40th week of 2016 patent applcation highlights part 81 |
Patent application number | Title | Published |
20160294728 | PROVISIONING NETWORK SERVICES IN A SOFTWARE DEFINED DATA CENTER - A novel method for dynamic network service allocation that maps generic services into specific configurations of service resources in a network is provided. An application that is assigned to be performed by computing resources in the network is associated with a set of generic services, and the method maps the set of generic services to the service resources based on the assignment of the application to the computing resources. The mapping of generic services is further based on a level of service that is chosen for the application, where the set of generic services are mapped to different sets of network resources according to different levels of services. | 2016-10-06 |
20160294729 | PACKET MEMORY SYSTEM, METHOD AND DEVICE FOR PREVENTING UNDERRUN - A packet memory system for selectively outputting received packets on one or more output ports. The packet memory system including a controller for controlling the output ports. Specifically, for packets of multicast or broadcast traffic that needs to be output from a plurality of the ports, the controller designates one or more reader ports that read the packet data from a packet memory such that the remainder of the ports are able to simply listen for the read packet data without performing a read operation. | 2016-10-06 |
20160294730 | BLUETOOTH VIRTUALISATION - Embodiments of the present application relate generally to electrical and electronic hardware, computer software, wired and wireless network communications, Bluetooth systems, RF systems, self-powered wireless devices, and consumer electronic (CE) devices. More specifically the present application relates to provision of networked based services to Bluetooth-enabled devices. The present application describes a very low-cost, multi-purpose, rapidly re-purposable Bluetooth node that may sit at the edge of a network and may be configured to allow a network system to dynamically add and remove different Bluetooth capabilities and allow for a much higher level of management of Bluetooth devices that are interacting with the network. | 2016-10-06 |
20160294731 | Techniques For Facilitating Port Mirroring In Virtual Networks - Techniques for facilitating port mirroring in virtual networks are provided. In one embodiment, a computer system can receive, from a user, port minoring configuration information for enabling port minoring within a virtual network, the port mirroring configuration information including an identity of a port to be mirrored and an address of a traffic receiver intended to receive traffic mirrored from the port. The computer system can further power-on a virtual machine (VM) within the virtual network in response to receiving the port minoring configuration information, where the VM executes an instance of a virtual bridge. The computer system can then transmit one or more configuration commands to the virtual bridge, where the one or more configuration commands cause the virtual bridge to perform port mirroring in accordance with the port mirroring configuration information received from the user. | 2016-10-06 |
20160294732 | DYNAMIC SERVICE ORCHESTRATION WITHIN PAAS PLATFORMS - According to one exemplary embodiment, a method for orchestrating a flow of a packet through a software-defined network (SDN) switch is provided. The method may include determining at least one available service associated with the SDN switch. The method may also include receiving the packet at an input port associated with the SDN switch, wherein the packet has a destination value and a packet type. The method may then include generating a flow entry based on the at least one available service and the packet type, wherein the flow entry has a plurality of entry characteristics and an action. The method may further include selecting the flow entry based on matching the plurality of entry characteristics to the destination value and the packet type. The method may also include performing the action associated with the selected flow entry. | 2016-10-06 |
20160294733 | COMMUNICATION APPARATUS AND COMMUNICATION SYSTEM - The communication apparatus includes: a first circuit board unit including, on a front surface of the communication apparatus, a port for transmitting and receiving data to and from the network; a second circuit board unit including a plurality of first connectors connected to at least one of the first circuit board units, a second connector being capable of accommodating at least a bandwidth accommodated by the plurality of first circuit board units, and being connected, via a cable, to the other communication apparatus of a standby system; and a cross bar switch for selectively outputting data to the first connectors or the second connector as a data output destination, and a ventilation control unit for controlling a flow of air flowing between each of the first circuit board unit and the second circuit board unit, and outside of the communication apparatus. | 2016-10-06 |
20160294734 | METHOD FOR OPERATING CONTROLLER AND SWITCH FOR RELIEVING NETWORK FAILURE FROM SDN, AND CONTROLLER AND SWITCH THEREFOR - The present disclosure relates to a pre-5 | 2016-10-06 |
20160294735 | METHOD AND APPARATUS FOR USING MULTIPLE LINKED MEMORY LISTS - An apparatus and method for queuing data to a memory buffer. The method includes selecting a queue from a plurality of queues; receiving a token of data from the selected queue and requesting, by a queue module, addresses and pointers from a buffer manager for addresses allocated by the buffer manager for storing the token of data. Subsequently, a memory list is accessed by the buffer manager and addresses and pointers are generated to allocated addresses in the memory list which comprises a plurality of linked memory lists for additional address allocation. The method further includes writing into the accessed memory list the pointers for the allocated address where the pointers link together allocated addresses; and migrating to other memory lists for additional address allocations upon receipt of subsequent tokens of data from the queue; and generating additional pointers linking together the allocated addresses in the other memory lists. | 2016-10-06 |
20160294736 | COMMUNICATION APPARATUS, METHOD FOR CONTROLLING COMMUNICATION APPARATUS, AND STORAGE MEDIUM - A communication apparatus that includes a buffer, an acquisition unit, a packet processing unit, and a control unit performs packet communication of image data as audio data via a first channel and performs procedure signal exchange via a second channel. The buffer temporarily stores transmitted and received packets to synchronize the packets between a transmitting and a receiving side. The acquisition unit acquires a number of packets stored in the buffer. The packet processing unit performs packet processing by discarding a packet stored in the buffer where the number of acquired packets exceeds a first threshold value, and inserting a silent packet in the buffer where the number of acquired packets does not exceed a second threshold value. The control unit performs procedure signal exchange according to a packet stored in the buffer in which the number of packets is adjusted upon completion of the performed packet processing. | 2016-10-06 |
20160294737 | HANDLING INSTANT MESSAGE DELIVERY MEDIA TO END USER - A method for handling a plurality of instant message delivery media to a user of a mobile device is provided. The method may include detecting at least one instant message to be delivered to a recipient-user on the mobile device. The method may also include determining if a plurality of predefined conditions have been configured by the recipient-user. The method may further include displaying the at least one instant message to the recipient-user in accordance with the plurality of predefined conditions configured by the recipient-user. | 2016-10-06 |
20160294738 | METHOD AND DEVICE FOR IMPLEMENTING INSTANT MESSAGING - Disclosed are a method and device for implementing instant messaging through a browser. A plug-in interface of an instant messaging tool is preset on the browser. The method comprises: a master process of the browser creating a plug-in process corresponding to the instant messaging tool; triggering the plug-in interface to instruct the master process of the browser to reload a browser window; the master process of the browser dividing, in the browser window, page presentation ranges of a plug-in page of the instant messaging tool and a current tab of the browser window and notifying the plug-in process of the page presentation ranges; and the plug-in process generating the plug-in page according to the divided page presentation ranges and loading the plug-in page and the re-rendered current tab side by side in the browser window. | 2016-10-06 |
20160294739 | METHOD AND APPARATUS TO INCREASE PERSONALIZATION AND ENHANCE CHAT EXPERIENCES ON THE INTERNET - Computer-implemented method and apparatus for placing a request for an Internet chat session between a visitor and a chat persona. A client device displays to the visitor (i) a plurality of chat personas, and (ii) a plurality of chat actions determined by a visitor-identifier associated with the visitor. In response to visitor selections, a chat system server selects (i) at least one chat persona and (ii) at least one chat action. The client device sends to the chat system server (i) a chat request to begin a chat session, and (ii) the visitor-identifier. The chat system server receives the chat request and the visitor identifier. The chat system server retrieves from memory additional information corresponding to the received visitor-identifier. The chat system server generates a personalized chat session between the identified visitor on the client device and the selected persona on the chat system server, using the retrieved additional information. | 2016-10-06 |
20160294740 | E-MAIL INTEGRATED INSTANT MESSAGING - A system and method supporting instant messaging which removes many of the problems and barriers to the use of instant messaging through the use of universally unique identifiers to web pages for instant messaging sessions, with recipients invited to the instant messaging session via email. | 2016-10-06 |
20160294741 | SYSTEM AND ASSOCIATED METHODS FOR REMOTELY ENABLING FEATURES - A method and apparatus enables a feature among a plurality of features in an application loaded on a client, with the client located remotely from a server. The server receives a data profile request from the client. in response to the data profile request, a data profile is sent from the server to the client, the data profile including a profile key to identify the client, an application identification to identify the application, and a feature selector. The application uses the feature selector to enable the feature among the plurality of features. | 2016-10-06 |
20160294742 | MULTIPLE PERSONALITIES IN CHAT COMMUNICATIONS - The same user is able to project different personalities while visiting different chat rooms. The personalities are tailored to the chat room being visited. Different personalization items (e.g., an icon or avatar, wallpaper, sounds, a smiley set, and text style) are provided based upon the chat room that the user is visiting. The personalization items may be customized based upon the identity of the chat room (such as a particular chat room, the type of chat room, or the content of the chat room). The personalization items may be host based and may leverage instant messaging (“IM”) personalization items. The personalization items may be user selected or user provided. | 2016-10-06 |
20160294743 | BROWSER TOOLBAR - A method for enabling two or more users to chat within a toolbar for a web browser is disclosed, having the steps of authenticating a user ID of an individual, authenticating the user IDs of one or more other users, the user navigating to a webpage, displaying user IDs of one or more other users currently on the same webpage on the toolbar, the individual typing a comment, wherein the comment is linked to the webpage, the toolbar verifying the comment and communicating the comment to one or more other users, and the toolbar displaying comments from other users to the individual. The comment may include a vote configured to upvote or downvote the webpage. The vote or comment may be linked to a particular user ID. The method may have the further step of the individual voting on the webpage. | 2016-10-06 |
20160294744 | INFORMATION SHARING MANAGEMENT ON AN INSTANT MESSAGING PLATFORM - This application discloses a method implemented at a server to control information items shared on an instant messaging platform. The server monitors information sharing activities by a public account of the instant messaging platform. The public account is supported by a third party application authorized by the instant messaging platform and has connection with a plurality of individual user accounts of the instant messaging platform. When the amount of information shared by the public account exceeds a predefined threshold, the server partitions the shared information into multiple categories and measures user activities from the plurality of individual user accounts on the categorized shared information. The server selects a policy of restricting the public account from sharing information with the plurality of individual user accounts based on the measurement result, and applies the policy to the public account. | 2016-10-06 |
20160294745 | MODIFICATION OF ELECTRONIC MESSAGES - Modification of electronic messages is provided. A content of an electronic message having one or more recipients is analyzed. One or more suggested modifications to the content of the electronic message are provided, based, at least in part, on the content of the electronic message and on at least one of: recipient profile data of the one or more recipients and group data of the one or more recipients. The content of the electronic message is modified based, at least in part, on a selected suggested modification of the one or more suggested modifications in response to receiving an interaction of a user, wherein the interaction identifies the selected suggested modification. | 2016-10-06 |
20160294746 | MODIFICATION OF ELECTRONIC MESSAGES - Modification of electronic messages is provided. A content of an electronic message having one or more recipients is analyzed. One or more suggested modifications to the content of the electronic message are provided, based, at least in part, on the content of the electronic message and on at least one of: recipient profile data of the one or more recipients and group data of the one or more recipients. The content of the electronic message is modified based, at least in part, on a selected suggested modification of the one or more suggested modifications in response to receiving an interaction of a user, wherein the interaction identifies the selected suggested modification. | 2016-10-06 |
20160294747 | TRANSMISSION FRAME AND RADIO UNIT WITH TRANSMISSION FRAME - For transmitting messages in a radiotelecommunications network from a first subscriber station, a transmission frame at least two data fields with data in a first data format transmitted in a first data field of the short message, and data in a second data format, different from the first data format, are transmitted in a second data field of the short message, a first identification code, which identifies a makeup of the short message, is transmitted il} the first data field and includes information about at least one of a number of data fields, one or more data formats of data in the data fields, and a size of the data fields, and in each of two data fields, one data-field-specific identification code, which identifies a makeup and content of the corresponding data field, per data field is transmitted. | 2016-10-06 |
20160294748 | METHOD AND SYSTEM FOR CONTROLLING MESSAGE DISSEMINATION FROM PUBLIC ACCOUNTS TO USER ACCOUNTS - A server with one or more processors and memory receives a template request from a public account in the social networking platform for a message template and determines a category corresponding to the template request based on a characteristic of the public account or a characteristic specified in the template request. The server identifies template(s) according to the category from a template library and sends the template(s) with corresponding template identifiers to the public account. After the sending, the server receives a message request from the public account, including a template identifier for a first message template, recipient information, and respective values for one or more information parameters of the first message template. The server generates a message based on the message request and the first message template and sends the generated message to a user account in the social networking platform that corresponds to the recipient information. | 2016-10-06 |
20160294749 | SELECTIVE FORWARDING OF COMPONENTS OF AN ATTACHED ARCHIVE IN EMAIL SYSTEM - A communication management system. A computer receives an electronic communication including an attachment and selectively forwards components of the attachment to multiple recipients based on associating the recipients with the components. | 2016-10-06 |
20160294750 | Electronic Message Slide Reveal System and Method - An electronic message can be displayed such that as a user provides an instruction to move the display of message content to one side of a display element, the message content is obscured and a message descriptive information is caused to be displayed. Display of message content can be done in an unobscured fashion in certain implementations without display of any message descriptive information. Separated display of message content and message descriptive information may provide a benefit of reduced traceability of the electronic message and/or reduced ability to screen capture an electronic message. | 2016-10-06 |
20160294751 | ANIMATED DELIVERY OF ELECTRONIC MESSAGES - An electronic message is transformed into moving images uttering the content of the electronic message. Methods of the present invention may be implemented on devices such as smart phones to enable users to compose text and select an animation character which may include cartoons, persons, animals, or avatars. The recipient is presented with an animation or video of the animation character with a voice that speaks the words of the text. The user may further select and include a catch-phrase associated with the character. The user may further select a background music identifier and a background music associated with the background music identifier is played back while the animated text is being presented. The user may further select a type of animation and the animation character will be animated according to the type of animation. | 2016-10-06 |
20160294752 | MESSAGE MATCHING SYSTEMS AND MESSAGE MATCHING METHODS THEREOF - Message matching methods for use in a message matching system are provided. The message matching system includes a first electronic device, a server and at least one second electronic device. The method includes the steps of: receiving, by the server, a first message from the first electronic device; finding, by the server, at least one second message corresponding to the first message from a database based on the content of the first message; determining, by the server, whether the at least one second message matches the first message; and if so, transmitting, by the server, the at least one second message to the first electronic device and the first message to a second electronic device corresponding to the at least one second message respectively, wherein the second message has content corresponding to that of the first message and is sent by an unknown source. | 2016-10-06 |
20160294753 | System and Method for Implementing an Integrity-Based Social Network Filtering System and Related Environment - The disclosed embodiments are directed to a system for facilitating integrity based communications among users of a social network. The system performs operations that include receiving a first message on the social network from a first user that is available to second users of the social network. An indication is transmitted which is displayed on a visual representation associated with the social network and further available to second users of the social network. The indication specifies that the first message is flagged by a third user as non-compliant with a policy of the social network. A first message is transmitted for a review by a first voter selected from a plurality of users of the social network. A first voter is selected based on a predetermined model. The review determines if the first message will be removed from the social networking site. The determined result of the review is transmitted to the first user, indicating whether the first user is restricted from posting the first message for a predetermined period of time. The system also determines if the review by the at least one voter, is ratified based on a quorum of users above a threshold value. | 2016-10-06 |
20160294754 | AUTOMATIC DETERMINATION OF ADDITIONAL LANGUAGES USED IN SOCIAL NETWORKS - A computer processor determines a first language in which a message posted on a social network is composed, the message corresponds to a user of a social network. The computer processor compares the first language of the message to a set of one or more languages understood by the user of the social network. In response to the first language of the message failing to match one language of the set of one or more languages understood by the user, the computer processor prompts the user to confirm continued use of the first language, within the social network. | 2016-10-06 |
20160294755 | DETECTING MESSAGES WITH OFFENSIVE CONTENT - Methods, systems, and apparatus, including computer programs encoded on computer storage medium, to facilitate interception of messages that include offensive content. In one aspect, a method includes actions of receiving input on a user device that includes message content, determining, on the user device, whether the message content includes offensive content, and in response to determining, on the user device, that the message content includes offensive content, generating an alert message for display on the user device that provides an indication that the message includes offensive content. | 2016-10-06 |
20160294756 | ANONYMOUS CONTENT POSTING - Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for enabling anonymous posting of content, e.g., over a network (e.g., the internet). In some instances, users may inform a system of various attributes of the user, for example, job title, skills, and/or interests. The system may group similar users together. In some cases, users grouped together can see messages posted by the other users in the group in an anonymous discussion forum. In other cases, users grouped together can have other users in the group presented to them as potential options of users to follow, e.g., as part of an anonymous social media platform. In some implementations, users can identify particular user subsets to view posted content. | 2016-10-06 |
20160294757 | AUTOMATIC GENERATION OF DYNAMICALLY ASSIGNED CONDITIONAL FOLLOW-UP TASKS - Methods and apparatuses for automatic generation of dynamically assigned conditional follow-up tasks. A composition interface in which a user can compose an electronic mail message is provided. A mechanism within the composition interface to select a response window is provided. A follow-up task corresponding to the electronic mail message for the user is generated only if a response to the electronic mail message is not received within the response window. | 2016-10-06 |
20160294758 | Mail Routing and Analytics System - A mail capture and routing system for digitally capturing information from physical mail items, using such information for routing the captured mail to an appropriate addressee and integrating such information into existing messaging and/or document management systems. The methods include digitally scanning an image of the mail item, and reading text from the scanned image to create metadata content. A digital mail file comprising the scanned image and the metadata content is created, and the data in the metadata content is used to perform an action on the digital mail file, the action including forwarding the digital mail file via email to an addressee identified in the metadata content. The addressee can be identified by checking additional information associated with the addressee in memory of the computer system. The system and methods include machine learning algorithms so the accuracy of the addressee identification can be checked and improved over time, and can add additional layers of actions. Users can interact with the digital mail file representing the physical mail file, preferably in a unified messaging system. | 2016-10-06 |
20160294759 | SYSTEM AND METHOD TO DELIVER EMAILS AS EXPRESSIVE CONVERSATIONS ON MOBILE INTERFACES - A computer-implemented system and method for reformatting and delivering emails as conversations. The computer-implemented method includes: synchronizing with an email service and receiving an email message via a data network; parsing content of the received email message to identify and suppress email content not related to conversational content and retaining the conversational content; reformatting the received email message to include the conversational content in a chat style format as an expressive conversation; making the expressive conversation available to a client email application; and presenting the expressive conversation to a user via the client email application. | 2016-10-06 |
20160294760 | SYSTEM FOR PROMPTING EVENTS - A system for prompting events to a user comprising of an attachment device for fastening to a surface and a notifying device set within attachment device. The notifying device allows for prompting events on the surface of the user and a mindfulness application communicates with the notifying device prompting events relating to a desired internal behavior. The mindfulness application primarily operates through a mobile device and sends push notifications to the wearable device at a user selected schedule. Upon receiving the notification, the wearable device notifies the user through a user selected means, thereby alerting the user to alter their behavior pattern. | 2016-10-06 |
20160294761 | CONTENT PERSONALIZATION BASED ON ATTRIBUTES OF MEMBERS OF A SOCIAL NETWORKING SERVICE - A machine may be configured to personalize the content presented to a member of the social networking service visiting a web site. For example, the machine accesses a member identifier associated with a visitor to a web site. The member identifier identifies a particular member of a social networking service. The machine accesses member data associated with the member identifier in a database associated with the social networking service. The machine identifies one or more attributes associated with the particular member based on the member data. The machine selects an item of content for presentation to the particular member visiting the web site based on the one or more attributes associated with the particular member. The machine causes presentation of the item of content in a user interface of a widget included in the web site. | 2016-10-06 |
20160294762 | MULTI-USER MEDIA PRESENTATION SYSTEM - One or more embodiments of the disclosure provide systems and methods for providing media presentations to users of a media presentation system. A media presentation generally includes a plurality of media segments provided by multiple users of the media presentation system. In one or more embodiments, a user of the media presentation system may share a media presentation with a co-user. The media presentation system can provide a number of features to assist a user in sharing, filtering, and accessing media presentations. | 2016-10-06 |
20160294763 | MULTI-USER MEDIA PRESENTATION SYSTEM - One or more embodiments of the disclosure provide systems and methods for providing media presentations to users of a media presentation system. A media presentation generally includes a plurality of media segments provided by multiple users of the media presentation system. In one or more embodiments, a user of the media presentation system may share a media presentation with a co-user. The media presentation system can provide a number of features to assist a user in sharing, filtering, and accessing media presentations. | 2016-10-06 |
20160294764 | CLIENT SIDE SOCIAL NETWORK RESPONSE TRACKING - Embodiments of the present invention address deficiencies of the art in respect to response subscriptions and provide a method, system and computer program product for response tracking across social networks. In one embodiment of the invention, a social networking response tracking method can be provided. The method can be performed by client-side logic and can include associating subscribers with a user or a group of users based upon a posting by the user or a user in the group of users within a client computing device for the user, aggregating different postings from the user to correspondingly different forums disposed about a global computer communications network, and, notifying the subscribers of the aggregated postings. | 2016-10-06 |
20160294765 | Systems and Methods for Path Optimization In A Message Campaign - A method is provided for path optimization for a message campaign. A graphical user interface representation of the message campaign is displayed. Sets of input instructions are received. Each set of input instructions corresponds to a path in the message campaign. The sets of input instructions are executed, causing different electronic messages to be sent according to corresponding paths to different destination targets. Responses are monitored. A winning path is then determined based on a correlation of a criterion with a goal for the message campaign and also the responses or results of executing the plurality of sets of input instructions. The winning path from among the plurality of paths is then upweighted. The message campaign then uses the upweighted winning path by causing a second plurality of electronic messages to be sent through the winning path to destination targets in the plurality of destination targets. | 2016-10-06 |
20160294766 | INTEGRATED CONTACT CARD COMMUNICATION - Embodiments provide integrated reply functionality within the context of a contact card or panel. Contact information is provided for display in the contact card (e.g., a portion of a user interface of a computing device). The contact information is associated with a contact. The contact information identifies one or more transport modes for communication with the contact. In some embodiments, the computing device receives a request from a user to communicate with the contact via at least one selected transport mode. Based on the received request, the computing device provides an input field within the contact card. In other embodiments, the transport mode is automatically selected and the input field is displayed. Data from the user is received into the input field for communication to the contact. The computing device sends the data received into the input field to the contact via the selected transport mode. The integrated reply functionality is accessible from a conversation history displayed in the contact card. | 2016-10-06 |
20160294767 | SECURE DYNAMIC ADDRESS RESOLUTION AND COMMUNICATION SYSTEM, METHOD, AND DEVICE - The present invention is directed to a node (device), system, and computer program for providing secure dynamic address resolution and communication, without having to utilize third party DNS and/or MX server(s). Accordingly, a node may include processor and memory having instructions thereon, that when executed, cause the node to pair with another node. The pairing may include creating a DNS record on the node including a current address associated with the second node, this current address may be dynamically updated. The instructions may further allow the node to transmit a message to the second node, based on a resolved address from the DNS record on the first node. Authentication, dynamic message encryption and the provision of a DNS cache may further be implemented on the node. | 2016-10-06 |
20160294768 | ELECTRONIC DEVICE FOR PERFORMING COMMUNICATION USING DNS NAME AND METHOD THEREOF - An electronic device and method thereof is provided. The electronic device includes a processor configured to obtain a domain name system (DNS) name of another electronic device, a display circuit configured to display the DNS name, a user input receive circuit configured to receive a user input associated with the displayed DNS name, and a communication circuit configured to perform peer-to-peer communication with the other electronic device based on the user input. | 2016-10-06 |
20160294769 | Communication Method, Apparatus, and System of Virtual Extensible Local Area Network - A communication method includes a transmit-end tunnel end points (VTEP) may intercept a broadcast packet that does not have a destination address and that is sent by a transmit-end virtual machine, acquire an Internet Protocol (IP) address list of a receive-end VTEP that belongs to same virtual extensible local area network (VXLAN) as the transmit-end VTEP, encapsulate the broadcast packet into a unicast packet according to an IP address of the receive-end VTEP, and send, in a form of the unicast packet, the original packet to another receive-end VTEP on the same VXLAN, where avoiding using a multicast manner to perform communication between VTEPs on the VXLAN such that construction of the VXLAN no longer depends on a multicast group quantity or capability of a tunnel end point, which extends application of the VXLAN. | 2016-10-06 |
20160294770 | MANAGING COMMUNICATIONS BETWEEN COMPUTING NODES - Techniques are described for managing communications sent to and/or from multiple computing nodes, such as for a group of computing nodes that are part of one or more private networks. In at least some situations, the techniques are used in conjunction with providing network address translation (“NAT”) functionality to a group of computing nodes that share one or more networks, such as to provide NAT functionality in a distributed and asymmetric manner using multiple computing devices that perform different types of operations at different locations within the private network. | 2016-10-06 |
20160294771 | Apparatus, Method, And Client For Synchronizing Jump Context - An apparatus, a method, and a client for synchronizing a jump context, such as for synchronizing a jump context of a social application platform to a third-party website, are provided. The apparatus includes a session ID generating module configured to acquire a jump context of a user from a social application platform, save the jump context to a session data DB, and return an ID of the jump context to the social application platform. The apparatus also includes a session data acquiring API configured to acquire the ID of the jump context from a third-party website, acquire the corresponding jump context from the session data DB according to the ID, and feed back the jump context to the third-party website. The session data DB is configured to save the jump context and the ID corresponding to the jump context. | 2016-10-06 |
20160294772 | USING HEADERSPACE ANALYSIS TO IDENTIFY UNNEEDED DISTRIBUTED FIREWALL RULES - Some embodiments provide a method for identifying unnecessary firewall rules for a distributed firewall of a logical network. The method identifies a firewall policy for network traffic of the logical network. The firewall policy includes a set of firewall rules. The method generates a set of data for implementing the firewall policy on a set of managed forwarding elements that implement the logical network. The method analyzes potential network traffic based on the generated set of data to identify a subset of unnecessary data. The method identifies a subset of unnecessary firewall rules of the set of firewall rules that corresponds to the subset of unnecessary data. | 2016-10-06 |
20160294773 | BEHAVIOR ANALYSIS BASED DNS TUNNELING DETECTION AND CLASSIFICATION FRAMEWORK FOR NETWORK SECURITY - New and improved techniques for a behavior analysis based DNS tunneling detection and classification framework for network security are disclosed. In some embodiments, a platform implementing an analytics framework for DNS security is provided for facilitating DNS tunneling detection. For example, an online platform can implement an analytics framework for DNS security based on passive DNS traffic analysis. | 2016-10-06 |
20160294774 | METHODS AND SYSTEMS FOR ORCHESTRATING PHYSICAL AND VIRTUAL SWITCHES TO ENFORCE SECURITY BOUNDARIES - Some embodiments include methods comprising: writing entries in a forwarding table of a switch through an application programming interface (API) of the switch, such that first data packets from a first host and directed to a second host are forwarded by the switch to an enforcement point; receiving the first data packets; forwarding the first data packets to the enforcement point using the forwarding table; determining whether the first data packets violate a high-level security policy using a low-level rule set; configuring the forwarding table through the API such that second data packets are forwarded by the switch to the second host, in response to determining the first data packets do not violate the security policy; configuring the forwarding table through the API such that the second data packets are dropped or forwarded to a security function by the switch, in response to the determining. | 2016-10-06 |
20160294775 | WEB FILTERING WITH INTEGRATED PARENTAL MANAGEMENT AND REPORTING - A system and method for web filtering, including: generating an institutional policy dashboard that enables an institution that issued a computing device to a minor user to select a set of institutional web access policies sanctioned by the institution; generating a parental policy dashboard that enables a parent of the minor user to select to a set of parental web access policies sanctioned by the parent; filtering web content accessed by the minor user via the computing device by enforcing the parental and the institutional web access policies; and reporting to the parent a set of web accesses undertaken by the minor user via the computing device. | 2016-10-06 |
20160294776 | SECURITY CLUSTER FOR PERFORMING SECURITY CHECK - Some embodiments of the invention provide a method for a first security controller that performs security operations on the packets that are transmitted within a network. The method of some embodiments receives a packet from a forwarding element in the network based on a decision made by a security agent that operates along with the forwarding element. When the first security controller stores a security rule for the packet, the method processes the packet according to the stored security rule. When the first security controller does not store a security rule for the packet, the method (i) determines that a second security controller stores a security rule for the packet based on a set of header values of the packet, and (ii) sends the packet to the second security controller for security processing according to the security rule for the packet stored on the second security controller. | 2016-10-06 |
20160294777 | METHOD AND SYSTEM FOR ESTABLISHING VIRTUAL PRIVATE NETWORKS BETWEEN LOCAL AREA NETWORKS - The invention relates to a method for establishing a virtual private network between local area networks, each local area network comprising at least one access gateway to a public network and a unit comprising a VPN client, the method comprising the following steps carried out each time a unit is powered on: sending, by the unit, of at least one connection message to an infrastructure connected to the public network and comprising at least one intermediate server, each connection message passing through a respective gateway of the local area network; reception, by the infrastructure, of each connection message; and determination of topology data identifying each bridge of the local area network in which the unit is placed, the method further comprising the following steps carried out for a plurality of units: instancing, by a predetermined intermediate server of the infrastructure, of a VPN server associated with the plurality of units; establishing an encryption tunnel between the VPN server and the VPN client of each unit from the corresponding topology data; and creating and storing routing data representative of a data routing rule between the established encryption tunnels. | 2016-10-06 |
20160294778 | RULE-BASED ROUTING TO RESOURCES THROUGH A NETWORK - Techniques for determining which resource access requests are handled locally at a remote computer, and which resource access requests are routed or “redirected” through a virtual private network. One or more routing or “redirection” rules are downloaded from a redirection rule server to a remote computer. When the node of the virtual private network running on the remote computer receives a resource access request, it compares the identified resource with the rules. Based upon how the identified resource matches one or more rules, the node will determine whether the resource access request is redirected through the virtual private network or handled locally (e.g., retrieved locally from another network). A single set of redirection rules can be distributed to and employed by a variety of different virtual private network communication techniques. | 2016-10-06 |
20160294779 | DEVICE MANAGEMENT PROXY FOR SECURE DEVICES - A hardware device architecture is described that improves security and flexibility in access to hardware device settings. A device management proxy service is digitally signed and granted access to device settings. Applications are then digitally provisioned by the proxy service and only validated signed requests from applications are permitted to change hardware device settings. Further granularity over hardware device settings is achieved through user accounts and groups established by the applications. | 2016-10-06 |
20160294780 | SYSTEM AND METHOD FOR PROVIDING AN APPLICATION PROGRAMMING INTERFACE FOR DEPLOYING A SERVICE BUS ARTIFACT FROM A LOCAL DEVELOPMENT ENVIRONMENT TO A CLOUD ENVIRONMENT - In accordance with an embodiment, described herein is a system and method for deploying a service bus artifact from a local development environment to a service bus instance in a cloud environment. A deployment API can be plugged into the local development environment to perform a plurality of steps required for deploying the service bus artifact, including enabling communication from the local development environment to pass through a corporate firewall. The plurality of steps can be wrapped in a single service call to the service bus instance; and can include creating a session, uploading the service bus artifact, importing the uploaded service bus artifact, executing customization, and activating the session. In the event of a failure of any step, the service call can abort. The deployment API is generic and can be plugged into a plurality of development products. | 2016-10-06 |
20160294781 | PARTIAL OR COMPLETE IMAGE OBFUSCATION AND RECOVERY FOR PRIVACY PROTECTION - A system described herein pertains to privacy protection of personal images online and in particular within social media networks. A method consistent with the present disclosure includes capturing an image within computer memory. After the image is captured, analyzing the image and segmenting the image. Segmenting the image may include modifying the captured image into a modified image. The modified image includes an obfuscated portion. | 2016-10-06 |
20160294782 | ENHANCED SECURITY WHEN SENDING ASYNCHRONOUS MESSAGES - According to one exemplary embodiment, a method for increasing security when sending a plurality of messages over a network connection is provided. The method may include determining if the plurality of messages on a staging queue satisfies a batch threshold value. The method may also include determining a security key with a message destination based on determining that the plurality of messages on the staging queue satisfies the batch threshold value. The method may then include encrypting the plurality of messages based on the determined security key. The method may further include sending the encrypted plurality of messages to the message destination over the network connection. | 2016-10-06 |
20160294783 | DECENTRALIZED AND DISTRIBUTED SECURE HOME SUBSCRIBER SERVER DEVICE - A decentralized and distributed secure home subscriber server is provided. First data can be sent representing a first nonce string to a mobile device; and in response to receiving second data representing the first nonce string and a second nonce string, a communication channel can be established with the mobile device as a function of the first nonce string. | 2016-10-06 |
20160294784 | ENHANCED SECURITY WHEN SENDING ASYNCHRONOUS MESSAGES - According to one exemplary embodiment, a method for increasing security when sending a plurality of messages over a network connection is provided. The method may include determining if the plurality of messages on a staging queue satisfies a batch threshold value. The method may also include determining a security key with a message destination based on determining that the plurality of messages on the staging queue satisfies the batch threshold value. The method may then include encrypting the plurality of messages based on the determined security key. The method may further include sending the encrypted plurality of messages to the message destination over the network connection. | 2016-10-06 |
20160294785 | USER TERMINAL DEVICE, COMMUNICATION SYSTEM AND CONTROL METHOD THEREFOR - A user terminal device is disclosed. A user terminal device that supports an instant messenger service includes: a display unit for providing an instant messenger service screen including an output message; and a control unit for, when the output message is an encrypted message, decrypting the encrypted message according to a predetermined event and providing the decrypted message to the screen or another screen separate from the screen. | 2016-10-06 |
20160294786 | Telecommunication System and Method Providing Unified Platform For Services Amongst Clients That Execute Browser and Non-Browser Applications - A telecommunication network comprises one or more servers. The one or more servers are configured to connect to a first client device associated with a first user. The first client device executes a web browser application to enable the first user to access telecommunication services using a real-time communication protocol. The web browser application comprises a telecommunication application that uses Hypertext Transfer Protocol (HTTP) to transmit and receive the first user's authentication information. The one or more servers are further configured to connect a second client device associated with a second user. The second client device executes a non-browser application to enable the second user to access the telecommunication resources using an Internet telephony protocol. A web browser application is a telecommunication application that uses HTTP protocol for initiating a session and a non-browser application is a telecommunication application that uses Session Initiation Protocol (SIP) protocol for initiating a session. The non-browser application uses the SIP to forward and receive the second user's authentication information. The one or more servers are configured to authorize the web browser application to access the telecommunication services using HTTP and authorize the non-browser application to access the telecommunication services using SIP. The one or more servers are configured to transport media to the first client device after authorizing access the telecommunication services using HTTP and transport media to the second client device after authorizing access the telecommunication services using SIP. | 2016-10-06 |
20160294787 | SECURE AND CONFIDENTIAL MESSAGING SYSTEMS - A secure messaging system that allows a user to display incoming messages that appear in the same format as outgoing message, that have no identifying information to identify the sender or recipient of any message displayed, and that deletes messages after the messages have been read. The secure messaging system also allows usernames in a contacts application to be identified using nicknames. | 2016-10-06 |
20160294788 | Bin enabled data object encryption and storage apparatuses, methods and systems - The BIN ENABLED DATA OBJECT ENCRYPTION AND STORAGE APPARATUSES, METHODS AND SYSTEMS (“MBIN”) transforms bin creation requests, bin templates and unencrypted object storage inputs, using MBIN components, into encrypted object storage bins and encrypted bin objects. A method comprises the creation of encrypted object storage bins, the storage of encrypted bin objects, and an application framework that allows privileged applications to leverage the capabilities of and data stored in the encrypted object storage bins. | 2016-10-06 |
20160294789 | MULTI-NODE ENCRYPTION - For multi-node encryption, a method communicates communication data from a first upstream node to a first downstream node in response to the first upstream node initiating secure communication with the first downstream node. The method further generates a downstream node nonce from communication data exchanged with the first downstream node. The method generates a first downstream message transformation as a function of the downstream node nonce. The method receives a request encrypted with the first downstream message transformation through the first downstream node. The method communicates the upstream message transformation encrypted with the first downstream message transformation through the first downstream node to the destination node in response to the request. In addition, the method generates a tunnel transformation at the destination node as a function of one or more upstream message transformations and the first downstream message transformation. | 2016-10-06 |
20160294790 | Device Theft Protection Associating A Device Identifier And A User Identifier - When theft protection of a computing device is initiated, credentials of the user are provided to one or more services that verify the credentials and generate a recovery key. A data value is generated based on the recovery key and an identifier of the computing device (e.g., by applying a cryptographic hash function to the recovery key and the computing device identifier), and the data value is provided to the computing device, which stores the data value at the computing device. When a user is prompted to prove his or her ownership of the device, the owner can prove his or her ownership of the device in different manners by accessing the one or more services via a network (e.g., the Internet), or by providing the recovery key (e.g., obtained using another computing device) to the computing device. | 2016-10-06 |
20160294791 | METHOD TO PROTECT A SET OF SENSITIVE DATA ASSOCIATED TO PUBLIC DATA IN A SECURED CONTAINER - The present invention relates to a method to protect, in a secured container using an encryption key, a set of mixed sensitive and public data to be transferred to an entity. The method includes the steps of: generating a random key, ciphering the set of mixed sensitive and public data using said random key to obtain a ciphered set of data, generating an initialization value, and defining configuration information for the secured container. The initialization value, the configuration information and random key form a preamble. The preamble and the ciphered set of data are encrypted. The initialization value renders the resulting encrypted data variable from a secured container to another even in case of repetitive configuration information in the preamble. | 2016-10-06 |
20160294792 | PROTECTION OF MEMORY INTERFACE - An apparatus includes an interface and logic circuitry. The interface is configured to communicate over a communication link. The logic circuitry is configured to convert between a first stream of plaintext bits and a second stream of ciphered bits that are exchanged over the communication link, by applying a cascade of a stream ciphering operation and a mixing operation that cryptographically maps input bits to output bits. | 2016-10-06 |
20160294793 | AGILE NETWORK PROTOCOL FOR SECURE COMMUNICATIONS USING SECURE DOMAIN NAMES - A network device comprises a storage device storing an application program for a secure communications service, and at least one processor configured to execute the application program for the secure communications service so as to enable the network device to send a request to look up a network address of a second device based on an identifier associated with the second device, receive an indication that the second device is available for the secure communications service, the indication including the requested network address and provisioning information for a secure communication link, connect to the second device over the secure communication link, using the received network address of the second device and the provisioning information for the secure communication link, and communicate at least one of video data and audio data with the second device using the secure communications service via the secure communication link. | 2016-10-06 |
20160294794 | Security System For Data Communications Including Key Management And Privacy - A security system and method that incorporates key management as well as provides privacy for its users. The security system and method removes all incentives for surveilling user communications in the search for personally identifiable information and usage patterns. This goal is achieved by ensuring that a snooper cannot make a distinction between two different users just by observing their communication. The system removes all personally identifiable information from open communication. The security system and method functions to anonymize data communications in relation to the user and the system. | 2016-10-06 |
20160294795 | MULTIMEDIA NETWORK SYSTEM WITH CONTENT IMPORTATION, CONTENT EXPORTATION, AND INTEGRATED CONTENT MANAGEMENT - This system provides wired and/or wireless access throughout a multimedia network built on a distributed architecture which can be transparent to the user. This multimedia network includes content which is imported or generated within the network. The system allows for the content provider to determine the license status of content and update the license status of content which was previously provided by that provider. The external content can be accessed in real time or downloaded and stored within the system for later access at the convenience of the user. The usage of some content is controlled by the use of encryption and other protection methods. The system allows for storage of live video by storing the digitized video and allowing the user to control how, when and where the content is viewed. The system makes available multiple multimedia services to all users in the network or connected via the internet. | 2016-10-06 |
20160294796 | CHALLENGE-DYNAMIC CREDENTIAL PAIRS FOR CLIENT/SERVER REQUEST VALIDATION - Computer systems and methods in various embodiments are configured for improving the security and efficiency of server computers interacting through an intermediary computer with client computers that may be executing malicious and/or autonomous headless browsers or “bots”. In an embodiment, a computer system comprises: a memory; a processor coupled to the memory; a protocol client module that is coupled to the processor and the memory and configured to intercept a first set of instructions that define one or more original operations, which are configured to cause one or more requests to be sent to the server computer when executed by the client computer; a forward transformer module that is coupled to the processor and the memory and configured to: generate, at the intermediary computer system, a first challenge credential to be sent to the client computer; render one or more first dynamic-credential instructions, which when executed by the client computer, cause the client computer to generate a first dynamic credential that corresponds to the first challenge credential and to include the first dynamic credential in the one or more requests from the client computer; modify the first set of instructions to produce a second set of instructions, wherein the second set of instructions include the first challenge credential and the one or more first dynamic-credential instructions, and which when executed by the client computer, cause the first challenge credential to be included in the one or more requests sent from the client computer; send the second set of instructions to a second computer. | 2016-10-06 |
20160294797 | SECURE TRANSMISSION OF A SESSION IDENTIFIER DURING SERVICE AUTHENTICATION - In an embodiment a method is performed by a network access device (NAD). The NAD transfers a first HTTPS request from a client computer (UE) to an identity provider computer (IdP). The NAD transfers, from the IdP, a preceding redirected URL in response to the first HTTPS request, to the UE and configured to cause the UE to redirect to said preceding redirected URL. Over a secure network link, the NAD receives a particular request specifying said preceding redirected URL, from the UE. Responsive to receiving the particular request, the NAD generates a response, comprising a subsequent redirected URL and a session identifier, and configured to cause the UE to redirect to the IdP over an HTTPS connection. The NAD transfers said subsequent redirected URL over the secure network link to the UE. The NAD transfers a second HTTPS request, comprising the session identifier, from the UE to the IdP. | 2016-10-06 |
20160294798 | BIOMETRIC DATA BROKERAGE SYSTEM AND METHOD FOR TRANSFER OF BIOMETRIC RECORDS BETWEEN BIOMETRIC COLLECTION DEVICES AND BIOMETRIC PROCESSING SERVICES - A biometric data brokerage system (BDPS) and method for transfer of biometric records between at least one biometric collection device (BCD) and at least one biometric processing service (BPS) are disclosed. Embodiments provide a BDPS that utilizes biometric record translation routines that allow for biometric record submissions from any BCD to any BPS, regardless of biometric record format requirements. The need for costly and proprietary biometric record formatting software on BCDs is thereby eliminated. | 2016-10-06 |
20160294799 | MULTI-USER MEDIA PRESENTATION SYSTEM - One or more embodiments of the disclosure provide systems and methods for providing media presentations to users of a media presentation system. A media presentation generally includes a plurality of media segments provided by multiple users of the media presentation system. In one or more embodiments, a user of the media presentation system may share a media presentation with a co-user. The media presentation system can enable the co-user, if authorized by the user, to contribute (e.g., add a media segment) to a media presentation shared with the co-user. | 2016-10-06 |
20160294800 | AGGREGATED COMPUTING INFRASTRUCTURE ANALYZER - Embodiments of the invention provide techniques for receiving, authenticating, parsing, and storing operational status data (or telemetry data) from one or more hardware and software systems within an aggregated computing infrastructure. Operational status data may be transmitted over secure transmission channels and stored within secure data stores at a computing infrastructure analyzer. Additionally, some embodiments describe techniques for creating, storing, and retrieving operational risk rules that may apply to one or more computing infrastructures. Based on the operational risk rules, one or more determinations may be performed to identify data items for extraction from the received telemetry data of an aggregated computing infrastructure. Using the extracted telemetry data items, one or more operational risk rules may be evaluated with respect to the aggregated computing infrastructure. Based on the evaluation of operational risk rules, one or more operational risk items and/or operational risk values may be determined for the aggregated computing infrastructure. | 2016-10-06 |
20160294801 | METHOD AND APPARATUS FOR AUTHENTICATION IN PASSIVE OPTICAL NETWORK - A method and apparatus for authentication in a passive optical network are disclosed. In the disclosure, a first terminal serial number of an ONU and a first logic registration code are transmitted from the ONU to an OLT; if the OLT determines that the first terminal serial number does not match a second terminal serial number stored on the OLT, the OLT judges whether the first logic registration code received from the ONU matches a second logic registration code stored on the OLT; the OLT stores the first terminal serial number received from the ONU on the OLT if the first logic registration code matches the second logic registration code. | 2016-10-06 |
20160294802 | ACCELERATED PASSPHRASE VERIFICATION - Systems and methods for providing accelerated passphrase verification are disclosed. In one embodiment, a method includes receiving a full security string, generating a full security string hash code, storing the full security string hash code in a memory, determining at least one substring based on an entropy value associated with one or more leading characters in the full security string, generating at least one substring hash code and at least one corresponding character count value, such that the corresponding character count value equals a number of characters in the at least one substring, and storing the at least one substring hash code and the at least one corresponding character count value in the memory. | 2016-10-06 |
20160294803 | TOKEN DELEGATION FOR THIRD-PARTY AUTHORIZATION IN COMPUTER NETWORKING - In one embodiment, first content is served by an application server to a client computer through an Internet service provider network. The first content includes a link to second content on a third-party server. A token request is sent from the third-party server to the application server in response to selection of the link by the client computer. A token is provided to the third-party server by the application server in response to the token request. The token is configured to authorize data flow at a bandwidth for the second content by the Internet service provider network to the client computer. The data flow is authorized based on an agreement for the bandwidth between an operator of the application server and an operator of the Internet service provider network. | 2016-10-06 |
20160294804 | INFORMATION PROCESSING APPARATUS, INFORMATION PROCESSING METHOD, AND INFORMATION PROCESSING PROGRAM - It is an object to allow for simplification of authentication information to be input by a user while ensuring security. An information processing apparatus identifies a current situation in which a user is placed. The information processing apparatus obtains a past situation in which the user was placed at the time of past authentication. When the user is currently authenticated, the information processing apparatus simplifies authentication information to be entered by the user, depending on the current and past situations. The information processing apparatus outputs information prompting for the simplified authentication information. | 2016-10-06 |
20160294805 | METHOD AND TERMINAL DEVICE FOR ACCESSING NETWORK - A method and a terminal device for accessing network are provided. The method includes: prompting to input a Service Set Identifier (SSID) and an access password for accessing a router when a network access request is received from an accessing device; comparing the SSID and the access password input with an SSID and an access passwords in a historical network access data record; and transmitting the SSID and the access password input to the accessing device if the SSID and the access password input match the SSID and the access password in the historical network access data record. The accessing device will access a corresponding server based on the SSID and the access password transmitted by the terminal device. The method is applicable to facilitate the accessing device to access network via a terminal device. | 2016-10-06 |
20160294806 | ACCOUNT INFORMATION MANAGEMENT METHOD AND APPARATUS IN SMART TV - A method includes: when a login request is received from a user, sending account information input by the user to a user center server of a smart TV for authentication; after the authentication succeeds and login is completed, receiving login information returned by the user center server and corresponding to the account information, and saving the login information in a preset database; and when the user enables a target application in the smart TV, receiving a login status query request sent by the target application, returning a response message to the target application, and notifying the target application that the current user has logged in, so that the target application acquires corresponding login information from the preset database, and completes a service request by using the login information. With the present disclosure, uniform account management on various applications in a smart TV can be achieved, thereby saving resources. | 2016-10-06 |
20160294807 | SYSTEM, METHOD AND COMPUTER PROGRAM PRODUCT FOR AUTHENTICATING AND AUTHORIZING AN EXTERNAL ENTITY - In accordance with embodiments, there are provided mechanisms and methods for authenticating and authorizing an external entity. These mechanisms and methods for authenticating and authorizing an external entity can enable improved data security, more efficient data transfer, improved data access channels, etc. | 2016-10-06 |
20160294808 | AUTHENTICATION OF REMOTE HOST VIA CLOSED PORTS - A method, system and apparatus for authenticating a communication request sent from a client computing device. The communication request is initially blocked by a firewall preventing delivery to a server. A first logging event corresponding to the communication request is created. The communication request and the logging event are stored in a firewall. The server is notified of the first logging event. The communication request corresponding to the first logging event is authenticated. A port in the firewall is enabled if the communication request is authenticated. | 2016-10-06 |
20160294809 | TRUSTED AND UNSUPERVISED DIGITAL CERTIFICATE GENERATION USING A SECURITY TOKEN - A method, system and computer program product for ensuring PKI key pairs are operatively installed within a secure domain of a security token prior to generating a digital certificate. The public key component of the PKI key pair is incorporated into a digital certificate which is returned to the security token for storage. The arrangement included herein incorporates the use of a critical security parameter to ensure a chain of trust with an issuing entity such as a registration authority. Furthermore, the arrangement does not require security officer or system administrator oversight during digital certificate generation as the critical security parameter provides a sufficient level of trust to ensure that digital certificate generation is being performed in conjunction with a designated security token rather than a rogue application. Lastly, separate inventive embodiments allow alternate communications and verification arrangements to be implemented. | 2016-10-06 |
20160294810 | TERMINAL SINGLE SIGN-ON CONFIGURATION, AUTHENTICATION METHOD, AND SYSTEM, AND APPLICATION SERVICE SYSTEM THEREOF - The present invention provides a terminal single sign-on configuration, authentication method, and system. The terminal single sign-on authentication method includes obtaining a VPN login information for accessing a private virtual network, where the application service system is installed on a mobile terminal; and uploading the VPN login information to a server for verification. When the VPN login information is successfully verified, a recorded script associated with the VPN login information is obtained from the server, the recorded script containing a plurality of operations and login parameters corresponding to input controls in a user interface of the application service system for authentication. The method further includes according to the recorded script, automatically replaying the plurality of operations to input the login parameters to the corresponding input controls in the user interface, such that an authentication process for the application service system is completed automatically. | 2016-10-06 |
20160294811 | METHOD AND APPARATUS FOR IDENTITY FEDERATION GATEWAY - Techniques for an ID federation gateway include determining whether a user associated with a request for a particular network resource is to be identified by the provider of the particular service or by a different party. The service also comprises causing the different party to provide identification data that indicates an identity for the user, if the user is to be identified by the different party. The method further comprises causing user credentials data, based on the identification data, to be sent to an authentication process of the provider for a set of one or more network resources that includes the particular network resource requested by the user, if the data indicates that the user is successfully identified. | 2016-10-06 |
20160294812 | ACCOUNT LOGIN METHOD AND DEVICE - Provided are an account login method and an apparatus. A first account is associated with a second account, and information of a login target corresponding to the second account is configured. A login request for using the first account to log in to the login target corresponding to the second account is received. Login configuration information of the second account is retrieved based on an association relation between the first account and the second account. Login configuration information of the second account is sent to the login target corresponding to the second account; and the login target corresponding to the second account is logged in to according to the login configuration information of the second account. | 2016-10-06 |
20160294813 | METHOD AND SYSTEM FOR FACILITATING COLLABORATION ACROSS MULTIPLE PLATFORMS - A method and system for facilitating collaboration across a plurality of platforms are disclosed. A server with one or more processors and memory performs an identity authentication process to validate a user to access a super account, where the super account is bound to a plurality of sub-accounts, and where each of the plurality of sub-accounts corresponds to a distinct platform. In accordance with a determination that the authentication process is successful, the server queries sub-servers corresponding to the plurality of sub-accounts for respective usage rights of each of the plurality of sub-accounts. The server transmits, to the user, one or more tokens identifying the respective usage rights of each of the plurality of sub-accounts and generates a user interface including affordances based at least in part on the usage rights of each of the plurality of sub-accounts. | 2016-10-06 |
20160294814 | Methods, Systems, Devices and Products for Authentication - A communication device having a controller transmits to a communication system a PKI certificate. Encrypted communications may commence responsive to receiving a public key. The communication system can have a plurality of network elements that integrate operations of a circuit-switched communication network and a packet-switched communication network. | 2016-10-06 |
20160294815 | METHOD FOR READING ATTRIBUTES FROM AN ID TOKEN - The invention relates to a method for reading at least one attribute stored in an ID token, wherein the ID token is assigned to a user, comprising the following steps: authenticating the user with respect to the ID token, authenticating a first computer system with respect to the ID token, after successful authentication of the user and the first computer system with respect to the ID token, read-access by the first computer system to the at least one attribute stored in the ID token for transfer of the at least one attribute to a second computer system. | 2016-10-06 |
20160294816 | AUTHENTICATION METHOD FOR AUTHENTICATING A FIRST PARTY TO A SECOND PARTY - An authentication method authenticates a first party to a second party, where an operation is performed on condition that the authentication succeeds. If the first party is not authenticated, then if the first party qualifies for a sub-authorization, the operation is still performed. Further, a device that includes a first memory area holding a comparison measure, which is associated with time, and which is also used in said authentication procedure, a second memory area holding a limited list of other parties which have been involved in an authentication procedure with the device, and a third memory area, holding compliance certificates concerning parties of said list. | 2016-10-06 |
20160294817 | METHOD OF AUTOMATICALLY UNLOCKING AN ELECTRONIC DEVICE VIA A WEARABLE DEVICE - Methods and systems for automatically unlocking an electronic device via a wearable device may include a first device authenticating a user of a wearable device in response to the user closing a clasp of the wearable device and entering a personal authentication password on the first device; a second device requesting a rolling one-time password (OTP) via a wireless connection to the wearable device in response to the second device detecting that the wearable device is within a predefined physical range, and a user pressing an input key; unlocking the second device in response to the second device receiving the OTP from the wearable device; monitoring a status of the clasp, wherein the status comprises a closed or an open state; and deleting OTP or password key information from the wearable device in response to the processor of the wearable device detecting that the clasp is in an open state. | 2016-10-06 |
20160294818 | POWER EFFICIENT STORAGE MANAGEMENT - One or more systems and/or techniques are provided for managing a partially encrypted file system, for storage hardware virtualization, and/or for storage management. In example, data may be stored in a partially encrypted file system, where sensitive data is encrypted for security and non-sensitive data is unencrypted, which may mitigate energy usage otherwise used for encrypting non-sensitive data, thus improving battery life. In an example, a storage device may be exposed to applications as a plurality of isolated storage structures where an application is provided data access to an isolated storage structure assigned to the application but not to isolated storage structures assigned to other applications, which may provide hardware level isolation with improved energy efficiency. In an example, a storage management component, configured to provide isolation and encryption, may be integrated into a computing device as an application specific integrated circuit (ASIC) or a system on a chip (SoC). | 2016-10-06 |
20160294819 | METHODS AND DEVICES FOR BOOTSTRAPPING OF RESOURCE CONSTRAINED DEVICES - It is disclosed a method of establishing a secure connection between a device and a network-based entity, NAF, via an access gateway, where the device and a network-based bootstrapping server, BSF, have a pre-established trust relationship. The method comprises the access gateway acting as a proxy between the device and the BSF. A reference to a NAF received from the BSF is used to securely authenticate the device to the NAF. An identity of the access gateway is sent to the NAF and the identity is sued to authorise the device to use the access gateway. The access gateway identity is authenticated at the BSF and/or the NAF. The access gateway may relay messages to the device over a non-HTTP link. | 2016-10-06 |
20160294820 | CARD-PERSONALIZATION SYSTEM - A personalized card may be generated using a card-personalization system accessible via multiple access points on a network. In some aspects, the personalized card may include a physical card having an image selected by a user in a card-personalization process. The user may be assigned a code that may both authenticate the user to access the card-personalization system and identify a position of the user in the card-personalization process. The card-personalization process may include a selection process for selecting an image, an approval process for approving the image, and a creation process for generating the personalized card including the image. | 2016-10-06 |
20160294821 | SECURE AUTHENTICATION IN A MULTI-PARTY SYSTEM - A user device transmits a login request. A provider server, receives a random number from and transmits other information to an authentication server. The provider server transmits the random number to the device. The random number is transferred to a second user device, which transmits it to the authentication server. The authentication server transmits provider authentication policy requirements and further transmits the other information to the second device. The second device transmits user validation information to the authentication server. The authentication server determines that the transmitted validation information corresponds to the service provider authentication policy requirements, compares the validation information with stored validation information for the user to authenticate the user. The second device transmits a message, including the random number and the other information, signed with a user credential to the authentication server. The authentication server transmits notice of authentication and the signed message to the provider server. | 2016-10-06 |
20160294822 | PROXIMITY BASED AUTHENTICATION USING BLUETOOTH - Techniques for securing communications between fixed devices and mobile devices. A mobile device management server mediates communications between the fixed device and mobile device. The mobile device management server enrolls mobile devices and then assists with pairing the mobile devices to fixed devices in an out-of-band manner. This enrollment, coupled with out-of-band pairing, improves the speed and security of authenticating communication between fixed and mobile devices. If the mobile device has appropriate capabilities, the mobile device management server may request that the mobile device obtain and verify biometric data from a user prior to enrollment and performing authentication procedures. | 2016-10-06 |
20160294823 | DISPLAYING CONTENT BASED ON DEVICE ORIENTATION - Discloses are various embodiments for rendering or hiding data based at least in part on the current orientation of a client device. The client device determines its current orientation based at least in part on data provided by a sensor of the client device. The client device then determines that data currently rendered on a display of the client device is to be hidden based at least in part on the current orientation of the client device. The client device then removes the data from the display of the client device. | 2016-10-06 |
20160294824 | METHODS AND SYSTEMS FOR DETECTING HEAD MOTION DURING AN AUTHENTICATION TRANSACTION - A method for detecting user head motion during an authentication transaction is provided that includes generating, by a processor, a motion type feature vector and a user head motion type prediction based on data generated for a sequence of frames. The frames are included in biometric data captured from a user. Moreover, the method includes generating a liveness rating feature vector based on the generated frame data, merging the motion type and liveness rating vectors, and generating a spoof prediction from the merged vector. When the generated spoof prediction indicates biometric data in the frames was spoofed, the method includes changing the user head motion type prediction to no motion. The method also includes storing the user head motion type prediction in a buffer and determining a final user head motion type detected for the frames. | 2016-10-06 |
20160294825 | SUPPLEMENTING BIOMETRIC IDENTIFICATION WITH DEVICE IDENTIFICATION - A computer may identify an individual according to one or more biometrics based on various physiological aspects of the individual, such as metrics of various features of the face, gait, fingerprint, or voice of the individual. However, biometrics are often computationally intensive to compute, inaccurate, and unable to scale to identify an individual among a large set of known individuals. Therefore, the biometric identification of an individual may be supplemented by identifying one or more devices associated with the individual (e.g., a mobile phone, a vehicle driven by the individual, or an implanted medical device). When an individual is registered for identification, various device identifiers of devices associated with the individual may be stored along with the biometrics of the individual. Individuals may then be identified using both biometrics and detected device identifiers, thereby improving the efficiency, speed, accuracy, and scalability of the identification. | 2016-10-06 |
20160294826 | DATA COMMUNICATION METHOD USING SECURE ELEMENT AND ELECTRONIC SYSTEM ADOPTING THE SAME - Provided are a data communication method using a secure element and an electronic system adopting the same. The data communication method includes: exchanging certificate information between an application processor of an electronic device and a secure element; setting up a secure channel through mutual authentication between the application processor and the secure element by using a public key and a secret key after the exchange of the certification information; and performing data communication between the application processor and the secure element through the secure channel. | 2016-10-06 |
20160294827 | ACCOUNT ACCESS AUTHORIZER - A method for enabling seamlessly linking multiple network-connected devices to a same user application account, including: receiving, at an application service provider computing environment, over a communication network, and from a first network device having installed thereon an application, an input and a registration request, wherein the input includes profile specific information of a cloud computing environment; accessing at a memory device of the application service provider computer environment and in response to the registration request, stored network device user profile information associated with a second network device having installed thereon the application; comparing, the profile specific information with the network device user profile information; and based on the comparing, if the profile specific information matches a predetermined minimum of information of the network device user profile information, releasing, by the processor, a portion of the network device user profile information to the first network device. | 2016-10-06 |