24th week of 2017 patent applcation highlights part 66 |
Patent application number | Title | Published |
20170171076 | ROUTERS WITH NETWORK PROCESSING UNIT AND CENTRAL PROCESSING UNIT-BASED LINE CARDS - A router may include a central processing unit-based line card storing a forwarding table that includes a first set of entries, a network processing unit-based line card storing a partial forwarding table that includes a second set of entries comprising a subset of the first set of entries, where the second set of entries comprises entries that are most utilized by a plurality of line cards of the router, and a route controller for updating the second set of entries to comprise the entries that are the most utilized. The network processing unit-based line card may forward a packet when an entry in the partial forwarding table matches the packet and may forward the packet to the central processing unit-based line card to forward the packet when there is no entry in the partial forwarding table of the network processing-unit based line card that matches the packet. | 2017-06-15 |
20170171077 | TRANSACTIONAL CONTROLS FOR SUPPLYING CONTROL PLANE DATA TO MANAGED HARDWARE FORWARDING ELEMENTS - Some embodiments provide novel methods for controllers to communicate with managed hardware forwarding elements (MHFEs) in a transactional manner. The transactional communication methods of some embodiments ensure that an MHFE receives the entirety of a control plane update that a controller supplies to it, before the MHFE starts to modify its data plane forwarding data and operations. The transactional communication methods of some embodiments provide one or more transactional boundary controls to the controllers to define complete control plane data set updates. In some embodiments, the transactional controls ensure that an MHFE receives all of a control plane update before it starts to modify its data plane forwarding data. Controllers use one transactional control in some embodiments when they define logical forwarding elements (e.g., logical switches or routers) on the MHFEs. | 2017-06-15 |
20170171078 | TRANSACTIONAL CONTROLS FOR SUPPLYING CONTROL PLANE DATA TO MANAGED HARDWARE FORWARDING ELEMENTS - Some embodiments provide novel methods for controllers to communicate with managed hardware forwarding elements (MHFEs) in a transactional manner. The transactional communication methods of some embodiments ensure that an MHFE receives the entirety of a control plane update that a controller supplies to it, before the MHFE starts to modify its data plane forwarding data and operations. The transactional communication methods of some embodiments provide one or more transactional boundary controls to the controllers to define complete control plane data set updates. In some embodiments, the transactional controls ensure that an MHFE receives all of a control plane update before it starts to modify its data plane forwarding data. Controllers use one transactional control in some embodiments when they define logical forwarding elements (e.g., logical switches or routers) on the MHFEs. | 2017-06-15 |
20170171079 | SELECTIVE ROUTE DOWNLOAD TRAFFIC SAMPLING - A network device includes a forwarding information base (FIB). The FIB includes a first number of entries and a default entry. The network device includes a routing information base that includes a second number of entries. The network device includes a FIB entry optimizer that ranks a first portion of the second number of entries based on access information of the first number of entries; ranks a second portion of the second number of entries based on access information of the default entry; and updates at least one entry of the FIB based on the ranks of the first portion of the second number of entries and the ranks of the second portion of the second number of entries. The first number of entries is less than the second number of entries. | 2017-06-15 |
20170171080 | System and Method to Analyze Congestion in Low Latency Network - Intelligent packet analysis may be provided to determine congestion problems and lead to fast solutions in low latency networks. Specifically, a congestion analyzer system may allow a user to monitor congestion on a network while using lightweight storage. A sniffer tool may be employed to capture all packets and store associated packet information into a database. | 2017-06-15 |
20170171081 | SINGLE-LINE PMIC-HOST LOW-LEVEL CONTROL INTERFACE - System, methods, and apparatus are described that facilitate signaling between devices over a single bi-directional line. In an example, the apparatus couples a first device to a second device via a single bi-directional line, indicates initiation of a first action, initiated at the first device, by sending a first single transition on the single bi-directional line from the first device to the second device, and indicates initiation of a second action, initiated at the second device, by sending a second single transition on the single bi-directional line from the second device to the first device. In another example, a first device initiates a first action, indicates initiation of the first action by generating a first event on a single bi-directional line, and receives an indication of a second action initiated at a second device by observing a second event on the single bi-directional line. | 2017-06-15 |
20170171082 | METHOD AND ELECTRONIC DEVICE FOR UPDATING CLIENT DATA - Embodiments of this application disclose a method and electronic device for updating client data, includes: acquiring a request transmission-restricting time returned by an access server based on a data update request; and controlling a time for subsequently transmitting the data update request to the access server, based on the request transmission-restricting time. | 2017-06-15 |
20170171083 | UNFUSING OPERATORS FROM A STREAMING PROCESSING ELEMENT TO AVOID CONGESTION - A streams manager determines when congestion is happening or is predicted to happen in a streaming application, and in response, unfuses one or more operators in the streaming application from its processing element. The selection of which operators to unfuse in which processing elements is made using suitable unfuse criteria, which may include selecting operators that do not maintain state, selecting operators that have a threaded port or queue preceding the operator, selecting operators at natural boundaries, and inserting queues before operators to be unfused. Once one or more operators are unfused, the streams manager can take action to enhance performance of the unfused operator(s). For example, the streams manager can allocate additional resources to the unfused operators, can create clones of unfused operators that process tuples in parallel, can move one or more unfused operators to a public cloud, etc. | 2017-06-15 |
20170171084 | VALIANT LOAD BALANCED SEGMENT ROUTING - Various exemplary embodiments relate to a routing device used for routing via a valiant load balanced (VLB) intermediate node from a source node i, to a destination node j, the device including a memory, and a processor configured to: for each pair of nodes, (ij), find a cost of using node k≠i as the Shortest Route (SR); for each node i, compute a cost θ(i) of using node k as the VLB intermediate; and compute a node i* that has the minimum θ(i) value. | 2017-06-15 |
20170171085 | Traffic Engineering System and Method for a Communications Network - An aspect of the disclosure provides a method for transmitting a plurality of packets between nodes of a communications network. The method includes receiving at a traffic engineering (TE) entity, one or more network traffic parameters from the nodes. The method further includes the TE entity providing instructions for routing at least a subset of the plurality of packets using one or more routes determined by the TE entity based on the one or more network traffic parameters. In some embodiments, the network traffic parameters comprise a packet generation rate in packets per second for packets arriving at a source node. In some embodiments the packet generation rate is received from the source node. In some embodiments the packet generation rate is an estimate of the number of packets per second received at the source node, and the packet generation rate is received from a node other than the source node. | 2017-06-15 |
20170171086 | PERSISTENT CONNECTION REBALANCING - Disclosed is a computer-implemented method of rebalancing persistent client connections to a cluster of servers. The method comprises identifying an increase in a total client connection capacity of the cluster of servers with a network connection balancing component; and for each server in a selection of servers in the cluster of servers calculating a current client connection capacity utilization of the server from the number of persistent connections to the server and the current capacity of the server; comparing the current client connection capacity utilization with the target client connection capacity utilization; and terminating a selection of its persistent client connections by a server based on its current client connection capacity utilization exceeding the target client connection capacity utilization. Also disclosed are a computer program product and a computer system for utilizing the computer-implemented method. | 2017-06-15 |
20170171087 | CONGESTION CONTROL DURING COMMUNICATION WITH A PRIVATE NETWORK - Example methods are provided for a first endpoint to perform congestion control during communication with a second endpoint over a public network, the second endpoint being in a private network. The method may comprise generating a plurality of tunnel segments containing unreliable transport protocol data destined for the second endpoint; and determining whether congestion control is required based on a data amount of the plurality of tunnel segments and a congestion window associated with a tunnel connecting the first endpoint with the private network. The method may further comprise, in response to determination that congestion control is required, performing congestion control by dropping at least some of the plurality of tunnel segments; otherwise, sending the plurality of tunnel segments through the tunnel supported by the reliable transport protocol connection. | 2017-06-15 |
20170171088 | SYSTEM AND METHOD FOR AUTOMATIC LOAD ADAPTIVE ANTENNA CARRIER BANDWIDTH DYNAMIC RECONFIGURATION IN RADIO BASE STATION SYSTEM - A method performed by a radio base station, the method including determining that one of a Direct Memory Access (DMA) buffers of a communication link for a service provider has gone beyond a DMA buffer limit (empty or full), the communication link between a radio equipment control (REC) device and a radio equipment (RE) device that is operating based on a first bandwidth configuration of the communication link. The method further including in response to determining that the communication link is to change operation (due to reaching the DMA buffer limit) based on a second bandwidth configuration of the communication link, instead of the first bandwidth configuration, continuing operation of the communication link based on the second bandwidth configuration. The method further including that after going back under the DMA buffer limit, the communication link continuing operation based on the original first bandwidth configuration. | 2017-06-15 |
20170171089 | PER QUEUE PER SERVICE BUFFERING CAPABILITY WITHIN A SHAPING WINDOW - Systems and methods for per queue per service buffering capability for traffic shaping include receiving an ingress packet; responsive to no traffic shaping, providing the ingress packet to an output interface; and, responsive to traffic shaping, performing one of sending the ingress packet to the output interface, buffering the ingress packet in a queue based on service priority, and dropping the ingress packet. The traffic shaping can include one of a token bucket algorithm and a leaky bucket algorithm. | 2017-06-15 |
20170171090 | SYSTEM AND METHOD FOR MANAGING INTERNET OF THINGS (IOT) DEVICES AND TRAFFIC USING ATTRIBUTE CLASSES - A system and method are described for managing attributes in an IoT system. For example, one embodiment of a method comprises: specifying an attribute for each of a plurality of items of data managed in an Internet of Things (IoT) device and/or an IoT service; defining a plurality of attribute classes; associating each of the attributes with one or more of the attribute classes, wherein the attribute classes specify how the items of data are to be stored and processed by components of the IoT device and/or the IoT service; wherein the attribute classes includes a priority notification attribute class, a first set of attributes to be associated with the priority notification attribute class based on based on a level of importance or severity associated with the first set of attributes; transmitting notifications from the IoT device for attributes associated with the priority notification attribute class to the IoT service ahead of other notifications for attributes not associated with the priority notification attribute class; and implementing a set of priority notification attribute rules on the IoT service, upon receipt of the notifications, to attempt to address a potentially hazardous or otherwise undesirable condition associated with the notifications. | 2017-06-15 |
20170171091 | SELECTIVE NETWORK TRAFFIC THROTTLING - Exemplary methods, apparatuses, and systems a management server receiving, from a switch, an indication of network congestion at the switch. The indication includes one or more contributors to the network congestion. In response to the indication of network congestion, the management server identifies one or more hosts running the identified contributor(s) and transmits an instruction to the host(s) to restrict network traffic originated by the contributor(s). For example, the restriction may include a reduction in the contributor's I/O queue depth. If the reduction in traffic does not remedy the congestion, the management server may receive a further indication of congestion and further instruct the host(s) to restrict identified contributor network traffic. For example, the contributors may have their I/O queue depth reduced exponentially until congestion is relieved. Upon receiving an indication that the congestion is relieved, the management server instructs the host(s) to remove the restriction on network traffic. | 2017-06-15 |
20170171092 | NETWORK ANALYSIS AND MONITORING TOOL - A transmitted transport communication protocol (TCP) packet in an established TCP connection is intercepted and resent with a modified IP layer to determine network nodes within a network path. No new connection is required, and the data may be transmitted to its intended location as part of the existing connection, bypassing firewalls and other obstacles commonly affecting ping commands. The change to the IP layer may include a modified TTL value. Address location and response time may be determined for each node in a network path. | 2017-06-15 |
20170171093 | SYSTEMS, METHODS, AND DEVICES FOR ADDRESSED DATA COMMUNICATIONS - According to one aspect, a communications system for sending a data packet, including a first device, comprising a processor, the processor configured to compose an addressing bitmask and, address the data packet with the bitmask; and, a transmitter connected to the processor for transmitting the addressed data packet; and a second device, comprising a receiver for receiving the addressed data packet; and a processor attached to the receiver, the processor configured to perform a bitmask test on the bitmask contained in the addressed data packet such that, if the test is failed, then the addressed data packet is discarded. | 2017-06-15 |
20170171094 | PLAYLISTS FOR REAL-TIME OR NEAR REAL-TIME STREAMING - Methods and apparatuses for real-time or near real-time streaming of content using transfer protocols such as an HTTP compliant protocol. In one embodiment, a method includes dividing a stream of data, representing the contiguous time based content of a program (e.g. a live video broadcast), into a plurality of distinct media files, and generating a playlist file having a plurality of tags and Universal Resource Indicators (URIs) indicating an order of presentation of the plurality of distinct media files. The plurality of media files and the playlist file can be made available for transmission to a client device which can retrieve the media files using the playlist file. | 2017-06-15 |
20170171095 | EFFICIENT SUPPORT FOR VARIABLE WIDTH DATA CHANNELS IN AN INTERCONNECT NETWORK - A bridging circuit and method of operation thereof, which couples first and second electronic circuits of a data processing system. The first electronic circuit generates signals corresponding to digits of a flow control unit (flit) of a first flow control protocol and where the second electronic circuit is responsive to signals corresponding to flits of a second flow control protocol. When first flits are destined for the same target buffer, they are combined to provide a second flit consistent with the second flow control protocol and transmitting the second flit to the second electronic circuit. The second flit includes data and metadata fields copied from the first flits, a common field common to each of the first flits, a merged field containing a merger of fields from the first flits and a validity field indicating which portions of the second flit contain valid data. | 2017-06-15 |
20170171096 | DISTRIBUTION NODE, AUTOMATION NETWORK, AND METHOD FOR TRANSMITTING REAL-TIME-RELEVANT AND NON-REAL-TIME-RELEVANT DATA PACKETS - A distribution node for an automation network comprises at least two input/output interfaces for transmitting and receiving real-time-relevant and non-real-time-relevant data packets, and a switching device connected to the input/output interfaces. The switching device forwards data packets received via an input/output interface via a further input/output interface using a switching table, where the switching table contains at least a data packet identifier and a transmission time in a data transfer cycle for each real-time-relevant data packet. Inter alia, the switching device can detect a data packet identifier on reception of a real-time-relevant data packet, and output the real-time-relevant data packet at the transmission time allocated to the detected data packet identifier in the switching table via an input/output interface as a transmission interface. | 2017-06-15 |
20170171097 | SYSTEM AND USER INTERFACE FOR COORDINATING DISTRIBUTED WORKFLOW BETWEEN MULTIPLE COMPUTING SYSTEMS - Systems and computer-readable media are disclosed for coordinating the distribution of workflow between multiple computing systems. Coordinating the distribution of workflow may include transferring data between multiple distributed computing systems using one or more networks. The workflow may include a series of operations to be executed. Execution of the first operation may be triggered by sending a message or a notification to a first computing system. After receiving a message or notification that execution of the first operation is complete, execution of a second operation may be triggered by sending a message or notification to a second computing device. The first computing device may be different than the second computing device. | 2017-06-15 |
20170171098 | SYSTEM, METHOD, AND RECORDING MEDIUM FOR QUEUE MANAGEMENT IN A FORWARDER - A queue management method, system, and recording medium include a queue examining device configured to examine a reverse flow queue from a forwarder for an acknowledged packet and a dropping device configured to drop a packet in a forward flow queue if the packet in the forward flow queue includes the acknowledged packet in the reverse flow queue. | 2017-06-15 |
20170171099 | Congestion estimation for multi-priority traffic - Communication apparatus includes multiple interfaces for connection to a packet data network and a memory configured to contain packets awaiting transmission to the network in multiple queues, which are assigned respective transmission priorities. Control logic assigns to the queues respective weighting factors, which vary inversely with the respective transmission priorities, and calculates for each egress interface a respective interface congestion level. The control logic calculates effective congestion levels for the queues as a weighted function of the respective queue lengths and the respective interface congestion level, weighted by the respective weighting factors, and applies congestion control to the queues responsively to the effective congestion levels. | 2017-06-15 |
20170171100 | Classified Network Bandwidth Management Based on Customer Performance in Social Communities - An approach is provided that allocates classified network bandwidth based on customer performance in social network communities. In the approach, a network access request from a user. Social media performance data pertaining to the usage of one or more social media websites by the user is received. The user's network priority is then determined based on the received social media performance data. The provider then establishes a network session for the user using the determined network priority, giving the user network access with the provider's network equipment. | 2017-06-15 |
20170171101 | MULTIMEDIA CONTENT CROSS SCREEN SYNCHRONIZATION APPARATUS AND METHOD, AND DISPLAY DEVICE AND SERVER - A multimedia content cross screen synchronization apparatus and method, and a display device and a server are provided. The apparatus includes the display device and the server. The display device provides a plurality of stream channels to a user to select and watch. Each of the stream channels displays a multimedia content. The multimedia contents of at least two channels of the stream channels contain different prompt messages. These prompt messages prompt the user to perform different corresponding behaviors. The mobile device senses a behavior of the user and generates a feedback signal corresponding to the behavior to the server. The server selects a corresponding application service from a plurality of application services according to the feedback signal transmitted from the mobile device, and provides the corresponding application service to the mobile device. | 2017-06-15 |
20170171102 | DATA DRIVEN AUTOMATED PROVISIONING OF TELECOMMUNICATION APPLICATIONS - Systems and methods for building service templates that allow for an agentless, data-driven and stateful automation of a provisioning of services to mobile network customers. Data associated with a request to create a target schema object class for a device and protocol are received. Based on the device and protocol information, a set of data fields associated with CRUD semantics is retrieved from either a database or from user provided data. A decorated target object class is created based on the requested target schema object class. A subrecipe is created including the decorated target object class, and one or more other decorated target object classes. A recipe is processed for transmission to an execution engine to form a service instance, the service instance being customizable by an operator for a specific network device such that the service instance data fields that are not pre-filled can be customized by the operator. | 2017-06-15 |
20170171103 | METHOD FOR DISTRIBUTING AVAILABLE BANDWIDTH OF A NETWORK AMONGST ONGOING TRAFFIC SESSIONS RUN BY DEVICES OF THE NETWORK, CORRESPONDING DEVICE - A device of a network configured for implementing a method for distributing available bandwidth of the network amongst ongoing traffic sessions of devices of the network is described. The device includes a communication module, a ranking module, a calculator and a comparator. The communication module collects status messages from devices of the network running at least one traffic session. The ranking module is configured to rank the ongoing traffic sessions according to parameters of devices and traffic sessions retrieved from status messages. The calculator is configured to determine bandwidth to be allocated to each ranked traffic session in function of the available bandwidth, a rank of the ranked traffic sessions and a type of the ranked traffic sessions. The comparator checks whether the determined bandwidth to be allocated to a traffic session of the device is different from zero such that available bandwidth can be distributed amongst ongoing traffic sessions. | 2017-06-15 |
20170171104 | METHOD AND APPARATUS FOR PROVIDING ACCESS OF CONTENT RESOURCES - Embodiments of the present disclosure provide a method and apparatus for providing access to content resources. The method comprises: in response to receiving a first request for accessing first content resources in a content server, obtaining from the content server metadata associated with a first Uniform Resource Identifier (URI) of the first content resources, the first request including the first URI, the metadata at least indicating a mapping between the first URI of the first content resources and a second URI of the first content resources, the first URI being a shortened version of the second URI; obtaining the second URI by parsing the metadata; and responding to the first request with the second URI of the first content resources. | 2017-06-15 |
20170171105 | PARTIAL TASK EXECUTION IN A DISPERSED STORAGE NETWORK - A processing system in a dispersed storage and a task network DSTN determines whether or not to execute a partial task. When determined to execute the partial task, the processing system operates by determining execution steps and a schedule; identifying a portion of the contiguous data for execution of one or more steps of the execution steps; retrieving the portion of the contiguous data from the disk drive; executing the one or more steps of the execution steps in accordance with the schedule on the portion of the contiguous data to produce a partial result; dispersed storage error encoding the partial result to produce a plurality of sets of slices in accordance with dispersal parameters associated with one or more of the group of slices and the partial task; and facilitating storing a plurality of sets of slices in the DSTN. | 2017-06-15 |
20170171106 | QUALITY OF SERVICE MANAGEMENT METHOD IN FABRIC NETWORK AND FABRIC NETWORK SYSTEM USING THE SAME - A quality of service (QoS) management method in a fabric network and a fabric network system using the same are provided. The QoS management method in the fabric network includes receiving QoS information from a host via the fabric network, and allocating one or more storage devices corresponding to the QoS information received from the host to the host by using a performance table which is initially set with respect to storage devices. | 2017-06-15 |
20170171107 | COMMUNICATION METHOD AND THE CLIENT FOR MULTIPLE PROCESSES - Embodiments of the present disclosure relate to the field of information technology, and an inter-process communication method and a client implementing the method are disclosed. The method includes: storing, by a first process, signaling in a buffer area, and broadcasting the event to all the other processes; reading, by each of all the other processes, the signaling in the buffer area after receiving the event, and determining whether the signaling is directed to the process; when the signaling is directed to the process, performing an operation indicated by the signaling; when the signaling is not directed to the process, discarding the signaling. | 2017-06-15 |
20170171108 | EXTENSIBLE SUPPORT SYSTEM FOR SERVICE OFFERINGS - Techniques are disclosed for integration, provisioning and management of entities and processes in a computing system such as, by way of example only, business entities and business processes. In particular, techniques are disclosed for implementing an extensible support system for multiple service offerings. For example, such a support system can be a business support system which may be employed in conjunction with a cloud computing environment. | 2017-06-15 |
20170171109 | METHOD AND APPARATUS FOR IMPLEMENTING TRAFFIC FLAGS FOR LARGE SERVICE GROUPS - The use of traffic flag symbols allows a large number of CPEs to transmit traffic notifications to a network controller. In some such embodiments, hundreds of CPEs simultaneously transmit traffic flags on different subcarriers of a channel. For example, in a MoCA2 based access network, up to 480 CPEs can transmit flags in only 5 μs in the 100 MHz-wide channel. | 2017-06-15 |
20170171110 | Router with Optimized Statistical Functionality - A method has provides a router having an input, an output, and a shared memory. The router also has a forwarding path to forward a plurality of packets from the input to the output, and a service path to manage statistical data relating to packets forwarded through the forwarding path. The forwarding path has a counter to count aggregate packet information relating to the plurality of packets it forwards. Next, the method counts, using the counter(s), aggregate packet information relating to the packets forwarded through the forwarding path to produce count information. After producing the count information, the method uses the forwarding path to store the count information in the shared memory of the router, and then causes the service path to retrieve the count information from the shared memory. The service path ultimately produces statistical information using the count information retrieved from the shared memory. | 2017-06-15 |
20170171111 | APPARATUS AND METHOD FOR FUSION OF COMPUTE AND SWITCHING FUNCTIONS OF EXASCALE SYSTEM INTO A SINGLE COMPONENT BY USING CONFIGURABLE NETWORK-ON-CHIP FABRIC WITH DISTRIBUTED DUAL MODE INPUT-OUTPUT PORTS AND PROGRAMMABLE NETWORK INTERFACES - Described is an apparatus which comprises: a Network-On-Chip fabric using crossbar switches, having distributed ingress and egress ports; and a dual-mode network interface coupled to at least one crossbar switch, the dual-mode network interface is to include: a dual-mode circuitry; a controller operable to: configure the dual-mode circuitry to transmit and receive differential signals via the egress and ingress ports, respectively, and configure the dual-mode circuitry to transmit and receive signal-ended signals via the egress and ingress ports, respectively. | 2017-06-15 |
20170171112 | ONBOARD COMMUNICATION NETWORK OF A VEHICLE AND SUBSCRIBER OF SUCH A COMMUNICATION NETWORK - A subscriber of a deterministic Ethernet communication network using virtual links including a first receiver, a first transmitter, a first memory to record a configuration table relating to a set of virtual links that the subscriber can receive and/or retransmit. A processing unit is configured to implement at least one application, a reception function to receive data frames received by the first receiver, to accept the reception only of the frames corresponding to virtual links belonging to the set of virtual links and to transmit these frames to a sorting function to transmit the data frames received to the application and/or to a transmission function to dispatch the data frames received to the first transmitter while complying with Bandwidth Allocation Gap (BAG) constraints associated with the corresponding virtual links. | 2017-06-15 |
20170171113 | TRANSACTIONAL CONTROLS FOR SUPPLYING CONTROL PLANE DATA TO MANAGED HARDWARE FORWARDING ELEMENTS - Some embodiments provide novel methods for controllers to communicate with managed hardware forwarding elements (MHFEs) in a transactional manner. The transactional communication methods of some embodiments ensure that an MHFE receives the entirety of a control plane update that a controller supplies to it, before the MHFE starts to modify its data plane forwarding data and operations. The transactional communication methods of some embodiments provide one or more transactional boundary controls to the controllers to define complete control plane data set updates. In some embodiments, the transactional controls ensure that an MHFE receives all of a control plane update before it starts to modify its data plane forwarding data. Controllers use one transactional control in some embodiments when they define logical forwarding elements (e.g., logical switches or routers) on the MHFEs. | 2017-06-15 |
20170171114 | METHOD AND APPARATUS FOR DATA CACHING IN A COMMUNICATIONS NETWORK - Methods and apparatus for managing data content among in-network caches of a communication network are provided. In some embodiments, multiple registers are maintained for indexing cached data content. Different data content is indexed in different registers based on parameters such as popularity or content freshness. Customized popularity estimators can be applied to each register, and data content may be indexed by different registers as parameters change. Less popular content can be removed from caches as required. In some embodiments, caches can be grouped into clusters, and deletion of data content from a cache may be modified or inhibited if the cluster still requires a copy of that data content. Data content can be moved between caches of a cluster based on popularity. | 2017-06-15 |
20170171115 | AUTOMATIC BUFFER SIZING FOR OPTIMAL NETWORK-ON-CHIP DESIGN - The present disclosure relates to automatic sizing of NoC channel buffers of one or more virtual channels to optimize NoC design, SoC design, and to meet defined performance objectives. The present disclosure further relates to a NoC element such as a router or a bridge having input ports associated with input virtual channels, and output ports associated with output virtual channels, wherein, aspects of the present disclosure enable sizing of any or a combination of the width of the input virtual channel(s), width of the output virtual channel(s), buffer(s) associated with input virtual channels, and buffer(s) associated with output virtual channels. In another aspect, the sizing can be performed based on one or a combination of defined performance objectives, throughputs of the input virtual channels, and throughputs of the output virtual channels, load characteristics, bandwidth characteristics of each input/output channel, among other like parameters. | 2017-06-15 |
20170171116 | ACTIVATING AND DEACTIVATION FUNCTIONAL UNITS OF A LINE CARD - In some implementations, a method includes analyzing an amount of data communicated by a set of network interfaces. The data communicated by the set of network interfaces is processed by a set of functional units and a set of queues includes the data communicated by the set of network interfaces. The method also includes activating a first functional unit of the set of functional units when a first size of a first queue of the set of queues is above a first threshold. The method further includes deactivating the first functional unit of the set of functional units when the first size of the first queue of the set of queues is below a second threshold. The method further includes causing the data to be forward to one or more active functional units via a data interconnect coupled to the set of network interfaces and the set of functional units. | 2017-06-15 |
20170171117 | Message Suggestion Using Dynamic Information - An automatic message suggestion generation computer system, computer-implemented method and computer program product. In a system implementing a messaging service, messages received by a mobile device under an active message session are dynamically forwarded to a messaging engine for processing and storage in computer memory of information associated with the active message sessions. Upon the receipt of information associated with a message, a determination is made as to a correlation between the currently received information and stored information associated with a prior message. If a correlation is determined, at least one suggested message is generated based on correlated information. Example message services include SMS, MMS, IMS and EIM. Suggested messages can be supplemented by available historical information such as might be contained in social networking services, calendaring and e-mail services and contextual information such as location, time of day, motion, and direction of travel. | 2017-06-15 |
20170171118 | SOCIAL MEDIA RATING SYSTEM - System for anonymous user chat between a first anonymous user at a first network node and a second known user at a second node of an electronic network, comprises a list of users at the first node, the list including the second user; a chat control to allow the first user to select the second user from the list and initiate chat with the second user, the chat initiation being anonymous and thereby not identifying the first node or the first user. | 2017-06-15 |
20170171119 | SYSTEMS AND METHODS FOR ACTIVE INDEXATION - The disclosure provides systems and methods to more efficiently index content available over the Internet. In some aspects, the methods and systems described herein accomplish this by actively providing notification to a search engine after creating a new webpage or updating an existing webpage. The disclosure also provides systems and methods for more convenient handling with updates and messages originated from various disparate sources. | 2017-06-15 |
20170171120 | CONFIGURABLE USE OF LOCAL PRESENCE AUTHORIZATION POLICY - A request from a watcher client to obtain presence information of a presentity client may be processed at a presence server using a system configuration of the presence server that stores local presence authorization rules (“pres-rules”). By storing pres-rules locally at the presence server, these pres-rules may be used by the presence server in lieu of, or in combination with, other pres-rules that may be maintained by a separate pres-rules storage server, such as an eXtensible Markup Language (XML) Document Management Server (XDMS). The system configuration may specify configurable parameters that control the behavior of the presence server in engaging the XDMS when processing requests from watcher clients, as well as the behavior of the presence server in merging pres-rules retrieved from the XDMS with the local pres-rules maintained by the presence server. | 2017-06-15 |
20170171121 | DEVICE AND METHOD FOR PROVIDING USER-CUSTOMIZED CONTENT - A device and a method for providing user-customized content are provided. The method, performed by the device, of providing information regarding at least one primary chat window includes: acquiring a plurality of messages included in at least one primary chat window; determining that a specific event has occurred, based on the acquired plurality of messages; generating a secondary chat window for informing a user of the device about the occurred event; and displaying guidance information about the occurred event in the secondary chat window. | 2017-06-15 |
20170171122 | PROVIDING RICH PREVIEW OF COMMUNICATION IN COMMUNICATION SUMMARY - A rich preview of a communication in a communication summary is provided. A communication application analyzes a communication to identify relevant items within the communication. A communication summary of the communication is created with the relevant items. Next, the communication summary is presented with the relevant items. Interaction elements are also provided to manage a presentation of the relevant items. | 2017-06-15 |
20170171123 | METHOD AND DEVICE FOR EMAIL PROCESSING - Disclosed are an email processing method and device. The method includes: acquiring attachments of all the emails in a predetermined file folder of an email account; and determining emails corresponding to the attachments; exhibiting the attachments of all the emails in a first predetermined manner; and processing links of the emails corresponding to the attachments, such that a user is capable of performing operations for the corresponding emails via the links. With the email processing method and device according to the embodiments of the present disclosure, while attachments in a predetermined file folder of an email account are exhibited in a list form, links of emails corresponding to the attachments are provided, such that a user is capable of performing operations for the emails via the links corresponding to the emails while checking the attachments. | 2017-06-15 |
20170171124 | Presentation of Organized Personal and Public Data Using Communication Mediums - Systems, methods and computer program products for providing information associated with an attachment (e.g., attachment received through an instant message system, online collaboration tool, electronic message and the like). A sidebar may allow a user to view comprehensive profile and content information associated with the attachment using an attachment information viewer. The sidebar also may allow the user to switch between a message attachment information view (e.g., to facilitate browsing of the document or attachment) and a person profile information view (e.g., to facilitate browsing of personal or public data). | 2017-06-15 |
20170171125 | DIGITAL CONTENT DELIVERY - Methods and systems for automated retrieval of content embedded in or referred to in a message or request received in relation to a user account are provided. For instance, a UCM and/or a UCR may access a user account and retrieve a message from the account. The message may be then analyzed to extract information related to the content that may be included in the message. The content associated with the extracted information is accessed and retrieved. The retrieved content is presented to the user. | 2017-06-15 |
20170171126 | ESTABLISHING SOCIAL NETWORK CONNECTIONS - A request to add at least a second user of a social network as a contact of a first user in the social network can be received. A social hierarchy indicating a hierarchical relationship between the first user and the second user can be accessed. Based on the hierarchical relationship between the first user and the second user, whether the second user must approve the request in order for the at least second user to be added as the contact of the first user in the social network can be determined. Responsive to determining that it is not required that the at least second user must approve the request in order for the at least second user to be added as the contact of the first user in the social network, the second user can be added as the contact of the first user in the social network without prompting the second user to approve the request. | 2017-06-15 |
20170171127 | MECHANISM FOR ASSOCIATING EMAILS WITH FILTER LABELS - A mechanism is disclosed for generating a composite email for an email conversation. The composite email includes content automatically extracted from a plurality of the emails in the email conversation, and may be generated in response to a user accessing just one of the emails in the email conversation. A mechanism is also disclosed for discovering and recovering lost emails in an email conversation. A mechanism is further disclosed for automatically moving emails from one container to another after an email has been read. These and other advantageous email generating, manipulation, and organization mechanisms are disclosed herein. | 2017-06-15 |
20170171128 | METHOD AND ELECTRONIC DEVICE FOR EMAIL PROCESSING - Disclosed are a method and an electronic device for email processing. The method includes: at an electronic device, determining an original subject of an email in a predetermined file folder of an email account, the original subject being a subject of an original email corresponding to the email; determining a plurality of emails with the same original subject to be emails with the same subject, such that the emails with the same subject are viewed under the same directory; and determining signatures of the emails with the same subject from email content of the emails with the same subject, to remove the signatures of the emails with the same subject when displaying the emails with the same subject. In this way, convenience and efficiency in user's reading of emails are improved. | 2017-06-15 |
20170171129 | PREEMPTING SPAM FILTERS BASED ON TRANSACTIONS - Technical solutions are described for a seller to bypass a spam filter. An example method includes sending, by a message preempting apparatus, for receipt by a server corresponding to the seller, a transaction identifier in response to a transaction between a user and the seller. The method also includes sending, by the message preempting apparatus, for receipt by a messaging server, the transaction identifier, where the messaging server, in response, bypasses a spam filter for a message that is associated with the transaction identifier. | 2017-06-15 |
20170171130 | Location-Based Notification - Location-based notification includes establishment of a rally point and subsequent notification of a user when another user enters the rally point. Senders may set up rally points at various physical locations and specify one or more target recipients that are to be notified when the sender enters the rally point. Target recipients may specify communication settings that dictate whether and/or how they wish to receive notifications under a variety of circumstances. When a sender having a computing device enters a rally point location, a notification is sent from the computing device to a location-based notification service, which notifies each of the target recipients in a manner that complies with the target recipient's individual communication settings. | 2017-06-15 |
20170171131 | TECHNIQUES FOR EPHEMERAL MESSAGING WITH LEGACY CLIENTS - Techniques for ephemeral message are described. In one embodiment, an apparatus may comprise a sender inbound messaging component operative to receive an incoming update for a message queue at a client support server for a messaging system from a messaging client on a client device; a legacy client support component operative to determine whether the messaging client supports a client-side time-to-live setting; determine whether the incoming update should be associated with a server-specified time-to-live setting where the messaging client does not support the client-side time-to-live setting; and assign the incoming update the server-specified time-to-live setting where the messaging client does not support the client-side time-to-live setting and where the incoming update should be associated with a server-side time-to-live setting. Other embodiments are described and claimed. | 2017-06-15 |
20170171132 | TECHNIQUES FOR EPHEMERAL MESSAGING WITH A MESSAGE QUEUE - Techniques for ephemeral message are described. In one embodiment, an apparatus may comprise a delayed-action worker module operative to wake according to a wake timer; determine a current update object for a delayed-action cursor for a recipient update queue for a messaging system, the delayed-action cursor associated with an action delay for the recipient update queue; determine a delayed-action activity for the current update object; perform the delay-action activity for the current update object; determine a next update object for the delayed-action cursor for the recipient update queue; and determine a next wake timer for the delayed-action worker module based on the action delay and a creation time for the next update object. Other embodiments are described and claimed. | 2017-06-15 |
20170171133 | ELECTRONIC EQUIPMENT, SYSTEM INCLUDING ELECTRONIC EQUIPMENT AND MANAGEMENT DEVICE, AND METHOD EXECUTED BY ELECTRONIC EQUIPMENT - There is provided electronic equipment including: an instruction receiving unit that receives an instruction of a setting modification regarding the electronic equipment; and an electronic mail sending unit that sends an electronic mail including access information on a web page for permission of the setting modification by the modification instruction to a mail address corresponding to a predetermined administrator in a case of receiving the modification instruction. The electronic equipment further includes: a setting modification unit that modifies the setting according to the modification instruction based on the access to the web page. | 2017-06-15 |
20170171134 | PREVENTING MODIFICATION OF AN EMAIL - In an approach for preventing the modification of an email by the recipients of the email, a processor receives an indication that an email message is composed. A processor receives an indication that modification of contents of the email message, by one or more recipients of the email message, is to be prevented. A processor converts the contents of the email message from editable text to a non-editable format. A processor sends the converted email message to a recipient. | 2017-06-15 |
20170171135 | DELIVERY OF HAPTICS TO SELECT RECIPIENTS OF A MESSAGE - Systems and methods, by which a sender can deliver haptic messages to selected recipients within a larger group of recipients that are otherwise receiving a common message, are disclosed. The haptic messages can be individualized according to a recipient's profile, preference, and/or relationship with the sender. The haptic message can be created by the sender or selected from a pre-existing library of messages, and can be delivered automatically or assigned by the sender. The haptic messages can be dynamically changed in response to haptic feedback and supplemental data collected from the recipients that is used to update preferences and profiles of message recipients. | 2017-06-15 |
20170171136 | METHODS AND APPARATUS FOR PROVIDING NOTIFICATIONS IN A MEDIA SYSTEM - A system to convey user alert messages is disclosed. The system may have a alert service coupled between alert providers and a number of households. After receiving in the alert service an alert message from an alert provider, the alert service may alter the alert message to identify the household designated to receive the alert message. The alert service sends a notification to a home media system within the household designated to receive the alert message. | 2017-06-15 |
20170171137 | SMART ANALYSIS FOR SOCIAL MEDIA CONTENT - A method of analyzing social media content includes loading, into a non-volatile memory, a social profile associated with a user, sensing, through a processor, a posting to a social media topic thread, determining, through the processor, an interest level of the user in the social media topic thread, and providing, through the processor, an alert to the user to engage with the social media topic thread. | 2017-06-15 |
20170171138 | SYSTEMS AND METHODS TO MANAGE AN EVENT BROADCAST IN A SOCIAL NETWORK - Systems, methods, and non-transitory computer readable media are configured to monitor event information relating to an event broadcasted to an audience of a social networking system. The event information can include users who are participating in the event. It can be determined that a predetermined entity is participating in the event. A notification that the predetermined entity is participating in the event is provided during the event to at least one of a broadcaster of the event and a user participating in the event. | 2017-06-15 |
20170171139 | RANKING OF NEWS FEEDS OF CONTENT INCLUDING CONSIDERATION OF SPECIFIC CONTENT CLICKS BY USERS - An online system, such as a social networking system, monitors user interactions with news feed stories of the social networking system and divides the user interactions into non-content clicks and content clicks. The non-content clicks indicate a user's interest in news feed stories based on user actions such as comments on, likes, shares, and hides the news feed stories. The content clicks indicate a user's interest in news feed stories based on user actions on different specific portions of multimedia content (e.g., videos) in the news feed stories such as playing, fast forwarding. The social networking system trains a model based on the monitored user interactions with news feed stories and uses the trained model to rank news feed stories for presentation to a user. The ranks of news feed stories for a user are determined based on a likelihood that the user would find the story interesting. | 2017-06-15 |
20170171140 | PLATFORM FOR DIGITAL BUSINESS CARDS THAT FACILITATES CONNECTIONS BETWEEN INDIVIDUALS AND A METHOD THEREOF - The present disclosure relates to creating a mobile application that can convert a digital business card in a global business network which enables the more efficient connection of business personnel and their associated information into manageable data in a global business network. More specifically disclosed is a mobile application with enhanced information connectivity through the use of a digital business card which is loaded with various packets of data based on the user's preference and is converted and integrated into a global business network. | 2017-06-15 |
20170171141 | APPLICATION FOR FACILITATING INTRODUCTIONS - Facilitating online introductions on a computing device can involve an introducer who selects two contacts to introduce. The introduction includes an indication of the type of relationship that the introduction could lead to and a message from the introducer. Each contact's contact information is forwarded to the other contact. The contacts can choose to communicate with one another at the suggestion of the introduction. | 2017-06-15 |
20170171142 | METHODS AND SYSTEMS FOR OPTIMIZING MESSAGES TO USERS OF A SOCIAL NETWORK - Techniques to optimize messages sent to a user of a social networking system. In one embodiment, information about the user may be collected by the social networking system. The information may be applied to train a model for determining likelihood of a desired action by the user in response to candidate messages that may be provided for the user. The social networking system may provide to the user a message from the candidate messages with a selected likelihood of causing the desired action. | 2017-06-15 |
20170171143 | METHOD AND APPARATUS FOR UNIFIED MESSAGE ADAPTATION - A method of message adaptation in the Internet of Things (IoT) includes receiving a message containing data collected by the plurality of sensors, identifying a message type, looking up a message descriptor according to the message type, looking up a message template matching the message type and outputting the message with the matched message template for content-based processing. In one embodiment, the method includes identifying the message is a text message, parsing the message according to message type and message descriptor, and creating a sequence of key-value pairs for the text message. In one embodiment the method includes determining that there is no matched or valid matched message template and parsing the message according to the message descriptor to generate and store a message template including the message type, a message item list and a message item position list and attaching the message template to the message. | 2017-06-15 |
20170171144 | MANAGEMENT OF DOMAIN NAME SYSTEMS IN A LARGE-SCALE PROCESSING ENVIRONMENT - Systems, methods, and software described herein facilitate the management of virtual clusters in a large-scale processing environment. In one implementation, a method of operating a control node includes receiving a request to configure a virtual cluster with one or more data processing nodes, and identifying a tenant associated with the request. The method further provides identifying a namespace for the tenant, and identifying internet protocol (IP) addresses for the one or more data processing nodes. The method also includes generating namespace to IP address pairs for the one or more data processing nodes based on the namespace and the IP addresses, and configuring a domain name system (DNS) for the virtual cluster with the namespace to IP address pairs. | 2017-06-15 |
20170171145 | MANAGEMENT APPARATUS, METHOD, AND STORAGE MEDIUM - A management apparatus according to embodiments of the present invention acquires, in a case where an internet protocol (IP) address of a network device having a plurality of network interfaces used for communicating with the network device is an IP address of an internet protocol version 6 (IPv6), all of values of an ipAddressIfIndex managed by the network device from the network device, and selects a value of an IfIndex corresponding to the IP address of the IPv6. In a case where the IP address of the network device is an IP address of an internet protocol version 4 (IPv4), the management apparatus acquires a value managed with an ipAdEntIfIndex from the network device. | 2017-06-15 |
20170171146 | Shared Multi-Tenant Domain Name System (DNS) Server For Virtual Networks - A DNS proxy may tag DNS requests from a virtual network with a separating identifier, such as a virtual network ID, before forwarding them to a shared DNS server. This can allow each virtual network to have its own namespace and avoid naming conflicts. The shared DNS server can examine the tagged DNS requests to respond to the DNS requests using the local namespace as identified by the separating identifier. | 2017-06-15 |
20170171147 | METHOD AND ELECTRONIC DEVICE FOR IMPLEMENTING DOMAIN NAME SYSTEM - Disclosed are a method and an electronic device for implementing a domain name system. The method includes: receiving, by a transition server, a request from a client, wherein the transition server has preset IP addresses; forwarding the request to an execution server and receiving a domain name resolution result returned by the execution server; and returning the domain name resolution result to the client. | 2017-06-15 |
20170171148 | System and Method for Minimizing Broadcast Communications When Allocating Network Addresses - A network device may be configured to cause one or more network address allocation communications broadcast in a network to be communicated as directed unicast communications. More particularly, in a Local Area Network, a routing device such as a switch may be modified to receive broadcast communications for network address allocation, and instead of propagating the broadcast communications as broadcast communications, the routing device may route the network address allocation communications as directed unicast communications in the Local Area Network. | 2017-06-15 |
20170171149 | Method for Acquiring Identifier of Terminal in Network, Management Network Element and Storage Medium - The embodiment of the present invention discloses a method for acquiring an identifier of a terminal in a network. The method includes: acquiring a device identifier of a current terminal which is registered in a network, herein the current terminal is a mobile user; and allocating a corresponding network identifier to the current terminal according to the device identifier of the current terminal such that the current terminal transmits data in the network by using the allocated network identifier, herein, the network identifier is a fixed public network Internet Protocol IP address or a fixed public network IP address and port number segment, allocated to the current terminal. The present invention further discloses a management network element and a computer storage medium. | 2017-06-15 |
20170171150 | METHOD AND APPARATUS FOR PROCESSING PUBLIC IP - Disclosed are a method and an apparatus for processing public IP. The method for processing public IP includes: acquiring a gateway IP address; generating a floating IP according to the gateway IP address, a floating IP address in the floating IP being the gateway IP address; binding the gateway IP address and the floating IP; and processing the floating IP according to a floating IP interface. | 2017-06-15 |
20170171151 | SYNTACTICALLY AND/OR SEMANTICALLY RELEVANT ALTERNATIVE DOMAIN NAME GENERATION - Provided are methods, devices, and computer-readable media for accessing a domain name; determining, via the processor, at least two words in the domain name; determining at least one alternative word for at least one word in the domain name; determining whether the at least one alternative word is contextually relevant; and generating at least one alternative domain name based on a determination that the at least one alternative word is contextually relevant. | 2017-06-15 |
20170171152 | Multi-Tiered Protection Platform - A multi-tier platform provides security at a perimeter of a computer system, where an intermediate layer interacts between a web layer and an application layer. A data request that is associated with a data set is received at the web layer and passed to the intermediate layer. The intermediate layer determines the authoritative source for the data set and whether the data set has a static or dynamic value. If the value is static, the intermediate layer accesses the value stored at the intermediate layer. However, if the value is dynamic, the intermediate layer queries the source registered to the data set, obtains the value from the authoritative source, and returns the dynamic value via the web layer, where the registered source may be internal or external to the computer system. Consequently, the intermediate layer may function as an aggregate layer that supports both database and messaging services. | 2017-06-15 |
20170171153 | One Way Secure Link - A method for secure communications between a transmitting computer and a receiving computer includes transmitting data from the transmitting computer over a first one-way link to a data security engine, receiving and validating the data within the data security engine, and, after validating the data, transmitting the data from the data security engine to the receiving computer over a second one-way link. | 2017-06-15 |
20170171154 | PRIVACY ENHANCING NETWORKS - The presently disclosed privacy enhancing networks (PENs) comprises a network of gateways in communication with one or more controllers. By dynamically creating and tearing down unique data flow paths through a network of gateways for each individual data flow, the privacy enhancing network makes it more difficult for an adversary to glean information about communicating parties. Since each flow in a single data session may be routed through a different path, adversaries may find it more difficult to determine which data flows are associated with each data session. This in turn, makes it more difficult for adversaries to gather enough data traffic to break any encryption applied to the data flows. Furthermore, since each flow in a single data session can be directed along a different path, a privacy enhancing network may make it difficult for adversaries to even determine that the communicating parties are communicating at all. | 2017-06-15 |
20170171155 | FILTERING SYSTEM, MANAGEMENT DEVICE, FILTERING METHOD AND MANAGEMENT PROGRAM - The present invention prevents all of the filter rules from leaking and the filter functions of an entire network from stopping, even if problems arise in a filter device, etc. performing filtering. A management device of a filtering system, which includes a plurality of devices which perform filtering of communication data based on filter rules, and a management device which manages the filter rules, in a case of a first of the devices that is connected to an external network not through another of the devices having entered a predetermined state, reconstructs decentralized filter rules set in the first of the devices based on a plurality of decentralized filter rules received from a plurality of second of the devices connected to an external network via the first of the devices, and sets the decentralized filter rules thus reconstructed in the plurality of second devices, in which the decentralized filter rules are decentralized to be able to reconstruct the filter rules without using all of the decentralized filter rules. | 2017-06-15 |
20170171156 | Virtual Private Network Aggregation - Aggregating traffic over multiple VPN connections is described. A first Virtual Private Network (VPN) connection is established between a client device and a first VPN server via a a first access network of the client device. A second Virtual Private Network (VPN) connection is established between the client device and a second VPN server via a second access network of the client device. Application traffic associated with a connection between an application server and a client application that corresponds to the client device is received. The application traffic associated with the connection between the application server and the client application is distributed between at least the first VPN connection and the second VPN connection | 2017-06-15 |
20170171157 | TECHNIQUES FOR COMMUNICATION IN HYBRID CLOUD SYSTEM - Techniques for communication in a hybrid cloud computing system. The techniques include utilizing cross-origin resource sharing to allow a web-based application to communicate with both a public host computer and a private host computer of the hybrid cloud computing system. More specifically, a web-based application downloaded from the public host computer would include code that, when executed, would programmatically make HTTP requests to the private host computer. The private host computer would respond with an Access-Control-Allow-Origin header specifying the origin of the public host computer as an allowed origin, thereby allowing the web-based application to access resources from the private host computer. The techniques may be used for managing computing or software resources of the hybrid cloud computing system and also for transfer of data related to managing computing or software resources of the hybrid cloud computing system. | 2017-06-15 |
20170171158 | DYNAMICALLY DEFINED VIRTUAL PRIVATE NETWORK TUNNELS IN HYBRID CLOUD ENVIRONMENTS - A method, apparatus and computer program product manage a plurality of VPN tunnels between a first cloud and a second cloud in a hybrid cloud environment is described. A method in a first VPN agent manages a first VPN tunnel in a plurality of VPN tunnels between a first cloud and a second cloud in a hybrid cloud environment. The VPN agent receives a request from a VPN manager. The request includes a first set of requirements for the first VPN tunnel in the plurality of VPN tunnels. The VPN agent creates the first VPN tunnel according to the first set of requirements. A modification request is received from the VPN manager containing a second set of requirements. The VPN agent tunes the first VPN tunnel according to a second set of requirements. The tuning of the first VPN tunnel can include merging the first VPN tunnel with a second VPN tunnel, or splitting the first VPN tunnel into a first and second VPN tunnels. | 2017-06-15 |
20170171159 | PACKET TAGGING FOR IMPROVED GUEST SYSTEM SECURITY - Some embodiments provide a novel method for monitoring network requests from a machine. The method captures the network request at various layers of a protocol stack. At a first layer of a protocol stack, the method tags a packet related to the network request with a tag value, maps the tag value to a set of tuples associated with the packet, and sends a first set of data related to the packet to a security engine. At a second layer of the protocol stack, the method determines whether the packet has been modified through the protocol stack, and sends an updated second set of data to the security engine when the packet has been modified. | 2017-06-15 |
20170171160 | Provisioning Using A Generic Configuration - An apparatus, method, system and computer-readable medium are provided for provisioning a user equipment device (UED). The UED may be configured to receive a generic configuration and (dynamically) derive settings specific to the UED that would otherwise have been received in the configuration. The UED may execute one or more applications to derive the settings specific to the UED. A first application may enable the UED to dynamically learn a fully qualified domain name (FQDN) and IP address of a node. A second application may enable the UED to generate authentication credentials for the UED. A third application may enable the UED to determine a port or ports that arc authorized for service and a port or ports that are not authorized for service. A fourth application may enable the UED to determine a number associated with the UED. | 2017-06-15 |
20170171161 | ENFORCING RESTRICTIONS ON THIRD-PARTY ACCOUNTS - Disclosed are various embodiments for management of third-party accounts for users in an organization. A request is received from a client corresponding to a user in an organization to access a third-party network site under management by the organization. The third-party network site is operated by a third party that does not correspond to the organization. It is determined whether network traffic between the client and the third-party network site is routed via a proxy server operated by the organization. Access of the client to a managed account with the third-party network site is denied in response to determining that the network traffic between the client and the third-party network site is not routed via the proxy server. | 2017-06-15 |
20170171162 | PROXY AUTHENTICATION FOR A MULTIPLE CORE NETWORK DEVICE - The present invention is generally related to a network computing device including a first processor communicating with a second processor as a proxy for a client device when authenticating access privileges of the client device. The present invention may include more than two processors where at least one of the multiple processors may be optimized for performing one or more control functions and one or more other processors may be optimized for transferring data or administrating the transfer of data through a gateway or firewall. | 2017-06-15 |
20170171163 | FLEXIBLE ETHERNET ENCRYPTION SYSTEMS AND METHODS - Systems and methods for Physical Coding Sublayer (PCS) encryption implemented by a first network element communicatively coupled to a second network element include utilizing an encryption messaging channel to establish an authenticated session and exchanging one or more encryption keys with a second network element; encrypting a signal, based on the one or more encryption keys; and transmitting the encrypted signal to the second network element. | 2017-06-15 |
20170171164 | AUTHENTICATING FEATURES OF VIRTUAL SERVER SYSTEM - Technical solutions are described for authenticating a hosting system prior to securely deploying a shrouded virtual server. An example method includes receiving, by a hypervisor, a request for a public certificate, from a client device that requested the virtual server, and sending the public certificate of the hosting system that executes the hypervisor. The method also includes receiving, in response to the public certificate being successfully authenticated by the client device using a third-party verification system, a session key based on a public key included in the public certificate. The method also includes decrypting the session key using a private key, where the private key is pre-installed in the hosting system by a manufacturer of the hosting system, and sending an acknowledgement message encrypted using the session key. The method also includes establishing a secure communication between the client device and the hypervisor using the session key. | 2017-06-15 |
20170171165 | INTERFACE AND METHOD FOR EFFICIENT COMMUNICATION BETWEEN A MICROCONTROLLER AND A COMMUNICATION MODULE - An apparatus and method are described for implementing efficient communication between a microcontroller and a communication module. For example, one embodiment of an apparatus comprises: a secure communication module to establish a secure communication channel with an IoT service; and a microcontroller unit (MCU) to execute application-specific program code to implement an application-specific function of an Internet of Things (IoT) device; a serial peripheral interface (SPI) bus to communicatively couple the secure communication module to the MCU; and a control line residing in a first state or being transitioned to a second state by either the MCU or the secure communication module, wherein when performing a transaction over the SPI bus, either the MCU or the secure communication module is configured to transition the control line to the second state, thereby informing the MCU or the secure communication module that a transaction is occurring, wherein upon completing the transaction, the MCU or the secure communication module is configured to release the control line, thereby allowing the control line to transition back to the first state. | 2017-06-15 |
20170171166 | Anti-hotlinking method and electronic device - Disclosed are an anti-hotlinking method and an electronic device. The method includes: receiving request information sent by a client for acquiring a video file; determining a video file corresponding to the request information according to the request information and encrypting the video file; and sending the encrypted video file to the client so that the client decrypts the encrypted video file and plays the decrypted video file. | 2017-06-15 |
20170171167 | CALCULATION DEVICE, CALCULATION METHOD, COMMUNICATION APPARATUS, AND STORAGE MEDIUM - A calculation device that performs checksum calculation on data to be communicated includes a plurality of memories, an interface configured to output data to which a checksum is added, a first transmitter configured to transmit the data between the plurality of memories and have a function of performing the checksum calculation on the data, a second transmitter configured to transmit the data between one of the plurality of memories and the interface and have a function of performing the checksum calculation on the data, and a control unit configured to control operation of the first transmitter and the second transmitter. The control unit causes the first transmitter or the second transmitter to perform the checksum calculation based on a communication method employed for the data. | 2017-06-15 |
20170171168 | PRESERVING SPECIAL CHARACTERS IN AN ENCODED IDENTIFIER - A resource identifier to be encoded is detected. One or more special characters in the detected resource identifier are identified. The detected resource identifier is encoded at least in part by preserving the identified one or more special characters in a resulting encoded resource identifier corresponding to the detected resource identifier. The encoded resource identifier is utilized in place of the detected resource identifier. | 2017-06-15 |
20170171169 | PACKET NUMBER DETERMINATION IN A NEIGHBOR AWARE NETWORK - A wireless communication device includes a memory and a processor coupled to the memory. The processor is configured to set a packet number to a particular value in accordance with a packet number initialization scheme associated with a data link group of a neighbor aware network (NAN). The processor is further configured to generate a packet based on the packet number. | 2017-06-15 |
20170171170 | DYNAMIC ENCRYPTION SYSTEMS - A proxy dynamically encrypts data that is transmitted between a server and a client. The proxy randomly selects an encryption algorithm for the client to use during various time periods (e.g. every transaction, every 10 minutes, or during randomly chosen time periods). If the client transmits a response without using the selected encryption algorithm, the system could trigger an alert specific to the client, ranging from a detailed analysis of the client to blocking traffic from the client outright. | 2017-06-15 |
20170171171 | MANAGEMENT OF ENCRYPTION WITHIN PROCESSING ELEMENTS - A streaming environment includes at least a first processing element of a first compute node and a second processing element of a second compute node. A tuple encryption operation is determined of the first processing element and the second processing element. The first processing element includes a first encryption key for encrypting the tuples as the leave the first processing element. An encryption workload is measured of the tuple encryption operation of a processing workload of the use of the first encryption key of a transfer of the stream of tuples. A threshold of the tuple encryption operation is determined. The second processing element is migrated to the first compute node and fused to the first compute node with the first processing element. The tuple encryption operation is removed from the first processing element. | 2017-06-15 |
20170171172 | DYNAMICALLY SERVING DIGITAL CERTIFICATES BASED ON SECURE SESSION PROPERTIES - A server receives a request from a client to establish a secure session. The server analyzes the request to determine a set of one or more properties of the request. The server selects, based at least in part on the determined set of properties, one of multiple certificates for a hostname of the server, where each of the certificates is signed using a different signature and hash algorithm pair. The server returns the selected certificate to the client. | 2017-06-15 |
20170171173 | NETWORK SECURITY BASED ON PROXIMITY - A processing system periodically configures a beacon code and random nonce to transmit to a beacon device at a location. Multiple users enter the location with associated user computing devices. The user computing devices retransmit the beacon code broadcasted by the beacon device to the processing system. A particular user initiates a transaction at a computing device at the location, which transmits to the processing system a request for account data and retransmits the beacon code and a random nonce. The processing system verifies the beacon code and random nonce and transmits, to the computing device at the location, user account identifiers associated with user computing devices that retransmitted the beacon code. The processing system receives a selection of the user identifier from the merchant point of sale device and transmits account information to the computing device at the location. | 2017-06-15 |
20170171174 | KEY EXCHANGE THROUGH PARTIALLY TRUSTED THIRD PARTY - Clients within a computing environment may establish a secure communication session. Sometimes, a client may trust a cryptography service to perform some cryptographic operations and access some cryptographic resources while simultaneously not trusting the cryptography service to perform other operations and access other resources. Two or more clients may utilize a cryptography service to perform certain authentication and verification operations to establish a secure communication session, while simultaneously denying the cryptography service access to the secure communication session. | 2017-06-15 |
20170171175 | MANAGING CREDENTIALS IN A COMPUTER SYSTEM - Certain embodiments provide means for managing automated access to computers, e.g., using SSH user keys and other kinds of trust relationships. Certain embodiments also provide for managing certificates, Kerberos credentials, and cryptographic keys. Certain embodiments provide for remediating legacy SSH key problems and for automating configuration of SSH keys, as well as for continuous monitoring. | 2017-06-15 |