39th week of 2021 patent applcation highlights part 82 |
Patent application number | Title | Published |
20210306323 | METHOD AND SYSTEM FOR INSTANT SINGLE SIGN-ON WORKFLOWS - A method, a non-transitory computer readable medium, and a system are disclosed for a single sign-on for services. The method includes: receiving, on a computer processor, user identification captured by a biometric device of a user; forwarding, by the computer processor, the user identification to an authentication server; receiving, on the computer processor, a user JSON Web Token (user-JWT), user principle name, active directory domain name, and user domain name password, upon authentication of the user by the authentication server; performing, by the computer processor, an active directory join operation with an active directory using the user principle name, the active directory domain name, and the user domain name password; launching, on the computer processor, a browser that communicates with the authentication server; and receiving, on the computer processor, an HTML page constructed with JavaScript code with clickable icons for provisioned services from the authentication server. | 2021-09-30 |
20210306324 | AUTHENTICATION SERVER AND METHOD THAT ALLOW USER TO LOG INTO APPLICATION OR SERVICE PROVIDED VIA CLIENT DEVICES - An authentication server is connected to a plurality of client devices via a network and includes: a storage that stores a database including: a plurality of pieces of user information; and multiple kinds of a plurality of pieces of credential information for logging into an application or service provided by an external server via each of the client devices; and a processor that: upon receiving a first piece of user information from a first client device, determines whether the database contains a first piece of credential information corresponding to the first piece of user information, and upon determining that the database contains the first piece of credential information, sends to the first client device the first piece of credential information required to allow a user to log into the application or service provided via the first client device. | 2021-09-30 |
20210306325 | SYSTEMS, METHODS, AND STORAGE MEDIA FOR ADMINISTRATION OF IDENTITY MANAGEMENT SYSTEMS WITHIN AN IDENTITY INFRASTRUCTURE - Systems, methods, and storage media for management of identity systems in an identity infrastructure are disclosed. Exemplary implementations may: install a discovery agent in the identity infrastructure; assess the identity infrastructure by the discovery agent; install an identity fabric in the identity infrastructure based on the assessing; receive, at the identity infrastructure, one or more data flows pertaining to identity data or identity metadata for at least one identity domain/system; manage, by a controller element, control plane operations across one or more elements or agents; manage, by at least one of the agents, the one or more data flows; detect and monitor, by the one or more elements or agents, at least one event linked to the one or more data flows; and assess the identity data or metadata and an associated state across the identity domains in the identity infrastructure based on the detecting and monitoring. | 2021-09-30 |
20210306326 | ENHANCED HOP BY HOP SECURITY - Embodiments of the present disclosure relate to methods, apparatuses and computer readable storage media for hop-by-hop security. A proposed method comprises receiving, at a first apparatus and from a second apparatus associated with a first network function, a message directed from the first network function to a second network function, the message comprising a first signature and network function information, the network function information at least comprising identification information of the first network function; in accordance with a successful validation of the first signature, updating the message with a second signature specific to a service communication proxy implemented by the first apparatus; and transmitting the updated message to a third apparatus associated with the second network function, the updated message comprising at least the second signature and the network function information. | 2021-09-30 |
20210306327 | SECURING SENSITIVE HISTORIAN CONFIGURATION INFORMATION - Systems and methods for securing configuration information for cloud-based services. A system comprises a data store and data sets including plant process information and configuration information. A memory device stores computer-executable instructions. When executed by a processor coupled to the cloud service, the instructions receive configuration information, store it in a data file, apply a generated certificate to the file, and deploy the resulting protected configuration data file to the cloud-based service. In addition, the protected configuration data file is made available by obtaining the file from the cloud-based service. | 2021-09-30 |
20210306328 | MULTI-FACTOR GEOFENCING SYSTEM FOR SECURE ENCRYPTION AND DECRYPTION SYSTEM - A method includes logging into a server and sending geolocation information to the server by a first device. The first device requests rights to decrypt a secure data file, and in response, the server sends a machine-readable optical label to the first device. The first device displays the machine-readable optical label. A second device logs into the server, and scans the machine-readable optical label displayed by the first device to create a scanned image. The second device decodes data from the scanned image to form decoded data. Geolocation information of the second device and the decoded data are submitted to the server. The decoded data and the geolocation information are validated by the server, and in response to successfully validating the geolocation information, a link completion status indicator is sent to the second device, and information to decrypt the secure data file is sent to the first device. | 2021-09-30 |
20210306329 | USER AUTHENTICATION THROUGH REGISTERED DEVICE COMMUNICATIONS - Disclosed are various embodiments providing user authentication through registered device communications. An authentication request is received from a client device. A user is authenticated for access to a user account based at least in part on the client device providing the authentication token. The authentication token is generated by the client device or by one or more other computing devices and sent to the client device. The client device encrypts the authentication token based at least in part on a user authenticating factor and stores the encrypted authentication token on the client device. | 2021-09-30 |
20210306330 | AUTHENTICATION SERVER, AND NON-TRANSITORY STORAGE MEDIUM - A terminal apparatus ( | 2021-09-30 |
20210306331 | CALLER AND RECIPIENT ALTERNATE CHANNEL IDENTITY CONFIRMATION - A system and method are disclosed that leverage multi-factor authentication features of a service provider and intelligent call routing to increase security and efficiency at a customer call center. Pre-authentication of customer support requests reduces the potential for misappropriation of sensitive customer data during call handling. A contactless card uniquely associated with a client may provide a second factor of authentication to reduce the potential for malicious third-party impersonation of the client. Pre-authorized customer support calls are intelligently and efficiently routed in a manner that reduces the opportunity for malicious call interference and information theft. | 2021-09-30 |
20210306332 | AUTHENTICATION SERVER AND METHOD THAT PROVIDE AUTHENTICATION INFORMATION UPON INTERRUPTION OF POWER SUPPLY - An authentication server is connected to a client device via a network and includes: an uninterruptible power supply (UPS) that supplies power to the authentication server upon interruption of a main power supply; a storage that stores a database including: a piece of user information of a user of the client device; and a piece of authentication information for the user to log into the client device or a predetermined server on the network via the client device; and a processor that, once the UPS starts to supply the power to the authentication server, transmits to the client device the piece of authentication information corresponding to the piece of user information before the authentication server is shut down. | 2021-09-30 |
20210306333 | SYSTEMS AND METHODS FOR INTEGRATING SYSTEMS OVER UNTRUSTED NETWORKS - Described herein is a computer implemented method for configuring a receiving system to receive data from a sending system. The method comprises receiving an integration creation request from a client application. In response, a specific integration user account is created with credentials which provide access to the receiving system. The credentials are communicated to the client application. In addition, an integration record comprising details in respect of the integration is created, stored, and associated with the specific integration user account. | 2021-09-30 |
20210306334 | CONDITIONALLY-DEFERRED AUTHENTICATION STEPS FOR TIERED AUTHENTICATION - Techniques are described herein for using special session identifiers to defer additional authentication steps (AAS) for at least some restricted application actions. A client session is associated with a special session identifier that is mapped to an authentication tier (AT) achieved for the session based on the satisfied authentication steps. Web servers that are enabled for AAS deferral include context information, which identifies a requested action, with session verification requests to an authentication service. The authentication service determines that AAS is required to perform an action when (a) the AT associated with the action is a higher-security tier than the AT associated with the session, or (b) the session is associated with an AT that is lower than the highest-security AT and there is no context information accompanying the request for session validation, in which case the authentication service assumes that the highest-security AT is required to perform the request. | 2021-09-30 |
20210306335 | OUT-OF-BAND AUTHENTICATION BASED ON SECURE CHANNEL TO TRUSTED EXECUTION ENVIRONMENT ON CLIENT DEVICE - Provided is a process that affords out-of-band authentication based on a secure channel to a trusted execution environment on a client device. The authentication process includes one or more authentication steps in addition to verifying any credentials provided by a client device. A notification may be transmitted by a server to a device other than the client device attempting to access the asset. That device may be a mobile device with a trusted execution environment storing user credential information, and the server may store representations of those credentials. The mobile device collects user input credentials and transmits representations for matching the previously stored representations and signed data for verification by the server that received data originated from the mobile device. The access attempt by the client is granted based in part on the result of authenticating the data received from the mobile device in a response to the notification. | 2021-09-30 |
20210306336 | AUTONOMOUS APPLICATION PROGRAMMING INTERFACE CLAIM REQUIREMENTS DISCOVERY - In an approach for autonomous claim requirements discovery of APIs, a processor receives an access request from a client to a server. A processor validates the access request. A processor queries claim requirements in a claim document from the server upon the validation of the access request. A processor receives the claim requirements. A processor constructs a token based on the claim requirements. A processor sends the token to the server. A processor receives a response from the server. A processor sends the response to the client. | 2021-09-30 |
20210306337 | INTEGRATED ACTIVITY MANAGEMENT SYSTEM AND METHOD OF USING SAME - A method of providing secure communication between users of a network using layered security, the method includes providing a communicator to each user of a network, each user having user information including user hardware, user software, and user location stored within the network, providing multiple keys to each communicator and corresponding locks to the network, each key including a plurality of identifiers to confirm identity of the user, verifying that a user seeking to obtain access to the network has a communicator with keys that match all the locks stored on the network, and providing the user access to the network when the keys on the communicator are verified, wherein the plurality of identifiers is a combination of user hardware, user software, and user location. | 2021-09-30 |
20210306338 | ROLE-BASED ACCESS CONTROL POLICY AUTO GENERATION - In some examples, an access control policy controller in a computer network may receive a request to create an access control policy that permits a role to perform one or more functions in the computer network. The access control policy controller may determine one or more operations performed on one or more objects in the computer network to perform the one or more functions based at least in part on tracking performance of the one or more functions in the computer network. The access control policy controller may create the access control policy for the role that permits the role to perform the one or more operations on the one or more objects in the computer network. | 2021-09-30 |
20210306339 | METHOD AND APPARATUS FOR CONTROLLING ACCESS TO CUSTOM BROWSER FUNCTIONALITY - A method, non-transitory computer readable medium and apparatus for controlling access of a custom browser function are disclosed. For example, the method includes a processor that sends a request to a third party website, receives a hypertext markup language code and a browser script, renders the hypertext markup language code, detects that the browser script is trying to access a custom browser function, compares one or more parameters associated with the custom browser function to an access control list to control an access of the custom browser function, and executes the custom browser function when a match of the one or more parameters is found in the access control list. | 2021-09-30 |
20210306340 | CYBERSECURITY HARDENING FOR NETWORKED SYSTEMS - A computer-readable medium contains cybersecurity configuration settings (CCS) generating file(s) including instructions when executed cause a processor of a computer located at a node in a networked system having computers including at least one computer system class to generate CCS. The CCS generating file includes group policy objects (GPOs) applicable to all computers, policy setting scripts that are applicable to 2021-09-30 | |
20210306341 | NETWORK ASSET VULNERABILITY DETECTION - There is a need for more effective and efficient network security coordination. This need can be addressed by, for example, techniques for network asset vulnerability detection. In one example, a method includes detecting network assets within a monitored computer network; and for each network asset: determining a vulnerability profile, determining a connectivity profile, determining a vulnerability designation based on the vulnerability profile for the network asset and a network vulnerability documentation repository, determining whether the vulnerability designation for the network asset indicates a positive vulnerability designation, and in response to determining that the vulnerability designation indicates the positive vulnerability designation, decoupling the network asset from the monitored computer network using the connectivity profile for the network asset. | 2021-09-30 |
20210306342 | DYNAMICALLY GENERATING RESTRICTION PROFILES FOR MANAGED DEVICES - Disclosed are various examples for dynamically generating restriction profiles for updated software platforms. A management system can determine that updated restrictions and/or settings are included in an updated or new version of a definition file. The updated settings identified and categorized according to risk for a given enterprise group without administrator input. An updated restriction profile can be generated according to the updated settings and distributed to managed devices. | 2021-09-30 |
20210306343 | SYSTEM, DEVICE, AND METHOD FOR TRANSFERRING SECURITY ACCESS PERMISSIONS BETWEEN IN-CAMERA USERS - A process for transferring security access permissions between in-camera users includes capturing, at an electronic computing device via an image capture device, an image of two or more in-camera users. A first in-camera user and a second in-camera user are identified n the image. An input gesture identifying the first in-camera user as a source of security access permissions and the second in-camera user as a destination of security access permissions is detected. Responsively, the electronic computing device causes a first particular security access permission associated with the first in-camera user to be applied to and modify a current set of security access permissions associated with the second in-camera user. | 2021-09-30 |
20210306344 | DYNAMICALLY-TIERED AUTHENTICATION - Techniques are described herein for dynamically-tiered authentication, which allows the authentication tier (AT) associated with a session to be automatically downgraded based on the session satisfying one or more downgrade criteria. Automatically downgrading a session eliminates some authentication-based privileges for the session without eliminating all privileges for the session. A session satisfies downgrade criteria based on: an explicit request for session downgrading; client interaction with the application; and/or activity on the device on which the client runs. For example, if a client authenticates to a third AT, but only performs actions in the application that are associated with the first AT during a pre-defined amount of time, the AT associated with the session is automatically downgraded. The session is either downgraded from the third AT to the first AT, or downgraded in intervals until the current or more recently accessed tiers are consistent with the current AT of the session. | 2021-09-30 |
20210306345 | INFORMATION PROCESSING SYSTEM, INFORMATION PROCESSING APPARATUS, AND NON-TRANSITORY COMPUTER READABLE MEDIUM STORING PROGRAM - An information processing system includes: a first authentication unit that authenticates a user by a first method; a first providing unit that provides a service to the user authenticated by the first authentication unit; a second authentication unit that authenticates a user by a second method; and a second providing unit that provides a service to the user authenticated by the second authentication unit and also provides a service to the user authenticated by the first authentication unit in a case where the first method satisfies a condition determined according to the second method. | 2021-09-30 |
20210306346 | SECURE CONTENT MANAGEMENT THROUGH AUTHENTICATION - Techniques are described herein for performing authentication, and also “eager” or “lazy” fetch of data, for restricted webpages based on the restricted webpages being associated with an authentication tier in an AASD registry. Inclusion of a restricted webpage in the AASD registry enables AASD-based authentication for the webpage. According to embodiments, information for a restricted webpage included in the AASD registry includes one or more of the following for the webpage: an identifier, an authentication level, allowed fields, eager fetch fields, one or more sources for one or more fields, etc. When information for a webpage is included in the AASD registry, that information is used to perform eager fetch for one or more fields of the webpage that are not associated with authentication requirements indicated in the AASD registry information, or whose authentication requirements are already fulfilled by the requesting client. | 2021-09-30 |
20210306347 | OFFLINE SCRIPTING FOR REMOTE FILE MANAGEMENT - Methods, devices and systems are provided for performing remote file management, RFM, operations at a secure element, SE. A secure file update script is received at an OfflineRFMAgent, located within the SE, from an off card entity, OCE. The secure file update script has been generated offline by an SE issuer managing the OCE, using a decentralized remote file management, DRFM, platform, and comprises a plurality of remote management commands for carrying out file management operations on the SE. In a further step, a security level authentication between the OCE and SE based on the secure file update script is performed. If the security level authentication is successful, in a subsequent step a secure channel session between the OCE and the SE is established through the OfflineRFMAgent. Finally, the plurality of remote management commands is processed to remotely manage a file system on the SE. | 2021-09-30 |
20210306348 | SYSTEM AND METHOD FOR SECURING ELECTRONIC DEVICES - The present invention discloses a system having at least one device, associated with two different networks in communication with other devices comprising:
| 2021-09-30 |
20210306349 | SYSTEMS AND METHODS FOR PROVIDING AN INTERACTIVE MEDIA PRESENTATION - A system for providing an interactive presentation to an audience device is provided. The system interfaces with a database storing presentation content and a workspace. The workspace stores the presentation content and additional content and storing one or more access policies and being associated with a first user. The system comprises a processor for executing one or more modules comprising a content creation and updating module configured to enable an updating of the presentation content and the additional content according to the one or more access policies; and a content access interface module configured to determine one or more portions of the presentation content and the additional content for accessing at the audience device according to the one or more access policies. A method for providing an interactive media presentation is also provided. | 2021-09-30 |
20210306350 | LEARNING OF MALICIOUS BEHAVIOR VOCABULARY AND THREAT DETECTION THROUGH BEHAVIOR MATCHING - In one embodiment, a device obtains input features for a neural network-based model. The device pre-defines a set of neurons of the model to represent known behaviors associated with the input features. The device constrains weights for a plurality of outputs of the model. The device trains the neural network-based model using the constrained weights for the plurality of outputs of the model and by excluding the pre-defined set of neurons from updates during the training. | 2021-09-30 |
20210306351 | INFECTION SPREAD ATTACK DETECTION DEVICE, ATTACK ORIGIN SPECIFICATION METHOD, AND PROGRAM - An occurrence of an infection-spreading attack and an attack source thereof are detected with high accuracy. A first feature value is calculated based on traffic information regarding a packet forwarded by a forwarding device, and M partial address spaces to be monitored are specified based on the first feature value. A second feature value is calculated for each address of a terminal in a network, based on traffic information regarding the M partial address spaces, the second feature value is learned to classify terminal addresses into a plurality of clusters, and whether or not each of the clusters is an infection-spreading attack is determined to generate cluster information. Whether or not an infection-spreading attack has occurred and an address of a terminal that is an attack source are specified based on the second feature value and the cluster information. | 2021-09-30 |
20210306352 | MACHINE-LEARNING BASED APPROACH FOR DYNAMICALLY GENERATING INCIDENT-SPECIFIC PLAYBOOKS FOR A SECURITY ORCHESTRATION, AUTOMATION AND RESPONSE (SOAR) PLATFORM - Systems and methods for a machine-learning based approach for dynamically generating incident-specific playbooks for a security orchestration and automated response (SOAR) platform are provided. The SOAR platform captures information regarding execution of a sequence of actions performed by analysts responsive to a first incident of a first type. The captured information is fed into a machine-learning model. When a second incident, observed by the SOAR platform, is similar in nature to the first incident or the first type a recommended sequence of actions is generated based on the machine-learning model for use by an analyst in connection with responding to the second incident. In response to rejection of the recommended sequence by the analyst, revising the recommended sequence based on input provided by the analyst and storing the revised recommendation sequence in a form of a revised playbook for response to subsequent incidents that are similar to the second incident. | 2021-09-30 |
20210306353 | EFFICIENT DETERMINATION OF EXPECTED MAXIMUM FOR ANOMALY DETECTION - An apparatus may include a processor that may be caused to access a distribution of a plurality of values, each value of the plurality of values quantifying an event of an event type in a computer network. The processor may determine a mean of the plurality of values and a second highest value of the plurality of values, generate an expected maximum of the distribution based on the mean and the second highest value, and access a first value quantifying a first event of the event type in the computer network. The processor may further determine that the first event is an anomalous event based on the first value and the expected maximum. | 2021-09-30 |
20210306354 | CLUSTERING ENHANCED ANALYSIS - Systems, methods, and related technologies for clustering are described. Network traffic is accessed from a network and the network may be associated with a plurality of entities. Behavior associated with each entity of the plurality of entities may be determined. The behavior may be determined based one or more communications associated with each entity. A processing device may be used to determine one or more clusters of entities based on entities having similar behavior. A cluster may comprise one or more entities with similar behavior. One or more anomalies may be determined based on the one or more clusters and storing data associated with at least one of the one or more clusters and the one or more anomalies may be stored. | 2021-09-30 |
20210306355 | METHODS OF MONITORING AND PROTECTING ACCESS TO ONLINE SERVICES - The present description relates to a method of monitoring and protecting access to an online service from account take over, comprising the steps of: providing a traffic inspector ( | 2021-09-30 |
20210306356 | HYBRID UNSUPERVISED MACHINE LEARNING FRAMEWORK FOR INDUSTRIAL CONTROL SYSTEM INTRUSION DETECTION - A system for monitoring an industrial system for cyberattacks includes an industrial control system including a plurality of actuators, a plurality of sensors each arranged to measure one of a plurality of operating parameters, and an edge device and a computer including a data storage device having stored thereon a program that includes each of a time-series database including expected operating ranges for each operating parameter, a clustering-based database that includes clusters of operating parameters having similarities, and a correlation database that includes pairs of operating parameters that show a correlation. An alarm system is operable to initiate an alarm in response to current operating data including a measurement from one of the plurality of sensors falling outside of an expected range, a change in the expected clustering of one of the plurality of sensors based on the current operating data from each of the plurality of sensors, and a variation in the current operating data between two of the plurality of sensors that falls outside of an expected correlation of the two of the plurality of sensors. | 2021-09-30 |
20210306357 | SORTING DEVICE, COMMUNICATION SYSTEM, AND SORTING METHOD - A copy unit ( | 2021-09-30 |
20210306358 | DISTRIBUTION-BASED DETECTION OF ABUSIVE REQUESTS - The disclosed embodiments provide a system for detecting abusive requests. During operation, the system generates, based on one or more primary signals, a first set of clusters of network requests spanning a first period and a second set of clusters of requests spanning a second period. Next, the system stores, in a snapshot, a signature representing primary signal values and a first distribution of secondary signals in a first cluster in the first set of clusters. The system matches primary signal values from a second cluster in the second set of clusters to the signature and calculates a divergence score representing a deviation of a second distribution of secondary signals in the second cluster from the first distribution. When the divergence score violates a threshold, the system generates output for identifying additional network requests that contain one or more primary and secondary signal values in the second cluster. | 2021-09-30 |
20210306359 | INTELLIGENT DETECTION AND PREVENTION OF ANOMALIES IN INTERFACE PROTOCOLS - An information handling system may include a management controller configured to provide out-of-band management of the information handling system. The management controller may be configured to: receive network traffic from a client information handling system, the network traffic relating to management of the information handling system; and transmit at least a portion of the network traffic to a traffic classifier. The traffic classifier may be configured to: determine a protocol associated with the network traffic; compare the network traffic with protocol-specific classification data based on the determined protocol; and determine, based on the comparison, a likelihood that the network traffic is malicious. Based on the determined likelihood exceeding a threshold, the management controller may be configured to execute a remedial action with respect to the network traffic. | 2021-09-30 |
20210306360 | CYBERSECURITY INCIDENT DETECTION SYSTEMS AND TECHNIQUES - Behavioral baselines for a computer system may be accurately and efficiently established by (1) monitoring occurrences on the computer system, (2) determining, based on security rules or heuristics, which of the observed occurrences are associated with potential security risks, (3) identifying patterns of activity based on the suspicious occurrences, and (4) prompting a user to indicate whether the observed patterns of suspicious activity are expected or unexpected. Behavior baselines established in this manner can then be used to differentiate between expected and unexpected patterns of activity on the computer system. | 2021-09-30 |
20210306361 | ANALYSIS APPARATUS, ANALYSIS SYSTEM, ANALYSIS METHOD AND PROGRAM - An analysis apparatus includes a memory and a processor configured to execute receiving log data transmitted from each device among a plurality of devices connected to a network, via the network; determining, for said each device, which one of a plurality of types of events corresponds to an event occurring in said each device, based on the log data transmitted from said each device; and detecting an occurrence of events across the plurality of devices, based on a comparison of the log data of the plurality of devices related to a plurality of events of a same type of determination results as determined by the determining. | 2021-09-30 |
20210306362 | COMMUNICATION CONTROL SYSTEM, NETWORK CONTROLLER AND COMPUTER PROGRAM - In a communication control system having a plurality of layer 2 switches and a network controller, the network controller includes a determination unit and an instruction unit, the determination unit being configured to determine whether or not a transfer communication flow feature indicating a feature of a communication flow transferred by a layer 2 switch of the plurality of layer 2 switches is similar to an abnormal communication flow feature indicating a feature of a communication flow when an abnormality occurs; and the instruction unit being configured to: output to the layer 2 switch, when the determination unit determines that the transfer communication flow feature is similar to the abnormal communication flow feature, a first instruction to lower priority of transfer processing for the communication flow and a second instruction to duplicate the communication flow to the layer 2 switch; or output the first instruction to the layer 2 switch, and output, to a server detecting a malicious attack, identification information identifying the communication flow having the transfer communication flow feature. | 2021-09-30 |
20210306363 | METHOD AND SYSTEM FOR PREVENTING ILLICIT USE OF A TELEPHONY PLATFORM - A system and method for preventing illicit use of a telephony platform that includes enrolling a plurality of accounts on a telecommunications platform, wherein an account includes account configuration; at a fraud detection system of the telecommunications platform, receiving account usage data, wherein the usage data includes at least communication configuration data and billing configuration data of account configuration and further includes communication history of the plurality of accounts; calculating fraud scores of a set of fraud rules from the usage data, wherein at least a sub-set of the fraud rules include conditions of usage data patterns between at least two accounts; detecting when the fraud scores of an account satisfy a fraud threshold; and initiating an action response when a fraud score satisfies the fraud threshold. | 2021-09-30 |
20210306364 | SYSTEM AND METHOD FOR IMPLEMENTING DIGITAL CLOUD FORENSICS - The invention relates to digital cloud forensics. An embodiment of the present invention applies collection processes and tools to cloud infrastructure as a service to provide a more efficient and faithful representation of evidence. An embodiment of the present invention applies innovative concepts to retrospectively investigate ephemeral instances which may have long since terminated. This innovative process provides organizations a strategy to provide forensic investigations within either a public or private cloud environment. | 2021-09-30 |
20210306365 | METHOD FOR PREVENTING ELECTRONIC CONTROL UNIT FROM EXECUTING PROCESS BASED ON MALICIOUS FRAME TRANSMITTED TO BUS - A method for use in a network communication system including a plurality of electronic controllers that communicate with each other via a bus in accordance with a Controller Area Network (CAN) protocol determines whether or not content of a predetermined field in a frame which has started to be transmitted meets a predetermined condition indicating fraud. In a case where the content of the predetermined field meets the predetermined condition, a frame including predetermined consecutive dominant bits for notifying an anomaly is transmitted before an end of the frame is transmitted. A number of times the frame including the predetermined consecutive dominant bits is transmitted is recorded for each identifier (ID) represented by content of an ID field included in a plurality of frames which has been transmitted. A malicious electronic controller is determined in accordance with the number of times recorded for each ID. | 2021-09-30 |
20210306366 | REMOTE CONFIGURATION OF SECURITY GATEWAYS - Methods and systems for generating a security policy at a gateway are disclosed. A server computer and a gateway can perform a protocol in order to train a security model at a gateway, such that it can detect attack packets and prevent those attack packets from reaching the server computer via the gateway. In a learning phase, the server computer can provide training packets and test packets to the gateway. The gateway can use the training packets to train a security model, and the gateway can classify the test packets using the security model in order to test its accuracy. When the server computer is satisfied with the accuracy of the security policy, the server computer can transmit an acceptance of the security policy to the gateway, which can subsequently deploy the model in order to detect and filter attack packets. | 2021-09-30 |
20210306367 | REDUCING ATTACK SURFACE BY SELECTIVELY COLLOCATING APPLICATIONS ON HOST COMPUTERS - Reducing attack surface by selectively collocating applications on host computers is provided. System resources utilized by each application running in a plurality of host computers of a data processing environment are measured. Which applications running in the plurality of host computers that utilize similar system resources are determined. Those applications utilizing similar system resources are collocated on respective host computers. | 2021-09-30 |
20210306368 | MULTIPLE SOURCED CLASSIFICATION - Systems, methods, and related technologies for improving classification use multiple classification resources. Network traffic from a network may be accessed and an entity may be selected. One or more values associated with one or more properties associated with the entity may be determined. The one or more values may be accessed from the network traffic. A first classification result of the entity based on accessing one or more local profiles is determined by a processing device. In response to the first classification result meeting a condition, one or more values associated with one or more properties associated with the entity may be sent (e.g., to a cloud based classification resource). A second classification result may be received. The second classification result may be determined based one accessing at least one remote profile. At least one of the first classification result or the second classification result may be stored. | 2021-09-30 |
20210306369 | METHODS OF MONITORING AND PROTECTING ACCESS TO ONLINE SERVICES - The present description relates to a method of monitoring and protecting access to an online service from account take over, comprising the steps of: providing a traffic inspector ( | 2021-09-30 |
20210306370 | INTERFACE SECURITY IN BUSINESS APPLICATIONS - Security can be improved in a business application landscape, such as an enterprise resource planning (“ERP”) system, by analyzing interfaces between systems of the application. The interface profiler may automatically analyze data flows in the system landscape with automatic data classification of communications between systems. A rule generation engine provides functionality for comparing reference data flows with the actual data flows in the landscape and report violations. There may be visualization of the business application landscape, such as through a system landscape map. | 2021-09-30 |
20210306371 | METHODS AND SYSTEMS FOR DETECTION OF SECURITY THREATS ON NETWORK RESOURCES BASED ON REFERRER INFORMATION - A method and system for detection of security threats on network resources based on referrer indications are presented. A determination that a second request originated from a first network resource is performed based on second request information associated with a second request for a second network resource. In response to determining that the second request originated from the first network resource, a referrer indication that the first network resource is a referrer to the second network resource is logged. A third request for a third network resource is received. A determination that the third request is part of a cyber-attack on a second server is performed based at least in part on the referrer indication. | 2021-09-30 |
20210306372 | DENIAL OF SERVICE DETECTION AND MITIGATION IN A MULTI-ACCESS EDGE COMPUTING ENVIRONMENT - A device includes a processor and a memory. The processor effectuates operations including monitoring enterprise network traffic associated with one or more user equipment (UE). The processor further effectuates operations including comparing the enterprise network traffic to a UE profile associated with each of the one or more UE. The processor further effectuates operations including determining whether the comparison indicates that a predetermined threshold has been exceeded. The processor further effectuates operations including in response to the indication that the predetermined threshold has been exceeded, generating an alert, wherein exceeding the predetermined threshold is indicative of a denial of service attack on an enterprise network or an attempt to remove enterprise data via the one or more UE. | 2021-09-30 |
20210306373 | HARDWARE ACCELERATION DEVICE FOR DENIAL-OF-SERVICE ATTACK IDENTIFICATION AND MITIGATION - Systems and methods for providing an integrated or Smart NIC-based hardware accelerator for a network security device to facilitate identification and mitigation of DoS attacks is provided. According to one embodiment, a processor of a network security device receives an application layer protocol request from a client, directed to a domain hosted by various servers and protected by the network security device. The application layer protocol request is parsed to extract a domain name and a path string. The hardware acceleration sub-system updates rate-based counters based on the application layer protocol request by performing a longest prefix match on the domain name and the path string. When a rate threshold associated with the rate-based counters is exceeded, a challenge message is created and transmitted to the client, having embedded therein the application layer protocol request; otherwise the application layer protocol request is allowed to pass through the network security device. | 2021-09-30 |
20210306374 | DETERMINATION METHOD, DETERMINATION DEVICE AND RECORDING MEDIUM - A determination method includes determining an attack type of an attack code included in an attack request on the server, carrying out emulation of an attack by the attack code on the server in accordance with the determined attack type, and in a case of succeeding in an attack on the server as a result of the emulation, extracting a feature appearing in a response from the server, and examining whether a plurality of responses respectively corresponding to a plurality of requests to the server after the attack request each have the extracted feature, and in a case where at least any one of the plurality of responses has the extracted feature, determining that an attack by the attack code has succeeded, by a processor. | 2021-09-30 |
20210306375 | LIVE FORENSIC BROWSING OF URLS - Potentially malicious uniform resource locators and websites are safely and effectively investigated through live forensic browsing. Live data from an isolated browser feeds a security information and event management (SIEM) tool and other forensic tools during a browsing session, allowing investigators to direct the browsing in response to analysis results. Session data may be translated for SIEM ingestion. Browsing sessions may be manually or automatically customized to obscure their forensic nature, by routing selection, by bandwidth or latency adjustment, or by spoofing externally detectable characteristics such as geolocation, user agent, time zone, and language. Forensic activity by an investigator may also be obscured from discovery by an attacker as a result of spoofing the browser's context, such as plugin status and host machine physical characteristics. Human presence tests relied on by attackers may be satisfied without sacrificing a targeted system's cybersecurity or an investigator's access to forensic tools. | 2021-09-30 |
20210306376 | METHODS OF MONITORING AND PROTECTING ACCESS TO ONLINE SERVICES - The present description relates to a method of monitoring and protecting access to an online service from account take over, comprising the steps of: providing a traffic inspector ( | 2021-09-30 |
20210306377 | RESOURCE ACCESS POLICY ENFORCEMENT USING A HYPERGRAPH - A method trains a neural network to recognize whether a resource is authorized to be returned to a requester. One or more processors train a neural network to traverse a policy enforcement hypergraph in order to identify a security policy to be used for a resource request and to authorize a use of a requested resource by a requester. The policy enforcement hypergraph is derived from a policy enforcement graph that expresses a set of security profiles for resources and requesters. The processor(s) receive a resource request for a requested resource from a requester, where the resource request includes a description of the requester. A system/user inputs a description of the received resource request and a description of the policy enforcement hypergraph into the trained neural network in order to selectively return the requested resource to the requester. | 2021-09-30 |
20210306378 | INTEGRATED BUSINESS APPLICATION PLATFORM - A business application, such as an enterprise resource planning (“ERP”) system, may include a number of different systems. Security management of the business application may include numerous systems and products. A combination of those systems and products into an underlying platform can include a single user interface that covers multiple security functions. | 2021-09-30 |
20210306379 | Methods and Systems for Protecting a Secured Network - Methods and systems for protecting a secured network are presented. For example, one or more packet security gateways may be associated with a security policy management server. At each packet security gateway, a dynamic security policy may be received from the security policy management server, packets associated with a network protected by the packet security gateway may be received, and at least one of multiple packet transformation functions specified by the dynamic security policy may be performed on the packets. | 2021-09-30 |
20210306380 | Determining a Device Posture Using a Device Posture Token - Disclosed are various approaches for generating a device posture token corresponding to a client device. The device posture token can be used by a verification computing device to determine whether the client device complies with the security policies of a particular facility. | 2021-09-30 |
20210306381 | Method and Apparatus for Determining Security Protection Mode - A method and an apparatus for determining a security protection mode. In the method, a terminal device may determine a security protection mode of a second communications mode based on security protection information in a first communications mode. In this way, when switching from the first communications mode to the second communications mode, the terminal device may directly use the security protection mode corresponding to the second communications mode to protect transmitted data, so as to ensure data security of the terminal device after communications mode switching is performed. | 2021-09-30 |
20210306382 | METHOD AND APPARATUS FOR PROVIDING GENERIC FRAMEWORK TO MANAGE CUSTOM SUBSCRIPTION OVER SIP - The present disclosure relates to a communication method and system for converging a 5th-Generation (5G) communication system for supporting higher data rates beyond a 4th-Generation (4G) system with a technology for Internet of Things (IoT). The present disclosure may be applied to intelligent services based on the 5G communication technology and the IoT-related technology, such as smart home, smart building, smart city, smart car, connected car, health care, digital education, smart retail, security and safety services. Accordingly, the embodiments herein disclose a method for providing a generic framework to manage a custom subscription over a SIP. The method includes sending at least one request with a plurality of parameters to a server SIP node ( | 2021-09-30 |
20210306383 | MEDIA FLOW CONTROL FOR DIRECT ROUTING IN NETWORK-BASED TELEPHONY - Disclosed in some examples are methods, systems, and machine-readable mediums that allow a network-based communication service to control a signaling path and media flow within non-public networks for direct-routed network-based communication sessions (e.g., telephony). The signaling and media flow may be controlled by using SIP protocol extensions to specify both the signaling route and the media route. | 2021-09-30 |
20210306384 | EVENT REGISTRATION SYSTEM, USER TERMINAL, AND STORAGE MEDIUM - An event registration system includes a user terminal; a storage to store organization information on one or more organizations; and circuitry configured to display, on a display, a particular participation candidate of a particular event identified based on an input from the user terminal, and a particular person based on the particular participation candidate and particular organization information of a particular organization to which the particular participation candidate belongs. | 2021-09-30 |
20210306385 | Method for Establishing a Stream, Method for Providing Stream Identification Information, Domain Name System (DNS) Server, Device Computer Program and Computer-Readable Medium - A method for establishing a stream in a Time-Sensitive Networking (TSN) network, wherein a request message is sent by a stream subscriber to a Domain Name System (DNS) server, upon which entries are stored that each comprise a stream identifier of a first type assigned to a stream, and a stream identifier of a second type that is different from the first type and is assigned to the respective stream, and the specification of a predefined type exclusively used for, or forms these types of entries, where the request message comprises a stream identifier of the first type and the predefined type known to the at least one stream subscriber, where the stream subscriber receives a response message from the DNS server, which contains a stream identifier of the second type belonging to the stream, and where the stream subscriber logs on to the stream using the stream identifier obtained. | 2021-09-30 |
20210306386 | VIRTUAL INTERACTION SESSION TO FACILITATE AUGMENTED REALITY BASED COMMUNICATION BETWEEN MULTIPLE USERS - Aspects of the present disclosure involve a system comprising a computer-readable storage medium storing at least one program, method, and user interface to facilitate augmented reality based communication between multiple users over a network. A first user of a first device is enabled to view a real-world environment that is visible to a second user via a second device by causing display, at the first device, of a live camera feed generated at the second device. The live camera feed comprises images of the real-world environment that is visible to the second user. Input data indicative of a selection by the first user of a virtual content item to apply to the real-world environment that is visible to the second user is received. The first device and second device present media objects overlaid on the real-world environment based on the input data. | 2021-09-30 |
20210306387 | VIRTUAL INTERACTION SESSION TO FACILITATE TIME LIMITED AUGMENTED REALITY BASED COMMUNICATION BETWEEN MULTIPLE USERS - Aspects of the present disclosure involve a system comprising a computer-readable storage medium storing at least one program, method, and user interface to facilitate augmented reality based communication between multiple users over a network. Session configuration data including configuration parameters of a virtual interaction session with a first user is received from a first device. The configuration parameters include an identifier of a second user that is permitted to join the virtual interaction session and a micro-chat duration that defines a time limit for a real-time communication link between the first and second user during the virtual interaction session. The real-time communication link between the first and second user by causing display, by the second device, of a live camera feed generated at the first device. Upon expiration of the micro-chat duration, the real-time communication link between the first and second user is terminated. | 2021-09-30 |
20210306388 | VIRTUAL AGENT COMMUNICATION FOR ELECTRONIC DEVICE - Methods and apparatus for communicating between virtual agents associated with users of electronic devices connected via at least one network. A first user may instruct an associated first virtual agent to invoke a communication session with a second virtual agent associated with a second user. To invoke the communication session, the first virtual agent may send an outgoing communication to the second virtual agent and the outgoing communication may instruct the second virtual agent to perform at least one action on behalf of the first user. Virtual agents associated with different users may alternatively communicate with each other in the absence of user interaction to perform a collaborative action. | 2021-09-30 |
20210306389 | METHOD FOR SEPARATING LOCAL AND REMOTE CONTENT IN A CAMERA-PROJECTOR BASED COLLABORATIVE SYSTEM - An image processing method, for collaborating between a first augmented reality (AR) workspace and a second AR workspace, includes: calibrating the first AR workspace by creating a camera-to-shared space transformation between a camera coordinate space and a shared coordinate space, and a shared space-to-projector transformation between the shared coordinate space and a projector coordinate space; obtaining a remote composite image of a foreground content in the second AR workspace; generating a projector image by applying the shared space-to-projector transformation to the remote composite image; projecting the projector image into the first AR workspace; obtaining an input image of the first AR workspace that includes the projector image and a foreground content of the first AR workspace; generating an output image by applying the camera-to-shared space transformation to the input image; and obtaining a remote mask based on the remote composite image. | 2021-09-30 |
20210306390 | TEXT DATA TRANSMISSION-RECEPTION SYSTEM, SHARED TERMINAL, AND METHOD OF PROCESSING INFORMATION - A text data transmission-reception system includes a plurality of user terminals; a shared terminal; and an information processing apparatus connectable to each of the plurality of user terminals and the shared terminal via a network. The information processing apparatus includes circuitry configured to receive text data transmitted and received between the plurality of user terminals; determine whether or not the text data transmitted and received between the plurality of user terminals includes a request for controlling the shared terminal; and control the shared terminal based on a determination that the text data includes the request for controlling the shared terminal. | 2021-09-30 |
20210306391 | Data Capture, Dissemination and Enhanced Visual Overlay - A system includes one or more computing devices communicatively coupled to one or more sports content sources. The one or more computing devices are further coupled to multiple sports-content outlet entities. The one or more computing devices are configured to provide sports content from the one or more sources to the outlet entities. | 2021-09-30 |
20210306392 | DISTRIBUTING COMMUNICATION OF A DATA STREAM AMONG MULTIPLE DEVICES - Distributing communication of a data stream among multiple devices is disclosed. Example methods include sending a message from a first electronic device to a second electronic device to announce the first electronic device is available for inclusion in a shared connection to be established by the second electronic device with a service provider, the shared connection to split a first data stream from a source into a plurality of partial data streams to be distributed among a plurality of electronic devices. Example methods also include establishing a data connection with the service provider to receive a first one of the partial data streams associated with the shared connection. Example methods further include relaying the first one of the partial data streams associated with the shared connection from the service provider to the second electronic device. | 2021-09-30 |
20210306393 | DISTRIBUTED ROUTING AND LOAD BALANCING IN A DYNAMIC SERVICE CHAIN - Disclosed is distributed routing and load balancing in a dynamic service chain, receiving a packet at a first service instance, including a NSH imposed on the by a service classifier. The NSH includes a stream affinity code consistent for packets in a stream. The method also includes processing the packet at the first instance where the instance performs a first service in a service chain that includes second and third services. The first service instance accesses a flow table using the stream affinity code to select a second service instance performing the second service from among service instances performing the second service, and the first instance routes the packet to the selected second service instance upon egress from the first service instance. The method can include hashing the stream affinity code to access the flow table and access an available instance using the hash as a key to a CHT. | 2021-09-30 |
20210306394 | Media Playback Control Method and System, and Computer Readable Medium - The present disclosure discloses a media playback control method and system, and a computer readable medium. Specifically, within a target time period of a playlist, at least one page in the target time period is played, wherein a window of a designated page in the at least one page is associated with a sublist and the sublist is associated with multiple media; and when the window of the designated page is played, a media identifier is taken out, according to a preset playback manner of the sublist, from a media playback management list corresponding to the sublist, and the media corresponding to the media identifier is played in the window of the designated page after the media identifier is taken out, wherein the media playback management list includes media identifiers of the multiple media. | 2021-09-30 |
20210306395 | STREAMING CONTENT CACHE SCHEDULING - A processing system including at least one processor may collect a first set of time series features relating to requests for a content item at a content distribution node in a communication network, generate a first prediction model based upon the first set of time series features to predict levels of demand for the content item at the content distribution node at future time periods, identify, via the first prediction model, a first time period of the future time periods when a predicted level of demand for the content item exceeds a threshold level of demand, identify a second time period of the future time periods when a predicted level of utilization of the communication network is below a threshold level of utilization, the second time period being prior to the first time period, and transfer the content item to the content distribution node in the second time period. | 2021-09-30 |
20210306396 | METHOD FOR CONTROLLING VIDEO CALL AND ELECTRONIC DEVICE THEREOF - An electronic device includes at least one display, a communication circuit, at least one processor, and a memory. The processor is configured to obtain information on a first display aspect ratio associated with a current state of the at least one display if an input indicating initiation of a video call is received. The processor is configured to determine at least one first image ratio associated with the video call based on the information on the first display aspect ratio. The processor is configured to transmit, to an external electronic device, a first signal including information on the at least one first image ratio. The processor is configured to receive, from the external electronic device, a second signal including information on a second image ratio associated with the video call. The processor is configured to perform the video call based on the second image ratio. | 2021-09-30 |
20210306397 | WEBASSEMBLY MODULE WITH MULTIPLE DECODERS - A method for delivering a web page that displays a video includes delivering a requested web page with a WebAssembly Module to a web browser of a requesting device. The WebAssembly Module includes a plurality of video decoders each for decoding a corresponding one of a plurality of video encoding formats. An encoded video is delivered for display by the requested web page, the encoded video being encoded in a particular one of the plurality of video encoding formats. The encoded video is decoded using a respective one of the plurality of video decoders of the WebAssembly Module that corresponds to the particular one of the plurality of video encoding formats of the delivered encoded video. | 2021-09-30 |
20210306398 | SERIALIZATION OF OBJECTS USING MULTIPLE SERIALIZATION ALGORITHMS - Techniques for serializing objects stored in system memory are disclosed. The system may receive data representing an object stored in system memory. The system may select a particular serialization process, from among a plurality of serialization processes, for serializing the received data. The particular serialization process may be selected based at least in part on the received data. The system may serialize the data representing the object in system memory using the selected serialization process. Serializing the data may yield one or more stream objects. | 2021-09-30 |
20210306399 | 3RD GENERATION PARTNERSHIP PROJECT (3GPP) FRAMEWORK FOR LIVE UPLINK STREAMING (FLUS) SINK CAPABILITIES DETERMINATION - A method, computer program, and computer system is provided for determining 3rd Generation Partnership Project (3GPP) Framework for Live Uplink Streaming (FLUS) sink capabilities. A capability description is signaled using at least a first attribute and a second attribute. The first attribute comprises a location from which the capability description can be retrieved. The second attribute comprises a descriptor that determines a FLUS sink capability. Signaling the descriptor and a scheme identifier of the descriptor enables interoperability between a FLUS sink and a source from a plurality of vendors. | 2021-09-30 |
20210306400 | METHOD AND APPARATUS FOR RECEIVING STREAMING VIA TRANSPORT PROTOCOL IN WIRELESS COMMUNICATION SYSTEM - The present specification may provide a method for a sink device receiving a streaming from a source device in a wireless communication system. In this regard, the method for receiving streaming may comprise the steps of: receiving from the source device streaming over a first transport protocol; transmitting to the source device a first message including information regarding a transport protocol of the sink device when the first transport protocol connection is disconnected; receiving from the source device a second message including information regarding a transport protocol of the source device; and receiving from the source device the streaming over one of the first transport protocol and a second transport protocol. | 2021-09-30 |
20210306401 | METHODS, SYSTEMS, AND MEDIA FOR SELECTING VIDEO FORMATS FOR ADAPTIVE VIDEO STREAMING - Methods, systems, and media for selecting video formats for adaptive video streaming are provided. In some embodiments, the method comprises: receiving an indication of a video to be presented on a user device; identifying a group of quality metrics for each of a plurality of segments of the video, wherein each quality metric includes values for a particular segment and for a particular format of a group of available formats for the video; selecting a first format for a first segment of the video; causing the first segment of the video to be presented on the user device; identifying a quality of a network connection between the user device and a server that hosts the video; identifying a second format for a second segment of the video based on the quality of the network connection; determining whether a format of the video is to be changed from the first format to the second format based at least on the group of quality metrics for the second segment of the video; and, in response to determining that the format of the video is to be changed from the first format to the second format, causing the second segment having the second format to be presented by the user device. | 2021-09-30 |
20210306402 | NETWORK-BASED MEDIA PROCESSING (NBMP) WORKFLOW MANAGEMENT DIRECT ACCESS IN 5G FRAMEWORK FOR LIVE UPLINK STREAMING (FLUS) - Systems and methods for media processing and streaming are provided. A method is performed by a Network-Based Media Processing (NBMP) source of a Framework for Live Uplink Streaming (FLUS) system. The method includes obtaining descriptions of capabilities of a FLUS sink via a FLUS source; and sending, to an NBMP workflow manager of the FLUS system via a path that does not include the FLUS source and the FLUS sink, a request to create or modify a workflow of the FLUS system based on the descriptions of the capabilities obtained. | 2021-09-30 |
20210306403 | METHOD AND APPARATUS FOR PREDICTING VIDEO DECODING TIME - A method and apparatus for predicting the software frame decoding time for an HLS variant bit stream based on measurements of the frame decoding time for the lowest bit rate variant given in the master playlist and acquired and played at initial session startup. This permits the determination of a maximum bitrate setting to be refined and applied at startup such that a media program player does not attempt to download and decode variants that might exceed its CPU capacity, thus preventing playback stalls and similar failures. | 2021-09-30 |
20210306404 | METHODS AND SYSTEMS FOR IMPROVING PERFORMANCE OF STREAMING MEDIA SESSIONS - A method for improving performance of a streaming media session between a plurality of communicating entities. Observation reports are collected from a plurality of monitoring entities. Each observation report includes information pertaining to events observed and recorded at a corresponding monitoring entity. A size of at least one window to be used for analyzing the observation reports is determined. The observation reports are analyzed using the at least one window of the determined size, to determine a correlation between the events across the observation reports. A problem encountered during the streaming media session is identified, based upon the correlation between the events. A notification is sent to at least one of the monitoring entities, based upon the problem. The notification is sent during the streaming media session. | 2021-09-30 |
20210306405 | APPARATUS AND METHOD FOR CONSTANT QUALITY OPTIMIZATION FOR ADAPTIVE STREAMING - An apparatus is provided. The apparatus has an interface for receiving media information, wherein the media information indicates a segment data rate for each of a plurality of media data segments and further indicates a quality value for each of the plurality of media data segments. Moreover, the apparatus has a processor for selecting one or more selected segments from the plurality of the media data segments depending on the segment data rates of the plurality of media data segments, depending on the quality values of the plurality of media data segments and depending on an available data rate of a communication resource. The interface is configured to transmit a request requesting the one or more selected segments. Moreover, the interface is configured to receive the one or more selected segments being transmitted on the communication resource. | 2021-09-30 |
20210306406 | Methods and Systems for Identifying and Remediating Poor User Experiences on Computing Devices - This application relates to apparatus and methods for identifying and remediating poor user experiences on computing devices. In some examples, a user speed determination device is configured to receive a content delivery request for delivery of content to a user device. The computing is also configured to obtain user identification data, obtain user device data and determine a user device speed based on the user identification data and the user device data. The computing device then sends a user device speed indicator to a content delivery device to cause the content delivery device to deliver remediated content to the user device when the user device speed is determined to be less than a predetermined speed threshold. The user identification data can include an IP address and the user device data can include user agent data, user connection data and user resource timing data. | 2021-09-30 |
20210306407 | METHOD, APPARATUS, SYSTEM AND COMPUTER PROGRAM FOR DATA DISTRIBUTION - Method of distributing data from a transmitting electronic device to multiple receiving electronic devices is performed. The method comprises receiving, at the transmitting electronic device, an incoming signal and data, the data being intended to be processed by a plurality of geographically distributed receiving electronic devices; and jointly transmitting the incoming signal and the data from the transmitting electronic device to the receiving electronic devices over a communication network. The communication network is a broadcast or multicast network and each receiving electronic device is capable of receiving said incoming signal from the transmitting electronic device over the communication network. One or more instructions for performing, at the receiving electronic devices, computing operations on the data are transmitted from the transmitting electronic device to the receiving electronic devices over the communication network and/or over an IP network. | 2021-09-30 |
20210306408 | N-TIER WORKLOAD AND DATA PLACEMENT AND ORCHESTRATION - One example method includes creating a manifest that specifies one or more requirements concerning execution of an application that resides at an end device in an N-tier configuration, identifying a workload that is associated with the application and executable at one or more edge stations of the N-tier configuration, gathering and evaluating network telemetry, orchestrating the workload based on the network telemetry and the manifest, scheduling performance of the workload at the one or more edge stations, and performing the workload at the one or more edge stations in accordance with the scheduling. | 2021-09-30 |
20210306409 | N-TIER WORKLOAD AND DATA PLACEMENT AND ORCHESTRATION - One example method includes creating a manifest that specifies one or more requirements concerning execution of an application that resides at an end device in an N-tier configuration, identifying a workload that is associated with the application and executable at one or more edge stations of the N-tier configuration, gathering and evaluating network telemetry, orchestrating the workload based on the network telemetry and the manifest, scheduling performance of the workload at the one or more edge stations, and performing the workload at the one or more edge stations in accordance with the scheduling. | 2021-09-30 |
20210306410 | MONITORING SYSTEM AND COMPUTER-READABLE RECORDING MEDIAUM - A monitoring system includes: a plurality of terminal devices; a plurality of execution servers configured to execute requests received from the terminal devices; and a monitoring server, the plurality of execution servers each operate as a leader server or a follower server in a first distribution method, the first distribution method and a second distribution method are able to be executed, in the first distribution method, the plurality of terminal devices transmit all read requests and all write requests to the leader server and the leader server executes execution result copying in which results of execution of the write requests are copied to the follower server, and in the second distribution method, the plurality of terminal devices transmit the write requests to all the plurality of execution servers and transmit the read requests to one of the plurality of execution servers. | 2021-09-30 |
20210306411 | SERVER LOAD PREDICTION SYSTEM AND SERVER LOAD PREDICTION METHOD - Provided is a server load prediction system that predicts a server load on a server connected to an apparatus installed in a production process including an apparatus requirement specification storage unit that stores a requirement specification of each apparatus for a server, a server specification storage unit that stores a server specification indicating a capability held by each server, an input information creation unit that receives an input of a calculation condition and creates an input parameter required to execute a simulation for calculating the server load, a server load calculation unit that calculates the server load caused by the apparatus used in a process designated under the calculation condition by executing the simulation, and an output unit that outputs the calculation result. | 2021-09-30 |
20210306412 | CONTAINER MOBILITY BASED ON BORDER GATEWAY PROTOCOL PREFIXES - The disclosure describes systems and methods for minimizing latency for users accessing services hosted on a cloud-computing system. A service of the cloud-computing system periodically queries edge sites of the cloud-computing system for information regarding containers stored on the edge sites. In response to the queries, the edge sites provide information identifying containers hosted on the edge sites, prefixes that the containers service, and connection locations where traffic from the prefixes enter the cloud-computing system. The service may determine whether the connection locations have changed. If a connection location for a prefix has changed, the service modifies a location of a container servicing the prefix. The service may migrate the container to a current connection location for the prefix. Modifying the location may reduce latency experienced by users behind the prefix. | 2021-09-30 |
20210306413 | Performance Enhanced CDN Service - Performance Enhanced CDN Service A Network Management System that establishes an overlay network on ISPs characterized in that; it contains following process steps, —Receiving a request from the end user ( | 2021-09-30 |
20210306414 | CIRCUITRY AND METHOD - Circuitry comprises a set of data handling nodes comprising: two or more master nodes each having respective storage circuitry to hold copies of data items from a main memory, each copy of a data item being associated with indicator information to indicate a coherency state of the respective copy, the indicator information being configured to indicate at least whether that copy has been updated more recently than the data item held by the main memory; a home node to serialise data access operations and to control coherency amongst data items held by the set of data handling nodes so that data written to a memory address is consistent with data read from that memory address in response to a subsequent access request; and one or more slave nodes including the main memory; in which: a requesting node of the set of data handling nodes is configured to communicate a conditional request to a target node of the set of data handling nodes in respect of a copy of a given data item at a given memory address, the conditional request being associated with an execution condition and being a request that the copy of the given data item is written to a destination node of the data handling nodes; and the target node is configured, in response to the conditional request: (i) when the outcome of the execution condition is successful, to write the data item to the destination node and to communicate a completion-success indicator to the requesting node; and (ii) when the outcome of the execution condition is a failure, to communicate a completion-failure indicator to the requesting node. | 2021-09-30 |
20210306415 | HIGHLY EFFICIENT NATIVE E-MAIL MESSAGE DATA PROTECTION FOR OFFICE 365 - Embodiments for a method of storing e-mail messages using a cloud native e-mail data protection process. E-mail messages are first compressed and stored in a container along with selected metadata. An Email Record is created for each e-mail message. A Container Record is created for each newly created container, and a Backup Record is created for each container for each backup. Once the required records are created, the process facilitates the execution of backup operations, such as full or incremental backups of the stored e-mail messages. Data tiering is supported so that low cost object storage in the public cloud is used instead of expensive processing methods, such as deduplication backups. | 2021-09-30 |
20210306416 | DIGITAL TWIN OF IT INFRASTRUCTURE - A digital twin of an IT infrastructure is created to identify a group of critical servers (called “base servers”) needed to replicate the IT infrastructure in a cloud-computing environment. To identify the correct base servers and their actual server configurations, the IT infrastructure is crawled and various telemetry, connection, and network data is analyzed against data sets of other known servers. The digital twin is created to include these base servers and their particular configurations. Then, the digital twin may be deployed on demand in the cloud-computing environment using executable scripts that mimic the base servers and their particular configurations, creating a replication of the IT infrastructure for various purposes (e.g., redundancy, testing, etc.). | 2021-09-30 |
20210306417 | STATE MANAGEMENT AND OBJECT STORAGE IN A DISTRIBUTED CLOUD COMPUTING NETWORK - A first compute server of a distributed cloud computing network receives a request from a first client device for an object to be handled by an object worker that includes a single instantiation of a piece of code that solely controls reading and writing access to the first object. A determination is made that the object worker is instantiated for the object and is currently running in the first compute server, and the piece of code processes the first request. The first compute server receives a message to be processed by the first object worker from a second compute server. The message includes a second request for the object from a second client device connected to the second compute server. The piece of code processes the message and transmits a reply to the second compute server. | 2021-09-30 |
20210306418 | DATA GOVERNANCE IN A DISPERSED STORAGE NETWORK USING BUCKET TEMPLATES - Methods and systems for data governance in a dispersed storage network using bucket templates are disclosed. A method includes: creating, by a computing device, a bucket template in a dispersed storage network (DSN) based on a first request, the bucket template including at least a first bucket parameter and at least one allowed value for the first bucket parameter; receiving, by the computing device, a second request to create a bucket in the DSN, the second request including at least a first value for the first bucket parameter; and creating, by the computing device, the bucket based on the first value for the first bucket parameter in the second request and the at least one allowed value for the first bucket parameter in the bucket template. | 2021-09-30 |
20210306419 | USER-DEFINED CUSTOM STORAGE CLASSES FOR HYBRID-CLOUD AND MULTICLOUD DATA MANAGEMENT - A method includes: receiving, by a computing device, input defining a custom storage class in a first dispersed storage network; receiving, by the computing device, input defining a data management rule in the first dispersed storage network; determining, by the computing device, a data object in the first dispersed storage network satisfies the data management rule; and moving, by the computing device and in response to the determining, the data object to a second dispersed storage network according to the custom storage class. | 2021-09-30 |
20210306420 | ETHERNET IN DATA STORAGE DEVICE - A Data Storage Device (DSD) includes a plurality of solid-state memories for storing data and a controller configured to receive a packet from a host including a command to read or write data in a solid-state memory of the plurality of solid-state memories and a header to communicate between the host and the DSD. The header in the packet is changed into an internal header to communicate between the controller and the solid-state memory. An internal command and the internal header are sent to the solid-state memory to perform the command. | 2021-09-30 |
20210306421 | METHOD AND SYSTEM FOR DELIVERING DYNAMICALLY CREATED CONTENT TO HMI OF A VEHICLE - Embodiments of the present disclosure relate to a method ( | 2021-09-30 |
20210306422 | SENSOR DEVICE AND SENSOR SYSTEM - A sensor device is provided, including: a physical quantity sensor for detecting a physical quantity; and a processing circuit for generating and outputting a second signal including first data that are included in a first signal input from outside and second data that indicate a detection result of the physical quantity sensor. The first signal and the second signal have a plurality of messages, respectively; each message has two or more fast data slots and slow data slots; the first signal and the second signal are signals with predetermined data divided and stored in the slow data slots of two or more of the messages; and the processing circuit stores the first data and the second data in two of the fast data slots of the second signal. | 2021-09-30 |