Abstract: A communication system includes a node configured to collect ambient data with a sensor, and a docking station configured to couple to the node and to establish a communication path with the node through only one signal along one or two wires. The node includes a first module configured to use a first data communication protocol for receiving commands from the docking station along the communication path, and a second module configured to use a second data communication protocol for sending the ambient data to the docking station along the communication path. The first data communication protocol is different from the second data communication protocol, the first data communication protocol is asynchronous and the second data communication protocol is a modified synchronous protocol.

Abstract: A computerized method of querying a cryptographic data store includes maintaining an encryption configuration data structure. The method includes, in response to receiving a first query, identifying first data and consulting the encryption configuration data structure to identify a first encryption regime for the first data. The method includes, in response to the first encryption regime being a homomorphic encryption regime, determining an operation sequence specified by the first query and consulting the encryption configuration data structure to determine whether the operation sequence is supported by the first encryption regime. The method includes, in response to determining that the operation sequence is supported, commissioning homomorphic execution of the operation sequence on the first data to generate encrypted output data. The method includes, selectively returning the encrypted output data to the first requestor via the API in response to the first query.

Abstract: Systems, methods, network devices, and machine-readable media disclosed herein include executing a secure algorithm for computing on a plurality of machines in a cluster by receiving a large input message and dividing the large input message into a plurality of initial input messages, computing an encryption of initial input messages, and evaluating a cluster computing circuit using a homomorphic encryption scheme.

Abstract: Implementing artificial intelligence, specifically, machine learning techniques to identify malicious emails and, in response, identifying and conducting actions, including reporting the malicious emails to identified internal and/or external entities and preventing the malicious emails from being delivered to email client mailboxes. The machine learning techniques rely on malicious email patterns identified, at least, from previously identified malicious emails and data resulting from continuously crawling the Web and threat intelligence sources. Further, the email clients may be configured to include an add-on feature in which the user can provide a single input to report the email as being suspicious, which results in further analysis to determine whether the email is, in fact, a malicious email.

Abstract: Techniques for using establishing a communication session using a third-party (3P) communications service are described. When a request is received to integrate the 3P service with a first-party (1P) service, a username and password associated with the 3P service are sent to it, and a contact list associated with the 3P service is received in return. When a user of a first device sends a request to communicate with a recipient, if the recipient is represented in the 3P contact list, the system sends a request to the second communication system to establish a communication session.

Abstract: An administrator can initiate an automatic software update to a network appliance that is configured as a cluster of nodes. The update is performed sequentially on a node-by-node basis in order to maintain availability and performance of the network appliance during the update.

Abstract: A method of software gateways of a building, the method including generating a ledger file including a description of a first software gateway, wherein the ledger file further includes first point assignments for the first software gateway and second point assignments for a second software gateway, wherein a first computing system implements the first software gateway and a second computing system implements the second software gateway and communicating the ledger file to the first software gateway and the second software gateway. The method further including managing, by the first software gateway, first points of the first point assignments based on the ledger file and managing, by the second software gateway, second points of the second point assignments based on the ledger file and determining, by the second software gateway, a status of the first software gateway based on the description of the first software gateway of the ledger file.

Abstract: Some embodiments of the invention provide a method for implementing an edge device that handles data traffic between a logical network and an external network. The method monitors resource usage of a node pool that includes multiple nodes that each executes a respective set of pods. Each of the pods is for performing a respective set of data message processing operations for at least one of multiple logical routers. The method determines that a particular node in the node pool has insufficient resources for the particular node's respective set of pods to adequately perform their respective sets of data message processing operations. Based on the determination, the method automatically provides additional resources to the node pool by instantiating at least one additional node in the node pool.

Abstract: Methods, systems, and computer-readable media for delivery of log records to stateless clients are disclosed. A record delivery system receives, from a client, a first request to read from a persistent log comprising an ordered sequence of records. The first request is associated with a receiver session. The system sends a first set of records to the client and stores a data structure indicating that the first set of records was sent to the client in the receiver session. The system receives, from the client, a second request to read from the persistent log in the receiver session. Based at least in part on the data structure, the system determines a second set of one or more records in the persistent log. The system sends the second set of records to the client.

Abstract: A method of browser-based target data extraction includes: storing a browser application and a browser extension, the browser extension containing a predefined network identifier of a server; at a controller of the client computing device interconnected with the memory, executing the browser application to retrieve a web page containing target data; at the controller, responsive to retrieving the web page, executing the browser extension simultaneously with the browser application for: capturing a portion of the web page containing the target data; responsive to capturing the portion, automatically generating an overlay interface including the target data; controlling a display of the client computing device to present the overlay with the web page; receiving an operator command at the overlay via an input assembly of the client computing device; and when the operator command is a confirmation command, transmitting the target data to the server using the predefined network identifier.

Abstract: A novel architecture for a data sharing system (DSS) is disclosed and seeks to ensure the privacy and security of users' personal information. In this type of network, a user's personally identifiable information is stored and transmitted in an encrypted form, with few exceptions. The only key with which that encrypted data can be decrypted, and thus viewed, remains in the sole possession of the user and the user's friends/contacts within the system. This arrangement ensures that a user's personally identifiable information cannot be examined by anyone other than the user or his friends/contacts. This arrangement also makes it more difficult for the web site or service hosting the DSS to exploit its users' personally identifiable information. Such a system facilitates the encryption, storage, exchange and decryption of personal, confidential and/or proprietary data.

Abstract: A method for detecting identity theft or identity change in managed computing systems is disclosed. An apparatus and computer program product also perform the functions of the method. The method includes identifying that a unique identifier of a first computing device assigned a first IP address matches a unique identifier of a second computing device assigned a second IP address and, in response to identifying that the unique identifier of the first computing device matches the unique identifier of the second computing device, sending a test message to the first computing device using the first IP address. The method includes sending an alert of a possible malicious event in response to receiving a response to the test message and sending an alert of a possible misconfiguration in response to a failure to receive a response to the test message.

Abstract: Provided is a server delay control device deployed in a kernel of an OS of a server. The OS includes: the kernel; a ring buffer managed by the kernel, in a memory space in which the server deploys the OS; and a poll list in which packet arrival information indicative of the presence of a packet in the ring buffer is to be registered. The server delay control device spawns a thread configured to monitor a packet arrival according to a polling model. The thread includes: a packet arrival monitoring part configured to monitor whether the packet arrival information has been registered in the poll list, and a packet dequeuer configured to, when the packet arrival information has been registered in the poll list, dequeue the packet from the ring buffer on the basis of the packet arrival information.

Abstract: A method for protecting the integrity of measurement data acquired by a sensor includes: in response to the measurement data being acquired, determining, by the sensor, whether an aggregate value has already been generated, and: if the aggregate value has not yet been obtained, mapping, by a predetermined aggregation function that takes the measurement data as a mandatory argument and a previously generated aggregate value as an optional argument, the measurement data to the aggregate value; whereas if the aggregate value has already been obtained, mapping, by the predetermined aggregation function, the combination of the aggregate value and the measurement data to a new aggregate value; and in response to a predetermined condition being met, computing, using a secret key of the sensor, a signature of the aggregate value; and outputting the signature via a communication interface of the sensor, and/or storing the signature in a memory.

Abstract: A method for operation of a broadband access network of a telecommunications network includes: a central office point of delivery and/or a load management entity or functionality thereof detects that an increased load situation is currently happening or determines that an increased load situation is likely to happen or that a specific task is to be performed; the central office point of delivery triggers the use of additional virtualized network functions and/or additional micro services and an additional message router and load balancing entity for handling the increased load situation and/or for performing specific tasks within the telecommunications network and/or within the central office point of delivery; and upon detection of a normal load situation, the central office point of delivery releases the use of the additional virtualized network functions and/or additional micro services and the use of the additional message router and load balancing entity.

Abstract: This disclosure describes methods of operating a leaf node device, such as a switch device, connected to a switch fabric of a network. The leaf node device receives, from another leaf node device via the switch fabric, an indication of a secure route to a host device. In response to receiving the indication of the secure route, the leaf node device creates or updates a routing entry for the host device in a routing information base of the leaf node device and creates or updates an entry for the host device in a Dynamic Host Configuration Protocol (DHCP) snoop database of the leaf node device. The leaf node may thereby communicate with the host device that is attached to the leaf node device as a result of moving from the other leaf node device.

Abstract: A system may identify a resource deployed in a computer, where discovery protocol data traffic is unencrypted. The system may receive metadata associated with the discovery protocol data traffic, update the computer network based at least in part on the information included in the metadata, and provide a response to the client. The system may authenticate a request from the client to access the resource using an encrypted protocol, and provide, to the client, access to the resource upon authentication, according to a resource attribute.

Abstract: Example implementations include a method, apparatus, and computer-readable medium comprising receiving, by a control panel of a security or automation system of a premises, an indication of an update in a configuration of a router that is configured to support an Internet protocol “IP” network at the premises; and updating the configuration of the router by the control panel in response to receiving the indication.

Abstract: Techniques for internet protocol (IP) messages via short message service (SMS) are described and may be implemented via a wireless device to enable messages originated via an IP technique (e.g., an IP application) to be converted to SMS messages when a condition occurs that prevents sending and/or receiving an IP message.

Abstract: A system, method, and computer-readable medium for performing a data center connectivity management operation. The connectivity management operation includes: providing a data center asset with and an embedded data center asset client module; establishing a connection between the embedded data center asset client module and a connectivity management system, the connectivity management system comprising a connectivity management system aggregator; and, communicating between the embedded data center asset client module and the connectivity management system.