Abstract: Electrodes that are configured to apply energy within the tissue while moving relative to the tissue. The apparatuses (devices, assemblies, systems) described herein may be configured with one or more electrodes that may move slightly in oscillatory movement and/or rotation relative to the tissue. The apparatuses described herein may be used to apply energy to a patient while minimizing or preventing the unintended modification of the tissue adjacent to the electrode, such as by arcing.

Abstract: Flexible catheters adapted to be inserted into a body to deliver high-voltage, fast (e.g., microsecond, sub-microsecond, nanosecond, picosecond, etc.) electrical energy to target tissue may include a plurality of conductive layers, that may be coaxial. These catheters and method of using them to treat tissue are configured to reduce or avoid arcing.

Abstract: This invention provides secure, policy-based separation of data and applications on computer, especially personal computers that operate in different environments, such as those including personal applications and corporate applications, so that both types of applications can run simultaneously while complying with all required policies. The invention enables employees to use their personal devices for work purposes, or work devices for personal purposes. The secure, policy-based separation is created by dividing the data processing device into two or more “domains,” each with its own policies. These policies may be configured by the device owner, an IT department, or other data or application owner.

Abstract: Attacks on a network device, e.g. an IoT device, are detected by analyzing network traffic and subsequently quarantining or blocking the network device on the network to prevent lateral movement of malware. The techniques described herein relate to developing a baseline of network device activity corresponding with a network device during a learning period and comparing the baseline of network device activity with new network activity by the network device in order to identify potentially unusual network device activity by the network device. If unusual network activity is found, remedial actions such as quarantining the network device or restricting some access to a network may be initiated.

Abstract: The techniques described herein relate to authorizing networked devices to access protected network zones and/or network resources in a private network. In response to a first access request, a network appliance requests full compliance information from the networked device. The received compliance information is stored in a database. Subsequently, when the compliance information on the networked device changes, the network device sends updated compliance information to the network appliance. The network appliance reevaluates the compliance state of the networked device based on the updated compliance information and the compliance information stored in the database.

Abstract: Attacks on a network device, e.g. an IoT device, are detected by analyzing network traffic and subsequently quarantining or blocking the network device on the network to prevent lateral movement of malware. The techniques described herein relate to developing a baseline of network device activity corresponding with a network device during a learning period and comparing the baseline of network device activity with new network activity by the network device in order to identify potentially unusual network device activity by the network device. If unusual network activity is found, remedial actions such as quarantining the network device or restricting some access to a network may be initiated.

Abstract: An example profiler device includes one or more processors implemented in circuitry and configured to monitor network traffic entering and exiting the protected network zone; identify one or more endpoints that interface with the protected network zone; compare network traffic characteristics of network traffic associated with the endpoints to network traffic characteristics of known device types to determine device types corresponding to the endpoints; assign one or more network policies to the identified endpoints according to the determined device types; and distribute data representing the assigned network policies to a policy enforcement point (PEP) device to cause the PEP device to enforce the network policies on network traffic, associated with the identified endpoints, entering and exiting the protected network zone.

Abstract: A server to provide single sign on services. The server includes a processor and a memory storing an attempt table. The server, in response to receiving a first password for a user account, forwards the first password to an authentication device. The server determines that the first password is not valid for the user account. The server stores the first password in association with the user account in the attempt table. In response to receiving a second password for the user account, the server determines whether the second password matches the first password. When the second password does not match the first password, the server forwards the second password to the authentication device.

Abstract: This disclosure is related to devices, systems, and techniques for controlling access to network services based on a trust ledger. In some examples, a trust broker system enables a relying party to control network service access of client device, where the trust broker system comprises one or more computing devices configured to maintain a trust ledger including a trust account balance (TAB) associated with each user of a set of users, where the TAB associated with each user of the set of users represents a value used to determine whether the respective user is permitted to access a resource.

Abstract: Exemplary embodiment of the present disclosure are directed towards a stable nanodispersion comprising an aqueous dispersion medium, a dispersed phase, a surface active agent and optionally, an additive, wherein the aqueous dispersion medium comprises of a nanodispersion stabilizing vehicle base component, wherein the nanodispersion stabilizing vehicle base component improves long term physical stability of the nanodispersion with or without particle size reduction, wherein the dispersed phase comprises of a bioactive compound and wherein the bioactive compound is a lipophilic and hydrophobic. Another exemplary embodiment of the present disclosure is directed towards a method of preparation of such stable nanodispersion.

Abstract: Described herein are apparatuses and methods for applying high voltage, sub-microsecond (e.g., nanosecond range) pulsed output to a biological material, e.g., tissues, cells, etc., using a high voltage (e.g., MOSFET) gate driver circuit having a high voltage isolation and a low inductance. In particular, described herein are multi-core pulse transformers comprising independent transformer cores arranged in parallel on opposite sides of a substrate. The transformer cores may have coaxial primary and secondary windings. Also describe are pulse generators including multi-core pulse transformers arranged in parallel (e.g., on opposite sides of a PCB) to reduce MOSFET driver gate inductance.

Abstract: A blood vessel cross-section function, a blood vessel pressure difference, and blood vessel stress may be established. A method for establishing a blood vessel cross-section function may include: obtaining image data in at least one cardiac cycle; selecting multiple feature times during the one cardiac cycle; generating spatial models of a target region blood vessel corresponding to each of the feature times according to the image data; establishing a first cross-section model of the target region blood vessel at each position along an axial direction of the target region blood vessel according to each of the spatial models; and establishing a corresponding first cross-section function according to each first cross-section model. Actual conditions of blood vessels may be reflected more accurately, and may provide an intermediate variable with less error for subsequent analysis operations, so that the later calculated value is closer to the actual value.

Abstract: This disclosure is related to devices, systems, and techniques for controlling access to network services based on a trust ledger. In some examples, a trust broker system enables a relying party to control network service access of client device, where the trust broker system comprises one or more computing devices configured to maintain a trust ledger including a trust account balance (TAB) associated with each user of a set of users, where the TAB associated with each user of the set of users represents a value used to determine whether the respective user is permitted to access a resource.

Abstract: The technology relates to determining service item management opportunities. One or more processors may receive a set of client data via communication network. The one or more processors may identify one or more service item management opportunities by determining service items in the set of client data which satisfy at least one or more rules and assign a confidence value to the one or more service item management opportunities. For each of the one or more service item management opportunities, a recommended intervention type based on the respective assigned confidence value may be determined and for each of the one or more service item management opportunities, a transmission may be caused by the one or more processors, via the communication network to an external device, of rendering information indicating the service item management opportunity and the recommended intervention type.

Abstract: A system includes a virtual private network (VPN) gateway and a client device. The VPN gateway receives a domain name system response through a physical coding sublayer. The VPN gateway fetches a fully qualified domain name corresponding to the domain name system response, and fetches one or more access control list rules from an access control list table for a specific user account. The VPN gateway installs an Internet protocol (IP) address in the access control list table for each access control list rule and handles requested data traffic to the IP address. The client device creates a virtual tunnel interface route with a port of a transmission control protocol (TCP) listener device and parses the domain name system response. The client device updates a domain name system cache with the fully qualified domain name and the IP address and sends unencrypted network traffic over the virtual tunnel interface route.

Abstract: A private network includes a plurality of network security appliances participating in authenticating end users. Each network security appliance maintains a locally stored user list. A first network security appliance receives at least a portion of a non-local user list comprising second user identifier records for a second network security appliance of the plurality of network security appliances. The first network security appliance compares the local user list with the non-local user list received from the second network security appliance to identify one or more deviations. The first network security appliance merges the portion of the second user identifier records of the non-local user list corresponding with the one or more deviations with the first user identifier records of the local user list to generate an updated local user list. The first network security appliance authenticates a request to access the network using the updated local user list.

Abstract: An apparatus for measuring wire and cable length is provided for using a wireless encoder for wire and cable processing. The apparatus for measuring wire and cable length may include a housing, battery, communication component, microcontroller, printed circuit board, encoder module, encoder disc, shaft, wire counter and spool.