Abstract: A dynamic Domain-based Message Authentication, Reporting, and Conformance (DMARC) enforcement solution is disclosed. A mail transfer agent (MTA) receives an email and obtains an originating email domain from the email. The MTA queries a dynamic DMARC module (which can be implemented on a domain name system (DNS) infrastructure or the MTA) about any local policy override associated with the originating email domain. DMARC policy overrides can be published from a source system and stored locally to the dynamic DMARC module (e.g., on the DNS infrastructure or the MTA). The MTA receives a response which contains the local policy override published from the source system and dynamically overrides the fact that the email had failed DMARC. In this way, an email which failed DMARC can still be dynamically considered and delivered if a local policy override that is published from a source system indicates that it should be delivered.

Abstract: A technique for embedding and utilizing credentials in a network address may include requesting a network address for a client device by providing an account identifier to a server computer associated with a service provider. A network address that is mapped to the account identifier can be assigned to the client device. The network address may include a routing prefix field and a network interface identifier field. The routing prefix field may include an issuer identifier of an issuer of the account, and the network interface identifier field may include an interface identifier that maps to the account identifier. By embedding credentials such as an account identifier in the network address, the actual account identifier need not be transmitted to perform actions on the account.

Abstract: Generally discussed herein are devices, systems, and methods for secure cloud application provisioning. A method can include, while providing access to the cloud application, receiving data indicating a first universal resource locator (URL) entered in a search bar of a web browser associated with the cloud application has changed to a second URL, determining whether the second URL has a valid certificate, and in response to determining the second URL is associated with the cloud application and a valid certificate for the second URL exists, providing resources for the second URL and the valid certificate to the web browser or in response to determining the second URL is not associated with the application, re-directing the web browser away from the proxy server.

Abstract: A system and method for providing a service management engine for use with a cloud computing environment. In accordance with an embodiment, enterprise software applications (e.g., Fusion Middleware applications) can be instantiated as services within a cloud platform, where they are then made accessible by other (e.g., customer) applications. In an embodiment, a service management engine (SME), in communication with an orchestration engine, can be used to provision services as one or more different service types, according to a service definition package (SDP). Service types can be instantiated according to the configuration of the cloud platform itself, and the contents of the SDP, including discovering, provisioning, and associating service types with system resources, to address different customer requirements.

Abstract: One example method of operation may include receiving at a managing device an indication whether a first network device is a known network device, identifying a selected network mode of operation stored in memory of the managing device, and determining whether to cancel the selected network mode of operation based on whether the first network device is a known device.

Abstract: An apparatus and method for clipping and sharing content at a portable terminal are provided. The method includes receiving a selection of specific content, analyzing related information of the selected content, and classifying the selected content, and storing the classified content according to the classification.

Abstract: A system for monitoring the status of digital certificates is provided. The system includes a responder computer device. The responder computer device is programmed to store, in a database, a plurality of statuses associated with a plurality of digital certificates. The responder computer device is further programmed to receive, from a first computer device, a request message including an identifier of a target certificate. The responder computer device is further programmed to query the database to retrieve status information about the target certificate, generate a response message based on the retrieved status information, and transmit the response message to the first computer device.

Abstract: A user interface for email users which calls attention to one or more categories of emails in different ways. In some species, at least three categories are used: branded senders with Truemarks; white list buddies; and fraudulent emails which are either not from the domain they purport to be from or in which the content was tampered. The preferred embodiment authenticates emails from branded senders and displays them with the sender's Truemark. Branded sender emails have their Truemarks displayed in the sender column of a list view in the preferred embodiment. In a preferred embodiment, white list senders have either an icon or other graphic or photo they choose displayed to the left or right of the sender column with their name in the sender column. In a preferred embodiment, fraudulent emails have a fraud icon displayed to the left or right of the sender column with a warning in the sender column. Antiphishing processing is also disclosed.

Abstract: Methods, systems and computer program products are provided for prefetching based on historical use and real-time signals. Forecast models may be configured to forecast whether to prefetch information (e.g. keys responsive to queries) for future time intervals based on historical use and internal or external signals that may influence forecasts, such as prevailing conditions. Historical use of keys may be analyzed for patterns and trends with multiple seasonalities per category and/or per key. Time series data and forecasts may be indexed by cache categories and time intervals. Forecast models may be trainable, optimizable, configurable and/or auto-correcting on a per-category and/or a per-key basis. Forecast precision indicators, confidence indicators and configurable thresholds may be used to optimize performance. Operations may be distributed among multiple servers. Tasks may be time-distributed by offsets. Cached information may be assigned a time to live (TTL) independent of other cached information.

Abstract: A system provides for automatically populating a sign-on page with sign-on credentials and automatically submitting the sign-on credentials without revealing at least one of the sign-on credentials to a user. The system includes an access management server which stores sign-on credentials for accessing the application. An application access tool, which is associated with a browser extension of a web browser executed on the user's device, provides a network address for a sign-on page of the application, and the system automatically redirects the user to this sign-on page. The system uses a source code database to identify object identifiers in html source code of the sign-on page that corresponds to form fields or other objects in the sign-on page for appropriately entering and submitting sign-on credentials in the sign-on page. The credentials are entered in an anonymized format that is not readable to the user.

Abstract: A communication device includes a processor. The processor monitors a first message that is periodically transmitted from a representative device in a first network. The processor transmits a second message to the communication devices in the first network when the first message is not detected. When plural data components obtained by dividing authentication information have been distributed from the representative device plural communication devices in the first network, the processor receives data components transmitted from the communication devices in the first network in response to the second message. When a specified number of data components are received, the processor regenerates the authentication information from the specified number of data components. The processor generates new authentication information by rewriting at least a portion of the regenerated authentication information. The processor connects to a second network based on the new authentication information.

Abstract: Embodiments of the present disclosure provide for improvements in managing connection channels for multiple associated users. As connection channel changes occur for one or more users, various connection channels are updated such that appropriate functionality is accessible as determined based on aspects of the connection channel change.

Abstract: Disclosed are various approaches for sharing uniform resource locators (URLs) and enforcing browser restrictions along with a shared URL. Browser restrictions can be identified by appending commands to the shared URL that instruct the receiving browser to activate certain browser restrictions. Browser restrictions can also be enforced using a URL restriction validator, which is a server process that can facilitate enforcement of browser restrictions along with a shared URL.

Abstract: A process for protecting confidentiality of audio messages that are received at an electronic computing device for providing a corresponding audio output at electronic audio output devices. In operation, the electronic computing device partitions the audio message into audio content segments, where each audio content segment is assigned to a respective confidentiality level. The electronic computing device determines a current exposure level of the electronic audio output device. The electronic computing device further determines whether the audio message is to be modified based on a current exposure level of the electronic audio output device and the respective confidentiality level assigned to each audio content segment. An audio output corresponding to the modified audio message is provided at the electronic audio output device when it is determined that the audio message is to be modified.

Abstract: A containerized application is initialized in a cloud-based computing environment. Thereafter, the containerized application obtains environment variables encapsulating credentials. The containerized application stores the environment variables in a secret store of the containerized application. The environment variables are later wiped upon completion of the storing of the environment variables. Related apparatus, systems, techniques and articles are also described.

Abstract: Aspects of the invention include generation of a secure key exchange (SKE) authentication request by an initiator node of a computing environment. A non-limiting example computer-implemented method includes receiving an initialization response message at an initiator channel on an initiator node from a responder channel on a responder node to initiate a secure communication, the receiving at a local key manager (LKM) executing on the initiator node. A set of cryptographic keys is derived based on a security association payload of the initialization response message. A proposal list is built based on one or more security capabilities supported by the initiator channel. An authentication request message is built based at least in part on the set of cryptographic keys and the proposal list. The authentication request message is sent from the LKM to the initiator channel.

Abstract: There are provided systems and method for a web address determination based on a geo-position of a user. A user may utilize a communication device at a location of an entity to be redirected to an online contact address of the entity. A server may receive a request from the communication device including a request for an online contact address for an entity at the location of the user. The server may then access the location of the user by either receiving the location of the user from the communication device or determining the location of the user by the server. Once the location of the user is accessed, the server may determine the online contact address for the entity at the location of the user. The online contact address may be transmitted to the user for display by the communication device, including display of a website for the entity.

Abstract: A closed loop processing interaction network in which the resource pool source of the user and the resource pool destination are both within the same organization or group of organizations. As such, resources associated with interactions may be distributed directly between the resource pools of the members within the interaction network without having to use the traditional processing networks. The interactions may occur through communication between user computer systems (e.g., mobile devices, or the like) and/or interaction terminals of product providers (e.g., mobile devices, or the like) that are able to handle both traditional processing, as well as closed loop processing. The closed loop interaction network improves the processing speeds, memory requirements, security, and costs associated with processing resources related to interactions.

Abstract: A method of allowing secured access for a web browser of a client computer device to local resources wherein a web server hosting a shipping application executes the shipping application in response to web page requests received from the web browser, the method comprising the steps of: requesting directly to a shipping server agent by the web browser a usage of a web service of the shipping server agent for accessing the local resources, requesting directly to the shipping application by the shipping server agent an authorization for the usage of a web service by the web browser, providing an authorization response from the shipping application directly to the shipping server agent regarding the usage of a web service by the web browser, and accessing local resources by the shipping server agent according to the requesting by the web browser.

Abstract: Aspects of the subject disclosure may include, for example, a method in which a processing system actuates a control processor connected to a network, and configures the control processor to receive signals from equipment of a service provider, so that the control processor is enabled to control remote devices. The processing system selects a device, configures the selected device for control by the control processor, and selects a streaming service to be associated with the selected device. The streaming service delivers audiovisual content in a first stream and provides, via an application programming interface of the streaming service, a control command to the control processor in a second stream. The control processor translates the control command to a device command and transmits the device command to control the selected device. Other embodiments are disclosed.