Abstract: There is a need for design and implementation of interfaces for providing user-friendly feedback while creating and updating compliant passwords. This disclosure relates to a method of creating compliant password by in-place feedback to a password composition policy (PCP). A policy-enabled-virtual keyboard (PKBD) receives input from a user and is processed based on parameters associated with the PCP to identify accessible and inaccessible keys on the PKBD with in-place feedback. The in-place feedback is provided to highlight accessible keys of the PKBD for the user, if class associated with character, or mandated number of characters by the PCP are received are covered. Alternatively, the keys of the PKBD are disabled for access to the user by validating if class associated with character received are not covered, and a deviation of the parameters. A compliant password is created based on the PCP by providing in-place feedback for a resultant validation.

Abstract: This disclosure provides methods, components, devices and systems for back-to-back transmissions via a multi-hop relay path using flow-specific resource reservation. Some aspects more specifically relate to flow-specific transmission opportunity (TXOP) sharing and/or orthogonal channel reservation in combination with a flow-specific sequence of time slots. In implementations in which flow-specific TXOP sharing is employed in combination with a flow-specific sequence of time slots, one or more wireless communication devices may determine whether a shared TXOP supersedes the flow-specific sequence of time slots in accordance with whether the shared TXOP is associated with a same flow as the sequence of time slots. In implementations in which orthogonal channel reservation is employed in combination with a flow-specific sequence of time slots, each wireless communication device of a multi-hop relay path may receive an indication of or otherwise be configured with a frequency channel via which to transmit.

Abstract: This disclosure provides methods, components, devices and systems for managing power in a wireless network. According to certain aspects, when an access point (AP) is operating on multiple links, the AP may calculate a loading metric for each link and perform one or more power savings actions if the loading metrics for one or more of the links meets certain criteria.

Abstract: A system and method for condition tracking and management is disclosed. In the method, a user input including a message related to manifestation of the condition is received by a user. Based on one or more condition tracking parameters, condition related information is extracted from the user input. The condition related information is associated with the user. The condition related information is then classified to one or more disease tracking parameters by allocation the information to the corresponding condition tracking parameters. Further, the condition related information is compared to pre-stored condition related information, by comparing a user profile of the user with one or more other user profiles that are pre-stored. Subsequently, a response including one or more recommendations appropriate to the at least one user input is generated and the response is provided to the user.

Abstract: This disclosure provides methods, components, devices and systems for operation expansion policy framework for access points (APs). An example method, performed by a first wireless node, includes outputting, for transmission, information that indicates at least one of (i) one or more criteria that, when met by a second wireless node, indicate the second wireless node is allowed to request that the first wireless node modify one or more wireless operating parameters, or (ii) one or more options for modifying the wireless operating parameters of the first wireless node, obtaining a first request that requests the first wireless node to modify the wireless operating parameters, and processing the first request based on the information.

Abstract: Data is collected from a network graph, wherein the collected data is useful for training a machine learning model on a query domain. A domain-specific template corresponding to the query domain is received, the domain-specific template defining one or more classifiers to guide collection of content relevant to the query domain from the network graph. A collection starting point is analyzed based on the one or more classifiers of the domain-specific template to identify one or more relevant instances of the content. The one or more identified relevant instances of the content are added to a contextual protocol package. Each identified relevant instance of the content is analyzed based on the one or more classifiers of the domain-specific template to identify one or more additional relevant instances of the content. The one or more identified additional relevant instances of the content are added to the contextual protocol package.

Abstract: Aspects of the present disclosure allow for improving E2E mesh throughput by applying transmission (TX) biasing on the Wi-Fi mesh backhaul. Aspects of the disclosure are directed to solutions for reducing traffic load in Wi-Fi mesh networks by applying TX biasing on the Wi-Fi mesh backhaul. Certain aspects are directed to selectively transmitting or preventing transmission of data over the first backhaul link to the first MLD based at least in part on a fronthaul airtime utilization, a first backhaul airtime utilization, or a second backhaul airtime utilization. Doing so allows a root access point or a network controller to apply TX biasing between multi-link operation links towards each repeater so that traffic load on a backhaul-link would not overly occupy the front-haul link because of common channel use by selectively transmitting or preventing transmission of data on the backhaul links.

Abstract: A first Multi-AP device configured as a Multi-AP Agent transmits, to a second Multi-AP device configured as a Multi-AP Controller over a first communication link, a Device Provisioning Protocol (DPP) Configuration Request Message indicating multi-link operation (MLO) capabilities of the first Multi-AP device. The first Multi-AP device receives, from the second Multi-AP device over the first communication link, a DPP Configuration Response Message indicating MLO association information responsive to the indicated MLO capabilities, and establishes a backhaul path with a third Multi-AP device, configured as a second Multi-AP Agent, on the first communication link and one or more second communication links according to the MLO association information.

Abstract: This disclosure provides methods, devices and systems for load balancing access points (APs) in a mesh network. Certain aspects are directed to obtaining load information from each wireless device of a set of wireless devices, the load information being indicative of resource availability for each band available to each wireless device of the set. In some examples, the disclosure is directed to identifying a first band and a first wireless device of the set of wireless devices associated with the first band based on the first band having a highest level of traffic among bands available to the set of wireless devices.

Abstract: This disclosure relates generally to system and method for assessing insider influence on enterprise assets. Existing work focuses on the detection of insider threat and does not consider the influence of an insider on their peers and subordinates. The present disclosure aggregates and preprocesses the enterprise data specific to the individuals received from various sources, and further creates an enterprise graph between entities. Weights of every edge connected between any two entities in the enterprise graph is then calculated. Community of the individuals are detected wherein, relevant insider(s) are identified, and susceptibility of the individuals for probable influence by relevant insider(s) based on the analysis scenarios(s) is calculated. Paths taken by the relevant insider(s) is calculated for estimating probability of data loss.

Abstract: This disclosure relates generally to system and method for classification of sensitive date using federated semi-supervised learning. Federated learning has emerged as a privacy-preserving technique to learn one or more machine learning (ML) models without requiring users to share their data. In federated learning, data distribution among clients is imbalanced resulting with limited data in some clients. The method includes extracting a training dataset from one or more data sources and pre-processing the training dataset into a machine readable form based on associated data type. Further, a federated semi-supervised learning model is iteratively trained based on a model contrastive and distillation learning to classify sensitive data from the unlabeled dataset. Then, sensitive data from a user query is received as input which are classified using the federated semi-supervised learning model.

Abstract: A system and method for implementing a centralized innovation framework module are disclosed. A processor is operatively connected to one or more memories via a communication network. The processor creates a centralized web-based collaborative platform hub for collection of innovation ideas data from end users within an operation space and causes the centralized web-based collaborative platform hub to receive innovation ideas data from an end user related to development of an application. The processor also analyzes the received innovation ideas data establishes, based on analyzing, a connection between the centralized web-based collaborative platform hub and a development platform; migrates the received innovation ideas data onto the development platform; and creates a workflow on the development platform for tracking and managing development processes of the application.

Abstract: This disclosure relates generally to online learning against data poisoning attack. Conventional methods used data sanitization techniques for online learning against data poisoning attack. However, these methods do not remove poisoned data points from training dataset completely. Embodiments of the present disclosure method provide an influence based defense method for secure online learning against data poisoning attack. The method initially filters a subset of poisoned data points in the training dataset for training a machine learning model using data sanitization technique. Further the method computes an influence of the data points and performs an influence minimization based on a predefined threshold. Updated data points for the learning model are generated and used for training the machine learning model. The disclosed method can be used against data poisoning attacks in applications such as spam filtering, malware detection, recommender system and so on.

Abstract: Data-driven applications depend on training data obtained from multiple internal and external data sources. Hence poisoning of the training data can cause adverse effects in the data driven applications. Conventional methods identifies contaminated test samples and avert them from entering into the training. A generic approach covering all data-driven applications and all types of data poisoning attacks in an efficient manner is challenging. Initially, data aggregation is performed after receiving a ML application for testing. A plurality of feature vectors are extracted from the aggregated data and a poisoned data set is generated. A plurality of personas are generated and are further prioritized to obtain a plurality of attack personas. Further, a plurality of security assessment vectors are computed for each of the plurality of attack personas. A plurality of preventive measures are recommended for each of the plurality of attack personas based on the corresponding security assessment vector.

Abstract: Data is collected from a network graph, wherein the collected data is useful for training a machine learning model on a query domain. A domain-specific template corresponding to the query domain is received, the domain-specific template defining one or more classifiers to guide collection of content relevant to the query domain from the network graph. A collection starting point is analyzed based on the one or more classifiers of the domain-specific template to identify one or more relevant instances of the content. The one or more identified relevant instances of the content are added to a contextual protocol package. Each identified relevant instance of the content is analyzed based on the one or more classifiers of the domain-specific template to identify one or more additional relevant instances of the content. The one or more identified additional relevant instances of the content are added to the contextual protocol package.

Abstract: Techniques for managing an access privilege for users of an organization having first and second tenants includes storing, at a data storage, first user account data of a first user account associated with a first user of the first tenant, the first user account data including a first object identifier, a first tenant identifier and first access privilege information including access privileges granted to the first user account of the first tenant to access one or more resources; creating, for the first user associated with the first tenant, a second user account of the second tenant and second user account data of the second user account; setting the second user account data to include linked account information including the first object identifier and the first tenant identifier of the first user account data; and storing, at the data storage, the second user account data including the linked account information.

Abstract: Techniques for managing access to content are provided that include receiving a first signal requesting an indication whether a user has an access privilege to access to a resource associated with a first tenant of an access management service or perform an operation by a data processing system using the resource, determining that a first user account associated with the user does not have an access privilege to access the resource; performing a nested access privilege check to determine whether the user is associated with a second user account that has the access privilege to access the resource; and granting via the communication network access to the resource responsive to the nested access privilege check determining that the user is associated with the second user account and the second user account is associated with the access privilege to access the resource.

Abstract: A system and method for implementing a centralized innovation framework module are disclosed. A processor is operatively connected to one or more memories via a communication network. The processor creates a centralized web-based collaborative platform hub for collection of innovation ideas data from end users within an operation space and causes the centralized web-based collaborative platform hub to receive innovation ideas data from an end user related to development of an application. The processor also analyzes the received innovation ideas data establishes, based on analyzing, a connection between the centralized web-based collaborative platform hub and a development platform; migrates the received innovation ideas data onto the development platform; and creates a workflow on the development platform for tracking and managing development processes of the application.

Abstract: This disclosure relates generally to system and method for assessing insider influence on enterprise assets. Existing work focuses on the detection of insider threat and does not consider the influence of an insider on their peers and subordinates. The present disclosure aggregates and preprocesses the enterprise data specific to the individuals received from various sources, and further creates an enterprise graph between entities. Weights of every edge connected between any two entities in the enterprise graph is then calculated. Community of the individuals are detected wherein, relevant insider(s) are identified, and susceptibility of the individuals for probable influence by relevant insider(s) based on the analysis scenarios(s) is calculated. Paths taken by the relevant insider(s) is calculated for estimating probability of data loss.

Abstract: This disclosure relates generally to online learning against data poisoning attack. Conventional methods used data sanitization techniques for online learning against data poisoning attack. However, these methods do not remove poisoned data points from training dataset completely. Embodiments of the present disclosure method provide an influence based defense method for secure online learning against data poisoning attack. The method initially filters a subset of poisoned data points in the training dataset for training a machine learning model using data sanitization technique. Further the method computes an influence of the data points and performs an influence minimization based on a predefined threshold. Updated data points for the learning model are generated and used for training the machine learning model. The disclosed method can be used against data poisoning attacks in applications such as spam filtering, malware detection, recommender system and so on.