Abstract: Systems and methods for selectively transmitting alerts based on monitored behavior of a driver are disclosed. A system can calculate a driver score for a driver based on a set of driving events detected from sensor data captured while a vehicle was operated by the driver. Each of the set of driving events is associated with a driving behavior in a driving scenario. The driver score is further calculated based on historic driving event data. The system can assign the driver to a category of a number of categories based on the driver score. The system can determine that a change to a habitual driving behavior in a monitored driving scenario would result in reassignment of the driver to another category. The system can transmit an alert to the vehicle based upon a subsequent detection of a driving event that is associated with the monitored driving scenario.

Abstract: Systems and methods for selectively transmitting alerts based on monitored behavior of a driver are disclosed. A system can calculate a driver score for a driver based on a set of driving events detected from sensor data captured while a vehicle was operated by the driver. Each of the set of driving events is associated with a driving behavior in a driving scenario. The driver score is further calculated based on historic driving event data. The system can assign the driver to a category of a number of categories based on the driver score. The system can determine that a change to a habitual driving behavior in a monitored driving scenario would result in reassignment of the driver to another category. The system can transmit an alert to the vehicle based upon a subsequent detection of a driving event that is associated with the monitored driving scenario.

Abstract: Systems and methods for curating video and other driving-related data for use in driver coaching, which may include selecting or ranking driving behaviors for coaching, selecting or ranking drivers for coaching, selecting or ranking video and other data to be used in coaching, preparing for, scheduling, and summarizing coaching sessions, matching the format of coaching to the behavior or person being coached, preventing unsafe driving situations, influencing job dispatch decisions based on safety scores, and/or reducing data bandwidth usage based on a determined coaching effectiveness of video data.

Abstract: Systems and methods for selectively transmitting alerts based on monitored behavior of a driver are disclosed. A system can calculate a driver score for a driver based on a set of driving events detected from sensor data captured while a vehicle was operated by the driver. Each of the set of driving events is associated with a driving behavior in a driving scenario. The driver score is further calculated based on historic driving event data. The system can assign the driver to a category of a number of categories based on the driver score. The system can determine that a change to a habitual driving behavior in a monitored driving scenario would result in reassignment of the driver to another category. The system can transmit an alert to the vehicle based upon a subsequent detection of a driving event that is associated with the monitored driving scenario.

Abstract: Systems and methods for curating video and other driving-related data for use in driver coaching, which may include selecting or ranking driving behaviors for coaching, selecting or ranking drivers for coaching, selecting or ranking video and other data to be used in coaching, preparing for, scheduling, and summarizing coaching sessions, matching the format of coaching to the behavior or person being coached, preventing unsafe driving situations, influencing job dispatch decisions based on safety scores, and/or reducing data bandwidth usage based on a determined coaching effectiveness of video data.

Abstract: Techniques for improving data security and access control at the distributed execution level of distributed computing systems are provided. The techniques can include receiving a data access request from a data processing application to access data, directing the data access request to a security data application, modifying the data access request, executing the modified data access request to obtain data that is responsive to the modified data access request, and providing the obtained data to the data processing application.

Abstract: Systems and methods for curating video and other driving-related data for use in driver coaching, which may include selecting or ranking driving behaviors for coaching, selecting or ranking drivers for coaching, selecting or ranking video and other data to be used in coaching, preparing for, scheduling, and summarizing coaching sessions, matching the format of coaching to the behavior or person being coached, preventing unsafe driving situations, influencing job dispatch decisions based on safety scores, and/or reducing data bandwidth usage based on a determined coaching effectiveness of video data.

Abstract: A non-transitory computer readable storage medium has instructions executed by a processor to assign virtual identifiers to blocks of a file that contain identical information in different data sources. A distributed storage and distributed processing query statement is received. Real name attributes of the query statement are equated with selected virtual identifiers. Access control policies are applied to the selected virtual identifiers to obtain policy results. The policy results are applied to the real name attributes of the query statement to obtain query results.

Abstract: Systems, computer program products and methods implementing policy enforcement for search engines are described. A policy engine receives a user identifier associated with a search query including one or more query terms. The policy engine receives, from a preprocessor of a search engine, an intermediate representation of the search query. The intermediate representation includes one or more index terms corresponding to the one or more query terms. The policy engine determines, based on a particular policy, if the user is prohibited from accessing data associated with a particular index term. In response, the policy engine modifies the intermediate representation, including negating the particular index term. The policy engine then submits the modified intermediate representation to a query processing module of the search engine, causing the query processing module to exclude content corresponding to the particular index term from search results.

Abstract: A method for natural language query processing in an internet of things (IoT) system and an electronic device thereof are provided. The method includes receiving a natural language query including a plurality of attributes. Further, the method includes determining, by the IoT query engine, things from a plurality of things to be queried from a unified metadata based on the plurality of attributes. The unified metadata includes information about the plurality of things connected in the IoT system. Further, the method includes sending, by the IoT query engine, at least one structural query to each of the determined things. The at least one structural query is generated based on the plurality of attributes and the determined things. Further, the method includes retrieving, by the IoT query engine, results from each of the determined things.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for managing, and enforcing policies on data security. A policy appliance includes a policy administration point, a policy decision point, a policy enforcement point and, optionally, an auditing module. The policy appliance can execute in a self-contained environment, e.g., a single virtual machine, a single physical machine, or a cluster of virtual machines or physical machines identically configured. The self-contained policy appliance can receive, manage, enforce and audit multiple policies that specify access privileges of multiple users on multiple databases. The databases can include heterogeneous databases that are configured separately and differently from one another. A single configuration of the policy appliance centralizes and unifies policy management of the heterogeneous database in the self-contained environment.

Abstract: The present disclosure relates to a sensor network, machine type communication (MTC), machine-to-machine (M2M) communication, and technology for Internet of things (IoT). The present disclosure may be applied to intelligent services based on the above technologies, such as smart home, smart building, smart city, smart car, connected car, health care, digital education, smart retail, security and safety services. A method and an authenticating system for authenticating users in an IoT environment are provided.

Abstract: Systems, computer program products and methods implementing access control for compound structures including subfields are described. A policy system receives a database schema and a data access policy. The database schema defines multiple subfields of a data column. The policy includes one or more rules limiting access to the subfields. A policy analyzer of the policy system creates an access control metadata that stores correspondence between the subfields and the rules. The policy analyzer represents the subfields in the access control metadata using relations between subfields and other components of the database. The policy analyzer provides the access control metadata to a policy enforcer for enforcing the policy on the subfields.

Abstract: Systems, computer program products and methods implementing access control on a distributed file system are described. A file system enforcement point protects an HDFS from unauthorized access by authenticating a declared identity of a task submitting a request from a client. Upon receiving the request, the file system enforcement point submits a challenge to the client, requesting the task to provide credentials of the declared identity. The task submits credentials. On the client, each task has access to credentials of a true identity of the task. Accordingly, in case a task submits a claimed identity that is different from the true identity of the task, the task cannot submit correct credentials in response to the challenge. The file system enforcement point authenticates the declared identity using the submitted credentials. The file system enforcement point allows the client to access the HDFS only upon successful authentication.

Abstract: An electronic device is provided. The electronic device includes a memory, a communication circuitry, and a processor configured to transmit, a first signal for requesting to access an external device, to the external device, receive, a second signal for requesting to provide a token stored in the electronic device, from the external device, the token being generated based on at least part of a block chain including at least one block that is respectively associated with at least one external device that has been accessed by the electronic device, in response to the reception, transmit, information on the token, to the external device, receive, a third signal indicating allowed the access, from the external device, the third signal being transmitted from the external device in response to identifying, by the external device, to validate the token in all of the plurality of external devices, and access the external device based on the third signal.

Abstract: A non-transitory computer readable storage medium has instructions executed by a processor to receive a query statement. The query statement is one of many distributed storage and distributed processing query statements with unique data access methods. Token components are formed from the query statement. The token components are categorized as data components or logic components. Modified token components are formed from the token components in accordance with a policy. The query statement is reconstructed with the modified token components and original computational logic and control logic associated with the query statement.

Abstract: A non-transitory computer readable storage medium has instructions executed by a processor to intercept a query statement at a master machine. The query statement is an instruction from a client machine that specifies how data managed by a distributed storage system should be processed and provided back to the client. In the communication between the client and the master machine, tokens associated with the statement are evaluated to selectively identify a pattern match of one of connection pattern tokens, login pattern tokens or query pattern tokens. For the query pattern tokens, altered tokens for the query statement are formed in response to the pattern match to establish a revised statement. The revised statement is produced in response to application of a policy rule. The revised statement maintains computation, logic and procedure of the statement, but alters parameters of the statement as specified by the policy rule.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for managing, and enforcing policies on data security. A policy appliance includes a policy administration point, a policy decision point, a policy enforcement point and, optionally, an auditing module. The policy appliance can execute in a self-contained environment, e.g., a single virtual machine, a single physical machine, or a cluster of virtual machines or physical machines identically configured. The self-contained policy appliance can receive, manage, enforce and audit multiple policies that specify access privileges of multiple users on multiple databases. The databases can include heterogeneous databases that are configured separately and differently from one another. A single configuration of the policy appliance centralizes and unifies policy management of the heterogeneous database in the self-contained environment.

Abstract: The present disclosure relates to a sensor network, machine type communication (MTC), machine-to-machine (M2M) communication, and technology for Internet of things (IoT). The present disclosure may be applied to intelligent services based on the above technologies, such as smart home, smart building, smart city, smart car, connected car, health care, digital education, smart retail, security and safety services. A method and an authenticating system for authenticating users in an IoT environment are provided.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for managing, and enforcing policies on data security. A policy appliance includes a policy administration point, a policy decision point, a policy enforcement point and, optionally, an auditing module. The policy appliance can execute in a self-contained environment, e.g., a single virtual machine, a single physical machine, or a cluster of virtual machines or physical machines identically configured. The self-contained policy appliance can receive, manage, enforce and audit multiple policies that specify access privileges of multiple users on multiple databases. The databases can include heterogeneous databases that are configured separately and differently from one another. A single configuration of the policy appliance centralizes and unifies policy management of the heterogeneous database in the self-contained environment.