Abstract: A system and method for efficiently creating and managing application instances in distributed computing systems is disclosed. Controls are presented for specifying an application for instantiation, a data file for use with the application, and a destination for results from the application. Application resources and topology may be recommended to the user based on prior application execution, and CPU, GPU, and interconnect parameters such as bandwidth and latency. The controls may enable to user to customize the recommendations prior to automated instantiation based on the user's needs, such as whether the application is to be run in batch mode or interactive mode.

Abstract: Using a common reference address when processing calls among a native ABI and a foreign ABI. Based on caller calling using a reference address, a lookup structure is used to determine whether the reference address is within a memory range storing native code (and that the callee is native) or a memory range not storing native code (and that the callee is foreign). Execution of the callee is initiated based on one of (i) when the caller is native and when the callee is foreign, calling the callee using the reference address within an emulator; (ii) when the caller is foreign and the callee is native, calling an entry thunk; (iii) when the caller is native and the callee is foreign, calling an exit thunk; or (iv) when the caller is native and the callee is native, directly calling the callee using the reference address.

Abstract: A data processing method and apparatus, where one or more applications run in an operating system of a first device, there is a plurality of paths between the first device and a second device, and the paths correspond to the one or more applications. In a data receiving process, the one or more applications obtain data on the paths through a system call, and further obtain data in a plurality of packets from at least one path. In a data sending process, the one or more applications distribute data to corresponding paths through a system call.

Abstract: Systems and methods for generating asynchronous application programming interface (API) documents are generally described. In various examples, a metadata discovery request may be sent to a message broker. A list of topics may be received from the message broker. First metadata related to a first topic of the list of topics may be received from the message broker. A first message may be received from the message broker, where the first message pertains to the first topic. A first schema may be determined using the first message pertaining to the first topic. The first schema may include data describing content of the first message and organization of the content of the first message. An asynchronous API document may be generated based at least in part on the first schema and the first metadata.

Abstract: In an embodiment, an operating system for a computer system includes a kernel that assigns code sequences to execute on various processors. The kernel itself may execute on a processor as well. Specifically, in one embodiment, the kernel may execute on a processor with a relatively low instructions per clock (IPC) design. At least a portion of other processors in the system may have higher IPC designs, and processors with higher IPC designs may be used to execute some of the code sequences. A given code sequence executing on a processor may queue multiple messages to other code sequences, which the kernel may asynchronously read and schedule the targeted code sequences for execution in response to the messages. Rather than synchronously preparing a message and making a call to send the message, the executing code sequences may continue executing and queuing messages until the code has completed or is in need of a result from one of the messages.

Abstract: Disclosed herein are methods, systems, and apparatus, including computer programs encoded on computer storage media, for processing data. One of the systems include: a service platform comprising a plurality of service modules and an application programming interface layer comprising a plurality of application programming interfaces (APIs) to enable users to invoke the service modules to process information related to an order associated with importation of a merchandise, wherein the information is provided, or to be provided, to a service authority for requesting clearance for the order, wherein a first application programming interface of the plurality of application programming interfaces enables a user of the service platform to invoke a smart contract on a blockchain managed by a blockchain network, in which the smart contract performs at least one of processing of the information or processing of information related to another user of the service platform.

Abstract: Using a common reference address when processing calls among a native ABI and a foreign ABI. Based on caller calling using a reference address, a lookup structure is used to determine whether the reference address is within a memory range storing native code (and that the callee is native) or a memory range not storing native code (and that the callee is foreign). Execution of the callee is initiated based on one of (i) when the caller is native and when the callee is foreign, calling the callee using the reference address within an emulator; (ii) when the caller is foreign and the callee is native, calling an entry thunk; (iii) when the caller is native and the callee is foreign, calling an exit thunk; or (iv) when the caller is native and the callee is native, directly calling the callee using the reference address.

Abstract: Techniques are provided for high availability events in a layered architecture. In an example two computing nodes coordinate to provide a computing service, where each node has a base operating system configured to fence the other base operating system, and an application configured to fence the other application. In some examples, fencing requests by an application are routed through its base operating system, which coordinates application-level fencing requests and operating system-level fencing requests.

Abstract: The present disclosure relates to controlling communication between various applications or integrating various applications using interaction patterns. Interaction pattern data, which defines multiple roles for an interaction pattern is generated. Each role is associated with a transaction and is a source or target of a transaction. A transaction is performed using an application programming interface (API). A role can be a provider, or a consumer of the API based on whether the role is a source or target of the transaction. Application conformance data, which defines a set of roles implemented by the application is generated. An application is permitted to invoke an API of another application, if the application implements a first role and the other application implements a second role, and the first role and the second role are a source and target, respectively, of a transaction performed using the API.

Abstract: Some embodiments provide a method for distributing a set of parameters associated with policies for authorizing Application Programming Interface (API) calls to an application. For a previously stored hierarchical first document that comprises a first set of elements in a first hierarchical structure, the method receives a hierarchical update second document that comprises a second set of elements in a second hierarchical structure corresponding to the first hierarchical structure, wherein at least a subset of elements in the first and the second documents correspond to the set of parameters for evaluating API calls. The method receives a first set of hash values for elements of the first document that are not specified in the second document, and generates a second set of hash values for a set of elements specified in the second document. The method generates an overall hash for the second document by using the received first set of hash values and the generated second set of hash values.

Abstract: A set of consumers of a producer-consumer system includes a main consumer subset and a backstop consumer subset. A plurality of updates to message processing information are deployed to the set of consumers. Each update of the plurality of updates is first deployed to the backstop consumer sub-set and is subsequently deployed to the main consumer subset. The main consumer subset may obtain messages from producers and attempt to process the messages. By contrast, the backstop consumer subset may obtain messages only after a failed processing attempt by the main consumers. Upon obtaining a message, a main consumer may process the message successfully or may fail processing and provide the message for processing by a backstop consumer, which may be more up to date than the main consumer.

Abstract: Systems and methods described herein provide for management of notifications. A computing device in communication with a client device receives a notification from at least one notification source. The notification may be for rendering on a screen at the client device. A policy engine of the computing device may identify a context of the notification. The policy engine may add a tag to the notification according to the identified context to control rendering of the notification at the client device. The computing device may transmit the notification with the tag to a notification service at the client device. The notification service may be configured to manage the notification at the client device in accordance with the tag.

Abstract: This application discloses an authorization revocation method and an apparatus, and relates to the communications field. The method includes: receiving, by a first entity, an authorization revocation request message from a second entity, where the authorization revocation request message carries an identifier of an application programming interface (API) invocation entity; and sending, by the first entity, an authorization revocation response message to the second entity based on the authorization revocation request message.

Abstract: A system can host APIs for a plurality of different tenants and receive requests from many different client devices. As requests are received, an associated tenant can be identified, and a router can determine if a container instance is available to service the request. A container instance may be an empty container instance including an internal endpoint, a Web server, and a runtime environment. An empty container instance can be unassociated with a particular tenant. To associate a container instance with a tenant, a data store, such as a key-value data store can retrieve configuration files that turn the agnostic container instance into a container instance that is associated with particular tenant and includes configuration code to perform the requisite API functions. The pool of empty and populated containers can be managed efficiently.

Abstract: A method for operating a building information modeling (BIM) system, is provided. The method includes at a BIM server, receiving a data alteration request from a client computing device for altering data in one of a building model, a hierarchical structure of building model data, and a Construction Operations Building Information Exchange (COBie) spreadsheet, the building model, hierarchical structure of building model data, and COBie spreadsheet simultaneously displayed in a GUI generated by the BIM server, automatically determining validity of data in the data alteration request, and if it is determined that the data is valid, permitting the data alteration request based on predetermined permissions of the client computing device.

Abstract: Methods and systems for securing an application programming interface (API) are presented. The method comprises: receiving API workflow data associated with an API testing tool and generating a scan configuration file using the API workflow data; crawling the collection of API requests by identifying and retrieving a link associated with the collection of API requests; and crawling the link to generate a crawled link response. The method also includes executing one or more vulnerability tests on the crawled link response including applying at least one passive detection rule to the crawled link response and fuzzing the link. The fuzzed link may be transmitted in a request to an application server following which scan data indicative of at least one vulnerability associated with a response from the application server may be generated. The scan data may be used to generate a vulnerability report.

Abstract: In an embodiment described herein, a method for a mechanism to turn a post processing feature in the Device Media Foundation Transform is described. The method comprises managing, at a device integration service executing on a computing device, a current setting of a feature and updating the current setting as stored in a registry in response to a changed setting of the feature and asserting a setting changed event. The method also includes applying the updated current setting to captured media samples via the Device Media Foundation Transform in response to the asserted setting changed event.

Abstract: A computer-implemented method includes: determining, by a computer device, user behavior with an application; determining, by the computer device, a criticality of the application to a user; and changing, by the computer device, a hardcoded timeout parameter of the application into a dynamic timeout parameter based on the determined user behavior and the determined criticality of the application.

Abstract: Technologies are described for simulating requests to backend applications using a generic application programming interface (API). The requests can be received, from frontend web applications, by a simulation service that operates the generic API. For example, the simulation service can receive and process actions to create entries for entities, actions to return entries for entities, actions to delete entries for entities and/or other actions. The simulation service can perform the requested actions and return results. The simulation service can support arbitrary entities and entity and without using definitions of predefined entities or properties.

Abstract: Techniques are disclosed for implementing system calls in a virtualized computing environment. An interface is configured to abstract partitions in the virtualized computing environment. A system call is received that is to be executed across a system boundary in a localized computing environment. Based on a declarative policy, one or more of a device type, device path, or process identity associated with the system call is determined. The system call is executed in the virtualized computing environment.