21st week of 2021 patent applcation highlights part 68 |
Patent application number | Title | Published |
20210160135 | COMPARING PROTOCOLS OF MEDICAL IMAGING DEVICES - A computer-implemented method is for comparing protocols. In an embodiment, the computer-implemented method includes first receipt of a first protocol relating to a performance of a measurement at a first medical device, including a plurality of first protocol steps; and second receipt of a second protocol relating to a performance of a measurement at a second medical device. The computer-implemented method further includes determination of a plurality of arrangements of the first protocol steps; determination of a plurality of comparison values, each of the comparison values being based on a comparison of the second protocol with one of the arrangements of the first protocol steps; determination of an agreement value based upon the plurality of comparison values; and provision of the agreement value. | 2021-05-27 |
20210160136 | RECONFIGURATION METHOD AND TERMINAL - Provided in the present disclosure is a redistribution method and terminal, which solve the problem of the transmission currently carried out by a UE needing to be stopped during the process of re-establishing an RRC connection. The processing method of the present disclosure comprises: when the wireless connection between a terminal and a master node (MN) is lost, reporting an MN wireless connection lost indication to a secondary node (SN); if an RRC redistribution message is received before a target timer times out, carrying out redistribution processing according to said RRC redistribution message. | 2021-05-27 |
20210160137 | COMPUTING AND IMPLEMENTING A REMAINING AVAILABLE BUDGET IN A CLOUD BURSTING ENVIRONMENT - Calculating a remaining budget in a cloud bursting environment, by a processor. Within a particular time window, a first cost is computed of allocated and released cloud hosts. A second cost is computed of the cloud hosts that are allocated and not yet released. A remaining budget is computed as a difference between a budget limit and a sum of the first cost and the second cost, at the current point in time. A third, estimated cost of allocated and not yet released cloud hosts; and a fourth, estimated cost of cloud host requests currently in progress are each then determined. A safe remaining budget is then computed by subtracting the third and fourth estimated costs from the remaining budget determined prior. | 2021-05-27 |
20210160138 | DYNAMIC NETWORK OF SUPERCOMPUTING RESOURCES WITH UNIFIED MANAGEMENT INTERFACE - Systems, methods, and apparatuses are disclosed for implementation and management of a network of computing clusters and interfaces. In various embodiment, a dynamic supercomputing resource marketplace system can include a cluster network having one or more interconnected computing clusters. The dynamic supercomputing resource marketplace system also can include a user interface system or an application program interface system for enabling a user to access the computing clusters. Advantageously, the dynamic supercomputing resource marketplace system can be used to facilitate increased utilization of computing clusters. | 2021-05-27 |
20210160139 | ACCELERATED NETWORK RECONNECT USING PREVIOUS CONNECTION PARAMETERS - A Wi-Fi device includes a controller coupled to a writeable memory implementing a MAC and PHY layer and to a transceiver. Connection data stored in the writeable memory includes Wi-Fi connection parameters including ≥1 router MAC level information or a most recently utilized (MRU) channel used, and IP addresses including ≥1 of an IP address of the Wi-Fi device, IP address of the MRU router, an IP address of a MRU target server, and an IP address of a network connected device. An accelerated reconnecting to a Wi-Fi network algorithm is implemented by the processor is for starting from being in a network disconnected state, establishing current connection parameters for a current Wi-Fi network connection using the Wi-Fi connection parameters for at least one MAC layer parameter for the MAC layer. | 2021-05-27 |
20210160140 | BUNDLING OF WIRED AND WIRELESS INTERFACES IN A REDUNDANT INTERFACE OF A HIGH-AVAILABILITY CLUSTER - A system may include a first node in a high-availability cluster; a second node in the high-availability cluster; a redundant interface between a network device and both the first node and the second node, wherein the redundant interface is associated with a redundancy group that designates one of the first node or the second node as a primary node in the high-availability cluster and that designates the other of the first node or the second node as a backup node in the high-availability cluster; a wireless interface of the first node, wherein the wireless interface is included in the redundant interface; and a wired interface of the second node, wherein the wired interface is included in the redundant interface. | 2021-05-27 |
20210160141 | AUTOMATIC PLACEMENT OF CLIENTS IN A DISTRIBUTED COMPUTER SYSTEM SATISFYING CONSTRAINTS - A cloud management server and method for performing automatic placement of clients in a distributed computer system uses a list of compatible clusters to select an affinity cluster to place the clients associated with an affinity constraint. As part of the placement method, a cluster that cannot satisfy any anti-affinity constraint associated with the clients and the affinity constrain is removed from the list of compatible clusters. After the affinity cluster has been selected, at least one cluster in the distributed computer system is also selected to place clients associated with an anti-affinity constraint. | 2021-05-27 |
20210160142 | GENERALIZED CORRELATION OF NETWORK RESOURCES AND ASSOCIATED DATA RECORDS IN DYNAMIC NETWORK ENVIRONMENTS - Topology information including a plurality of snapshots of a network topology associated with respective points in time for a network can be received by an apparatus. Each snapshot is represented as a graph of nodes each corresponding to a network resource and having a node identifier. The graph for each snapshot is modified by replacing nodes representing network resources having the same role in the network with a single aggregated node. Feature learning is performed based on the modified graphs representing the plurality of snapshots, and determines a feature representation for each node in the modified graphs. An identifier for each node in the plurality of snapshots is associated with the corresponding feature representation for use in the correlation of network resources. Node identifiers for nodes in the same aggregated node in a modified graph are associated with the same feature representation. | 2021-05-27 |
20210160143 | INFORMATION TECHNOLOGY (IT) TOPLOGY SOLUTIONS ACCORDING TO OPERATIONAL GOALS - Disclosed are various examples for determining an IT topology for an enterprise IT organization based on operational goals of the enterprise organization. Visual models that are designed to facilitate responses associated with the current IT topology and operational goals of an enterprise IT organization are presented to an entity of the enterprise. The entity can provide enterprise profile data to an IT solutions system by interacting with user interfaces. The IT solutions system can generate the IT topology and roadmap for implementing the IT topology based on the operational goals identified in the responses. Statements of work can be dynamically generated that outline details and terms of implementing the proposed IT topology for the enterprise IT organization. | 2021-05-27 |
20210160144 | INFORMATION TECHNOLOGY (IT) TOPOLOGY SOLUTIONS ACCORDING TO OPERATIONAL GOALS - Disclosed are various examples for determining an IT topology for an enterprise IT organization based on operational goals of the enterprise organization. Visual models that are designed to facilitate responses associated with the current IT topology and operational goals of an enterprise IT organization are displayed to an entity of the enterprise. The entity can provide enterprise profile data to an IT solutions system by interacting with user interfaces. The IT solutions system can generate the IT topology prescription and roadmap for implementing the IT topology prescription based on the operational goals identified in the responses. Statements of work can be dynamically generated that outline details and terms of implementing the IT topology prescription for the enterprise IT organization. | 2021-05-27 |
20210160145 | Discovery and Management of Devices - An embodiment includes a computational instance managing a managed network of computing devices, some communicating by proprietary protocol, and comprising a database storing representations of the computing devices and one or more sets of program logic configured to support the proprietary protocol, as well as one or more server devices configured to: receive, from an edge gateway software application, a request identifying a particular computing device on the managed network that communicates by the proprietary protocol; based on this request, select a set of the program logic configured to support the proprietary protocol; transmit a representation of the program logic, receipt of which is configured to cause the edge gateway software application to execute the set of program logic and obtain thereby configuration and state information from the particular computing device; receive, from the edge gateway software application, the configuration and state information; and store the configuration and state information. | 2021-05-27 |
20210160146 | TESTING AND MAINTAINING OUTAGE RESILIENCE OF SERVER RESOURCES - A computer-implemented method and system of testing and maintaining outage resilience of server resources of a server infrastructure by means of a hybrid simulation is presented. The server infrastructure comprises a plurality of servers executing a plurality of applications and the method comprises measuring a processor utilization for each of the servers of the server infrastructure, determining a resilience ratio of the server infrastructure by simulating the outage of at least one of the servers based on the measured processor utilization, and in response to the resilience ratio of the server infrastructure falls below a resilience threshold, initiating an assignment of additional resources for executing at least one of the plurality of applications to the server infrastructure. | 2021-05-27 |
20210160147 | MANAGEMENT DATA ANALYTICAL KPIS FOR 5G NETWORK TRAFFIC AND RESOURCE - Systems and methods of providing a management data analytics service are described. After receiving a request for a management data analytical KPI, the MDAS producer determines from which of network objects to collect the performance measurements to generate the management analytical data. The network objects include an NF, NSI, NSSI, subnetwork or the network. Performance data is collected for a past period and management analytical data generated based on the collected performance data. The KPI for a future period related to the past period is determined. The KPI is to predict uplink or downlink traffic volume or resource utilization associated with the network object. | 2021-05-27 |
20210160148 | EVENT-TRIGGERED MACHINE LEARNING FOR RARE EVENT FORECASTING IN A SOFTWARE DEFINED WIDE AREA NETWORK (SD-WAN) - In one embodiment, a service detects that an event of a particular event type has occurred in a software-defined wide area network (SD-WAN). The service activates, in response to detecting the occurrence of the event, a machine learning model to assess telemetry data regarding a first tunnel in the SD-WAN. The service predicts a failure of the first tunnel, based on the assessment of the telemetry data regarding the first tunnel by the machine learning model. The service proactively reroutes at least a subset of traffic on the first tunnel onto a second tunnel in the SD-WAN, in advance of the predicted failure of the first tunnel. | 2021-05-27 |
20210160149 | PERSONALIZED TAILORED AIR INTERFACE - Methods and devices utilizing artificial intelligence (AI) or machine learning (ML) for customization of a device specific air interface configuration in a wireless communication network are provided. An over the air information exchange to facilitate the training of one or more AI/ML modules involves the exchange of AI/ML capability information identifying whether a device supports AI/ML for optimization of the air interface. | 2021-05-27 |
20210160150 | INFORMATION PROCESSING DEVICE, INFORMATION PROCESSING METHOD, AND COMPUTER PROGRAM - [Problem] To provide an information processing device, an information processing method, and a computer program that can intuitively present a connection state between wireless appliances in a space. [Solution] An information processing device includes a control unit configured to perform control for displaying, on a display unit, a first virtual object indicating a link between a first wireless appliance and a second wireless appliance based on connection information about a connection between the first wireless appliance and the second wireless appliance, and positional information of the first wireless appliance and positional information of the second wireless appliance. | 2021-05-27 |
20210160151 | SYSTEM-ON-CHIP (SoC) ASSEMBLY, CONFIGURABLE IP GENERATION AND IP INTEGRATION UTILIZING DISTRIBUTED COMPUTER SYSTEMS - An architecture-specific web-based executable specification tool maintains specification information and metadata for chip and system on a chip (SoC) design. Metadata available in the development ecosystem may be leveraged to improve the specification-to-design process. A unified, integrated environment for subsystem creation, SoC integration, and SoC specification teams is presented using a tool that comprehends SoC constructs. A modern web-based framework (not stand-alone tool) provides collaboration capabilities and allows visual representation and manipulation of data. Connection fabrics (e.g., network on a chip (NoC)) and other project-specific infrastructure can be configured and synthesized on demand and brought in to the design using the common environment. Netlists and other connectivity data can be fed into automated RTL generation processes directly, or used as a reference for implementation design teams. Reports and automated software generation satisfy the needs of the design verification and software teams. Functional and performance testing feedback loops are also provided. | 2021-05-27 |
20210160152 | Asynchronous Boosting Of State Machine Replication - An asynchronous state machine replication solution in a system of replicas includes executing multiple instances of a consensus protocol, referred to as leader-based views (LBVs) in each replica, where each replica is a leader participant in one of the LBV instances. Each replica drives a decision based on the consensus being reached among the LBV instances, rather than relying the expiration of timers and view changes to drive progress. | 2021-05-27 |
20210160153 | SLICE ASSURANCE WITHIN A MOBILE NETWORK - In general, techniques are described for slice assurance within a mobile network. In some examples, a method includes obtaining, by a slice assurance function (SAF) executed by a device, key performance indicator (KPI) values for a first slice of a plurality of slices implemented by a plurality of base stations serving a tracking area of a mobile network; determining, by the SAF, based in part on the KPI values for the first slice, a service level agreement (SLA) for the first slice has not been met; re-allocating, by the SAF in response to the determining, slice resources associated with any of the plurality of slices to compute a new slice configuration parameter for the first slice; and reconfiguring, by the SAF, at least one of the plurality of base stations to implement the new slice configuration parameter for the first slice. | 2021-05-27 |
20210160154 | DETERMINING A SERVICE IMPACT SCORE FOR A METRIC ACCORDING TO A SCOPE OF THE METRIC - A scoring platform may obtain a set of measurements associated with a service metric, wherein the service metric is associated with a service of a network. The scoring platform may determine, based on the set of measurements, an aggregation score associated with the service metric. The scoring platform may determine a scope score associated with the set of measurements, wherein the scope score is based on a quantity of units associated with the set of measurements. The scoring platform may determine a service impact score associated with the service metric based on the aggregation score and the scope score, wherein the service impact score is representative of a contributive effect associated with the service metric. The scoring platform may perform an action associated with the service impact score to permit a source of interest associated with the service metric to be detected. | 2021-05-27 |
20210160155 | PROPORTIONAL QUALITY OF SERVICE BASED ON CLIENT IMPACT ON AN OVERLOAD CONDITION - A distributed storage system monitors one or more system performance metrics and one or more client performance metrics related usage of the distributed storage system, including a read latency metric, a write latency metric, a total input/output (I/O) operations per second (IOPS) metric, a read IOPS metric, a write IOPS metric, an I/O size metric, a total bandwidth metric, a read bandwidth metric, a write bandwidth metric, a read/write ratio metric or statistical measures thereof over a period of time. When the distributed storage system is determined to be in an overload condition (e.g., when a system load value, calculated based on the performance metrics, exceeds a threshold), the distributed storage system independently throttles access to one or more components of the distributed storage system by one or more of multiple clients performing I/O operations to the distributed storage system based on their respective contribution to the overload condition. | 2021-05-27 |
20210160156 | METHOD AND DEVICE FOR EFFICIENT END-TO-END MONITORING OF MASSIVE TRANSACTIONS - A method for efficient end-to-end monitoring of massive transactions related to a monitored system including at least one web server, and at least one web application server is provided. The method includes steps of: (a) a trace information inputting device performing a process of instructing the web server and the web application server included in the monitored system to generate each of multiple pieces of individual trace information including transaction identification information and transaction sequence information; and (b) if the multiple pieces of the individual trace information, including the transaction identification information and the transaction sequence information, are acquired from the web server and the web application server, the trace information inputting device performing a process of storing the multiple pieces of the individual trace information in a trace information storing unit. | 2021-05-27 |
20210160157 | TECHNOLOGIES FOR ANNOTATING PROCESS AND USER INFORMATION FOR NETWORK FLOWS - Systems, methods, and computer-readable media for annotating process and user information for network flows. In some embodiments, a capturing agent, executing on a first device in a network, can monitor a network flow associated with the first device. The first device can be, for example, a virtual machine, a hypervisor, a server, or a network device. Next, the capturing agent can generate a control flow based on the network flow. The control flow may include metadata that describes the network flow. The capturing agent can then determine which process executing on the first device is associated with the network flow and label the control flow with this information. Finally, the capturing agent can transmit the labeled control flow to a second device, such as a collector, in the network. | 2021-05-27 |
20210160158 | SCALABLE VISUALIZATION OF HEALTH DATA FOR NETWORK DEVICES - This disclosure describes techniques that include presenting a visual information that conveys information about health data associated with a large number of network devices or a large number of attributes of one or more network devices. In one example, this disclosure describes a method that includes collecting performance indicator data and determining a plurality of health status values based on a health status rule; grouping the health status values, based on how many health status values are in the plurality of health status values, into a plurality of health status groups, wherein each of the health status groups includes a subset of the health status values, and wherein each of the health status values within each subset are related to each of the other health status values in the subset; and determining, for each of the health status groups, a group health status value. | 2021-05-27 |
20210160159 | AGGREGATION OF SELECT NETWORK TRAFFIC STATISTICS - Disclosed herein are network appliances, methods, computer-readable media, and systems for aggregating network traffic statistics in a communication network. For example, the network appliance is to receive a SYN network packet; store header information from the SYN network packet in a flow data table; for each of the data packets related to the SYN network packet, store header information of the data packets in the flow table; after a predetermined amount of time or a predetermined number of rows is reached, invoke an eviction policy on the flow data table, wherein the eviction policy removes the related data packets from the flow data table; and populate an accumulating map with the flow data table. | 2021-05-27 |
20210160160 | METHOD, SYSTEM, READABLE STORAGE MEDIUM AND DEVICE FOR CONFIGURING ADAPTIVE NETWORK PRESSURE MEASUREMENT - The disclosure provides a method, system, readable storage medium and device for configuring adaptive network pressure measurement. The c method for includes: obtaining the configuration information and attribute information of the network interfaces on the machine to be tested; performing pairing any two of the network interfaces in the linked status, so as to determine whether the two network interfaces are paired successfully, and if yes, removing the paired two network interfaces from the configuration information of the network interfaces, and continuing pairing any two of the remaining network interfaces; if not, pairing the two unpaired network interfaces separately with the remaining network interfaces to complete the pressure measurement of the network interfaces. The present disclosure performs the configuration for adaptive NIC pressure measurement according to automatic probing network deployment situation, which greatly alleviates the test engineer's work intensity and enhances the overall production and test efficiency. | 2021-05-27 |
20210160161 | PROCESSING LOCAL AREA NETWORK DIAGNOSTIC DATA - Methods and apparatus are disclosed for processing local area network diagnostic data obtained in respect of a local area network. The method includes calculating a value for each of a plurality of data units according to a predetermined function of one or more field-values stored in the data unit; identifying a first and second data unit as being similar in dependence on a comparison of their respective values, the second data unit having at least one field-value which differs from a corresponding field-value of the first data unit; in response to such an identification, creating a third data unit containing a field-value indicative of the first data unit and an indication of the at least one field-value which differs from the corresponding field-value in the first data unit; and sending the first and third data units for performance analysis at a remote network diagnostic device outside the LAN. | 2021-05-27 |
20210160162 | METHOD AND APPARATUS FOR ESTIMATING CLOUD UTILIZATION AND RECOMMENDING INSTANCE TYPE - An approach is provided for estimating cloud utilization and recommending instance type. The approach involves receiving resource usage data for an instance of an application. The instance is executed on a cloud computing infrastructure, and the resource usage relates to one or more resources of the cloud computing infrastructure. The approach also involves processing the resource usage data to calculate average and maximum usage values of the resources of the instance. The approach further involves calculating an upper usage bound and a lower usage bound between which the instance is estimated to operate based on the average and maximum usage values of the resources. The approach further involves determining a recommended instance type for instantiating the application in the cloud computing infrastructure based on the upper usage bound and the lower usage bound. The approach further involves providing the recommended instance type as an output. | 2021-05-27 |
20210160163 | Systems And Methods For Testing A Router Device - Various embodiments include computing devices and methods for testing a router device. A processor of the computing device may receive one or more Border Monitoring Protocol (BMP) messages collected from a production router. The processor may obtain header information from a header portion of the one or more BMP messages. The processor may modify an origination address in the header information to match an address of a first test network element. The processor may modify a next hop address in the header information to match an address of a second test network element. The processor may convert the one or more BMP messages including the modified header information to one or more Border Gateway Protocol (BGP) messages. The processor may send the one or more BGP messages to a router under test in the test network. | 2021-05-27 |
20210160164 | SYSTEMS AND METHODS FOR PROVIDING TRAFFIC GENERATION ON NETWORK DEVICES - A method relates to providing arbitrary and custom application traffic generation on network devices. The method includes identifying, via a network controller, an application associated with a network to yield an identified application, spinning up, by the network controller, a traffic generator in a container on a network device, wherein the traffic generator is configured to emulate traffic associated with the network device and the identified application and monitoring performance of at least one of the identified application in the network and the traffic generator on the network device. | 2021-05-27 |
20210160165 | METHOD FOR PROVIDING A LOW-LATENCY, DISTRIBUTED, MULTI-USER APPLICATION THROUGH AN EDGE CLOUD PLATFORM - The disclosure relates to an Edge Cloud Platform (ECP) and a method executed in the ECP, for providing a low-latency, distributed, multi-user application. The method comprises determining a first location of a first group of users requesting access to the multi-user application and deploying the multi-user application in a first Point of Presence (PoP) in a first Service Provider (SP) domain operative to serve the first group of users. The method comprises determining a second location of a second group of users requesting access to the multi-user application and deploying a proxy of the multi-user application in a second PoP in a second SP domain operative to serve the second group of users. The method comprises, upon determining that a Software License Agreement (SLA) exists between the first and second SPs, establishing a tunnel for linking the multi-user application and the proxy of the multi-user application, thereby providing the low-latency. | 2021-05-27 |
20210160166 | CONTAINER ROUTING ALGORITHM USING OSPF - Systems and methods for establishing routing information between software containers or other virtualized environments within a network, and providing inter-container routing between the software services operating on the network, are disclosed herein. The system utilizes an existing routing protocol such as Open Shortest Path First (OSPF) and establishes an overlay network that provides end-to-end connectivity between services of a customer operating in an Infrastructure as a Service (IaaS) network, while maintaining isolation from the traffic of other customers of the IaaS network. The system uses OSPF to learn aspects of the routes between containers in the network, and further builds a customer-specific overlay network based on IP-to-IP encapsulation of the OSPF messages. | 2021-05-27 |
20210160167 | Data Processing Method, Device, and System - A data processing method, a device, and a system, for performing different processing on data packets of varying degrees of importance in a same service flow, where the data processing method includes: A first device receiving a first data packet from a third device, where the first data packet carries transmission requirement indication information of the first data packet, where the first device is any intermediate device between a source device and a target device that correspond to the first data packet, and where the third device is a previous-hop device adjacent to the first device on a transmission path from the source device to the target device; the first device determining, based on the transmission requirement indication information of the first data packet, a processing policy corresponding to the first data packet; and the first device processing the first data packet according to the processing policy. | 2021-05-27 |
20210160168 | PATH SWITCHING METHOD AND RELATED APPARATUS - This application provides a path switching method and a related apparatus. In the path switching process, an ECMP table includes a first ECMP index of a first path group and a second ECMP index of a second path group; when all paths in the first path group have failed, a path group identifier corresponding to the first ECMP index may be changed from valid to invalid in the ECMP table, indicating that all paths in the first path group are unavailable. In this case, a path group identifier corresponding to the second ECMP index is valid, indicating that the second path group includes an available path, thereby completing switching between an active path and a standby path. In this process, only an identifier corresponding to the ECMP index needs to be updated, and therefore, the time consumed is relatively short, and the path switching delay can be effectively reduced. | 2021-05-27 |
20210160169 | MULTICAST PERFORMANCE ROUTING AND POLICY CONTROL IN SOFTWARE DEFINED WIDE AREA NETWORKS - Systems and methods provide for enabling multicast-based performance routing and policy controls for software-defined networking in a wide area network deployment including a multicast application-route policy based on sources, groups, receivers, dynamic application-route policy path selection from multicast replicators, and application-route SLA switchover across paths and multicast replicators based on SD-WAN multicast routing architecture; and dynamically selecting SD-WAN multicast replicators based on policies for replication including allowed multicast groups, geographic location, bandwidth indications, system load, and performance, and switching over dynamically across multicast replicators based real-time multicast replicator status updates. | 2021-05-27 |
20210160170 | DYNAMIC ROUTE CONFIGURATION AND LOAD BALANCING FOR EDGE GATEWAYS - Described herein are systems, methods, and software to manage communication path configurations between edge gateways in a computing environment. In at least one implementation, a controller monitors network characteristics associated with routes from a first edge gateway to a second edge gateway and determines whether a first route configuration for the first edge gateway to communicate with the second edge gateway fails to satisfy criteria based on the network characteristics. If the first route configuration fails to satisfy the criteria, the controller determines a second route configuration and applies the second route configuration for the first edge gateway to communicate with the second edge gateway. | 2021-05-27 |
20210160171 | BLOCKCHAIN-BASED VERIFIABLE INTER-DOMAIN ROUTING VALIDATION METHOD - The disclosure disclosures a blockchain-based verifiable inter-domain routing validation method, which includes: constructing a blockchain-based verifiable inter-domain routing system consisting of a verifiable inter-domain routing and a routing behavior validation subsystem; constructing, by a sender router R1, a routing behavior validation terminal of an autonomous domain to which the R1 belongs, and the routing validation blockchain system, a routing evidence and a routing evidence validation proposal, validating and endorsing the proposal, determining whether the proposal satisfies an endorsement policy, generating a routing evidence transaction, conducting consensus ordering on the transaction and updating a routing validation blockchain; and constructing, by a receiver router T, a routing behavior validation terminal of an autonomous domain to which the T belongs, and the routing validation blockchain system, a routing request validation message and retrieving whether a routing evidence corresponding to the routing request exists. | 2021-05-27 |
20210160172 | Weighted Bandwidth Allocation For Adaptive Routing - Systems and methods of routing are provided. In the system, one or more processors determine that a packet is to be transmitted to a destination. In one or more aspects of the system, the one or more processors select a next port to be used for transmitting the packet by selecting a set of ports among a plurality of ports based on a static weight configuration associated with each port. The next port may be selected from the set of ports based on a number of hops required to reach the destination from each port and based on an estimated latency from each port to the destination. The one or more processors may then route the packet through the selected next port. | 2021-05-27 |
20210160173 | FORWARDING PATH FAILURE DETECTION USING PACKET LOOP - A packet loop runs between two participating endpoint network devices, and in particular runs in the respective data planes of the endpoint devices. A probe packet is provided to the data plane of an initiating device and is forwarded to the other device to initiate the packet loop. The source and destination addresses in the probe packet are set equal to a common address. Based on the common address, entries in the respective forwarding tables of the endpoint devices are established to point to each other so that the probe packet is forwarded back and forth between the two devices thus sustaining the packet loop. A broken loop indicates a forwarding path failure at which time corrective action to be taken. | 2021-05-27 |
20210160174 | Shared risk representation in networks for troubleshooting, assignment, and propagation across layers - Shared risk representation in networks for troubleshooting, assignment, and propagation across layers includes obtaining a configuration for a format to represent shared risks in a network; assigning a value to a plurality of shared risks in the network utilizing the format and utilizing a plurality of assignment techniques including automatic assignment and manual assignment; propagating the assigned values of the plurality of shared risks across one or more layers in the network; and storing the assigned values for use in path computation in the network. | 2021-05-27 |
20210160175 | GROUP-BASED POLICIES FOR INTER-DOMAIN TRAFFIC - In one embodiment, a method includes receiving a data packet from a first host located in the first site, where the data packet may be destined to a second host located in a second site that may be different from the first site, determining that an identifier of a second group to which the second host belongs is not available at the first network apparatus, sending a request for an identifier of the second group to a second network apparatus, where the request may comprise an address of the second host, receiving a response comprising the identifier of the second group from the second network apparatus, determining that the second group is a destination group, applying one or more policies associated with the destination group to the data packet, and causing the data packet to be routed to the second host. | 2021-05-27 |
20210160176 | CONFIGURING LOGICAL NETWORK DEVICES FOR LABEL-SWITCHED NETWORKS - Techniques for configuring a logical network switch in label-switched networks are provided. In some embodiments, a first network device in a label-switched network is configured with a network address. A second network device in the label-switched network is configured with the same network address. The first network device is configured to use a set of labels for a set of virtual local area networks (VLANs). The second network device is configured to use the same set of labels for the same set of VLANs. The configured first and second network devices appear as a logical network device from the perspective of other network devices in the label-switched network. | 2021-05-27 |
20210160177 | FPGA-EFFICIENT DIRECTIONAL TWO-DIMENSIONAL ROUTER - A configurable directional 2D router for Networks on Chips (NOCs) is disclosed. The router, which may be bufferless, is designed for implementation in programmable logic in FPGAs, and achieves theoretical lower bounds on FPGA resource consumption for various applications. The router employs an FPGA router switch design that consumes only one 6-LUT or 8-input ALM logic cell per router per bit of router link width. A NOC comprising a plurality of routers may be configured as a directional 2D torus, or in diverse ways, network sizes and topologies, data widths, routing functions, performance-energy tradeoffs, and other options. The router and NOC enable feasible FPGA implementation of large integrated systems on chips, interconnecting hundreds of client cores over high bandwidth links, including compute and accelerator cores, industry standard IP cores, DRAM/HBM/HMC channels, PCI Express channels, and 10G/25G/40G/100G/400G networks. | 2021-05-27 |
20210160178 | SYSTEM CONTROLLER, NETWORK SYSTEM, AND METHOD IN NETWORK SYSTEM - To efficiently distribute data to a plurality of distribution destinations. | 2021-05-27 |
20210160179 | POLICY PLANE INTEGRATION ACROSS MULTIPLE DOMAINS - Systems, methods, and computer-readable media for interconnecting SDWANs through segment routing. A first SDWAN and a second SDWAN of a SDWAN fabric can be identified. A segment routing domain that interconnects the first SDWAN and the second SDWAN can be formed across a WAN underlay of the SDWAN fabric. Data transmission between the first SDWAN and the second SDWAN can be controlled by performing segment routing through the segment routing domain formed between the first SDWAN and the second SDWAN. | 2021-05-27 |
20210160180 | SECURE PRELOADING OF SERVERLESS FUNCTION SEQUENCES - According to one example, a method includes, with a serverless function infrastructure, associated a routing secret with a function sequence. The method further includes, with a sequence controller of the serverless function infrastructure, appending the routing secret to a header of a request to invoke a first function of the function sequence. The method further includes, with the serverless function infrastructure invoking the first function of the function sequence, in response to authenticating the routing secret in the header of the request. The method further includes, after the first function has been invoked and before the first function completes execution, with a serving controller of the serverless function infrastructure, preloading subsequent functions of the function sequence. | 2021-05-27 |
20210160181 | ARCHITECTURE FOR A NETWORK VISIBILITY SYSTEM - Aspects of the present disclosure provide a suitable architecture for a router controller which configures forwarding rules in a packet router of a network visibility system. In an embodiment, the router controller contains multiple controller blocks, with each controller block to examine a corresponding set of packets and to generate a respective set of forwarding rules for configuring the packet router. The router controller may also contain a switch to receive multiple packets and to forward to each controller block the corresponding set of packets. Each controller block may forward the respective set of forwarding rules to the switch, with the switch in turn configuring the packet router with the respective set of forwarding rules. | 2021-05-27 |
20210160182 | COMMUNICATION METHOD, COMMUNICATIONS DEVICE, AND COMMUNICATIONS SYSTEM - A communications method includes receiving, by a first provider edge (PE) device, a data packet from a second PE device and avoiding, by the first PE device, sending the data packet to the second PE device in response to determining that a source address of the data packet is the same as an address of the second PE device in an entry. The source address of the data packet is the same as the address of the second PE in the entry stored in the first PE device. A customer edge (CE) device is multi-homed to the first PE device and the second PE device in an all-active mode. The CE device is connected to the first PE device through a first connection and the second PE device through a second connection. The first connection and the second connection belonging to a same Ethernet segment. | 2021-05-27 |
20210160183 | TRANSPORT CONGESTION CONTROL OPTIMIZATION BASED ON NETWORK CONTEXT - A network device transmits data to a user equipment (UE) via a first Radio Access Network (RAN) using first Transmission Control Protocol (TCP) congestion control parameters. The network device receives a notification message indicating that the UE has moved from the first RAN to a second RAN, and modifies, responsive to receipt of the notification, the first TCP congestion control parameters to create second TCP congestion control parameters. The network device transmits data to the UE via the second RAN using the second TCP congestion control parameters. | 2021-05-27 |
20210160184 | FLOW MONITORING IN NETWORK DEVICES - Flow state information that is stored in a first memory among a plurality of memories for maintaining flow state information at a network device is updated based on packets ingressing the network device. The memories are arranged in a hierarchical arrangement in which memories at progressively higher levels of hierarchy are configured to maintain flow state information corresponding to progressively larger sets of flows processed by the network device. When it is determined that a fullness level of the first memory exceeds a first threshold, flow state information associated with at least one flow, among a first set of flows for which flow state information is currently being maintained in the first memory, is transferred from the first memory to a second memory, the second memory being at a higher hierarchical level than the first memory. A new flow is instantiated in space freed up in the first memory. | 2021-05-27 |
20210160185 | PROCESSING HIGH VOLUME NETWORK DATA - Disclosed are a system comprising a computer-readable storage medium storing at least one program, and a computer-implemented method for event messaging over a network. A subscription interface receives data indicative of a subscription request for sessionized data. An allocation module allocates a sessionizer bank linked to the subscription request. A messaging interface module provisions identifiers linked to the respective processing engines of the sessionizer bank. The messaging interface module registers the allocated sessionizer bank as available to process event messages matching the subscription request by providing the provisioned identifiers. The messaging interface module receives event messages from a producer device linked by a collection server to a selected one of the processing engines of the sessionizer bank. The selected one of the processing engine processes the received event messages in accordance with session rule data linked to the subscription request to generate sessionized data. | 2021-05-27 |
20210160186 | POLICY MAPPING METHOD AND DEVICE, AND USER EQUIPMENT - The embodiments of the disclosure provide a policy mapping method and device and user equipment (UE). The method includes that: UE maps all policies or part of policies used in a first mobile communication system to a policy used in a second mobile communication system, the policies used in the first system including at least one of an access network discovery and selection policy (ANDSP) and a UE route selection policy (URSP). | 2021-05-27 |
20210160187 | HOST DRIVEN MODEM UPLINK PACKET PRIORITIZATION - Methods, systems, and devices for wireless communications are described in which a host processor at a user equipment (UE) may packetize data for uplink transmissions from the UE and provide packets to a wireless modem of the UE for uplink transmission. The host processor may provide multiplexing and aggregation headers for the packets that include a prioritization indication, and the wireless modem may order the data packets for transmission based at least in part on the prioritization indication. In some cases, a priority for each packet is indicated in a priority field of a corresponding multiplexing and aggregation header. The wireless modem may transmit the data packets based on the ordering, to provide higher priority packets ahead of lower priority packets to a receiver. Additionally, data packets may be further ordered based on tuple information associated with the data packets. | 2021-05-27 |
20210160188 | PACKET PROCESSING METHOD AND SYSTEM, AND NETWORK DEVICE - The present invention provides a packet processing method and system, and a network device. The method includes: receiving, by a first network device, a packet, where the packet includes match object information and match condition information; determining, by the first network device, a to-be-matched second network device according to the match object information, where the second network device includes one or more network devices; matching, by the first network device, device information of the second network device with the match condition information; and performing, by the first network device, forwarding processing or discarding processing on the packet according to a match result of matching the device information of the second network device with the match condition information. By using the method provided in the present invention, excessive occupation of network bandwidth can be reduced, and network resources can be saved. | 2021-05-27 |
20210160189 | Tracking Flows Having Encrypted Sequence and Acknowledgment Numbers - A processor is configured to receive, from a first device, a plurality of first-direction packets belonging to a flow of communication, pass the first-direction packets to a second device, receive, from the second device, a plurality of second-direction packets belonging to the flow, pass the second-direction packets to the first device, calculate, after receiving each of at least some of the second-direction packets, an estimated in-flight number, by assuming that the second-direction packet acknowledges receipt of a number of the first-direction packets that is based on an estimated average number of received first-direction packets acknowledged by the second-direction packets, the estimated in-flight number being an estimated volume of payload data, contained at least partly in the first-direction packets, that has been passed by the processor to the second device but has not yet been received by the second device, and to regulate the flow, based on the estimated in-flight number. | 2021-05-27 |
20210160190 | DYNAMIC ALLOCATION OF NETWORK RESOURCES USING EXTERNAL INPUTS - Systems and methods for managing network resources are disclosed. One method can comprise receiving first information relating to network traffic parameters and receiving second information relating to one or more contextual events having an effect on the network traffic parameters. The first information and the second information and be correlated. And one or more network resources can be allocated based on the correlation of the first information and the second information. | 2021-05-27 |
20210160191 | ENHANCED SELECTION OF CLOUD ARCHITECTURE PROFILES - This document describes modeling and simulation techniques to select a cloud architecture profile based on correlations between application workloads and resource utilization. In some aspects, a method includes obtaining infrastructure data specifying utilization of computing resources of an existing computing system. Application workload data specifying tasks performed by one or more applications running on the existing computing system is obtained. One or more models are generated based on the infrastructure data and the application workload data. The model(s) define an impact on utilization of each computing resource in response to changes in workloads of the application(s). A workload is simulated, using the model(s), on a candidate cloud architecture profile that specifies a set of computing resources. A simulated utilization of each computing resource of the candidate cloud architecture profile is determined based on the simulation. An updated cloud architecture profile is generated based on the simulated utilization. | 2021-05-27 |
20210160192 | MULTI-TENANT RESOURCE ALLOCATION USING CONTROL GROUPS IN CLOUD-BASED COMPUTING ENVIRONMENT - Some embodiments may be associated with a cloud-based computing environment. A multi-tenant master process platform, associated with a RDBMS, may create a logical database for a tenant on a physical instance of the cloud-based computing environment. A connection to the logical database may be received from a client user associated with the tenant, and a process for the connection may be created. A process identification number created for the process may then be captured along with the database identifier for the tenant using an in-kernel virtual machine program. The system may send the process identification number and the database identifier to a user space program. The user space program creates a control group with the name of the database identifier and places the process identification number into the control group. The control group can then be limited with respect to a maximum amount of resources (memory, CPU etc.). | 2021-05-27 |
20210160193 | METHOD FOR MANAGING THE CONFIGURATION OF ACCESS TO PERIPHERALS AND THEIR ASSOCIATED RESOURCES OF A SYSTEM ON CHIP, AND CORRESPONDING SYSTEM ON CHIP - System on a chip, comprising several master pieces of equipment, several slave resources, an interconnection circuit coupled between the master pieces of equipment and the slave resources and capable of routing transactions between master pieces of equipment and slave resources. A first particular slave resource cooperates with an element of the system on a chip, for example a clock signal generator, and the element has the same access rights as those of the corresponding first particular slave resource. | 2021-05-27 |
20210160194 | Network-On-Chip Topology Generation - The present disclosure provides a computer-based method and system for synthesizing a NoC. Traffic data is determined or received, and a baseline topology is generated or received. For each router in the baseline topology, a number of edge virtual channel (EVC) combinations is determined, the transmittablility of the traffic classes are determined, and, when the traffic classes are not transmittable, the router is identified. A traffic class affinity graph (TCAG) is generated for each identified router. Traffic class combinations are generated for the identified routers based on the TCAGs and EVC combinations. The traffic classes of the identified routers are merged based on the traffic class combinations. A final EVC combination for each identified router is determined based on the merged traffic classes. A final topology is generated based, at least in part, on the merged traffic classes and the final EVC combinations for the identified routers. | 2021-05-27 |
20210160195 | METHODS AND APPARATUSES FOR PROCESSING MULTIPLE COMMUNICATIONS SIGNALS WITH A SINGLE INTEGRATED CIRCUIT CHIP - An apparatus is disclosed. The apparatus comprises a plurality of antennas and an integrated circuit chip coupled to the plurality of antennas, and is configured to process cellular signals received from the plurality of antennas in accordance with a cellular communication protocol and to process radio frequency identification (RFID) signals received from the plurality of antennas in accordance with an RFID protocol. | 2021-05-27 |
20210160196 | MULTI-DESTINATION PACKET REDACTION - Presented herein are techniques for redacting mirrored network packets prior to providing the mirrored packets to an intended recipient application, such as a third-party analysis application. More specifically, a multi-destination packet redaction device obtains mirrored network traffic that comprises one or more mirrored network packets. The multi-destination packet redaction device filters the mirrored network traffic to determine an intended recipient application of the one or more mirrored network packets and applies a redaction process to redact one or more portions of at least one of the one or more mirrored network packets. The redaction process is customized based on one or more attributes of the intended recipient application. | 2021-05-27 |
20210160197 | METHOD FOR KEY SHARING BETWEEN ACCELERATORS IN VIRTUAL CHANNEL WITH SWITCH - A host processing device instructs a plurality of virtual data processing (VDP) accelerators, configured on each of a plurality of data processing accelerators. The VDP accelerators configure themselves for secure communications. The host device generates an adjacency table of each of the plurality of VDP accelerators. Then the host device then establishes a session key communication with each VDP accelerator and sends the VDP accelerator a list of other VDP accelerators that the VDP accelerator is to establish a session key with, for secure communications between the VDP accelerators. The VDP accelerator establishes a different session key for each pair of the plurality of VDP accelerators. When all DP accelerators have established a session key for communication with other VDP accelerators, according to the respective list of other VDP accelerators sent by the host device, then the host device can assign work tasks for performance by a plurality of VDP accelerators, each communicating over a separately secured virtual communication channel. | 2021-05-27 |
20210160198 | PERFORMING DISTRIBUTED DYNAMIC FREQUENCY SELECTION USING A SHARED CACHE - Embodiments herein describe a group of APs that uses a shared radar cache to select a new channel after vacating a current channel when performing dynamic frequency selection (DFS). The group of APs can set aside memory to store status information about the DFS channels in the frequency band. For example, when one AP detects a radar event (and has to vacate a DFS channel), the AP updates an entry for that channel in the shared radar cache. The APs can also query the cache to determine a new channel after vacating its current channel. That is, the shared radar cache may store the most recent radar events occurring in a channel. In this manner, the APs can select a new channel that has little or no recent radar events, which reduces the likelihood the AP will have to vacate the new channel. | 2021-05-27 |
20210160199 | INSTANT MESSAGING COMMUNICATION SYSTEM AND METHOD - Systems and methods for delivering media files in communication sessions are disclosed. User interfaces are displayed on first and second client devices. A media file is selected at the first client device and a representation of the media file is transmitted to the second client device. The representation is selectable within a sent message region of the user interface on the second client device. In response to selecting the representation of the media file, an embedded viewer is launched within the sent message region of the user interface of the second client device that includes embedded selectable controls which, when activated, control viewing or playback of the media file within the user interface. | 2021-05-27 |
20210160200 | METHOD AND APPARATUS FOR MANAGING MESSAGE IN ELECTRONIC DEVICE - Disclosed are a method and an apparatus for managing a message in an electronic device. The method includes displaying an application execution screen of an application. The method also includes displaying a marked message list when a touch input is sensed for extracting a marked message from the application execution screen. The method also includes switching to and displaying a chat window including a selected marked message, when the marked message is selected from the marked message list. | 2021-05-27 |
20210160201 | THIRD-PARTY INTEGRATION IN ACTIVITY FEEDS - The present technology can provide a mechanism for viewing activities occurring in third-party services with respect to shared content items managed by the content management system. The activities occurring in the third-party services are visible in an activity feed associated with the content management system based on user permissions at the third-party services. | 2021-05-27 |
20210160202 | MANAGING AND EXECUTING SERVERLESS FUNCTION COMMAND SETS IN A MESSAGING SERVICE - A serverless function execution system enables fast, efficient and flexible deployment and execution of serverless functions. User commands are received from external messaging systems that cause functions to be executed. A serverless function associated with the user command is determined and the serverless function is executed in an isolation container at a function computation server. A response from the execution of the serverless function is sent to the external messaging system. | 2021-05-27 |
20210160203 | SYSTEM FOR DISARMING ENCRYPTED ATTACHMENT FILES OF E-MAIL AND DISARMING METHOD USING SAME - Provided is a system and method for disarming an encrypted attachment file of an e-mail. The system includes: a disarming server including: a mail processing module configured to process the transmission and reception of mail data; an attachment file processing module configured to determine and classify whether or not an attachment file is present in the mail data, to determine whether or not the attachment file has been encrypted, and to transmit a decryption code query message; a decryption module configured to decrypt an encrypted attachment file based on the decryption code; and a disarming module configured to disarm one or more selected from a mail body file and attachment file of the mail data, to reconstruct disarmed mail data, and to transfer the disarmed mail data to the mail processing module; and a mail checking module installed in a reception terminal to output the disarmed mail data. | 2021-05-27 |
20210160204 | PRESENTING AND SHARING AUGMENTED REALITY OBJECTS - One or more computing devices, systems, and/or methods for presenting augmented reality (AR) experiences and/or sharing AR objects are provided. For example, a request to initiate an AR experience may be received from a device associated with an email account. A real time view of a camera of the device may be displayed using an AR interface, where a set of AR objects are overlaid onto the real time view of the camera. An edited set of AR objects may be generated based upon one or more inputs corresponding to one or more edits to the set of AR objects. The edited set of AR objects may be overlaid onto the real time view of the camera. An email comprising the edited set of AR objects may be transmitted to one or more email accounts responsive to receiving a second request to share the edited set of AR objects. | 2021-05-27 |
20210160205 | USER TERMINAL AND METHOD FOR DISPLAYING INTEGRATED COMMUNICATION HISTORY OF THE USER TERMINAL - A method for displaying an integrated communication history of a user terminal, the method including the user terminal transmitting or receiving a content using an integrated communication service, and executing instructions on a processor of the user terminal to perform processes of collecting communication history of content transmission or reception by a communication history manager using the integrated communication service, providing a lock setting capability within the user terminal to the communication history manager, generating a user interface feature based on the communication history that is not locked by the communication history manager, and displaying the communication history in a user interface on a display of the user terminal in association with the user interface feature. | 2021-05-27 |
20210160206 | SYSTEM FOR BRIDGING, MANAGING, AND PRESENTING SMARTPHONE & OTHER DATA FILES WITH TELEPHONY INTERACTIONS - A system for interfacing with mobile carrier networks, mobile application-equipped devices, social media networks, and individual and Enterprise user's databases, contacts, pictures, videos, and text is disclosed. A data link is connected to a mobile carrier network to receive user application and other data. Additional data links are connected to a user's stored smartphone content, including contacts, pictures, videos and other stored information as well as databases and an application-equipped device to obtain and exchange information in determining data selection, routing, presentation, and updating instructions. A user interface is connected to the system to accept configurable conditions for determining selection, routing and sharing instructions. There is a data conversion function for each data source. Synchronization between stored user preferences to automated or semi-automated updates and routes is provided by application driven consumer defined preferences. | 2021-05-27 |
20210160207 | METHOD FOR RECOMMENDING GROUPS AND RELATED ELECTRONIC DEVICE - The disclosure provides a method for recommending a group, a related electronic device, and a computer readable storage medium. At least two groups to be joined are obtained. For the groups to be joined, group quality indexes are determined depending on attribute information of the groups. One or more group is recommended depending on the group quality indexes. | 2021-05-27 |
20210160208 | TECHNIQUES FOR SUPERVISING COMMUNICATIONS FROM MULTIPLE COMMUNICATION MODALITIES - A computing device can receive communications sent using one or more communication modalities. The communications can be determined to be a single interaction. A communication object can be generated for the single interaction with a structure being consistent across different communication modalities. A policy can be identified that defines which communication objects to review. The communications can be reviewed along with one or more additional communications similar to the communication object. | 2021-05-27 |
20210160209 | METHODS, SYSTEMS, AND MEDIA FOR PRESENTING COMMENTS BASED ON CORRELATION WITH CONTENT - Methods, systems, and media for presenting comments based on correlation with content are provided. In some implementations, a method for presenting ranked comments is provided, the method comprising: receiving, using a hardware processor, content data related to an item of content; receiving, using the hardware processor, comment data related to a comment associated with the item of content; determining, using the hardware processor, a degree of correlation between at least a portion of the comment data and one or more portions of the content data; determining, using the hardware processor, a priority for the comment based on the degree of correlation; and presenting, using the hardware processor, the comment based on the priority. | 2021-05-27 |
20210160210 | MID-TIER MESSAGING SYSTEM - A mid-tier messaging system receives a request to initiate a communication session via a first messaging channel that includes a first messaging interface of a first messaging application provided at a user device and a first message provider of a plurality of message providers. The mid-tier messaging system establishes a first session that is mapped to the communication session. The mid-tier messaging system establishes the communication, using the first session, between the first messaging interface and the first message provider. The mid-tier messaging system provides, through the first session, first message communications between the first message provider and the first messaging interface. The mid-tier messaging system seamlessly switches to a second message provider service when the first message provider service cannot service an intent of the first communication session. | 2021-05-27 |
20210160211 | DOMAIN NAME SYSTEM (DNS) TRANSLATIONS FOR CO-LOCATED GATEWAY USER PLANES IN WIRELESS COMMUNICATION NETWORKS - To serve User Equipment (UEs) in a wireless communication network, a control-plane transfers a co-located User Plane Function (UPF) request for a wireless access point ID to a naming system. The naming system detects a co-location translation fault for the wireless access point ID and transfers the wireless access point ID to a controller. The controller determines co-located UPFs for the wireless access node. The controller transfers co-location translation information for the wireless access point ID and co-located UPF IDs to the naming system. The control-plane transfers another co-located UPF request for the wireless access point ID to the naming system. The naming system translates the wireless access point ID into the set of co-located UPF IDs. The naming system transfers the co-located UPF IDs to the control-plane. The control-plane signals the co-located UPFs to serve the UE over the wireless access point. | 2021-05-27 |
20210160212 | CLIENT DEVICE ADDRESS ASSIGNMENT FOLLOWING AUTHENTICATION - Methods and systems are described for assigning the proper internet protocol (IP) address to a client device following authentication of the client device on a network. In particular, at commencement of an authentication procedure of the client device, a role is associated with the client device that denies all DHCP renews/requests. By assigning a role to the client device | 2021-05-27 |
20210160213 | BLUETOOTH-BASED IPV6 LOW POWER NETWORKING - A wireless device (S) includes a radio (R) for communicating via a wireless communication protocol which employs messages constructed as layer 2 MAC frames each including a layer 2 MAC header and a payload. The wireless device is configured to operate in (i) a first mode in which the wireless device transmits messages (N | 2021-05-27 |
20210160214 | METHODS AND SYSTEMS OF APPLICATION SECURITY MESH USER INTERFACES - A computerized method for implementing distributed application security mesh systems comprising: providing a service graph; and providing an underlying mesh graph with a pre-defined paths. | 2021-05-27 |
20210160215 | SYSTEMS AND METHODS FOR PROVIDING PRE-EMPTIVE INTERCEPT WARNINGS FOR ONLINE PRIVACY OR SECURITY - Systems and methods for providing pre-emptive intercept warning for online privacy or security are disclosed. In one embodiment, at a privacy security appliance comprising at least one computer processor, a method for may include: (1) establishing a virtual private network (VPN) connection with a computer application executed by a client device; (2) receiving, over the VPN connection, an internet protocol (e.g., HTTP or HTTPS) request for a website host; (3) communicating the internet protocol request to the website host; (4) receiving a response to the internet protocol request from the website host; (5) inspecting the response for privacy or security issues with embedded links in the response; (6) scoring the embedded links based on the inspection; (7) generating a mock webpage based on the response comprising the scoring for the embedded links; and (8) delivering the mock webpage with the scoring to the application over the VPN. The mock webpage may include links to the embedded links. | 2021-05-27 |
20210160216 | ANTI-CRACKING METHOD AND SYSTEM FOR A CLOUD HOST, AS WELL AS TERMINAL DEVICE - An anti-cracking method and system for a cloud host, as well as a terminal device are provided according to the disclosure. The method includes: obtaining system logs of the cloud host; determining an IP which fails to log in the cloud host according to the system logs as a suspicious IP; tracking and determining the suspicious IP to be an attacker IP according to the number of times of consecutive login failure of the suspicious IP; and adding a first blocking rule to firewall settings of the cloud host; wherein the first blocking rule instructs to block a login operation of the attacker IP during a first preset blocking time. With the anti-cracking method for a cloud host of the disclosure, the brute-force cracking can be prevented proactively in a timely manner with only very few system resources occupied. | 2021-05-27 |
20210160217 | Secure Controlled Access To Protected Resources - A client node (CN) requests content from an access node (AN). Rule set ACR_CN is provided to CN and AN and ACR_AN is used by AN. A request sent by CN in violation of ACR_CN may be blocked and cause AN to block subsequent requests from CN that would be allowed per ACR_CN. A request blocked according to ACR_AN but not ACR_CN is blocked but subsequent requests may still be allowed according to ACR_CN and ACR_AN. Authenticated distribution of the ACR_CN and ACR_AN may be performed in cooperation with a controller using authenticated tokens (AT). | 2021-05-27 |
20210160218 | PRIVATE NETWORK PEERING IN VIRTUAL NETWORK ENVIRONMENTS - Methods and apparatus for private network peering in virtual network environments in which peerings between virtual client private networks on a provider network may be established by clients via an API to a peering service. The peering service and API | 2021-05-27 |
20210160219 | POLICY-CONTROLLED AUTHENTICATION FOR INTERNET COMMUNICATION - Systems and methods for providing policy-controlled communication over the Internet are provided. A system may include a client endpoint function configured to execute on a client device while coupled to a first VPN tunnel, a service endpoint function that operates a remote service of a plurality of remote services, and a mid-link server coupled to the first VPN tunnel and a second VPN tunnel. The client endpoint function may include a first VPN endpoint component, and the service endpoint function may include a second VPN endpoint component. The mid-link server may include a first VPN termination point that authenticates and terminates the first VPN tunnel and a second VPN termination point that authenticates and terminates the second VPN tunnel. The first VPN termination point may re-authenticate the client device based on a first characteristic of the first VPN endpoint component and/or a second characteristic of the second VPN endpoint component. | 2021-05-27 |
20210160220 | SECURITY SERVICE - A security service to verify a network resource accessed from a resource address in an application at client device is disclosed. The resource address is converted into a proxy address with a suffix domain of a proxy server. The proxy server is coupled to the client device. The network resource is verified at the proxy server. | 2021-05-27 |
20210160221 | Privacy Preserving Document Analysis - Systems and techniques for privacy preserving document analysis are described that derive insights pertaining to a digital document without communication of the content of the digital document. To do so, the privacy preserving document analysis techniques described herein capture visual or contextual features of the digital document and creates a stamp representation that represents these features without included the content of the digital document. The stamp representation is projected into a stamp embedding space based on a stamp encoding model generated through machine learning techniques capturing feature patterns and interaction in the stamp representations. The stamp encoding model exploits these feature interactions to define similarity of source documents based on location within the stamp embedding space. Accordingly, the techniques described herein can determine a similarity of documents without having access to the documents themselves. | 2021-05-27 |
20210160222 | SECURITY-ENHANCED ORIGINATION OF BLOCKCHAIN TRANSACTIONS - A blockchain-implemented transaction from an originator node is to be broadcast. The originator node is communicatively coupled to proxy nodes. The method, implemented by a proxy node, includes: receiving a transaction including an input taking x+r units of computing resources, an output providing x units to the output address and another output providing d+r units to a 1-of-n multi-signature address unlockable by any one of a set of private keys associated the proxy nodes. The proxy node selects a quantity of computing resources, t units, to be allocated to the proxy node for broadcasting the transaction and having it included in the blockchain and generates a further transaction taking d+r units sourced from the multi-signature address and an output providing t units to the proxy node. The proxy node broadcasts both transactions timed to permit their inclusion in the same block of the blockchain. | 2021-05-27 |
20210160223 | ANONYMOUS CREDENTIAL AUTHENTICATION SYSTEM AND METHOD THEREOF - An anonymous credential authentication system receives an anonymous credential signature value indicating that setting proposition information using a credential is satisfied from a user device that has been issued the credential combined with multiple pieces of attribute information constituting personal information, generates signer authentication information that confirms a signer of the anonymous credential signature value using an opening key, and outputs the signer authentication information. | 2021-05-27 |
20210160224 | USE OF TRUSTED PLATFORM MODULES FOR CRYPTOGRAPHIC OPERATIONS IN AN INTERNET OF THINGS DEVICE - Providing security functions in an IoT device can comprise executing, by a TPM of the IoT device, a set of cryptographic functions. The set of cryptographic functions can comprise providing a secure unidirectional uplink from the IoT device to one or more communications networks. The set of cryptographic functions can also be executed by a second TPM to provide a secure unidirectional downlink from the one or more communications networks to the IoT device. The processor of the IoT device need not perform cryptographic functions and the processor of the IoT device and a memory of the IoT device can be outside of a secure boundary maintained by the first TPM and the second TPM. Cryptographic information to provide the secure unidirectional uplink and the secure unidirectional downlink can be exchanged between the first TPM and the second TPM. | 2021-05-27 |
20210160225 | METHOD FOR KEY SHARING BETWEEN ACCELERATORS WITH SWITCH - A host processing device (“host”) instructs a plurality of data processing (DP) accelerators to configure themselves for secure communications. The host generates an adjacency table of each of the plurality of DP accelerators (“DPAs”). The host is communicatively coupled to the plurality of DPAs via a switch. The host transmits, to the switch, a list of the DPAs and instructs the switch to generate an adjacency table of the DPAs that includes a unique identifier of each DPAs and a communication port of the switch associated with the DPA. The host establishes a session key communication with each DPA and sends the DPA a list of other DPAs that the DPA is to establish a session key with, for secure communications between the DPAs. The DPA establishes a different session key for each pair of the plurality of DPAs. When all DPAs have established a session key for communication with other DPAs, the host can assign work tasks for performance by a plurality of DPAs, each communicating over a separately secured communication channel. | 2021-05-27 |
20210160226 | SYSTEMS AND METHODS FOR PROTECTING INTERNET ADVERTISING DATA - Systems and methods are disclosed for protecting user privacy in, for example, online advertising environments. The method includes receiving data related to a user in a first communication session between a host server and a client device, and generating a user profile associated with the user. The method further may include encrypting the user profile to produce encrypted user profile data and generating a decryption key for decrypting the encrypted user profile data. Thereafter, either the decryption key or a portion of the encrypted user profile data may be transmitted to the client device and then deleted from host server before ending the first communication session. The method further may include establishing a second communication session between the host server and the client device and retrieving the transmitted content. Then targeted advertising may be provided by decrypting the encrypted user profile data. | 2021-05-27 |
20210160227 | BLOCKCHAIN-BASED SERVICE DATA ENCRYPTION METHODS AND APPARATUSES - Blockchain-based service data encryption methods and apparatuses are provided wherein by a first derived key is obtained by a node device of a key receiver, the first derived key distributed by a node device of a key distributor, wherein the first derived key is derived from a derived key of the key distributor based on a service data permission type of the key receiver and service data is encrypted based on the first derived key to obtain encrypted service data. The encrypted service data is sent to a blockchain, so that the encrypted service data is recorded in a distributed database of the blockchain after the blockchain performs consensus verification on the encrypted service. Because the derived key of the key distributor can decrypt the service data encrypted by the first derived key, the key distributor can decrypt, monitor, and manage service data uploaded by the key receiver. | 2021-05-27 |
20210160228 | METHOD AND SYSTEM FOR SECURE SHARING OF AERIAL OR SPACE RESOURCES USING MULTILAYER ENCRYPTION AND HOSTED PAYLOADS - A method and system for providing secure aerial or space communications. A general payload and a hosted payload are provided on a vehicle. The hosted payload encrypts a data packet that contains restricted data using a secure key to create an encrypted packet. The general payload encrypts the encrypted packet using a general key to create a multilayer-encrypted packet. The multilayer-encrypted packet is transmitted from the vehicle to a destination. | 2021-05-27 |
20210160229 | ISO LAYER-TWO CONNECTIVITY USING ISO LAYER-THREE TUNNELING - Systems and methods related to a VPN controller are provided. In some embodiments, a first VPN controller is configured to establish a VPN tunnel with a client endpoint, wherein the VPN tunnel is established using an authentication process of the client endpoint, route a L2 request to a second VPN controller via an established communication tunnel between the first VPN controller and the second VPN controller by identifying a Generic Routing Encapsulation (GRE) header of the L2 request and based on the GRE header of the L2 request, directing the L2 request to a responsive L2 device accessible by the second VPN controller, receive an encapsulated L2 response from the second VPN controller identifying acceptance of the L2 request, and enable an electronic communication between the client endpoint and the responsive L2 device at least via the VPN tunnel between the client endpoint and the first VPN controller. | 2021-05-27 |
20210160230 | METHODS AND SYSTEMS FOR CONDUCTING MULTI-USER PERSONALIZED, INTERACTIVE AND INTELLIGENT SEARCHES - Existing search methods/systems are often generic, offer no user specific information, and do not integrate search query information from multiple users. But multiple users may need to collaborate using interactive AR/VR/MR/Holographic AR/XR to accomplish some task together. A search engine that only works for one user input or treats one user's search as independent from other users would not work for this purpose. Disclosed herein are methods and systems for providing personalized, interactive, and intelligent search information based on user input from one or more users. The search functionality according to the present disclosure is not limited to finding the information and presenting the info as is to the users. Rather, the present disclosure provides for a comprehensive intelligent process that provides useful info to one or more users. | 2021-05-27 |
20210160231 | Bulk Multifactor Authentication Enrollment - Embodiments perform bulk multifactor authentication (MFA) enrollment in an identity cloud management system. An entity can be created in the identity cloud management system, where the entity is issued a credential that includes a permissions scope for communicating with the identity cloud management system. A bulk set of user identities and MFA enrollment information including MFA security factors for the user identities and a status for the user identities can be received in association with the credential, where the MFA security factors include a mix of communication addresses and shared secrets. A subset of the user identities that include a status that indicates MFA enrollment can be enrolled, where the enrolling includes creating an MFA footprint for the subset of user identities within an MFA database, and each created MFA footprint includes a received MFA security factor. Access to cloud-based services or applications can be secured using the created MFA footprints, where the secured access includes secure API calls to the identity cloud management system. | 2021-05-27 |
20210160232 | SYSTEM AND METHOD FOR PERMITTING A REQUEST AFTER VERIFYING KNOWLEDGE OF FIRST AND SECOND SECRETS - A method for multi-party authorization includes a security component determining that a request for the performance of an action on a computing device is from a first party. The security component initiates transmissions to the computing device of first and second information indicating knowledge of first and second secrets provisioned on the computing device. The computing device, upon verifying the knowledge of first and second secrets, then permits the requested action. | 2021-05-27 |
20210160233 | SYSTEM AND METHODS FOR IOT SECURITY - The present disclosure relates to a method and system for enabling TOT security using a decentralized TOT security platform that leverages the advanced communication and blockchain security thread model to protect TOT eco-systems. The platform uses a multi-chain data schema including a device chain and an event chain. The multi-chain data schema uses a time-envelope mechanism to generate an event to connect different device chains and enforce a set of security rules through smart contracts. The method comprising receiving an encrypted block from TOT device with event data and verifying the device signature and identity based on certain rules within the device chain. Further, the method comprising determining access to event chain using previous token, current token and timestamp of the encrypted block and updating the event chain upon access determination. The event chain protects data integrity and confidentiality against malicious packets, unauthorized devices, weak encryption and man-in-the-middle attacks. | 2021-05-27 |
20210160234 | CENTRALIZED BIOMETRIC USER PROFILE SETUP IN INTERNET GATEWAY DEVICE FOR NETWORK ACCESS - A method, an apparatus, a communication device and a computer program product for biometric identification of users who wants to access the network, are provided. The apparatus may be an Internet Gateway Device, Router, Customer Premise Equipment or a Managed Gateway device. The apparatus may detect biometric information using a computer software program and sensors. The apparatus may then use computer program to compare the detected biometric information of a user with stored biometric information associated with a stored user's biometric profile of a plurality of user profiles. The apparatus may then determine whether to provide the web access with full or limited privileges based on comparison of received provided biometric information with stored biometric information or even deny the access request, received from a communication device. | 2021-05-27 |