Abstract: Systems and methods for enhanced security of media are provided. Media security may be enhanced by improving the setup of encryption and/or decryption, by improving the performance of encryption and/or decryption, or by improving both. The calls related to enhanced security of media from an application in an emulated environment to a security module in the operating system hosting the emulated environment may be combined to reduce the overhead of accessing a security module. An application handling secure shell (SSH) communications may execute multiple calls to a cryptographic module in the host operating system. Because many calls to the cryptographic module during SSH communications follow patterns, two or more related calls may be combined into a single combined call to the cryptographic module. For example, a call to generate a server-to-client key and a call to generate a client-to-server key may be combined into a single call.

Abstract: Virtual machines in a network may be isolated by encrypting transmissions between the virtual machines with keys possessed only by an intended recipient. Within a network, the virtual machines may be logically organized into a number of community-of-interest (COI) groups. Each COI may use an encryption key to secure communications within the COI, such that only other virtual machines in the COI may decrypt the message. Virtual machines may further be isolated through a virtual gateway assigned to handle all communications between a virtual machine and a device outside of the virtual machine's COI. The virtual gateway may be a separate virtual machine for handling decrypting and encrypting messages for transmission between virtual machines and other devices.

Abstract: Systems and methods that include receiving a plurality of programs, wherein each of the plurality of programs performs at least one function. The systems and methods further include parsing the plurality of programs. The systems and methods further include generating control statements configured to create an executable file. The executable file is configured to perform the functions performed by the plurality of programs.

Abstract: A method and system for containerized Internet of Things (IoT) devices. The method includes receiving by a computing platform IoT device sensor data. The method also includes receiving by the computing platform at least one container image script. The method also includes loading into the computing platform at least one container, which is based on the at least one container image script received by the computing platform. The method also includes processing at least a portion of the IoT device sensor data within the at least one container to generate processed IoT device data. The method also includes transmitting from the computing platform at least a portion of the processed IoT device data. The method also includes removing the at least one container from the computing platform in response to at least a portion of the processed IoT device data being transmitted from the computing platform.

Abstract: A user interface is provided next to a textbox in a cross-platform mobile application to access one or more native features of a mobile device. Once the user interface is selected by a user, the mobile application operates to access one or more associated native feature of the mobile device and retrieve data to automatically populate it on the textbox in the mobile application.

Abstract: Methods and systems for managing reset of a physical function of an I/O device in a computing system are disclosed, where the physical function is included in a single-root PCI manager. One method includes maintaining a count of active virtual functions associated with the physical function included in the single-root PCI manager, and, upon determining that no active virtual functions are associated with the physical function, allowing the physical function to be reset within the single-root PCI manager. The method further includes while resetting the physical function, persisting a configuration memory space associated with the physical function, and associating the persisted configuration memory space with the physical function after the physical function is reset.

Abstract: A client system may be configured to request a single sign on authentication, in which an identity certificate is provided by the client system and stored by a server system. The stored certificate may be used to later authenticate a secure connection between the client system and the server system, after validating that the user represented by the certificate is a legitimate registered user of the server. The secure connection validated by the stored certificate may be, for example, a secure sockets layer/transport layer security (SSL/TLS) connection.

Abstract: A method includes retrieving, by a processor, a first entry from a global wait list as a current waiting lock. The method further includes decreasing, by the processor, a deadlock timer of the current waiting lock. The method further includes determining, by the processor, whether the deadlock timer equals zero. The method further includes appending, by the processor, the current waiting lock to an end of a deadlock victim selection list, if the deadlock timer equals zero. The method further includes selecting, by the processor, a victim from the deadlock victim selection list.

Abstract: Apparatuses, systems, and methods that generate a model file with a plurality of components. In one embodiment, a method includes reading, by a processor, an input model file. The method includes extracting, by the processor, at least one input component from the input model file. The method includes generating, by the processor, at least one output component using the at least one input component. The method includes storing, by the processor, the at least one output component in an output model file.

Abstract: Systems and methods for automatically resuming commissioning of a partition image after a halt in the commissioning process are disclosed. Embodiments may include initiating a commissioning of a partition image. Embodiments may also include updating metadata associated with the commissioning of the partition image after each successfully executed step of the commissioning process. Embodiments may further include identifying a halt in the commissioning process and resuming, after the halt has been identified, the commissioning process from the last successfully executed step of the commissioning process stored in the metadata during the most recent update of the metadata.

Abstract: A method includes receiving, at a processor, an identification of a storage tape. The method further includes determining, at the processor, a start-point for extracting information from the storage tape. The method further includes extracting the information, by the processor, from the storage tape starting at the start-point. The method further includes determining, by the processor, whether an end-point of the information has been reached. The method further includes reproducing, by the processor, the information to a computer-readable medium. The method further includes formatting, by the processor, the information to conform with format requirements of an activity log analyzing tool.

Abstract: A method includes receiving, at a processor, a timestamp as a start-point for extracting information from the storage tape. The method further includes determining, by the processor, a reel identification and a device type of a storage tape. The method further includes extracting the information, by the processor, from the storage tape starting at the start-point. The method further includes determining, by the processor, whether an end-point of the information has been reached. The method further includes reproducing, by the processor, the information to a computer-readable medium. The method further includes formatting, by the processor, the information to conform with format requirements of an activity log analyzing tool.

Abstract: A method of managing secure communications states in an endpoint within a secure network is disclosed. The method includes, in a disconnected state, transmitting from a first endpoint to a second endpoint a first message including an authorization token. The method further includes, in the pending state, receiving from the second endpoint a second message including a second authorization token at the first endpoint. The method includes, based on the receipt of the second message, entering an open state and initializing a tunnel between the first and second endpoints using an IPsec-based secured connection. The method also includes, upon termination of the tunnel due to a termination or timeout message issued by at least one of the first and second endpoints, entering a closed state.

Abstract: Methods and systems of communicating with secure endpoints included within a secured network from a mobile device external to the secured network is disclosed. The method includes initiating a VPN-based secure connection to a VPN appliance, and initializing a stealth-based service on the mobile device. The method further includes transmitting user credential information from the mobile device to a VDR broker via the VPN appliance, and receiving status information from the VDR broker identifying a VDR associated with the mobile device and providing a connected status. The method also includes communicating with one or more secure endpoints within the secured network via a VPN connection to the VDR via the VPN appliance and through the VDR to the one or more secure endpoints within a community of interest based on the user credential information transmitted to the VDR broker.

Abstract: Methods and systems for supporting multifunction virtualization within SR-IOV in a multi-partition virtualization system are described. One method includes instantiating a physical function of an I/O interface device within an interconnect partition of a multi-partition virtualization system implemented at least in part on the computing device, and instantiating a plurality of virtual functions within a guest partition of the multi-partition virtualization system, each of the plurality of virtual functions associated with a physical function. The method includes assigning a bus identifier, a device identifier, and a function identifier to each of the plurality of virtual functions, the plurality of virtual functions including a first virtual function associated with a first bus identifier and a first device identifier and a second virtual function associated with the first bus identifier and the first device identifier.

Abstract: A traceroute command may be used to diagnose a computer network or provide additional information regarding a computer network. A traceroute command may be provided to applications executing within a virtualized environment by allowing commands to be passed from the virtualized environment to a host operating system through a network interface. The traceroute command may be executed by the host operating system, and network information returned to the application in the virtualized environment.

Abstract: A method and system for scanning a computing system network for dark matter computing systems and computing devices. The method includes establishing a communication link between a master server and at least one target scanning agent that has at least one network computing system coupled thereto, creating a scanning job for the target scanning agent, building a scanning job command based on the scanning job, sending the scanning job command to the target scanning agent, receiving scanning job results from the target agent, parsing through the received scanning job results for identifying information of hosts in the network computing system detected during the scanning job, determining which detected hosts are known hosts and which detected hosts are unknown hosts based on the identifying information, and comparing the identifying information of the unknown hosts to reference identifying information to determine which of the unknown hosts are dark matter.

Abstract: Methods and systems for managing interactive features associated with multimedia content are disclosed. One method includes applying a container to multimedia content using one or more computing systems, the container defining an interface through which metadata external to the multimedia content is linked with one or more portions of the multimedia content. The method further includes receiving a request for the multimedia content from a content consumer. The method also includes associating a set of metadata describing one or more interactive features with the multimedia content, the set of metadata linked to at least a portion of the multimedia content via the container and selected from a database including metadata defining interactive features capable of being associated with the multimedia content. The method also includes, upon receiving a request for playback of the multimedia content, providing the multimedia content and the one or more interactive features to the content consumer.

Abstract: Systems and methods are disclosed that ensure high availability of such an architecture hosted on commodity platforms. One method includes initializing, by an operating system, execution of a process by the programmable circuit, the process including a firmware environment representing a virtual computing system, the process further including one or more workloads to be executed within the process. The method also includes allocating a portion of the memory for use by the process, the portion of memory including a plurality of memory segments, and generating a plurality of area descriptors associated with the plurality of memory segments, each of the area descriptors defining a location and length of a corresponding memory segment. The method includes quiescing execution of the process and capturing contents of the portion of memory and the plurality of area descriptors associated with the process.

Abstract: Systems and methods for managing input/output operations of a first computing system at a second computing system are disclosed. One method includes receiving an input/output control block at a distributed input/output processor separate from a first computing system, the input/output control block built by the first computing system in response to initiation of an input/output operation at the first computing system. The method also includes enqueueing an input/output operation at the distributed input/output processor, and processing, by the distributed input/output processor, the input/output operation from memory of the first computing system. The method includes returning results from the distributed input/output processor to the first computing system.