Abstract: Embodiments provide optimized deployment of workloads. A first workload to be deployed in at least one data center of a plurality of data centers is received. A first plurality of candidate data centers is selected from the plurality of data centers, and the first workload is deployed to each of the first plurality of candidate data centers. A first performance metric is collected from each respective data center of the first plurality of candidate data centers based on execution of the first workload deployed at the respective data centers, and a first optimal data center from the first plurality of candidate data centers is identified based on the first performance metrics. The first workload is removed from each of the first plurality of candidate data centers, other than the identified first optimal data center.

Abstract: Auxiliary navigational assistance is provided by determining, by one or more processors, that a user traveling along a specified travel route with the assistance of a navigation system can use additional navigational assistance at a particular region of the specified travel route. Based on the determining, the one or more processors assign an unmanned vehicle to assist the user in traveling through the particular region along the specified travel route. Further, the one or more processors provide one or more auxiliary instructions to the user's navigation system directing the user to reference the unmanned vehicle within the particular region to assist the user in traveling through the particular region along the specified travel route. In operation, the particular region overlaps only a portion of the specified travel route.

Abstract: Embodiments provide optimized deployment of workloads. A first workload to be deployed in at least one data center of a plurality of data centers is received. A first plurality of candidate data centers is selected from the plurality of data centers, and the first workload is deployed to each of the first plurality of candidate data centers. A first performance metric is collected from each respective data center of the first plurality of candidate data centers based on execution of the first workload deployed at the respective data centers, and a first optimal data center from the first plurality of candidate data centers is identified based on the first performance metrics. The first workload is removed from each of the first plurality of candidate data centers, other than the identified first optimal data center.

Abstract: Methods and systems for use in constraining access to network resources based on notification and compliance requirements. In various examples, an access point or similar device receives and stores notification information (e.g., from a network administrator device) for provision to targeted client devices in a notification message. The access point also receives target criteria for use in identifying target client devices that are accessing or attempting to access network resources via the access point. In some embodiments, access to network resources by a targeted client device is constrained pending completion of a compliance condition requirement associated with a notification message. Various levels of access to network resources may be applied to non-compliant target client devices. Following completion of compliance condition, a target client device is exempted from further receipt of the notification message.

Abstract: Methods and systems for use in constraining access to network resources based on notification and compliance requirements. In various examples, an access point or similar device receives and stores notification information (e.g., from a network administrator device) for provision to targeted client devices in a notification message. The access point also receives target criteria for use in identifying target client devices that are accessing or attempting to access network resources via the access point. In some embodiments, access to network resources by a targeted client device is constrained pending completion of a compliance condition requirement associated with a notification message. Various levels of access to network resources may be applied to non-compliant target client devices. Following completion of compliance condition, a target client device is exempted from further receipt of the notification message.

Abstract: Auxiliary navigational assistance is provided by determining, by one or more processors, that a user traveling along a specified travel route with the assistance of a navigation system can use additional navigational assistance at a particular region of the specified travel route. Based on the determining, the one or more processors assign an unmanned vehicle to assist the user in traveling through the particular region along the specified travel route. Further, the one or more processors provide one or more auxiliary instructions to the user's navigation system directing the user to reference the unmanned vehicle within the particular region to assist the user in traveling through the particular region along the specified travel route. In operation, the particular region overlaps only a portion of the specified travel route.

Abstract: Providing authentication of a device includes determining whether a received passcode entry matches an authorized passcode stored in device memory and when it does not match, executing a notification to indicate that the received passcode is an incorrect passcode and requesting entry of another passcode. In response to determining that a consecutive threshold number of received passcodes do not match an authorized passcode entry stored in the device memory, the device determines whether the threshold number of received passcodes meets a predetermined quality threshold. In response to determining that the threshold number of received passcodes meets the predetermined quality threshold, an alert is transmitted to an authentication service. The device then receives a partial authentication response from the authentication service, and based on the partial authentication response, the device uses an alternate data protection rule for passcode authentication.

Abstract: A mobile device implements a state machine with full authentication, continuous authentication, and invalidation states. To access the device, the full authentication state requires the user to confirm his or her identity using some robust authentication technique. Upon success, the state machine transitions to the continuous authentication state wherein data samples are captured as the user interacts with the device and compared with stored exemplary fingerprints. Preferably, the state machine enforces a negative identification technique to determine whether the individual currently interacting with the touchscreen is not the user from which the exemplary fingerprints were generated. Upon such negative authentication, the state machine transitions to the invalidation state. In this state, operations (e.g., screen lock) are performed to secure the device against an unauthenticated use.

Abstract: A technique for cloud infrastructure backup in a virtualized environment utilizing shared storage includes obtaining a workload input/output (I/O) profile to the shared storage over a time period. An attempt to locate one or more time windows in the workload I/O profile for which a cloud infrastructure backup can be staged is initiated. In response to determining the cloud infrastructure backup can be staged during at least one of the time windows, staging of the cloud infrastructure backup is scheduled during a selected one of the time windows. In response to determining the cloud infrastructure backup cannot be staged during at least one of the time windows, an interference tolerance approach is employed for accessing the shared storage for active workloads and the cloud infrastructure backup during the staging of the cloud infrastructure backup.

Abstract: A mobile device implements a state machine with full authentication, continuous authentication, and invalidation states. To access the device, the full authentication state requires the user to confirm his or her identity using some robust authentication technique. Upon success, the state machine transitions to the continuous authentication state wherein data samples are captured as the user interacts with the device and compared with stored exemplary fingerprints. Preferably, the state machine enforces a negative identification technique to determine whether the individual currently interacting with the touchscreen is not the user from which the exemplary fingerprints were generated. Upon such negative authentication, the state machine transitions to the invalidation state. In this state, operations (e.g., screen lock) are performed to secure the device against an unauthenticated use.

Abstract: A technique for cloud infrastructure backup in a virtualized environment utilizing shared storage includes obtaining a workload input/output (I/O) profile to the shared storage over a time period. An attempt to locate one or more time windows in the workload I/O profile for which a cloud infrastructure backup can be staged is initiated. In response to determining the cloud infrastructure backup can be staged during at least one of the time windows, staging of the cloud infrastructure backup is scheduled during a selected one of the time windows. In response to determining the cloud infrastructure backup cannot be staged during at least one of the time windows, an interference tolerance approach is employed for accessing the shared storage for active workloads and the cloud infrastructure backup during the staging of the cloud infrastructure backup.

Abstract: A technique of backing up a workload in a virtual environment includes identifying one or more files that are associated with the workload. One or more source volumes that include the one or more files are identified. A respective target volume is provisioned for each of the one or more source volumes identified. Only dirty blocks are copied (in a snapshot mode that prevents an update to the one or more source volumes during the snapshot mode) from each of the one or more source volumes to its respective target volume. The one or more dirty blocks are then copied from each target volume to a backup medium.

Abstract: A technique of backing up a workload in a virtual environment includes identifying one or more files that are associated with the workload. One or more source volumes that include the one or more files are identified. A respective target volume is provisioned for each of the one or more source volumes identified. Only dirty blocks are copied (in a snapshot mode that prevents an update to the one or more source volumes during the snapshot mode) from each of the one or more source volumes to its respective target volume. The one or more dirty blocks are then copied from each target volume to a backup medium.

Abstract: A mobile device implements a state machine with full authentication, continuous authentication, and invalidation states. To access the device, the full authentication state requires the user to confirm his or her identity using some robust authentication technique. Upon success, the state machine transitions to the continuous authentication state wherein data samples are captured as the user interacts with the device and compared with stored exemplary fingerprints. Preferably, the state machine enforces a negative identification technique to determine whether the individual currently interacting with the touchscreen is not the user from which the exemplary fingerprints were generated. Upon such negative authentication, the state machine transitions to the invalidation state. In this state, operations (e.g., screen lock) are performed to secure the device against an unauthenticated use.

Abstract: A technique for cloud infrastructure backup in a virtualized environment utilizing shared storage includes obtaining a workload input/output (I/O) profile to the shared storage over a time period. An attempt to locate one or more time windows in the workload I/O profile for which a cloud infrastructure backup can be staged is initiated. In response to determining the cloud infrastructure backup can be staged during at least one of the time windows, staging of the cloud infrastructure backup is scheduled during a selected one of the time windows. In response to determining the cloud infrastructure backup cannot be staged during at least one of the time windows, an interference tolerance approach is employed for accessing the shared storage for active workloads and the cloud infrastructure backup during the staging of the cloud infrastructure backup.

Abstract: A technique of backing up a workload in a virtual environment includes identifying one or more files that are associated with the workload. One or more source volumes that include the one or more files are identified. A respective target volume is provisioned for each of the one or more source volumes identified. Only dirty blocks are copied (in a snapshot mode that prevents an update to the one or more source volumes during the snapshot mode) from each of the one or more source volumes to its respective target volume. The one or more dirty blocks are then copied from each target volume to a backup medium.

Abstract: A mobile device implements a state machine with full authentication, continuous authentication, and invalidation states. To access the device, the full authentication state requires the user to confirm his or her identity using some robust authentication technique. Upon success, the state machine transitions to the continuous authentication state wherein data samples are captured as the user interacts with the device and compared with stored exemplary fingerprints. Preferably, the state machine enforces a negative identification technique to determine whether the individual currently interacting with the touchscreen is not the user from which the exemplary fingerprints were generated. Upon such negative authentication, the state machine transitions to the invalidation state. In this state, operations (e.g., screen lock) are performed to secure the device against an unauthenticated use.

Abstract: A technique of backing up a workload in a virtual environment includes identifying one or more files that are associated with the workload. One or more source volumes that include the one or more files are identified. A respective target volume is provisioned for each of the one or more source volumes identified. Only dirty blocks are copied (in a snapshot mode that prevents an update to the one or more source volumes during the snapshot mode) from each of the one or more source volumes to its respective target volume. The one or more dirty blocks are then copied from each target volume to a backup medium.