Abstract: A method of aligning images for 3D imaging of a sample includes, for each of multiple cameras located around a vessel, activating a respective light source that provides backlighting for the vessel, and capturing a respective 2D calibration image of the vessel. The method also includes, for each 2D calibration image, measuring a respective vertical position, horizontal position, and rotation of the image, in part by detecting edges of the vessel as depicted in the image. The method also includes generating calibration data based on the measured vertical positions, horizontal positions, and rotations for the respective 2D calibration images, capturing, by each camera, a respective set of 2D images of the sample in the vessel, and digitally resampling, using the calibration data, at least one of the respective sets of 2D images to correct for vertical offset, horizontal offset, and rotational offset of the set(s) of 2D images.

Abstract: A computer system may receive one or more requests for access to one or more cloud services and may store the one or more requests in a request log. The computer system may receive one or more access rules applicable to cloud service access rights. The computer system may aggregate the one or more requests of the request log to determine access requirements for a container, the container being configured to store one or more applications. The computer system may generate and store container access policies that define access of a container and the one or more cloud services, the container access policies based at least in part on the aggregated one or more requests and the one or more access rules. The computer system may send the container access policies to a request forwarder of a compute instance in a production environment.

Abstract: A tire pre-conditioning system includes a first mandrel, a second mandrel spaced apart from the first mandrel, and a controller in communication with the first mandrel and the second mandrel. The first mandrel is fixedly attached to a first shaft and including a first tapered sidewall. The second mandrel is fixedly attached to a second shaft and including a second tapered sidewall. The controller is operable to axially move the first mandrel and the second mandrel toward one another until the first and second tapered sidewalls are opposing respective beads of a tire, and supply pressurized fluid into an internal cavity of the tire to inflate the tire. The inflating causing the beads to move relative to mandrels while contacting the opposing respective tapered sidewalls to burnish the beads of the tire.

Abstract: Various techniques facilitate the development of an image library that can be used to train and/or validate an automated visual inspection (AVI) model, such an AVI neural network for image classification. In one aspect, an arithmetic transposition algorithm is used to generate synthetic images from original images by transposing features (e.g., defects) onto the original images, with pixel-level realism. In other aspects, digital inpainting techniques are used to generate realistic synthetic images from original images. Deep learning-based inpainting techniques may be used to add, remove, and/or modify defects or other depicted features. In still other aspects, quality control techniques are used to assess the suitability of image libraries for training and/or validation of AVI models, and/or to assess whether individual images are suitable for inclusion in such libraries.

Abstract: A system and technique for a Request Forwarder as for a computer network architecture is disclosed to provide selective access to one or more cloud services. In some implementations, a computer system may receive a request for access to a cloud service, the request including a container credential. The computer system may determine an identification of the container using the container credential. The computer system may verify that the container requesting access to the cloud service is authorized based at least in part on stored policies. Based at least in part on the determination that the container requesting access to the cloud service is authorized: receiving instance credential from a metadata service. The computer system may include the instance credential with the request. The computer system may send the request to the cloud service. In various examples, the Request Forwarder can be provided as a service.

Abstract: A computer system may receive one or more requests for access to one or more cloud services and may store the one or more requests in a request log. The computer system may receive one or more access rules applicable to cloud service access rights. The computer system may aggregate the one or more requests of the request log to determine access requirements for a container, the container being configured to store one or more applications. The computer system may generate and store container access policies that define access of a container and the one or more cloud services, the container access policies based at least in part on the aggregated one or more requests and the one or more access rules. The computer system may send the container access policies to a request forwarder of a compute instance in a production environment.

Abstract: A system and technique for a Request Forwarder as for a computer network architecture is disclosed to provide selective access to one or more cloud services. In some implementations, a computer system may receive a request for access to a cloud service, the request including a container credential. The computer system may determine an identification of the container using the container credential. The computer system may verify that the container requesting access to the cloud service is authorized based at least in part on stored policies. Based at least in part on the determination that the container requesting access to the cloud service is authorized: receiving instance credential from a metadata service. The computer system may include the instance credential with the request. The computer system may send the request to the cloud service. In various examples, the Request Forwarder can be provided as a service.

Abstract: A computer system may receive one or more requests for access to one or more cloud services and may store the one or more requests in a request log. The computer system may receive one or more access rules applicable to cloud service access rights. The computer system may aggregate the one or more requests of the request log to determine access requirements for a container, the container being configured to store one or more applications. The computer system may generate and store container access policies that define access of a container and the one or more cloud services, the container access policies based at least in part on the aggregated one or more requests and the one or more access rules. The computer system may send the container access policies to a request forwarder of a compute instance in a production environment.

Abstract: Embodiments of the present disclosure are disclosed for enhancing resolution for nonlinear optical microscopy. Embodiments include pulse picking using a modulator, such as an acousto-optic modulator, that is optionally controlled by a function generator or a frequency divider. Some embodiments spatially overlap two laser beams prior to the modulator, and still additional embodiments include separating the 1st diffraction order of the modulated laser output of the acousto-optic modulator and directing the 1st diffraction order to a microscope. Some embodiments chirp a spatially overlapped laser beam with one pulse rate to a spatially overlapped laser beam with a higher pulse rate, while still additional embodiments utilize a coherent Raman scattering microscope.

Abstract: Techniques are disclosed for generating network security policies for different versions of a component of an application deployed in a computing environment where the different versions have potentially different network requirements and the different versions operate together at the same time in the computing environment. The disclosed techniques include capabilities for enabling different versions of a component of a containerized application to co-exist at the same time on different computing nodes in a cluster of nodes in a containerized environment that deploys and executes the application. The techniques additionally include capabilities for enabling different network policies to be generated for the different versions of the component, where each component has potentially different network requirements. The techniques provide a mechanism to create precise, per-component network policies, while respecting the overall coarse-grained policies of the containerized application.

Abstract: Techniques are disclosed for query processing system that can, when queried, generate a result related to one or more connectivity paths and/or one or more network security rules. Network security rules and connectivity paths may be stored in corresponding data structures (e.g., sets of attributes) that may be utilized with a number of set operations. The user may issue a query requesting the system to apply a rule to a path, a set of rules to a set of paths, to identify if one set of rule(s) are equivalent to another set of rule(s), and the like. Utilizing this query processing system can enable a user to identify effects of one or more network rules with respect to traffic being allowed or restricted along particular connectivity paths between components of the system.

Abstract: Techniques are disclosed for network policy verification system that can obtain a set of connectivity paths of a containerized environment that individually indicate connections between pairs of containers. Identify a first container and a second container of a pair based at least in part on a connectivity path. Determine a network policy corresponding to the connectivity path that indicates an expected result of that particular connection. A connection can be initiated between the two containers. The result may be presented at a user device based at least in part on identifying that the result is different from the expected result indicated by the network policy corresponding to the connectivity path.

Abstract: Techniques are disclosed for network policy verification system that can obtain a set of connectivity paths of a containerized environment that individually indicate connections between pairs of containers. Identify a first container and a second container of a pair based at least in part on a connectivity path. Determine a network policy corresponding to the connectivity path that indicates an expected result of that particular connection. A connection can be initiated between the two containers. The result may be presented at a user device based at least in part on identifying that the result is different from the expected result indicated by the network policy corresponding to the connectivity path.

Abstract: A computer system may receive one or more requests for access to one or more cloud services and may store the one or more requests in a request log. The computer system may receive one or more access rules applicable to cloud service access rights. The computer system may aggregate the one or more requests of the request log to determine access requirements for a container, the container being configured to store one or more applications. The computer system may generate and store container access policies that define access of a container and the one or more cloud services, the container access policies based at least in part on the aggregated one or more requests and the one or more access rules. The computer system may send the container access policies to a request forwarder of a compute instance in a production environment.

Abstract: Techniques are disclosed for query processing system that can, when queried, generate a result related to one or more connectivity paths and/or one or more network security rules. Network security rules and connectivity paths may be stored in corresponding data structures (e.g., sets of attributes) that may be utilized with a number of set operations. The user may issue a query requesting the system to apply a rule to a path, a set of rules to a set of paths, to identify if one set of rule(s) are equivalent to another set of rule(s), and the like. Utilizing this query processing system can enable a user to identify effects of one or more network rules with respect to traffic being allowed or restricted along particular connectivity paths between components of the system.

Abstract: A system and technique for a Request Forwarder as for a computer network architecture is disclosed to provide selective access to one or more cloud services. In some implementations, a computer system may receive a request for access to a cloud service, the request including a container credential. The computer system may determine an identification of the container using the container credential. The computer system may verify that the container requesting access to the cloud service is authorized based at least in part on stored policies. Based at least in part on the determination that the container requesting access to the cloud service is authorized: receiving instance credential from a metadata service. The computer system may include the instance credential with the request. The computer system may send the request to the cloud service. In various examples, the Request Forwarder can be provided as a service.

Abstract: Techniques are disclosed for generating network security policies for different versions of a component of an application deployed in a computing environment where the different versions have potentially different network requirements and the different versions operate together at the same time in the computing environment. The disclosed techniques include capabilities for enabling different versions of a component of a containerized application to co-exist at the same time on different computing nodes in a cluster of nodes in a containerized environment that deploys and executes the application. The techniques additionally include capabilities for enabling different network policies to be generated for the different versions of the component, where each component has potentially different network requirements. The techniques provide a mechanism to create precise, per-component network policies, while respecting the overall coarse-grained policies of the containerized application.

Abstract: A universal tripod clamp system is provided having a base member having a top side and a bottom side. The top side includes a plate receiving area configured to accept a mounting plate in conjunction with camera equipment. The bottom side includes an adapter receiving port having a first shape. A clamp is provided, wherein the clamp is configured to alter the plate receiving area. A universal adapter is provided, wherein the universal adapter is removably positioned in the adapter receiving port. The adapter is configured to receive a portion of a tripod head, such as a ball head. The adapter includes an opening having a second shape (pattern) configured to conform to the portion of the tripod head having the same shape (pattern).

Abstract: Techniques are disclosed for query processing system that can, when queried, generate a result related to one or more connectivity paths and/or one or more network security rules. Network security rules and connectivity paths may be stored in corresponding data structures (e.g., sets of attributes) that may be utilized with a number of set operations. The user may issue a query requesting the system to apply a rule to a path, a set of rules to a set of paths, to identify if one set of rule(s) are equivalent to another set of rule(s), and the like. Utilizing this query processing system can enable a user to identify effects of one or more network rules with respect to traffic being allowed or restricted along particular connectivity paths between components of the system.

Abstract: The present invention relates to a hollow ball mount system having a hollow spherical structure. The hollow spherical structure includes an internal volume, an external surface, and an outer wall. A stem is adjoined to the hollow spherical structure, the stem having a proximal end and a distal end, wherein the stem extends outward and substantially normal to the external surface. An interfacing surface is positioned upon the distal end of the stem. The flat interfacing surface is configured for mounting and securing articles, such as camera equipment, sporting equipment, and lighting. In further embodiments, the flat interfacing surface includes an attachment member and/or an adapter to substantially match the size and shape of the articles to be adjoined to the hollow ball mount.