unit for determining an information-processing-device to execute an inputted job, and a first storage device, and further determine a first path in the communications network for the information-processing-device to access to the first storage device, a collection unit for collecting the state information, and an alteration unit configured to identify, based on the collected state information, a second storage device enhancing access efficiency and a second path in the communications network enhancing access efficiency, and alter the first storage device and the first path to the second storage device and the second path. | 2016-04-14 |
20160105353 | PERFORMANCE MEASUREMENT OF A LINK OF A PACKET-SWITCHED COMMUNICATION NETWORK - A method for performing a performance measurement of a link between two nodes of a communication network. Before starting a measurement, measurement mode information including start time and packet transmission rate are provided to both nodes. At the start time, a first node generates and transmits to the other node a packet flow including packets with transmission times determined by the start time and packet transmission rate. The packet flow is divided into alternating blocks transmitted during even and odd block periods. At each block period, while the packet flow is received, a variable indicative of its behaviour is updated by using the measurement mode information and detected information on reception of the packet flow. Then, a parameter indicative of a performance of the packet flow during the block period is calculated using the value reached by the variable at the end of the block period. | 2016-04-14 |
20160105354 | MULTICAST ROUTING VIA NON-MINIMAL PATHS - A method of routing traffic for multi-cast routing through a node of a network that utilizes loop-free alternative paths is presented. The method includes receiving a join in the node from a second node in the network on a shortest path between the node and the second node; retrieving loop-free alternative paths to the second node; and adding an entry to a multi-cast routing table at the node that is based on a group that includes the shortest path to the second node and the loop-free alternative paths to the second node as cost equivalent paths. | 2016-04-14 |
20160105355 | CENTRALIZED RADIO ACCESS NETWORK VIRTUALIZATION MECHANISM - Diverting communication content directed to a wireless device based on a determined state of a display of the wireless device is presented herein. A method can include receiving state information representing a display state of a display of a wireless device; and in response to determining, based on the state information, that the display has been inactive for a defined period of time, redirecting communication content that has been directed to the wireless device to an intermediary device. In an example, the redirecting can include storing the communication content in the intermediary device as stored content, and in response to determining, based on the state information, that the display has been active, sending, via the intermediary device, the stored content directed to the wireless device. | 2016-04-14 |
20160105356 | Routing Data Within A Communications Network - Data is routed within a data network ( | 2016-04-14 |
20160105357 | METHOD AND NETWORK APPARATUS OF ESTABLISHING PATH - Embodiments of the present application provide a method and network apparatus of establishing path, applied in a SDN, the method includes: receiving, by a node, forwarding information from a SDNC; wherein the forwarding information is generated based on a relationship between prefix of IP address and tunnel information; receiving a packet, wherein the packet comprises first prefix information of a first IP address; forwarding the packet according to first tunnel information corresponding to the first prefix information of the first IP address. In the application, the process of route calculation is simplified, and number of forwarding flow entry in internal nodes is reduced. | 2016-04-14 |
20160105358 | COMPRESSION OF ROUTING INFORMATION EXCHANGES - Embodiments of the present invention include systems and methods for improving the exchange of routing information between information handling system by using compression. In embodiments, route information may be packetized as normally performed according to protocol. In embodiments, these packets may be compressed and placed into the data/payload portion of a new format packet. In embodiments, the new format packet includes an extended header with one or more fields that provide information related to the compressed packets in the packet payload. A receiving device receives the new packets with compressed data, decompresses the data, and processes the decompress data packets as per the normal protocol procedures. | 2016-04-14 |
20160105359 | MESH NETWORK TRANSMISSION DECISIONS BASED ON NODE PERFORMANCE METRICS - Systems and methods for transmission of data through mesh networks are disclosed. Specifically, various techniques and systems are provided for using performance metrics of nodes in a mesh network to make data transmission decisions. Exemplary embodiments of the present invention include a computer-implemented method. The method comprises receiving, at a network device on a network, performance metrics associated with an additional network device on the network; generating performance metrics associated with the network device; storing the performance metrics associated with the network device and the performance metrics associated with the additional network device; and transmitting the performance metrics associated with the network device and the performance metrics associated with an additional network device, wherein when the performance metrics are received, the performance metrics are used to determine whether data will be transmitted to the network device. | 2016-04-14 |
20160105360 | DEVICE DESCRIPTION PROFILE FOR A FABRIC NETWORK - Methods and systems for obtaining device information include sending a device description request message to a remote device. The device description request message includes indications of criteria for a responding device, and the indications of criteria for the responding device include a fabric identifier for the responding device. Moreover, the fabric identifier identifies a fabric to which the responding device is connected. The indications of criteria also include a device mode for the responding device. The device mode indicates a mode for the responding device. The indications of criteria further include a vendor identifier for the responding device with the vendor identifier identifies a vendor for the responding device. Obtaining device information also includes a product identifier for the responding device that identifies a product type for the responding device. | 2016-04-14 |
20160105361 | METHOD AND APPARATUS FOR BIDIRECTIONAL MESSAGE ROUTING BETWEEN SERVICES RUNNING ON DIFFERENT NETWORK NODES - Methods and systems are disclosed for secure bi-directional message routing between services running on a different nodes in a computer cluster. According to some embodiments, a multi-tenant computer cluster is accessed online via a controller. The controller, acting as central management system, may establish secure independent connections with each of the many nodes. Messages from the controller to any given node, and vice versa, are wrapped in a routing envelope and transferred over an independent and secure virtual private network tunnel. This allows the plurality of nodes to be centrally managed and utilized as a cluster while not being allowed to communicate with each other. | 2016-04-14 |
20160105362 | PACKET SENDING METHOD AND NETWORK DEVICE - The present application provides a packet sending method and a network device. The packet sending method includes: receiving, by a network device, a first data packet; and if a MAC entry matching a destination MAC address of the first data packet is not found in a media access control MAC address table of the network device, sending, by the network device, the first data packet according to a forwarding behavior in a MAC default entry of the MAC address table. When the MAC entry matching the destination MAC address of the first data packet is not found, the network device does not need to flood the first data packet on all interfaces, but directly sends the first data packet according to the MAC default entry in the own MAC address table, thereby reducing a need for MAC address capacity in the network device, and not increasing unnecessary network traffic. | 2016-04-14 |
20160105363 | MEMORY SYSTEM FOR MULTIPLE CLIENTS - Output is produced from a content addressable memory block. Bus select logic is configured to operate on data from a selected client bus from a plurality of client buses. Each client bus includes a key bus section and an operation bus section. A plurality of output indices is stored within a key memory. Each output index in the plurality of output indices is stored with an associated key. A key memory index is generated based on a search key received from the key bus section for the selected client bus. The key memory index is used to access from the key memory an output index from the plurality of output indices. The output index is output to a priority bus associated with the selected client bus output logic. | 2016-04-14 |
20160105364 | NETWORK TRAFFIC FLOW MANAGEMENT USING MACHINE LEARNING - A system and method for management of network traffic flow for one or more networks of interconnected computing devices, including predicting one or more types of network traffic data flows using a Machine Learning (ML) classifier, and updating the ML classifier according to identified changes in the network traffic data flows. Using software-defined-networking (SDN) tools and an updated ML classifier, training data is generated to formulate accurate new predictions of the one or more types of network traffic data flows. Network traffic flow is regulated based on the generated new predictions. | 2016-04-14 |
20160105365 | NETWORK-COORDINATED DRX TRANSMISSION REDUCTION FOR A NETWORK ACCESS DEVICE OF A TELEMATICS-EQUIPPED VEHICLE - A system for reduction of discontinuous-receive (DRx) transmissions for a network access device (NAD) of a telematics unit of a telematics-equipped vehicle includes: the telematics unit, configured to determine whether vehicle ignition of the telematics-equipped vehicle is on or off, the telematics unit further comprising the NAD, the NAD being configured to communicate with a network entity to perform a periodic updating procedure; the network entity, configured to communicate with the NAD for performance of the periodic updating procedure. The NAD and the network entity are further configured to reduce a frequency at which the periodic updating procedure is performed for the NAD in a DRx state relative to the frequency at which the periodic updating procedure is performed for the NAD in a vehicle ignition-on state. | 2016-04-14 |
20160105366 | SELECTING AMONG MULTIPLE CONCURRENTLY ACTIVE PATHS THROUGH A NETWORK - Methods and systems for selecting among multiple concurrently active paths through a network are provided. According to one embodiment, a method is performed by a network interface of a source network device within a loop-free, reverse-path-learning network. The network is divided into multiple virtual local area networks (VLANs). Network traffic destined for a destination network device and specifying an address for the destination or including information from which the address can be derived is received from the source. A set of VLANs that can be used to transport the packet from the source to the destination is determined. Each VLAN in the set of VLANs is associated with a different path through the network from the source to the destination. A particular VLAN from the set of VLANs networks is selected, thereby effectively selecting a particular path from multiple selectable paths between the source and the destination. | 2016-04-14 |
20160105367 | Traffic shaping drive method and driver - A traffic shaping drive method and a driver are described. The method includes that: when traffic shaping is executed, timing time is set, and a data packet in a cache queue is sent at a preset constant rate in the timing time; when the timing time is reached, sending the data packet is stopped, and sending an ACK acknowledgement packet in the cache queue is started; and after the ACK acknowledgement packet is sent, returning to execute the traffic shaping. By conducting the traffic shaping on a drive layer, the disclosure enables the data packet to be sent at the constant rate, and reserves a certain bandwidth to send the ACK acknowledgement packet in time, thereby avoiding network congestion caused by delayed sending of the ACK acknowledgement packet, and improving the user experience. | 2016-04-14 |
20160105368 | APPARATUS AND METHOD FOR TIME AWARE TRANSFER OF FRAMES IN A MEDIUM ACCESS CONTROL MODULE - A medium access control module including queues and gate, shaping and selector modules. The queues or the gate modules receive frames and timestamps from a memory. Ownership of the frames is masked based on the timestamps, which delays reception of the frames by the queues. The queues store the frames received from the memory. The gate modules compare the timestamps to a local time and permit transfer of the frames based on the comparisons. Each of the gate modules permits transfer of one of the frames in response to the local time matching or being later than a corresponding one of the timestamps. The shaping modules receive the frames from the queues or the gate modules and spread data in the frames over time to generate output signals. The selector module selects one of the output signals to forward to a physical layer device. | 2016-04-14 |
20160105369 | TRANSMITTING NODE, RECEIVING NODE AND METHODS THEREIN - Embodiments herein relate to a method in a receiving node ( | 2016-04-14 |
20160105370 | EVENT PROCESSING WITH ENHANCED THROUGHPUT - The present systems and methods allow for rapid processing of large volumes of events. A producer node in a cluster determines a sharding key for a received event from an event stream. The producer node uses a sharding map to correlate the sharding key for the event with a producer channel, and provides the event to a producer event buffer associated with the producer channel. The producer event buffer transmits the event to a corresponding consumer event buffer associated with a consumer channel on a consumer node. The event processing leverages a paired relationship between producer channels on the producer node and consumer channels on the consumer node, so as to generate enhanced throughput. The event processing also supports dynamic rebalancing of the system in response to adding or removing producer or consumer nodes, or adding or removing producer or consumer channels to or from producer or consumer nodes. | 2016-04-14 |
20160105371 | SERVICE METHOD FOR MANAGING TRANSACTION USING APPLICATION PROPERTIES AND SYSTEM THEREFOR - A service method and a system for managing a transaction using application properties are provided. The service system includes a cloud-based virtual object transaction manager. The virtual object transaction manager includes when a virtual object of an IoT device is generated, an application program interface (API) registering unit configured to register an interface provided form the virtual object as an API format and an API use permission managing unit configured to manage use permission of an API according to each virtual object of an IoT device registered on a cloud service. | 2016-04-14 |
20160105372 | CUSTOMIZABLE MODEL FOR THROTTLING AND PRIORITIZING ORDERS IN A CLOUD ENVIRONMENT - A method for controlling the provisioning of a service associated with a customer order is disclosed. The method may comprise receiving, by a cloud infrastructure system, an order for a service from a plurality of service provided by the cloud infrastructure system, the cloud infrastructure system comprising one or more computing devices. Additionally, the method may comprise determining, by a computing device from the one or more computing devices, based upon a set of rules and system-related information, whether the order is to be forwarded for provisioning one or more resources for enabling the order. Then, based upon the determining, the method may forward the order for provisioning of the one or more resources or not forwarding the order for provisioning. | 2016-04-14 |
20160105373 | Relocation of Applications to Optimize Resource Utilization - Concepts and technologies are disclosed herein for relocation of applications to optimize resource utilization. A processor executing a relocation management application can receive a request to relocate an application. The processor can identify a utilization associated with the application, identify prospective host resources capable of hosting the application, determine utilizations associated with the prospective host resources, and project prospective host resource utilizations based upon the utilization associated with the application and the utilizations associated with the prospective host resources. The processor can select a prospective host resource from the prospective host resources by selecting a resource that offers a most consistent projected utilization. | 2016-04-14 |
20160105374 | PREDICTIVE PRIORITIZED SERVER PUSH OF RESOURCES - Systems and techniques for improving network performance are described. In some embodiments, an intermediary device can intercept a response from a server to a client, wherein the response corresponds to a request for a document. Next, the intermediary device can assign priorities to a plurality of resources in the document. The intermediary device can then push the plurality of resources in the document to the client in accordance with the assigned priorities. | 2016-04-14 |
20160105375 | DEVICE-TO-DEVICE COMMUNICATION FOR RESOURCE SHARING - Embodiments of techniques and systems associated with device-to-device (D2D) resource sharing are described. In some embodiments, a D2D communication channel between a first device and a second device is established and a sharing request is received at the first device, from the second device, including a credential identifying the second device. Data representative of a first resource locally available to the first device, but not locally available to the second device, is provided to the second device by the first device. Use of the first resource may be controlled in accordance with an instruction transmitted to the first device from the second device. Other embodiments may be described and/or claimed. | 2016-04-14 |
20160105376 | Network Virtualization and Resource Allocation For the Internet of Things - A system and method for network virtualization and resource allocation, including storing one or more received network requests in a request table, and updating at least one of a flow table, a waiting list table, or a candidate group map based on the one or more received network requests. The updating includes monitoring a transmission progress of each of one or more flows in a network of interconnected computing devices and moving completed flows from the flow table to a success list, moving requests in the waiting list table which have reached an attempt threshold from the flow table to a fail list, and compiling any residual requests in the waiting list with new requests to generate a new request table. A deterministic request allocation and/or an optimizing request allocation is performed based on the new request table. | 2016-04-14 |
20160105377 | INFORMATION PROCESSING SYSTEM, CONTROL DEVICE AND CONTROL METHOD - An information processing system includes a switch device including a plurality of ports; and a control device configured to: specify a flow in which a transmission port is to be changed among the plurality of flows, and a transmission port after the change, by referring to load distribution information that associates flow information and port information with each other and statistics information indicating use rates of the ports, and transmit a changing instruction packet including information of the specified flow and the port after the change, for instructing the switch device to change the transmission port to the switch device, wherein the switch device is configured to update information in header information, which each of the series of packets included in the specified flow includes, so as to become information with which the port after the change is selected, when the changing instruction packet is received from the control device. | 2016-04-14 |
20160105378 | METHOD AND SYSTEM FOR DATA SET MIGRATION OVER A CIRCUIT SWITCHING NETWORK - A method for data set migration, implemented in a network device is disclosed. The method includes receiving a request at a network device to migrate a data set, and sending a signaling packet from a first data center toward a first in a series of circuit switching devices to reach a second data center, where the signaling packet includes metadata containing transmission selection and characteristics of the data set, where the signaling packet is processed through the series, each of which configures its forwarding path based at least on the metadata of the signaling packet. The method continues with waiting for a period long enough to allow each of the series to configure its forwarding path, where that circuit switching device releases the configured forwarding path after the migration duration. The method continues with sending the data set following the transmission selection of the signaling packet after the period expires. | 2016-04-14 |
20160105379 | SYSTEM AND METHOD FOR EXTENDING PORTS - A system and method includes a first switching device that includes a first control unit with a first and third port coupled to the first control unit and a second switching device that includes a second control unit with the a second port coupled to the second control unit. The system and method may include a network link coupling the first and second switching devices. The first control unit configured to receive a data packet and adding a drop indication. The second control unit configured to detect the drop indication. In some embodiments the first control unit is configured to apply a rule, and mark a data packet with a drop indication in a header, the header being a header normally attached to the data packet. The second switching device may interpret the drop indication with a set of rules to determine a course of action. | 2016-04-14 |
20160105380 | MAKE-BEFORE-BREAK SYSTEMS AND METHODS DECOUPLING A CONTROL PLANE FROM A DATA PLANE - A Make-Before-Break (MBB) method, in a node operating in a network with a control plane, decoupling the control plane from a data plane, includes, for a connection operating on a path in the network, determining a reserved connection on a new path, through the control plane, wherein the reserved connection has zero bandwidth; signaling the reserved connection on the new path; creating the reserved connection in the control plane while suspending implementation in the data plane due to the zero bandwidth; and releasing the connection on the path and modifying the reserved connection on the new path to establish the connection on the new path. | 2016-04-14 |
20160105381 | DISTRIBUTED VIRTUAL SWITCH CONFIGURATION AND STATE MANAGEMENT - Techniques are disclosed for pushing configuration changes of a distributed virtual switch from a management server to a plurality of host servers underlying the distributed virtual switch. The approach includes sending, in parallel, by the management server, a message to each of the plurality of host servers. The message specifies a final configuration state for one or more virtual ports emulated via virtualization layers of the host servers. The approach further includes determining, by each of the plurality of host servers, port state configuration changes to make to the virtual ports to achieve the final configuration state, and reconfiguring, by each of the plurality of host servers, their respective virtual ports, to match the final configuration state. | 2016-04-14 |
20160105382 | SYSTEM AND METHOD FOR DIGITAL MEDIA CAPTURE AND RELATED SOCIAL NETWORKING - A system and method is provided for media capture and social networking that encourages communication via media posts in an interactive manner. The media content can be recorded via a mobile application running on a mobile device. The application presents an intuitive display in a single screen for capturing various media formats, including images, video, and audio, as well as media compilations of multiple media formats (e.g., still image and audio, video and still image, and others) in a single file. The resulting media content can be shared to the social network via the application. | 2016-04-14 |
20160105383 | ACTION LINKS - The technology disclosed includes a method for initiating a web service through an action item within a post in a social media network. A request is received from a user for a post to a social network. The request includes a definition for an action-link-group, which comprises one or more action links. The post is created to include the action-link-group and is then uploaded to the network. Upon receiving a selection of an action link within the action-link-group, an action item associated with the action link is performed. | 2016-04-14 |
20160105384 | Processing of Email Based on Semantic Relationship of Sender to Recipient - Embodiments are provided for processing received electronic mail messages. A received message is processed based upon a set of rules made up of at least first and second sets of rules. The processing includes ascertaining a property derived from the received message and determining a set of rules associated with the ascertained property. The received message is processed corresponding to at least one rule in the first set of rules if the ascertained property is associated with the first set of rules, and the received message is processed corresponding to at least one rule in the second set of rules if the ascertained property is associated with the second set of rules. The received message is communicated to a recipient based on the at least one rule. | 2016-04-14 |
20160105385 | TECHNOLOGY FOR PROVIDING CONTENT OF A PUBLISH-SUBSCRIBE TOPIC TREE - Content of a publish-subscribe topic tree is provided. This includes receiving a path for a requested topic. The path specifies topics leading from a highest to a lowest level topic in the path. Content in the topic tree is retrieved for matching topics that match the lowest level topic in the path independently of whether the matching topics are on the path in the tree. | 2016-04-14 |
20160105386 | SYSTEM FOR HANDLING ABBREVIATION RELATED TEXT - Abbreviations can be handled by a computer system that receives a message that specifies a recipient and a sender. A first text portion is identified from the message as being associated with an abbreviation. A sender and receiver profile are used to identify a set of one or more solutions for the first text portion. The solutions are scored based upon the online content exposure information in the profile of the recipient. Based upon the scoring, a particular solution of the one or more solutions is identified for use. The text body of the message is modified to include the particular solution, and the modified message is transmitted to the recipient. | 2016-04-14 |
20160105387 | FILTERED MESSAGE STREAMS - A system and method is disclosed for filtering messages in a social network. A message may be posted to a social network with a corresponding rank. On receiving the message and corresponding rank, the social network generates a perceived rank of the message for a receiving user and provides the message for display at the receiving user's message stream according to the perceived rank. | 2016-04-14 |
20160105388 | SYSTEM AND METHOD FOR DIGITAL MEDIA CAPTURE AND RELATED SOCIAL NETWORKING - A system and method is provided for media capture and social networking that encourages communication via media posts in an interactive manner. The media content can be recorded via a mobile application running on a mobile device. The application presents an intuitive display in a single screen for capturing various media formats, including images, video, and audio, as well as media compilations of multiple media formats (e.g., still image and audio, video and still image, and others) in a single file. The resulting media content can be shared to the social network via the application. | 2016-04-14 |
20160105389 | METHOD, SERVER AND ELECTRONIC DEVICES OF SYNCHRONIZING NOTIFICATION MESSAGES FOR ELECTRONIC DEVICES - A method of synchronizing notification messages for electronic devices may include monitoring if an electronic device has a notification message. If the electronic device has a notification message, the method may include determining if the electronic device is on standby. If the electronic device is determined to be on standby, a notification message may be sent via a server to an active electronic device associated with the electronic device. An associated server and an electronic device are also provided. The methods, servers and electronic devices may facilitate gathering of notification messages. | 2016-04-14 |
20160105390 | DISTRIBUTED COMPONENTS IN COMPUTING CLUSTERS - The subject disclosure is directed towards components in different server clusters, e.g., comprising software components such as components of a distributed computing system. Components are available for use by distributed computing system applications, yet managed by the distributed computing system runtime such that only a single instance can be activated and exist within communicating (non-partitioned) clusters. Also described is recovery from a situation in which no longer partitioned clusters each have created the same component. | 2016-04-14 |
20160105391 | CLIENT-DRIVEN LOAD BALANCING OF DYNAMIC IP ADDRESS ALLOCATION - Techniques are described for load balancing between DHCP servers at a DHCP client. Embodiments include receiving, at the DHCP client, a respective DHCPOFFER message from each of two or more DHCP servers, wherein each of the DHCPOFFER messages includes an IP address offer and load information describing a current workload of the respective DHCP server. One of DHCP servers is selected, at the DHCP client, to accept an offer for an IP address from, based on the received load information and a subnet on which the selected DHCP server is located. Embodiments transmit a DHCPREQUEST message, from the DHCP client, to the selected DHCP server, to accept the IP address offer from the selected DHCP server. | 2016-04-14 |
20160105392 | CENTRAL NAMESPACE CONTROLLER FOR MULTI-TENANT CLOUD ENVIRONMENTS - A centralized namespace controller allocates addresses in a distributed cloud infrastructure on-demand. Upon receiving a request to allocate addresses for a network to be provisioned by a cloud computing system included in the distributed cloud infrastructure, the centralized namespace controller allocates a network address that is unique within the distributed cloud infrastructure. Further, the centralized namespace controller allocates a range of virtual network interface cards (NIC) addresses that are unique within the network. The centralized namespace controller then allocates addresses from the range of virtual NIC addresses on an as-requested basis—when a virtual NIC is being created by the first cloud computing system on the network. Advantageously, by centralizing the allocation of addresses and dedicating independent NIC address ranges to different cloud computing systems, the centralized namespace controller enables stretched L2 networks between cloud computing systems while preventing duplicated addresses on the stretched networks. | 2016-04-14 |
20160105393 | CROSS-CLOUD NAMESPACE MANAGEMENT FOR MULTI-TENANT ENVIRONMENTS - Conditional address translation is performed in a multi-tenant cloud infrastructure to effectively support tenant-assigned addresses. For each tenant, the multi-tenant cloud infrastructure deploys both a private network used to communicate between the tenant and the cloud and a tenant-facing gateway to manage the private network. The multi-tenant cloud infrastructure also includes an externally-facing gateway used to communicate between the multi-tenant cloud and a public network. The tenant-facing gateways are configured to bypass address translation—providing consistent addressing across each private network irrespective of the physical location of resources linked by the private network. By contrast, the public-facing gateway is configured to translate source addresses in outgoing packets to addresses that are unique within the public network. Advantageously, discriminately mapping addresses enables multiple tenants to interact in a uniform fashion with both on-premises resources and cloud-hosted resources without incurring undesirable address collisions between tenants. | 2016-04-14 |
20160105394 | CCN NAME PATTERNS - A method is implemented by a content centric network (CCN) naming layer executed by a network device. The naming layer is configured to enable processing of regular expressions as part of a hierarchical CCN name, where regular expressions are sequences of characters that form a search pattern. The method processes regular expressions utilized in a one to many scenario between a plurality of CCN clients and at least one CCN serving node. The method includes receiving a CCN interest from a CCN forwarding layer, accessing a forwarding information base (FIB) to find FIB entries matching a path of the CCN name and the regular expression, accessing a content store to find content objects matching the FIB entries, and creating a new CCN interest for each of the FIB entries not found in the content store. | 2016-04-14 |
20160105395 | Applying a Packet Routing Policy to an Application Session - A security gateway includes packet routing policies, each including a host network address, an application network address, and a forwarding interface. In routing data packets of an application session, the security gateway: recognizes the application session between a network and an application; determines a user identity from an application session record for the application session; determines packet routing policies applicable to the application session based on the user identity; receives a data packet for the application session, including a source network address and a destination network address; compares the source network address with the host network address, and the destination network address with the application network address; and in response to finding a match between the source network address and the host network address, and between the destination network address and the application network address, processes the data packet using the forwarding interface of the packet routing policy. | 2016-04-14 |
20160105396 | DATA LEAK PROTECTION IN UPPER LAYER PROTOCOLS - Methods and systems for Data Leak Prevention (DLP) in a private network are provided. A data structure is maintained within a network security appliance identifying candidate upper layer protocols, corresponding commands of interest and a corresponding suspect field within each of the commands that is to be subjected to DLP scanning as a result of its potential for carrying sensitive information. A packet is received by the network security appliance. A protocol associated with the packet is identified. It is determined whether the identified protocol is among those of the candidate protocols. Responsive to an affirmative determination and when a command represented by the packet is among those of the corresponding commands of interest for the candidate protocol, then a DLP scan is performed on the packet. Otherwise, the packet is allowed to pass through the network security appliance without being subject to a DLP scan. | 2016-04-14 |
20160105397 | Firewall Packet Filtering - Mechanisms are provided for performing an operation on a received data packet. A data packet is received and a hash operation on a header field value of a header of the data packet is performed to generate a hash value. A lookup operation is performed in a hash table associated with a type of the header field value to identify a hash table entry. A bit string associated with the hash table entry is retrieved, where each bit in the bit string corresponds to a class of rules of a rule set of a firewall. A matching operation of the header field value to rules in classes of rules corresponding to bits set in the bit string is performed to select one or more search trees. Operations are performed based on rules in the classes of rules being matched by header field value of the data packet. | 2016-04-14 |
20160105398 | SECURE DEVICE AND PROXY FOR SECURE OPERATION OF A HOST DATA PROCESSING SYSTEM - Secure device and proxy operation include generating, using a processor, a first proxy and a first proxy companion paired with the first proxy and providing the first proxy to a host data processing system for installation therein. The first proxy in the host data processing system and the first proxy companion communicate. A proxy change event for the host data processing system is detected. Responsive to the detecting, a second proxy and a second proxy companion paired with the second proxy are generated. The second proxy is provided to the host data processing system for installation therein. | 2016-04-14 |
20160105399 | Systems and Methods for Cloaking Communications - The present invention relates to systems and methods for cloaking communications. Specifically, the present invention relates to systems and methods for thwarting the viewing or tracking of communications between parties on the Internet or other network. More specifically, the systems and methods of the present invention hide the destination caller's Internet Protocol (“IP”) address and prevent others from viewing or tracking the same. In addition, the systems and methods of the present invention obfuscates the addresses associated with the IP server. | 2016-04-14 |
20160105400 | APPARATUS AND METHODS FOR DATA TRANSFER BETEWEEN A PLURALITY OF USER DEVICES - Methods and apparatus for transferring data (such as for example media or other content) between devices while maintaining protection of the content. In one embodiment, a first user device causes a network entity to generate a shared encryption key for a second user device which is to receive content. In this manner, when the content (which has been encrypted with a key that is specific to the first device) is re-encrypted using the shared key, then transferred to the second device, the second device also obtains the shared key and uses it to decrypt the content, then the second device re-encrpyts the content with a key that is specific to the second device for storage thereon. For example, within a premises network the entire contents of a first digital video recorder (DVR) may be transferred to a replacement DVR. | 2016-04-14 |
20160105401 | SYSTEM AND METHOD FOR INTERNET PROTOCOL SECURITY PROCESSING - A decentralized method for IPSec processing in virtual environments includes assigning a unique identifier to each of a set of compute nodes. Each compute node can emulate one or more virtual machines that generate IP packets for forwarding over a network (e.g., the Internet). An IP packet, received from a trusted source at a compute node, is encrypted and a trailer is appended to the encrypted packet. The trailer includes the unique identifier of the compute node. The encrypted packet with appended trailer is forwarded to a secure gateway that can perform an anti-replay check using stored parameters corresponding to the unique identifier in the trailer. In inbound processing, the unique identifier is inserted into a trailer appended to an encrypted packet by the security gateway and a VPN server directs the incoming encrypted packet to the appropriate compute node for forwarding to the virtual machine. | 2016-04-14 |
20160105402 | HOMOMORPHIC ENCRYPTION IN A HEALTHCARE NETWORK ENVIRONMENT, SYSTEM AND METHODS - A system and method for homomorphic encryption in a healthcare network environment is provided and includes receiving digital data over the healthcare network at a data custodian server in a plurality of formats from various data sources, encrypting the data according to a homomorphic encryption scheme, receiving a query at the data custodian server from a data consumer device concerning a portion of the encrypted data, initiating a secure homomorphic work session between the data custodian server and the data consumer device, generating a homomorphic work space associated with the homomorphic work session, compiling, by the data custodian server, a results set satisfying the query, loading the results set into the homomorphic work space, and building an application programming interface (API) compatible with the results set, the API facilitating encrypted analysis on the results set in the homomorphic work space. | 2016-04-14 |
20160105403 | Authenticated Encryption Support in ISO/IEC 23009-4 - A server apparatus supporting authenticated encryption in a network, comprising a receiver configured to receive an unencrypted segment, a processor configured to selecting an encryption key, an initialization vector, and an additional authentication data (AAD), encrypt the segment, configuring the segment for transfer in a Dynamic Adaptive Streaming over Hypertext Transfer Protocol (HTTP) (DASH) media, assign a segment number to the encrypted segment, append an authentication tag to the encrypted segment, store the encrypted segment with the appended authentication tag, and update a Media Presentation Description (MPD) associated with the encrypted segment with the appended authentication tag, wherein the MPD comprises an @aadBase attribute with an AAD base value, wherein the AAD value is the sum of the segment number and the @aadBase attribute value, and a transmitter configured to transmit the encrypted segment with the appended authentication tag to a destination. | 2016-04-14 |
20160105404 | Extending Data Over Cable Service Interface Specification (DOCSIS) Provisioning of Ethernet Passive Optical Network (EPON) (DPoE) to EPON over Coax (EPoC) Multicast Key Management - Disclosed herein are mechanisms to support the management of multicast keys for a multicast group comprising one or more optical line terminals (OLTs), one or more fiber to coax units (FCUs), and a plurality of coax network units (CNUs). The disclosed embodiments may support the management of multicast keys over optical and coaxial networks. In some embodiments, an FCU may facilitate communication of operations, administration and maintenance (OAM) messages containing multicast keys from one or more OLTs to one or more CNUs (typically a plurality of CNUs). Some embodiments may employ one multicast key over both the optical network and coaxial network. Other embodiments may employ an optical domain multicast key over the optical network and an electrical domain multicast key over the coaxial network. Embodiments may comprise adding a first CNU to a multicast group as well as adding subsequent CNUs to the multicast group. | 2016-04-14 |
20160105405 | MULTI-KEY GRAPHIC CRYPTOGRAPHY FOR ENCRYPTING FILE SYSTEM ACCELERATION - Embodiments of methods and systems for encrypting and decrypting with encryption attributes are presented. An encryption attribute contains information to identify one or more segments of a file to be encrypted. An encryption process encrypts those one or more segments to generate a partly encrypted file instead of encrypting the entire file. That is, the file includes some data that are encrypted and some data that are not. In one embodiment, at least three encryption keys are used such that the encryption attribute is encrypted with using a third key. | 2016-04-14 |
20160105406 | NETWORKED SECURITY SYSTEM - A method of securing communications between a security device and a security server include receiving, at the security server, a registration request from the security device, the registration request being encrypted using an initial registration key. A device identifier and rotation key unique to the security device are transmitted to the security device. A first session key request is received at the security server from the security device, the request being encrypted using the rotation key. A first session key is transmitted to the security device in response. One or more communications, encrypted using the first session key, is received at the security server from the security device. A second session key request is received at the security server from the security device after the first session key has expired, the request encrypted using the rotation key. A second session key is transmitted to the security device in response. | 2016-04-14 |
20160105407 | INFORMATION PROCESSING APPARATUS, TERMINAL, INFORMATION PROCESSING SYSTEM, AND INFORMATION PROCESSING METHOD - An information processing apparatus includes a storage that stores status data indicating past usage of an access point by a terminal and a processor that executes a process. The process includes receiving encrypted status data via a network from the terminal, decrypting the encrypted status data received from the terminal, determining whether the decrypted status data is valid based on the status data stored in the storage, and when the decrypted status data is valid, establishing a peer-to-peer communication channel with the terminal via the network. | 2016-04-14 |
20160105408 | SECURING APPLICATION PROGRAMMING INTERFACES (APIS) THROUGH INFRASTRUCTURE VIRTUALIZATION - Methods and systems for the secure exchange of data within a network are provided. A method includes, registering, by a computer system, one or more stubs installed on at least one computing device. The method further includes constructing a virtual routing table using endpoint address information of the one or more stubs. The method further transmitting a portion of the virtual routing table to the one or more stubs such that the one or more stubs are configured to create a virtual pipe for exchanging data between the at least one computing device and at least one other computing device using the portion of the virtual routing table. | 2016-04-14 |
20160105409 | USER-CUSTOMIZABLE PERMISSIONS IN A COMPUTING ENVIRONMENT - Disclosed are examples of systems, apparatus, methods and computer program products for providing user-customizable permissions governing user access to computing resources in a computing system. For example, a database storing data objects identifying permissions of users, sets of the permissions, and users can be maintained. One or more fields can be displayed on a display of a user device. The one or more fields can be configured to receive input to perform one or more operations. Input can be received from a user via the user interface on the display of the user device. One or more operations can be performed. The database can be updated such that the data objects identify a custom permission or a permission set to which a custom permission has been assigned. | 2016-04-14 |
20160105410 | OMA DM Based Terminal Authentication Method, Terminal and Server - A method for implementing terminal authentication based on an OMA DM protocol, a terminal and a server are disclosed. The method includes: a terminal initiating a registration request to a target server, wherein a user name, a password and a device identifier are carried; the terminal receiving and storing an access token generated through registration; and the terminal carrying the access token and the device identifier in a message of initiating services to the target server for authentication. In the present document, user identity authentication is performed based on the access token, which brings a higher security and more convenient terminal life cycle management. | 2016-04-14 |
20160105411 | REPLAYING A BATCH OF SECURE COMMANDS IN A SECURE CHANNEL - An intermediary third-party receives, from a master device, a batch of pre-generated secure commands; plays it so as to send sequentially, to a slave device, the commands. The batch includes an initial command indicating the establishment of a channel secured with a session key dependent on a sequence counter, and second commands protected by a MAC code that is a function of the session key. An update of the sequence counter in non-volatile memory of the slave on each new establishment of a secure channel renders the pre-generated batch obsolete by virtue of a new session key. In order to allow the batch to be replayed, the invention provides for each update value of the counter to be temporarily stored in volatile memory, and for the current value to be overwritten in non-volatile memory on predefined events, including a test counter reaching a maximum number of replays. | 2016-04-14 |
20160105412 | NETWORK CONNECTION METHOD, APPLICATION AUTHENTICATION SERVER, TERMINAL AND ROUTER - The present disclosure relates to the field of network technologies and discloses a network connection method, an application authentication server, a terminal and a router. The method includes: acquiring a first application account corresponding to a terminal and first router identification information received by the terminal; determining, according to the first application account and the first router identification information, whether the terminal has permission to connect to a network through a router; and returning, to the terminal if the terminal has permission to connect to the network through the router, authentication information of connecting to the network through the router, so that the terminal connects to the network through the router according to the authentication information. | 2016-04-14 |
20160105413 | AUTHENTICATION INFORMATION MANAGING METHOD, STORAGE MEDIUM, AND INFORMATION PROCESSING DEVICE - An authentication information managing method including: storing each of at least one application identifier, each of at least one user identifier, each of at least one password, and each of at least one positional relation in association with each other to a memory, when a specified application has a plurality of input fields and is identified by a specified application identifier, detecting a first input field for a specified password based on a specified attribution that is associated with the first input field, the specified attribution indicating that the first input field is used for a password and being detected from outside the specified application, inputting the specified password to the first input field, detecting a second input field for a specified user identifier based on a specified positional relation associated with the specified application identifier, and inputting the specified user identifier to the second input field. | 2016-04-14 |
20160105414 | Method for Authenticating a Client Device to a Server Using a Secret Element - The invention relates to an authentication method for authenticating a client device having an authentication token generated by means of a pseudo-homomorphic function and based on a secret element (PIN) known only by the client device, to a server, comprising:
| 2016-04-14 |
20160105415 | DEVICE CONTROL METHOD, DEVICE MANAGEMENT SYSTEM, AND IN-HOUSE SERVER APPARATUS CONNECTED TO DEVICE MANAGEMENT SYSTEM - A method in the disclosure includes: receiving, from an information device, a device password which is used for controlling a target device via an in-house server apparatus and which is input on the information device using a setting screen; managing a device ID of the in-house server apparatus, a user ID, and the device password in association with one another; transmitting the device password to the in-house server apparatus to cause the in-house server apparatus to manage the device ID and the device password; transmitting, when login to an out-of-house server apparatus is authenticated, an authentication screen to the information device; receiving, from the information device, an input password that is input on the information device using the authentication screen; and when the received input password is identical to the device password that is associated with the user ID, approving a control of a target device by the information device. | 2016-04-14 |
20160105416 | SMART ROUTER - An example router device disclosed herein functions as a transport level proxy and application level proxy, is able to host both authenticated user and device sessions with stored session state and access control to resources for enhanced performance and ease of use. The device is able to function as a protocol proxy for improved performance and security. The device may be configured to implement a captive portal login mechanism, and may programmatically force unsecure LAN-side client requests to secure WAN-side connections. The device may execute an API for remote applications to utilize. The router device may pre-fetch content for client devices, and may communicate with other servers and peer routers to ascertain congestion on the WAN, and perform intelligent routing of WAN traffic based on the detected congestion. The device may also employ techniques to enhance privacy, virtualized address spaces, cookie filters, and traffic modification. | 2016-04-14 |
20160105417 | COMPUTER NETWORK SECURITY MANAGEMENT SYSTEM AND METHOD - A computer network security management system is provided, in which a corporate computer network can be substantially separated from an external network because the external exposure of the corporate computer network is minimized, and a possibility that a hacker may get into a relay server or a central server can be fundamentally cut off. The computer network security management system is expected to further enhance the security level of a corporate computer network. | 2016-04-14 |
20160105418 | METHOD, SYSTEM, DEVICE, AND TERMINAL FOR NETWORK INITIALIZATION OF MULTIMEDIA PLAYBACK DEVICE - The present disclosure provides a method, system, device, and terminal for network initialization of a multimedia playback device. The method includes: screening, by a terminal, a wireless access point of the multimedia playback device; connecting the terminal to a first wireless network of the wireless access point of the multimedia playback device; and sending, by the terminal, parameter information of a second wireless network, to which the terminal connects, to the multimedia playback device through the first wireless network, which allows the multimedia playback device to be connected to the second wireless network according to the parameter information of the second wireless network, so as to complete initialization. The method for network initialization of a multimedia playback device does not need to download a specific application to perform multistep network initialization nor to input a series of IP addresses through a network browser and make complicated settings to perform network initialization. Implementation of the process of the network initialization herein is simple, convenient to use, and highly efficient. | 2016-04-14 |
20160105419 | METHOD FOR LOGGING OF A REMOTE CONTROL SESSION - A method for logging of a remote control session, for use in a remote control system comprising a session initiator operable to initiate a remote control session having a session identifier between a first computer and a second computer and a generator for generating a secure data structure comprising a data structure identifier, the method comprising the steps of: in response to generation by the generator of the secure data structure, initiating an associated first remote control session having a first session identifier; capturing data associated with a remote control function executable by a first computer for control of the second computer during the remote control session; obtaining the data structure identifier; and using the data structure identifier and the first session identifier to store the captured data in the secure data structure associated with the remote control session. | 2016-04-14 |
20160105420 | Identity and Access Management - An access management account that includes an access identifier may be used to control access to telecommunications services or applications. An access identifier is designated for obtaining access to multiple telecommunications services or applications, in which the multiple telecommunications services or applications are accessible to a user through multiple user accounts that are protected by account credentials. Once the access credential is designated, the access credential may be used to determine whether access to the one or more telecommunications services or applications is to be granted instead of using the account credentials of the multiple user accounts. | 2016-04-14 |
20160105421 | SYSTEM AND METHOD INVOKING SECURITY AND PROFILE UTILITIES FOR GLOBAL ACCOUNT REGISTRATION - Systems and methods are disclosed herein for managing electronic access from remote devices to a plurality of back-end computer platforms. The system includes a front-end computing system connected to the plurality of computerized back-end services by a data network, the front-end computer system including a network interface, a profile utility, and security utility. The network interface is configured to receive a registration request for a user identity. The front-end computer system invokes services of the security utility to verify information concerning the user identity and to register a global user account for the user. The front-end computer system invokes the profile utility to merge or link pre-existing user accounts associated with the user identity for the plurality of computerized back-end services. The front-end computer system also invokes the profile utility to determine roles for the user identity in relation to each of the computerized back-end services. | 2016-04-14 |
20160105422 | LATE BINDING AUTHENTICATION - A late-binding token (LBT) is securely generated and provided to a device application. When the LBT is presented and validated, a resource associated with the presentation is bound to the LBT and authenticated for access to a service and provided valid credentials for accessing that service. | 2016-04-14 |
20160105423 | CERTIFICATES FOR LOW-POWER OR LOW-MEMORY DEVICES - Methods and systems for generating or validating compact certificates include receiving a first format of the certificate. Moreover, obtain a signature for the certificate in the first format. For each field of the certificate decode the field to obtain a value for the field from the first format and encoding the value for the field into a second format. Decoding and encoding for each field is done incrementally in the same order of the fields as the first format. In other words, a next field is not decoded from the first format until the field is encoded in the second format. Furthermore, a security envelope is encoded using the signature in the first format and the fields. | 2016-04-14 |
20160105424 | NETWORK-ASSISTED FABRIC PAIRING - Systems and methods for joining a device to a fabric using an assisting device include an indication to add a joining device to a fabric. If the joining device supports network-assisted fabric pairing, a first connection is established between a commissioning device and the assisting device. The assisting device also connects to a joining device. Through the assisting device, the commissioning device and the joining device establish a communication channel over which fabric credentials may be sent. | 2016-04-14 |
20160105425 | BIDIRECTIONAL AUTHENTICATION - Systems, methods, and other embodiments associated with bidirectional authentication are described herein. According to one embodiment, a method includes a user receiving a communication from an entity. In response to receiving the communication from the entity, the method further includes generating a token. The token may be a one-time passcode, personal identification number (PIN), alphanumeric value, code word, pass phrase, or security question. The token is received by a device of the user. Additionally, the token is transmitted to the entity. The user may then receive evidence of the token from the entity. | 2016-04-14 |
20160105426 | SYSTEM AND METHOD FOR ONE TIME PASSWORD-BASED AUTHENTICATION - Disclosed are a system and a method for one-time password (OTP)-based authentication. The system for OTP-based authentication includes a transceiver module configured to receive an authentication request from a client and transmit a result of the authentication according to the authentication request to the client, an authentication accumulation management module configured to provide statistical information about authentication success of the client for each time interval within a predetermined effective range of time, an OTP generation module configured to generate a server-side OTP using previously stored authentication information and time information that is acquired from the statistical information about authentication success, and an authentication module configured to authenticate the client by comparing a client-side OTP included in the authentication request with the server-side OTP. | 2016-04-14 |
20160105427 | Attesting Authenticity of Infrastructure Modules - A user device is provided that includes an authentication application that runs on the user device. A calibration device is also provided that includes authentication algorithm configuration information and an authentication token. The user device is connected to the calibration device to receive the authentication algorithm configuration information and the authentication token. The user device then supplies to a target device to be authenticated an authentication request that includes the authentication token. The user device receives an authentication response from the target device. The user device then analyzes the authentication response with the authentication application based on the authentication algorithm configuration information to determine whether the target device is authenticated. | 2016-04-14 |