Abstract: The present application relates to a method for generating a random sample of an arbitrary distribution. The method includes precomputing a cumulative distribution table (CDT) of the distribution; storing the CDT in an array of range matching content-addressable memory (CAM) cells; inputting data through a search line (SL); comparing the input data against stored data in the CDT using the array of range matching CAM cells; when the input data match the stored data, turning on all pass gates that are controlled by logic gates and shorting a match line (ML) from MSB to LSB; and determining the range matching result on the ML and outputting data points corresponding to an index of the matched row in CDT, when the input data do not match the stored data, determining an interval of stored data that the input data falls into, and outputting the data points corresponding to the interval.

Abstract: In accordance with one disclosed method, a determination may be made that a user has provided a first input to a client device to begin taking an action with respect to an application presented in a first window of an operating system while the first window is an active window of the operating system. It may then be determined that a second window has become the active window of the operating system, and that the user has not provided a second input to the client device to complete the action with respect to the application. Based at least in part on the second window having become the active window and the user not having provided the second input, the client device may be caused to present a notification indicative of the action being incomplete.

Abstract: A computing device includes an image sensor, an IMU, a display, and a processor coupled to the image sensor, the IMU, and the display. The processor is configured to generate a GUI current screen on the display. The GUI current screen includes a background, and foreground GUI elements overlaying the background. The processor is configured to when the IMU generates motion data indicative of movement, render the background to comprise a video image from the image sensor.

Abstract: Systems and methods described herein provide for management of notifications. A server may receive proximity information indicative of a distance between the client device and a user of the client device, and idle state information of the client device. The server may determine a notification protection level using the proximity information and the idle state information. The server may receive a notification from the at least one notification source. The notification is for rendering on a screen of the client device. The notification manager may manage delivery of the received notification, according to the determined notification protection level.

Abstract: In accordance with one disclosed method, a determination may be made that a user has provided a first input to a client device to begin taking an action with respect to an application presented in a first window of an operating system while the first window is an active window of the operating system. It may then be determined that a second window has become the active window of the operating system, and that the user has not provided a second input to the client device to complete the action with respect to the application. Based at least in part on the second window having become the active window and the user not having provided the second input, the client device may be caused to present a notification indicative of the action being incomplete.

Abstract: A computing device includes an image sensor, an IMU, a display, and a processor coupled to the image sensor, the IMU, and the display. The processor is configured to generate a GUI current screen on the display. The GUI current screen includes a background, and foreground GUI elements overlaying the background. The processor is configured to when the IMU generates motion data indicative of movement, render the background to comprise a video image from the image sensor.

Abstract: In one aspect, an example methodology implementing the disclosed techniques includes, by a computing device, determining whether a user interface element having focus is a secure input and, responsive to a determination that the user interface element is a secure input, preventing the focus from changing away from the user interface element. The method also includes, by the computing device, responsive to a determination that the user interface element is a secure input, allowing the focus to change away from the user interface element in response to a determination that an input to the user interface element is complete. The method may further include, by the computing device, responsive to a determination that the user interface element is not a secure input, allowing the focus to be moved to another user interface element.

Abstract: A technique utilizes a security heat map associated with a geographic region. The technique involves receiving, by a server, current heat scores for one or more endpoint devices located within the geographic region. The technique further involves providing, by the server, for areas within the geographic region, respective aggregate heat scores based on the current heat scores for the one or more endpoint devices. The technique further involves, based on the respective aggregate heat scores for the areas within the geographic region, generating, by the server, a security heat map defining one or more security zones within the geographic region. The technique further involves imposing, by the server, security policies on the one or more endpoint devices based on the security heat map.

Abstract: Systems and methods described herein provide for management of notifications. A computing device in communication with a client device receives a notification from at least one notification source. The notification may be for rendering on a screen at the client device. A policy engine of the computing device may identify a context of the notification. The policy engine may add a tag to the notification according to the identified context to control rendering of the notification at the client device. The computing device may transmit the notification with the tag to a notification service at the client device. The notification service may be configured to manage the notification at the client device in accordance with the tag.

Abstract: Systems and methods for providing privacy protection with regard to location data of an electronic device. The methods comprise: receiving a request to access the location data of the electronic device; determining a privacy protection level associated with the electronic device based on condition related information of the electronic device; blocking access to the location data of the electronic device by the software application based on the privacy protection level; modifying the location data to generate remapped location data of the electronic device based on the privacy protection level associated with the electronic device; and providing the remapped location data to the software application so as to operate the software application without using the location data of electronic device.

Abstract: A technique controls access to a set of protected resources. The technique involves receiving a location signal which identifies a current geolocation of an endpoint device. The technique further involves, based on the current geolocation identified by the location signal, generating a heat map corresponding to a geographic region that includes the current geolocation of the endpoint device, the heat map defining one or more security zones within the geographic region. The technique further involves, selecting a particular security level from multiple security levels based on a security zone of the heat map associated with the current geolocation of the endpoint device, and communicating the selected security level to the endpoint device. The selected security level is associated with security requirements to be satisfied by the endpoint device in order for the endpoint device to access the set of protected resources.

Abstract: Systems and methods described herein provide for management of notifications. A server may receive proximity information indicative of a distance between the client device and a user of the client device, and idle state information of the client device. The server may determine a notification protection level using the proximity information and the idle state information. The server may receive a notification from the at least one notification source. The notification is for rendering on a screen of the client device. The notification manager may manage delivery of the received notification, according to the determined notification protection level.

Abstract: Systems and methods described herein provide for management of notifications. A server may receive proximity information indicative of a distance between the client device and a user of the client device, and idle state information of the client device. The server may determine a notification protection level using the proximity information and the idle state information. The server may receive a notification from the at least one notification source. The notification is for rendering on a screen of the client device. The notification manager may manage delivery of the received notification, according to the determined notification protection level.

Abstract: A technique utilizes a security heat map associated with a geographic region. The technique involves receiving, by a server, current heat scores for one or more endpoint devices located within the geographic region. The technique further involves providing, by the server, for areas within the geographic region, respective aggregate heat scores based on the current heat scores for the one or more endpoint devices. The technique further involves, based on the respective aggregate heat scores for the areas within the geographic region, generating, by the server, a security heat map defining one or more security zones within the geographic region. The technique further involves imposing, by the server, security policies on the one or more endpoint devices based on the security heat map.

Abstract: Systems and methods described herein provide for management of notifications. A computing device in communication with a client device receives a notification from at least one notification source. The notification may be for rendering on a screen at the client device. A policy engine of the computing device may identify a context of the notification. The policy engine may add a tag to the notification according to the identified context to control rendering of the notification at the client device. The computing device may transmit the notification with the tag to a notification service at the client device. The notification service may be configured to manage the notification at the client device in accordance with the tag.

Abstract: Methods and systems are described herein for optimized selection of wireless communications networks when multiple wireless communications networks are available to or for selection by a wireless communications device. A wireless communications device may select an optimal network on a per-application and/or per-transmission basis based on one or more policies defined and managed by the device and/or based on dynamic selection of a wireless network based on one or more probed network characteristics (e.g., latency, cost of traffic, data security, etc.). When a state of the device satisfies conditions specified by the policies managed and enforced on the device (e.g., in an enterprise mobility management system), then the wireless network may be selected as defined by the applicable policy. However, when the state of the device does not match an existing policy, then wireless network selection may be based on the dynamic probing of the various networks to determine a preferred wireless network.

Abstract: A technique controls access to a set of protected resources. The technique involves receiving a location signal which identifies a current geolocation of an endpoint device. The technique further involves, based on the current geolocation identified by the location signal, generating a heat map corresponding to a geographic region that includes the current geolocation of the endpoint device, the heat map defining one or more security zones within the geographic region. The technique further involves, selecting a particular security level from multiple security levels based on a security zone of the heat map associated with the current geolocation of the endpoint device, and communicating the selected security level to the endpoint device. The selected security level is associated with security requirements to be satisfied by the endpoint device in order for the endpoint device to access the set of protected resources.

Abstract: Methods and systems are described herein for optimized selection of wireless communications networks when multiple wireless communications networks are available to or for selection by a wireless communications device. A wireless communications device may select an optimal network on a per-application and/or per-transmission basis based on one or more policies defined and managed by the device and/or based on dynamic selection of a wireless network based on one or more probed network characteristics (e.g., latency, cost of traffic, data security, etc.). When a state of the device satisfies conditions specified by the policies managed and enforced on the device (e.g., in an enterprise mobility management system), then the wireless network may be selected as defined by the applicable policy. However, when the state of the device does not match an existing policy, then wireless network selection may be based on the dynamic probing of the various networks to determine a preferred wireless network.

Abstract: Systems and methods described herein provide for management of notifications. A server may receive proximity information indicative of a distance between the client device and a user of the client device, and idle state information of the client device. The server may determine a notification protection level using the proximity information and the idle state information. The server may receive a notification from the at least one notification source. The notification is for rendering on a screen of the client device. The notification manager may manage delivery of the received notification, according to the determined notification protection level.

Abstract: Systems and methods for providing privacy protection with regard to location data of an electronic device. The methods comprise: receiving a request to access the location data of the electronic device; determining a privacy protection level associated with the electronic device based on condition related information of the electronic device; blocking access to the location data of the electronic device by the software application based on the privacy protection level; modifying the location data to generate remapped location data of the electronic device based on the privacy protection level associated with the electronic device; and providing the remapped location data to the software application so as to operate the software application without using the location data of electronic device.