Abstract: Systems, methods, and non-transitory computer-readable storage media which have instructions stored for execution on a processor, for automating the commissioning of a transport network element within a network. A system configured according to this disclosure can be an Automated Commissioning Tool which can initiate communications with a network element on the network. The Automated Commissioning Tool can then retrieve updated firmware corresponding to the network element and configure the network element to have the updated firmware. Finally, the Automated Commissioning Tool can determine, from a network plan, a first port on the network element which is to be connected via a cross-connect to a second port on the network element and establish the cross-connect on the network element. At this point the network element may be commissioned to operate as a transport network element within the network.

Abstract: An attachment to an e-mail message is replaced with a URL before that message is delivered to an end user, thus providing more time to perform a better scan at a cloud server computer. The attachment is removed from the e-mail message and sent to the cloud server computer for a dynamic scan and a static scan which will likely include updates better able to detect malicious software. The e-mail message with the URL is delivered to the end user and there is a delay before the end user reads the message or attempts to open the attachment. An artificial delay may be introduced at an e-mail gateway before the message is delivered to the end-user. If the attachment is benign then the end user is allowed to download it via the URL; if the attachment is malicious then the end user is only given a warning message.

Abstract: Multiple data paths may be available to a data management system for transferring data between a primary storage device and a secondary storage device. The data management system may be able to gain operational advantages by performing load balancing across the multiple data paths. The system may use application layer characteristics of the data for transferring from a primary storage to a backup storage during data backup operation, and correspondingly from a secondary or backup storage system to a primary storage system during restoration.

Abstract: A cookie compliance management system enables automated evaluation of cookie compliance within an enterprise. The system determines whether a cookie set by an application in the environment is compliant with a policy. It comprises a workflow engine, a cookie discovery engine (CDE), a cookie characterization engine (CCE), a cookie policy engine (PE), and a cookie registry. The workflow engine receives a request to initiate an evaluation of an application for cookie compliance. The CDE is invoked and returns cookies that are set by the application. The CCE receives a set of base attributes associated with a cookie discovered by the CDE, and computes a set of descriptive attributes determined to be required to enable evaluation of the cookie according to a policy. The policy engine receives policy rules and the set of descriptive attributes and, in response, determines whether the cookie is compliant with the policy. The cookie registry stores cookie data.

Abstract: A device may cause a Media Access Control Security (MACsec) session to be established on a first link of a link aggregation group (LAG) that includes a plurality of links with a different device. The device may cause a data structure to be updated to identify the first link as a MACsec enabled LAG link and may send traffic via the first link. The device may cause a MACsec session to be established on at least one additional link of the LAG and may cause the data structure to be updated to identify the at least one additional link as a MACsec enabled LAG link. The device may send, after causing the data structure to be updated to identify the at least one additional link as a MACsec enabled LAG link, additional traffic via the first link and the at least one additional link.

Abstract: Systems and methods are described for facilitating service connections by user-defined code executing on an on-demand code execution system. Rather than hard code state information used by network services into the code, the code can be provided with an interface that augments requests for network services with state information. When the user-defined code is executed by the on-demand code execution system, additional code can also be executed that provides the interface. The user-defined code may access the target network service through the interface, as if the target network service existed locally to an environment of the code. The interface can then augment requests to the target network service with state information. Because state information is maintained outside the user-defined code, portability of the user-defined code can be increased.

Abstract: A client-server security architecture is disclosed that uses a masked grid, a seed, and mutual unlocking techniques to authentication a client device with a server machine using a one-time code (OTC). The client device in the client-server architecture stores a masked grid that is used to unlock an authentication code using a seed. Once mutually unlocked, the client device may generate an OTC to attempt to authenticate the client device with a server machine. The server machine validates that OTC with the OTC stored at the server to confirm they match. Each subsequent access may repeat the aforementioned steps. Moreover, in a multi-device ecosystem, a plurality of client devices may leverage a primary client device to connect with the server machine. For example, one or more subordinate client devices may connect to the primary client device to then tunnel through to the server machine in a secure manner.

Abstract: An electronic apparatus includes a memory; a communication circuitry configured to communicate with a server; and a processor configured to: control the communication circuitry to transmit error information about a first error, which occurs during an operation, to the server, based on the first error, receive information about data to be collected for solving a second error set based on the error information from the server, store the data generated during the operation based on the received information in the memory, and control the communication circuitry to transmit the stored data to the server, based on the second error which occurs during the operation.

Abstract: A method for detecting anomalies in one or more network performance metrics stream for one or more monitored object comprising using a discrete window on the stream to extract a motif from said stream for a first of said network performance metric for a first of said monitored object. Maintaining an abnormal and a normal cluster center of historical time series for said first network performance metric for said first monitored object. Classifying said motif based on a distance between said new time series and said abnormal and said normal cluster center. Determining whether an anomaly for said motif occurred based on said distance and a predetermined decision boundary.

Abstract: Systems and method for processing network traffic are provided. The network traffic includes a number of data packets representing a complete transmission which are located at a first electronic storage area. Each data packet including a data payload. A data block is generated by one or more processors according to software instructions for the received traffic. The data block includes a series of header pointers pointing to each of a series of headers and a data pointer pointing to the data payloads.

Abstract: A blockchain-based smart contract execution computer-implemented method, medium, and system are disclosed. In one computer-implemented method, a target transaction initiated by a client device is received by a node device in a blockchain to invoke a target smart contract. The blockchain is interconnected to a trusted third party. A contract engine for smart contract execution is deployed in the trusted third party. Contract source code of the target smart contract is obtained from a distributed database of the blockchain by the node device in response to the target transaction being received by the node device. The contract source code is sent by the node device to the trusted third party. An execution result from execution of the contract source code by the contract engine is received from the trusted third party by the node device.

Abstract: A social overlay is provided that allows an application to seek human input when performing high-risk decisions. The overlay allows an application to obtain data confidence scores when performing operations and to obtain human confidence scores that can be used to seek input from users with high confidence scores. This allows applications to improve performance and avoid situations where an automated application may make a wrong decision that does not account for the associated risk.

Abstract: According to some exemplary embodiments, an intelligent secure networked system is configured by at least one processor to execute instructions stored in memory, the system comprising a data retention system and a predictive analytics system, a web services layer providing access to the data retention and predictive analytics systems, and an application server layer that provides a user-facing application that accesses the data retention and predictive analytics systems through the web services layer and performs processing based on user interaction with a goal-based planning application, the goal-based planning application configured to execute instructions including applying artificial intelligence by detecting digital data, acting based upon a characteristic of the digital data, extracting an aspect of the digital data, applying predetermined logic to the aspect of the digital data, categorizing the digital data after application of the predetermined logic and formulating the categorized digital data for p

Abstract: The present disclosure provides a method for managing resource state information and a system for downloading a resource, which belongs to network communication technologies. According to the method, a target super node receives a file identification of at least one target resource file sent by a Tracker server (204); the target super node configures a download service of each of the at least one target resource file according to the file identification and a local resource storage state (205); and the target super node feeds back service configuration information of each of the at least one target resource file to the Tracker server (206).

Abstract: A method, system, and computer-usable medium are disclosed for, responsive to receipt at a security device of a webpage request from a client to a server, obtaining a unique user identifier corresponding to a tab of a web browser issuing the webpage request and associating the unique user identifier with network events associated with the tab and the webpage request.

Abstract: One example method includes creating a manifest that specifies one or more requirements concerning execution of an application that resides at an end device in an N-tier configuration, identifying a workload that is associated with the application and executable at one or more edge stations of the N-tier configuration, gathering and evaluating network telemetry, orchestrating the workload based on the network telemetry and the manifest, scheduling performance of the workload at the one or more edge stations, and performing the workload at the one or more edge stations in accordance with the scheduling.

Abstract: Methods and systems of determining a data protection level of a dataset are described. In an example, a processor may encode a dataset and generate a network model of the encoded dataset. The processor may sort a set of edges of the network model based on a descending order of costs of the set of edges. The processor may determine a flow for a first edge among the sorted edges, the first edge may be an edge associated with the least cost. The processor may performing the determining of flows for the other edges in accordance with the descending order of the sorted edges. The processor may determine a metric based on the determined flows of the sorted edges and based on the costs of the sorted edges. The processor may compare the metric with a threshold to determine a level of data protection provided by the encoded dataset.

Abstract: Examples of techniques for encrypted fibre channel over internet protocol (FCIP) data replication are described herein. An aspect includes receiving replication data from a primary site host system, the replication data comprising header information. Another aspect includes encrypting the replication data. Another aspect includes writing the header information to a local memory, wherein the header information in the local memory is unencrypted. Yet another aspect includes encapsulating the encrypted replication data, wherein the unencrypted header information is accessed in the local memory during the encapsulation of the encrypted replication data.

Abstract: Various embodiments of the present invention are directed to an improved group-based communication apparatus that is configured to render one or more workflow interface objects to a group-based communication apparatus in association with an operational sequence set returned by a query. The group-based communication apparatus is configured to detect a workflow trigger event associated with a workflow identifier, retrieve an operational sequence set based upon at least the workflow identifier from a group-based communication workflow repository, initiate the operational sequence set, and cause rendering of one or more workflow interface objects to the group-based communication interface. In some embodiments, the operational sequence sets are associated with a group-defined template.

Abstract: A communications system includes a device connected to information terminals to enable a plurality of information terminals, mutually exchange data via a global network and enable highly confidential mutual communications between the information terminals included. The communications device includes a unit storing user authentication information for performing user authentication via the connected information terminal and pre-storing a device authentication listing pieces of device information in authentication of each communications device with regard to all the communications devices in the same group, the device authentication list being pre-stored in a state where the device authentication list is inaccessible from the user.