20th week of 2016 patent applcation highlights part 71 |
Patent application number | Title | Published |
20160142374 | PRIVATE AND SECURE COMMUNICATION SYSTEMS AND METHODS - Private and secure communication systems and methods implemented by a server in a local network behind a local router/firewall include authenticating a client device based on a request from the client device, wherein the request is for a tunnel from the server to the client device through the local router/firewall for a communication session with another client device; configuring and establishing a Virtual Private Network (VPN) tunnel over the Internet with the client device; and establishing the communication session with the another client device utilizing Session Initiation Protocol (SIP) for both signaling and media, wherein the server operates both as a VPN server and a Private Branch Exchange (PBX) for communication sessions utilizing SIP, and wherein the communication session is logged at a local level of the server. | 2016-05-19 |
20160142375 | TECHNIQUES TO AUTHENTICATE A CLIENT TO A PROXY THROUGH A DOMAIN NAME SERVER INTERMEDIARY - Techniques to authenticate a client to a proxy through a domain name server intermediary are described. In one embodiment, for example, a client apparatus may comprise a data store and a network access component. The data store may be operative to store a network configuration file, the network configuration file containing a client-specific secret. The network access component may be operative to transmit a communication request from the client device to a proxy server, the communication request directed to a destination server distinct from the proxy server, and to receive a response to the communication request from the destination server based on a determination by the proxy server that the client is authorized to use the proxy server, the determination based on the client having previously sent an encoding of a client-specific secret to a domain name server embedded within a lookup domain of a domain name request. Other embodiments are described and claimed. | 2016-05-19 |
20160142376 | STREAMING MEDIA FOR PORTABLE DEVICES - A system and method for allowing hand-held/wireless device devices to (1) provide audio/video conferencing; (2) access AV content through streaming and cloud transfer; and (3) offer hand-held and computer access to cameras and sensors for surveillance using ordinary personal computers as proxy servers is described. In a first aspect, a remote view streaming system which comprises a webcam server which enables streaming video over a network is disclosed. The system includes a portable device. The portable device includes a client application. The portable device is configured to receive the streaming video from the network and display it on a screen. The system includes a proxy server for authenticating a connection between the webcam server and the portable device. In a second aspect, a portable device is disclosed. The portable device comprises a client application; wherein the client application includes authentication information to allow connection to the proxy server and in turn can be connected directly to a webcam server if the webcam server has proper authentication. | 2016-05-19 |
20160142377 | COMMUNICATION APPARATUS, CONTROL METHOD, AND NON-TRANSITORY COMPUTER-READABLE STORAGE MEDIUM - A communication apparatus which performs communication in a wireless LAN by operating as a base station or a terminal station of the wireless LAN determines, if currently connected to the wireless LAN as the terminal station when receiving the connection request from a first another apparatus, whether to cause the first another apparatus to connect to the currently connected wireless LAN. Then, the communication unit communicates with the first another apparatus via a second another apparatus which operates as the base station in the currently connected wireless LAN when determining to cause the first another apparatus to connect to the currently connected wireless LAN, and communicates with the first another apparatus not via the second another apparatus when determining not to cause the first another apparatus to connect to the currently connected wireless LAN. | 2016-05-19 |
20160142378 | REACHING ANONYMIZATION SERVICE LEVELS THROUGH ADDED TRANSACTIONS - Methods, apparatuses, systems, and computer-readable media for an anonymization service level improvement system (“ALI”) are described. One or more transactions may be generated by a system to be transmitted outside of a secure area. The ALI may anonymize these transactions and anonymization may be measured by reference to one or more anonymization metrics, including, but not limited to, k-anonymity, 1-diversity, and t-closeness. The ALI may be configured to determine current values for the metrics and whether current anonymization is sufficient to provide a pre-determined service level. If the service level is not sufficient, then the ALI may generate fake anonymized transactions to be output to satisfy the pre-determined service levels of the one or more anonymization metrics. Results may be received which may include valid and invalid results. The ALI may remove the invalid results before returning the valid results to the system. Other embodiments may be described and/or claimed. | 2016-05-19 |
20160142379 | ASSOCIATING ANONYMOUS INFORMATION TO PERSONALLY IDENTIFIABLE INFORMATION IN A NON-IDENTIFIABLE MANNER - The present disclosure provides a detailed description of techniques used in methods, systems, and computer program products for associating anonymous information to personally identifiable information without sharing any personally identifiable information. A method receives a specification record comprising one or more specified demographic attributes to be used in user record selection operations, the results of which operations include user records that comprise a user identifier and at least some non-personally-identifiable information. A candidate group is formed by applying a set of rules over the retrieved user records to reject-out one or more user records that comprise mutually-exclusive characteristics with respect to the other user records in the candidate group. An anonymity measure is calculated over the candidate group to satisfy a threshold of anonymity. If needed to satisfy the threshold of anonymity, additional user records are added to the group before any sharing operations. Anonymity of the users is preserved. | 2016-05-19 |
20160142380 | SYSTEMS AND METHODS FOR MAINTAINING USER PRIVACY AND SECURITY OVER A COMPUTER NETWORK AND/OR WITHIN A RELATED DATABASE - Systems and methods are provided to maintain the privacy of a user's actions and/or experiences on a computer network. The user's privacy is maintained by making the user, the user's data and the user's tracks anonymous to network operators and content providers, while supporting pattern analysis for purposes including, but not limited to, analytics, reputation management, search, discovery, hashtag or geotag management. Unique and dynamically generated tokens are used to make the user's identity and actions anonymous during the user's activities, exchanges or communications on the computer network. Collected information regarding the actions of the anonymous users can be used to generate analytical data. However, the collected information is not associated with an individual user unless that user is a registered user and even then, a specific user's data and track are only available to that user. If a registered user requests his/her information, the information is provided to the user in an encrypted format using a public key provided by the user and can only be decrypted with a private key held by the user. | 2016-05-19 |
20160142381 | DIGITAL RIGHTS MANAGEMENT FOR EMAILS AND ATTACHMENTS - A digital rights management (DRM) method for protecting emails can apply different protection policies to different components of an email such as the message body and the attached digital files. While an email application of the client encrypts the entire email document including both the message and the attachments, a plugin module on the client obtains user input regarding the DRM policies to be applied to individual attachments and then transmits the encrypted email along with the information about the DRM policies for the individual attachments to a digital rights management server. The server first decrypts the entire email document, then applies the user-specified DRM policies to the attachments individually. The server re-composes an email and attaches the individually protected attachments, and transmits the email to the exchange server. | 2016-05-19 |
20160142382 | Systems, Methods, and Media for a Cloud Based Social Media Network - System and methods for providing private social networks, which are cloud-based in some instances, are provided herein. A method includes receiving a selection of the digital data on a private user secure data storage device from a first user, receiving a selection of one or more individuals to be given access to the digital data, applying access rights for the digital data, creating a URL that points to a location within the private user secure data storage device where the digital data resides, posting the URL to a plurality of social networks using a shared message, receiving a request from a second user for the digital data when the second user clicks the URL in the shared message, and serving the digital data to the second user directly from the private user secure data storage device without storing the digital data on any of the plurality of social networks. | 2016-05-19 |
20160142383 | INFORMATION PROCESSING APPARATUS, CONTROL METHOD, AND PROGRAM - An information processing apparatus includes first processing means for performing a setting for performing encrypted communication on the information processing apparatus in response to a command based on a first communication procedure, second processing means for performing a setting for performing encrypted communication on the information processing apparatus in response to a command based on a second communication procedure, and transmitting means for transmitting information indicating that the setting for performing the encrypted communication is made in response to the command based on the first communication procedure to a reception apparatus if the command based on the second communication procedure is received from the reception apparatus after the first processing means performs the setting for performing the encrypted communication on the information processing apparatus in response to the command based on the first communication procedure. | 2016-05-19 |
20160142384 | TUNNEL INTERFACE FOR SECURING TRAFFIC OVER A NETWORK - Methods and systems for a flexible, scalable hardware and software platform that allows a managed security service provider to easily provide security services to multiple customers are provided. According to one embodiment, a method is provided for delivering customized network services to subscribers of the service provider. A request is received, at a service management system (SMS) of the service provider, to establish an Internet Protocol (IP) connection between a first and second location of a first subscriber of the managed security service provider. Responsive to the request, the SMS causes a tunnel to be established between a first and second service processing switch of the service provider which are coupled in communication via a public network and associated with the first location and the second location, respectively. | 2016-05-19 |
20160142385 | OFF-HOST AUTHENTICATION SYSTEM - An off-host authentication system includes a network. An off-host processing system is coupled to the network and sends an encrypted authentication item through the network in response to validating a user. An authentication information handling system (IHS) is coupled to the network and receives the encrypted authentication item from the off-host processing system through the network, decrypts the encrypted authentication item to produce a decrypted authentication item, validates the decrypted authentication item, and sends an approval message through the network. A directory system is coupled to the network and receives the approval message through the network and, in response, sends a user approval through the network. A host processing system, which is located in a user IHS that includes the off-host processing system and which is coupled to the network, logs a user into the user IHS in response to receiving the user approval through the network. | 2016-05-19 |
20160142386 | APPARATUS AND METHOD FOR A MULTI-ENTITY SECURE SOFTWARE TRANSFER - A method and a system embodying the method for a multi-entity secure software transfer, comprising, configuring a communication interface controller at each trusted hardware entity of a first hardware entity and a second hardware entity to disallow all external access except a communication link configuration access; establishing the communication link between the first hardware entity and the second hardware entity; configuring write access from the second hardware entity to only a first storage at the first hardware entity; and writing the secure software received from the second hardware entity via the communication link to the first storage at the first hardware entity, are disclosed. | 2016-05-19 |
20160142387 | STORAGE FOR ENCRYPTED DATA WITH ENHANCED SECURITY - Technologies described herein provide enhanced security for encrypted data. In some configurations, encrypted data may be generated at a client computing device by encrypting data with an encryption key. The encrypted data may be communicated from the client computing device to a secret store managed by a first entity for storage of the encrypted data in the secret store. The encryption key may be communicated from the client computing device to a key store managed by a second entity for storage of the encryption key in the key store. The secret store may be managed by a first set of administrative access control rights that are exclusive to the secret store. The key store may be managed by a second set of administrative access control rights that are exclusive to the key store. | 2016-05-19 |
20160142388 | SECURE, UNTETHERED PROVISIONING AND TROUBLESHOOTING OF WIRELESS NETWORK DEVICES - A wireless network device only installs configuration information that is wirelessly received from a provisioning device if the wireless network device successfully authenticates a security token it receives from the provisioning device. The provisioning device can obtain the security token by scanning a label associated with the wireless network device or by other methods. | 2016-05-19 |
20160142389 | Short-Range Device Interactions for Facilitating Partial Uses of Clustered Access Rights - Systems and methods are provided for communication networks and network operations for processing partial uses of clustered access rights. The communication networks may include channels such as short-range communication channels, such as Bluetooth, BTLE, and/or near-field communication (NFC) channels. | 2016-05-19 |
20160142390 | THIRD-PARTY DOCUMENTED TRUST LINKAGES FOR EMAIL STREAMS - Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for establishing third-party documented trust linkages. In one aspect, a method includes receiving linkage context data from a sending user, creating a linkage context based on the linkage context data, sending the linkage context to the sending user, receiving linkage initiation data from the sending user, sending linkage initiation email based on the linkage initiation data to a recipient user, receiving confirmation opt-in data from the recipient user; and creating a trust linkage between the sending user and the recipient user, where the trust linkage allows the sending user to successfully send at least one future message stream and where the trust linkage allows the recipient user to successfully receive the at least one future message stream. Further aspects include testing trust linkages for processing message streams and destroying trust linkages to stop message streams. | 2016-05-19 |
20160142391 | ELECTRONIC DEVICE, SERVER, ELECTRONIC DEVICE CONTROLLING METHOD, INFORMATION PROCESSING METHOD AND RECORDING MEDIUM - An information processing device includes an interface configured to receive authentication information from an electronic device. The device also includes circuitry configured to identify an execution range of an association operation program executed by the electronic device, the execution range being indicative of an authentication of an association between the electronic device and another electronic device. | 2016-05-19 |
20160142392 | IDENTITY MANAGEMENT SYSTEM - There is described a system for authenticating a client device in a network having a plurality of IDM components. One or more of the IDM components subscribes (using the publish-subscribe message pattern) to authentication requests published by client devices. The client device publishes an authentication request into the network. The most appropriate IDM component to process the published authentication request is selected, and the authentication request forwarded to the selected IDM component. The selected IDM component is then operated to negotiate with and authenticate the client device. | 2016-05-19 |
20160142393 | Terminal Authentication Apparatus and Method - A terminal authentication apparatus and method. The method includes sending, by an authenticator, a media access control (MAC) address of a terminal to an authentication server, and authenticating, by the authentication server, the MAC address according to a preset MAC address list. When an authentication result indicates that the terminal does not belong to the preset MAC address list, the method includes detecting, by a security gateway according to a data stream of the terminal, whether the terminal is a trusted terminal. The method also includes instructing, according to a detection result, the authentication server to update the MAC address list; and after the MAC address list is updated, triggering the authenticator to re-authenticate the terminal. The present disclosure resolves a problem that normal monitoring is seriously affected due to the fact that a terminal that is not in a whitelist is directly not allowed to access a monitoring network. | 2016-05-19 |
20160142394 | STRONG AUTHENTICATION VIA DISTRIBUTED STATIONS - In various embodiments, authentication stations are distributed within a facility, particularly in spaces where mobile devices are predominantly used—e.g., a hospital's emergency department. Each such station includes a series of authentication devices. Mobile device may run applications for locating the nearest such station and, in some embodiments, pair wirelessly with the station so that authentication thereon will accord a user access to the desired resource via a mobile device. | 2016-05-19 |
20160142395 | Ad Hoc Communications - Ad hoc communications are established between unknown contacts. For example, in today's mobile communications environment, there are many instances in which a user of smart phone may wish to send a message to an unknown user's smartphone. An ad hoc communication thus allows messaging with an unknown user. | 2016-05-19 |
20160142396 | End-to-End Trusted Communications Infrastructure - A method establishing a trusted end-to-end communication link is disclosed. The method comprises executing a communication application in a trusted security zone of a mobile access terminal. The method also comprises sending a message from the mobile access terminal to a trusted communication application executing in a trusted security zone of a trusted enterprise edge node. The method further comprises sending the message from the trusted enterprise edge node to a trusted cloudlet executing in a trusted security zone of a cloud based server. | 2016-05-19 |
20160142397 | System for Providing an Indication of the Validity of the Identity of an Individual - Aspects of this disclosure relate to an identity level generating computer which may include a processor and memory storing computer executable instructions that, when executed, cause the computer to generate identity levels for users of a business. Generating identity levels for users of a business may include electronically receiving user data regarding at least one of: an identity of the user, a behavior of the user, a propensity of a user and a risk associated with the user's identity and determining one or more individual characteristic levels based on the electronically received information. Determining the one or more individual characteristic levels may include comparing the customer data regarding the at least one of the identity of the user, the behavior of the user, the propensity of the user and the risk associated with the user's identity with a list predetermined criteria and calculating an identity level based on the comparison of the user data with the list predetermined criteria. | 2016-05-19 |
20160142398 | Method of network identity authentication by using an identification code of a communication device and a network operating password - A method of network identity authentication uses an identification code of a communication device and a network operating password. The network operating password is generated by a password generator in the website server by capturing a partial portion or all of the identification code of a website, account, transaction or other services. The result of the network identity authentication for the identification code of a communication device and network operating password is directly sent back to the network identity authentication system, thereby eliminating the possibility of invasion by a “phishing scam” or “man-in-the-middle attack,” which can happen in the conventional “dynamic password” authentication method. | 2016-05-19 |
20160142399 | IDENTITY INFRASTRUCTURE AS A SERVICE - A method and system of an identity service to provide a single point of access for a plurality of applications for an authentication of a user identity. An authentication request is received from an application via an application program interface (API), wherein the authentication request includes logon information. The authentication request is translated to one or more identity providers. Upon authentication, serially executing one or more programmatic extension scripts associated with the user. Privileges are granted to the user based on at least one of the programmatic extension scripts associated with the user. | 2016-05-19 |
20160142400 | SYSTEMS AND METHODS FOR SYSTEM LOGIN AND SINGLE SIGN-ON - Systems and methods for system login and single sign-on are described. A first application of a first system receives a request to access a protected application of a second system. An assertion is generated in response to the request. The assertion asserts an identity in the first system of a user generating the request. The assertion is validated and first account information corresponding to the assertion is extracted. The first account information is information of a first account of the user in the first system. Second account information is determined that is information of a second account of the user in the second system. A mapping is generated between the first account and the second account using the first account information and the second account information. The mapping is used to provide access to the protected application by the requestor. | 2016-05-19 |
20160142401 | GENERALIZED CERTIFICATE USE IN POLICY-BASED SECURE MESSAGING ENVIRONMENTS - Within a secure messaging environment, a determination is made that a request to send a message has been generated by a message sender. A message protection policy configured to process the message within the secure messaging environment is identified. The message protection policy specifies that, within the secure messaging environment, a secured digital certificate, other than a digital certificate of the message sender, is configured with an associated private key to digitally sign the message on behalf of the message sender. Based upon the message protection policy, a determination is made to digitally sign the message using the private key of the secured digital certificate. The message is signed on behalf of the message sender using the private key of the secured digital certificate. | 2016-05-19 |
20160142402 | METHOD AND APPARATUS FOR REGISTERING A DEVICE FOR USE - A server and method for supporting device registration by the server are provided. The present disclosure relates to a sensor network, Machine Type Communication (MTC), Machine-to-Machine (M2M) communication, and technology for Internet of Things (IoT). The present disclosure may be applied to intelligent services based on the above technologies, such as smart home, smart building, smart city, smart car, connected car, health care, digital education, smart retail, security and safety services. | 2016-05-19 |
20160142403 | TERMINAL DEVICE AND METHOD FOR PROTECTING TERMINAL DEVICE, AND TERMINAL MANAGEMENT SERVER - A terminal device includes: a condition checking unit to monitor an operation state of the terminal device by executing a terminal managing program, and determine whether the terminal device is in a state of a preset condition for terminal protection; a communication control unit to control the communication unit to be connected to the terminal management server using the location information when the condition checking unit determines that the terminal device is in a state of the condition for terminal protection, and control the communication unit to send the identification information to the terminal management server; and a lock control unit configured to lock the terminal device by executing the terminal managing program when a lock command is issued by, and received from, the terminal management server. | 2016-05-19 |
20160142404 | IDENTITY ASSERTION BASED ON BIOMETRIC INFORMATION - A method and apparatus for providing a lifetime extension to an identity assertion is provided herein. During operation a user will authenticate to an identity management server (also known as an authorization server or an authentication server) to obtain an identity assertion. An identity assertion will be provided upon successful authentication. The lifetime of the identity assertion will be based on whether or not biometric information of the user will be used by the device to which the assertion is being issued to identify the user prior to allowing the use of the identity assertion. | 2016-05-19 |
20160142405 | AUTHENTICATING A DEVICE BASED ON AVAILABILITY OF OTHER AUTHENTICATION METHODS - An approach for authenticating a device is provided. The approach includes a computer implemented method for receiving a first stage biometric variable verification data for accessing the device. The approach further includes a computer-implemented method for computing a second stage binary authentication data for accessing the device. The approach further includes analyzing the received first stage biometric variable verification data and the second stage binary authentication data. The approach further includes receiving the second binary authentication data for accessing the device. The approach further includes generating a confidence score level using the analyzed first stage biometric variable verification data and second stage binary authentication data, wherein, if the first stage biometric variable verification data is verified as having a sufficient confidence level score, then a required password entry, for the second stage binary authentication data requires less than all the normal number of characters for accessing the device. | 2016-05-19 |
20160142406 | INFORMATION PROCESSING APPARATUS, INFORMATION PROCESSING METHOD, AND NON-TRANSITORY COMPUTER READABLE MEDIUM - An information processing apparatus includes an authenticating section, a detecting section, and a processor. The authenticating section authenticates a user. When the authenticating section has authenticated a first user, the detecting section detects a second user in the vicinity of the information processing apparatus. The second user is different from the first user. When the detecting section detects the second user, the processor performs a predetermined process. | 2016-05-19 |
20160142407 | METHOD AND APPARATUS FOR DISPLAYING USER INTERFACE IN ELECTRONIC DEVICE - A method for obtaining biometric information associated with a user of the electronic device from the electronic device is provided. The method includes determining condition information associated with the user based on at least the biometric information, displaying a notification corresponding to the biometric information via a display functionally connected to the electronic device when the condition information corresponds to a first predefined condition, and automatically executing an application associated with the biometric information when the condition information corresponds to a second predefined condition. Other embodiments are also possible. | 2016-05-19 |
20160142408 | SECURE IDENTITY PROPAGATION IN A CLOUD-BASED COMPUTING ENVIRONMENT - The present disclosure describes methods, systems, and computer program products for providing secure identity propagation in a cloud-based computing environment. One computer-implemented method includes receiving, from a user, a first security response message, transmitting, to the user in response to receiving the first security response message, a second security response message, wherein the second security response message comprises a Token Granting Token (TGT), receiving, from a cloud application, a Service Token (ST) request, wherein the ST request comprises the TGT, verifying the ST request based on the TGT, generating, in response to the verifying, a ST, wherein the ST is used to validate an access request to access a backend system, and transmitting the ST to the cloud application. | 2016-05-19 |
20160142409 | OPTIMIZED TOKEN-BASED PROXY AUTHENTICATION - Methods, systems, apparatuses, and computer program products are provided for authentication of users in a service-to-service context. At a first service, a user authentication token is received from a client device that was obtained from an identity provider. The user authentication token was received to enable access to the first service by a user. The user is authenticated based on the user authentication token. A second service is determined to be needed to be accessed by the first service on behalf of the user. The user authentication token is converted into a proxy token that is not convertible back to the user authentication token. The proxy token is forwarded from the first service to the second service to enable access to the second service. A response is received by the first service from the second service due to the user having been authenticated based on the proxy token. | 2016-05-19 |
20160142410 | ELECTRONIC CONTROL UNIT NETWORK SECURITY - A system and method of controlling access to a vehicle network that includes a plurality of electronic control units (ECUs) communicating over the network. The method carried out by the system operates a network of ECUs that include at least first and second ECUs in communication with each other over the network. The first ECU may be an external access point which can establish communication with an external device. The first ECU provides the external device with limited privilege access to the network. The method further includes detecting unauthorized escalated privilege access of the first ECU, and in response to the detection, at least partially restricting use of the first ECU as the external access point, thereby preventing external devices from using the first ECU for the limited privilege access to the network. | 2016-05-19 |
20160142411 | Homogenizing Tooling for a Heterogeneous Cloud Environment - A method, system and computer-usable medium are disclosed for controlling access to a node deployed in a cloud environment. A new node, based upon a common image, is created in a cloud computing environment. A unique set of randomized system parameters are then generated for the new node, which is then mapped to a set of generic system parameters. A request to access the new node is intercepted, which contains the generic system parameters. The intercepted access request is then parsed to extract the set of generic system parameters, which are then replaced with the unique set of randomized system parameters associated with the target node to generate a modified access request. The modified access request is then forwarded to the target node. | 2016-05-19 |
20160142412 | METHOD AND SYSTEM FOR PREVENTING INFORMATION LEAKAGE BASED ON TELEPHONE - The present invention relates to a method and a system for preventing an information leakage based on a telephone authentication. The present invention includes a first step in which a telephone-authentication data-loss-prevention (DLP) file policy is set by a generator as a user of a user terminal assembly including a server-connection terminal through using the server-connection terminal and the server-connection terminal sends the telephone-authentication DLP file policy and requests a generation of a telephone-authentication DLP file to a DLP server assembly through an internet network; a second step in which the DLP server assembly generates a contents identification (CID) by using information including the telephone-authentication DLP file policy and stores a telephone-authentication DLP file information including the CID and the telephone-authentication DLP file policy; and a third step in which the server-connection terminal or the DLP server assembly generates the telephone-authentication DLP file, wherein the telephone-authentication DLP file including the CID as a header of an original data file that is a general file. A telephone authentication is needed when a reader reads the generated telephone-authentication DLP file. | 2016-05-19 |
20160142413 | EPHEMERAL APPLICATIONS - A method of executing an application in a direct launch mode includes receiving a user input to download an application from a remote server to a client computing device and to launch the application on the client computing device. Permissions requested by the application to utilize local resources of the client computing device during execution of the application by the client computing device are determined, and the determined permissions are compared to a list of predetermined permissions requiring modification of the execution of the application when the application is executed in a direct launch mode. The application is launched without additional input from the user, and the application is executed on the client computing device with at least one of the requested permissions not being granted in its entirety. | 2016-05-19 |
20160142414 | METHOD, APPARATUS, AND SYSTEM FOR ACHIEVING PRIVILEGE SEPARATION - Methods, apparatus, and systems for achieving privilege separation are provided herein. In an exemplary method, an operation-applying instruction sent by a first-type client can be received. According to the operation-applying instruction, it can be determined whether an operation corresponding to the operation-applying instruction is able to be executed. When the operation corresponding to the operation-applying instruction is able to be executed, an operation-executing instruction can be sent to a second-type client, such that the second-type client can obtain a privilege for executing the operation, according to the operation-executing instruction. A notifying instruction can be sent to a third-type client, such that the third-type client can obtain a notification that the second-type client has obtained the privilege for executing the operation. | 2016-05-19 |
20160142415 | Securing Communication over a Network using Client Integrity Verification - A method for protecting application servers from network-based attacks and verifying the security posture of end client systems is disclosed. A trust broker system receives a request from a user agent associated with a client system remote from the trust broker to connect to applications and resources associated with the trust broker. The trust broker system verifies the integrity of the client system and verifies the identity of a user of the client system. The trust broker system then determines the access level permitted to the identified user and based on the access level. The trust broker system establishes a connection with the user agent and transmits session information to the server system. The trust broker system sends the user agent connection information, wherein the connection information enables the requesting user agent to connect to the requested server system. | 2016-05-19 |
20160142416 | SYSTEM AND METHOD FOR USING A SEPARATE DEVICE TO FACILITATE AUTHENTICATION - A system that incorporates the subject disclosure may perform, for example, operations including receiving a request from a first device to access information content of a second device. The process further includes forwarding a token to the second device by way of a second wireless network, to obtain a second device token, and forwarding the token to the first device by way of the first network to obtain a first device token, wherein the first device forwards the first device token to the second device by way of a third network. A confirmation that the token was received at the first device is based on the result of the comparison indicating a match between the first device token and the second device token. Access to the information content of the second device is authorized in response to the confirmation. Other embodiments are disclosed. | 2016-05-19 |
20160142417 | Automated Credentialing of Device Newly Added to a Network - A device newly introduced to a network is automatically credentialed to be able to communicate over a network before the device first communicates with the network. For example, at a point of purchase, a user can provide network identification information to a merchant computing device that effects transfer of that information to the new device such that the new device can communicate directly with the network without initial credentialing directly between the unique device and the local network. In another example, the merchant computing device communicates with the local network to register a newly purchased device with the local network before the newly purchased device is introduced to the network. Accordingly, the network is configured to begin communications with the unique device without initial credentialing directly between the unique device and the local network. | 2016-05-19 |
20160142418 | Validating the Identity of an Application for Application Management - A method of managing access to enterprise resources is provided. An access manager may operate at a mobile device to validate a mobile application installed at that mobile device. If the access manager does not successfully validate the mobile application, the access manager may prevent the mobile application from accessing computing resource. If the access manager does successfully validate the mobile application, then the access manager may identify the mobile application as a trusted mobile application. The access manager may thus permit the trusted mobile application to access the computing resource. | 2016-05-19 |
20160142419 | PROTECTING DOCUMENTS FROM CROSS-SITE SCRIPTING ATTACKS - In various implementations, an embedded document receives untrusted content from a containing document, where the embedded document is in the containing document. In some cases, the untrusted content is received by the containing document from a server and is forwarded to the embedded document without rendering the untrusted content in the containing document. Instead, the untrusted content is rendered in the embedded document. A sandbox policy is enforced on the embedded document such that the rendered untrusted content is restricted from accessing data associated with the containing document. The untrusted content may comprise malicious code that when rendered executes an XXS attack that attempts to access the data associated with the containing document. However, because the untrusted content is rendered in the embedded document, the malicious code may be denied access to the data, thereby preventing the XSS attack from succeeding. | 2016-05-19 |
20160142420 | METHOD AND SYSTEM FOR DYNAMICALLY CONTROLLING A REMOTE TERMINAL BASED ON RUNTIME AUTHORIZATION AND RULES - A content validation server is provided. The server can include at least one processor and a memory operatively coupled to the processor, the memory storing program instructions that when executed by the processor, causes the processor to perform a number of processes. These processes can include receiving a uniform resource locator from a client device and generating a recommendation for the uniform resource locator. In addition, the processes can include providing the recommendation to an administrator device and receiving a response from the administrator device based on the recommendation. The processes can also include allowing or denying access to the uniform resource locator for the client device based on the response. | 2016-05-19 |
20160142421 | VALIDITY CONTROL SYSTEM, TERMINAL DEVICE, AND METHOD - The validity/invalidity of a credit card, an IC card storing electronic money, or the like is appropriately determined based on a blacklist. A terminal device includes a list storage means and an invalidity recording means. The list storage means stores an identifier, validity information indicating validity or invalidity, and a blacklist that relates the identifier to an invalidity count specification value for a recording medium storing a set value. The invalidity recording means reads from the blacklist, the invalidity count specification value related to the identifier read from the recording medium, and compares the invalidity count specification value with the set value read from the recording medium. The invalidity recording means executes predetermined processing based on the validity information for the recording medium when the set value is equal to the invalidity count specification value. | 2016-05-19 |
20160142422 | SYSTEM FOR CROSS-HOST, MULTI-THREAD SESSION ALIGNMENT - A method of detecting aberrant behavior in a software application is described. The method includes instantiating replicated applications on computing devices using identical initial setting. Each replicated application is a replicated instance of the software application. Information associated with a first API call from the first replicated application, and information associated with a second API call from the second replicated application is received. The information includes a call identifier of the API call and a digest. The call identifier is unique during the lifetime of the replicated application issuing it and is identical across the replicated applications. If the first and second call identifiers are identical, the method determines whether the first and second digests match. The method also includes, in response to the first and second digests not matching, signaling that aberrant behavior has occurred. Apparatus and computer readable media are also described. | 2016-05-19 |
20160142423 | ENDPOINT TRAFFIC PROFILING FOR EARLY DETECTION OF MALWARE SPREAD - According to one exemplary embodiment, a method for detecting malware in a network stream to at least one host computer is provided. The method may include initializing a browser profile corresponding with a first website having a first website source and a first plurality of content features. The method may include recording the first plurality of content features and a trusted source based on the first website source. The method may include scanning the network stream for a second content feature within a second plurality of content features associated with a second website. The method may include determining if the second content feature matches a first content feature. The method may include determining if the second plurality of content features is consistent with the first plurality of content features. The method may include determining if a second website source matches the trusted source. The method may include generating an alert. | 2016-05-19 |
20160142424 | SYSTEM AND METHOD THEREOF FOR IDENTIFYING AND RESPONDING TO SECURITY INCIDENTS BASED ON PREEMPTIVE FORENSICS - A system is connected to a plurality of user devices coupled to an enterprise's network. The system continuously collects, stores, and analyzes forensic data related to the enterprise's network. Based on the analysis, the system is able to determine normal behavior of the network and portions thereof and thereby identify abnormal behaviors within the network. Upon identification of an abnormal behavior, the system determines whether the abnormal behavior relates to a security incident. Upon determining a security incident in any portion of the enterprise's network, the system extracts forensic data respective of the security incident and enables further assessment of the security incident as well as identification of the source of the security incident. The system provides real-time damage assessment respective of the security incident as well as the security incident's attributions. | 2016-05-19 |
20160142425 | ANTI-MALWARE DETECTION AND REMOVAL SYSTEMS AND METHODS - An anti-malware system including at least one database, remote from a plurality of computers to be protected, which stores identification of computer applications resident on the computers to be protected and an application-specific communications footprint for the computer applications, and at least one server, remote from the plurality of computers to be protected, and being operative to calculate a reference computer-specific communications composite pattern based on multiple application-specific communications footprints for applications installed on the computers to be protected, calculate a current computer-specific communications composite pattern based on actual communications of at least one the plurality of computers to be protected, and provide an alert when the current computer-specific communications composite pattern of the at least one of the plurality of computers to be protected differs from the reference computer-specific communications composite pattern of the at least one of the plurality of computers to be protected. | 2016-05-19 |
20160142426 | ENDPOINT TRAFFIC PROFILING FOR EARLY DETECTION OF MALWARE SPREAD - According to one exemplary embodiment, a method for detecting malware in a network stream to at least one host computer is provided. The method may include initializing a browser profile corresponding with a first website having a first website source and a first plurality of content features. The method may include recording the first plurality of content features and a trusted source based on the first website source. The method may include scanning the network stream for a second content feature within a second plurality of content features associated with a second website. The method may include determining if the second content feature matches a first content feature. The method may include determining if the second plurality of content features is consistent with the first plurality of content features. The method may include determining if a second website source matches the trusted source. The method may include generating an alert. | 2016-05-19 |
20160142427 | SECURITY ENHANCEMENTS FOR A SOFTWARE-DEFINED NETWORK WITH NETWORK FUNCTIONS VIRTUALIZATION - A communication network can be constructed to support software-defined networking (SDN) protocols and network functions virtualization (NFV) protocols. Such a communication network can advantageously be operated at lower costs, increased flexibility and control, and with simplified management to name but a few. In addition to these advantages, various networking security aspects can be enhanced by leveraging the SDN/NFV architecture. | 2016-05-19 |
20160142428 | SYSTEM AND METHOD FOR IDENTIFYING INTERNET ATTACKS - A system and a method that employs such system to detect and counteract Internet attacks of Man-in-the-Browser and/or Man-in-the-Middle type are disclosed. The system comprises a Traffic Inspector in signal communication with a client computer having a Web browser residing therein for Internet browsing and with a Web server having a Web application residing therein. The Traffic Inspector is configured to receive a request associated with the Web application from the Web browser and to send it to the Web browser, the Traffic Inspector is configured to receive a DOM server code associated with the request from the Web server. The system is characterized in that it comprises a Traffic Analyzer in signal communication with the Traffic Inspector and having an algorithm application residing therein, the Traffic Inspector is configured to add a default code portion to the DOM server code to thereby generate a DOM client code to be sent to the Web browser to receive a DOM rendered code associated with the DOM client code, the Traffic Inspector is configured to send the DOM client code and the DOM rendered code to the Traffic Analyzer, the algorithm application is configured to process the DOM rendered code to compare it with the DOM client code, to thereby identify at least one code difference. | 2016-05-19 |
20160142429 | PREVENTING ACCESS TO MALICIOUS CONTENT - System and techniques for preventing access to malicious websites are described herein. A communication message containing content may be received. A query may be generated based on the content of the communication message. The query may be executed against a database of known malicious content items and a score may be generated based on similarity of the content of the communication message to one or more of the known malicious content items. It may be determined whether to block the communication message based on the score relative to a predetermined threshold. | 2016-05-19 |
20160142430 | Data Resource Anomaly Detection - Anomaly detection is provided. A first component of a first data resource of a plurality of data resources is identified. Each data resource of the plurality of data resources includes one or more components. A score of the first component is determined based, at least in part, on underlying data of the first component and underlying data of one or more other components of data resources of the plurality of data resources that correspond to the first component. An interest level of the first data resource is determined. A relationship between the score of the first component and the interest level of the first data resource is modeled. | 2016-05-19 |
20160142431 | SESSION PROCESSING METHOD AND DEVICE, SERVER AND STORAGE MEDIUM - A method for processing session and a device thereof, a server and a storage medium are provided. The method includes: capturing packets sent from a client associated with the session; reconstituting a packet flow of the session from the captured packets based on quintets of the packets, wherein the quintet comprises a source address, a destination address, a source port, a destination port and a protocol number of the packet; extracting a behavior attribute of the client from the packet flow; determining that the behavior attribute of the client is beyond a baseline; and interrupting the session with the client. | 2016-05-19 |
20160142432 | RESOURCE CLASSIFICATION USING RESOURCE REQUESTS - In one implementation, a resource classification system identifies a plurality of resource requests and generates a plurality of resource access measures based on the plurality of resource requests. Each resource request from the plurality of resource requests is associated with a resource from a plurality of resources by a resource identifier of that resource. Each resource access measure from the plurality of resource access measures is associated with a resource from the plurality of resources. The resource classification system applies a classifier to each resource access measure from the plurality of resource access measures to generate a classification result for the resource from the plurality of resources associated with that resource access measure, and assign a security classification to each resource from the plurality of resources based on the classification result for that resource. | 2016-05-19 |
20160142433 | INFORMATION ASSESSMENT SYSTEM, INFORMATION ASSESSMENT APPARATUS, AND INFORMATION ASSESSMENT METHOD - An information assessment system includes: an information management apparatus; and an information assessment apparatus connected to an information device via a first network and connected to the information management apparatus via a second network. The information management apparatus includes: an acquisition unit configured to acquire information about a setting state of the information device, an assessment processing unit configured to assess setting contents of the information device based on the acquired information and generate assessment result information, and a transmitting unit configured to transmit the assessment result information to the information management apparatus. The information management apparatus includes: a receiving unit configured to receive the assessment result information from the information assessment apparatus; and an output unit configured to output assessment-result output information containing findings on setting contents in a management area, in which the information device is arranged, based on the received assessment result information. | 2016-05-19 |
20160142434 | AUTOMATED SECURITY TESTING - A method of automated security testing includes recording a macro. The recorded macro is played and a web request is intercepted while playing the macro. The web request may be attacked and sent to a web server. A response from the web server based on the web request is received, and the response of the web server is processed to determine any vulnerabilities. | 2016-05-19 |
20160142435 | SYSTEMS AND METHODS FOR DETECTION OF ANOMALOUS NETWORK BEHAVIOR - There is provided a computer implemented method for detecting anomalous behavior in a network, comprising: receiving data representing at least one network activity, each network activity representing a certain data access event involving certain network entities; extracting from the data the certain network entities involved in the respective network activity; retrieving at least one relevant diversity value from a network behavior model based on the extracted certain network entities, wherein the network behavior model includes at least one diversity value, wherein each respective diversity value represents a certain relationship between at least one network entity and at least one network entity type; calculating an abnormality score for the received network activity based on the retrieved relevant diversity values; and classifying the network activity as anomalous or normal based on the calculated abnormality score. | 2016-05-19 |
20160142436 | METHODS, NODES AND COMPUTER PROGRAMS FOR REDUCTION OF UNDESIRED ENERGY CONSUMPTION OF A SERVER NODE - A method, computer program and a server node ( | 2016-05-19 |
20160142437 | METHOD AND SYSTEM FOR PREVENTING INJECTION-TYPE ATTACKS IN A WEB BASED OPERATING SYSTEM - A method for detecting a malicious code which is injected into the command stream of a widget running by a web-based OS at a device is disclosed. The method requires (a) analyzing the widget at an App-Store to determine first invariant data; (b) recording within a metadata file first invariant data; (c) associating said metadata file with said widget, and supplying said widget within a user device; (d) upon running said widget, activating a monitoring module, analyzing the running widget and determining by said module a second invariants data, and comparing respectively said second determined invariant data with said first determined invariants data; and (e) issuing an alert upon detection of a variation above a predefined value between said second determined invariant data and said first determined invariant data, respectively. | 2016-05-19 |
20160142438 | METHOD OF IDENTIFYING AND COUNTERACTING INTERNET ATTACKS - The present disclosure relates to a method of identifying and counteracting Internet attacks, of Man-in-the-Browser and/or Man-in-the-Middle and/or Bot attack types, comprising the steps of: generating a request by a Web browser, concerning a Web application residing in a Web server; sending the request by the Web browser to a box server, which is in signal communication with the Web server; receiving a server DOM code by the box server, which code has been automatically generated by the Web server according to the request; sending a service page code by the box server to the Web browser, in response to the request, the service page code comprising an obfuscated and polymorphic javascript code and/or HTML code; receiving and processing the javascript code and/or HTML code, by the Web browser, to automatically generate an asynchronous request, such that environment data of the Web server may be transmitted to the box server; processing the environment data by the box server, to identify Internet attacks; performing an encryption function on the server DOM code by the box server to generate an obfuscated DOM code, and sending the obfuscated DOM code to the Web browser in response to the asynchronous request; performing a decryption function on the obfuscated DOM code by the service page code, to obtain the server DOM code; rendering the server DOM code by the Web browser. | 2016-05-19 |
20160142439 | METHODS AND SYSTEMS FOR PHISHING DETECTION - A method of determining a probability that a received email comprises a phishing attempt may comprise analyzing a link therein to determine whether the link comprises a phishing attempt. This determination may comprise comparing features of the link with records stored in a remote database to determine whether the link comprises a phishing attempt. It may be determined that the link comprises a phishing attempt if there is a match. If the compared features do not match the records stored in the remote database, a multi-dimensional input vector may be built from features of the link, which input vector may then be input into a phishing probability engine. The probability that the link comprises a phishing attempt may be computed by the phishing probability engine. Thereafter, the received email may be acted upon according to the computed probability that the link comprises a phishing attempt. | 2016-05-19 |
20160142440 | Method and Apparatus for Decryption of Encrypted SSL Data from Packet Traces - A system for decrypts encrypted Secure Sockets Layer (SSL) data from packet traces without using private keys or a proxy. Decryption of encrypted SSL data is accomplished by intercepting a session key associated with a communication session transmitted from a user device to a server during handshaking between the user device and the server. The session key is then used to decrypt packet level traces of the communication session. The decrypted packet level traces are then used to measure traffic. | 2016-05-19 |
20160142441 | CENTRALIZED OPERATION MANAGEMENT - A novel security framework that is part of an operating system of a device is provided. The framework includes a security assessor that performs security policy assessments for different operations that need to be performed with respect to an application executing on the device. Examples of such operations include the installation of the application, execution of the application, and the opening of content files (e.g., opening of documents) by the application. | 2016-05-19 |
20160142442 | System and Method for Intelligent State Management - A method is provided in one example embodiment and it includes receiving a state request and determining whether a state exists in a translation dictionary for the state request. The method further includes reproducing the state if it is not in the dictionary and adding a new state to the dictionary. In more specific embodiments, the method includes compiling a rule, based on the state, into a given state table. The rule affects data management for one or more documents that satisfy the rule. In yet other embodiments, the method includes determining that the state represents a final state such that a descriptor is added to the state. In one example, if the state is not referenced in the algorithm, then the state is released. If the state is referenced in the algorithm, then the state is replaced with the new state. | 2016-05-19 |
20160142443 | PERSONAL DEVICE NETWORK FOR USER IDENTIFICATION AND AUTHENTICATION - Established user habits in carrying multiple wirelessly detectable devices are used to provide or substantiate authentication. In some embodiments, simply detecting that expected devices are co-located within a limited spatial region is sufficient to establish that the devices are being carried by a single individual. In other embodiments, particularly where the potential for spoofing by multiple individuals is a concern, single-user possession of the devices may be confirmed by various corroborative techniques. This approach affords convenience to users, who may be working at a device that lacks the necessary modality (e.g., a fingerprint or vein reader) for strong authentication. | 2016-05-19 |
20160142444 | AUTHENTICATION POLICY USAGE FOR AUTHENTICATING A USER - A processor ascertains that a user is authorized to access a federated computing environment that includes at least two servers, which includes determining that input authentication information previously received from the user by a first server of the at least two conforms to at least one rule of an authentication policy of a second server having a highest relative priority among servers of the at least two servers whose authentication policy's at least one rule, in an authentication policy table within the first server, is conformed to by the received input authentication information. The authentication policy table within the first server includes (i) an authentication policy of each server of the at least two servers and (ii) a relative priority of each server in order of decreasing number of users registered in an authentication system of each server. | 2016-05-19 |
20160142445 | METHODS AND DEVICES FOR ANALYZING USER PRIVACY BASED ON A USER'S ONLINE PRESENCE - A method, non-transitory computer readable medium, and policy rating server device that receives a request from a client computing device for one or more privacy ratings. The request identifies at least one application, such as an application installed on the client computing device for example. A policy associated with the identified application is obtained. The obtained policy is analyzed to identify a plurality of key words or phrases associated with use by the at least one application of functionality of, or personal information stored on, the client computing device. One or more privacy ratings are generated based on numerical values assigned to each of the identified key words or phrases. The generated one or more privacy ratings are output to the client computing device in response to the request. | 2016-05-19 |
20160142446 | SYSTEM AND METHOD FOR INTEGRATING SESSION INITIATION PROTOCOL COMMUNICATION IN A TELECOMMUNICATIONS PLATFORM - A system and method for facilitating signaling and media communication at a communication platform that includes receiving a communication request to a resource, wherein the communication request specifies a destination endpoint; establishing signaling and media communication in a session with the destination endpoint of the communication request; registering a callback resource to a signaling event of the session; monitoring signaling messages of the session; detecting the signaling event in the signaling messages of the session; and triggering the callback resource upon detecting the signaling event. | 2016-05-19 |
20160142447 | Telecommunications Network Call Control - Telecommunications network components configured to manage call control of a communication session of user equipment are described herein. An anchoring network device may proxy signaling traffic for the communication session. The anchoring network device may determine a routing identifier based at least in part on which access network, or which type of access network, is carrying the communication session, and may transmit state information of the communication session to a call-control server in association with the routing identifier. The call-control server may provide control information of the communication session to the anchoring network device in response to the state information. The anchoring network device may modify the communication session, e.g., by adding or dropping one or more parties, in response to the control information. The routing identifier may be determined based at least in part on capabilities of a communication session indicated in a session-initiation message. | 2016-05-19 |
20160142448 | Methods and Systems to Assess an Ability to Playback Media Content - The present disclosure includes methods and systems to assess an ability to playback media content. The system progresses through media content playback applications by communicating a query to a computer system over a computer network. The progressing is used to assess an ability of the computer system to playback media content locally. Next, the system, receives a response to the query. The response indicates an ability of the computer system to playback the media content locally. | 2016-05-19 |
20160142449 | COMMUNICATION EXCHANGES AND METHODS OF USE THEREOF - An exemplary specifically programmed electronic communications exchange which includes at least the following specifically programmed components: a specifically programmed computer processor that is configured to at least perform, in real-time, the following: causing, via a computer network, to display a company personalized communications set-up graphical user interface configured to allow a representative of a company to dynamically define a plurality of company communications attributes; causing, via the computer network, to display a consumer communications set-up graphical user interface configured to allow a consumer to dynamically define a plurality of consumer communications preference attributes; automatically matching the company to the consumer based at least in part on: the plurality of company communications attributes and the plurality of consumer communications preference attributes; and automatically and electronically delivering a plurality of electronic communications, from or on behalf of the company, to the consumer. | 2016-05-19 |
20160142450 | SYSTEM AND INTERFACE FOR DISTRIBUTED REMOTE COLLABORATION THROUGH MOBILE WORKSPACES - A system and method include a mobile workspace coupled to a communications network. The method includes providing a mobile workspace on a server, wherein the server is coupled to a communications network; providing a user interface including: two or more selectable media tools for communicating on the workspace, and one or more contacts, wherein the one or more contacts are selectable to participate in a synchronized communication session with a user on the mobile workspace. One or more contacts are selected to participate in the communication session with the user on the workspace. The one or more selected contacts are synchronized with the user on the mobile workspace, wherein each of the synchronized selected contacts and the synchronized user accesses the mobile workspace. The content is provided to the mobile workspace; and the content is stored to the mobile workspace on the server. Numerous other aspects are provided. | 2016-05-19 |
20160142451 | ONLINE MEETING COMPUTER WITH IMPROVED NOISE MANAGEMENT LOGIC - In an embodiment, a method for calculating a noise index value for a digital audio source in a server computer system that is coupled to a plurality of audio sources and configured to operate a teleconference among the plurality of digital audio sources comprises receiving a first digital audio signal from the digital audio source of the one or more digital sources. Using the server computer system, the process identifies two or more types of sounds that are represented in the first digital audio source. The types of sounds identified include at least two of: one or more human voices; a background noise; or an actionable sound that mandates further action. Using a server computer system, calculating the noise index value based upon the types of sounds identified from the first digital audio signal. The noise index value represents a summation of relative magnitudes particular types of sounds that has been identified in the first digital audio signal in relation to other types of sounds that have been identified in the first digital audio signal. The process then visually presents the noise index value to one or more client computers of the one or more digital audio sources in a user interface screen display of an audio conference manager that the one or more client computers execute. | 2016-05-19 |
20160142452 | MANAGING DATA COMMUNICATIONS BASED ON PHONE CALLS BETWEEN MOBILE COMPUTING DEVICES - An example method comprises receiving, by at least one computing device, a first notification from a first mobile computing device and a second notification from a second mobile computing device. The method may further comprise determining, based at least in part on a comparison of the first notification to the second notification, that the first mobile computing device has initiated a phone call with the second mobile computing device. The method may additionally comprise responsive to determining that the first mobile computing device has initiated the phone call with the second mobile computing device, sending, a first message to the first mobile computing device using a first data connection, and sending, a second message to the second mobile computing using a second data connection, wherein the first message and the second messages each indicate that the first and second mobile computing devices are able to exchange application data. | 2016-05-19 |
20160142453 | FEATURES AND OPTIMIZATIONS FOR PERSONAL COMMUNICATION DEVICE BASED PUBLIC ADDRESSING SYSTEM - Systems and methods are described herein, a method including, but not limited to, receiving, by a client, audio data and uplink data simultaneously from one of a plurality of Personal Communication Devices (PCDs) connected to the client. The uplink data includes at least one of device information and session identifier. The client sends downlink data to each of the plurality of PCDs based on the uplink data. The client further sends the audio data to the PA system for sounding. | 2016-05-19 |
20160142454 | MULTI-CHANNEL AUDIO ALIGNMENT SCHEMES - Multi-channel audio alignment schemes are disclosed. One aspect of the present disclosure provides for accumulation of audio samples across multiple related audio channels at an audio source. Related audio channels indicate their interrelatedness, and when all the related audio channels have data to transmit, the source releases the data onto the time slots of the Serial Low-power Inter-chip Media Bus (SLIMbus), such that the related audio channels are within a given segment window of the time slot. This accumulation is repeated at the boundary of every segment window. Similarly, accumulation may be performed at the audio sink. Components within the audio sink may only read received data if status signals from all related sinks indicate that predefined thresholds have been reached. By providing such accumulation options, audio fidelity is maintained across multiple audio data channels. | 2016-05-19 |
20160142455 | MULTI-CHANNEL AUDIO ALIGNMENT SCHEMES - Multi-channel audio alignment schemes are disclosed. One aspect of the present disclosure provides for accumulation of audio samples across multiple related audio channels at an audio source. Related audio channels indicate their interrelatedness, and when all the related audio channels have data to transmit, the source releases the data onto the time slots of the Serial Low-power Inter-chip Media Bus (SLIMbus), such that the related audio channels are within a given segment window of the time slot. This accumulation is repeated at the boundary of every segment window. Similarly, accumulation may be performed at the audio sink. Components within the audio sink may only read received data if status signals from all related sinks indicate that predefined thresholds have been reached. By providing such accumulation options, audio fidelity is maintained across multiple audio data channels. | 2016-05-19 |
20160142456 | Method and Device for Acquiring Media File - A method and device for acquiring a media file. The method includes receiving an acquiring instruction, where the acquiring instruction instructs to acquire a media file, and multiple cue points are preset in the media file; acquiring, according to the acquiring instruction, one or more cue points from the multiple cue points preset in the media file; determining cue point data, corresponding to the one or more cue points, in the media file; and downloading the cue point data, where the cue point data is used to present a segment of content of the media file, so that a user determines whether to acquire all or a part of data of the media file. | 2016-05-19 |
20160142457 | CONTENT DISTRIBUTION SYSTEM AND METHOD - There are described methods and systems for distributing content in a network, in particular a multicast network. One method includes delivering content from a source to a destination in a content delivery network. A request for an item of content is received and a first multicast stream is identified or established, the first multicast stream comprising a first copy of the content. At least one second multicast stream is also identified or established, the second stream comprising a second copy of the content. The second copy of the content is time-shifted by a time, M, from corresponding portions of the first copy of the content. The content is then delivered to the destination using both the first and the second multicast streams. | 2016-05-19 |
20160142458 | METHOD AND DEVICE FOR DATA STREAMING IN A MOBILE COMMUNICATION SYSTEM - Interfacing between radio units in a base station in a mobile communication system uses a common public radio interface CPRI for streaming IQ data samples arranged in lanes. A separate serial interface sRIO is now additionally used for transferring selected data samples arranged in packets, the selected samples corresponding to selected lanes streamed between other radio units via the common public radio interface. In the radio unit, the selected data samples are arranged in packets to be transmitted via the serial interface, and, vice versa, the selected data samples arranged in packets received via the serial interface are arranged in lanes. A system timer coupled to the CPRI generates a timebase for controlling the sRIO interface in order to have it synchronized. Advantageously the data sample transfer capacity of the streaming CPRI interface is extended using the packet based serial interface. | 2016-05-19 |
20160142459 | CONTROLLING MP3 PLAYER - A computer system for implementing a method for communicating an audio message file from a computing device to an audio player device. The computer system includes the computing device, the audio player device, and one or more computer readable hardware storage devices containing program instructions which upon being executed on both the computing device and the audio player device, implement the method. An audio message file is generated by the computing device and sent to the audio player device. In response to receipt of the audio message file, the audio player device halts play of a song or other audio content that was being played by the audio player device at a time of receipt of the audio message file, and plays the audio message file. | 2016-05-19 |
20160142460 | DISTRIBUTED ON-DEMAND MEDIA TRANSCODING SYSTEM AND METHOD - A method for delivering media content over a network includes transcoding the media content to generate multiple copies of the media content, each of the multiple copies having a different destination type or a different source type or both, storing the multiple copies in a cache, receiving requests for the media content, and selecting and delivering a copy of one of the multiple copies in response to each of the requests. A further method for providing media content transcoding services includes fetching media content, selecting one of multiple transcoders for transcoding from multiple source types to multiple destination types, wherein the one transcoder is selected based at least on the destination type, sending the media content to the selected transcoder, transcoding the media content to the destination type, thereby generating transcoded media content, and transmitting the transcoded media content. | 2016-05-19 |
20160142461 | Method and device for transmission of multimedia data - The present disclosure discloses a method for transmission of multimedia data, which includes: converting analogue multimedia data received from a terminal to digital multimedia data; separating the digital multimedia data into digital audio data and digital video data, and converting coding format of the digital video data; compressing the digital audio data and the digital video data in converted thecoding format respectively, converting protocol format of the compressed digital audio data and of the compressed digital video data respectively, and sending the resulting digital audio data and the resulting digital video data to a network. The present disclosure further discloses a device for transmission of multimedia data. With the technical solutions of the present disclosure, both video data and audio data may be transmitted, and the transmission rate of multimedia data may be increased efficiently. | 2016-05-19 |
20160142462 | Displaying Identities of Online Conference Participants at a Multi-Participant Location - Techniques are presented herein to visually display who is speaking when an online conference session is established involving participants at multiple locations. When it is determined that there are multiple participants of the online conference session at a first location at which one or more microphones can detect audio from the multiple participants, a visual indicator of the first location is generated for display to the participants in the online conference session. In addition, in a predetermined relationship with the visual indicator of the first location, identifiers of the multiple participants at the first location are generated that can also be displayed to the participants in the online conference session. | 2016-05-19 |
20160142463 | SYSTEM FOR MONITORING CONVERSATIONAL AUDIO CALL QUALITY - A method, a computer program product, and a computer system for monitoring conversational audio quality of Voice over Internet Protocol (VoIP) are provided. A monitoring system determines a size of an audio file and an available bandwidth. The monitoring system predicts time of receiving the audio file, based on the size and the bandwidth. The monitoring system determines whether the time of receiving the audio file exceeds a monitoring timer interval by a certain threshold. The monitoring system uses an intrusive testing method for monitoring call quality, in response to determining that the time of receiving the audio file exceeds the monitoring timer interval by the certain threshold. | 2016-05-19 |
20160142464 | SYSTEM FOR MONITORING CONVERSATIONAL AUDIO CALL QUALITY - A method, a computer program product, and a computer system for monitoring conversational audio quality of Voice over Internet Protocol (VoIP) are provided. A monitoring system determines a size of an audio file and an available bandwidth. The monitoring system predicts time of receiving the audio file, based on the size and the bandwidth. The monitoring system determines whether the time of receiving the audio file exceeds a monitoring timer interval by a certain threshold. The monitoring system uses an intrusive testing method for monitoring call quality, in response to determining that the time of receiving the audio file exceeds the monitoring timer interval by the certain threshold. | 2016-05-19 |
20160142465 | SYSTEM AND METHOD FOR GENERATING VISUAL IDENTIFIERS FROM USER INPUT ASSOCIATED WITH PERCEIVED STIMULI - The present invention generally relates to systems for generating visual identifiers. In particular, the systems and methods herein are configured to generate visual identifiers for representing user response to stimuli. In a preferred embodiment, visual identifiers are generated from primary colors or shapes, wherein the primary colors and/or shapes can be blended or modified based on strength/weakness of the stimuli experienced by a user or across a plurality of users. Preferred embodiments of the invention are further configured to receive text or other non-visual identifier from a user in order to describe the response the user has to a stimuli; wherein the associated system is configured to convert the described response into an appropriate visual identifier. | 2016-05-19 |
20160142466 | OUTPUT FUNCTION DIVIDING SYSTEM - A Web browser capable of providing an equivalent quality of user experience to a user even with respect to access of devices differing in processing performance. The web browsing system comprises a Web browser function which is divided between a browsing client unit and a browsing server unit, wherein the browsing client unit notifies a content input to the user terminal to the browsing server unit and displays a Web page on a user terminal by using information supplied from the browsing server unit, and wherein the browsing server unit supplies information necessary for displaying the Web page to the user terminal to the browsing client unit according to the content input to the user terminal notified from the browsing client unit. | 2016-05-19 |
20160142467 | COMMUNICATION METHOD, ELECTRONIC DEVICE AND STORAGE MEDIUM - Provided is a communication method of an electronic device, including executing a web browser, requesting registration in an IP multimedia core network subsystem (IMS) using a first client associated with the web browser, and displaying, in a part of the web browser using the first client, information associated with a network to which the electronic device is connected. | 2016-05-19 |
20160142468 | SYSTEM AND METHOD FOR PROVIDING CLOUD BASED USER INTERFACES - Provided is a method and system for providing cloud based user interface (UIs) that may store video content and a UI resource in a storage separate from a server, and may control the video content and the UI resource to be synthesized at a subscriber terminal device, thereby significantly decreasing load of a UIs providing server. The method and system for providing cloud based UIs may provide consistent UIs to various set-top boxes and media devices and may easily perform a change and a test of UIs. | 2016-05-19 |
20160142469 | SYSTEM AND METHOD FOR TRANSFERRING STATES BETWEEN ELECTRONIC DEVICES - In various example embodiments, a system and method for transferring the state of a first device to a second device are disclosed. An instruction to transfer a state of a first device to a second device is received. In response, information related to the state of the first device is packaged into a file. A type of connection to be used to transfer the state of the device is determined based on the connections available to the first device and the second device. The file containing the information of the state of the first device is transferred to the second device using the connection type. The file, when processed by the second device, causes the second device to reproduce the state of the first device. | 2016-05-19 |
20160142470 | MANAGING FILE TRANSFER COMMANDS - A method of and system for managing file transfer commands to a remote system is disclosed. The method and system may include establishing a first defined file transfer command having a first group identifier. The first defined file transfer command may be configured to pull data from the remote system. The method and system may include establishing a second defined file transfer command having a second group identifier. The second defined file transfer command may be configured to at least one of delete data of the remote system and push data to the remote system. The method and system may include performing the first defined file transfer command after performing the second defined file transfer command when the first group identifier and the second group identifier match. | 2016-05-19 |
20160142471 | SYSTEMS AND METHODS FOR FACILITATING COLLABORATION AMONG MULTIPLE COMPUTING DEVICES AND AN INTERACTIVE DISPLAY DEVICE - Systems, devices, and methods are provided for providing interactive collaboration among computing devices. In some aspects, an interactive display device can display a graphical interface corresponding to a shared workspace. The interactive display device can communicate with multiple computing devices, each computing device associated with a virtual position. A processing device of the interactive display device can update the graphical interface to depict the respective virtual positions associated with each computing device. For each computing device, the interactive display device can also provide access to a respective portion of the shared workspace indicated by the respective virtual position associated with the computing devices. The processing device can trigger an action on the interactive display device based on determining that a subset of computing devices have performed a threshold activity. | 2016-05-19 |
20160142472 | SYSTEM, METHOD, AND MEDIUM - A system that includes circuitry configured to receive a plurality of pieces of data; store, for each of the plurality of pieces of data in a first memory area, a first identifier and associated node information identifying a node that processes associated piece of data; delete one of the first identifiers from the first memory area in a case that a number of first identifiers stored in the first memory area reaches a threshold; generate a second identifier based on deleted first identifier by applying a predetermined calculation on the deleted first identifier, the second identifier being shorter than the first identifier; store, in a second memory area, the second identifier and the associated node information; cause a node, associated with one of the first identifier and the second identifier stored in one of the first and second memory area, to process one of the plurality of pieces of data. | 2016-05-19 |
20160142473 | E-book Share Server, the method and the program - The present invention is to allow a user for the secondary use of the electronic book according to the use act previously permitted by the copyright holder of the electronic book. | 2016-05-19 |