Abstract: A turbine vane in a gas turbine engine includes an inner platform, an outer platform, and a vane airfoil positioned therebetween. The vane airfoil includes a first cooling passage extending between the outer platform and the inner platform, and a second cooling passage extending between the outer platform and the inner platform. The second cooling passage is arranged downstream of the first cooling passage with respect to a flow direction. The turbine vane includes a jumper tube disposed between the second cooling passage and the inner platform. The jumper tube includes an inlet, an outlet, and a tube wall enclosing a hollow interior. The inlet is positioned a distance within the second cooling passage. The outlet is positioned at least partially through an aperture of the inner platform.

Abstract: Computer security techniques are described. One example provides a security module. The security module executes on a computing system and determines whether to allow a user or a program (e.g., native executable, script, etc.) associated with the user to access a resource, such as by reading, writing, or executing a file. An example operation system provides a new system administration mechanism that enforces rights and limitations for specific administrative and application groups that each have their own super user. Such a system may include a safe mode superuser who is required to log in when the system is in maintenance mode (e.g., single user console mode) at which time the safe mode superuser is the only user who is allowed to make programs executable.

Abstract: Computer security techniques are described. One example provides a security module. The security module executes on a computing system and determines whether to allow a user or a program (e.g., native executable, script, etc.) associated with the user to access a resource, such as by reading, writing, or executing a file. This decision is based at least in part on whether an access control list that is associated with the resource specifies that a source (e.g., IP address, hardware address) that is associated with the user is allowed to access the resource. This decision can also or instead be based on whether the computing system is executing in maintenance mode, such as in single-user diagnostic mode.

Abstract: A distributed network system and method includes a processing unit configured to manage safety data for a plurality of medical devices, a database software component in communication with the processing unit, and a monitoring software component in communication with the processing unit. The monitoring software component is configured to monitor a number of messages between a number of medical devices and the processing unit, to process performance parameters to generate an overall performance index, and to generate an output that is viewable by a user. The output includes relative contributions of each of the performance parameters to the overall performance index, where the overall performance index is generated using a weighting factor associated with each of the performance parameters. The performance parameters include the number of messages waiting to be processed, which has the largest weighting factor, and a disk queue length, which has the smallest weighting factor.

Abstract: Techniques for computer security, and more specifically timestamp-based key generation techniques, are described. Some implementations provide a table of key generation processes that is shared as a secret between a first computing system and a second computing system, both of which have synchronized clocks. Both computing systems use the same technique for selecting a key generation process from the table, such as based on a random number generator seeded with a timestamp. Since the computing systems have synchronized clocks, they both select and use the same key generation process, thereby generating the same encryption key without the need to communicate the key from one system to another. Furthermore, both computing systems may synchronize their clocks to a private time server that maintains a clock that runs faster or slower than standard time.

Abstract: A distributed network system and method includes a processing unit configured to manage safety data for a plurality of medical devices, a database software component in communication with the processing unit, and a monitoring software component in communication with the processing unit. The monitoring software component is configured to monitor a number of messages between a number of medical devices and the processing unit, to process performance parameters to generate an overall performance index, and to generate an output that is viewable by a user. The output includes relative contributions of each of the performance parameters to the overall performance index, where the overall performance index is generated using a weighting factor associated with each of the performance parameters. The performance parameters include the number of messages waiting to be processed, which has the largest weighting factor, and a disk queue length, which has the smallest weighting factor.

Abstract: Techniques for computer security, and more specifically timestamp-based key generation techniques, are described. Some implementations provide a table of key generation processes that is shared as a secret between a first computing system and a second computing system, both of which have two clocks. The first clock is a real-time clock and the second clock is a variable-time clock. The variable time clocks are synchronized and run at the same rate, faster or slower than real time. Both computing systems use the same technique for selecting a key generation process from the table, such as based on a random number generator seeded with a timestamp obtained from their variable time clocks. Since the computing systems have synchronized variable-time clocks, they both select and use the same key generation process, thereby generating the same encryption key without the need to communicate the key from one system to another.

Abstract: Techniques for computer security, and more specifically timestamp-based key generation techniques, are described. Some implementations provide a table of key generation processes that is shared as a secret between a first computing system and a second computing system, both of which have two clocks. The first clock is a real-time clock and the second clock is a variable-time clock. The variable time clocks are synchronized and run at the same rate, faster or slower than real time. Both computing systems use the same technique for selecting a key generation process from the table, such as based on a random number generator seeded with a timestamp obtained from their variable time clocks. Since the computing systems have synchronized variable-time clocks, they both select and use the same key generation process, thereby generating the same encryption key without the need to communicate the key from one system to another.

Abstract: Computer security techniques are described. One example determines whether to allow a program (e.g., native executable, script, etc.) to execute. This decision is based at least in part on the source of the program, such as whether the program is provided by a privileged source. A privileged program source may be any module, mechanism, or process that can provide executable instructions, such as directory or folder (e.g., on a local disk or network-accessible store), a computing device (e.g., server computer), another program (e.g., a Web server), or the like.

Abstract: Computer security techniques are described. One example provides a security module. The security module executes on a computing system and determines whether to allow a user or a program (e.g., native executable, script, etc.) associated with the user to access a resource, such as by reading, writing, or executing a file. This decision is based at least in part on whether an access control list that is associated with the resource specifies that a source (e.g., IP address, hardware address) that is associated with the user is allowed to access the resource. This decision can also or instead be based on whether the computing system is executing in maintenance mode, such as in single-user diagnostic mode.

Abstract: Techniques for computer security, and more specifically timestamp-abased authentication, are described. Some implementations provide an authentication method that utilizes an authentication process that is shared as a secret between a client and an authenticator. The process provides as output a number that is based on a timestamp. To authenticate the client when it attempts to access a target service, both the client and authenticator execute the authentication process using locally generated timestamps. If the outputs of the authentication process match, the client is authenticated. If not, subsequent network communications from the client are either denied or redirected to an alternative computing system that masquerades as the target service.

Abstract: Techniques for computer security, and more specifically timestamp-abased authentication, are described. Some implementations provide an authentication method that utilizes an authentication process that is shared as a secret between a first and second computing system. The process provides as output a number that is based on a timestamp. The first computing system executes the authentication process using a timestamp obtained from its clock. The resulting number is transmitted to the second computing system, possibly along with other authentication data, such as a username and/or password. In response, the second computing system executes the authentication process using a timestamp obtained from its clock. If the numbers generated by the first and second computing systems match, the first computing system is authenticated.

Abstract: Duplicate bug report detection using machine learning algorithms and automated feedback incorporation is disclosed. For each set of bug reports, a user-classification of the set of bug reports as including duplicate bug reports or non-duplicate bug reports is identified. Also for each set of bug reports, correlation values corresponding to a respective feature, of a plurality of features, between bug reports in the set of bug reports is identified. Based on the user-classifications and the correlation values, a model is generated to identify any set of bug reports as including duplicate bug reports or non-duplicate bug reports. The model is applied to classify a particular bug report and a candidate bug report as duplicate bug reports or non-duplicate bug reports.

Abstract: Techniques for computer security, and more specifically timestamp-based key generation techniques, are described. Some implementations provide a table of key generation processes that is shared as a secret between a first computing system and a second computing system, both of which have synchronized clocks. Both computing systems use the same technique for selecting a key generation process from the table, such as based on a random number generator seeded with a timestamp. Since the computing systems have synchronized clocks, they both select and use the same key generation process, thereby generating the same encryption key without the need to communicate the key from one system to another. Furthermore, both computing systems may synchronize their clocks to a private time server that maintains a clock that runs faster or slower than standard time.

Abstract: Techniques for computer security, and more specifically timestamp-abased authentication, are described. Some implementations provide an authentication method that utilizes an authentication process that is shared as a secret between a client and an authenticator. The process provides as output a number that is based on a timestamp. To authenticate the client when it attempts to access a target service, both the client and authenticator execute the authentication process using locally generated timestamps. If the outputs of the authentication process match, the client is authenticated. If not, subsequent network communications from the client are either denied or redirected to an alternative computing system that masquerades as the target service.

Abstract: Techniques for computer security, and more specifically timestamp-abased authentication, are described. Some implementations provide an authentication method that utilizes an authentication process that is shared as a secret between a first and second computing system. The process provides as output a number that is based on a timestamp. The first computing system executes the authentication process using a timestamp obtained from its clock. The resulting number is transmitted to the second computing system, possibly along with other authentication data, such as a username and/or password. In response, the second computing system executes the authentication process using a timestamp obtained from its clock. If the numbers generated by the first and second computing systems match, the first computing system is authenticated.

Abstract: Computer security techniques are described. One example determines whether to allow a program (e.g., native executable, script, etc.) to execute. This decision is based at least in part on the source of the program, such as whether the program is provided by a privileged source. A privileged program source may be any module, mechanism, or process that can provide executable instructions, such as directory or folder (e.g., on a local disk or network-accessible store), a computing device (e.g., server computer), another program (e.g., a Web server), or the like.

Abstract: Techniques for network security are disclosed. In some implementations, an evaluation module determines whether a network communication from a source computing system to a destination computing system is allowable. The allowability of the communication is determined based properties of the network communication, such as a source or destination address, a port number, a time of day, a geographic location, and the like. If the communication is disallowed, the evaluation module or a related component redirects the communication to an alternative computing system that masquerades as the destination communication system.

Abstract: A distributed network system and method includes a processing unit configured to manage safety data for a plurality of medical devices, a database software component in communication with the processing unit, and a monitoring software component in communication with the processing unit. The monitoring software component is configured to monitor a number of messages between a number of medical devices and the processing unit, to process performance parameters to generate an overall performance index, and to generate an output that is viewable by a user. The output includes relative contributions of each of the performance parameters to the overall performance index, where the overall performance index is generated using a weighting factor associated with each of the performance parameters. The performance parameters include the number of messages waiting to be processed, which has the largest weighting factor, and a disk queue length, which has the smallest weighting factor.

Abstract: Embodiments enable a database management system (DBMS) to manage two levels of disk failure groups. These two levels of redundancy are achieved by grouping the disks of the disk group for the DBMS into two levels of failure groups (i.e., “data sites” each containing two or more “failure groups” of disks). This system of disk grouping allows a DBMS to potentially tolerate the loss of both an entire first site and part of a second site. Such a DBMS uses a multi-level voting system, based on both failure group-level votes and site-level votes, to identify the current version of administrative data structures (ADS) that store key administrative data. In addition to data sites that store database data, the DBMS includes a quorum site with a single quorum failure group that stores a copy of the ADS. The quorum site contributes a site-level vote during a multi-level voting event.