Abstract: A method of software gateways of a building, the method including generating a ledger file including a description of a first software gateway, wherein the ledger file further includes first point assignments for the first software gateway and second point assignments for a second software gateway, wherein a first computing system implements the first software gateway and a second computing system implements the second software gateway and communicating the ledger file to the first software gateway and the second software gateway. The method further including managing, by the first software gateway, first points of the first point assignments based on the ledger file and managing, by the second software gateway, second points of the second point assignments based on the ledger file and determining, by the second software gateway, a status of the first software gateway based on the description of the first software gateway of the ledger file.

Abstract: Some embodiments of the invention provide a method for implementing an edge device that handles data traffic between a logical network and an external network. The method monitors resource usage of a node pool that includes multiple nodes that each executes a respective set of pods. Each of the pods is for performing a respective set of data message processing operations for at least one of multiple logical routers. The method determines that a particular node in the node pool has insufficient resources for the particular node's respective set of pods to adequately perform their respective sets of data message processing operations. Based on the determination, the method automatically provides additional resources to the node pool by instantiating at least one additional node in the node pool.

Abstract: Methods, systems, and computer-readable media for delivery of log records to stateless clients are disclosed. A record delivery system receives, from a client, a first request to read from a persistent log comprising an ordered sequence of records. The first request is associated with a receiver session. The system sends a first set of records to the client and stores a data structure indicating that the first set of records was sent to the client in the receiver session. The system receives, from the client, a second request to read from the persistent log in the receiver session. Based at least in part on the data structure, the system determines a second set of one or more records in the persistent log. The system sends the second set of records to the client.

Abstract: A method of browser-based target data extraction includes: storing a browser application and a browser extension, the browser extension containing a predefined network identifier of a server; at a controller of the client computing device interconnected with the memory, executing the browser application to retrieve a web page containing target data; at the controller, responsive to retrieving the web page, executing the browser extension simultaneously with the browser application for: capturing a portion of the web page containing the target data; responsive to capturing the portion, automatically generating an overlay interface including the target data; controlling a display of the client computing device to present the overlay with the web page; receiving an operator command at the overlay via an input assembly of the client computing device; and when the operator command is a confirmation command, transmitting the target data to the server using the predefined network identifier.

Abstract: A novel architecture for a data sharing system (DSS) is disclosed and seeks to ensure the privacy and security of users' personal information. In this type of network, a user's personally identifiable information is stored and transmitted in an encrypted form, with few exceptions. The only key with which that encrypted data can be decrypted, and thus viewed, remains in the sole possession of the user and the user's friends/contacts within the system. This arrangement ensures that a user's personally identifiable information cannot be examined by anyone other than the user or his friends/contacts. This arrangement also makes it more difficult for the web site or service hosting the DSS to exploit its users' personally identifiable information. Such a system facilitates the encryption, storage, exchange and decryption of personal, confidential and/or proprietary data.

Abstract: A method for detecting identity theft or identity change in managed computing systems is disclosed. An apparatus and computer program product also perform the functions of the method. The method includes identifying that a unique identifier of a first computing device assigned a first IP address matches a unique identifier of a second computing device assigned a second IP address and, in response to identifying that the unique identifier of the first computing device matches the unique identifier of the second computing device, sending a test message to the first computing device using the first IP address. The method includes sending an alert of a possible malicious event in response to receiving a response to the test message and sending an alert of a possible misconfiguration in response to a failure to receive a response to the test message.

Abstract: Provided is a server delay control device deployed in a kernel of an OS of a server. The OS includes: the kernel; a ring buffer managed by the kernel, in a memory space in which the server deploys the OS; and a poll list in which packet arrival information indicative of the presence of a packet in the ring buffer is to be registered. The server delay control device spawns a thread configured to monitor a packet arrival according to a polling model. The thread includes: a packet arrival monitoring part configured to monitor whether the packet arrival information has been registered in the poll list, and a packet dequeuer configured to, when the packet arrival information has been registered in the poll list, dequeue the packet from the ring buffer on the basis of the packet arrival information.

Abstract: A method for operation of a broadband access network of a telecommunications network includes: a central office point of delivery and/or a load management entity or functionality thereof detects that an increased load situation is currently happening or determines that an increased load situation is likely to happen or that a specific task is to be performed; the central office point of delivery triggers the use of additional virtualized network functions and/or additional micro services and an additional message router and load balancing entity for handling the increased load situation and/or for performing specific tasks within the telecommunications network and/or within the central office point of delivery; and upon detection of a normal load situation, the central office point of delivery releases the use of the additional virtualized network functions and/or additional micro services and the use of the additional message router and load balancing entity.

Abstract: A method for protecting the integrity of measurement data acquired by a sensor includes: in response to the measurement data being acquired, determining, by the sensor, whether an aggregate value has already been generated, and: if the aggregate value has not yet been obtained, mapping, by a predetermined aggregation function that takes the measurement data as a mandatory argument and a previously generated aggregate value as an optional argument, the measurement data to the aggregate value; whereas if the aggregate value has already been obtained, mapping, by the predetermined aggregation function, the combination of the aggregate value and the measurement data to a new aggregate value; and in response to a predetermined condition being met, computing, using a secret key of the sensor, a signature of the aggregate value; and outputting the signature via a communication interface of the sensor, and/or storing the signature in a memory.

Abstract: A system may identify a resource deployed in a computer, where discovery protocol data traffic is unencrypted. The system may receive metadata associated with the discovery protocol data traffic, update the computer network based at least in part on the information included in the metadata, and provide a response to the client. The system may authenticate a request from the client to access the resource using an encrypted protocol, and provide, to the client, access to the resource upon authentication, according to a resource attribute.

Abstract: This disclosure describes methods of operating a leaf node device, such as a switch device, connected to a switch fabric of a network. The leaf node device receives, from another leaf node device via the switch fabric, an indication of a secure route to a host device. In response to receiving the indication of the secure route, the leaf node device creates or updates a routing entry for the host device in a routing information base of the leaf node device and creates or updates an entry for the host device in a Dynamic Host Configuration Protocol (DHCP) snoop database of the leaf node device. The leaf node may thereby communicate with the host device that is attached to the leaf node device as a result of moving from the other leaf node device.

Abstract: Example implementations include a method, apparatus, and computer-readable medium comprising receiving, by a control panel of a security or automation system of a premises, an indication of an update in a configuration of a router that is configured to support an Internet protocol “IP” network at the premises; and updating the configuration of the router by the control panel in response to receiving the indication.

Abstract: Techniques for internet protocol (IP) messages via short message service (SMS) are described and may be implemented via a wireless device to enable messages originated via an IP technique (e.g., an IP application) to be converted to SMS messages when a condition occurs that prevents sending and/or receiving an IP message.

Abstract: A system, method, and computer-readable medium for performing a data center connectivity management operation. The connectivity management operation includes: providing a data center asset with and an embedded data center asset client module; establishing a connection between the embedded data center asset client module and a connectivity management system, the connectivity management system comprising a connectivity management system aggregator; and, communicating between the embedded data center asset client module and the connectivity management system.

Abstract: A user equipment (UE) is configured with operations to determine whether a network supports non-voice IP Multimedia Subsystem (IMS) services. The UE determines whether a network with which the UE is communicating supports a non-voice IP Multimedia Subsystem (IMS) service and when the network supports the non-voice IMS service, initiates an IMS Protocol Data Unit (PDU) session establishment with the network.

Abstract: A system includes a memory and a processor coupled to the memory. The processor receives a voice command from a first user to transfer a first amount of data objects from a first data file of the first user to a second data file of a second user. The processor generates a voice signature of the first user and further generates a virtual device in the virtual environment, wherein the virtual device comprises metadata relating to the transfer of the data objects. The processor presents the virtual device and the voice signature to the second user in the virtual environment. The processor receives a selection from the second user of the voice signature and plays the voice signature on a second user device of the second user. The processor receives an acknowledgement from the second user and initiates the requested transfer of data objects to the second user.

Abstract: A method for creation of a secured connection for an inoperable virtual machine includes receiving a token at an on-host service running on an inoperable virtual machine (“VM”) on a server. The token is generated by a remote service person. The method includes receiving a user generated password from a user having direct access to the on-host service. The method includes creating a secured connection, using the token and password, between the on-host service and a remote server of the service person. The method includes transmitting a VM identifier of the inoperable VM to the user and receiving communications from the remote server. The communications include commands for the inoperable VM. The service person accesses the on-host service and inoperable VM using the VM identifier and the password. The password and VM identifier are transmitted to the service person by the user via a channel separate from the secured connection.

Abstract: An example method matches content, such as files and file snippets, using one or more scalable knowledge bases. The example method includes the following operations: receiving input content through a user interface; generating a whole file signature representing an entirety of the input content, where the whole file signature is based on a hash of the input content; searching a first knowledge base for a file having a whole file signature that matches the generated whole file signature; processing the input content to identify a snippet of content in a second knowledge base based on signature vector corresponding to the input content; generating a report based on at least one of the file or the snippet of content; and displaying the report on a user interface.

Abstract: According to one general aspect, an apparatus may include a machine learning system. The machine learning system may include a precision determination circuit configured to: determine a precision level of data, and divide the data into a data subdivision. The machine learning system may exploit sparsity during the computation of each subdivision. The machine learning system may include a load balancing circuit configured to select a load balancing technique, wherein the load balancing technique includes alternately loading the computation circuit with at least a first data/weight subdivision combination and a second data/weight subdivision combination. The load balancing circuit may be configured to load a computation circuit with a selected data subdivision and a selected weight subdivision based, at least in part, upon the load balancing technique.

Abstract: Methods and systems for enrolling a camera into a video surveillance system are described herein. A display of a mobile device may be used to display visual information indicative of enrollment information for enrolling the camera into the video surveillance system. The camera reads the visual information to obtain the enrollment information. The camera transmits an enrollment request to a server of the video surveillance system based on the enrollment information. The server enrolls the camera into the video surveillance system based on the enrollment request. The methods and systems described herein may be used for enrolling any suitable networked device into a system.