Abstract: A voltage level-shifting circuit for an integrated circuit includes an input terminal receiving a voltage signal referenced to an input/output (I/O) voltage level. A transistor overvoltage protection circuit includes a first p-type metal oxide semiconductor (PMOS) transistor includes a source coupled to the second voltage supply, a gate receiving an enable signal, and a drain connected to a central node. A first n-type metal oxide semiconductor (NMOS) transistor includes a drain connected to the central node, a gate connected to the input terminal, and a source connected to an output terminal. A second NMOS transistor includes a drain connected to the input terminal, a gate connected to the central node, and a source connected to the output terminal.

Abstract: A reconditioning device includes: a first shearing plate; a second shearing plate; and a housing. The housing includes: a first member configured to hold the first shearing plate and comprising an input for receiving a material; a second member connected to the first member to form an inner cavity, a portion of the inner cavity is located in a gap between the first shearing plate and the second shearing plate; and an output member connected to a pipeline of a production applicator and configured to output the material subsequent to shearing. The shaft extends through the second member, is connected to the second shearing plate, and is configured to be rotated to shear the material disposed in the gap between the first shearing plate and the second shearing plate.

Abstract: A voltage level-shifting circuit for an integrated circuit includes an input terminal receiving a voltage signal referenced to an input/output (PO) voltage level. A transistor overvoltage protection circuit includes a first p-type metal oxide semiconductor (PMOS) transistor includes a source coupled to the second voltage supply, a gate receiving an enable signal, and a drain connected to a central node. A first n-type metal oxide semiconductor (NMOS) transistor includes a drain connected to the central node, a gate connected to the input terminal, and a source connected to an output terminal. A second NMOS transistor includes a drain connected to the input terminal, a gate connected to the central node, and a source connected to the output terminal.

Abstract: Systems and methods for determining whether a particular feature or change implemented in at least one test store causes a significant change as compared to one or more control stores are discussed. More particularly, techniques for using a time-series clustering algorithm to identify comparable sister stores to a store in which a feature change is being considered are described. Once the sister stores are identified a testing module can perform an A/B testing so as to validate whether a particular feature change being implemented in the test store causes a significant change as compared to the control stores.

Abstract: A method, apparatus, system, and computer program product are provided for managing the usage of verified credentials. An issuer of credentials receives a request from a person for a credential. The issuer identifies the credential from information that is controlled by the issuer. The issuer identifies a decentralized identifier (DID) record for an audit engine from a blockchain network. The DID record for the audit engine includes a public key of that is associated with the audit engine. The issuer identifies a DID record for the person from the blockchain network. The DID record for the person includes a public key that is associated with the person. The issuer generates an encrypted credential by encrypting the credential and the DID record for the person based on the public key associated with the audit engine. The issuer sends the encrypted credential to the person.

Abstract: A level shifting output circuit converts a signal from a core voltage to an I/O voltage without causing voltage overstress on transistor terminals in the level shifting output circuit. The output circuit includes protection transistors to protect various transistors in the output circuit from overvoltage conditions including those transistors coupled to I/O power supply nodes.

Abstract: A method, apparatus, system, and computer program product are provided for managing the usage of verified credentials. An issuer of credentials receives a request from a person for a credential. The issuer identifies the credential from information that is controlled by the issuer. The issuer identifies a decentralized identifier (DID) record for an audit engine from a blockchain network. The DID record for the audit engine includes a public key of that is associated with the audit engine. The issuer identifies a DID record for the person from the blockchain network. The DID record for the person includes a public key that is associated with the person. The issuer generates an encrypted credential by encrypting the credential and the DID record for the person based on the public key associated with the audit engine. The issuer sends the encrypted credential to the person.

Abstract: Embodiments are directed to managing cryptographic keys in a multi-tenant cloud based system. Embodiments receive from a client a request for a wrapped data encryption key (“DEK”). Embodiments generate a random key and fetch encryption context that corresponds to the client. Embodiments generate the wrapped DEK including the random key and the encryption context encoded in the wrapped DEK. Embodiments then return the wrapped DEK to the client.

Abstract: A method, apparatus, system, and computer program product are provided for managing the usage of verified credentials. An issuer of credentials receives a request from a person for a credential. The issuer identifies the credential from information that is controlled by the issuer. The issuer identifies a decentralized identifier (DID) record for an audit engine from a blockchain network. The DID record for the audit engine includes a public key of that is associated with the audit engine. The issuer identifies a DID record for the person from the blockchain network. The DID record for the person includes a public key that is associated with the person. The issuer generates an encrypted credential by encrypting the credential and the DID record for the person based on the public key associated with the audit engine. The issuer sends the encrypted credential to the person.

Abstract: An embodiment controls access to a resource, the access controlled by a multi-tenant system. Embodiments receive, at a web server, a request for the resource from a user via a web browser, the request including a Uniform Resource Locator (“URL”) associated with the resource and an identity of a tenant corresponding to the user. Embodiments determine an access policy for authenticating the user that is associated with the resource, the access policy based in part on the identity of the tenant. Embodiments then authenticate the user based on the determined access policy.

Abstract: Examples provide a workforce manager that analyzes historical pharmacy transaction data to generate a set of forecasted future prescriptions for a selected pharmacy. The forecasted future prescriptions are divided into predicted new prescriptions and predicted refill prescriptions. The predicted refill prescriptions are classified into a set of high confidence refills and a set of low confidence refills. The labor demand associated with the set of high confidence refills are redistributed within a range of pickup dates associated with each high confidence refill prescription to smooth labor demand minimizing variation within a selected time-period. A number of personnel are identified for each day in the selected time-period based on the smoothed labor demand. A schedule is published assigning at least a portion of the forecasted future prescriptions and the number of personnel to each day in the selected time-period is output.

Abstract: Systems and methods for determining whether a particular feature or change implemented in at least one test store causes a significant change as compared to one or more control stores are discussed. More particularly, techniques for using a time-series clustering algorithm to identify comparable sister stores to a store in which a feature change is being considered are described. Once the sister stores are identified a testing module can perform an A/B testing so as to validate whether a particular feature change being implemented in the test store causes a significant change as compared to the control stores.

Abstract: Key generation and roll over is provided for a cloud based identity management system. A key set is generated that includes a previous key and expiration time, a current key and expiration time, and a next key and expiration time, and stores the key set in a database table and a memory cache associated with the database table. At the current key expiration time, the key set is rolled over, including retrieving the key set from the database table, updating the previous key and expiration time with the current key and expiration time, updating the current key and expiration time with the next key and expiration time, generating a new key and expiration time, updating the next key and expiration time with the new key and expiration time, and updating the key set in the database table and the memory cache.

Abstract: Embodiments are directed to managing cryptographic keys in a multi-tenant cloud based system. Embodiments receive from a client a request for a wrapped data encryption key (“DEK”). Embodiments generate a random key and fetch encryption context that corresponds to the client. Embodiments generate the wrapped DEK including the random key and the encryption context encoded in the wrapped DEK. Embodiments then return the wrapped DEK to the client.

Abstract: An embodiment controls access to a resource, the access controlled by a multi-tenant system. Embodiments receive, at a web server, a request for the resource from a user via a web browser, the request including a Uniform Resource Locator (“URL”) associated with the resource and an identity of a tenant corresponding to the user. Embodiments determine an access policy for authenticating the user that is associated with the resource, the access policy based in part on the identity of the tenant. Embodiments then authenticate the user based on the determined access policy.

Abstract: A system provides cloud-based identity and access management. The system receives a request by a web gate for an identity management service for reaching an application, and determines a tenancy from a header value of the request. The system looks up a policy configured to be applied for the tenancy, and applies the policy to the request. The system then sends the request to a microservice based on a result of the applying of the policy to the request, where the microservice performs the identity management service for reaching the application.

Abstract: Key generation and roll over is provided for a cloud based identity management system. A key set is generated that includes a previous key and expiration time, a current key and expiration time, and a next key and expiration time, and stores the key set in a database table and a memory cache associated with the database table. At the current key expiration time, the key set is rolled over, including retrieving the key set from the database table, updating the previous key and expiration time with the current key and expiration time, updating the current key and expiration time with the next key and expiration time, generating a new key and expiration time, updating the next key and expiration time with the new key and expiration time, and updating the key set in the database table and the memory cache.

Abstract: A system provides cloud-based identity and access management. The system receives a request by a web gate for an identity management service for reaching an application, and determines a tenancy from a header value of the request. The system looks up a policy configured to be applied for the tenancy, and applies the policy to the request. The system then sends the request to a microservice based on a result of the applying of the policy to the request, where the microservice performs the identity management service for reaching the application.

Abstract: A method of propagating a user's authentication/session information between different requests to Web services in a network includes a web server receiving a request for access to a first web service. The request is intercepted with an agent and authentication credentials are collected. A determination is made whether the web service customer is authenticated and authorized. If the web service customer is authenticated and authorized, a session and session ticket are created. An ID and the session ticket are returned to the web server. The session ticket ID and a public key are encrypted into an assertion. The assertion is sent to the first web service. The assertion is then returned to the web service customer for use with future requests. The assertion can be in the form of a SAML assertion.

Abstract: A method of propagating a user's authentication/session information between different requests to Web services in a network includes a web server receiving a request for access to a first web service. The request is intercepted with an agent and authentication credentials are collected. A determination is made whether the web service customer is authenticated and authorized. If the web service customer is authenticated and authorized, a session and session ticket are created. An ID and the session ticket are returned to the web server. The session ticket ID and a public key are encrypted into an assertion. The assertion is sent to the first web service. The assertion is then returned to the web service customer for use with future requests. The assertion can be in the form of a SAML assertion.