24th week of 2021 patent applcation highlights part 55 |
Patent application number | Title | Published |
20210182329 | SELECTING BALANCED CLUSTERS OF DESCRIPTIVE VECTORS - A clustering machine can cluster descriptive vectors in a balanced manner. The clustering machine calculates distances between pairs of descriptive vectors and generates clusters of vectors arranged in a hierarchy. The clustering machine determines centroid vectors of the clusters, such that each cluster is represented by its corresponding centroid vector. The clustering machine calculates a sum of inter-cluster vector distances between pairs of centroid vectors, as well as a sum of intra-cluster vector distances between pairs of vectors in the clusters. The clustering machine calculates multiple scores of the hierarchy by varying a scalar and calculating a separate score for each scalar. The calculation of each score is based on the two sums previously calculated for the hierarchy. The clustering machine may select or otherwise identify a balanced subset of the hierarchy by finding an extremum in the calculated scores. | 2021-06-17 |
20210182330 | VOICE ASSISTANTS WITH GRAPHICAL IMAGE RESPONSES - In an example, an apparatus having a voice assistant application that generates a graphical image response is provided. The apparatus includes a microphone and a processor in communication with the microphone. The microphone receives a secure voice assistant mode activation command and a voice command. The processor is to execute a voice assistant application, wherein the voice assistant application is to generate a graphical image response in response to the secure voice assistant mode activation command and the voice command, to change a privacy setting in the apparatus in response to the secure voice assistant mode activation command, to transmit the voice command from the microphone to the voice assistant application, and to transmit the graphical image response to a display. | 2021-06-17 |
20210182331 | ASSOCIATING A GRAPHICAL ELEMENT TO MEDIA CONTENT ITEM COLLECTIONS - Various embodiments provide for associating a collection of media items with a graphical element. For instance, a system can: generate corpus data from a set of features of a collection of media content items; determine a set of candidate graphical elements for the collection of media content items based on the corpus data and further based on a set of first mappings associating at least one graphical element and at least one n-gram; determine a set of prediction scores corresponding to the set of candidate graphical elements based on the set of features; determine a ranking for the set of candidate graphical elements based on the set of prediction stores; select a set of predicted graphical elements, from the set of candidate graphical elements, based on the ranking; and provide the set of predicted graphical elements in association with the collection of media content items. | 2021-06-17 |
20210182332 | DEVICE, SYSTEM AND METHOD FOR ANONYMOUSLY COMPARING QUERY IMAGES TO REFERENCE IMAGES - A device, system and method for anonymously comparing query images to reference images is provided. A computing device receives, from at least one camera, a query image. The computing device generates a query characteristic vector associated with the query image. The computing device applies a mathematical operator on the query characteristic vector to obtain a query vector. The computing device compares the query vector to a reference vector, the reference vector obtained by applying a complementary mathematical operator on a reference characteristic vector associated with a reference image, the complementary mathematical operator comprising a complement of the mathematical operator. The computing device, in response to the comparing indicating a match between the query vector and the reference vector, provides a notification of the match. | 2021-06-17 |
20210182333 | CORRELATING IMAGE ANNOTATIONS WITH FOREGROUND FEATURES - A machine may be configured to execute a machine-learning process for identifying and understanding fine properties of various items of various types by using images and associated corresponding annotations, such as titles, captions, tags, keywords, or other textual information applied to these images. By use of a machine-learning process, the machine may perform property identification accurately and without human intervention. These item properties may be used as annotations for other images that have similar features. Accordingly, the machine may answer user-submitted questions, such as “What do rustic items look like?,” and items or images depicting items that are deemed to be rustic can be readily identified, classified, ranked, or any suitable combination thereof. | 2021-06-17 |
20210182334 | VISUAL LOCALIZATION METHOD - There is provided a visual localization method comprising: (a) transmitting data representative of one or more detected visual features from a mobile device to a server; (b) estimating the location of the mobile device at the server based on the visual features received from the mobile device; (c) transmitting reference data associated with the estimated location from the server to the mobile device; and (d) the mobile device determining its location based on the reference data received from the server. | 2021-06-17 |
20210182335 | MATCHING AUDIO FINGERPRINTS - Methods, apparatus, systems and articles of manufacture are disclosed to select reference sub-fingerprints for comparison to query sub-fingerprints based on a determination that a query sub-fingerprint is a match with a reference sub-fingerprint, generate a count vector that stores total counts of matches between the query sub-fingerprints and different subsets of the reference sub-fingerprints, each of the different subsets being aligned to the query sub-fingerprints at a different offset from a reference point, each of the different offsets being mapped by the count vector to a different total count, calculate a maximum count among the total counts, a median of the total counts, and a difference between the maximum count and the median of the total counts, and classify the reference sub-fingerprints as a match with the query sub-fingerprints based on the difference between the maximum count in the count vector and the median. | 2021-06-17 |
20210182336 | Rapid Video Search System and Method of Using the Same - A computer system for video management may provide a GUI that may enable repeating the steps of user thumbnail selection, representative subdivision of a recorded video to be viewed based on the thumbnail selected, and display of representative thumbnails in a GUI. The representative thumbnails may be selected based on a parameter such as random selection or images that may be evenly distributed from within the recorded video. After the representative subdivision of a recorded video to be viewed reaches a lower limit, the computer system for video management may display a shortened portion of video in the GUI to be viewed. | 2021-06-17 |
20210182337 | System and Method for Tagging Data - A system and method are provided for tagging data. The method is executed by a device having a communications module and includes providing, via the communications module, to a client device, an option to associate tags with an event, the option enabling a tag to be selected, created, or customized to add context to the event. The method also includes receiving via the communications module, from the client device, tagged data added by the client device, associating the tagged data with the event, and storing the tagged data in a database of tagged data from a plurality of client devices, the database of tagged data being associated with a plurality of events. The method also includes using the database of tagged data to generate or train an associative model, and using the associative model to generate at least one suggested tag based on associations between the plurality of client devices. | 2021-06-17 |
20210182338 | RETRIEVAL SYSTEM AND VOICE RECOGNITION METHOD THEREOF - Provided is a method performed by a retrieval system. The method comprises receiving a search request from a user terminal, extracting a search keyword included in the received search request by the retrieval system, obtaining a search result corresponding to the search keyword by the retrieval system searching databases of a plurality of contact applications, and providing the search result to the user terminal, wherein each of the plurality of contact applications has an identifiable name, is associated with a different topic, and can operate independently from each other. | 2021-06-17 |
20210182339 | LEVERAGING INTENT RESOLVERS TO DETERMINE MULTIPLE INTENTS - The exemplary embodiments disclose a system and method, a computer program product, and a computer system for determining the intents of user expression. The exemplary embodiments may include receiving a user expression, extracting one or more entities from the user expression, gathering one or more resolvers associated with the one or more entities, identifying a first resolver of the one or more resolvers based on the user expression and the one or more training expressions, and resolving the first resolver to generate a first output. | 2021-06-17 |
20210182340 | RESOLVING USER EXPRESSION HAVING DEPENDENT INTENTS - The exemplary embodiments disclose a system and method, a computer program product, and a computer system for resolving the intents of user expression. The exemplary embodiments may include receiving a user expression, receiving a first resolver having an input class and an output class based on the user expression, determining whether the first resolver can be resolved based on the user expression, and based on determining that the first resolver can be resolved based on the user expression, resolving the first resolver. | 2021-06-17 |
20210182341 | MARKETPLACE FOR CONVERSATIONAL BOT SKILLS - In non-limiting examples of the present disclosure, systems, methods and devices for enabling conversational bot communications are presented. A marketplace comprising an identity of a plurality of skills may be maintained, each of the plurality of skills associated with a manifest and a conversational bot. A request for execution of a specific skill may be received. A plurality of conversational bots may be identified, each of the plurality of conversational bots being associated with a manifest for executing the specific skill. The plurality of conversational bots may be ranked. The specific skill may be caused to be executed by the highest ranked conversational bot. In some examples, a plurality of highest ranked conversational bots may be surfaced and a bot that is selected may execute the specific skill. | 2021-06-17 |
20210182342 | MAJOR POINT EXTRACTION DEVICE, MAJOR POINT EXTRACTION METHOD, AND NON-TRANSITORY COMPUTER READABLE RECORDING MEDIUM - The present invention allows appropriate acquisition of focus points in a dialogue. The focus point extraction device | 2021-06-17 |
20210182343 | Scalable and Resource-Efficient Extraction of Data from Network-Accessible Documents - A technique is described herein for processing network-accessible documents in a scalable and resource-efficient manner. A model-generating process provided by the technique includes three-phases. A first phase generates a set of sample documents associated with a particular class of documents, a second phase applies labels to the sample documents to produce a set of labeled documents, and a third phase generates at least one data-extraction model based on the set of labeled documents. The data-extraction model includes data-extracting logic for extracting at least one specified data item from new documents that match the class of documents. In a data-extracting process, the technique identifies a data-extraction model that applies to the new document and then applies that model. | 2021-06-17 |
20210182344 | DEVICE, SYSTEM AND METHOD FOR CONTROLLING DOCUMENT ACCESS USING HIERARCHICAL PATHS - A device, system and process for controlling document access using hierarchical paths is provided. A query, received from a requesting device, comprises: a search string for searching a document database; and an identifier associated with a user. A security permissions database is accessed using the identifier to receive permissible hierarchical document access paths indicating document access permissions associated with the identifier. A modified query includes the permissible hierarchical document access paths. The modified query used to access an index of the document database, the index comprising: a searchable content portion, and corresponding hierarchical document access paths, of a document. Document identifiers are received that identify only the documents having: respective searchable content portions that include the search string of the modified query; and at least one respective corresponding hierarchical document access path encompassed by the permissible hierarchical document access paths. The document identifiers are provided to the requesting device. | 2021-06-17 |
20210182345 | DOCUMENT DATA PROCESSING APPARATUS AND NON-TRANSITORY COMPUTER READABLE MEDIUM - A document data processing apparatus includes a memory and a processor. The memory stores a distributed-representation set including multiple distributed representations corresponding to multiple pieces of data. The processor is configured to modify the distributed-representation set on the basis of multiple data pairs and multiple scores corresponding to the data pairs. The data pairs are subjected to learning. The processor is configured to modify the distributed-representation set in such a manner that, for each of the data pairs, a value indicating a relationship in a modified distributed-representation pair corresponding to the data pair comes close to a score corresponding to the data pair. | 2021-06-17 |
20210182346 | CONSUMABLE DATA MANAGEMENT - The present invention relates to methods, devices and systems for associating consumable data with an assay consumable used in a biological assay. Provided are assay systems and associated consumables, wherein the assay system adjusts one or more steps of an assay protocol based on consumable data specific for that consumable. Various types of consumable data are described, as well as methods of using such information in the conduct of an assay by an assay system. | 2021-06-17 |
20210182347 | POLICY-BASED TRUSTED PEER-TO-PEER CONNECTIONS - Disclosed are various examples for implementations of policy-based trusted peer-to-peer connections. A computing device can receive a message from a first client device, the message specifying an identifier of a second client device. The computing device can then send a query to a computing device, wherein the query specifies the identifier of the second client device. The computing device can also determine that the first client device is authorized to communicate with the second client device based on a response to the query received from the second computing device. In some instances, the computing device can then send the public key of the second client device to the first client device. | 2021-06-17 |
20210182348 | CARD DATA DISPLAY METHOD AND APPARATUS, AND STORAGE MEDIUM - The present disclosure provides a card data display method and apparatus, and a storage medium. The method includes: in response to receiving a search request through a first application, sending the search request to a second application, acquiring card data in response to receiving the search request through the second application, in which the card data includes a first search result corresponding to the search request, and displaying the card data. | 2021-06-17 |
20210182349 | BROWSER-BASED MOBILE IMAGE CAPTURE - Systems and methods for integrating mobile image capture with an internet browser application on a mobile device are provided, wherein a user viewing a web page via the internet browser application can initiate a mobile image capture process on the mobile device through the web page, capture images with a mobile image capture user interface, and then provide secure access to the captured images for the web page in order to utilize the content of the captured images. The mobile image capture process is accessible through any internet browser application via the mobile device and allows any service running on a web page to benefit from the ability to capture an image on the mobile device and obtain the content of the image through mobile image processing. The browser-based mobile image capture allows mobile devices which do not run certain third party applications to utilize mobile image capture and processing. | 2021-06-17 |
20210182350 | CONTEXT-BASED NATURAL LANGUAGE SEARCHES - Techniques for natural language searches are described. In an example, a computer system receives a search associated with a computing device. Based on the search, the computer system determines first search results from a first data source and associated with a first type and second search results from a second data source and associated with a type. The computer system also determines a context associated with at least one of the computing device or a user. Based on the context, the computer system generates instructions associated with a presentation of the first search results and the second search results at a user interface of the computing device. The instructions indicate a first presentation order of the first search results and the second search results and a second presentation order of search results within the first search results. The computer system sends the instructions to the computing device. | 2021-06-17 |
20210182351 | METHOD AND SYSTEM OF PERSONALIZED BLENDING FOR CONTENT RECOMMENDATION - The present teaching relates to personalized content recommendation. A webpage is contrasted for a user having a plurality of slots each of which is to be allocated with a content item. For each of the plurality of slots, a plurality of content items in a plurality of types of content are accessed. For each of the plurality of types of content, a personalized score is predicted for each content item in the type of content, wherein the personalized score is obtained based on a trained model trained. A recommended content item of the type of content is selected based on personalized scores. An overall recommended content item is selected and allocated to a slot based on criteria associated with the personalized scores of the recommended content items and a business rule. The webpage with the plurality of slots allocated with content items is provided to the user. | 2021-06-17 |
20210182352 | SYSTEMS AND METHODS FOR SEMANTIC KEYWORD ANALYSIS - In various embodiments, a method for generating from one or more keywords a list of related topics for organic search includes receiving, by a topic tool, an input of one or more keywords for which to generate a list of related topics. The method may further include acquiring, by a crawler, content from a plurality of different web content sources via one or more networks. The method may also include applying, by the topic tool, to the acquired content an ensemble of one or more key phrase extraction algorithms, one or more graph analyses algorithms and one or more natural language processing algorithms to identify a set of semantically relevant topics scored by relevance. The method may also include generating, by the topic tool, from the set of semantically relevant topics, a knowledge graph of related topics for the input of the one or more keywords. The method may further include outputting, by the topic tool based at least partially on the knowledge graph, an enumerated list of topics ranked by at least a relevance score. | 2021-06-17 |
20210182353 | EVALUATION UPDATING DEVICE, METHOD, AND PROGRAM - To appropriately update evaluation on an evaluation target based on posts related to an evaluation target from a user. When a reliability of an evaluation information drops equal to or below a threshold related to the reliability of the evaluation information, the evaluation information representing an evaluation on an evaluation target, the reliability representing an index provided to evaluation information when the evaluation information is generated, an evaluation unit | 2021-06-17 |
20210182354 | SOCIAL COMMUNITIES ASSISTANT - A social communities assistant system may serve as a proxy for a user when communicating with social networking communities. The user may have a single interface on, such as an application, to communicate with a plurality of social communities. As a proxy, the social communities assistant system may manage parallel communications among the social communities on behalf of the user. The social communities assistant system may manage communications of various types. These types of communication may include queries, responses, statements, event notifications, or actions, among other things. | 2021-06-17 |
20210182355 | Webpage Accessibility Compliance - Aspects described herein may provide determination of compliance with accessibility rules by a webpage. A first version of a webpage may be compliant with the accessibility rules. The first version of the webpage may be modified to create the second version of the webpage. The second version of the webpage may be displayed. A voiceover of the second version of the webpage may be initiated. The voiceover may include starting automatic text-to-speech software that reads aloud the second version of the webpage. The voiceover of the second version of the webpage may be recorded and stored. A textual transcript of the stored recording may be generated. Compliance of the second version of the webpage with the accessibility rules may be determined based on the textual transcript of the stored recording and based on the first version of the webpage. | 2021-06-17 |
20210182356 | INFORMATION PROCESSING DEVICE, NON-TRANSITORY STORAGE MEDIUM, INFORMATION PROCESSING METHOD AND ELECTRONIC CIRCUIT - According to one embodiment, an information processing device includes a first processing circuit and a second processing circuit. The first processing circuit is configured to update a third vector based on basic equations. Each of the basic equations is a partial derivative of an objective function with respect to either of the variables in the objective function. The second processing circuit is configured to update the element of the first vector and update the element of the second vector. The element of the first vector smaller than a first value is set to the first value. The element of the first vector greater than a second value is set to the second value. | 2021-06-17 |
20210182357 | SYSTEM AND METHOD FOR MODEL PARAMETER OPTIMIZATION - One embodiment can provide a method and system for tuning parameters of a numerical model of a physical system. During operation, the system can obtain, using a machine-learning technique, a parameter-transform model for mapping parameters of the numerical model at a first resolution to parameters of the numerical model at a second resolution, the second resolution being higher than the first resolution. The system can perform a parameter-tuning operation on the numerical model at a first resolution to obtain a first set of tuned parameters and apply the parameter-transform model on the first set of tuned parameters to obtain a second set of tuned parameters at a second resolution. The system can then generate behavior information associated with the physical system by running the numerical model at the second resolution using the second set of tuned parameters. | 2021-06-17 |
20210182358 | ROOT CAUSE ANALYSIS USING GRANGER CAUSALITY - Techniques regarding root cause analyses based on time series data are provided. For example, one or more embodiments described herein can comprise a system, which can comprise a memory that can store computer executable components. The system can also comprise a processor, operably coupled to the memory, and that can execute the computer executable components stored in the memory. The computer executable components can comprise maintenance component that can detect a cause of failure for a mechanical system by employing a greedy hill climbing process to perform a polynomial number of conditional independence tests to determine a Granger causality between variables from time series data of the mechanical system given a conditioning set. | 2021-06-17 |
20210182359 | THREE-DIMENSIONAL LANE PREDICATION FOR MATRIX OPERATIONS - Embodiments of the present invention are directed to a new instruction set extension and a method for providing 3D lane predication for matrix operations. In a non-limiting embodiment of the invention, a first input matrix having m rows and k columns and a second input matrix having k rows and n columns are received by a compute array of a processor. A three-dimensional predicate mask having an M-bit row mask, an N-bit column mask, and a K-bit rank mask is generated. A result matrix of up to m rows, up to n columns, and up to k rank updates is determined based on the first input matrix, the second input matrix, and the predicate mask. | 2021-06-17 |
20210182360 | ARITHMETIC PROCESSING APPARATUS, NON-TRANSITORY COMPUTER-READABLE STORAGE MEDIUM, AND ARITHMETIC PROCESSING METHOD - An arithmetic processing apparatus includes a memory and a processor. The processor coupled to memory and configured to determine an individual not to be evolved to an individual of a second generation from among a plurality of individuals in a first generation based on a predetermined reference for calculation completion of fitness calculation for each of the plurality of individuals, the second generation being a generation next to the first generation, and determine to cause the determined individual to evolve to an individual of a generation next or subsequent to the second generation. | 2021-06-17 |
20210182361 | Intelligent Outlier Data Detection - Transaction data is received from a remote client computing device that includes user-generated entries in each of a plurality of fields. Thereafter, it can be determined, using an outlier detection algorithm, that values for one or more of the entries is an outlier. Data can then be provided (e.g., displayed in a visual display, loaded into memory, stored in physical persistence, transmitted to a remote computing system, etc.). The outlier algorithm can be based on a number of similar records g, a number of distinct values d(g) in the similar records, and a number of same values s in the similar records. Related apparatus, systems, techniques and articles are also described. | 2021-06-17 |
20210182362 | Managing Enterprise Software Licenses for Virtual Network Functions - Concepts and technologies disclosed herein are directed to managing enterprise software licenses for virtual network functions (“VNFs”). According to one aspect disclosed herein, a system can acquire a software license for a software asset to be instantiated and used by a cloud computing environment associated with an enterprise. The system can prepare, with an enterprise anchor point (“EAP”) module managed by a vendor of the software asset, a certificate validation process that uses an enterprise security certificate to ensure the software license is valid for an execution instance of the software asset. The system can instantiate the execution instance of the software asset in the cloud computing environment. The system can validate, by the EAP module, the enterprise security certificate to ensure the software asset is instantiated and used in accordance with the software license. | 2021-06-17 |
20210182363 | SOFTWARE LICENSE MANAGER - Techniques for controlling access to a software application according to at least one software license agreement using a client computer and a server computer are presented. The client computer is configured to detect an initiation of the software application, suspend an execution process of the software application, determine that the software application is subject to a plurality of software license entitlement criteria defined by the at least one software license agreement, and request from the server computer a license for a usage of the software application on the client computer. The server computer is configured to determine that the usage of the software application on the client computer satisfies the plurality of software license entitlement criteria, and provide to the client computer a license for the usage of the software application on the client computer. The client computer is configured to resume the initiation of the software application. | 2021-06-17 |
20210182364 | SOFTWARE LICENSE MANAGER SECURITY - Techniques for securing computer executable software for tracking usage of at least one software application are presented. The computer executable software for tracking usage of at least one software application can include tracking software installed on a client and monitoring software installed on the client, where the monitoring software is hidden from users of the tracking software. The techniques can include tracking, by the tracking software, a usage of the at least one software application by the client; obtaining, by the tracking software, a status of the monitoring software; and restarting the monitoring software, by the tracking software, in response to obtaining a status of the monitoring software indicating that the monitoring software is not executing. | 2021-06-17 |
20210182365 | PROXY LICENSE SERVER FOR HOST-BASED SOFTWARE LICENSING - An apparatus includes a first host device comprising a first multi-path input-output (MPIO) driver configured to discover additional MPIO drivers of additional host devices of an enterprise system that utilize a given piece of software for controlling delivery of input-output operations to a storage system over selected ones of a plurality of paths through a network, the given software being licensed by a license server external to the enterprise system. The first MPIO driver is also configured to obtain a pool of licenses for the given software from the license server and to receive from a given one of the additional MPIO drivers a request for a license to utilize the given software. The first MPIO driver is further configured to check out one of the pool of licenses and enable use of the given software by the given additional MPIO based at least in part on the checked-out license. | 2021-06-17 |
20210182366 | Multi-Faceted License Management Approach to Support Multi-Layered Product Structure - Concepts and technologies disclosed herein are directed to a multi-faceted license management approach to support multi-layered product structure. A model creation design and onboarding (“MCDO”) module can create an asset based upon input received from an asset creator. The MCDO module can store the asset in an asset catalog. The MCDO module can receive a search request from a collaborator. In response to the search request, the MCDO module can parse the search request to identify search criteria to be used to search the asset catalog. The MCDO module can search the asset catalog based upon the search criteria. The MCDO module can receive search results that include the asset. The MCDO module can create an enhanced asset based upon the asset created by the asset creator combined with a contribution based upon input received from the collaborator. The MCDO can store the enhanced asset in the asset catalog. | 2021-06-17 |
20210182367 | GROUP-BASED COMMUNITY SYSTEM AND METHOD FOR MANAGING THE SAME - Provided are a group-based community system and managing method thereof. The group-based system comprises a group management module for creating a group and assigning a plurality of members to the group, and a badge management module for creating a badge related to the group and awarding the badge to a first member of the plurality of members, wherein, by using the badge, a right of the first member for a predetermined function in a community platform in which at least some members of the plurality of members participate is managed. | 2021-06-17 |
20210182368 | ROBOT OPERATION TERMINAL - A robot operation terminal includes multiple application programs. The robot operation terminal is connected to a controller that controls a robot, and the robot operation terminal receives an input operation carried out by an operator to operate or set the robot. In each of application programs, a necessity of an inbuilt login is set to confirm an operation authority of the operator. | 2021-06-17 |
20210182369 | METHOD AND SYSTEM OF USER IDENTIFICATION - A method and an electronic device for training a classifier to identify a user of the electronic device are provided. The method comprises: receiving training key stroke data associated with the user, a given portion of the training key stroke data having been generated in response to the user inputting a respective symbol of a predetermined text into the electronic device, by interacting with a given key of the plurality of keys; determining, based on the given portion of the training key stroke data, a plurality of time intervals associated with the user; determining most stable ones of the plurality of time intervals for inclusion thereof in a training set of data; training, based on the training set of data, the classifier to determine if the predetermined text inputted into the electronic device in future has been inputted by the user. | 2021-06-17 |
20210182370 | SYSTEMS AND METHODS FOR CONTINUOUS USER AUTHENTICATION - Disclosed herein are systems and methods for continuous user authentication during access of a digital service. In an exemplary aspect, a continuous authentication module may receive, at a computing device, initial authentication credentials of the user. The initial authentication credentials enable access to a service via the computing device. While the service is being accessed, the continuous authentication module may continuously monitor whether an unauthorized user has replaced the user in accessing the service by comparing usage attributes of the service with historic usage attributes associated with the user. In response to determining that the unauthorized user has replaced the user, the continuous authentication module may cease the access to the service via the computing device. | 2021-06-17 |
20210182371 | VISIBLE LIGHT IDENTITY VERIFICATION SYSTEMS AND METHODS - Techniques are disclosed for systems and methods to provide identity verification for protected services. An identity verification system includes an authenticator device configured to provide a visible spectrum optical sequence including an authentication identifier to an authentication station. The authentication station includes an optical sensor configured to capture a time sequence of visible spectrum image data associated with a validated user, and a logic device configured to receive a visible spectrum optical sequence from the optical sensor, verify the authentication identifier, and execute a protected process associated with the verified authentication identifier. The authenticator device includes an optical transmitter and a logic device configured determine a visible spectrum optical sequence comprising the authentication identifier and to generate the visible spectrum optical sequence using the optical transmitter. | 2021-06-17 |
20210182372 | METHOD AND APPARATUS FOR BIOMETRIC AUTHENTICATION BASED ON VIBRATION SIGNAL - An electronic device and an operating method thereof are intended to perform biometric authentication based on a vibration signal, and may be configured to output at least one vibration signal to at least one touched object, receive at least one response signal for the vibration signal from the object, and perform biometric authentication on the object based on at least one of the vibration signal or the response signal. According to various embodiments, biometric authentication can be performed on the object based on a frequency response function calculated based on the vibration signal and the response signal or time-series data of the detected response signal in a time region. | 2021-06-17 |
20210182373 | METHOD TO ADD REMOTELY COLLECTED BIOMETRIC IMAGES OR TEMPLATES TO A DATABASE RECORD OF PERSONAL INFORMATION - Systems and methods for authenticating a user in an authentication system using a computing device configured to capture authentication biometric identity information. The authentication biometric identify information captured during an authentication session. The authentication biometric identify information may comprise or be derived from one or more images of the user being authenticated. The authentication biometric identify information is compared to root identify biometric information. The root identify biometric information is captured from a trusted source, such as trusted devices located at trusted locations, such as a government entity, financial institution, or business. Identity verification may occur by comparing the trusted root identify biometric information to the biometric identify information captured during an authentication session. Liveness determination may also occur to verify the user is a live person. Liveness determination may include comparing two images of the user such that the two images are captured at different distances from the user. | 2021-06-17 |
20210182374 | COMPUTER-BASED SYSTEMS AND COMPUTING DEVICES CONFIGURED TO UTILIZE ONE OR MORE AUTHENTICATION SERVERS FOR SECURING DEVICE COMMANDS TRANSMISSIONS AND METHODS OF USE THEREOF - In some embodiments, securing device commands includes a first electronic device receiving a command authorization request message from a second electronic device, including a device command to be performed by the second electronic device, a command argument, and a first message authentication code (MAC) generated by applying a hash function to the device command, the command argument and a first counter value. The first electronic device generates a second MAC by applying the hash function to the device command, the command argument and a second counter value synchronized with the first counter value. The first electronic device compares the first MAC and the second MAC to authenticate the device command and transmit a command approval message or a command denial message. The command approval message causes the second electronic device to perform the device command and the command denial message causes the second electronic device to reject the device command. | 2021-06-17 |
20210182375 | Device Manager Providing Resource Control and Synchronization - In an embodiment, an operating system includes a device manager that is a central repository of device information. Device drivers may communicate with the device manager over respective channels, and may request channel identifiers (Cids) to communicate with resources related to the respective devices. The device manager may provide values for resource access (or handles that the resources may use to access values). In an embodiment, the device drivers do not have the ability to allocate resources for a peripheral device. Accordingly, the security of the system may be increased. Furthermore, the resource allocation may be centrally located, simplifying the process of updating resource allocation when needed. Additionally, the device manager may delay response to requests from a given device driver until its dependencies are clear (e.g., other device drivers and hardware initializations). Thus, startup scripts may be avoided in some embodiments. | 2021-06-17 |
20210182376 | INTEGRATED SECURE PIN CONFERENCING SYSTEM - Embodiments of the invention are directed to a system, method, or computer program product for secure remote conferencing. A platform is provided for generation of secure conference call information, scheduling and dissemination of secure conference call information, initiation and monitoring of live conference calls, tagged tracking of uniquely generated personal identification number (PIN) codes, and secure streaming of recorded conference calls. A host of a secure event conference may provide relevant information about the secure conference call event and pre-authorized attendees which the platform may then use to generate and monitor single-user PIN access for the secure conference call event. | 2021-06-17 |
20210182377 | SYSTEM AND METHOD TO ENSURE SECURE AND AUTOMATIC SYNCHRONIZATION OF CREDENTIALS ACROSS DEVICES - An access credential is modified at one device, wherein the device is part of a secure private network of multiple devices. Each other device in the secure private network receives notification of the modification. The credential modification is implemented when at least a subset of the other devices each accept the credential modification. | 2021-06-17 |
20210182378 | PASSWORD SECURITY WARNING SYSTEM - Various embodiments are directed to a password security warning system. An artificial neural network or other types of models may be used to determine whether a password that is created, input, or proposed by a user via an interface includes one or more predictable or typical transformations or combinations of characters derived from user-specific information. Based on the determination, a warning may be provided to the user. | 2021-06-17 |
20210182379 | SYSTEM AND METHOD FOR IMPROVING THE SECURITY OF STORED PASSWORDS FOR AN ORGANIZATION - A hashed fried password method includes receiving a password value, a global pepper value and fry values; generating a random salt value and selecting a fry value; generating a fried password; and authenticating the user when a hashed fried password value matches a candidate hash. The method may include receiving the fried password and/or salt. A system includes processor and a memory storing instructions that, when executed by the processor cause the system to receive a password value, a global pepper value and fry values; receive a hashed fried password value and salt value; apply a hashing function; and authenticate the user when the hashed fried password value matches a candidate. | 2021-06-17 |
20210182380 | COMPUTER DEVICE AND METHOD FOR CONTROLLING PROCESS COMPONENTS - A computer device, including at least a processor and a memory, can be configured to control process components on a computer device. An agent can intercept a request to instantiate a new process component in a user account of a logged-in user. The request can originate on the computing device from an instance of a particular process component amongst a set of process components. The user account can be assigned default user privileges by a privilege access management service. The agent can determine whether to permit the intercepted request. The agent can permit the intercepted request if the relationship is validated and if a trusted owner is identified amongst the set of identified owners. | 2021-06-17 |
20210182381 | Dynamic Message Analysis Platform for Enhanced Enterprise Security - Aspects of the disclosure relate to dynamic message analysis using machine learning. A computing platform may apply a security scoring process to an endpoint relationship to compute a weighted security score for the endpoint relationship. Subsequently, the computing platform may determine a weighted grade for the endpoint relationship based on the weighted security score for the endpoint relationship. Based on identifying that the weighted grade exceeds a predetermined threshold, the computing platform may tag the endpoint relationship as compromised. Subsequently, the computing platform may monitor an electronic messaging server to detect messages corresponding to the compromised endpoint relationship. Based on detecting that the electronic messaging server has received a first message, corresponding to an endpoint of the compromised endpoint relationship, the computing platform may rewrite a URL included in the first message to point to a security service that is configured to open the URL in an isolation environment. | 2021-06-17 |
20210182382 | SECURE AND RELIABLE CONTENT DISARM AND RECONSTRUCTION - The present teachings disclose a file Content Disarm and Reconstruction (CDR) system and method. The system includes: a disarm environment comprising disarm sandboxes to transform a file; a separate reconstruct environment; and a controller to classify a file content of a file as a filetype, to provide the file and the filetype to a selected disarm sandbox of the disarm sandboxes for transformation, to receive one or more disarmed files from the selected disarm sandbox, to provide the one or more disarmed files to the reconstruct environment, and to receive a reconstructed file from the reconstruct environment, wherein the disarm environment, the reconstruct environment, and the controller are isolated and separated from one another by hardware. Isolated and separate Virtual Machines (VMs) may host the controller, the disarm environment and the reconstruct environment. The VMs may be disposable VMs that include an application sandbox environment. The VMs may be provided by a cloud service. | 2021-06-17 |
20210182383 | TRIPLICATION REGISTER COMPRISING A SECURITY DEVICE - A triplication register device includes a first register, a second register and a third register, the three registers being identical and containing the same information in common use, a majority vote device and a self-correction device, the correction being dependent on the result from the majority vote device, each register being controlled by an output of a dual-input multiplexer (mux), the first input corresponding to a functional write operation, the second input corresponding to the result of the majority vote, wherein the triplication device comprises a test device whose function is to block, on command and independently, either the functional write operation to the first register, or the functional write operation to the second register, or the functional write operation to the third register, or the self-correction. The test device may comprise a control register that may also be secured by triplication. | 2021-06-17 |
20210182384 | DETECTING FRAUDULENT FACIAL RECOGNITION - A computer-implemented method for detecting fraudulent behavior in a facial recognition process includes: receiving, by a computing device, a facial recognition request from a user; collecting bypass information of the user, in which the bypass information includes user device information and user behavior information; inputting the bypass information into at least one decision model to obtain a bypass decision result; and determining, based on the bypass decision result, whether fraudulent behavior is present in the facial recognition process. | 2021-06-17 |
20210182385 | DYNAMIC, RESILIENT VIRTUAL SENSING SYSTEM AND SHADOW CONTROLLER FOR CYBER-ATTACK NEUTRALIZATION - An industrial asset may have monitoring nodes (e.g., sensor or actuator nodes) that generate current monitoring node values. An abnormality detection and localization computer may receive the series of current monitoring node values and output an indication of at least one abnormal monitoring node that is currently being attacked or experiencing a fault. An actor-critic platform may tune a dynamic, resilient state estimator for a sensor node and output tuning parameters for a controller that improve operation of the industrial asset during the current attack or fault. The actor-critic platform may include, for example, a dynamic, resilient state estimator, an actor model, and a critic model. According to some embodiments, a value function of the critic model is updated for each action of the actor model and each action of the actor model is evaluated by the critic model to update a policy of the actor-critic platform. | 2021-06-17 |
20210182386 | ELECTRONIC APPARATUS THAT MONITORS A SAFETY FUNCTION AND A CONTROLLING METHOD THEREOF - An electronic apparatus including a memory; and a processor including at least one core, among a plurality of cores, that is configured to execute an instruction corresponding to at least one safety function. The processor is further configured to, based on at least one instruction being executed in the at least one core while the electronic apparatus operates in a first state, identify whether the at least one instruction corresponds to the safety function based on an output of a trained neural network model; and based on a result of the identification, determine an operation state of the electronic apparatus as one of the first state or a second state. | 2021-06-17 |
20210182387 | Automated semantic modeling of system events - A method to detect anomalous behavior in an execution environment. A set of system events captured from a monitored computing system are received. Using the received system events, a model is then trained using machine learning. The model is trained to automatically extract one or more features for the received set of system events, wherein a system event feature is determined by a semantic analysis and represents a semantic relationship between or among a grouping of system events that are observed to co-occur in an observation sample. An observation sample is associated with an operating scenario that has occurred in the execution environment. Once trained, and using the features, the model is used to detect anomalous behavior. As an optimization, prior to training, the set of system events are pre-processed into a reduced set of system events. The modeler may comprise a component of a malware detection system. | 2021-06-17 |
20210182388 | CORRECTIVE ACTION ON MALWARE INTRUSION DETECTION USING FILE INTROSPECTION - The disclosure herein describes correlating file events with intrusion detection alerts for corrective action. A monitoring component receives file events from a thin agent. An analysis component analyzes the file events and metadata obtained from the intrusion detection alerts, such as attack type or file name, to correlate a set of file events to at least one detected action (intrusion) described in the alert. A recommendation component identifies one or more options, including one or more corrective actions, which are applicable for remediating the alert. The set of options includes a recommended action from two or more possible corrective actions. The set of options are output or displayed to the user. The user selects which option/action to perform in response to the alert. In some examples, an automatic response is performed without user selection with respect to selected types of alerts, detected action(s), selected file(s) or other user-generated criteria. | 2021-06-17 |
20210182389 | Discrete Processor Feature Behavior Collection - Examples of the present disclosure describe systems and methods for discrete processor feature behavior collection and analysis. In aspects, a monitoring utility may initialize a set of debugging and/or performance monitoring feature sets for a microprocessor. When the microprocessor receives from software content a set of instructions that involves the loading of a set of modules or code segments, the set of modules or code segments may be evaluated by the monitoring utility. The monitoring utility may generate a process trace of the loaded set of modules or code segments. Based on the process trace output, various execution paths may be reconstructed in real-time. The system and/or API calls made by the microprocessor may then be compared to the process trace output to quickly observe the interaction between the software content and the operating system of the microprocessor. | 2021-06-17 |
20210182390 | MEMORY MANAGEMENT TO REDUCE RISK OF MALICIOUS THIRD-PARTY ATTACKS - Briefly, embodiments, such as methods and/or systems for techniques for memory management to reduce risk of attacks by malicious third-parties, for example, are described. | 2021-06-17 |
20210182391 | Detecting Malicious Components Using Commit Histories - Embodiments detect malicious code in distributed software components. A detector element references a source code repository (e.g., open source, commercial) containing lines of various files of a distributed artifact. Subject to certain possible optimizations, the detector inspects the individual files and lines of the artifact file-by-file and line-by-line, to identify whether any commit history information is available from a Versioning Control System (VCS). A risk assessor element receives from the detector element, results identifying those lines and/or files for which no VCS commit history is available. The risk assessor then references code features (e.g., file extension, security-critical API calls) in the results, to generate a probability of the malicious nature of the source code lacking VCS commit history information. An analysis report including this probability and additional relevant information, is offered to a user to conduct further manual review (e.g., to detect false positives attributable to benign/legitimate source code modification). | 2021-06-17 |
20210182392 | Method for Detecting and Defeating Ransomware - Embodiments of the present invention are directed to providing a method for detecting and defeating ransomware on a computing device by monitoring selected “bait” files for suspicious file accessing activity. Whenever a bait file is accessed by any software, embodiments of the invention determine whether the accessing software is potentially ransomware. If ransomware is suspected, embodiments of the invention may halt execution of the suspected ransomware and may also take other remedial measures to issue warning notifications and to limit further damage to unaffected data files of the computing device. Such other remedial measures may include removing executable files associated with the suspected ransomware software, shutting down the computing device, and/or setting the computing device to reboot into a safe mode so that further ransomware removal steps can be taken. | 2021-06-17 |
20210182393 | MONITORING CONTROL-FLOW INTEGRITY - A method for monitoring control-flow integrity in a low-level execution environment, the method comprising receiving, at a monitor, a message from the execution environment indicating that the execution environment has entered a controlled mode of operation, receiving, at the monitor, a data packet representing execution of a selected portion of a control-flow process at the execution environment, identifying, using the data packet, a pathway corresponding to the selected portion of the control-flow process from a set of permissible control-flow pathways and determining whether the identified pathway corresponds to an expected control-flow behaviour. | 2021-06-17 |
20210182394 | System and Method for Detecting an Adversarial Attack - A computer-implemented method relates to training a machine learning system to detect an adversarial attack. The method includes classifying a first sequence as belonging to a first class indicative of a nominal sequence based on a first prediction that the first sequence includes an unperturbed version of sensor data. The method also includes classifying a second sequence as belonging to a second class indicative of an adversarial sequence based on a second prediction that the second sequence includes a perturbed version of the sensor data. Combined loss data is generated for a collection of sequences and is based on a first average loss with respect to incorrect classifications of the first class and a second average loss with respect to incorrect classifications of the second class. Parameters of the machine learning system are updated based on the combined loss data. Once trained, the machine learning system is operable to generate a first label to indicate that an input sequence is classified as belonging to the first class and generate a second label to indicate that the input sequence is classified as belonging to the second class, thereby enabling a control system to operate in a nominal manner based on the first class and a defensive manner based on the second class. | 2021-06-17 |
20210182395 | POWER DETECTION FOR IDENTIFYING SUSPICIOUS DEVICES - A computer-implemented method includes monitoring, by a power monitor on a computer device, for a peripheral device connection. The peripheral device connection connecting a peripheral device to an input/output port of the computer device. The input/output port is configured to provide power from a power supply of the computer device to the peripheral device. In response to the monitoring for the peripheral device connection identifying the peripheral device connection, the method includes determining, by the power monitor, a device type and a negotiated power of the peripheral device as connected. The power monitor determines whether the negotiated power of the peripheral device as connected matches expected power information. In response to determining the negotiated power of the peripheral device does not match the expected power information, the power monitor takes action on the computer device. | 2021-06-17 |
20210182396 | SPECULATIVELY EXECUTING CONDITIONAL BRANCHES OF CODE WHEN DETECTING POTENTIALLY MALICIOUS ACTIVITY - Provided are a computer program product, system, and method for determining a frequency at which to execute trap code in an execution path of a process executing a program to generate a trap address range to detect potential malicious code. Trap code is executed in response to processing a specified type of command in application code to allocate a trap address range used to detect potentially malicious code. A determination is whether to modify a frequency of executing the trap code in response to processing a specified type of command. The frequency of executing the trap code is modified in response to processing the specified type of command in response to determining to determining to modify the frequency of executing the trap code. | 2021-06-17 |
20210182397 | Ransomware Detection and Mitigation - There is disclosed in one example a computing apparatus, including: a hardware platform including a processor and a memory; a system profile store; and a ransomware detection engine including instructions encoded within the memory to instruct the processor to: detect an operation, by a process, that results in an operation on a file, wherein the operation includes newly creating the file including a file type identifier, or where the file is an existing file, changing a file type identifier for the file; querying the system profile store with a combination of the file type identifier and metadata about the file; based at least in part on the querying, determining that the process is a suspected ransomware attack; and taking a remedial action. | 2021-06-17 |
20210182398 | PACKAGE-BASED REMOTE FIRMWARE UPDATE - A method for updating firmware includes receiving, at a device, an updated installation package. The updated installation package includes an updated version of an installation package, which belongs to a set of installation packages stored on the device for installation of firmware on the device. The method further includes updating the set of installation packages by replacing the installation package with the updated installation package. The method further includes installing updated firmware in volatile memory of the device based on the updated set of installation packages. The method further includes storing an image of the updated firmware in nonvolatile storage of the device. Additionally, the method includes, during a boot process, loading the image from the nonvolatile memory of the device onto the volatile memory of the device, to enable running the updated firmware from the volatile memory, and verifying the authenticity of the updated firmware. | 2021-06-17 |
20210182399 | COMPUTING DEVICE LOGIN FAILSAFE - A method for accessing a computing device including launching a first operating system having a bootloader to boot a second operating system into a random-access memory on the computing device, the first operating system and the second operating system having access to an administrator password contained in an administrator password file located in a persistent file of the computing device and booting the second operating system from the first operating system bootloader to populate a filesystem into the second operating system. Also, executing a login failsafe by the second operating system to read the administrator password contained in the administrator password file located in the persistent file and installing the administrator password file in the filesystem of the second operating system by the login failsafe. The method further including failing to complete the booting of the second operating system and allowing access to the computing device through an administrator user account protected by the administrator password when the second operating system fails to complete the booting. | 2021-06-17 |
20210182400 | BOOTABLE KEY VALUE DEVICE - A Key-Value (KV) storage device is disclosed. The KV storage device may include storage for objects, each object including data associated with a key. A host interface layer may receive requests to read data associated with a key from the storage, to write data associated with a key to the storage, and a boot request to get boot data from the storage. A boot request processor may process the boot request using the storage. | 2021-06-17 |
20210182401 | SYSTEM PLATFORM INITIALIZER FOR MIXED-CRITICAL SYSTEMS - The present disclosure relates to a computing architecture configured to run a first operating system ( | 2021-06-17 |
20210182402 | METHOD, APPARATUS AND COMPUTER PROGRAM PRODUCT FOR DETERMINING A SEMANTIC PRIVACY INDEX - A method, apparatus and computer program product are provided to determine a semantic privacy index that quantifies the risk associated with re-identification of a trajectory following anonymization of the trajectory. In the context of a method, information regarding a trajectory is received. After the trajectory has been map matched to a portion of a road network, the method associates contextual information comprising one or more map features with the trajectory. The method also provides the information regarding the trajectory and the contextual information comprising the one or more map features to a risk estimation model in order to generate the semantic privacy index. | 2021-06-17 |
20210182403 | SECURITY CONFIGURATION DETERMINATION - A computer implemented method to determine a security configuration for a target virtual machine (VM) in a virtualized computing environment, the method including training a machine learning algorithm to determine a vector of security vulnerabilities for the target VM based on a vector of configuration characteristics for the target VM, the machine learning algorithm being trained using training examples each including a configuration for a training VM and an associated vulnerability vector based on an observed security occurrence at the training VM, wherein each training example further includes an identification of one of set of security configurations for the training VM; selecting at least a subset of the set of security configurations and, for each security configuration in the subset, executing the machine learning algorithm with the vector of configuration characteristics for the target VM and an identification of the security configuration, so as to generate a set of vulnerability vectors including a vulnerability vector for each security configuration in the selected subset; and selecting a security configuration for the target VM based on the set of vulnerability vectors. | 2021-06-17 |
20210182404 | DYNAMIC SECURITY POLICY - A computer implemented method to generate training data for a machine learning algorithm for determining security vulnerabilities of a virtual machine (VM) in a virtualized computing environment is disclosed. The machine learning algorithm determines the vulnerabilities based on a vector of configuration characteristics for the VM. | 2021-06-17 |
20210182405 | SECURITY ASSESSMENT DEVICE, SECURITY ASSESSMENT METHOD, AND COMPUTER READABLE MEDIUM - A disclosed feature generation unit ( | 2021-06-17 |
20210182406 | UNCENSORED TALK BACKS - It is disclosed a method for content items collected by a computerized server using a central database. The method includes receiving censored content items from certain sources, and making censored content available to interested parties. The certain sources include content providers applying censoring procedures, content authors or responders, and a responder application identifying a submitted content item as not published by a destined content provider applying censorship. The method includes advertising alternative site espousing censored viewpoints, advertising sites executing censorship, offering user targeted content to voluntary participants, and categorizing data relating to censored content. The method further includes producing and providing data on censoring sites or agents, producing and providing data on reasons for censoring content items, producing and providing data on viewpoints espoused by censored content, and producing and providing quantitative and qualitative measures of censored content. The method further includes interacting with a responder application regarding content items provided by the responder to a content provider applying censorship, and interacting with a reader application regarding censored content items. | 2021-06-17 |
20210182407 | EXECUTION TYPE SOFTWARE LICENSE MANAGEMENT - Techniques for managing licensing of a software application that includes a plurality of executables are presented. The techniques can include detecting an initiation of the software application on a client computer; obtaining a license for a usage of a first executable of the plurality of executables; detecting an initiation of at least a second executable; obtaining execution type data for the second executable specifying one of: a license for a usage of the second executable is not required if an instance of the second executable is executing on the client computer, or a license for a usage of the second executable is not required if at least one executable of the plurality of executables is executing on the client computer; determining, based on the execution type data, that a license for a usage of the second executable is not required; and executing the second executable. | 2021-06-17 |
20210182408 | Encrypted Search System Design for Email Client-Side Encryption - A method for providing an encrypted search system includes receiving a search query for a keyword that appears in one or more encrypted emails stored on an untrusted storage device and accessing, a count table to obtain a count of unique emails within the emails that include the keyword. The method also includes generating a delegatable pseudorandom function (DPRF) based on the keyword, a private cryptographic key, and the count of unique emails that include the keyword and delegating at least a portion of the DPRF to the untrusted storage device that causes the storage device to evaluate the delegated DPRF, access an encrypted search index associated with the emails, and determine one or more encrypted emails associated with the delegated DPRF based on the encrypted search index. The storage device also returns, to the user device, an identifier for each encrypted email associated with the delegated DPRF. | 2021-06-17 |
20210182409 | SYSTEM AND METHOD FOR SECURE ELECTRONIC TRANSACTION PLATFORM - A system for processing data within a Trusted Execution Environment (TEE) of a processor is provided. The system may include: a trust manager unit for verifying identity of a partner and issuing a communication key to the partner upon said verification of identity; at least one interface for receiving encrypted data from the partner encrypted using the communication key; a secure database within the TEE for storing the encrypted data with a storage key and for preventing unauthorized access of the encrypted data within the TEE; and a recommendation engine for decrypting and analyzing the encrypted data to generate recommendations based on the decrypted data. | 2021-06-17 |
20210182410 | PROVISIONING OF A SHIPPABLE STORAGE DEVICE AND INGESTING DATA FROM THE SHIPPABLE STORAGE DEVICE - When a client requests a data import job, a remote storage service provider provisions a shippable storage device that will be used to transfer client data from the client to the service provider for import. The service provider generates security information for the data import job, provisions the shippable storage device with the security information, and sends the shippable storage device to the client. The service provider also sends client-keys to the client, separate from the shippable storage device (e.g., via a network). The client receives the device, encrypts the client data and keys, transfers the encrypted data and keys onto the device, and ships it back to the service provider. The remote storage service provider authenticates the storage device, decrypts client-generated keys using the client-keys stored at the storage service provider, decrypts the data using the decrypted client-side generated keys, and imports the decrypted data. | 2021-06-17 |
20210182411 | VIRTUAL MACHINE FORMJACKING PROTECTION - A processing system may obtain from a client device an input to access an online form, where the client device is accessing a webpage via an application, the webpage being provided by the processing system and including an option to access the online form, and the input comprising a selection of the option. The processing system may further obtain from the client device a verification that an instantiation of a virtual machine on the client device is permitted for accessing the online form, provide to the client device a configuration code for instantiating the virtual machine, provide the online form to the virtual machine via the client device, where the virtual machine is instantiated on the client device in accordance with the configuration code, and where the virtual machine is distinct from the application, and obtain form data of the online form from the virtual machine via the client device. | 2021-06-17 |
20210182412 | SYSTEM AND METHOD FOR MANAGING DATA OBJECT CREATION - A system and method are provided for managing creation of data objects, for example in a network or big data environment. A method comprises: receiving, at a processor, a data object creation command for creating the data object; comparing, at the processor, at least one data object creation parameter with a stored data object creation standard; and initiating creation of the data object in response to the data object creation parameter matching a corresponding parameter in the stored data object creation standard. The data object creation command can be modified to meet the stored data object creation standard, and to change an associated permission level. Embodiments of the present disclosure encapsulate standards defining how to create a data object, such that it is no longer necessary to have a person to make sure that these standards are followed, and automate management of object creation while ensuring conformity to organizational standards. | 2021-06-17 |
20210182413 | DETECTION OF SENSITIVE DATABASE INFORMATION - Techniques are disclosed relating to a method that includes maintaining first and second databases within respective first and second security zones, having respective first and second sets of security rules. The first set of security rules defines restrictions for storing data objects within the first security zone, and the second set of security rules defines restrictions for storing data objects within the second security zone. The method further includes performing a first scan of the first database to determine whether data objects stored in the first database comply with the first set of security rules, and performing a second scan of the second database to determine whether data objects stored in the second database comply with the second set of security rules. The method also includes conveying results of the first and second scans to a repository zone. Results are conveyed without conveying the data objects. | 2021-06-17 |
20210182414 | AUTOMATIC DISCOVERY OF COMPUTING COMPONENTS WITHIN A HIERARCHY OF ACCOUNTS DEFINING THE SCOPE AND SERVICES OF COMPONENTS WITHIN THE COMPUTING ENVIRONMENT - A feature selection methodology is disclosed. In a computer-implemented method, components of a computing environment are automatically monitored, and have a feature selection analysis performed thereon. Provided the feature selection analysis determines that features of the components are well defined, a classification of the features is performed. Provided the feature selection analysis determines that features of the components are not well-defined access to those features are discarded. Results of the feature selection methodology are generated. | 2021-06-17 |
20210182415 | QUERYING IN BIG DATA STORAGE FORMATS - A system may receive a request for access to a first variable. The request may include a requested action and a variable identifier for the first variable. The request may also have a syntax that is incompatible with first data storage format. The system may parse the request to capture the variable identifier from the request. The system may also look up a location of the first variable in a catalog using the variable identifier. The location of the first variable may include the first data storage format. The system may generate a query to access the first variable. The syntax of the query may be compatible with the first data storage format. The system may then submit the query to access the first data storage format. The query may be configured to complete the requested action. | 2021-06-17 |
20210182416 | METHOD AND SYSTEM FOR SECURE ACCESS TO METRICS OF TIME SERIES DATA - In a method for secure access to metrics of time series data, an access request for accessing at least one metric of time series data is received, the access request including an identifier. The access request is validated against a security policy according to the identifier. The access request is updated to exclude any metric indicated in the security policy as excluded according to the identifier. Results of the access request are returned. | 2021-06-17 |
20210182417 | METHOD AND SYSTEM FOR SECURE INGESTION OF METRICS OF TIME SERIES DATA - In a method for secure ingestion of metrics of time series data, an ingestion request for ingesting at least one metric of time series data is received, the ingestion request including an identifier. The ingestion request is validated against a security policy according to the identifier. The ingestion request is updated to exclude any metric indicated in the security policy as excluded according to the identifier. The at least one metric of time series data is ingested according to the ingestion request. | 2021-06-17 |
20210182418 | PRIVACY-PRESERVING DATA VERIFICATION - A node includes processing circuitry configured to encrypt first network data including a first tenant identifier using a first cryptographic key to generate first encrypted data and anonymize the first encrypted data to generate anonymized data where the anonymizing of the first encrypted data includes segmenting the first encrypted data and the anonymizing of the first encrypted data preserving relationships among the first network data associated with the first tenant identifier, encrypt the anonymized data using a second cryptographic key to generate encrypted anonymized data, transmit the encrypted anonymized data, at least one analysis parameter, at least one security policy and instructions to analyze the encrypted anonymized data using the at least one analysis parameter, the at least one security policy and the second cryptographic key, receive analysis data resulting from the analysis of the encrypted anonymized data, and determine verification results from the received analysis data. | 2021-06-17 |
20210182419 | SECURE JOINING INFORMATION GENERATION SYSTEM, SECURE JOINING SYSTEM, METHODS THEREFOR, SECURE COMPUTING APPARATUS AND PROGRAM - A secure joining system is a secure joining system including a plurality of secure computing apparatuses. The plurality of secure computing apparatuses include a vector joining unit | 2021-06-17 |
20210182420 | CONFIDENTIAL INFORMATION IDENTIFICATION BASED UPON COMMUNICATION RECIPIENT - One embodiment provides a method, including: receiving an indication of an addition of a new participant in a textual communication between at least two existing participants; identifying at least one confidential topic contained within the textual communication by (i) parsing the textual communication and (ii) identifying at least one topic contained within the textual communication; the identifying comprising (i) accessing a confidentiality graph comprising (a) nodes representing participants and (b) edges representing confidential concepts that are acceptable discussion topics between participants connected by a corresponding edge and (ii) determining that an edge corresponding to the at least one confidential topic does not connect the new participant with both of the existing participants; and alerting one of the existing participants that the at least one confidential topic is included in the textual communication to be sent to the new participant. | 2021-06-17 |
20210182421 | INFORMATION ACQUISITION METHOD AND DEVICE, AND STORAGE MEDIUM - An information acquisition method and device includes: acquiring privacy-related information when calling, with a target application (App), an application programming interface (API) to acquire privacy information of a terminal, wherein the privacy-related information is associated with a process of the target App acquiring the privacy information; storing the privacy-related information; and reading, by a designated App, the privacy-related information stored in a preset time period, and uploading, by the designated App, the privacy-related information read to a server side. | 2021-06-17 |
20210182422 | BLOCKCHAIN BASED PRIVACY COMPLIANCE PLATFORM - Disclosed herein is a storage platform for managing privacy compliance in an organization. The storage platform comprises a plurality of storage servers and at least one storage controller. The at least one storage controller receives user data from a user associated with the organization and splits the user data into a plurality of data chunks. Further, each data chunk of the plurality of data chunks are stored on a separate storage server selected from the plurality of storage servers. Also, each of the plurality of data chunks are encrypted using encryption keys stored on a distributed ledger. Thereafter, an authentication token corresponding to the stored user data is generated and provided to the user to enable the user to securely share the stored user data with the organization. | 2021-06-17 |
20210182423 | SYSTEMS, METHODS, AND APPARATUSES FOR STORING PII INFORMATION VIA A METADATA DRIVEN BLOCKCHAIN USING DISTRIBUTED AND DECENTRALIZED STORAGE FOR SENSITIVE USER INFORMATION - Systems, methods, and apparatuses for storing PII information via a metadata driven blockchain using distributed and decentralized storage for sensitive user information, operable within a cloud based computing environment. For example, there is a system configured with a memory to store instructions; a set of one or more processors; a non-transitory machine-readable storage medium that provides instructions that, when executed by the set of one or more processors, the instructions stored in the memory are configurable to cause the system to perform operations including: operating a blockchain interface to a blockchain on behalf of a plurality of tenants of the host organization; operating a database interface to a distributed database, separate from the blockchain, on behalf of the plurality of tenants of the host organization; displaying a Graphical User Interface (GUI Interface) to a user device communicably interfaced with the system over a network, in which the GUI interface is to prompt for a metadata entity definition at the user device when displayed by the user device, in which the metadata entity definition defines access control permissions for a blockchain entity including specifying at least (i) a data classification attribute indicating sensitive user information and (ii) a consent required attribute indicating consent is required to access the sensitive user information and (iii) a consent requirements attribute indicating a party from whom the consent must be acquired; transacting the metadata entity definition onto the blockchain; creating a new entity object defined by the metadata entity definition within the distributed database system to store the sensitive user information and writing the sensitive user information to the distributed database to be persistently stored. Other related embodiments are disclosed. | 2021-06-17 |
20210182424 | DATA PROCESSING SYSTEMS FOR DATA TESTING TO CONFIRM DATA DELETION AND RELATED METHODS - In particular embodiments, a Personal Data Deletion System is configured to: (1) at least partially automatically identify and delete personal data that an entity is required to erase under one or more of the conditions discussed above; and (2) perform one or more data tests after the deletion to confirm that the system has, in fact, deleted any personal data associated with the data subject. The system may, for example, be configured to test to ensure the data has been deleted by: (1) submitting a unique token of data through a form to a system; (2) in response to passage of an expected data retention time, test the system by calling into the system after the passage of the data retention time to search for the unique token. | 2021-06-17 |
20210182425 | SELF-CONTROLLED DIGITAL AUTHORIZATION OVER COMMUNICATION NETWORKS - A system for authorizing an external device to access computerized records. The system includes a server. The server includes a computerized records data-store. The computerized records data-store stores multiple computer executable files associated with subjects. The system includes a communication network which facilitates communication between at least two of the subjects, the server, and the external device. The system includes a contextual authorization device for authorizing access to the external device for the computerized records. The contextual authorization device includes a database storing a set of custom rules. The contextual authorization device further includes a Global Positioning System-based tracking device, a credentialing engine, and a user behavior analytics engine. The contextual authorization device further includes an access module to process authorization of the external device for access of the computerized records. | 2021-06-17 |
20210182426 | USER ACTION COLLECTION FOR SENSITIVE CUSTOMER DATA - A secure tenant activity data system for a deployment service includes processor that is configured to decrypt a set of encrypted stream processed monitoring data to recover a set of stream processed monitoring data; determine a transaction identifier associated with the set of stream processed monitoring data; determine whether the transaction identifier has been seen associated with a set of previous data; in response to determining that the transaction identifier has been seen associated with the set of previous data, retrieve the set of previous data; decrypt the set of previous data to recover a set of decrypted previous data; aggregate the set of stream processed monitoring data with the set of decrypted previous data to generate a set of aggregated data; encrypt the set of aggregated data to create a set of encrypted aggregated data; and provide the set of encrypted aggregated data to a safe storage area. | 2021-06-17 |
20210182427 | METHODS AND APPARATUS TO COLLECT DISTRIBUTED USER INFORMATION FOR MEDIA IMPRESSIONS AND SEARCH TERMS - Methods and apparatus to collect distributed user information for media impressions and search terms are disclosed. An example method includes accessing, from a media device, a first identifier and a search term at a first server, the first identifier corresponding to at least one of the media device or a user of the media device, the search term associated with a search request, generating a second identifier based on the first identifier, sending the second identifier and the search term from the first server to a data collection server to facilitate the data collection server to logging the search request, and receiving user information associated with the search request from a database proprietor based on the second identifier. | 2021-06-17 |
20210182428 | USING DE-IDENTIFIED HEALTHCARE DATA TO EVALUATE POST-HEALTHCARE FACILITY ENCOUNTER TREATMENT OUTCOMES - A computer-implemented method includes producing medical information that characterizes a group of individuals from a set of private data representing pre or post-encounter characteristics of the individuals, wherein the individuals have had encounters with a healthcare facility. The identity of the individuals is unattainable from the produced medical information. The method also includes providing the produced medical information to report the pre or post-encounter characteristics of the group. | 2021-06-17 |