Abstract: Distribution and management of services in virtual environments is described herein. In one or more implementations, a service distribution and management model is implemented in which system services and applications are seamlessly distributed across multiple containers which each implement a different runtime environment. In one or more implementations, a system for distributing access to services in a host operating system of a computing device includes a host operating system configured to implement a host runtime environment, and one or more services implemented by the host operating system. The system further includes a service control manager configured to enable communication between a client stub of a service implemented in a client runtime environment and a service provider of the service that is implemented in a service runtime environment that is separate from the first client runtime environment.

Abstract: Distribution and management of services in virtual environments is described herein. In one or more implementations, a service distribution and management model is implemented in which system services and applications are seamlessly distributed across multiple containers which each implement a different runtime environment. In one or more implementations, a system for distributing access to services in a host operating system of a computing device includes a host operating system configured to implement a host runtime environment, and one or more services implemented by the host operating system. The system further includes a service control manager configured to enable communication between a client stub of a service implemented in a client runtime environment and a service provider of the service that is implemented in a service runtime environment that is separate from the first client runtime environment.

Abstract: Systems and methods for encrypting and decrypting data sent to and received from a peripheral device physically coupled to a hardware interface of a user equipment. In some examples, the user equipment may include an encrypting/decryption component that is configured to physically between a hardware interface of the user equipment and the other components of the user equipment. The encrypting/decryption component may be configured to receive a plurality of encryption/decryption schemes from a remote system. The encrypting/decryption component may select and apply one or more of the plurality of encryption/decryption schemes to data being downloaded and/or uploaded to the peripheral device.

Abstract: Distribution and management of services in virtual environments is described herein. In one or more implementations, a service distribution and management model is implemented in which system services and applications are seamlessly distributed across multiple containers which each implement a different runtime environment. In one or more implementations, a system for distributing access to services in a host operating system of a computing device includes a host operating system configured to implement a host runtime environment, and one or more services implemented by the host operating system. The system further includes a service control manager configured to enable communication between a client stub of a service implemented in a client runtime environment and a service provider of the service that is implemented in a service runtime environment that is separate from the first client runtime environment.

Abstract: Systems and methods for authenticating a peripheral device prior to allowing the peripheral device access to components and data stored on user equipment. In some examples, the user equipment may include an authorization component that is configured to physically decouple a hardware interface from other components of the user equipment until the authorization component is able to authenticate the peripheral device. Both authorized peripheral devices and the user equipment may be provisioned with authorization data and/or credentials from a system outside the control of the individual users of the user equipment.

Abstract: This document describes, among other things, systems and methods for more efficiently resuming a client-to-origin TLS session through a proxy layer that fronts the origin in order to provide network security services. At the time of an initial TLS handshake with an unknown client, for example, the proxy can perform a set of security checks. if the client passes the checks, the proxy can transmit a ‘proxy token’ upstream to the origin. The origin can incorporate this token into session state data which is passed back to and stored on the client, e.g., using a TLS session ticket extension field, pre-shared key extension field, or other field. On TLS session resumption, when the client sends the session state data, the proxy can recover its proxy token from the session state data, and upon successful validation, bypass security checks that it would otherwise perform against the client, thereby more efficiently handling known clients.

Abstract: In a method of mapping a real-world process control environment, a mobile device is registered at a reference location, and positions and orientations of the mobile device are tracked using an inertial measurement unit. A user input indicating that a new node is to be added to a 3D map of the process control environment is detected, and a 3D position of a real-world object relative to the reference location is determined, or caused to be determined, based on a tracked position and orientation of the mobile device. A node database is caused to add the new node to the 3D map of the process control environment, at least by causing the 3D position of the real-world object to be stored in association with the new node.

Abstract: A network device includes a shelf configured to support interface cards on a front side; a control module including a first frame and a printed circuit board disposed to the first frame, wherein the control module is configured to connect on a rear side of the shelf; and a cooling module including a second frame and cooling fans disposed to the second frame, wherein the second frame is configured slidingly connect to the first frame on the rear side of the shelf.

Abstract: In a method of providing virtual enhanced vision to a user of an augmented reality (AR) mobile device, it is determined that a first node associated with a map of a process control environment corresponds to a first real-world object currently within a field of view of a camera of the AR mobile device. A relationship between the first node and one or more other nodes is determined, with the relationship indicating that one or more other objects corresponding to other nodes are at least partially obscured by the first object. At least partially in response to determining the relationship, one or more digital models or images depicting the other object(s) is/are retrieved from memory. A display of the AR mobile device is caused to present the retrieved digital models or images to the user while the first object is in the field of view of the camera.

Abstract: In a method of facilitating interaction between a user of an augmented reality (AR) mobile device and a first real-world object, a display device is caused to superimpose digital information on portions of a process control environment within a field of view of a camera of the device. The superimposed information is associated with nodes in a map of the environment, and the nodes correspond to other objects in the environment. The display is caused to indicate a direction to the first object. After detecting a user input that indicates selection of the first object, the display is caused to superimpose, on a portion of the process control environment currently within the field of view, a digital model or image of the first object. A user interface is caused to provide one or more virtual controls and/or one or more displays associated with the first object.

Abstract: This document describes, among other things, systems and methods for more efficiently resuming a client-to-origin TLS session through a proxy layer that fronts the origin in order to provide network security services. At the time of an initial TLS handshake with an unknown client, for example, the proxy can perform a set of security checks. If the client passes the checks, the proxy can transmit a ‘proxy token’ upstream to the origin. The origin can incorporate this token into session state data which is passed back to and stored on the client, e.g., using a TLS session ticket extension field, pre-shared key extension field, or other field. On TLS session resumption, when the client sends the session state data, the proxy can recover its proxy token from the session state data, and upon successful validation, bypass security checks that it would otherwise perform against the client, thereby more efficiently handling known clients.

Abstract: A network element include one or more modules each supporting one or more pluggable modules; and a first manifold and a second manifold each configured to connect to a conduit associated with a coldplate, wherein one of the first manifold and the second manifold is an inlet manifold and the other is an outlet manifold for a cooling fluid that flows through the conduit to cool the one or more pluggable modules. The one or more pluggable modules can be each a pluggable optical module that is one of compliant to any of XFP, SFP, XENPAK, X2, CFP, CFP2, CFP4, CFP8, QSFP, QSFP+, QSFP28, OSFP, and QSFP-DD and have a housing that has dimensions similar to any of XFP, SFP, XENPAK, X2, CFP, CFP2, CFP4, CFP8, QSFP, QSFP+, QSFP28, OSFP, and QSFP-DD.

Abstract: A modular wound treatment system includes a central modular hub having a modular connection for one or more pneumatically-actuated, modular components, such as a pneumatically-actuated soft robotic gripper component configured to curve and at least partially encircle the wound when actuated and thereby apply direct pressure to the wound, and a pneumatically-actuated tourniquet component configured to apply pressure proximal to the wound to limit the flow of arterial blood to the wound. The system also includes a pressurized gas supply in pneumatic communication with the modular connection, sensors for measuring the amount of pressure being applied by the pneumatically-actuated, modular components, a display for providing system information, and a controller for controlling the system. Methods of treating a wounded subject using the system are also provided.

Abstract: A method for monitoring a system and controlling a pump coupled to plumbing is provided. The method includes the steps of determining that a fault has occurred in the system, transmitting a first message to a remote server over a first wireless network, the first message including information related to the fault, sending the information related to the fault via the first wireless network to an internet enabled device, receiving a second message from the remote server via the first wireless network, the second message including the information related to the fault, and shutting down the pump via a microcontroller configured to control operation of the pump.

Abstract: Methods, non-transitory computer readable media, and apparatuses for automated processing of hybrid electronic invoice data include identifying at least a first type of charge data from one or more other types of charge data in received hybrid electronic invoice data based on one or more parsing techniques. The first type of charge data is disassembled from the received hybrid electronic invoice data based on the identification. The disassembled first type of charge data is adjudicated based on execution of one of a plurality of sets of adjudication procedures identified to correspond to the disassembled first type of charge data. The received hybrid electronic invoice data is transformed with the adjudicated first type of charge data. The transformed electronic invoice data is provided for additional processing.

Abstract: Techniques for proxy based network access are discussed herein. In some examples, the techniques can be implemented in a network proxy device for Citizens Broadband Radio Service (CBRS). A base station or a domain proxy device may manage or otherwise use CBRS resources by exchanging signaling messages with a Spectrum Access System (SAS). The base station or domain proxy device may transmit signaling messages in a first private network to a network device bridging the first private network and a second private network with limited access to a public network. The network device send proxy message(s) in response to the signaling messages to the SAS and can establish an encrypted session layer or application layer tunnel between the base station and/or domain proxy device. The proxy based network access preserves secure networks while still allowing limited messaging with other public or private networks.

Abstract: In a method of mapping a real-world process control environment, a mobile device is registered at a reference location, and positions and orientations of the mobile device are tracked using an inertial measurement unit. A user input indicating that a new node is to be added to a 3D map of the process control environment is detected, and a 3D position of a real-world object relative to the reference location is determined, or caused to be determined, based on a tracked position and orientation of the mobile device. A node database is caused to add the new node to the 3D map of the process control environment, at least by causing the 3D position of the real-world object to be stored in association with the new node.

Abstract: Systems and techniques are provided for detecting rogue base stations and preventing malicious actors from intercepting and stealing data traffic from mobile devices through rogue base stations. Upon connecting to a newly detected base station for a cellular network service, a mobile device attempts to validate the cellular base station with a validation server before any data is transmitted over the new connection. If the mobile device does not receive a confirmation of validity from the validation server, the mobile device would identify the cellular base station as a rogue base station, disconnect from the rogue base station, and search for a valid base station for connection to the cellular network.

Abstract: In some embodiments of the present disclosure, systems and methods for monitoring operation of a pump are provided. In some embodiments, a system comprises: a pressure switch, comprising: a PCB within a housing; a power supply; a wireless gateway module configured to establishes a wireless connection to a wireless network; a pressure sensor; a microcontroller that: establishes a second wireless connection to a mobile device; receives instructions from the mobile device; connect to the first wireless network based on the instructions; determine pressure; control operation of the pump based on the pressure; determine that a fault has occurred, automatically stop operation of the pump, and send a message to a server over the first wireless network; and receive instructions from the mobile device via the server and the first wireless network to change a setting of the pressure switch.

Abstract: A modular wound treatment system includes a central modular hub having a modular connection for one or more pneumatically-actuated, modular components, such as a pneumatically-actuated soft robotic gripper component configured to curve and at least partially encircle the wound when actuated and thereby apply direct pressure to the wound, and a pneumatically-actuated tourniquet component configured to apply pressure proximal to the wound to limit the flow of arterial blood to the wound. The system also includes a pressurized gas supply in pneumatic communication with the modular connection, sensors for measuring the amount of pressure being applied by the pneumatically-actuated, modular components, a display for providing system information, and a controller for controlling the system. Methods of treating a wounded subject using the system are also provided.