Abstract: Embodiments relate to a method and an electronic device for modifying a user interface of the electronic device. The method includes detecting, on the electronic device, a selection of a multi-keypad configuration among a plurality of multi-keypad configurations. Based on the selection of the multi-keypad configuration, a plurality of virtual keys are displayed on the user interface. The method includes receiving, on the user interface, a user touch gestures to configure one or more of the plurality of virtual keys to generate a virtual keyboard. The method includes updating machine learning models, image classifier models, and memory of the electronic device to update and store the generated virtual keyboard including the configuration of the one or more of the plurality of virtual keys to initiate user authentication in real time.

Abstract: Devices and methods that incorporate sustainability data within a header of a data packet to allow for the generation of sustainable configurations for various network devices are disclosed. Power efficiency is obtained at a node-level by including metadata to existing network flows, in an in-band/in-situ configuration. This information may be used for optimum flow placement. Received data packets may be formatted with sustainability data within a metadata shim. The received data packets are processed, and a sustainable configuration is generated for the one or more network devices. The generated sustainable configuration is transmitted to the one or more network devices to enable efficient and effective management of network devices by incorporating sustainability data into the data packets.

Abstract: An authorization device obtains a registration request associated with an end device, the registration request including a new randomized media access control (MAC) address associated with the end device; determines whether the end device is authorized to use the new randomized MAC address; transmits a message to the end device with a first randomly generated number when it is determined that the end device is authorized to use the new randomized MAC address; obtains integrity information associated with the end device, the first integrity information being computed based on the first randomly generated number; transmits a request to a validation system to validate the end device based on the first integrity information; obtains an indication that the end device is validated; determines policies associated with the end device when it is determined that the end device is validated; and applies the policies to the end device.

Abstract: Techniques for optimizing routing decisions based on security metrics within a network environment are described herein. In some cases, by using various security metrics, such as encryption indicators, attestation indicators, secureness metrics, and reliability metrics, an exemplary system can assess the security level and reliability of network paths. These metrics may provide valuable insights into the trustworthiness and integrity of participating nodes and links and enable informed decision-making regarding path selection.

Abstract: In one embodiment, a method herein comprises: receiving, at a device, a registration request from a telemetry exporter that transmits telemetry data; generating, by the device, a telemetry configuration file for the telemetry exporter, the telemetry configuration file defining a policy for transmission of telemetry data from the telemetry exporter and an authentication token for the telemetry exporter; sharing, by the device, the policy with a security enforcer; and sending, by the device, the telemetry configuration file to the telemetry exporter, wherein the telemetry exporter is caused to connect with the security enforcer using the authentication token, send the telemetry configuration file to the security enforcer, and transmit collected telemetry data to the security enforcer, and wherein the security enforcer is caused to create a dynamic publish-subscribe stream for publishing the collected telemetry data received from the telemetry exporter based on the telemetry configuration file and the policy.

Abstract: This disclosure describes techniques for implementing centralized path computation for routing in hybrid information-centric networking protocols implemented as a virtual network overlay. A method includes receiving an interest packet header from a forwarding router node of a network overlay. The method further includes determining an interest path of the interest packet and one or more destination router nodes of the network overlay. The method further includes computing one or more paths over the network overlay. The method further includes determining an addressing method for the one or more computed paths over the network overlay. The method further includes performing at least one of encoding each computed path in a data packet header, and encoding each computed path as state entries of each router node of the network overlay on each respective path. The method further includes returning the computed path information to the forwarding router node.

Abstract: In one aspect, a method for monitoring a Fast Re-Route (FRR) path between a source node (Node-S) and a destination node (Node-E) in a network, includes generating a discovery-probe at the source node (Node-S) to detect at least one node with an FRR indicator along the FRR path that includes a plurality of next available nodes. The method also includes upon the discovery probe reaching a first node with the FRR indicator, generating a primary probe configured to detect a primary path and a repair probe configured to detect a repair path. The method also includes in response to receiving the primary probe via the primary path and the repair probe via the repair path at the destination node, sending the primary probe and the repair probe back to the source node to monitor the FRR path between the source node and the destination node.

Abstract: In one embodiment, a method includes generating a security policy and converting the security policy into a chaos hypothesis. The method also includes initiating execution of the chaos hypothesis across a plurality of microservices within a technology stack. The method further includes receiving metrics associated with the execution of the chaos hypothesis across the plurality of microservices within the technology stack.

Abstract: In one embodiment, an access policy enforcement service receives a user authentication request from an end-user device. The access policy enforcement service identifies a telemetry collection intent from the user authentication request. The access policy enforcement service determines a monitoring policy based on the telemetry collection intent identified from the user authentication request. The access policy enforcement service configures, according to the monitoring policy, one or more telemetry collection agents to collect telemetry for traffic associated with the end-user device.

Abstract: Devices, systems, methods, and processes for conducting sustainability-aware virtual meetings are described herein. When establishing virtual meetings, each of the participants can have various devices, locations, histories, and other data associated with them. This data can be packaged together as a user profile which can be transmitted to a virtual meeting service or a host that can receive the various user profiles and generate a meeting profile that can be utilized to maximize the overall sustainability of the virtual meeting. The meeting profile can include configuration suggestions that can be transmitted out to each corresponding device of the participants to either prompt or automatically adjust one or more settings, features, or other configuration, such as energy-saving features, that can increase the overall sustainability. These conditions can be monitored during the meeting and adjusted dynamically in response to changing conditions.

Abstract: Techniques to add environmental-impact and energy sustainability criteria and support to service function chains (SFCs). These techniques enabling steering of network traffic that carries energy sustainability related metadata within in an SFC based on energy sustainability or “green criteria.” This allows for achieving, for example, so-called “green Operations, Administration and Maintenance (OAM)”, whether realized with Network Service Header (NSH), Segment Routing, Multi-protocol Label Switching (MPLS), etc. In other words, these techniques enhance service functions (SFs) and SFCs to allow for finding an energy sustainable or green path in an SFC, and to allow for conveying environmental information as in-line metadata.

Abstract: Techniques for determining an optimal connection path by a NHNaaS are described. The techniques may include receiving a registration from an IPS that includes service ISP service parameters, and storing the registration in a NaaS database. A request to connect to a remote service from a user device, including user parameters required is received. ISPs having respective service parameters compatible with the user parameters are identified in the NaaS database. Multiple paths offered by the service providers between the user device and the remote service are determined. Network performance data for each path is received from a network monitoring service. Using the network performance data, an optimal path for establishing the connection is identified. A request to instantiate a tunnel between the user device and remote service is transmitted to the service providers along the optimal path and the tunnel information is transmitted to the user device.

Abstract: Devices, systems, methods, and processes for sustainably reallocating resources based on within a plurality of computing nodes of a network, such as a managed network are described herein. Each computing node may be configured to transmit infrastructure data to an infrastructure monitor or ecosystem management tool. Additional sustainability data may also be accessed either internally or externally. The infrastructure data and sustainability data may be utilized to generate one or more scores that can be evaluated against each other. These scores may be configured to reflect various conditions or facts about the computing nodes including the overall sustainability. In order to increase sustainability levels, a variety of different resource configurations can be generated and evaluated against each other and the current configuration.

Abstract: Technologies for testing resiliency of a data network with real-world accuracy without affecting the flow of production data through the network. A method according to the technologies may include receiving a production data packet and determining a preferred data route toward a destination node for the production data packet based on a first routing information base, wherein the first routing information base includes a database where routes and route metadata are stored according to a routing protocol. The method may also include, receiving a test data packet, and determining an alternate data route toward the destination node for the test data packet based on a second routing information base, wherein the second routing information base simulates an error in the preferred data route. The method may include sending the production data packet to the preferred data route and sending the test data packet to the alternate data route.

Abstract: Techniques are described for classification-based data security management. The classification-based data security management can include utilizing device and/or data attributes to identify security modes for communication of data stored in a source device. The security modes can be identified based on a hybrid-encryption negotiation. The attributes can include a device resource availability value, an access trust score, a data confidentiality score, a geo-coordinates value, and/or a date/time value. The security modes can include a hybrid-encryption mode. The source device can utilize the hybrid-encryption mode to transmit the data, via one or more network nodes, such as an edge node, to one or more service nodes.

Abstract: Techniques are described for providing secure audio calls between a calling party and a receiving party. Upon receiving a call request from a call initiating party, a notification is sent to the intended call recipient. The call recipient can send a request for a secure call. Upon receiving the request for a secure call, a bi-directional multifactor authentication is performed to authenticate the identity of both the call initiating party and the call receiving party. In response to successfully authenticating both parties, a secure call between the parties is established. One or more secure key tokens or other metadata can be embedded in the call to ensure security of the call.

Abstract: The present disclosure describes a system and method for secure energy harvesting. An access point includes a memory and a processor communicatively coupled to the memory. The processor receives, from a wireless device, a token and an identifier for a first access point that generated the token and requests the first access point to validate the token. The processor also, in response to the first access point validating the token, wirelessly communicates a first charging frame to the wireless device.

Abstract: A connection request is received from a user device associated with a user. The connection request includes an identifier associated with a profile associated with the user, the profile being a static profile or a dynamic profile. An observability profile associated with the user is identified based on the profile when the profile is a static profile and based on a current traffic profile associated with the user device when the profile is a dynamic profile. Measurements associated with a data session are executed for the user device based on the observability profile and one or more configurations are adjusted in a network to improve performance of the data session based on the measurements.

Abstract: Techniques are described herein for managing access to sensitive data detected within an electronic communication. In some embodiments, such techniques may comprise receiving, from a sender, an electronic communication directed toward a first recipient. The techniques may then comprise identifying one or more pieces of sensitive data within the electronic communication, providing a content of the one or more pieces of sensitive data to a data hosting device to be stored in a memory location and first information associated with the first recipient used to access the memory location, updating the electronic communication to replace the one or more pieces of sensitive data with a reference to the memory location, and transmitting the electronic communication to the first recipient.

Abstract: Failure prediction signaling and cognitive user migration may be provided. A client device may receive at least a portion of failure prediction data. The client device may then analyze the at least the portion of the failure prediction data. The client device may then roam from a first computing device to a second computing device in response to analyzing the at least the portion of the failure prediction data.