Abstract: Approaches presented herein enable performing an oral health diagnosis of a user using an oral monitoring device fixed in the oral cavity. Specifically, an oral monitoring device collects jaw movement data as a user goes about daily living. An oral healthcare analysis is performed comparing current measurement data against abnormality classifications to identify abnormal jaw movement. If an abnormality is identified, an oral healthcare professional can be notified.

Abstract: Approaches presented herein enable performing an oral health diagnosis of a user using an oral monitoring device fixed in the oral cavity. Specifically, an oral monitoring device collects jaw movement data as a user goes about daily living. An oral healthcare analysis is performed comparing current measurement data against abnormality classifications to identify abnormal jaw movement. If an abnormality is identified, an oral healthcare professional can be notified.

Abstract: Brainwaves from a group of human tasters are detected while the group tastes a dish at a group of sampling points. Chef dish sensor data for the dish is collected by a computer system, from a sensor system at the group of sampling points. An identifier artificial intelligence system is trained to output chef dish sensory parameters for the dish using the brainwaves and the chef dish sensor data. A controller artificial intelligence system that controls a robot is trained to prepare the dish such that deviations between robot dish sensory parameters output by the identifier artificial intelligence system using robot dish sensor data for the dish prepared by the robot and the chef dish sensory parameters are reduced to a desired level, enabling the robotic chef to prepare the dish using the identifier artificial intelligence system and the controller artificial intelligence system controlling the robot.

Abstract: Brainwaves from a group of human tasters are detected while the group tastes a dish at a group of sampling points. Chef dish sensor data for the dish is collected by a computer system, from a sensor system at the group of sampling points. An identifier artificial intelligence system is trained to output chef dish sensory parameters for the dish using the brainwaves and the chef dish sensor data. A controller artificial intelligence system that controls a robot is trained to prepare the dish such that deviations between robot dish sensory parameters output by the identifier artificial intelligence system using robot dish sensor data for the dish prepared by the robot and the chef dish sensory parameters are reduced to a desired level, enabling the robotic chef to prepare the dish using the identifier artificial intelligence system and the controller artificial intelligence system controlling the robot.

Abstract: A construct having a plurality of distributed resources can include a portion of a second rack having a plurality of computing devices controlled by a second management node. The second management node can determine it contains insufficient construct data such as user data, group data, resource data, or authorization policy data to execute an operation associated with the construct. The second management node can synchronize at least a portion of construct data with a first management node. The first management node can be associated with the construct and a mutual trust relationship can exist between the first management node and the second management node. The first management node and the second management node can comprise autonomous management nodes capable of functioning independent of the network.

Abstract: A new management node associated with a new rack sends at least a public key of the new management node to a first management node associated with a first rack and a plurality of autonomous management nodes. The first management node sends the new management node an access token trusted by at least a portion of the plurality of autonomous management nodes and a set of public keys corresponding to at least a portion of the plurality of autonomous management nodes. The new management node can send its public key and the access token to at least a portion of the plurality of autonomous management nodes. In response, the new management node can establish a mutual trust relationship with at least a portion of the plurality of autonomous management nodes.

Abstract: A new management node associated with a new rack sends at least a public key of the new management node to a first management node associated with a first rack and a plurality of autonomous management nodes. The first management node sends the new management node an access token trusted by at least a portion of the plurality of autonomous management nodes and a set of public keys corresponding to at least a portion of the plurality of autonomous management nodes. The new management node can send its public key and the access token to at least a portion of the plurality of autonomous management nodes. In response, the new management node can establish a mutual trust relationship with at least a portion of the plurality of autonomous management nodes.

Abstract: A mobile device implements a state machine with full authentication, continuous authentication, and invalidation states. To access the device, the full authentication state requires the user to confirm his or her identity using some robust authentication technique. Upon success, the state machine transitions to the continuous authentication state wherein data samples are captured as the user interacts with the device and compared with stored exemplary fingerprints. Preferably, the state machine enforces a negative identification technique to determine whether the individual currently interacting with the touchscreen is not the user from which the exemplary fingerprints were generated. Upon such negative authentication, the state machine transitions to the invalidation state. In this state, operations (e.g., screen lock) are performed to secure the device against an unauthenticated use.

Abstract: A first management node of a first rack can be registered to a shared file storage system by establishing a mutual trust relationship between the first management node and the shared file storage system. The first management node can access a plurality of respective public keys and a plurality of respective certificates of authority that are stored in the shared file storage system and associated with a plurality of respective registered management nodes. The first management node can store a public key and a certificate of authority in the shared file storage system. The first management node can form mutual trust relationships with other registered management nodes. The first management node can validate authenticity of messages received from registered management nodes of the plurality of registered management nodes using a respective public key and a respective certificate of authority associated with a respective registered management node sending a message.

Abstract: Disclosed aspects relate to wireless power distribution management in an open environment. A key-pair identifier is established in a master server. The key-pair identifier can indicate both a first wireless power target device and a first wireless power source distribution center. The master server detects an indication of a wireless power coupling between the first wireless power target device and a second wireless power source distribution center. A usage assessment is determined for the wireless power coupling by the master server using the key-pair identifier. The usage assessment can relate to the first wireless power source distribution center. The master server may provide or output the usage assessment for the wireless power coupling.

Abstract: Exposure of sensitive information to users is controlled using a first security token containing user identity and user credentials to represent the user who requests services, and a second security token containing two other identities, one identifying the token issuer and the other identifying the owning process. When requesting services, the token-owning process sends a security token to indicate who is making the request, and uses its key to digitally sign the request. The token-owning process signs the request to indicate that it endorses the request.

Abstract: An approach is provided that authenticates, at an on-line distributor, an end user that has connected to the distributor over a communications network. One or more sets of rules are sent from the distributor to one or more vendor sites. The distributor receives vendor product data pertaining to the vendor sites. The vendor product data received from the vendor sites is based on the sets of rules sent to the respective vendors. A product request is received at the distributor from the authenticated end user. The vendor product data received at the distributor is queried using a query that is based on the product request with the query resulting in a search result that is returned to the end user.

Abstract: Exposure of sensitive information to users is controlled using a first security token containing user identity and user credentials to represent the user who requests services, and a second security token containing two other identities, one identifying the token issuer and the other identifying the owning process. When requesting services, the token-owning process sends a security token to indicate who is making the request, and uses its key to digitally sign the request. The token-owning process signs the request to indicate that it endorses the request.

Abstract: A mobile device implements a state machine with full authentication, continuous authentication, and invalidation states. To access the device, the full authentication state requires the user to confirm his or her identity using some robust authentication technique. Upon success, the state machine transitions to the continuous authentication state wherein data samples are captured as the user interacts with the device and compared with stored exemplary fingerprints. Preferably, the state machine enforces a negative identification technique to determine whether the individual currently interacting with the touchscreen is not the user from which the exemplary fingerprints were generated. Upon such negative authentication, the state machine transitions to the invalidation state. In this state, operations (e.g., screen lock) are performed to secure the device against an unauthenticated use.

Abstract: A new management node associated with a new rack sends at least a public key of the new management node to a first management node associated with a first rack and a plurality of autonomous management nodes. The first management node sends the new management node an access token trusted by at least a portion of the plurality of autonomous management nodes and a set of public keys corresponding to at least a portion of the plurality of autonomous management nodes. The new management node can send its public key and the access token to at least a portion of the plurality of autonomous management nodes. In response, the new management node can establish a mutual trust relationship with at least a portion of the plurality of autonomous management nodes.

Abstract: Cross-Site Request Forgery attacks are mitigated by a CSRF mechanism executing at a computing entity. The CSRF mechanism is operative to analyze information associated with an HTTP request for a resource. The HTTP request typically originates as an HTTP redirect from another computing entity, such as an enterprise Web portal. Depending on the nature of the information associated with the HTTP request, the HTTP request may be rejected because the CSRF mechanism determines that the request is or is likely associated with a CSRF attack. To facilitate this determination, the approach leverages a new type of “referer” attribute, a trustedReferer, which indicates that the request originates from a server that has previously established a trust relationship with the site at which the CSRF mechanism executes. The trustedReferer attribute typically is set by the redirecting entity, and in an HTTP request header field dedicated for that attribute.

Abstract: A first management node of a first rack can be registered to a shared file storage system by establishing a mutual trust relationship between the first management node and the shared file storage system. The first management node can access a plurality of respective public keys and a plurality of respective certificates of authority that are stored in the shared file storage system and associated with a plurality of respective registered management nodes. The first management node can store a public key and a certificate of authority in the shared file storage system. The first management node can form mutual trust relationships with other registered management nodes. The first management node can validate authenticity of messages received from registered management nodes of the plurality of registered management nodes using a respective public key and a respective certificate of authority associated with a respective registered management node sending a message.

Abstract: A method of establishing, configuring, and managing a transient social group includes identifying, through a processor, at least one communication hub associated with the transient social group, linking to the at least one communication hub through at least one communication protocol, and developing, through the processor, a communication path through the at least one communication hub to connect a first peer of the transient social group with a second peer of the transient social group using the at least one communication protocol.

Abstract: A construct having a plurality of distributed resources can include a portion of a second rack having a plurality of computing devices controlled by a second management node. The second management node can determine it contains insufficient construct data such as user data, group data, resource data, or authorization policy data to execute an operation associated with the construct. The second management node can synchronize at least a portion of construct data with a first management node. The first management node can be associated with the construct and a mutual trust relationship can exist between the first management node and the second management node. The first management node and the second management node can comprise autonomous management nodes capable of functioning independent of the network.

Abstract: Exposure of sensitive information to users is controlled using a first security token containing user identity and user credentials to represent the user who requests services, and a second security token containing two other identities, one identifying the token issuer and the other identifying the owning process. When requesting services, the token-owning process sends a security token to indicate who is making the request, and uses its key to digitally sign the request. The token-owning process signs the request to indicate that it endorses the request.