26th week of 2021 patent applcation highlights part 79 |
Patent application number | Title | Published |
20210203637 | UNIFIED COMMUNICATION GATEWAY SYSTEMS - A communication system utilizing unified gateways bridges communication gaps between data transmitters having differing transmission, security, data format, overhead restrictions and performance metrics by dynamically determining optimal data paths for the data being routed. The unified gateways can also dynamically alter data packages to upgrade/downgrade security standards, alter transmission networks, translate data to match recipient requirements and split/combine data to optimize data throughput using disparate systems. | 2021-07-01 |
20210203638 | COMMUNICATION SECURITY APPARATUS, CONTROL METHOD, AND STORAGE MEDIUM STORING A PROGRAM - A communication security apparatus includes a communicator that receives a packet from a first device and transmits the received packet to a second device, a memory that retains address authentication information containing pairs of a physical address and a logical address of one or more devices, and a controller. After a learning period of receiving and transmitting packets, the controller determines whether a pair of a physical address and a logical address of the first device and the second device match any one of the pairs of the physical address and the logical address of the one or more devices in the packet, and discards the packet when the pair of the physical address and the logical address of the first device and the second device do not match any one of the pairs of the physical address and the logical address of the one or more devices. | 2021-07-01 |
20210203639 | NETWORK SYSTEM, CONTROL APPARATUS, METHOD FOR CONSTRUCTING A VIRTUAL NETWORK, AND PROGRAM - A network system is connected to a first physical network comprising: a first data transmission node that transmits data used for a first service and a second data transmission node that transmits data used for a second service and to a second physical network including at least one apparatus for receiving data from the first and the second data transmission nodes, and constructs a virtual network for each service between the first and the second physical networks. | 2021-07-01 |
20210203640 | AUTOMATIC VIRTUAL PRIVATE NETWORK (VPN) ESTABLISHMENT - Systems and methods for automatic VPN establishment are provided. | 2021-07-01 |
20210203641 | PREDICTIVE ACTIVATION OF SECURITY RULES TO PROTECT WEB APPLICATION SERVERS AGAINST WEB APPLICATION LAYER ATTACKS - A method by a web application layer proxy for predictively activating security rules to protect one or more web application servers from attacks by one or more web application clients. The method includes applying a set of security rules to web application layer requests received from the one or more web application clients that are intended for the one or more web application servers, determining a set of recently triggered security rules, where the set of recently triggered security rules includes those security rules in the set of security rules that were triggered within a most recent period of time, applying a prediction model to the set of recently triggered security rules to determine one or more security rules that are predicted to be triggered, and activating the one or more security rules. | 2021-07-01 |
20210203642 | PRIVACY-PRESERVING LEARNING OF WEB TRAFFIC - A method by one or more network devices communicatively coupled to a web application layer proxy for profiling parameters of web application layer requests received by the web application layer proxy while preserving privacy. The method includes obtaining masked parameter values associated with a parameter in the web application layer requests, where the masked parameter values associated with the parameter are generated by the web application layer proxy based on masking parameter values associated with the parameter while preserving lengths of the parameter values associated with the parameter and character types of characters in the parameter values associated with the parameter, generating the profile of the parameter based on analyzing the masked parameter values associated with the parameter, and providing the profile of the parameter to the web application layer proxy. | 2021-07-01 |
20210203643 | Message Transmission between Core Network Domains - Network equipment ( | 2021-07-01 |
20210203644 | DATA ANONYMITY METHOD AND DATA ANONYMITY SYSTEM - A data anonymity method and a data anonymity system are provided. The data anonymity method includes the following steps. A data set comprising a plurality of direct-identifiers, a plurality of quasi-identifiers and a plurality of event logs each of which includes an activity and a timestamp is obtained. A content of each of the direct-identifiers is replaced by a pseudonym. The quasi-identifiers are classified, via a group-by algorithm with k-anonymity, as a plurality of equivalence classes. The activities corresponding to each of the direct-identifiers are linked according to the timestamps to obtain a plurality of event sequences. A similarity hierarchy tree is obtained according to a plurality of edit distances among the event sequences. The event sequences are grouped according to the similarity hierarchy tree with k-anonymity to obtain at least one group. The event sequences which are in the group are generalized. | 2021-07-01 |
20210203645 | PROGRAMMATIC CONTROL CHANNEL FOR AUTOMATED DATA DISTRIBUTION - Disclosed are apparatuses, systems, and methods for providing a programmatic control channel for granting or denying access to user data. In one embodiment, a method is disclosed comprising receiving an input stream of data including user data and a first regulatory control channel (RCC) data structure; building a final RCC data structure based on the first RCC data structure and a stored RCC data structure; retrieving a regulatory query context (RQC) from a data requestor; applying one or more Boolean operators to the final RCC data structure and the RQC to obtain an evaluation result; and executing the downstream processing if the evaluation result comprises a passing evaluation result. | 2021-07-01 |
20210203646 | METHOD FOR RESTRICTING ACCESS TO A MANAGEMENT INTERFACE USING STANDARD MANAGEMENT PROTOCOLS AND SOFTWARE - A method by a network device to restrict access to a management interface, where the management interface is defined by a data model, and where the network device is provided by an equipment provider to an equipment operator for use by the equipment operator. The method includes receiving a first request from a management system to perform a first management operation that involves accessing a module of the data model, where the first request specifies a security credential as a key for a security wrapper defined by the module, and where the security credential is supplied to the management system by the equipment provider and is inaccessible to the equipment operator, verifying whether the security credential specified by the first request is valid, and performing the first management operation in response to verifying that the security credential specified by the first request is valid. | 2021-07-01 |
20210203647 | CORE NETWORK, USER EQUIPMENT, AND COMMUNICATION CONTROL METHOD FOR DEVICE TO DEVICE COMMUNICATION - A communications system is provided. A network device controls the setting up of a device to device communication link, as sent between a device in the core network and the base station(s) servicing the relevant mobile devices, including disclosure of the common security information for two mobile devices to communicate securely over the direct device to device communications link. | 2021-07-01 |
20210203648 | DATA INPUT USING MULTI-FACTOR AUTHENTICATION - Techniques are disclosed relating to a method that includes, in response to a request from a user to complete a secure transaction, determining, by a computer system, that a plurality of transaction options is available for completing the secure transaction. The method further includes generating, by the computer system, a plurality of authentication codes, each authentication code of the plurality corresponding to a respective one of the plurality of transaction options. Receiving a particular authentication code of the plurality of authentication codes from a computing device associated with the user causes a selection of a corresponding transaction option. | 2021-07-01 |
20210203649 | DEVICE AND METHOD FOR ATTESTING DISTRIBUTED SERVICES - A node provides a service to a client node in a network. The node is configured to execute a code for providing the service to the client node in an enclave of a trusted execution environment (TEE) and to execute a code library in the enclave to attest to the client node the identity of the service provided. The service provided to the client node may be a distributed service including a result of a cooperation of a plurality of neighbor nodes, which are connected to the node either directly or through other intermediate nodes. The code library is configured to attest to the client node the identity of the distributed service. | 2021-07-01 |
20210203650 | DATA MESSAGE AUTHENTICATION BASED ON A RANDOM NUMBER - Examples disclosed herein related to authenticating a data message based on a random number. In one implementation, a first electronic device generates a first random number to associate with a data transaction message and transmits the first random number to a second electronic device identified as the sender of the data transaction message. The first electronic device compares a received authentication message to the first random number to authenticate the sender of the data transaction message. If authenticated, the first electronic device performs a data operation including at least one of: a data access and data update based on the data transaction message. | 2021-07-01 |
20210203651 | METHOD AND SYSTEM FOR MONITORING FOR AND BLOCKING FRAUDULENT ATTEMPTS TO LOG INTO REMOTE SERVICES USING LIST VALIDATION ATTACKS - Certain aspects of the present disclosure provide techniques for monitoring for fraudulent login attempts to remote services through an application. The method generally includes receiving a request to connect an application to a remote service. A login attempt counter tracking a number of attempts by a user to connect the application to one or more remote services is incremented. Based on determining that the login attempt counter is less than a maximum number of login attempts predicted to correspond to legitimate login activity in the application, the first username is compared to a second username included in a previous request. A distance is calculated between the first username and the second username, and one or more actions are taken to process the request based on determining whether the calculated distance exceeds a maximum predicted distance between usernames in successive requests that corresponds to legitimate login activity. | 2021-07-01 |
20210203652 | Subscriber Identity Management - Methods and systems for management of subscriber identities associated with user devices are described herein. The user device may enroll the user device to a server and lock a subscriber identity associated with the device by setting a password on the subscriber identity. If a credential entered by a user is verified, the subscriber identity associated with the device may be unlocked. Alternatively, the user device may retrieve one or more identities associated with the user, the user device and/or the subscriber identity. A server may register the one or more identities with a database. If the user device sends a request to connect to the network, the server may verify the one or more identities retrieved by the user device to determine whether to grant access from the user device to the network. | 2021-07-01 |
20210203653 | SINGLE SIGN ON (SSO) CAPABILITY FOR SERVICES ACCESSED THROUGH MESSAGES - Disclosed are various approaches for facilitating single sign-on (SSO) for third-party services that are accessible through messages (e.g., email) received by a user. A user can receive a message that includes an embedded URL or link that opens in a third-party service that requires authentication. Instead of requiring the user to enter authentication credentials for accessing the third-party service, a tunnel service can be used to intercept requests for authentication and redirect the requests to an identity manager that can issue a SSO token following an authentication of the user and device. Upon supplying the third-party service with the SSO token, the user can access the content associated with the third-party service without entering authentication credentials. | 2021-07-01 |
20210203654 | Local Mapped Accounts in Virtual Desktops - Aspects described herein relate to methods, devices and systems that allow for a client device, as part of a remote access or cloud-based network environment, to map external user identities to desktops and applications. Local user accounts can be dynamically generated on a virtual delivery agent. A mapping of the local user account to an external identity can be secured using signed tokens and maintained by a broker machine that allocates resources for the deployment of particular applications to the client device from the virtual delivery agent. This allows for the removal of any dependency on an Active Directory for maintaining user identities or federated sign-on services, greatly simplifying the management of user identities within the system and allowing for greater compatibility across client devices. | 2021-07-01 |
20210203655 | SINGLE SIGN-ON FOR UNMANAGED MOBILE DEVICES - Disclosed are various examples for providing a single sign-on experience for mobile applications that may or may not be managed. A first application executed in a client device sends an access request to a service provider. The first application receives a redirection response from the service provider that redirects the first application to an identity provider. The first application then receives a further redirection response from the identity provider that causes the first application to request an identity assertion from a second application executed in the client device. The first application receives the identity assertion from the second application. The first authentication then authenticates with the service provider using the identity assertion. | 2021-07-01 |
20210203656 | CALL AUTHORIZATION AND VERIFICATION VIA A SERVICE PROVIDER CODE - One example method of operation may include receiving a call message associated with a call, determining a service provider network identifier based on a telephone number of a call origination device, identifying, from the call message, an identity header with a link to a public certificate repository storing a public certificate assigned to a service provider network hosting the call origination device, retrieving a service provider code assigned to the service provider network from the public certificate, and determining whether the service provider code matches the service provider network identifier as identified from a verification table. | 2021-07-01 |
20210203657 | METHOD, CHIP, DEVICE AND SYSTEM FOR AUTHENTICATING A SET OF AT LEAST TWO USERS - A set of users who may authenticate is predefined and is associated, each, with a reference secret share. A first subset of users who has, each, to authenticate is predefined. The device defines a second subset of the users who has, each, to authenticate while further satisfying, each, to be physically proximate to the device and an authentication condition(s). The second user subset is comprised within the first user subset comprised within the user set. The device verifies whether each user of the second user subset satisfies to be physically proximate to the device and the authentication condition(s), if yes, requests, to each user device, the secret share and receives, from each user device relating to at least the first user subset, the secret share. The device reconstructs a secret with each received secret share, verifies whether the reconstructed matches the reference and, if yes, authenticates the user set. | 2021-07-01 |
20210203658 | COMMUNICATION DEVICE AND SYSTEM - [Object] To provide a mechanism that makes it possible to achieve inter-device authentication with high accuracy and high responsiveness. | 2021-07-01 |
20210203659 | COMMUNICATON DEVICE AND SYSTEM - [Object] To achieve inter-device authentication that makes it possible to improve security and ensure certainty of processes. | 2021-07-01 |
20210203660 | SPECIFYING DEVICE, SPECIFYING METHOD, AND SPECIFYING PROGRAM - An identifying device ( | 2021-07-01 |
20210203661 | AUTONOMOUSLY GENERATED PORTABLE ACCOUNTS - Systems and methods are described that include a plurality of devices triggered to be configured with a portable user account to synchronize account events to a distributed log. The plurality of devices includes at least one device configured to trigger a query to determine access rights for the at least one other device. In response to receiving an approval response to the query, the at least one device assigns a provision status to the at least one other device, provides, for the at least one other device, access to at least a subset of the portable user account according to the assigned provision status, and updates the distributed log to include the at least one other device based on the provision status. | 2021-07-01 |
20210203662 | AUTHORIZATION MANAGEMENT METHOD AND SYSTEM FOR A UNIFIED GOVERNANCE PLATFORM WITH A PLURALITY OF INTENSIVE COMPUTING SOLUTIONS - The invention relates to a computer system and a method ( | 2021-07-01 |
20210203663 | SYSTEMS AND METHODS FOR DATA DRIVEN INFRASTRUCTURE ACCESS CONTROL - In one embodiment, in access gateway comprising at least one computer processor, a method for real-time data protection may include: (1) receiving a user login comprising a user identifier; (2) retrieving, using an in-memory entitlements graph, a role definition for the user identifier, wherein the role definition comprises allowed actions, entitled assets, and a system account; (3) receiving a selection of a requested asset from the entitled assets and a requested action from the allowed actions; (4) verifying the user's entitlement to access the requested asset and perform the requested action with the system account using the in-memory entitlement graph based on the user identifier, the system account, the requested asset, and the requested action; and (5) authorizing the user's entitlement to access the requested asset and perform the requested action with the system account substantially at a time of requested access. | 2021-07-01 |
20210203664 | COLLABORATIVE COMMUNICATIONS ENVIRONMENT AND PRIVACY SETTING ASSOCIATED THEREWITH - A method includes receiving a user indication to create an online collaborative team within an online chat environment. The method further includes receiving a user selection of members for the online collaborative team. The online collaborative team enables the selected members of the online collaborative team to communicate with one another. The online chat environment maintains communication of the members and activities of the members of the online collaborative team. The online chat environment makes the activities and the communication available to the members when the members are within the online chat environment. The method further includes accessing attributes associated with the members of the online collaborative team. The method, responsive to the accessing the attributes associated with the members, determines a privacy setting of the online collaborative team. | 2021-07-01 |
20210203665 | PROCESS AND SYSTEM FOR MANAGING DATA FLOWS FOR THE UNIFIED GOVERNANCE OF A PLURALITY OF INTENSIVE COMPUTING SOLUTIONS - The invention relates to a system and method for managing the data streams for unified governance of a plurality of intensive computing solutions ( | 2021-07-01 |
20210203666 | Time Synchronization Using Trust Aggregation - A method for synchronizing time may include receiving initial time information including an initial timestamp from a first device, adjusting a clock of the device with the initial time information, storing the initial time information as an earliest possible time, receiving additional time information, including a second timestamp, from a second device, and evaluating the additional time information. When the evaluated additional time information includes information that is unacceptable, the method may further include adjusting the clock with the second timestamp, and replacing the earliest possible time with the second timestamp. When the evaluated additional time information includes information that is acceptable, the method may further include adjusting the clock with the additional time information, and replacing the earliest possible time with the additional time information. The initial time information and additional time information may be respectively determined based on reconciled time data received from two or more proximate devices. | 2021-07-01 |
20210203667 | SECURE ONLINE ACCESS CONTROL TO PREVENT IDENTIFICATION INFORMATION MISUSE - In some aspects, a computing system can control access of a user computing device to a resource. The computing system can obtain an access request submitted by a user computing device. The computing system can verify permission information in the access request to determine that the access request is valid. If the access request is valid, the computing system submits an authentication request to request an authentication system to authenticate the user and obtains authentication results generated by the authentication system. The computing system further provides, based on the authentication results, an access control decision for the access request. | 2021-07-01 |
20210203668 | SYSTEMS AND METHODS FOR MALICIOUS CLIENT DETECTION THROUGH PROPERTY ANALYSIS - Systems and methods for detecting malicious clients through inspecting application properties are described. These may include requesting application properties from a client application, receiving a digital fingerprint from the client device, determining whether the digital fingerprint indicates that the client application is likely a malicious client, and taking a mitigation action based on determining that the client application is likely a malicious client. | 2021-07-01 |
20210203669 | DATA PROCESSING METHOD AND APPARATUS - A data processing method may include: determining, by a transaction initiation node in a blockchain, transaction data of a transaction and information to be hidden in the transaction data; obtaining, by using the transaction data as an input of a predetermined one-way function, a transaction root of the transaction, and constructing, based on the transaction root, proof data corresponding to the information to be hidden; and, after signing the transaction root, initiating a transaction request to write the transaction root and the proof data on the blockchain, for a node in the blockchain to perform consensus verification on the transaction root and the proof data, and approve or reject the transaction request based on a verification result. | 2021-07-01 |
20210203670 | Man-In-The-Middle Extender Defense In Data Communications - A method of determining whether a received message at a communications device is from a legitimate second device may include building a message intended for a legitimate second device, generating a time delay using a secret key known to the device and the legitimate second device, sending the built message to the legitimate second device, starting a timer at the time of sending the built message, receiving a response to the sent message, determining a response time of the received response based on a time value of the timer, determining an acceptable receive window of time based on the generated time delay, determining whether the determined response time is within the determined acceptable receive window of time, and when the determined response time is within the determined acceptable receive window of time, recognizing the received response as a legitimate message from the legitimate second device. | 2021-07-01 |
20210203671 | ADAPTIVE DOMAIN NAME SYSTEM - In an example, there is provided a method for tracking domain name server (DNS) requests, wherein the method comprises determining whether a DNS request has resolved; and for each non-resolving DNS request decomposing the domain name of the request into multiple components, determining, for each component, a value of a metric representing the occurrence of the component in a corpus, generating a scaling factor for the request on the basis of the values for each component, and incrementing a count of the total number of non-resolving DNS requests by a scaled value on the basis of the scaling factor. | 2021-07-01 |
20210203672 | LOCATION-SPOOFING DETECTION SYSTEM FOR A NETWORK SERVICE - A computing system can receive location data from computing devices of drivers, each of the computing devices operating a designated application associated with an application service. The system can determine a set of locational attributes of a respective driver and determine whether one or more anomalous locational attributes are present in the set of locational attributes of the respective driver. In response to determining that one or more anomalous locational attributes are present, the system can associate a data set with a driver profile of the respective driver. | 2021-07-01 |
20210203673 | FRAMEWORK FOR INVESTIGATING EVENTS - Systems, methods, and related technologies for determining an issue based on a plurality of events. The determining of an issue may include accessing network traffic from a network and accessing a plurality of events associated with the network traffic. An issue can be determined based on a correlation of a portion of the plurality of events, where the issue represents an incident associated with the portion of the plurality of events. The correlation of the portion of the plurality of events is based on network specific information. Information associated with the issue including the portion of the plurality of events may then be stored. | 2021-07-01 |
20210203674 | INLINE ANOMALY DETECTION FOR MULTI-REQUEST OPERATIONS - A method is described for a proxy to mitigate attacks from web application clients based on context of web application layer requests. The method includes receiving a plurality of web application layer requests from a web application layer client; aggregating a first set of requests from the plurality of web application layer requests, wherein the first set of requests are part of a first session; determining a profile based on the first set of requests, wherein the profile describes a baseline of expected behavior for a user of the web application layer client; and determining a first threat value associated with the first set of requests based on the first set of requests and the profile, wherein the first threat value describes the likelihood that the first set of requests are part of an attack on one or more web application servers. | 2021-07-01 |
20210203675 | System to Protect Against Password Spraying - A method includes determining, based on login information corresponding to a plurality of login attempts, that a set of password spray criteria have been satisfied. The method also includes generating respective scoring patterns corresponding to one or more password lengths and based on the respective scoring patterns, generating a common digital signature for a set of common passwords. The method further includes generating a spray digital signature for a set of potential spray passwords based on the respective scoring patterns. Additionally, the method includes comparing the spray digital signature with the common digital signatures to determine a number of matching components between the spray digital signatures and the common digital signature. Based on the number of matching components, the method includes determining whether a password spray has been attempted. | 2021-07-01 |
20210203676 | DETECTING PHISHING ATTACKS ON A NETWORK - A method, system, and computer-implemented method to manage threats to a protected network having a plurality of internal production systems is provided. The method includes monitoring network traffic from the plurality of internal production systems of a protected network for domain names. For each internal production system, a first collection of each unique domain name that is output by the internal production system is determined over the course of a long time interval. For each internal production system, a second collection of each unique domain name that is output by the internal production system is determined over the course of a short time interval. Domain names in the first and second collections associated with the plurality of internal production systems are compared to determine suspicious domain names that meet a predetermined condition. A request is output to treat the suspicious the suspicious domain names as being suspicious. | 2021-07-01 |
20210203677 | LEARNING METHOD, LEARNING DEVICE, AND LEARNING PROGRAM - A learning device generates a character class series abstracting a structure of a predetermined character string included in each of requests to the server which have been generated in a predetermined period. Also, for each of the combinations of the predetermined identification information and the character class series included in the requests, the learning device calculates a score for update which becomes higher as the number of times of appearance of the combination is increased and becomes higher as the appearance of the combination is continued. Based on the score for update, the learning device updates the profile of each combination for determining whether the request is an attack or not. | 2021-07-01 |
20210203678 | NETWORK SECURITY INTRUSION DETECTION - An intrusion detection system that includes a processor configured to receive HyperText Transfer Protocol (HTTP) data and to convert the HTTP data into a data tree object that links field values from the HTTP data. The processor is further configured to identify a field value from the data object tree and to determine a set of feature values for the field value corresponding with input features for the neural network model. The processor is further configured to apply the determined set of feature values to the neural network model to generate an attack vector array. The attack vector array includes flag bits that each correspond with an attack type. The processor is further configured to trigger an event in response to determining that at least one flag bit is set. | 2021-07-01 |
20210203679 | SYSTEMS AND METHODS FOR DYNAMICALLY RESTRICTING THE RENDERING OF UNAUTHORIZED CONTENT INCLUDED IN INFORMATION RESOURCES - Systems and methods for dynamically restricting rendering of unauthorized content included in information resources are provided herein. A computing device can identify an information resource including a content object specifying one or more graphical characteristics. The computing device can determine that the content object corresponds to a restricted content object by applying at least one of an action-based detection policy to detect actions performed on the information resource or a visual-based detection policy to detect the graphical characteristics of the content object. The computing device can modify by applying a content rendering restriction policy the information resource to alter rendering of the content element on the information resource responsive to the determination. | 2021-07-01 |
20210203680 | WEB SERVICE USAGE ANOMALY DETECTION AND PREVENTION - Certain aspects of the present disclosure provide techniques for detecting and preventing web service usage anomalies. Embodiments include forecasting, based on a model, a number of resource instances for one or more web services for a time period. Embodiments include receiving, after the time period has elapsed, a detected number of resource instances for the one or more web services for the time period. Embodiments include comparing the detected number of resource instances to the forecasted number of resource instances. Embodiments include determining, based on the comparing, a usage anomaly. Embodiments include determining an impact of the usage anomaly. Embodiments include outputting an indication of the usage anomaly and the impact of the usage anomaly. | 2021-07-01 |
20210203681 | THREAT MITIGATION IN A VIRTUALIZED WORKLOAD ENVIRONMENT USING SEGREGATED SHADOW WORKLOADS - The technology disclosed herein enables the detection and subsequent mitigation of threats in virtualized workload environments. In a particular embodiment, a method provides, in a workload orchestration platform, managing one or more first logical networks that include a plurality of first workloads and a plurality of shadow workloads. One or more initial processes of the shadow workloads, when instantiated, are known to a security application. The method further includes providing security permissions to the security application that enable the security application to manage the shadow workloads. Also, the method includes providing admin permissions to an administrator application that enable the administrator application to manage the first workloads irrespective of the shadow workloads. | 2021-07-01 |
20210203682 | CYBERSECURITY ON A CONTROLLER AREA NETWORK IN A VEHICLE - Cybersecurity on a Controller Area Network (CAN) in a vehicle. In an embodiment, electronic control units (ECUs), connected to a CAN bus, each comprise a hacking detection system, which, during an initialization stage, transmits a message comprising a CAN identifier, used by the respective ECU, to at least one other hacking detection system, receives a message comprising a CAN identifier, used by at least one other ECU, from the other hacking detection system, monitors one or more parameters, including at least one parameter of CAN messages received by the respective ECU and transmitted by the respective ECU, and generates a pattern-detection mechanism based on the monitored one or more parameters. Then, during a detection stage, each hacking detection system monitors the one or more parameters, and detects malicious activity based on the generated pattern-detection mechanism and the one or more parameters monitored during the detection stage. | 2021-07-01 |
20210203683 | ABNORMALITY DETECTION - A method of detecting abnormality may include the following steps. A normal-value range of a parameter for a target object is determined based on historical values of the parameter in a preset time period or at a preset time point. Whether the target object is abnormal is determined based on the normal-value range and the value of the parameter for the target object in the preset time period or at the preset time point within a current time cycle. Further, another normal-value range may be determined based on historical deviation values for the target object in historical time periods or at historical time points before the preset time period or the preset time point. Whether the target object is abnormal is determined based on either of the two normal-value ranges. | 2021-07-01 |
20210203684 | REAL-TIME DETECTION OF RISKY EDGE IN LATERAL MOVEMENT PATH - The detection of a risky edge in a lateral movement path is detected by determining the weakest point in the configuration of the user accounts, groups, and devices having access to the resources of a tenant of the cloud service. A lateral movement graph having nodes of user accounts, devices, and groups and edges representing relationships between the nodes is used to compute a risk score for each edge in the graph. The risk score of an edge is used to identify a weak connection and potential target for a lateral movement attack. | 2021-07-01 |
20210203685 | DISASTER SECURITY CALCULATION METHOD, AND USER TERMINAL AND NON-TRANSITORY MEDIUM IMPLEMENTING SAME - A disaster security resource calculation method includes obtaining disaster prevention data of a place to be evaluated and loss assessment data of the place in a disaster scenario, and determining disaster security resources required by the place to be evaluated in the disaster scenario using a preset calculation model according to the disaster prevention data and the loss assessment data. The disaster prevention data includes environmental information, item information, and personnel information. | 2021-07-01 |
20210203686 | RELIABILITY CALCULATION APPARATUS, RELIABILITY CALCULATION METHOD AND PROGRAM - A level-of-confidence calculation apparatus includes a first collecting unit that collects relevant information related to first threat intelligence that is input; a second collecting unit that collects, from a memory unit storing threat intelligence to which a level of confidence is appended, second threat intelligence related to the relevant information; a generation unit that generates a graph in which the first threat intelligence, the relevant information, and the second threat intelligence are set as nodes and the nodes relating to related information are connected; and a calculating unit that calculates, by applying a belief propagation method to the graph, a level of confidence of the first threat intelligence based on a level of confidence of the second threat intelligence, and therefore a level of confidence of threat intelligence with uncertain level of confidence can be calculated. | 2021-07-01 |
20210203687 | DYNAMICALLY GENERATING MULTI-FACTOR ENTITY RISK ASSESSMENTS WITHIN VIRTUALIZED ENVIRONMENTS - Disclosed embodiments relate to systems and methods for dynamically performing entity-specific security assessments for entities of virtualized network environments. Techniques include identifying an entity associated with a virtualized network environment, identifying a plurality of security factors, determining entity-specific weights to the plurality of security factors, and generating a composite exposure assessment for the entity. Further techniques include selecting at least two security factors of the plurality of security factors, identifying the weights corresponding to the selected security factors, and calculating the composite exposure assessment using the selected security factors and corresponding weights, analyzing the composite exposure assessment, and generating at least one of: a security recommendation based on the analysis to alter a scope of privileges of the entity, a notification providing an indication of the composite exposure assessment, or a visual representation of the composite exposure assessment of the entity. | 2021-07-01 |
20210203688 | DYNAMIC SECURITY ACTIONS FOR NETWORK TUNNELS AGAINST SPOOFING - An example network device receives an encapsulated network packet via a network tunnel; extracts IPv6 header information from the encapsulated network packet; extracts IPv4 header information from the encapsulated network packet; determines that the encapsulated network packet is a spoofed network packet based on the IPv6 header information and the IPv4 header information; and in response to detecting the spoofed network packet, transmits a message to a Tunnel Entry Point (TEP) device, the message including data representing the IPv6 header information and IPv4 header information. A tunnel entry point (TEP) device may receive the message and use the message to detect spoofed IPv6 traffic, e.g., when an IPv6 header and an IPv4 header of an encapsulated packet matches the IPv6 header and the IPv4 header specified in the message. In this manner, the TEP device may block, rate limit, or redirect spoofed network traffic. | 2021-07-01 |
20210203689 | METHOD AND SYSTEM FOR IDENTIFYING MALICIOUS ACTIVITY OF PRE-DETERMINED TYPE IN LOCAL AREA NETWORK - There is disclosed a method for identifying malicious activity, the method being executable by a supervisory electronic device. The method comprises accessing, a log to retrieve usage information associated with at least a portion of the plurality of electronic devices; analyzing the usage information to identify a subset of electronic devices; analyzing a list of network resources accessed; executing, by the supervisory electronic device a polling robot, the polling robot configured to: transmit to each of the list of network resources a ping message, the ping message having a first pre-determined format having been generated based on the malicious activity; analyzing, the response message; responsive to the response message having a second pre-determined format, the second pre-determined format having been identified based on the pre-determined type of malicious activity: determining that an associated network resource having generated the response message is associated with malicious activity. | 2021-07-01 |
20210203690 | PHISHING DETECTION USING CERTIFICATES ASSOCIATED WITH UNIFORM RESOURCE LOCATORS - A method for phishing detection using certificates associated with uniform resource locators (URLs) is discussed. The method includes accessing certificate portions of a certificate associated with a suspect URL, the certificate accessed at a database that includes certificates obtained by monitoring certificate logs. The method includes accessing a URL score for the suspect URL. The method includes assigning a certificate rule score based on partial certificate scores of certificate portions, the certificate rule score indicating a phishing potential for the certificate, each of the partial certificate scores indicating a likelihood of phishing of each portion based on certificate rules. The method includes using a machine learning model based on the URL score and the certificate to determine a uniqueness certificate score. The method also includes determining a phishing certificate score based on the certificate rule score and the uniqueness certificate score for the certificate. | 2021-07-01 |
20210203691 | MALWARE AND PHISHING DETECTION AND MEDIATION PLATFORM - A method for using a malware and phishing detection and mediation platform is discussed. The method includes accessing data from one or more of a monitored portion of website data and a monitored portion of emails, the data indicating a respective potential malware or a suspect phishing element (e.g., Uniform Resource Locator (URL)). The method includes selecting one of a plurality of detection engines for processing the data, where the selecting is based on previous results of previous processing by one or more detection engines. Each of the plurality of detection engines can be for performing one or more respective investigation actions on the plurality of data to determine a particular issue with one of the monitored data. The method also includes determining a mediation action based on a result of processing of the detection engine and the previous processing. | 2021-07-01 |
20210203692 | PHISHING DETECTION USING UNIFORM RESOURCE LOCATORS - A method for phishing detection using uniform resource locators is discussed. The method includes accessing data from one or more of a monitored portion of website data and a monitored portion of emails, the data indicating a suspect Uniform Resource Locator (URL). The method includes assigning a rule score based on partial rule scores of each portion of the suspect URL, the rule score indicating a phishing potential based on URL rules. The method includes determining a uniqueness score of the suspect URL, the uniqueness score indicating a degree of uniqueness of the suspect URL from a plurality of known phishing URLs. The method also includes determining a URL phishing score based, at least in part, on the rules scores and the uniqueness score for the suspect URL. | 2021-07-01 |
20210203693 | PHISHING DETECTION BASED ON MODELING OF WEB PAGE CONTENT - A method for phishing detection based on modeling of web page content is discussed. The method includes accessing suspect web page content of a suspect Uniform Resource Locator (URL). The method includes generating an exemplary model based on an exemplary configuration for an indicated domain associated with the suspect URL, where the exemplary model indicates structure and characteristics of an example web page of the indicated domain. The method includes generating a suspect web page model that indicates structure and characteristics of the suspect web page content. The method includes performing scoring functions for the potential phishing web page content based on the suspect web page model, where some of the scoring functions use the exemplary model to perform analysis to generate respective results. The method includes generating a web page content phishing score based on results from the scoring functions. | 2021-07-01 |
20210203694 | Systems and Methods for Tracking and Identifying Phishing Website Authors - A method of tracking phishing activity is disclosed. A request to download a webpage hosted as part of a legitimate website on a server is initiated. The request includes identification data pertaining to at least one user computing device. The identification data is extracted from the request. A unique identifier corresponding to the extracted identification data is generated. Fingerprint data is generated using at least a subset of the extracted identification data. The unique identifier, the extracted identification data and the fingerprint data is stored. The fingerprint data is encoded into a program and/or data associated with the webpage to generate a modified webpage. The modified webpage is transmitted from the server to the user computing device in response to the request. | 2021-07-01 |
20210203695 | ANTI-SPOOFING ATTACK CHECK METHOD, DEVICE, AND SYSTEM - An anti-spoofing attack check method, including: receiving, by a first network device, a packet via a first interface; determining, by the first network device based on a source IP address of the packet, a first identifier corresponding to the source IP address; determining, by the first network device based on the first interface, a second identifier corresponding to the first interface; and determining, by the first network device, security of the packet based on the first identifier and the second identifier. The method helps prevent misjudgment of the anti-spoofing attack check. | 2021-07-01 |
20210203696 | DYNAMIC MANAGEMENT OF DECEPTION SYSTEMS - Disclosed herein are methods, systems, and processes for dynamically deploying deception computing systems based on network environment lifecycle. Based on available lifecycle metadata associated with honeypots, a determination is made as to whether honeypot deployment criteria require maintaining a likelihood that a malicious attacker will target a given honeypot and/or preventing the malicious attacker from determining if a target is a protected host or the given honeypot. If a honeypot deployment criteria requires maintaining a likelihood that the malicious attacker will target the given honeypot, a ratio management operation is performed. In addition, if another honeypot deployment criteria requires preventing the malicious attacker from determining if the target is the protected host or the given honeypot, a host replacement operation is performed. | 2021-07-01 |
20210203697 | HTTPS request enrichment - This disclosure provides for a network element (in the middle) to inject enrichments into SSL connections, and for taking them out. This network element is sometimes referred to herein as a “middle box.” In the context of layered software architecture, this solution preferably is implemented by a library that operates below the SSL layer and above the TCP sockets layer at the two endpoints of the SSL connection. Preferably, the SSL enrichments are implemented as SSL/TLS records. | 2021-07-01 |
20210203698 | SELECTIVELY DISABLING ANTI-REPLAY PROTECTION BY A NETWORK SECURITY DEVICE - Systems and methods for selectively disabling anti-replay security checks based on a defined network policy that can override the globally-defined defaults for specific network sessions are provided. A network security device protecting a private network receives a packet associated with a network traffic flow between a source computing device and an internal destination computing device. The network security device identifies an anti-replay policy associated with the network traffic flow and whether the anti-replay policy is intended to override a global anti-replay policy of the network security device. When the identifying is affirmative, the network security device performs one or more anti-replay security checks in accordance with the anti-replay policy. When the identifying is negative, the network security device performs the one or more anti-replay security checks in accordance with the global anti-replay policy. | 2021-07-01 |
20210203699 | METHODS, SYSTEMS, AND MEDIA FOR PROTECTING COMPUTER SYSTEMS FROM USER-CREATED OBJECTS - Methods, systems, and media for protecting computer systems from user-created objects are provided. In some embodiments, the method comprises: detecting, at a second user device, that an object has been accessed on the second user device; determining whether an exception has occurred by scanning the object on the second user device; in response to determining that the exception has occurred, transmitting, from the second user device to a server, a request for a security policy to be applied by the second user device in connection with the object, wherein the request includes an identifier of the object; receiving, from the server, the security policy; determining, based on the security policy, that the object was created by a first user device associated with an organization the second user device is also associated with; determining whether to allow the object to be accessed by the second user device based on the security policy; and in response to determining that the object is allowed to be accessed, allowing the object to be accessed on the second user device. | 2021-07-01 |
20210203700 | METHODS AND APPARATUS TO PRESERVE ORIGINAL ATTESTATION/SIGNATURE INFORMATION FOR DIVERTED CALLS - Communications methods and apparatus for preserving STIR/SHAKEN original attestation/signature information for diverted Session Initiation Protocol (SIP) messages and/or calls. An exemplary method embodiment includes the steps of: receiving, at a first Session Border Controller (SBC), a diverted Session Initiation Protocol (SIP) INVITE message corresponding to a first call, the diverted SIP INVITE message not including an Identity header; obtaining an original Identity header or information from the original Identity header corresponding to the first call using one or more of the following: information included in the diverted SIP INVITE message, information included in a Session Description Protocol message included in the diverted SIP INVITE message, an SBC trunk group, or a source Internet Protocol (IP) address transport protocol port of an IP packet carrying the diverted SIP Invite message; and generating an Identity header based on the original Identity header or information from the original identity header. | 2021-07-01 |
20210203701 | CALL PROTECT GEOLOCATOR DISPLAY FOR 5G OR OTHER NEXT GENERATION NETWORK - Call spoofing can be mitigated by providing geolocation information to the called device. For example, when a call rings, a geolocator can be invoked and the incoming call display screen can show a carrier logo and/or a geolocator globe illustrating the location of the call originator. The geolocation session initiation protocol data can be confirmed by a network device and compared against carrier specific data of the calling device to authenticate voice calls for called devices. In one embodiment location data of the calling device can purposely be shared in order to facilitate the mitigation of call spoofing. | 2021-07-01 |
20210203702 | INFORMATION PROCESSING SYSTEM, INFORMATION PROCESSING METHOD, AND COMPUTER PROGRAM - One or more computer processors include (i) a distribution portion that distributes, to a viewing user terminal, information about a video including an animation of a character object of a distribution user, (ii) a receiver that receives a display request for a specified gift transmitted from the viewing user terminal, (iii) an object display device that displays a specified gift object corresponding to the specified gift in the video, based on the display request received by the receiver, (iv) a determination portion that determines whether behavior information of the distribution user or another gift object satisfies a predetermined condition associated with the specified gift object, and (v) an expression portion that changes at least one of a movement and a shape of the specified gift object when the determination portion determines that the predetermined condition is satisfied. | 2021-07-01 |
20210203703 | Ad hoc network-based collaboration using local state management and a central collaboration state update service - According to an exemplary embodiment, multiple users participate in a session to watch source media content (e.g., a movie or a video). Typically, an end user accesses the session via a mobile app executing on the user's mobile device, while the session itself is hosted in a server-based collaboration infrastructure. The source media content comprises at least one branching storyline. At a branch, a storyline in the source media content (typically a series of connected video clips) branches in at least two directions. According to the approach herein, and to facilitate the collaboration, upon reaching the branch, the participants in the session vote to determine the direction the story should then take going forward. Votes cast by the participants then determine which path the story advances. In so doing, the participants—working collaboratively—act as the producers or directors of the movie. In this manner, the system provides an entertaining and collaborative session that is highly interactive and enables the users themselves to determine how the story plays out. | 2021-07-01 |
20210203704 | CLOUD GAMING GPU WITH INTEGRATED NIC AND SHARED FRAME BUFFER ACCESS FOR LOWER LATENCY - Methods and apparatus for cloud gaming Graphics Processing Unit (GPU) with integrated Network Interface Controller (NIC) and shared frame buffer access. The GPU include one or more frame buffers that provide shared access to an integrated encoder/decoder. The GPU further includes an integrated NIC coupled to the integrated encoder/decoder and one or more video outputs coupled to the one or more frame buffers. The GPU is configured to process outbound and inbound game image content that is encoded and decoded using a video codec or using a game tile encoder and decoder. Video frames buffered in the frame buffer(s) are encoded by the integrated encoder and forwarded directly to the NIC to be packetized and streamed using a media streaming protocol. Inbound streamed media content is depacketized by the NIC and decoded by the integrated decoder, which writes the decoded content to a frame buffer to regenerate. | 2021-07-01 |
20210203705 | Multicast overlay network for delivery of real-time video - A method of multicasting real-time video is described. The method begins by establishing a multicast network of machines capable of ingress, forwarding and broadcasting traffic, together with a mapping infrastructure. The multicast network preferably comprises a portion of an overlay network, such as a content delivery network (CDN). A video stream is published to the multicast network by (a) using the mapping infrastructure to find an ingress node in the multicast network, and then receiving the video stream from a publisher at the ingress node. One or more subscribers then subscribe to the video stream. In particular, and for subscriber, this subscription is carried out by (a) using the mapping infrastructure to find an egress node for the requesting client, and then delivering the video stream to the subscriber from the egress node. Preferably, the publisher and each subscriber use WebRTC to publish or consume the video stream, and video stream is consumed in a videoconference. | 2021-07-01 |
20210203706 | Systems, Methods, and Media for Delivery of Content - Systems, methods, and computer readable media for delivery of content are provided. In some embodiments, systems for controlling delivery of content are provided, the systems comprising processing circuitry configured to: receive a request to stream the content, the request being received from a user equipment device; determine a first location of the user equipment device; determine a count of user equipment devices that are located at the first location and are currently streaming the content; determine whether the count meets a threshold; and responsive to determining that the count meets the threshold, add a first content delivery network to a pool of one or more content delivery networks that are used to stream the content. | 2021-07-01 |
20210203707 | SYSTEMS AND METHODS FOR TRANSMISSION OF AUDIO INFORMATION - Embodiments of systems and methods for transmission of audio information are disclosed herein. In one example, a System on Chip (SoC) includes a wired transceiver module, a wireless module, a Frequency Modulation (FM) demodulation module, and an audio information codec module operatively coupled to the wired transceiver and the FM demodulation module. The wired transceiver module is configured to receive a data packet corresponding to first audio information. The wireless module is configured to receive an FM signal, corresponding to second audio information. The FM demodulation module is configured to output the second audio information based on demodulating the FM signal. The audio information codec module is configured to decode the first audio information and the second audio information based on the data packet and the demodulated FM signal, respectively. | 2021-07-01 |
20210203708 | INTERNET STREAMING OF DYNAMIC CONTENT FROM A FILE - Internet broadcast media streaming is described wherein triggers from internal or external systems for controlling audience media players cause an encoder system to generate command messages. Command messages are encoded into a composite output time-synchronous with the broadcast media. The composite output is written to a file or delivered to a streaming media distribution system configured to write the received composite media stream to a file for access by client media players. The command messages cause the media players to obtain or present dynamic content in association with the broadcast streaming media, and to cause any desired configuration changes to the appearance of the media player or the method or manner in which the dynamic content is presented. | 2021-07-01 |
20210203709 | Embedding MQTT messages in media streams - This disclosure provides embedding a messaging channel directly into a media stream, where messages delivered via the embedded messaging channel are the extracted at a client media player. An advantage of embedding a message is that it can be done in a single ingest point and then passes transparently through a CDN architecture, effectively achieving message replication using the native CDN media delivery infrastructure. | 2021-07-01 |
20210203710 | SYSTEM AND METHOD FOR REAL-TIME MOBILE NETWORKS MONITORING - Real-time cell performance information for each of cells in a mobile communication network, referred to herein as network topology information, is produced using IP addresses of data sessions in the cells, measured performance of the data sessions, and IP address to cell identifier mappings. The network topology information may be used to determine, in real time, a level of monitoring for each of the cells. The network topology information may be used to determine, in real time, performance of video streams in each cell. The network topology information may be used to determine, in real time, that a cell is experiencing a performance anomaly. Determinations made using the network topology information may be used to configure, maintain, and optimize the performance of the mobile communication network. | 2021-07-01 |
20210203711 | Embedded Mobile Browser - The technology is directed to a web browser and associated systems and methods for providing tailored experiences based on a user's use of the web browser. One or more processors may receive a requested URL and classify the requested URL into an activity type. The one or more processors may retrieve additional information associated with the requested URL based on the classified activity type and determine one or more driving actions based on the activity type and the retrieve additional information, each of the one or more driving actions configured to cause a web browser to perform an action. The one or more processors may provide the one or more driving actions, the classified activity type, and the additional information to the web browser. | 2021-07-01 |
20210203712 | Updating Electrical Devices With Limited Communication Capability In Integrated Networks - A system for providing data to electrical devices in an interconnected network can include a user system disposed in a volume of space, where the user system has a communication range, where the user system broadcasts multiple communication signals into the volume of space. The system can also include an electrical device disposed within the communication range of the user system, where the electrical device includes a controller, where the controller can retrieve first information from a first communication signal, where the information includes a file identification for a file and a number of blocks in the file. The controller can also generate a table for the number of blocks in the file and retrieve second information from a second communication signal, where the second information comprises a first block of the file. The controller can also store the first block of the file in the table. | 2021-07-01 |
20210203713 | Form Engine - Systems and methods herein provide for a form engine communicatively coupled to a storage system to retrieve a plurality of graphical control elements from a first of the source systems. The form engine generates a template that controls placement of the graphical control elements into the electronic document based on user-selectable cartesian coordinates, and persists the template in the storage system according to the compartmentalized portion of the first source system. The form engine may then authenticate a first user of the first source system, import an electronic file at the direction of the user, retrieve the template from the storage system, and format placement of the graphical control elements in the electronic file according to the cartesian coordinates of the template and a scale of the electronic file to generate an electronic form for the first source system. | 2021-07-01 |
20210203714 | SYSTEM AND METHOD FOR IDENTIFYING CAPABILITIES AND LIMITATIONS OF AN ORCHESTRATION BASED APPLICATION INTEGRATION - In accordance with an embodiment, described herein are systems and methods identifying capabilities and limitations of an orchestration based application integration. The systems and methods described herein can detect and publish/expose such a set of limitations and capabilities of the adapters/connectors to the integration platform. In this way, such metadata can be used, for example, by a user of an integration system in designing an integration of applications, or in selecting an orchestration, based upon, e.g., the published metadata that indicates the capabilities of the individual adapters/connectors, or the orchestration as a whole (or parts thereof). This way, once an orchestration is active for processing requests, then it can also publish a metadata considering the metadata of involved adapters. This metadata can be used in adjusting requests to an integration. | 2021-07-01 |
20210203715 | METHOD AND APPARATUS FOR TRANSFERRING AN EDGE COMPUTING APPLICATION - Provided are a method and apparatus for transferring an edge computing application. The method includes: receiving, by a first edge computing application of a first edge computing host, a first message sent by an edge computing platform of the first edge computing host, where the first message includes edge computing application information of a second edge computing host; and sending, by the first edge computing application, a second message to a second edge computing application of the second edge computing host according to the edge computing application information of the second edge computing host, where the second message carries user context information. | 2021-07-01 |
20210203716 | FUNCTION MANAGER FOR AN EDGE COMPUTE NETWORK - An Edge Compute Network (“ECN”) may provide compute devices with configurable compute resources at different network edges for selective localized and low latency execution of user-defined operations. A user may provide a set of operations in any of several supported programming languages, and the ECN may create an executable environment that can execute the set of operations using the compute resources of any ECN compute device. A function manager for a compute device may selectively initialize, based on requests to execute the set of operations and an initialization policy, the executable environment so that the set of operations can be directly executed using the compute resources of that compute device upon request. The function manager may also selectively remove initialized executable environments based on compute device resource utilization, executable environment usage, and a removal policy. | 2021-07-01 |
20210203717 | Delegated Services Platform System and Method - System and method for delegating to a local appliance some or all tasks traditionally performed by a central service endpoint in responding to a request from an end-consumer for content, an application, or a service. The local appliance is typically a computer server with associated local storage. Local appliances capable of providing the requested content, application or service, and also handling any security protocols or similar specialized requirements, are identified and selected to service the end-consumer's request, while the central service point retains overall management of the process and can, if appropriate, resume handling of the request in a manner that is substantially seamless to the end-consumer. Other capable local appliances can also be identified, based on network performance criteria, and re-delegation can occur to support movement of mobile devices or other network conditions. | 2021-07-01 |
20210203718 | ENCODING/DECODING STRUCTURE AND DISTRIBUTED DATA SYSTEM USING THE SAME - A distributed data system divides an original file into N different block files and distributes the block files to a number of servers of N or more in a distributed manner. The distributed data system includes an encoding unit configured to separate the original file into pieces of data at the same interval, separate the separated pieces of data into N pieces again, respectively multiply the N pieces of data which are separated again by coefficients corresponding to servers to which the pieces of data are to be distributed, and total the values to compress data into one piece of data, and a decoding unit configured to acquire a linear equation for collecting and decoding encoded data from the selected N servers, and obtaining the N block files from the respective servers. | 2021-07-01 |
20210203719 | TRANSFER CONTROL DEVICE, TRANSFER CONTROL METHOD, SERVICE PROVISION SYSTEM, AND TRANSFER CONTROL PROGRAM - To provide a transfer control apparatus, a transfer control method, and a transfer control program, by which it is possible to improve availability without modifying an application side. The transfer control apparatus | 2021-07-01 |
20210203720 | DATA TRANSMISSION METHOD AND AUTOMATION COMMUNICATION NETWORK - At least one distribution node with a plurality of input/output interfaces is provided in an automation communication network. Data is exchanged via telegrams with priority levels. The distribution node interrupts transmission of a telegram having a first priority level if a telegram with a second, higher priority level is received. The distribution node terminates the interrupted telegram, which forms a first fragment defined by sending first fragmentation information at the end of the first fragment. A part that has not been sent forms a second fragment. The distribution node stores the second fragment together with second fragmentation information. After sending the telegram having the second, higher priority level, the distribution node sends the second fragment together with the second fragmentation information. A node, for which the telegram having the first priority level is intended, assembles the first and second fragments on the basis of the first and second fragmentation information. | 2021-07-01 |
20210203721 | SYSTEM AND METHOD FOR MULTI-STAGE GENERATION OF RESPONSES TO DATA REQUESTS - A method includes: receiving, at an intermediation server from a client subsystem, a data request including a set of request parameters; transmitting the set of request parameters from the intermediation server to a plurality of provider subsystems; receiving, at the intermediation server, respective initial responses each containing sets of initial response data corresponding to the request parameters; sending, from the intermediation server to at least one of the provider subsystems, a secondary request for updated response data, the secondary request including an indication of at least one set of initial response data; receiving, in response to the secondary request, the updated response data; and transmitting the updated response data to the client subsystem. | 2021-07-01 |
20210203722 | DYNAMIC THROUGHPUT INGESTION OF BACKUP SOURCES - A method and apparatus for dynamically adjusting an ingestion rate for backup operations on a source system. The method generally includes monitoring a resource utilization related to one or more performance metrics of the source system in performing at least a primary workload. Based on the monitored resource utilization, the backup system determines a data ingestion rate for backup operations on the source system. The backup system ingests data from the source system to a backup repository at the determined data ingestion rate. | 2021-07-01 |
20210203723 | Data Storage Method and Apparatus - A method and apparatus with a data storage device receives a data write request that is sent by a first tenant, and determines, from a plurality of resource zones (RZs) and based on the data write request and storage permission of the first tenant for each of the plurality of RZs. The data storage device further determines distribution of N duplicates in the at least one RZ based on the data write request and a first data distribution policy, and stores the N duplicates into at least one node corresponding to the at least one RZ based on distribution of the N duplicates in the at least one RZ and a second data distribution policy. | 2021-07-01 |
20210203724 | COMMUNICATION DEVICE, COMMUNICATION SYSTEM, AND COMMUNICATION METHOD - A communication device includes a first communication circuit configured to receive, from a user terminal, a notification signal including at least identification information and request information representing a transmission request to provide transmission data including at least biomedical information, a second communication circuit configured to receive the transmission data from the user terminal, and a controller. The controller executes, in parallel, a first process including receiving the notification signal from the user terminals by controlling the first communication circuit and a second process including receiving the transmission data from the user terminal among the user terminals by controlling the second communication circuit, and determines to receive the transmission data from the user terminal, among the user terminals, when the request information in the notification signal received from the user terminal represents that the biomedical information to be transmitted is recorded in the user terminal. | 2021-07-01 |
20210203725 | WIRELESS LOCAL AREA NETWORKS - In some examples, a system includes a plurality of network controllers, a WI-FI wireless local area network (WLAN) over which at least a first network controller and a second network controller of the plurality of network controllers are to communicate, wherein a link between the first network controller and the second network controller through the WI-FI WLAN is a synchronized link. | 2021-07-01 |
20210203726 | DEVICE MANAGEMENT SYSTEM AND DEVICE MANAGEMENT METHOD - A device management system includes: a server; base stations for long-distance wireless communication; and a device that communicatively connect to one of the base stations and that each sequentially transmit, to the server via the one base station, operation information indicating the current operation state of the device. Upon sequentially receiving the operation information, each of the base stations sequentially transmits, to the server, unique information unique to the base station together with the sequentially received operation information. The server sequentially receives, and sequentially stores in association with each other, the operation information and the unique information. When first and second unique information received at first and second times, respectively, are different, the server separately manages first operation information received in a first period ending at the first time and second operation information received in a second period starting at the second time. | 2021-07-01 |
20210203727 | AUGMENTED REALITY OBJECTS REGISTRY - Various embodiments provide for a registry for augmented reality (AR) objects, which can provide AR objects to a client device to support various software or hardware applications. For instance, some embodiments provide for an AR object registry that facilitates or enables registration of one or more AR objects in association with one or more locations across a planet. | 2021-07-01 |
20210203728 | Opportunistic Transmission Control Protocol (TCP) Connection Establishment - A TCP intermediate device receives a first SYN packet from a TCP client to establish a TCP connection between the TCP client and a TCP origin server. Prior to the TCP connection being fully established, the TCP intermediate device transmits a second SYN packet to the TCP origin server. The TCP intermediate device transmits a first SYN-ACK packet to the TCP client. The TCP intermediate device receives a first ACK packet from the TCP client. The TCP intermediate device receives a second SYN-ACK packet from the TCP origin server. The TCP intermediate device transmits a second ACK packet to the TCP origin server as part of establishing the third TCP connection. | 2021-07-01 |
20210203729 | SIP MICROSERVICES ARCHITECTURE FOR CONTAINER ORCHESTRATED ENVIRONMENTS - Systems and methods for message processing. In one example, a system includes a state cluster network, a synchronization cluster network, and an engine cluster network. The engine cluster network includes an electronic processor configured to receive a first message corresponding to either a session initiation protocol message or a timeout message, retrieve, from the state cluster network, a session initiation protocol data object, initialize a state machine using the session initiation protocol data object and process the first message, transmit a timer request to the synchronization cluster network for managing a timer, transmit a second session initiation protocol message to a target entity based on the received first message, and transmit a second session initiation protocol message to the state cluster network. | 2021-07-01 |
20210203730 | SYSTEM AND METHOD FOR NETWORK MIGRATION WITH MINIMAL TRAFFIC IMPACT - Migrating data traffic from legacy networks to packet networks by inserting a first circuit emulation device (CEM) at a first endpoint and a second circuit emulation device (CEM) at a second endpoint of a connection in the legacy network, duplicating data traffic provided to the first CEM by routing one copy of the data traffic over the connection in the legacy network to the second CEM and one copy of the data traffic over a packet network from the first CEM to a comparison server, duplicating data traffic provided to the second CEM over the legacy network from the first CEM by routing one copy of the data traffic to customer communication equipment and one copy of the data traffic to the comparison server, comparing the data traffic routed to the comparison server and validating that the packet network can be used to replace the connection in the legacy network. | 2021-07-01 |
20210203731 | DISCOVERY OF CLOUD-BASED INFRASTRUCTURE AND RESOURCES - A computing system includes a persistent storage configured to store, as one or more configuration items and on behalf of a managed network, a table of resources provided by a remote computing system to the managed network. The computing system includes a discovery application configured to perform operations. The operations include querying a resource manager application programming interface (API) to identify resources within the remote computing system. The remote computing system is configured to generate a resource inventory file and store the resource inventory file within a storage bucket in response to the query. The resource inventory file contains a list of resources and attributes. The operations also include polling the storage bucket to determine when the resource inventory file has been fully written. In addition, the operations include parsing the resource inventory file to generate representations of the resources. Further, the operations include storing the representations in the table. | 2021-07-01 |
20210203732 | CONTEXTUAL ROUTING CONFIGURATION AND SERVICE NAMING FOR MULTI-CLUSTER SERVICE MESH - A method may include obtaining a first dependency of a first calling service on a called service and a second dependency of a second calling service on the called service. The method may further include generating a first routing configuration for the first calling service that maps a name of the called service to an ingress point of a first cluster, generating a second routing configuration for the second calling service that maps the name of the called service to the ingress point of the first cluster, detecting a relocation of the called service to a second cluster, modifying the first routing configuration to map the name of the called service to an ingress point of the second cluster, and modifying the second routing configuration to map the name of the called service to a local name of the called service within a namespace of the second cluster. | 2021-07-01 |
20210203733 | Automated Constrained Datamodel Provisioning Procedure - According to an aspect, communications device (e.g., IoT device) is configured to allow attachment of one or more peripheral devices. The communications device detects attachment of a peripheral device and obtains a template description file for the peripheral device. The template description file includes one or more service descriptions corresponding to respective exposed peripheral services, where each service description includes one or more peripheral-specific operations. The communications device receives, from a network-based application, a query directed to the peripheral device, the query requesting one of the exposed peripheral services. The communications device executes the peripheral-specific operations from the service description corresponding to the requested one of the exposed peripheral services and responds to the network-based application with a result of the peripheral-specific operations. | 2021-07-01 |
20210203734 | MULTI-CHANNEL COGNITIVE RESOURCE PLATFORM - Embodiments of the invention are directed to systems, methods, and computer program products for providing a multi-channel cognitive resource platform configured for intelligent, proactive and responsive communication with a user, via a user device. The system is further configured to perform one or more user activities, in an integrated manner, within a single interface of the user device, without requiring the user to operate disparate applications. Furthermore, the system is configured to receive user input through multiple communication channels such as a textual communication channel and an audio communication channel. The system is further configured to switch between the various communication channels seamlessly, and in real-time. | 2021-07-01 |
20210203735 | TOPICAL ACTIVITY MONITOR AND IDENTITY COLLECTOR SYSTEM - A method for identifying respective networked devices in a social communications network, which networked devices communicate messages relevant to an article. The messages may include posts, shares, likes, votes, ranks, and other comments. A server of the social communications network maintains a respective identity (e.g., user name or handle) for each connected networked device, respectively, of the social communications network. The server includes an API for requests. The method includes receiving a search item from a data communications network, collecting articles related to the search item from each of the at least one source of articles of the data communications network, storing in a database, for each respective one of the article from the step of collecting, a respective unique identifier representing the article, comparing the search item to each respective unique identifier, respectively, of the database, to determine similarity of the respective unique identifier to the search item, compiling a result set of each respective unique identifier determined similar to the search item in the step of comparing, communicatively detecting the share count of the messages of the social communications network related to the result set, deriving a score based collectively on all of the share counts from the step of communicatively detecting, the score represents topical activity of networked devices of the social communications network for the search item, calling the API of the server intermediating communications among the networked devices of the social communications network, receiving the identities of the networked devices of the social communications network; and storing the identities in a database in a storage. | 2021-07-01 |
20210203736 | INFORMATION PROCESSING APPARATUS, INFORMATION PROCESSING METHOD, AND PROGRAM - An information processing system that generates commentary, the commentary including first commentary generated based on behavior information corresponding to a behavior of a user and second commentary associated with the first commentary; and outputs the commentary to be available to other users. | 2021-07-01 |