Abstract: An apparatus comprises a processing device configured to receive, at a user interface of a trust platform configured to manage cloud assets operating in clouds of cloud service providers, a request to view security and compliance risk for a given entity running workloads utilizing the cloud assets. The processing device is also configured to obtain, utilizing application programming interfaces of the trust platform, first and second sets of security and compliance telemetry data generated by first and second pluralities of monitoring tools operating in tenant and management environments of the clouds. The processing device is further configured to generate a unified view of security and compliance for the workloads of the given entity utilizing the first and second sets of security telemetry data, and to provide the unified view of security and compliance for the workloads of the given entity at the user interface of the trust platform.

Abstract: A method of authenticating requests to a cloud service, comprising using one or more edge proxy servers of a container execution system facilitating a cloud service to execute an authentication microservice configured for forwarding, to a login service, each login request received by the edge proxy server, via one or more network, from one or more client devices used by respective users to establish sessions with application(s) executed by application server(s) of the container execution system wherein the login service is configured to authenticate the respective user based on credentials extracted from the login request and create one or more session tokens transmitted to the one or more client device, extracting the session token(s) from each subsequent request received by the edge proxy server from the one or more client devices pertaining to the respective sessions, and authenticating the respective subsequent request by verifying the session token(s).

Abstract: Methods, systems, and computer programs are presented for lowering network latency for cloud-based services. Service-delivery edge locations allow customers to improve communication-providers public and private network connectivity for improved performance. One method includes operations for performing, by an edge server, a handshake to establish a communication session between a client and a main server, and for exchanging data between the client and the main server via the edge server. The handshake includes exchanging, by the edge server, communication initiation messages with the client, and validating, by the edge server, authentication credentials for the communication session based on the communication initiation messages.

Abstract: A method for fetching a content from a web server to a client device is disclosed, using tunnel devices serving as intermediate devices. The client device accesses an acceleration server to receive a list of available tunnel devices. The requested content is partitioned into slices, and the client device sends a request for the slices to the available tunnel devices. The tunnel devices in turn fetch the slices from the data server, and send the slices to the client device, where the content is reconstructed from the received slices. A client device may also serve as a tunnel device, serving as an intermediate device to other client devices. Similarly, a tunnel device may also serve as a client device for fetching content from a data server. The selection of tunnel devices to be used by a client device may be in the acceleration server, in the client device, or in both.

Abstract: A method for managing privacy of videos and photos recorded through a communication application by displaying a secret recording button on touch screens of a user's and contact's mobile devices, recording a video or a photo by the user's mobile device, applying on the recorded video or photo a re-watch mode by using the secret recording button, displaying in the message box of the user and the contact the recorded video or photo. The re-watch mode causes the mobile device to transmit the recorded video or photo to be saved in the server, displaying on the touch screens of the mobile devices a re-watch button, sending to the server a re-watch command by using the re-watch button in both mobile devices, receiving from the server the recorded video or photo to the mobile devices, and posting it in the message box of the user and the contact.

Abstract: The systems and methods of the present disclosure are directed towards a dynamic system that is configured to identify and map networked traffic, such as that of video, voice, file transfer, and web based applications to predetermined Quality of Service (QoS) classes. The different QoS classes can be associated with different traffic priorities. The networked traffic can be encrypted, which can prevent an intermediate device from processing or otherwise reading the packet headers of the traffic. The systems and methods of the present disclosure can predict QoS classes for encrypted traffic based on traffic patterns and other characteristics of the encrypted traffic.

Abstract: Aspects described herein may allow for grouping questions received during a virtual meeting in order to present the questions to a presenter of the virtual meeting efficiently. A system may receive, during a virtual meeting, a plurality of messages each indicative of a question. The message comprises content descriptive of the question and metadata. For example, the metadata may comprise data identifying an image corresponding to the message. The system may group the plurality of messages into one or more groups, individual messages within the groups having a context in common with one another, by analyzing text and metadata of the message. The system may send data about at least one group to a first client device for output of the questions indicated by the messages of that group on the first client device.

Abstract: A native application on a client computing device enables secure user authentication via an identity provider (IdP) for accessing services of a web service provider. The native application forwards a redirect request generated by a main gateway of the service provider and including an IdP uniform resource locator (URL) to a system browser of the client computing device. The redirect request directs the system browser to a broker gateway of the service provider that registers an authentication response handler and redirects the system browser to the IdP URL to enable a user of the native client computing device to authenticate. After the broker gateway receives an IdP authentication response from the IdP following authentication by the user, the broker gateway provides the IdP authentication response to the native application for providing back to the main gateway. The main gateway finally processes the authentication response to complete the authentication request.

Abstract: Methods and systems of managing a repositioning request for a HTTP Live Streaming (HLS) or Dynamic Adaptive Streaming over HTTP (DASH) media stream are shown and disclosed. In one embodiment, the method includes receiving a repositioning request for a particular position in the HLS or DASH media stream. The particular position does not have an Instantaneous Decoder Refresh (IDR) frame. The method additionally includes transcoding a new segment of the HLS or DASH media stream such that an IDR frame coincides with the particular position. The method further includes delivering the transcoded segment in response to the repositioning request.

Abstract: Optimum software update transmission parameters are determined and used for transmitting a software update from a host to servers of a computer network. The software update is transmitted while the servers are live and required to meet certain quality of service requirements for tenants of the computer network. Transmission parameters for transmitting the software update are adjusted and updated based on service performance data. Based on iterative adjustments, optimum transmission parameters may be determined. Additionally or alternatively, machine learning is used to generate a model that determines predicted optimum transmission parameters. The predicted optimum transmission parameters may be initially used for transmitting a software update, while the transmission parameters continue to be adjusted throughout transmission.

Abstract: Automatic spotlighting of participant video feeds in a video conference are based on one or more triggers detected in the participant video feeds. Participant video feeds are added to a spotlight video queue. The participant video feeds are elevated to an active spotlight status based on certain criteria. The participant video feeds that are elevated to the active spotlight status are displayed adjacent to a host video feed on a display.

Abstract: Electronic systems and methods for developing a person's cognitive skills such as feedback giving skills are contemplated. The systems and methods provide a procedure through which participants follow to formulate and issue feedback to other individuals. Feedback is given through a feedback app. The systems and methods involve participation of feedback recipients and also judges. The procedure involves each feedback recipient giving a presentation in a period of time and each judge providing feedback to each presentation. The procedure is performed by executing an event which can be created from an event app provided by the system. The event app also executes the created event, and completion of the event allows the system to provide feedback results to the participants, feedback recipients, judges, and other individuals based on information received during the event. The flow of the event is also controllable from the event app.

Abstract: Methods, systems, apparatuses, and computer program products are provided for automatically determining a home realm. An authentication request receiver interface may receive a request to access a resource and a device identifier from a client device. An authenticator may be enacted in response to receiving the request to access the resource that includes a home realm discoverer and an authentication user interface (UI) provider. The home realm discoverer may determine, based at least on the device identifier, the home realm from a plurality of realms. The authentication UI provider may provide, to the client device, an authentication UI via which a flat-name username can be submitted. Based at least on a flat-name user name and the determined home realm, access to the resource may be granted. In this manner, a user may input a flat-name username during sign-in, rather than inputting a realm or an entire e-mail address.

Abstract: A service provider network implements seamless scaling via proxy replay of session state. Upon a trigger, such as a determination to scale a server, a scaled server may be spun up and an identifier of the scaled server provided to a first (existing) server. The first server sends the identification of the second server, and session state information for each of the connections between the first server and the request router, to the request router. For each of the connections, the request router establishes a new connection between the request router and the second (scaled) server, and replays the session state information for the connection to the second server. The request router then routes traffic between each existing client connection (e.g., the same existing client connection which carried traffic delivered to the first server) and the corresponding new connection to the second server.

Abstract: A method and system for detecting slow page load is provided. An example system comprises a page request detector, a time-out module, a time-out monitor, and a lightweight page requestor. The page request detector may be configured to detect a request for a web page. The time-out module may be configured to commence a time-out period in response to a request for a web page. The time-out module cooperates with the time-out monitor that may be configured to determine that rendering of a rich version of the requested web page has not commenced at an expiration of the time-out period. The lightweight page requestor may be configured to cause a lightweight version of the requested page to be provided to the client system when the time-out monitor determines that the rendering of a rich version of the requested web page has not commenced at an expiration of the time-out period.

Abstract: An ID is managed, and access information including the ID is displayed on a first web browser. Thereafter, in response to reception of an access request by use of the access information from a second web browser, the predetermined web page is displayed on the second web browser, based on the ID included in the access request. Then, in response to completion of predetermined processing which is performed based on the predetermined web page, a first web page is displayed. In a case where display of a second web page, which is provided by a predetermined server, is requested by the user on the first web browser of the apparatus, the first web browser is controlled to perform a display for prompting an access to the predetermined server from another apparatus.

Abstract: A method for providing interoperability between a plurality of security services and target applications by an interoperability service. The method includes receiving a request from one of the plurality of security services to perform a task on a target application, preparing a unified data model for interaction with the target application, determining and organizing data connections to perform the task on the target application, generating a set of requests using the unified data model based on the task and utilizing business logic of the interoperability service for the data connections with the target application, transforming the set of requests into commands and data structures specific to the target application, and sending the set of requests on respective data connections with the target application.

Abstract: Apparatuses, methods, and systems are disclosed for network slice authentication. One apparatus includes a processor that provides an application layer and a non-access stratum (“NAS”) layer and a transceiver for communicating with a mobile communication network. The processor receives, at an application at the application layer, network slice authentication information for a subscribed service and stores the network slice authentication information at an application module. The processor associates the network slice authentication information with single network slice selection assistance information (“S-NSSAI”) and registers the application with the NAS layer, said registration pointing to the associated S-NSSAI. Additionally, the transceiver that exchanges, via the NAS layer, authentication messages with an authentication, authorization, and accounting (“AAA”) server for network slice authentication information.

Abstract: Techniques of dynamic authentication scheme selection in distributed computing systems are disclosed herein. One example technique includes analyzing a received authentication request for an indicator of an authentication scheme that is supported by a computing service submitting the authentication request. The example technique can also include determining whether the authentication scheme associated with the indicator is also supported by the authentication service and in response to determining that the authentication scheme associated with the indicator is also supported by the authentication service, initiating an authentication process with the computing service according to the authentication scheme that is supported by both the computing service and the authentication service. As such, the authentication scheme can be dynamically selected at the authentication service for the received authentication request.

Abstract: A user device may detect a message received via a messaging platform of one or more messaging platforms. The user device may determine that the message is from a second user based on a match between a user identifier associated with the message and a second user identifier corresponding to the messaging platform for the second user. The user device may transmit message data that includes: message content of the message, and information that identifies the messaging platform used to transmit the message. The user device may receive task information that indicates a task type for a task determined from the message content, a task priority for the task, and information that identifies the second user, and information that identifies the messaging platform. The user device may present the task information via a user interface of the cross-platform messaging application executing on the user device.