18th week of 2021 patent applcation highlights part 85 |
Patent application number | Title | Published |
20210135960 | SYSTEMS AND METHODS FOR MANAGING SERVICE LEVEL AGREEMENTS OF SUPPORT TICKETS USING A CHAT SESSION - Systems and methods of the present disclosure facilitate managing information technology service level agreements. In some embodiments, the system includes a server that accesses a database storing a support ticket in memory. The support ticket can include a creation time and a service level agreement. The service level agreement can include a maximum response time. The server initiates, via the computer network, responsive to input from a computing device, a chat session associated with the computing device and the support ticket. The initiating can be associated with a time stamp. The server can be configured to determine a compliance with the service level agreement. The compliance can be computed as a difference between the time stamp and the creation time being less than the maximum response time. The server can be configured to generate a notification of the compliance with the service level agreement. | 2021-05-06 |
20210135961 | SYSTEMS AND METHODS FOR OFFLOADING IPFIX LOOKUP AND TRANSLATION OPERATIONS FROM OBSERVATION DOMAINS - A disclosed method may include (1) receiving, at an IPFIX collector, a IPFIX message from an IPFIX exporter implemented on a remote device, (2) identifying, within the IPFIX message, a data set exported by the IPFIX exporter implemented on the remote device, (3) identifying, within the IPFIX message, a data-level indicator that indicates whether the data set is (A) a primary data set observed by an observation domain implemented on the remote device or (B) a secondary data set derived by an observation cloud implemented on the remote device, (4) identifying, at the IPFIX collector, a database that corresponds to the data-level indicator identified within the IPFIX message, (5) storing the data set in the database in accordance with the data-level indicator, and then (6) performing an action based at least in part on the data set stored in the database. Various other systems and methods are also disclosed. | 2021-05-06 |
20210135962 | EDGE HMI MODULE SERVER SYSTEM AND METHOD - Some embodiments include a system and method of receiving, by an edge computing device, from a server processor of a cloud platform coupled to a network, human-machine-interface logic associated with a local display of data received from a device of a distributed environment coupled to the network. Further, the system and method includes configuring the edge computing device as a human-machine-interface, coupling a data ingester and establishing a data connection to the distributed environment of the network, operating the data ingester to discover the device and receive data from the device, and processing a local graphical visualization of at least one update to the network. | 2021-05-06 |
20210135963 | SYSTEMS AND METHODS FOR THERMAL MITIGATION OF USER EQUIPMENT - A device may receive a thermal report from a user equipment. The thermal report may indicate a temperature of the user equipment. The device may determine, based on the thermal report, whether the temperature of the user equipment satisfies a temperature threshold. The device may select a network action to reduce the temperature of the user equipment based on the temperature of the user equipment satisfying the temperature threshold. The device may perform the network action. | 2021-05-06 |
20210135964 | SYSTEM AND METHOD FOR PROVIDING A NETWORK TRAFFIC PORTAL - A method for providing a network portal including: collecting network data for at least one network provider; analyzing the network data; determining a user role of a user accessing the network portal to review the network data; and providing a visualization of the analyzed network data based on the user role of the user accessing the portal. A system for providing a network portal including: a data collection module configured to collect network data for at least one network provider; an analysis module configured to analyze the network data; a user module configured to determine a user role of a user accessing the network portal to review the network data; and a reporting module configured to provide a visualization of the analyzed network data based on the user role of the user accessing the portal. | 2021-05-06 |
20210135965 | METHODS AND APPARATUS FOR DETERMINING LOW LATENCY NETWORK CONNECTIVITY IN COMPUTING SYSTEMS - An example apparatus comprises a variable determiner to: parse a plurality of network command responses from a first data collector agent and from a second data collector agent; initialize a value for network connectivity parameters corresponding to the network command responses, the value corresponding to the parsed plurality of network command responses; and assign weighted values to the network connectivity parameters; a connectivity analyzer to determine a first network connectivity factor for the first data collector agent and a second network connectivity factor for the second data collector agent; and a recommender system to: determine whether the first network connectivity factor is a smaller value than the second network connectivity factor; and when the first network connectivity factor is the smaller value, initiate the first data collector agent corresponding to the first network connectivity factor to begin collecting data. | 2021-05-06 |
20210135966 | STREAMING AND EVENT MANAGEMENT INFRASTRUCTURE PERFORMANCE PREDICTION - A method includes receiving a plurality of performance metrics from a data streaming infrastructure. The data streaming infrastructure comprises one or more message producers, one or more message brokers and one or more message consumers. In the method, the plurality of performance metrics are analyzed in a machine learning model, and one or more performance issues with the data streaming infrastructure are predicted based on the analyzing. | 2021-05-06 |
20210135967 | INTELLIGENT IN-BAND TELEMETRY AUTO-CONFIGURATION FOR IP NETWORKS - An apparatus for in-band telemetry includes a node type identifier circuit that, in response to receiving an ingress/egress ID command, determines that the network node is an ingress node in response to the network node having a direct connection to a source and determines that the network node is an egress node in response to the network node having a direct connection to a destination. The apparatus includes a telemetry packet circuit that creates a telemetry packet in response to the node type identifier circuit determining that the network node is an ingress node. The apparatus includes a telemetry transmission circuit that transmits the telemetry packet in response to the telemetry packet circuit creating the telemetry packet and a packet re-router circuit that, in response to the node type identifier circuit determining that the network node is an egress node, routes a received telemetry packet to a network controller. | 2021-05-06 |
20210135968 | GROUPING NETWORK TRAFFIC PRIOR TO STORAGE IN A COLUMNAR DATABASE - A computer-implemented method of grouping network traffic metadata includes, based on a selected dimension of the network traffic metadata received from a network router, obtaining a statistic about a flow of network traffic metadata received over an interval for each instance of multiple instances of the dimension. The method further includes distributing the network traffic metadata into a plurality of groups for network traffic metadata from the smallest possible number of instances of the selected dimension to be distributed to each group, with the flow of network traffic metadata distributed optimally for a criteria regarding the statistic amongst the plurality of groups for minimizing cardinality of each group of the plurality of groups with respect to unselected dimensions of the network traffic metadata and providing each group to a columnar database for storage of the network traffic metadata distributed into each group in a different partition of the columnar database. | 2021-05-06 |
20210135969 | PREDICTIVE RESOURCE ALLOCATION IN AN EDGE COMPUTING NETWORK UTILIZING BEACONS - The present technology relates to improving computing services in a distributed network of remote computing resources, such as edge nodes in an edge compute network. In an aspect, the technology relates to a system that includes a plurality of edge nodes and a beacon. The system performs operations that may include collecting traffic data from the beacon over a period of time, wherein the traffic data includes at least an amount of devices sending probe requests to the beacon; comparing the amount of devices to a predetermined threshold for traffic data; and based on the comparison of the amount of devices to the predetermined threshold for traffic data, generating a recommendation for installation of a new edge node in addition to the plurality of edge nodes. | 2021-05-06 |
20210135970 | SYSTEM FOR GENERATING ALERTS BASED ON ALERT CONDITION AND OPTIMISTIC CONCURRENCY CONTROL PROCEDURE - Provided are systems and methods for generating alerts in a computing environment. An example method may commence with receiving parameters associated with an alert. The parameters may include at least an alert condition and an action to be performed based on the alert condition. The method may further include monitoring at least a portion of a network data according to a predetermined schedule based on the parameters. The method may continue with monitoring at least a portion of a network data according to a predetermined schedule based on the parameters. The method may further include generating the alert upon detection of the alert condition. | 2021-05-06 |
20210135971 | AUTOMATED TESTING OF PUSH NOTIFICATION SERVICE IN CLOUD COMPUTING SYSTEM - Techniques are provided for automatically testing and verifying the functionality of push notification services of a cloud computing system. For example, a computing system performs an automated push notification test to test a push notification service of the computing system. The computing system sends a test push message over a communications network to a plurality of test devices that are located in different geolocations. The test devices are configured to automatically generate a response message in response to receiving the test push message. The computing system determines if a response message is received from each test device within a predefined response timeout period associated with the test device. The computing system determines that the push notification test fails in response to determining that a response message is not received from at least one test device within the predefined response timeout period associated with the at least one test device. | 2021-05-06 |
20210135972 | SYSTEMS AND METHOD FOR DETECTING FAILOVER CAPABILITY OF A NETWORK DEVICE - Systems and methods for detecting a failover capability of a network device of a computer network are disclosed. A network controller, upon detecting incoming traffic from a network device, can disable the port of the network where the incoming traffic is detected. The network controller can then detect if the network device has failed over to send network traffic to the network via another port of the network, or determine the network device is incapable of failover communication if network traffic from the network device only arrives at the original port after that port is re-enabled. | 2021-05-06 |
20210135973 | GENERATING A MINIMUM-COST CIRCULATION TOPOLOGY IN A MICROSERVICE MESH NETWORK - A computer-implemented system and method for generating a minimum-cost circulation topology in a mesh network is provided. The system comprises one or more processors configured to receive a service request from a client computer and identify a group of services for the service request. The one or more processors are further configured to iteratively query a global registry for each of the group of services to obtain respective groups of dependent service instances, generate an adjacency table including a plurality of service dependency paths identified from the respective groups of dependent service instances. The system determines a minimum-cost service dependency path by applying a predetermined cost algorithm on the adjacency table and executing a first service instance of the minimum-cost service dependency path and route the service request to the second service instance in the dependency path. | 2021-05-06 |
20210135974 | METHOD, ELECTRONIC DEVICE AND COMPUTER PROGRAM PRODUCT FOR GENERATING NETWORK TOPOLOGY - Techniques for generating a network topology are provided. For example, a method comprises: sending, at an edge node of a network, first exploration data to a first node of the network. The method also comprises receiving from the first node first feedback information for the first exploration data. The first feedback information includes identity information of the first node and first associated node list information, and the first associated node list information includes identity information of nodes associated with the first node in the network. In addition, the method comprises: determining latency between the first node and the second node based on the first latency information and the second latency information. Then, the method further comprises updating the network topology based on the latency between the first node and the second node. Through the method, the present disclosure can provide accurate data support for path optimization. | 2021-05-06 |
20210135975 | ROUTE DETECTION METHOD AND NETWORK DEVICE - A method includes: establishing, by a first network device, a first BMP session with a second network device, and establishing a second BMP session with a third network device; receiving a first BGP route set sent by the second network device, where the first BGP route set includes a BGP route sent by the second network device to the third network device; receiving a second BGP route set sent by the third network device, where the second BGP route set includes the BGP route received by the third network device from the second network device; and when detecting that the second BGP route set includes a first BGP route but the first BGP route set does not include the first BGP route, determining the first BGP route as an unavailable route. | 2021-05-06 |
20210135976 | UTILIZING SEGMENT ROUTING DATA AND NETWORK DATA TO DETERMINE OPTIMIZED NETWORK PLANS AND TO IMPLEMENT AN OPTIMIZED NETWORK PLAN - A device receives network data associated with a network that includes network devices interconnected by links, wherein the network devices utilize segment routing. The device receives segment routing data associated with the network, wherein the segment routing data at least includes a list of segments associated with paths provided through the network by two or more of the network devices and corresponding links. The device merges the network data and the segment routing data to generate merged data, and processes the merged data, with an optimization model, to determine potential network plans within a particular time period. The device identifies a potential network plan, of the potential network plans, that maximizes throughput associated with operating the network, and performs one or more actions based on the potential network plan. | 2021-05-06 |
20210135977 | IP-Based Matching System - In one aspect, an example method includes (i) accessing, by a computing device, a first Internet Protocol (IP) address that encodes first attributes of a first profile; (ii) accessing, by the computing device, a second IP address that encodes second attributes of a second profile; (iii) comparing, by the computing device, the first IP address and the second IP address using a network layer communication function; (iv) determining, by the computing device, that a result of the comparing satisfies a threshold condition; and (v) based on the result of the comparing satisfying the threshold condition, providing, by the computing device to another device, an indication of a match between the first profile and the second profile. | 2021-05-06 |
20210135978 | INTELLIGENT ADAPTIVE TRANSPORT LAYER TO ENHANCE PERFORMANCE USING MULTIPLE CHANNELS - A set of connections is established, continuously evaluated and maintained between two endpoints of a computer network for use in transmitting information flows in a more efficient and controlled manner. New connections are established and existing connections are terminated in a continual search for connections with better and/or different performance characteristics. Each connection may utilize the same or a different path through the network and may have performance characteristics that change over time. Several paths can be used simultaneously for a given information flow to improve network metrics including: throughput, transaction time, data consistency, latency and packet loss. Flows of information can be broken into one or more sub-flows and sub-flows can be assigned to one or more active connections. Furthermore, dynamic decisions regarding how flows are broken up and how they are assigned to connections can be made in response to network conditions. Through the use of these connections, a reduced cost can be offered and application QoS/QoE can be guaranteed, allowing existing networks such as the public Internet to provide an enterprise class connection, which can be used to accelerate enterprise cloud adoption without modifying the present Internet infrastructure. | 2021-05-06 |
20210135979 | Method and Apparatus for Obtaining Information About Forwarding Path of Data Packet in Segment Routing - A method and an apparatus for obtaining information about a forwarding path of a data packet in segment routing (SR) include, when a first path indicated by a plurality of path identifiers in initial information is a unique shortest path from a start node on the first path to an end node on the first path, the first path is indicated using a node-segment identifier (SID) of the end node on the first path instead of the path identifiers. | 2021-05-06 |
20210135980 | Best Path Computation Offload In A Network Computing Environment - Systems, methods, and devices for offloading best path computations in a networked computing environment. A method includes storing in memory, by a best path controller, a listing of a plurality of paths learnt by a device, wherein each of the plurality of paths is a route for transmitting data from the device to a destination device. The method includes receiving, by the best path controller, a message from the device. The method includes processing, by the best path controller, a best path computation to identify one or more best paths based on the message such that processing of the best path computation is offloaded from the device to the best path controller. The method includes sending the one or more best paths to the device. | 2021-05-06 |
20210135981 | Spanning Tree Enabled Link Aggregation System - A system includes a first aggregated networking device that is included with the second aggregated networking device in a link aggregation domain. The first aggregated networking device provides, to a networking device via a link aggregation group (LAG), a first control message that defines itself as a root bridge and the first link aggregation domain as a designated bridge. The second aggregated networking device detects that the first aggregated networking device is unavailable. The second aggregated networking devices then provides, to the networking device via the LAG, a second control message that defines itself as the root bridge, and the first link aggregation domain as the designated bridge. Network traffic is transmitted in response to the networking device accepting the second aggregated networking device as a new root bridge based on the first link aggregation domain being defined as the designated bridge in both the first and second control messages. | 2021-05-06 |
20210135982 | ROUTE ANOMALY DETECTION AND REMEDIATION - A route anomaly detection and remediation system analyzes a prefix for each route received to validate the route. A route monitoring component provides a centralized querying system for all routers from all devices to study routing history. A route collection component receives and stores all routes from multiple routers at a server. A set of microservice analysis components performs prefix analysis on each received route. Each microservice analysis component analyzes one or more portions of the prefix for each route to detect hijacked routes, leaked routes, withdrawn routes and/or other unhealthy routes before the routes are utilized for routing traffic on the network. The analysis performs new prefix validation and identifies healthy routes. Alerts identifying invalid routes are transmitted to an incident management system. Healthy routes are approved for usage by routers on the network to prevent network outages while improving network reliability, availability and stability. | 2021-05-06 |
20210135983 | SERVICE REQUEST ROUTING - A computer implemented method of routing service requests to service instances in a service mesh. The method comprises monitoring one or more performance characteristics of each of a plurality of network links to service instances. The method further comprises making a prediction of the network latency of transmitting a service request via each of at least two of the plurality of network links and selecting one of the plurality of service instances and routing the service request thereto based on the predictions of the network latencies. | 2021-05-06 |
20210135984 | METHOD, NODE, AND MEDIUM FOR ESTABLISHING CONNECTION BETWEEN A SOURCE AND ENDPOINT VIA ONE OR MORE BORDER NODES - In one embodiment, a method is performed at a node in a multi-site enterprise fabric. The method includes obtaining map entries from a fabric control plane of the multi-site enterprise fabric, where the map entries are associated with identifiers of endpoints in external networks, site and virtual network identifiers of sites in the multi-site enterprise fabric, location identifiers of border nodes, and characteristics of the border nodes. The method further includes receiving a request from a source to connect to an external endpoint. After deriving an external endpoint identifier and source parameters, the method additionally includes establishing at least one connection between the source and the external endpoint via border node(s) that are selected from the map entries based at least in part on the source parameters, the external endpoint identifier, and characteristics of the border node(s) with their site and virtual network identifier(s) along the at least one connection. | 2021-05-06 |
20210135985 | Mechanism for Hitless Resynchronization During SDN Controller Upgrades Between Incompatible Versions - A method is implemented by a switch in a software defined networking (SDN) network managed by a controller to achieve hitless resynchronization during a controller upgrade. The method includes installing an upgraded set of flow entries so that a packet processing pipeline of the switch includes both a non-upgraded set of flow entries and the upgraded set of flow entries, processing non-tunneled packets using the non-upgraded set of flow entries, processing tunneled packets that have a tunnel upgrade status indicator set in a tunnel header using the non-upgraded set of flow entries, while processing tunneled packets that do not have a tunnel upgrade status indicator set in a tunnel header using the upgraded set of flow entries, and processing non-tunneled packets using the upgraded set of flow entries after all switches managed by the controller have installed upgraded flow entries. | 2021-05-06 |
20210135986 | MPLS EXTENSION HEADERS FOR IN-NETWORK SERVICES - Described herein are methods and devices (e.g., routers) that add in-network services to a multiprotocol label switching (MPLS) network. A method can include a router of the MPLS network receiving a packet and modifying the packet by adding one or more MPLS extension headers, adding a header of the extension header(s), and adding an indication within an MPLS label stack that one or more MPLS extension headers have been added to the packet. The method can also include the router forwarding the packet as modified to another router of the MPLS network. In certain embodiments, an extension header label (EHL) within a label value field of a label stack entry indicates that one or more MPLS extension headers have been added to the packet. In other embodiments, a forward equivalent class (FEC) indicates that one or more MPLS extension headers follow the MPLS label stack. | 2021-05-06 |
20210135987 | Systems, Methods, and apparatus for Communicating Messages of Distributed Private Networks Over Multiple Public Communication Networks - Systems and methods for communicating messages of distributed private network (DPN) over a plurality of communication networks including an inter-network interface and a message coordinator communicatively coupled. The inter-network interface is operable to receive a packetized message from a first DPN network element over a first communication network. The message coordinator receives the packetized message from the inter-network interface, assigns at least a transport route for the packetized message; and communicates the packetized message to a second DPN network element based on the assigned transport route over a second communication network. The message coordinator is further operable to assign priority protocol and security protocol to the packetized message. | 2021-05-06 |
20210135988 | UNIVERSAL NETWORK PROTOCOL ENCAPSULATION AND METHODS FOR TRANSMITTING DATA - A network node configured to transmit packets to a destination node in a packet network, includes at least one processor and at least one memory including computer program code. The at least one memory and the computer program code are configured to, with the at least one processor, cause the network node to: assemble at least a first packet including a plurality of data units, each of the plurality of data units being grouped into one of a connection group, a network function group or an application group; and transmit the first packet to the destination node. | 2021-05-06 |
20210135989 | Systems, Apparatuses and Methods for Network Packet Management - Methods and systems are provided for latency-oriented router. An incoming packet is received on a first interface. The type of the incoming packet is determined. Upon the detection that the incoming packet belongs to latency-critical traffic, the incoming packet is duplicated into one or more copies. Subsequently, the duplicated copies are sent to a second interface in a delayed fashion where the duplicated copies are spread over a time period. The duplicated copies are received and processed at the second interface. | 2021-05-06 |
20210135990 | Systems, Apparatuses and Methods for Network Packet Management - Methods and systems are provided for latency-oriented router. An incoming packet is received on a first interface. The type of the incoming packet is determined. Upon the detection that the incoming packet belongs to latency-critical traffic, the incoming packet is duplicated into one or more copies. Subsequently, the duplicated copies are sent to a second interface in a delayed fashion where the duplicated copies are spread over a time period. The duplicated copies are received and processed at the second interface. | 2021-05-06 |
20210135991 | ASSOCIATING ROUTE TABLES WITH INGRESS TRAFFIC TO LOGICALLY ISOLATED NETWORKS - Route tables may be associated with ingress traffic for logically isolated networks. A routing device at the edge of a logically isolated network may receive a route to include in a route table that is associated with ingress traffic to the logically isolated network to forward the ingress traffic to a network appliance hosted in the logically isolated network. Network packets received at the edge routing device may have a destination of a computing resource hosted in the logically isolated network. The edge routing device may identify the route in the route table to override the destination in the network packet with the network appliance and forward the network packet to the network appliance according to the route. | 2021-05-06 |
20210135992 | DISTRIBUTED FAULT TOLERANT SERVICE CHAIN - Some embodiments of the invention provide novel methods for performing services on data messages passing through a network connecting one or more datacenters, such as software defined datacenters (SDDCs). The method of some embodiments uses service containers executing on host computers to perform different chains (e.g., ordered sequences) of services on different data message flows. For a data message of a particular data message flow that is received or generated at a host computer, the method in some embodiments uses a service classifier executing on the host computer to identify a service chain that specifies several services to perform on the data message. For each service in the identified service chain, the service classifier identifies a service container for performing the service. The service classifier then forwards the data message to a service forwarding element to forward the data message through the service containers identified for the identified service chain. The service classifier and service forwarding element are implemented in some embodiments as processes that are defined as hooks in the virtual interface endpoints (e.g., virtual Ethernet ports) of the host computer's operating system (e.g., Linux operating system) over which the service containers execute. | 2021-05-06 |
20210135993 | PINNING BI-DIRECTIONAL NETWORK TRAFFIC TO A SERVICE DEVICE - Techniques for ensuring that, in the context of network traffic load-balanced across a plurality of service devices connected to a network device, all of the bi-directional traffic between a given pair of hosts residing in different domains is sent to the same service device, where a “domain” is a group of one or more hosts/subnets that is reachable by a service device via an interface of that device. In one set of embodiments, these techniques can include (1) creating a load balancer group on the network device for each domain defined on the service devices, such that the load balancer group for a given domain D includes all of the service device interfaces mapped to D, (2) enabling symmetric hashing with respect to each load balancer group, and (3) synchronizing the hash tables of the load balancer groups such that a given hash bucket (across all hash tables) maps to an interface of a single service device. | 2021-05-06 |
20210135994 | Network topology division method and device, storage medium and electronic device - Provided are a network topology division method and device, a storage medium and an electronic device. The method includes that: a topology division request of a Virtual Network (VN) is received, the topology division request containing Identifier (ID) information of a specified VN to be divided, a type of a division line and a position of the division line; a Traffic Engineering (TE) topology of the specified VN is divided according to the type of the division line and the position of the division line, the specified VN including a TE node and a TE link; and a new VN topology is constructed according to a TE node obtained by division and a TE link obtained by division. | 2021-05-06 |
20210135995 | NETWORK POLICY ARCHITECTURE - One or more lower-level attributes of a first network policy are translated to one or more higher-level attributes of the first network policy, and one or more lower-level attributes of a second network policy are translated to one or more higher-level attributes of the second network policy. The first network policy controls how first network traffic is handled, and the second network policy controls how second network traffic is handled. The one or more higher-level attributes of the first network policy are compared with the one or more higher-level attributes of the second network policy. Based on the comparing, it is determined whether the first network traffic and the second network traffic are handled in a functionally equivalent manner. If not, the first network policy is dynamically updated to generate an updated first network policy that causes the first network traffic to be handled in the functionally equivalent manner. | 2021-05-06 |
20210135996 | NETWORK DEVICE AND QUEUE MANAGEMENT METHOD FOR NETWORK DEVICE - A method for selecting a transmission of a network device is disclosed. In particular, a method for selecting a transmission of a network device comprising a plurality of queues for storing data frames is disclosed. Here, each of the plurality of queues corresponds to a different traffic class, the method comprising: a step of obtaining information about a transmission selection algorithm for the plurality of queues; and a step of selecting data frames for transmission from a corresponding queue on the basis of transmission selection algorithm information. Here, the transmission selection algorithm may correspond to a strict priority algorithm, a credit-based shaper algorithm, or a burst transmission algorithm. | 2021-05-06 |
20210135997 | SYSTEMS AND METHODS OF DATA FLOW CLASSIFICATION - Systems and methods of classifying data flows being communicated on a network by one or more network elements. One method includes creating a table including information of packet timestamps and pre-defined packet header fields, grouping packets into data flows based on information in the table, assigning flow identifiers to each data flow, determining a plurality of feature/characteristic sets having one or more features and/or one or more characteristics of the data flows, determining one or more classifiers to predict flow labels using the plurality of feature/characteristic sets, and generating a classification policy that includes the one or more classifiers to classify data flows on the network. The method can also include storing the classification policy in at least one non-transitory computer medium that is accessible by a network element that is classifying data flows on the network, and using the classification policy to classify data flows. | 2021-05-06 |
20210135998 | QUALITY OF SERVICE IN VIRTUAL SERVICE NETWORKS - A switch in a slice-based network can be used to enforce quality of service (“QoS”). Agents can run in the switches, such as in the core of each switch. The switches can sort ingress packets into slice-specific ingress queues in a slice-based pool. The slices can have different QoS prioritizations. A switch-wide policing algorithm can move the slice-specific packets to egress interfaces. Then, one or more user-defined egress policing algorithms can prioritize which packets are sent out into the network first based on slice classifications. | 2021-05-06 |
20210135999 | Packet Control Method, Flow Table Update Method, and Node Device - A packet control method, a flow table update method, and a node device including a first queue and a second queue, where the method includes: obtaining, by the node device, a first packet; determining, by the node device, that a data flow to which the first packet belongs is marked as an isolated flow; and if the first queue and/or the second queue meet and/or meets a first preset condition, controlling, by the node device, the first packet to enter the first queue and wait to be scheduled; or if the first queue and/or the second queue meet and/or meets a second preset condition, controlling, by the node device, the first packet to enter the second queue and wait to be scheduled. | 2021-05-06 |
20210136000 | PACKET CONTROL METHOD AND NODE DEVICE - The present invention discloses a packet control method and a node device, to improve reliability of a data flow in a transmission process. The method includes: After receiving a pause frame, a first node automatically applies, based on adjustment information that is of a send queue of a data flow and that is recorded in a state record set, the pause frame to all queues associated in an adjustment process of the send queue of the data flow. In this way, a packet loss problem in a data transmission process can be avoided without adjusting an XOFF/XON threshold of a receive queue and without increasing a quantity of pause frames in a network system, thereby improving reliability of the data flow in the transmission process. | 2021-05-06 |
20210136001 | MULTI-LEVEL RESOURCE RESERVATION - The present disclosure is directed to a multi-level resource reservation system that obviates one or more of the problems due to limitations and disadvantages of the related art. The multi-level resource reservation system creates, or modifies existing, peer-to-peer protocol(s) to complete a continuous chain of configured ports to support QoS feature(s), e.g., bound latency and guaranteed jitter, for a data flow that traverses an arbitrary sequence of bridges, routers, and virtual links. | 2021-05-06 |
20210136002 | METHODS AND APPARATUS TO PROVIDE A CUSTOM INSTALLABLE OPEN VIRTUALIZATION APPLICATION FILE FOR ON-PREMISE INSTALLATION VIA THE CLOUD - Methods, apparatus, systems and articles of manufacture to provide a custom installable open virtualization application file for on-premise installation via the cloud are disclosed. An example apparatus includes a resource processor to determine a resource capacity for an agent in a private cloud network; a file manipulator to modify an open virtualization appliance (OVA) file by modifying a descriptor file of the OVA file to configure the resource capacity for the agent in the private cloud network, the OVA file being deployed in a public cloud network; and a first interface to transmit an indication to a location of the modified OVA file to a user device, the location of the modified OVA file being the same location as the OVA file. | 2021-05-06 |
20210136003 | COMPUTER NETWORK OF COMPUTING RESOURCE INFRASTRUCTURES AND METHOD FOR ALLOCATING THESE RESOURCES TO CLIENT APPLICATIONS - The invention concerns a computer network comprising a group of several computing resource infrastructures ( | 2021-05-06 |
20210136004 | CLOUD SERVICE FOR CROSS-CLOUD OPERATIONS - A disclosed cloud service (CS) enables cross-cloud access to data resources and cross-cloud execution of orchestrations, including automations. The CS includes a peer-to-peer (P2P) cloud orchestrator service (COS) and a cloud broker service (CBS). The COS enables P2P identification and communication routing between different cloud computing environments. The CBS enables cross-cloud access to data and orchestrations (e.g., one or more scripts, workflows, and/or scheduled jobs) from different cloud computing environments. Additionally, the data center may be configured to route all orchestration calls of a data center through the CS, such that the CS can ensure that references to local data and orchestrations are handled within the data center, while references to data and orchestrations of a different data center are suitably routed to be handled by a corresponding CS of the appropriate data center. | 2021-05-06 |
20210136005 | VIRTUAL COMPUTING SERVICES DEPLOYMENT NETWORK - A business method associates provisioning costs with a usage history indicative of user computing demand, and coalesces the cost data to identify an appropriate provisioning level balancing the provisioning cost and the usage demand cost. Conventional computing environments suffer from the shortcoming of being prone to overprovisioning or underprovisioning a user. Such misprovisioning is inefficient because it denotes underutilized computing resources or ineffective and/or disgruntled users. Costs increase either due to the excessive hardware bestowed on the overprovisioned user, or in support costs addressing the underprovisioned user. Configurations herein substantially overcome such shortcomings by defining a policy indicative of overprovisioning and underprovisioning indicators (misprovisioning flags), and defining rules to specify a triggering event indicating the need to reassess the provisioning of a user. | 2021-05-06 |
20210136006 | PREDICTIVE RESOURCE ALLOCATION IN AN EDGE COMPUTING NETWORK UTILIZING MACHINE LEARNING - The present technology relates to improving computing services in a distributed network of remote computing resources, such as edge nodes in an edge compute network. In an aspect, the technology relates to a method that includes aggregating historical request data for a plurality of requests, wherein the aggregated historical request data a time of the request, a location of a device from which the request originated, and/or a type of service being requested. The method also incudes training a machine learning model based on the aggregated historical request data; generating, from the trained machine learning model, a prediction for a type of service to be request; identifying an edge node, from a plurality of edge nodes, based on a physical location of the edge node; and based on predicted service, allocating computing resources for the computing service on the identified edge node. | 2021-05-06 |
20210136007 | METHOD AND APPARATUS FOR ORCHESTRATING RESOURCES IN MULTI-ACCESS EDGE COMPUTING (MEC) NETWORK - A method for orchestrating resources in a multi-access edge computing (MEC) network is applied in and by an apparatus. The MEC network comprises at least one control node, substrate nodes and substrate links managed by the at least one control node. The apparatus receives a virtual network request and calculates whether a proper virtual network embedding solution for the virtual network request exists. If so, the apparatus hands the solution over to the at least one control node for implementation. | 2021-05-06 |
20210136008 | VISUAL DESIGN OF A CONVERSATIONAL BOT - A visual bot designer displays a user interface that has a visual authoring canvas and a property pane. It can also have a serialized file display pane. A user can provide authoring inputs on any of the user interfaces, and the visual bot designer computing system generates and displays updates on the other parts of the user interface. | 2021-05-06 |
20210136009 | INFORMATION PROCESSING APPARATUS, INFORMATION PROCESSING SYSTEM, AND NON-TRANSITORY COMPUTER READABLE MEDIUM - An information processing apparatus includes a processor configured to set a user account of a speaker belonging to a chat group, cause a display device to display a display region for sharing content of a conversation held between plural speakers belonging to the chat group, receive at least a part of the conversation held between the plural speakers who have already joined the chat group before the speaker having the user account joins the chat group, and display the at least a part of the conversation in the display region for the user account in an inserted manner. | 2021-05-06 |
20210136010 | MOBILE TERMINAL AND METHOD OF CONTROLLING THEREFOR - A mobile terminal and controlling method thereof are disclosed, by which a message inputted before or after a message reception can be selectively sent when a message is received from a counterpart while composing a message. The present invention includes the steps of if a counterpart message is externally received in the course of a message input to a message input window and a message is additionally inputted to the message input window, applying a visual effect to either a message inputted before receiving the counterpart message or the additionally inputted message and if a send command is received, sending a message corresponding to the send command to a counterpart, wherein the message corresponding to the send command is selected from a message having the visual effect applied thereto and a message not having the visual effect applied thereto among messages displayed on the message input window. | 2021-05-06 |
20210136011 | SYSTEM AND METHOD FOR DYNAMIC CHAT MESSAGE CUSTOMIZATION - A method for providing a customizable chat window for a webpage is disclosed. The method comprises: receiving a user-specific component customized by a first user that identifies user-selected customizations for a chat message user interface (UI) of the first user; providing a snippet of code from a host chat application to a computing device associated with the first user to add to the webpage of the first user wherein activation of the snippet of code at the webpage of the first user causes the host chat application to be bootstrapped and causes the chat message UI of the first user to be loaded with the user-selected customizations; providing second code for rendering the chat message UI of the first user along with the user-selected customizations for the chat message UI, over a network, to a computing device associated with a second user; and modifying an actual chat message that is communicated using the chat message UI by applying the user-selected customizations to the chat message. | 2021-05-06 |
20210136012 | EXTENSIBLE FRAMEWORK FOR CONSTRUCTING GOAL DRIVEN AUTONOMOUS WORKFLOWS - A workflow manager can be configured to present a graphical interface to an entity that displays a recommended activity for a workflow via the graphical interface. The entity can approve the recommended activity via the graphical interface and cause an updated workflow to be presented via the graphical interface. The entity can cause the workflow manager to present a recommended activity by submitting a high value action. The workflow manager can identify users from prior workflows that completed the high value action and configure the recommended addition based on those users. The entity can cause the workflow manager to identify users, generate the recommended activity, and update the activity over the workflow lifecycle. | 2021-05-06 |
20210136013 | SYSTEM AND METHOD FOR EMPOWERING WEB APPLICATIONS WITH INSTANT BUILT-IN VIDEO CONFERENCING AND ENTERPRISE MESSAGING - A system for instantly empowering any social network, and /or application, and/or workflow with live collaboration tools, enterprise messaging and data collection without any code modification. The system is incorporated with cross domain network configuration and comprises a server including a processor and a memory having a plugin component or browser extension executed by the processor. The plugin or browser extension component comprises a registration module, a link generation module, and an instant communication module. The registration module enables a service provider to create an account by registering one or more credentials. The link generation module generates a first URL for each registered service provider. The first URL prompts visitor to install or download the browser extension or plugin, respectively. Upon a visitor clicking on a link the system activates a live video conferencing, chat and data collection and scheduling modules. | 2021-05-06 |
20210136014 | SYSTEM FOR CONFIGURATION AND INTELLIGENT TRANSMISSION OF ELECTRONIC COMMUNICATIONS AND INTEGRATED RESOURCE PROCESSING - Embodiments of the invention are directed to a central communication hub, structured for integrating a plurality of electronic communication channels associated with the user, such that the user can utilize disparate electronic communication channels via a central user application. The communications hub is structured for identifying, retrieving and processing electronic communications associated with the user, as well as, automatically initiating actions associated with the communications. The communications hub is also structured for proactively transmitting alerts associated with the electronic communications. The central communication hub also comprises a system for centralized management of records, structured for secure and convenient storage, sharing and retrieval of user records. This can include intelligent automated management of user records. | 2021-05-06 |
20210136015 | METHODS AND APPARATUS FOR DETERMINING NON-TEXTUAL REPLY CONTENT FOR INCLUSION IN A REPLY TO AN ELECTRONIC COMMUNICATION - Methods and apparatus related to determining non-textual reply content for a reply to an electronic communication and providing the non-textual reply content for inclusion in the reply. Some of those implementations are directed to determining, based on an electronic communication sent to a user, one or more electronic documents that are responsive to the electronic communication, and providing one or more of those electronic documents for inclusion in a reply by the user to the electronic communication. For example, the electronic documents may be automatically attached to the reply and/or link(s) to the electronic documents automatically provided in the reply. | 2021-05-06 |
20210136016 | MEDIA ITEM ATTACHMENT SYSTEM - Disclosed are media attachment systems to enable a user to embed a first media item with a link to a second media item, and distribute the first media item in a message to one or more recipient client devices. For example, the first media item may include a picture or video captured by a user at a client device. The user may generate a message that includes the first media item. In response, a media attachment system may cause display of an interface at the client device that includes an option to attach an address to a second media item to the message. For example, the second media item may include a web page, social media post, picture, or video identified by an address such as a Uniform Resource Locator (URL). | 2021-05-06 |
20210136017 | METHOD AND APPARATUS FOR UPDATING GROUP MEMBER DATA, AND TERMINAL, SYSTEM AND STORAGE MEDIUM - A method and apparatus for updating group member data are provided. The method includes: sending a group member data update request carrying a terminal timestamp to a server; receiving group member data change information issued by the server, wherein the group member data change information includes group member change data between the current timestamp and the terminal timestamp, and the current timestamp is greater than the terminal timestamp; and updating group member data of the terminal based on the group member data change information. | 2021-05-06 |
20210136018 | PURPOSE DETECTION IN COMMUNICATIONS USING MACHINE LEARNING - Generally discussed herein are devices, systems, and methods for identifying a purpose of a communication. A method can include receiving a communication including communication content and communication context, the communication content a first portion of the communication and the communication context a second, different portion of the communication. The method can include identifying, by a machine learning (ML) model, based on the communication content and the communication context, one or more purposes associated with the communication, the one or more purposes indicating respective actions to be performed by a user that generated or received the communication. The method can include providing data indicating the purpose of the first portion of the content. | 2021-05-06 |
20210136019 | CONVERSATION AGENT FOR COLLABORATIVE SEARCH ENGINE - A chatbot in the context of a chat group messaging is described. The chat group can include a plurality of users and a chatbot. A set of rules can be defined for the users of the group granting each user a privilege status. The chatbot can receive a request through a message transmitted to the chat group. The chatbot can discern a task associated with the message, and perform the task or ask another module to perform the task. Once the task is performed, the chatbot can report the results to the chat group. The chatbot can include a conflict resolution module which can resolve conflicts. The conflict resolution module can use each user's privilege status to resolve the conflicts. | 2021-05-06 |
20210136020 | INFERRING A GEOGRAPHIC LOCATION FOR AN ENTITY AT A GEOGRAPHIC GRANULARITY BASED ON GEOGRAPHIC LOCATIONS OF USERS OF AN ONLINE SYSTEM INTERACTING WITH THE ENTITY - An online system receives information describing one or more interactions by each of a set of online system users with an entity having a presence in the online system, in which the information includes a geographic location of each user stored in a corresponding user profile. The online system determines multiple polygons defined at different geographic granularities, in which each polygon includes a region on a geographic map. A score is computed for each polygon based on a number of the set of users who interacted with the entity and who have a geographic location within the polygon, as well as a total number of users having a geographic location within the polygon. A polygon is selected based on the scores and a geographic location for the entity is inferred for the entity as the selected polygon at the geographic granularity of the selected polygon. | 2021-05-06 |
20210136021 | SYSTEM AND METHOD FOR REGULATING ELECTRONIC MESSAGE TRANSMISSIONS - Systems and methods for regulating electronic messages transmissions. A message delay system is disposed between one or more first entities and a second entity within at least one network. Electronic messages are received from among at least one the first entities and the second entity at one or more message arrival times. A message delay component applies a delay to each received electronic message, based on a predefined delay time common to all of the first entities and a first entity delay offset associated with a first entity that is associated with the received message. The first entity delay offset is based on a geographical origin of the first entity relative to a geographical origin of the second entity. Each delayed message is transmitted to a designated recipient via the network, where the designated recipient is among the second entity and the first entities. | 2021-05-06 |
20210136022 | SYSTEMS AND METHODS FOR ELECTRONIC COMMUNICATION USING UNIQUE IDENTIFIERS ASSOCIATED WITH ELECTRONIC ADDRESSES - A method and system for electronically communicating with a user knowing only a unique identifier associated with that user is described. An electronic message having an address based upon the unique identifier and consistent with an assigned convention is sent from a portable device and received by a server system. The message sent may include attachments such as, for example, pictures, audio and/or video files. The server system includes or is capable of accessing an electronic repository in which a plurality of unique identifiers are respectively associated with a corresponding plurality of profiles. Upon receipt at the server system, the message and any attachments are stored in association with a profile corresponding to the unique identifier. The server system then facilitates access to the message information and any attachments in accordance with the profile. | 2021-05-06 |
20210136023 | SOCIAL NETWORK BASED LEARNING AND CREATION SYSTEM AND COMPUTER PROGRAM PRODUCT - The present invention relates to a learning and creation system based on social network, comprising: a central server installed with a social network based learning creation computer program product comprising a concept map collaborative module and an instant messaging module; and a plurality of user devices, each of which the plurality of user devices executes an internet browser, in communication with the central server through an internet, and accesses the social network based learning creation computer program product through the internet browser and provides the concept map collaborative module and the instant messaging module for a user to operate in response to an operation from the user, wherein the concept map collaborative module is configured to provide a plurality of graphical objects based on a graphical concept map for a plurality of the users to perform a co-construction for the same concept and provide for the plurality of the users to engage an instant messaging by enabling the instant messaging module in the concept map collaborative module, through the internet browser. | 2021-05-06 |
20210136024 | FACILITATING INTEGRATION OF COLLABORATIVE COMMUNICATION PLATFORM AND DOCUMENT COLLABORATION TOOL - Disclosed are some implementations of systems, apparatus, methods and computer program products for integrating a collaborative communication system and a document collaboration system. A document within the document collaboration system may be linked to an object within the collaborative communication system. A user post may be received in association with the object or the document. A first feed configured to be rendered in association with the object is synchronized with a second feed configured to be rendered in association with the document such that both the first feed and the second feed each includes the user post. | 2021-05-06 |
20210136025 | DIGITAL COMMUNICATIONS PLATFORM ENABLING ORGANIZATION AND VIEWING OF PERSONAL AND SOCIAL CONTRIBUTIONS ON THE INTERNET - A digital communications or content platform is provided is provided on a desktop and mobile platform that is configured to provide a useful tool for generating visualizations or other user content that is operable to create a layer or skin that acts as a pane of glass over original web content. The digital communications or content platform is configured to maintain, in a data structure, a set of data linkages representative of a set of visual components whose visual locations and website locations are dynamically maintained despite changes to the underlying webpage. The digital communications or content platform is configured to cause a display to render a hybrid webpage including both the underlying webpage and the overlay. | 2021-05-06 |
20210136026 | TRACKING PREMATURE EVENTS IN ELECTRONIC MESSAGE PROCESSING - Disclosed are some implementations of systems, apparatus, methods and computer program products for tracking electronic mail (email) events. Upon generating an email, a database entry including an email identifier associated the email is stored. A notification received from a client device is processed, where the notification indicates that the email associated with the email identifier has been opened. Responsive to processing the notification, the database entry associated with the email is identified using the email identifier and event information of the database entry is stored or updated to indicate that the email has been opened. The database entry associated with the email identifier is updated to include attributes of the email, where the attributes include a recipient identifier identifying a recipient of the email. Status information associated with the email may be provided using the database entry, where the status information indicates that the recipient has opened the email. | 2021-05-06 |
20210136027 | EXTENSIBLE FRAMEWORK FOR REPORTING AUTOMATED WORKFLOW ANALYTICS - A workflow manager can be configured to present a graphical interface to an entity and display a current status of a user population within an active workflow. The workflow manager can identify and monitor individual user actions associated with user paths of the active workflow. The workflow manager can generate user path and workflow analytics that identify the progress of individual users and summarize the overall progress of the user population within the active workflow. The workflow analytics can be generated from event notifications that are emitted by the communications and filters of the active workflow. The graphical interface can be actively updated, in response to the emission of the event notifications, to present the workflow analytics and user population progress to the entity. | 2021-05-06 |
20210136028 | MESSAGE REROUTING FROM AN E-MAIL ENVIRONMENT TO A MESSAGING ENVIRONMENT - The present disclosure relates generally to facilitating routing of communications. More specifically, techniques are provided to dynamically reroute messages. For example, embodiments can redirect a communication from an e-mail environment to a messaging environment in order to perform services with one or more clients. | 2021-05-06 |
20210136029 | CLASSIFICATION OF A DOMAIN NAME - Aspects of the present invention disclose a method, computer program product, and system for domain name classification. The method includes one or more processors receiving a request for querying a first domain name. The method further includes one or more processors acquiring a first source internet protocol (IP) address and the first domain name from the request. In response to determining the first domain name is not classified, the method further includes one or more processors an access tendency of the first source IP address based on a plurality of classifications of a plurality of domain names queried by the first source IP address. The method further includes one or more processors estimating a first classification of the first domain name based on the access tendency of the first source IP address. | 2021-05-06 |
20210136030 | Method for Sending an Information Item and for Receiving an Information Item for the Reputation Management of an IP Resource - A method for sending an information item allows reputation management of IP resources in a set of networks including at least a first network and a second network. The method is implemented by a device of the first network, called an “emitter device”, an includes a step in which the emitter device sends to a device of the second network, called a “receiver device”, an information item representative of a prefix size of an IP address assigned to an equipment item connected to the first network. | 2021-05-06 |
20210136031 | MULTI-TENANT AWARE DYNAMIC HOST CONFIGURATION PROTOCOL (DHCP) MECHANISM FOR CLOUD NETWORKING - An approach includes providing support multi-tenancy support on a DHCP protocol. The approach includes receiving a dynamic host configuration protocol (DHCP) packet, inserting a tenant-specific option information within the DHCP packet, and transmitting the DHCP packet with the tenant-specific option information. | 2021-05-06 |
20210136032 | METHOD AND APPARATUS FOR GENERATING SUMMARY OF URL FOR URL CLUSTERING - A method for generating a summary of URL (Uniform Resource Locator) according to an aspect of the inventive concept is performed by a computer device. The method may include obtaining a URL, parsing the URL to extract fields from the URL, generating attribute information indicating characteristics of each field for the fields, and generating a summary of the URL using the attribute information. A summary of an URL may be generated by reflecting structural characteristics of the URL, and the summary may be provided to URL clustering. Therefore, URL clustering in which the structural characteristics of the URL are fully reflected becomes possible. Furthermore, unlike existing machine learning-based clustering, a URL summary is generated based on rules and applied to URL clustering. Therefore, an operation time required for URL summarization or clustering is short, and it is possible to immediately reflect new data. | 2021-05-06 |
20210136033 | VERIFICATION OF DOMAIN EVENTS - A method for verifying eligibility of a domain name registrant via a verification web interface for a domain name either registered or in the process of registration with a registrar over a communications network. The method comprising: provide a network link to the registrar or to a registry operator of the domain name; receive an event request for the domain name via the verification web interface including a claim ID associated with the domain name for a domain event; receive a verification request using the network link via the verification web interface including a registrant claim ID and registrant identification information, the registrant claim ID previously provided to the registrant; confirm matching of the registrant claim ID with the claim ID; obtain registrant verification information; access external verification information and compare against the registrant verification information a confirm domain event message or a deny domain event message. | 2021-05-06 |
20210136034 | COMMUNICATION CONTROL METHOD, STORAGE MEDIUM FOR COMMUNICATION CONTROL PROGRAM, AND COMMUNICATION APPARATUS - A communication apparatus according to an example embodiment of the present invention that performs a communication application configured to control communication and has a physical connection portion includes a communication information acquisition unit that acquires a combination of the physical connection portion and the communication application used for the communication performed from a device connected to the physical connection portion to the outside; and a communication determination unit that determines whether or not to permit the communication based on the combination used for the communication and a combination of the physical connection portion and the communication application registered in advance. | 2021-05-06 |
20210136035 | FIELD DEVICE LOOP WARNING PARAMETER CHANGE SMART NOTIFICATION - A system for preventing inadvertent or untimely parameter changes to an active online field device from a secondary system different from a distributed control system application providing control instructions to the field device, where the parameter changes may cause detrimental effects to a plant process or activity. A request for a parameter change from the secondary system may be intercepted before the request is received by a field device or a controller for evaluation by an operator of the distributed control system. The validation process may provide a plant operator with override authority to approve or deny a set of critical parameter changes to an active field device or other active plant device. | 2021-05-06 |
20210136036 | Multi UE and Multi Message Support in Tunnel Management Messages - A method and computer readable medium for providing accelerated lookup for ESP IPsec tunnels is presented. In one embodiment a method includes receiving an IP packet at a network stack; performing IPsec policy lookup of the IP packet to identify an ESP tunnel IP, thereby ensuring an inner IP is routable at an other end of the tunnel without installing a route for the inner IP at the network stack; performing a route lookup for the tunnel IP; and sending the IP packet across the ESP tunnel. | 2021-05-06 |
20210136037 | ENDPOINT SECURITY DOMAIN NAME SERVER AGENT - A network is secured by managing domain name requests such that client devices are restricted from visiting malicious or undesirable domains. An endpoint Domain Name Server (DNS) agent is installed on client devices on a local network, and the endpoint DNS agents intercept DNS requests from the client devices and process the received DNS request in the endpoint DNS agent based on a security policy set for the client device via the endpoint DNS agent. In a further example processing the received DNS request comprises identifying the client device, end user, and the DNS request to a cloud-based DNS server, and processing a response received from the cloud-based DNS server received in response to the DNS request. The endpoint DNS agent is further operable to distinguish between DNS requests for local domains and remote domains, and to redirect DNS requests for local domains to a local network DNS server. | 2021-05-06 |
20210136038 | METHOD AND SYSTEM FOR WEB FILTERING IMPLEMENTATION CONSISTING OF INTEGRATED WEB EXTENSION AND CONNECTED HARDWARE DEVICE - A method, system, and computer program product for filtering domain requests which includes a processor configured to detect an initiation of a browser application on a user device on a first network. The processor may transmit a polling request to a specified endpoint. The specified endpoint may be enforced by a network monitoring device on the first network. The processor may receive a payload including a unique network device identifier from the specified endpoint, The processor may generate, a user notification alerting the user they are connected to the network monitoring device. The processor may monitor browser communications between a user device on a first network and a second network. The processor may receive a domain request from the user device and filter the domain request. | 2021-05-06 |
20210136039 | APPARATUS AND METHOD FOR MANAGING SECURITY POLICY OF FIREWALL - An apparatus for managing a security policy of a firewall according to an embodiment includes a rule request module that receives one or more requested rules to be applied to a firewall, a rule merge module that merges a pre-applied rule of the firewall and the one or more requested rules when the number of rules applied to the firewall exceeds a maximum number of rule registrations of the firewall due to the requested rule, and a firewall interface module that receives the pre-applied rule from the firewall and provides the pre-applied rule to the rule merge module, and re-registers a merged rule merged through the rule merge module in the firewall, and the rule merge module is configured to merge the pre-applied rule and the one or more requested rules so that a security vulnerable space occurring due to the merging is minimized. | 2021-05-06 |
20210136040 | CLOUD-NATIVE VPN SERVICE - Presented herein are techniques for establishing VPN services. According to example embodiments, an initial VPN message configured to establish a VPN session between the initiating device and a responding device is received at a VPN node. The initial VPN message is received from an initiating device. Data indicative of the initiating device and data indicative of the responding device is extracted from the initial VPN message. A VPN namespace is established to facilitate the VPN session between the initiating device and the responding device based on the data indicative of the initiating device and the data indicative of the responding device. One or more messages comprising data indicative of the VPN session are transmitted to a database. | 2021-05-06 |
20210136041 | Secure access for B2B applications - Systems and methods include, responsive to a request from a user for one or more Business-to-Business (B2B) applications, redirecting the request, by a cloud-based system, to an identity provider to authorize the user; displaying the one or more B2B applications that the user is authorized to access; responsive to a selection of a B2B application of the one or more B2B applications, creating a first tunnel from the B2B application to the cloud-based system; and stitching the first tunnel between the B2B application and the cloud-based system with a second tunnel between the user and the cloud-based system. The systems and methods further include, responsive to the user being unauthorized for any of the one or more B2B applications, omitting the one or more B2B applications from the displaying, such that the one or more B2B applications are invisible to the user. | 2021-05-06 |
20210136042 | INTERWORKING BETWEEN IOT SERVICE LAYER SYSTEMS AND DISTRIBUTED LEDGER SYSTEMS - A distributed ledger interworking architecture is described wherein a distributed ledger proxy interfaces with IoT service layer systems and distributed ledger systems. Service layer nodes may interact with the distributed ledger proxy to leverage functions provided by distributed ledger systems, such as to request that the distributed ledger proxy insert some service layer information into the distributed ledgers. A distributed ledger proxy can support multiple service layer nodes and may interface to multiple different distributed ledger systems. | 2021-05-06 |
20210136043 | STATE REPLICATION SYSTEM, SECURITY INSPECTION SYSTEM, AND COMPUTER READABLE MEDIUM - A state replication apparatus ( | 2021-05-06 |
20210136044 | Secure communication system and method - A system and method used for generating encryption keys on multiple devices and for encrypted data transfer between two or multiple devices. A sender system includes at least one sender device with nonlinear I-V characteristics. A receiver system includes at least one receiver device with nonlinear I-V characteristics. The at least one sender device with nonlinear I-V characteristics generates at least one sender output value used to create a string of characters or bits or bytes or numbers. The string of characters is used to encrypt data which is sent to the receiver device. The at least one receiver device with nonlinear I-V characteristics generates at least one receiver output value, and uses the at least one receiver output value to create the string of characters from the at least one receiver output value. A receiver processing unit generates the data from the encrypted data using the string of characters. | 2021-05-06 |
20210136045 | SYSTEM AND METHOD FOR IDENTIFYING EXCHANGES OF ENCRYPTED COMMUNICATION TRAFFIC - Systems and methods for identifying sequences of encrypted packets that carry files between clients and application servers, and for estimating the sizes of these files. A traffic-monitoring system searches the traffic for connections that appear to carry file content. The system estimates the number of files that were transferred over the connection. Next, the system estimates the respective sizes of one or more of the files that were transferred over the connection. To perform this estimation, the system first “peels away” as many lower-level protocol headers as possible from each of the packets that carries part of the file, and identifies the size that is specified in the lowest-level payload that remains. Next, the system tallies the specified sizes. Finally, the system reduces the packet-size tally to account for an estimated overhead due to the encryption of the packets. | 2021-05-06 |
20210136046 | NODE CONTROL METHOD AND RELATED APPARATUS IN DISTRIBUTED SYSTEM - An embodiment of this application discloses a node control method performed by a forwarding platform in a distributed computer system. The method includes: establishing, by a forwarding platform, a secure link with a user terminal through a domain name of the forwarding platform; obtaining, by the forwarding platform through the secure link, a request packet transmitted by a user terminal, and the request packet comprising an address identifier of a target node in the distributed computer system and a request content of the user terminal for the target node; encrypting, by the forwarding platform, the request content to obtain a first encrypted packet; and transmitting, by the forwarding platform, the first encrypted packet to the target node according to the address identifier. Computing device and non-transitory computer-readable storage medium counterparts are also contemplated. | 2021-05-06 |
20210136047 | CENTRALIZED SECURE DISTRIBUTION OF MESSAGES AND DEVICE UPDATES - Embodiments relate to systems for the distribution of payload in a secure manner. A server may receive a query from a device that includes a subscriber identifier. The server may determine, from confidential information stored, an association between the subscriber identifier and a public key of the device. The server may retrieve the public key of the device. The server may generate a data payload as a response to the query. The server may encrypt the data payload by a symmetric key that is generated randomly. The server may encrypt the symmetric key by the public key of the device. The server may transmit the data payload and the symmetric key that are encrypted to the device for the device to use a private key corresponding to the public key to decrypt the symmetric key and use the symmetric key to decrypt the data payload. | 2021-05-06 |
20210136048 | System and Method for Secure Remote Control of a Medical Device - A system and method for secure wireless control of a device including, but not limited to, replay attack protection, man-in-the-middle protection, data obfuscation, and challenge-response authentication. The system includes a control device, a controlled device interface, a controlled device, a control device interface, and a wireless link. The controlled device interface and the control device interface manage secure communications between the control device and the controlled device over the wireless link. The controlled device can include a medical device such as, for example, but not limited to, an insulin pump and a wheelchair. | 2021-05-06 |
20210136049 | DETERMINISTIC LOAD BALANCING OF IPSEC PACKET PROCESSING - Certain embodiments described herein are generally directed to systems and methods for deterministic load balancing of processing encapsulated encrypted data packets at a destination tunnel endpoint. For example, certain embodiments described herein relate to configuring a destination tunnel endpoint (TEP) with an encapsulating security payload (ESP) receive side scaling (RSS) mode to assign each incoming packet, received from a certain source endpoint (EP), to a certain RSS queue based on an identifier that is encoded in an SPI value included the packet. | 2021-05-06 |
20210136050 | Secured Transport in Remote MAC/PHY DAA Architecture - Exchanging encrypted packet payloads between a cable headend and a Remote MACPHY device. A single device executes a cable modem termination system (CTMS) implemented in software and not hardware. The software-implemented CMTS (i.e., a virtual CMTS) instantiates a tunnel to the Remote MACPHY device. The virtual CMTS encrypts the payloads of one or more packets and transmits those packets over the tunnel to the Remote MACPHY device. In similar fashion, the Remote MACPHY device may send packets with encrypted payloads to the virtual CMTS over the tunnel. In this way, encryption is not performed on a hop by hop basis, thereby allowing the payloads of packets to remain encrypted at all times during transmit through the tunnel. | 2021-05-06 |
20210136051 | APPARATUS AND METHOD FOR IN-VEHICLE NETWORK COMMUNICATION - Disclosed herein are an in-vehicle network apparatus and method. The in-vehicle network apparatus includes one or more processors and executable memory for storing at least one program executed by the one or more processors. The at least one program is configured to verify the integrity of software stored in advance in the executable memory, to generate a key table by sharing authentication information with a communication target, and to exchange an encrypted message with the communication target using the key table. | 2021-05-06 |
20210136052 | ACCESSING CLIENT CREDENTIAL SETS USING A KEY - Techniques are disclosed relating to a computer system accessing a client credential set to authenticate with a destination computer system. A computer system may, subsequent to receiving an indication to make available an application for a particular user, retrieve configuration data specifying a reference to a key value. The computer system may maintain a data object that includes a client credential set for the particular user. In response to an occurrence of an event associated with the application, the computer system may access the client credential set of the particular user from the data object using the key value and an indication of the particular user. The computer system may then send a request including the client credential set to a destination computer system for authentication with the destination computer system and receive a response indicating whether the computer system has been authenticated. | 2021-05-06 |
20210136053 | ACCESS MANAGEMENT SYSTEM WITH A SECRET ISOLATION MANAGER - Methods, systems, and computer storage media for providing identification of secrets as one-way secrets in a computing environment. In particular, a secret isolation manager of an access management in the computing environment can identify an entity as an owner of secrets in a secret storage structure. In operation, the secret isolation manager, can receive a request, associated with a requesting entity, to access a secret associated with an approving entity. The request can be for an application of the requesting entity to access a secret of the approving entity. The secret isolation manager accesses the secret storage structure that stores affinity identifiers, where an affinity identifier indicates that the requesting entity has a one-way affinity with the approving entity that owns the secret. The one-way affinity operates to allow the approving entity to share the secret with the requesting entity, so the requesting entity is granted access to the secret. | 2021-05-06 |
20210136054 | Sharing Access to a Media Service - Examples provided herein are directed to a computing device and media playback system sharing access to a media service corresponding to a media application installed on the computing device. In one example, a media playback system may be configured to (i) receive from the computing device an authorization code that corresponds to a media application installed on the computing device that is authorized to access media from a media service, (ii) transmit to the media service an authorization request with the authorization code, (iii) receive from the media service an authorization token that facilitates obtaining media from the media service, and (iv) transmit to the media service a request for media for playback by the media playback system, where the request for media includes the authorization token. | 2021-05-06 |
20210136055 | REMOTE DESKTOP PROTOCOL PROXY WITH SINGLE SIGN-ON AND ENFORCEMENT SUPPORT - Described embodiments provide systems and methods for launching a connection to a resource link from a client device. A device can authenticate the client device for access to a plurality of resource links accessible via one or more servers. The device can provide a list of the plurality of resource links responsive to the authentication, and receive a request from the client device, identifying a first resource link to access. The device can cause first authenticated credentials for the first resource link to be stored on the client device responsive to the request. The first authenticated credentials can correspond to the client device and provide access the first resource link. The client device can be configured to launch a connection to the first resource link from the client device using the first authenticated credentials stored on the client device. | 2021-05-06 |
20210136056 | OPERATING SYSTEM WITH AUTOMATIC LOGIN MECHANISM AND AUTOMATIC LOGIN METHOD - An operating system with automatic login mechanism and an automatic login method are provided. The operating system includes a first electronic device, a second electronic device and a server device. The second electronic device includes a biometric sensor. When a login event of the first electronic is triggered, the first electronic device sends a login request to the second electronic device directly or via the server device, so that the second electronic device performs a biometric verification by the biometric sensor according to the login request. When the biometric verification is passed, the second electronic device sends a first login credential to the first electronic device directly or via the server device, so that the first electronic device performs an automatic login operation of the first electronic device according to the first login credential. | 2021-05-06 |
20210136057 | DYNAMIC BYPASS - Methods and apparatus consistent with the present disclosure may prevent a computer process from failing when a firewall located between a client device and a server identifies that a process at the firewall should be bypassed using fingerprint information associated with a connection attempt. When fingerprint information stored at a firewall matches previously received fingerprint information, the firewall may allow processes typically performed at the firewall to be bypassed, thereby, allowing communications to pass between the client device and the server without inspection. When that fingerprint information does not match previously received fingerprint information, the firewall may perform a process that causes the client device to fail the first connection attempt. Because of this, methods consistent with the present disclosure may allow communications from an application program to be passed through a firewall without relying on an ever growing list of trusted application programs. | 2021-05-06 |
20210136058 | MULTIPLE IDENTITY PROVIDER AUTHENTICATION SYSTEM - Methods and systems for authentication using multiple identity providers are described herein. A first identity provider may receive, e.g., from a second identity provider, an indication of an authentication request. The first identity provider may retrieve, from a storage device, session information associated with the request. The first identity provider may authenticate, using one or more first functions, based on the session information, and based on authentication credentials received from a user, the user. Based on the authentication, the first identity provider may modify the session information. The second identity provider may authenticate, based on the session information and using one or more second functions, the user. The one or more second functions may comprise providing the user a token based on the session information. The session information may be subsequently deleted. | 2021-05-06 |
20210136059 | MONITORING RESOURCE UTILIZATION OF AN ONLINE SYSTEM BASED ON BROWSER ATTRIBUTES COLLECTED FOR A SESSION - An online system monitors resources utilization by users connecting with the online system and detects unauthorized resource utilization caused by sharing of sessions. The online system collects samples of browser attributes from browsers interacting with the online system. The online system determines a score indicating a difference between two samples of browser attributes taken at different times. The online system uses the score to determine whether the two samples of browser attributes in the same session were received from different browsers. If the online system detects unauthorized resource utilization if the two samples are determined to be from two different browsers. The online system takes mitigating actions, for example, by invalidating the session or requiring users to re-enter credentials. | 2021-05-06 |