Abstract: A surface generation device includes: a profile curve setting unit 2 configured to set a profile curve fitted to a part of shape data, a profile curve movement unit 3 configured to move the profile curve so as to satisfy a predetermined condition, and a surface generation unit 4 configured to generate a surface defined by a locus obtained by moving the profile curve satisfying the predetermined conditions. The predetermined conditions include a condition in which a locus of one point (for example, midpoint) on the profile curve becomes a line of curvature of the surface to be generated. Using such a condition, it is possible to efficiently obtain the high quality surface by setting the line of curvature indicating a flow of the surface as a guide line of a sweep method without repeating trial and error many times.

Abstract: Systems and methods for executing compiled code having parallel code fragments is provided. One method includes storing executable code having a plurality of parallel code fragments, each of the plurality of parallel code fragments representing alternative executable paths through a code stream. The method further includes determining a code level supported by a processor executable at a computing system, the processor executable supporting a hosted computing environment. The method also includes translating the executable code into machine-readable code executable by a processor of the computing system. Translating the executable code includes selecting a code fragment from among the plurality of parallel code fragments for execution based on the code level supported by the processor executable. The method includes executing the machine-readable code within the hosted computing environment.

Abstract: A method of securing containers within clusters is disclosed. The method includes configuring service access points within clusters as secure endpoints; associating services within clusters with secure identities to constrain which communities-of-interest can reach which services; and wherein each cluster is cryptographically isolated such that no information will leak in or out of the cluster through an associated network.

Abstract: Methods and systems for configuring a common security policy for a plurality of nodes included within an enterprise network. Example methods can include grouping nodes within profiles based on IP address, in addition to concordance data. Additionally, nodes may be added to profiles based on a classification of the node being common to classifications of nodes within the profile. Still further, profiles may be grouped into a solution based at least in part on classification of the profile, in addition to grouping of profiles into solutions based on affinitization using concordance data. The methods described also include determining a common security policy to apply to each of the nodes within the profile.

Abstract: A computing system architecture includes a token generator communicable with a client token agent. The client token agent is communicable with a client database access agent. A database management system is communicable with the token agent. The database management system is communicable with the client database access agent. A client authorization management system is communicable with the database management system. The client authorization management system stores a list of authorized operations for a client. The list of authorized operations is configured to be changeable during a client login session.

Abstract: A method and system for delivering announcement broadcasts. The method includes receiving an announcement broadcast from a broadcast system of a transportation station. The method also includes interpreting the received announcement broadcast using natural language processing to extract transportation information. The method also includes the received announcement broadcast and the extracted transportation information in a data storage location. The method also includes translating the stored announcement broadcast into a text message. The method also includes transmitting the text message to at least one mobile device of at least one user registered with the announcement broadcast delivery method, based on the transportation information and the user information stored in the data storage location.

Abstract: Virtual machines in a network may be isolated by encrypting transmissions between the virtual machines with keys possessed only by an intended recipient. Within a network, the virtual machines may be logically organized into a number of community-of-interest (COI) groups. Each COI may use an encryption key to secure communications within the COI, such that only other virtual machines in the COI may decrypt the message. Remote devices may gain access to virtual machines in a network through a virtual device relay. The virtual device relay receives data from the remote device, such as a tablet or cellular phone, and forwards the data to one of the virtual machines, when the virtual device relay shares a COI with the destination virtual machine.

Abstract: A traffic monitoring system includes a first car moving on a first path; a camera having a field of vision including at least a portion of the first path; and a computing system. The computing system receives a plurality of images from the camera. The computing system has a processor. When instructed, the processor performs circling a perimeter of the first car on each of the images with a first rectangle; composing a first set of points, each point of the first set of points representing a center of the first rectangle; finding a first centroid using the first set of points, wherein the first centroid represents the first path; and calculating a speed of the first car using the first centroid.

Abstract: A computing system includes a computer executing an emulated operating system, the emulated operating system including a multichannel control unit; a plurality of virtual drives accessible to the emulated operating system; and a communication channel, the communication channel connecting the multichannel control unit and the virtual drives through one or more virtual channels. The multichannel control unit sends a first data access request to a virtual drive through the first virtual channel of the communication channel, the multichannel control unit sends a second data access request to a virtual drive through the second virtual channel of the communication channel.

Abstract: A computing system includes a computer executing an emulated operating system, the emulated operating system including a multichannel control unit; a plurality of virtual drives accessible to the emulated operating system; and a communication channel, the communication channel connecting the multichannel control unit and the virtual drives through one or more virtual channels. The multichannel control unit sends a first data access request to a virtual drive through the first virtual channel of the communication channel, the multichannel control unit sends a second data access request to a virtual drive through the second virtual channel of the communication channel.

Abstract: A security system includes a camera having a field of vision. The camera sends image frames to a machine readable memory. A processor is accessible to the machine readable memory. The processor performs acts of receiving from the camera a plurality of frames; detecting an object entering the field of vision; determining whether the object is a person; tracking a moving path of the person; and performing facial recognition on the person using at least one of the plurality of frames.

Abstract: The present invention provides for employing SQL to introduce blockchain technologies into a relational database, and thereby leverage the inherent tamper-resistant properties of blockchain, without the need to completely rewrite existing or legacy relational database software. The invention creates a relational database inside of a blockchain and uses a conventional SQL interface for standard database operations. This reduces the burden of introducing blockchain technologies, while providing the benefits of the intrinsic security and verification features of blockchain technology. The invention provides a rich historical record of every transaction thereby greatly reducing, if not eliminating, the relational database's susceptibility to tampering. This allows for temporal queries on arbitrary records within the database and the generation of reports and audits for any point in the history of the database.

Abstract: Methods and systems for defining a solution within an enterprise security management configuration server is disclosed. One method includes, based on network concordance data, grouping a plurality of nodes within an enterprise network into a plurality of profiles and identifying one or more channels among the plurality of profiles within a project of an enterprise security management configuration tool. The method also includes displaying the plurality of profiles in a configuration user interface, and automatically identifying one or more solutions among the plurality of profiles. The method further includes collapsing each of the one or more solutions into a single icon within the configuration user interface, each single icon representing a solution.

Abstract: The present invention provides for employing SQL to introduce blockchain technologies into a relational database, and thereby leverage the inherent tamper-resistant properties of blockchain, without the need to completely rewrite existing or legacy relational database software. The invention creates a relational database inside of a blockchain and uses a conventional SQL interface for standard database operations. This reduces the burden of introducing blockchain technologies, while providing the benefits of the intrinsic security and verification features of blockchain technology. The invention provides a rich historical record of every transaction thereby greatly reducing, if not eliminating, the relational database's susceptibility to tampering. This allows for temporal queries on arbitrary records within the database and the generation of reports and audits for any point in the history of the database.

Abstract: Systems and methods for non-stop computing in a virtualization fabric are disclosed. One system includes a computing fabric comprising a plurality of host platforms, the plurality of host platforms including at least a first host platform and a second host platform communicatively connected to the first host platform. The system also includes an interconnect service partitions residing on the first host platform. The system includes a plurality of guest partitions distributed across the plurality of host platforms. The system further includes a DNS server instance managed by at least one of the plurality of interconnect service partitions and defining at least one zone, the at least one zone including one or more partitions from among the plurality of guest partitions distributed across the plurality of host platforms.

Abstract: An application services broker includes a plurality of adapter modules, each of which are associated with a respective application service. Application service data is received from a first application service and converted to a first message having a predefined message format by a first adapter module associated with the first application service. The first message is sent from the first adapter module to a second adapter module associated with a second application service. The first message is converted to application service data for the second application service by the second adapter module.

Abstract: A computing system architecture includes a service server and a first validator. The first validator is communicable to the service server. A validation request is sent from the service server to the first validator for validating a transaction. The validation request including a first facial image of a party of the transaction. The validator performs a facial recognition comparing the first facial image with a second facial image using a facial recognition algorithm.

Abstract: A computing system architecture includes a service server and a first validator. The first validator is communicable to the service server. A validation request is sent from the service server to the first validator for validating a transaction. The validation request including a first facial image of a party of the transaction. The validator performs a facial recognition using the first facial image of the party for validating the transaction.

Abstract: In a cryptographically-segmented network, a server establishes a cryptographically-segmented communication channel for use by authorized endpoints in an operationally-deployed configuration. In response to a received endpoint-isolation command to isolate a first endpoint, the server de-authorizes the first endpoint from the channel of the operationally-deployed configuration. In response to the de-authorization, the server issues a configuration instruction to the first endpoint to join a first cryptographically-segmented isolation communication channel that is communicatively coupled with at least one monitoring endpoint configured to monitor operation of the first endpoint via the first cryptographically-segmented isolation communication channel.