Abstract: The present invention relates to several techniques for managing the contents of proxy tables in ways that optimize performance, latency, and reliability for communication networks, while ensuring a certain number of early-acting proxies per restricted device. An entity is allowed to keep a required number of proxies per resource-restricted device by removing or adding proxy table entries. Furthermore, the entity is allowed to keep track of early-acting proxies based on forwarding strategies, reporting strategies and/or polling strategies. Thereby, proxy table entries can be controlled to optimize overall system performance and reliability characteristics.

Abstract: In a system that includes two or more computing systems connected to a computer network, a network control and synchronization (NetSync) application controls the in-sync playback of media files across different computing systems in the network, where each computing system is playing a local version of a media file using a local instance of a Media player. The NetSync application receives status messages from all Media players and controls the playback of all media files by sending them playback commands based on the received status messages, so that video playback among the players is in sync with a Master Media player. Alternatively, media playback across all Media players is based on user-entered playback commands, such as Play, Pause, Stop, and the like, entered using either the NetSync application interface or NetSync command scripts.

Abstract: A peer-to-peer (P2P) content delivery network delivers select data files to an end user. The content delivery network provides a client, a P2P gateway server, and a Resource Name Server (RNS) within a computer-populated network. The RNS caches data resource locations within the computer-populated network and resolves resource requests with optimal data resource locations within the computer-populated network. The gateway server requests and receives optimal data resource locations via the RNS; requests and receives data files from the computer-populated network via the optimal data resource locations; and processing received data files for data file delivery to the client. The network thus enables an origin-agnostic data delivery method for optimally delivering select data files to an end user.

Abstract: A system and method for domain control validation is presented. At a certificate authority a request is received. The request includes a certificate signing request and a first Internet protocol address. The certificate signing request identifies a domain and a certificate. A second Internet protocol address for the domain is retrieved from a domain name system. When the first Internet protocol address is the same as the second Internet protocol address, the certificate is signed, and the signed certificate is transmitted to a requester of the request. When the first Internet protocol address is not the same as the second Internet protocol address, the certificate signing request is rejected.

Abstract: Methods and apparatuses for streaming content including a base layer and an enhancement layer. According to one implementation, a first stream is fetched including the base layer from an internet server storing the base layer. A second stream is fetched including the enhancement layer from a local storage with the local storage being in communication with a media player through a local area network or a bus. The base layer and the enhancement layer are combined to render the content at a higher resolution than just the base layer.

Abstract: A method and a random bit generator for generating a random output bit sequence. In this method, a configuration of 2n state machines is used, the state machines each including n state bits, each state machine always assuming a different state than the other state machines of the configuration, an input signal being supplied to the input end of the state machines, and these each generating n signature bits, which together form a signature bit sequence, as a function of their state, the random output bit sequence being generated by selection of individual bits from the signature bit sequences of all state machines of the configuration.

Abstract: A communication system facilitating the establishment of a channel of communication for multiple electronic communication devices includes a registration server. The system also includes a plurality of enabled electronic communication devices in communication with the registration server. Each of the plurality of enabled electronic communication devices including an application programming interface enabling communication with the registration server. The communication server further includes a local communication network and a global communication network.

Abstract: A management server is provided with an accepting unit for accepting identification information identifying an application, a specifying unit adapted for specifying a part or all of candidate users satisfying all of conditions out of one or more users with whom a request user's friendship is built in one or more utilized applications that the request user has utilized, a first condition in which the candidate user utilizes the application identified by the identification information, a second condition in which the request user's friendship with the candidate user has not been built in the identified application, a third condition in which a friend upper limit is not encountered, and a display controlling unit adapted for displaying the part or all of the candidate users specified by the specifying unit in the terminal device of the request user in order to select one or more users from the part or all of the candidate users.

Abstract: Techniques described herein may use perceptual quality measurement techniques to test and/or evaluate communication sessions between mobile devices. A method may include receiving, by a mobile device and as part of an audio or video call with a second mobile device, a streamed version of a reference audio or video file; and reading a version of the reference audio or video file that was previously stored locally to the mobile device. The method may further include calculating, based on a comparison of the streamed version of the reference audio or video file to the version of the reference audio video file that was stored locally, a perceptual quality score for the streamed version of the reference audio or video file.

Abstract: An approach for providing hierarchical pattern recognition of communication network data is described. A network security brain platform may process communication network data associated with one or more levels of communication network hierarchies. The network security brain platform may further determine a network information pattern of the communication network data based on one or more network information pattern models. The network security brain platform may also identify a network service issue based on the determined network information pattern. The network information pattern may include a network security pattern.

Abstract: A method is presented for secure communication, the method including generating a signature using a private key, a nonce, and at least one of an identifier and a key component; and transmitting the signature, the nonce, a security parameter, and the at least one of the identifier and the key component, wherein the security parameter associates a user identity with a public key, the public key being associated with the private key.

Abstract: A system allows just-in-time checking of information about an email in which a hyperlink is embedded. Upon receipt of the email containing the hyperlink, the resource locator of the hyperlink is modified to allow checking the reputation of the email upon traversal of the hyperlink. At traversal of the hyperlink, the current reputation of the resource locator and the current reputation of the email are both determined, and one or more actions are performed responsive to the determination.

Abstract: Embodiments of the disclosure relate to controlling access to email content. According to various embodiments as described herein, an email message may be accessed by a computing device to identify a uniform resource locator (URL) within the email message, wherein the URL corresponds to a resource residing in a protected location that is not accessible by a native browser application of the client device. The computing device may determine whether the client device is permitted to access the URL and request access to the resource via the secure browser application of the client device upon a determination that the client device is permitted to access the resource in accordance with the at least one resource rule.

Abstract: A navigation system for use in a luminal network of a patient, such as the airways, that is able to analyze a three-dimensional model of the luminal network and automatically determine a pathway from an entry point to a designated target. The system further automatically assigns waypoints along the determined pathway in order to assist a physician in navigating a probe to the designated target.

Abstract: A computerized device transmits an access request to a data communications device of a network in an attempt to access network resources within the network. The data communications device, in response and in real-time, transmits a challenge request to the computerized device that directs the computerized device to retrieve configuration, or posture, credentials associated with the computerized device. A policy server receives the challenge response and, based upon a real-time analysis of the posture credentials of the computerized device, determines a security state of the computerized device and either provides some level or denies the computerized device access to the network resources based upon the analysis of posture.

Abstract: A home gateway, which enables communication with a plurality of devices, recovers a root-content key from a key server of a service provider for secure delivery of content requested by a client device. The recovered root-content key is utilized to generate a content key for corresponding content scrambling. The home gateway communicates the scrambled content to the client device. The home gateway utilizes the RSA protocol to request the root-content key from the key server. The root-content key is recovered from the received key index. The content key is encrypted utilizing a public key and delivered to the client device. The key server distributes the public key to the gateway through authentication messages. The client device utilizes its own private key to recover the content key by decrypting the encrypted content key. The scrambled content from the home gateway is descrambled using the recovered content key for content consumption.

Abstract: This disclosure generally relates to the generation of a packet signature for packets determined to correspond to a network attack, such as a denial of service (“DoS”) attack. Specifically, a set of data packets captured during normal system operations can be analyzed to determine a set of baseline attributes. Additional packets captured during an attack can be compared to the baseline attributes, to determine, for individual packets, a probability that the packet forms a part of the attack. A packet signature can then be generated to identify attributes that are characteristic of the attack. That signature can then be used to filter out packets and mitigate the attack.

Abstract: Secure network systems and methods are provided. In an aspect of the invention, a secure network system is provided that includes a computing system that comprises a client system and a specialized NIC (network interface controller) system equipped with the capability to form a secure connection with an endpoint system and encrypt and decrypt communications between the client system and the network to which it is connected. This trusted network interface (TNI), which may present itself as a physical peripheral connected to a physical client system or a virtual peripheral connected to a virtual client system, takes the place of a client system's standard NIC, and the connection that it forms with the trusted network is negotiated and enforced externally to and independent of the client system.

Abstract: Use of an application to engage services on behalf of a third party is contemplated. The services may be engaged one behalf of the third party with delivery of a third party permission to a Web service, optionally with the third party permission being recognized in the form of an access token (accessToken) provided from the application to the Web service without requiring the application to interact with an user-agent used to obtain the third party permission.

Abstract: An automatic method for measuring three-dimensional coordinates by a laser tracker includes determining whether a retroreflector is accessible within an acceptance region of an inspection location and, if not, taking corrective action.