Abstract: Provided in the embodiment of the present disclosure is a method for monitoring a state of a blockchain consensus node, including that: an address list of all consensus nodes of a blockchain is acquired; the number of produced blocks and the number of times of voting of the consensus nodes in the produced blocks within a preset time period are recorded; a voting monitoring index of each consensus node is calculated, wherein the voting monitoring index includes at least one of a voting rate and a voting proportion; and in response to the voting monitoring index of the consensus node being lower than a preset alarm threshold, an abnormal state alarm in respect of the corresponding consensus node is issued.

Abstract: Entity aggregation for security computing resources involves an aggregation covenant that conditionally conveys rights to aggregation members. The ruling covenant is defined for protecting one or more computing resources by overriding system-level and/or entity-specific rights (e.g., super-users). An aggregation configuration module defines an aggregation-specific instance of an entity (user/device, process, or data) that receives the conveyed rights. The entity can use the rights conveyed only through its corresponding instance.

Abstract: According to the present disclosure, provided is a network system including a plurality of devices and a network management apparatus connected to the plurality of devices by an IP transmission line, and the network management apparatus (100) includes a setting execution unit (116) configured to execute setting of a path to which the plurality of devices are connected, and setting of parameters for controlling the plurality of devices. With this configuration, it is possible to freely set a connection path and devices in a system in which a plurality of devices are connected.

Abstract: A decoder is provided for decoding user information. The decoder obtains a random code pattern from at least one of a card or a device owned by a user. The decoder further obtains a personal identifier from the user. The decoder then queries a mapping table based on a combination of the random code pattern and the personal identifier of the user, wherein the mapping table comprises user information associated with each of a plurality of users mapped to a respective unique combination of a random code pattern and a personal identifier of the user. The decoder obtains user information of the user in response to the query, wherein one or more actions are performed based on the user information.

Abstract: Systems and methods are described herein for modifying content recommendations based on what content items will be available on content platforms to which the user will have access during a trip. Content items to be recommended to the user on a first content platform are identified by comparing characteristics of each available content item to a profile associated with the user. A second content platform to which the user will have access during a particular time period in the near future is also identified. The second content platform is queried to identify content items that will be available during the particular time period. If any content item available on the second content platform during the particular time period also appears in the set of content items identified for recommendation, recommendation of that content item is suppressed.

Abstract: The present invention provides a means for efficiently and securely collecting, storing, and sharing all types of personal, electronic information from, for and between individuals and business users using software that runs on multiple personal, business and cloud computing systems. The information of a primary user is stored in an encrypted relational database which associates the private data with private data fields needed by secondary users or various business users. Each entity is assigned one unique user identity to ensure consistency in data privacy and sharing. Attributes for data groups exist to define the secondary users and business users who the primary user has authorized for access to or master sourcing of certified data. Change lists, including conditions for implementation, are created to facilitate management, scheduling and distribution of changes. Collection, storage, and distribution of personal data is assisted by robotic process automation algorithms.

Abstract: A medical device system for use in patient resuscitation and medical device management includes a fleet of medical devices associated with a common administrator and distributed over multiple locations. Each medical device includes a memory, a processor configured to store medical device information including device status information and clinical event information, and a communication component configured to transmit the stored medical device information via a network. The system includes one or more servers communicatively coupled to the fleet of medical devices and one or more user devices located remotely from the servers. The servers include a communication component configured to receive the medical device information from the fleet of medical devices, a memory configured to store the received medical device information, and a processor configured to provide a report comprising the device status information for the fleet of medical devices at a medical device dashboard accessible by the user devices.

Abstract: An operating system service for persistently executing programs comprises a registration service configured to register a manifest defining a persistence mode of a user-controllable program. The operating system service further comprises a runtime service configured, based on the persistence mode defined via the manifest, to detect and reject termination requests for the program, and to detect that the program has terminated and restart execution of the program.

Abstract: Methods, systems, and devices for leveraging data already collected on a user in a secure and private manner, in particular to verify user credentials for third parties. The methods, systems, and devices innovate beyond traditional security and privacy platforms in computer systems by processing the data to create a useable metric for the purposes of the third parties, in which the useable metric preserves the security and privacy of the underlying data.

Abstract: Embodiments seek to protect privacy of potentially sensitive client resources in web transactions using crowd-disambiguation. Crowd-disambiguation machines can aggregate information about resources from multiple clients as resource fingerprints, and can use the fingerprints to provide crowd-sourced services in a privacy-protected manner. For example, embodiments can communicate a resource fingerprint as a fully ambiguated resource instance (FARI) and a partially disambiguated resource instance (PDRI). When one (or few) clients communicates the resource fingerprint, the identity of the resource remains obfuscated from the crowd-disambiguation machine. As more clients communicate fingerprints for the same resource (e.g., identified by the matching FARIs), respective, differently generated PDRIs of those fingerprints enable the crowd-disambiguation machine to resolve further portions of the resource, ultimately permitting the resource to be revealed and considered non-private (e.g.

Abstract: Systems and methods for generating a natural-language statement for a healthcare record are provided. A graphical user interface comprising a canvas region and a menu region is displayed, wherein menu region comprises a first set of one or more interactive graphical user interface menu objects configured to receive user inputs corresponding to medical information. Data is received representing a first user input comprising user interaction with one or more of the first set of menu objects, the first input indicating medical information for a patient. In accordance with the first user input, a natural-language statement is generated based on the medical information indicated by the first user input, and display of the canvas region is updated to display the natural-language statement.

Abstract: Computer-readable media, methods, and systems are disclosed for processing log entries in an in-memory database system employing tenant-based, group-level encryption for a plurality of tenants. A request to generate a database transaction log record is received. A log entry handle corresponding to the allocated log buffer is provided. In response to determining that the transaction log record to be written into the log buffer contains tenant-specific content, certain content requiring group-level encryption is flagged. An encryption group identifier is received, and the tenant-specific content is encrypted with a corresponding group-level encryption key. The group-level encryption group identifier is appended to the transaction log header, and log data containing the log buffer is encrypted with one or more encryption keys. Finally, the encrypted log data is persisted and subsequently read, unencrypted, and replayed under appropriate circumstances.

Abstract: A cloud-based analytics engine that analyzes data relating to an industrial automation system(s) to facilitate enhancing operation of the industrial automation system(s) is presented. The analytics engine can interface with the industrial automation system(s) via a cloud gateway(s) and can analyze industrial-related data obtained from the industrial automation system(s). The analytics engine can determine correlations between respective portions or aspects of the system(s), between a portion(s) or aspect(s) of the system(s) and extrinsic events or conditions, or between an employee(s) and the system(s). The analytics engine can determine and provide recommendations or instructions in connection with the industrial automation system(s) to enhance system performance based on the determined correlations.

Abstract: A token-based billing model for delivering server-side rendered applications to remote users. A token represents a right to access a server-side rendered application. Each remote user is associated with one or more tokens. When a given token expires, the set of tokens associated with a user is decremented. The rate at which tokens expire are modulated based on aggregate load across the resources of the server-side rendered application provider, as well as the individual loads attributable to each of the users.

Abstract: A medical device of a medical system is configured for communicating with an external programmer over a wireless communications link. The medical device comprises a wireless communications module configured for receiving a first unencrypted version of a random number and a first encrypted version of the random number from the external programmer over the wireless communications link. The medical device further comprises control circuitry configured for performing an authentication procedure on the external programmer based on the first unencrypted version of the random number and the first encrypted version of the random number, and preventing the external programmer from commanding the medical device to perform an action unless the authentication procedure is successful.

Abstract: An electronic device is provided. A computing system includes a storage device and a host. The storage device includes a memory device including a write protection area. The host performs an operation of providing, to the storage device, a first request regarding security write and write data in parallel with an operation of generating a host authentication code based on the write data and a key shared with the storage device.

Abstract: Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for a shipping platform are disclosed. In one aspect, a method includes the actions of receiving data identifying goods for shipping, data identifying a shipper of the goods, and a cryptographic key. The actions further include processing the data identifying the goods and the data identifying the shipper using the cryptographic key. The actions further include storing, in a blockchain, the processed data identifying the goods and the processed data identifying the shipper. The actions further include receiving a query requesting data associated with the goods. The actions further include accessing the data associated with the goods from the blockchain. The actions further include providing, for output, the data associated with the goods.

Abstract: Techniques are provided for computing with private healthcare data. The techniques include a method comprising constructing an isolated memory partition that forms a secure enclave and pre-provisioning software within the secure enclave. The pre-provisioned software is configured to receive at least one of input data or the instructions for the one or more application computing processes in an encrypted form; decrypt the at least one of input data or instructions using one or more cryptographic keys; execute the one or more application computing processes based on the decrypted at least one of input data or instructions to generate output data; generate a proof of execution that indicates that the one or more application computing processes operated on the received input data; encrypt the output data using the one or more cryptographic keys; and provide external access to the encrypted output data and the proof of execution.

Abstract: In the case where a voice control device can communicate with a printing apparatus and a display apparatus, a user is provided with visual presentations of notifications on the display apparatus where print processing instructions are provided to the printing apparatus based on user instructions issued to the voice control device by voice.

Abstract: Embodiments of file restores in a Data Domain (DD) file system implementing a DD Bandwidth Optimized Open Storage Technology (DDBoost) library that translates application read and write request to DDBoost application program interfaces (APIs). A prefetch queue processor creates an intent to read the file. The application passes the file handle of the file, and the destination handle where the data must be read into. As the queue is processed, the prefetch for the request (handle/offset/length) is passed to the file server. The filesystem processes the request to open the file to load into memory. As the read request for the same file reaches the filesystem the file data is read from memory for writing to the destination handle. An extended DDBoost API expression is defined to pass the current path and destination path to the application.

Abstract: Embodiments of small file restore process in deduplication file system wherein restoration requires issuing a read request within an I/O request to the file system. A prefetch queue processor creates an intent to read the file, rather than opening the file upon receiving the request. During this step, the application passes the file handle of the file, and the destination handle where the data must be read into. As the queue is processed, the prefetch for the request (handle/offset/length) is passed to the file server. The filesystem processes the request to equivalently ‘open’ the file, and bring the data into memory. As the read request for the same file reaches the filesystem the file data is read from memory for writing to the destination handle.

Abstract: Systems and methods for assisting a user in discovering nearby medical services are disclosed. A method includes identifying a user based on matching of at least one unique identity or biometric details of the user with data stored in a database. Details of an event data may be received from the user. A current geographical location of the user may be determined. Relevant support network data may be identified based on the event data and the current geographical location of the user. The support network data may include data related to pharmacies, doctors, hospitals, clinics, third parties, insurance, and payment agents. Thereafter, the relevant support network data may be presented to the user in form of an event map. The event map may include details related to the event data and the user preferences.

Abstract: Techniques are provided for computing with private healthcare data. The techniques include a de-identification method including receiving a text sequence; providing the text sequence to a plurality of entity tagging models, each of the plurality of entity tagging models being trained to tag one or more portions of the text sequence having a corresponding entity type; tagging one or more entities in the text sequence using the plurality of entity tagging models; and obfuscating each entity among the one or more tagged entities by replacing the entity with a surrogate, the surrogate being selected based on one or more attributes of the entity and maintaining characteristics similar to the entity being replaced.

Abstract: The disclosed embodiments relate generally to complex data stream control and entitlement. Specifically, the disclosed embodiments provide systems and methods for ensuring that only authenticated/verified participants receive data streams. A third party, e.g., a party other than the data provider or the data recipient, who is nevertheless associated with both the data provider and the data recipient, may be involved in controlling whether data streams from the data provider can reach the data recipient. Thus, a third party may logically sit between the data provider and the data recipient, and may decide whether the data recipient should receive data streams. The disclosed embodiments implement data generation, flow, control and permissioning between multiple entities via digital assets accessed and manipulated on a shared data structure.

Abstract: The invention is a system and method for improving the reliability of data on blockchain by proofing the data onto another blockchain by use of nonfederated nodes. Contemplated within the scope of the invention is resolution process for data forks within a blockchain network.

Abstract: Accessing media data in bites, including: receiving a request from a client to access a media item, and determining an address of the requested media item, wherein the address indicates a location where the media item is stored; determining an identification number of a piece of the media item selected by the client; updating the address of the media item by combining the address with the identification number of the piece of the media item selected by the client; valuating the piece of the media item selected by the client, and sending a valuated price to the client; and providing access to the requested media item using the updated address of the media item when a payment for the valuated price is received from the client.

Abstract: Systems and methods include a method for multi-segmented oil production. A multi-segmented well production model representing production at a multi-segmented oil production facility is calibrated. The model models production based on well rates and flowing bottom-hole pressure data at various choke settings for multiple flow conditions for each segment of the multi-segmented well. Real-time updates to the well rates and the flowing bottom-hole pressure data are received. Changes to triggers identifying thresholds for identifying production improvements are received. The model is re-calibrated based on the changes to the triggers and the real-time updates. An optimization algorithm is executed to determine new optimal inflow control valve (ICV) settings. Using the re-calibrated multi-segmented well production model, a determination is made whether the new optimal ICV settings improve production. If so, the optimal ICV settings are provided to a control panel for the multi-segmented oil production facility.

Abstract: Disclosed are various embodiments for controlling access to resources in a network environment. Methods may include installing a profile on the device and installing a certificate included in or otherwise associated with the profile on the device. A request to execute an application, and/or access a resource using a particular application, is received and determination is made as to whether the certificate is installed on the device based on an identification of the certificate by the application. If the certificate is installed on the device, then execution of the application and/or access to the resource is allowed. If the certificate is not installed on the device, then the request for execution and/or access is refused.

Abstract: Considering the number of OSS components and the number of OSS license types available today, the number of license attributes to be considered for analyzing a product at a granular level is a challenge to perform manually, prudently considering legal implications of non-compliance and contamination and also within the limited time available today before go to market in the software industry. Systems and methods of the present disclosure intelligently facilitates a matrix which is able to identify OSS components in a deliverable and also facilitates the product owner to identify proprietary IP that can be suitably protected and licensed without contamination by the accompanying OSS components in the product under consideration. License attributes of the OSS components are mapped suitably and a final attribute is derived for each OSS component embedded in the product under consideration.

Abstract: A patient request system includes a tablet computer that configured for entry of patient requests. The tablet computer is configured to display a first menu corresponding to basic request categories for a patient. The tablet computer is configured to display a second menu that corresponds to specific patient requests falling under the basic request category selected by the patient using the first menu. A server is configured to receive a specific patient request made by the patient. A notification device is configured to display the specific patient request to a caregiver. A patient request method is also disclosed.

Abstract: Some implementations include methods for generating a portable entitlement for a digital asset and may include generating a portable entitlement to a digital asset based on a request initiated by a first user having an entitlement to the digital asset, the portable entitlement to enable the first user to access the digital asset using a second computing device of a second user, the request initiated using a first computing device of the first user, the portable entitlement having a limited lifetime; and terminating the second computing device from accessing the digital asset based on one or more of determining that a proximity between the first and second computing devices violate the distance threshold and the lifetime of the portable entitlement has expired.

Abstract: A method for encoding data streams into a combined file and decoding of same, including accessing a first file having a first plurality of data bytes, accessing a second file having a second plurality of data bytes, combining the first file and the second file, comprising the steps of storing a block of data bytes of a first byte block size in the body of the combined file as a first file byte block, storing a block of data bytes of a second byte block size in the body of the combined file as a second file byte block, repeating the first and second storing steps to sequentially store all of the data bytes in the first file and the second file in the combined file, and decoding the combined file to separate the bytes of the first file and the bytes of the second file from the combined file.

Abstract: An application that is running on a first computing device can receive personal information from a personal information manager that is running on a second computing device. The first computing device can operate using a first platform and the second computing device can operate using a second platform that is different from the first platform. The first computing device can include a first broker, and the second computing device can include a second broker. The first broker and the second broker can be configured to establish a trusted connection between the first computing device and the second computing device. The first broker can additionally be configured to request personal information from the personal information manager via the second broker. The first broker can be configured to automatically request the personal information in response to determining that the application on the first computing device has requested the personal information.

Abstract: A method of transferring control of a digital asset (2) is disclosed. The method comprises distributing shares dAi of a first private key dA of an elliptic curve cryptography (ECC) system among a plurality of first participants (4). The first private key is accessible by means of a first threshold number (6) of shares dAi of the first private key, and is inaccessible in the absence of the first threshold number of shares, and access to the digital asset (2) is provided by digital signature of a first encrypted message with the first private key. Shares of a deterministic key Dk of the cryptography system are distributed among the either the first participants or a plurality of second participants, wherein the deterministic key is accessible by means of a second threshold number of shares of the deterministic key, and is inaccessible in the absence of the second threshold number of shares.

Abstract: A device and a method for computer-aided processing of data are disclosed, the method including: providing configuration data of an application, determining a first application identification, wherein the first application identification is assigned to the application, determining a configuration identification, wherein the configuration identification is assigned to the configuration data of the application, individualizing the data by means of a second application identification, wherein the second application identification is determined using the first application identification and the configuration identification.

Abstract: A method includes acquiring a root certificate of a first node; generating a target sub-certificate based on the root certificate, where the target sub-certificate includes a first sub-certificate of a first functional module of a first application associated with the first node; and sending the target sub-certificate to a terminal device. The target sub-certificate is used for the first functional module of the first application in the terminal device communicating through the target sub-certificate. In such a manner, a capability of managing the first sub-certificate of the first functional module in the terminal device can be improved.

Abstract: A system and method for secure storage and management of transitory data using a blockchain, comprising at least a callback manager, a context analysis engine, a vault manager, and a blockchain manager, which allows a user to create a data container to store data preferences, which encrypts the data stored within a data container, and which stores the encrypted data container in a blockchain. For each block, block reference data may is generated comprising the location of the block and its associated decryption key, and the block reference data is then encrypted with a second encryption key and stored off the blockchain in a separate database. The second key is distributed to involved parties to permit access to and reading of the block reference data. The block reference data is deleted based on self-destruct event triggers or when the involved parties are finished accessing the block reference data.

Abstract: Methods, apparatuses, and computer readable media for parameter update for range-based positioning. An apparatus of a station (STA) for parameter update for range-based positioning, the apparatus including processing circuitry configured to perform a distance estimating method with access points (APs) to determine distance estimates between the APs and the STA, the distant estimating method including parameters, and configured to determine a location of the STA based on the distance estimates between the APs and the STAs and locations of the APs. The processing circuitry further configured to: update the parameters by subtracting from a parameter of the parameters a learning rate times a derivative of a cost function with respect to the parameter, where the cost function is based on the determined location of the STA, the locations of the APs, and the distance estimates between the APs and the STA.

Abstract: A computer readable media, a method, and a system registering a third party application providing an available communication system between a local user and a remote user identity, storing information related to the available communication system in a first database, obtaining contact information for the remote user identity from the third party application, determining a communication type for the third party application, pairing the remote user identity with a contact, and updating a graphical representation of contact information.

Abstract: In some examples, a system comprises at least one programmable processor; and a machine-readable medium having instructions stored thereon which, when executed by the at least one programmable processor, cause the at least one programmable processor to execute operations comprising: receiving a first request from at least one user device to execute an instance of an application; transmitting a graphical user interface (GUI) to the at least one user device to be rendered on a display of the at least one user device; receiving a second request, via the GUI, from the at least one user device, to deploy a digital advertisement, the second request including a set of platforms of a plurality of platforms of a multi-platform integration system, a set of settings, a set of parameters, and a set of allocation data; interfacing with each one of the platforms in the set of platforms; and integrating a digital advertisement directly with each one of the platforms in the set of platforms based on the set of settings, the

Abstract: A method including receiving, by a manager device from an infrastructure device, an invitation link to enable the manager device to manage network services provided by the infrastructure device; receiving, by the manager device from the infrastructure device based on the manager device activating the invitation link, seed information to be utilized by the manager device to determine authorization information; transmitting, by the manager device to the infrastructure device during an active communication session and based on determining the authorization information, a manager request related to an action to be performed regarding the network services, a portion of the manager request being signed based on utilizing a first portion of the authorization information; and performing, by the manager device, the action regarding the network services based on a verification that the communication session is currently active is disclosed. Various other aspects are contemplated.

Abstract: Methods, computer readable media, and devices for automated routing based on content metadata are provided. One method may include receiving a user request for content with metadata from a client by a content distribution network (CDN), parsing the user request for content to generate an evaluation of the metadata, determining a routing decision representing a selection of one of a plurality of origin services for the user request for content based on the evaluation of the metadata, transmitting the user request for content to the selected one of the plurality of origin services based on the routing decision, receiving a response to the user request for content from the selected one of the plurality of origin services, and sending the response to the client.

Abstract: A method including transmitting, by an infrastructure device to a manager device, an invitation link to enable the manager device to manage network services provided by the infrastructure device; transmitting, by the infrastructure device to the manager device based at least in part on the manager device activating the invitation link, seed information to be utilized by the manager device to determine authorization information; receiving, by the infrastructure device from the manager device during an active communication session, a manager request related to an action to be performed regarding the network services, the manager request being signed based at least in part on utilizing a first portion of the authorization information; and enabling, by the infrastructure device, performance of the action regarding the network services based at least in part on verifying that the communication session is currently active is disclosed. Various other aspects are contemplated.

Abstract: Exemplary embodiments prevent tampering of a software release date associated with a software application by incorporating the software release date into a key exchange with a security domain. If the software release date is tampered with, then the key exchange results in the wrong key exchange key. Without the correct key exchange key, the software application will fail its check of the license, and the software application will no longer continue to run.

Abstract: Various systems and methods use a Merklized Adaptive Radix Forest (MARF), which is an authenticated index data structure that can be used by peers, clients, miners, and/or other participants in a blockchain network for efficiently encoding a cryptographic commitment to a blockchain state. For example, the MARF data structure can be used to represent a blockchain state as key-value pairs within an authenticated directory. The MARF data structure may include various merklized adaptive radix tries (ARTs) associated with different blocks in the blockchain, some of which may be linked together via one or more back-pointers.

Abstract: There is provided a system including a memory storing an executable code and a processor executing the executable code to provide access to a plurality of users to curate video clips stored in a content repository, wherein each video clip is associated with one of a plurality of ownership identifications, receive curation inputs from a user of one of a plurality of user devices arranging two or more video clips into a video compilation, wherein a first video clip is associated with the first ownership identification of a first content owner and a second video clip is associated with the second ownership identification of a second content owner, stream the video compilation to one or more of the plurality of user devices, and distribute a first fee to the first content owner and a second fee to the second content owner, in response to streaming the video compilation.

Abstract: Robot access control and governance for robotic process automation (RPA) is disclosed. A code analyzer of an RPA designer application, such as a workflow analyzer, may read access control and governance policy rules for an RPA designer application and analyze activities of an RPA workflow of the RPA designer application against the access control and governance policy rules. When one or more analyzed activities of the RPA workflow violate the access control and governance policy rules, the code analyzer prevents generation of an RPA robot or publication of the RPA workflow until the RPA workflow satisfies the access control and governance policy rules. When the analyzed activities of the RPA workflow comply with all required access control and governance policy rules, the RPA designer application may generate an RPA robot implementing the RPA workflow or publish the RPA workflow.

Abstract: A system and method for evaluating socio-economic and/or environmental impact automatically identifies and transmits to a user computing device a socio-economic and/or environmental impact web page of an organization. A computer database coupled to a server contains data for various socio-economic and/or environmental impact web pages, defining formatting elements configured to display impact data. The computer database receives a data feed of the impact data from the organization and/or from one or more of the organization's vendors, and automatically updates the organization's socio-economic and/or environmental impact web page. The system automatically generates in the socio-economic and/or environmental impact web page, a socio-economic and/or environmental impact quotient depiction representing socio-economic and/or environmental impact of resource allocations of the associated organization.

Abstract: A method for communicating data includes interfacing different data sources to stand-alone software agents customized for the different data sources. The method also providing selected source data to the stand-alone software agents to generate first-stage data feeds in a neutral format in accordance with the customization. The selected source data is dynamically selected from within the data sources, and transformed into the first-stage data feeds in the neutral format. The stand-alone software agents send the first-stage data feeds to an aggregation agent. The aggregation agent generates for a user and based on specified criteria, a second-stage output as a composite of selected source data from the first-stage data feeds.

Abstract: Disclosed are various embodiments for controlling access to resources in a network environment. Methods may include installing a profile on the device and installing a certificate included in or otherwise associated with the profile on the device. A request to execute an application, and/or access a resource using a particular application, is received and determination is made as to whether the certificate is installed on the device based on an identification of the certificate by the application. If the certificate is installed on the device, then execution of the application and/or access to the resource is allowed. If the certificate is not installed on the device, then the request for execution and/or access is refused.