Abstract: Described embodiments provide systems and methods for selecting between modes for delivering or providing access to a file. A server can be configured to deliver the file via a plurality of modes of delivery including. A first mode of delivery can include downloading the file and a second mode of delivery can include delivering the file via a virtualized stream. The server can receive a request and initiate downloading of the file for a length of time. The server can identify an amount of available bandwidth and size of the file and determine a first time for the first mode of delivery. The first time can be compared to a second time to deliver the file via the second mode of delivery. The server can select between the first mode of delivery and the second mode of delivery and provide the file via the selected mode of delivery.

Abstract: A method for validating a Uniform Resource Locator (URL) includes generating electronic media content including the URL, generating a Certificate Signing Request (CSR) including the URL, sending the CSR to a certificate signing server, receiving a signed certificate corresponding to the CSR from the certificate signing server, and encoding the signed certificate as metadata in the electronic media content and/or encoding a serial number associated with the signed certificate as metadata in the electronic media content. A user can send the URL to another user through a chat message, an email, a word processing document or other business application, or a document which has a URL through a pen drive, email, or chat message. The certificate-based mechanism is used to validate the origin (sender) of the URL so that the recipients know that the URL can be accessed without having to separately analyze the security risks.

Abstract: Described embodiments provide for dynamically optimizing the number of application layer streams that may be multiplexed into a single transport layer connection, providing the advantages of application layer multiplexing without incurring unnecessary congestion-based network delays. A device may monitor net bandwidth and packet loss rates for a connection, and may dynamically increase and decrease a number of concurrent application layer streams to balance throughput and congestion avoidance. As congestion increases, the device may reduce concurrent stream limits in order to spawn additional transport layer connections, allowing faster congestion recovery and reduced performance impairment.

Abstract: Methods and systems for providing a cost effective and robust security solution for shared files stored by file sharing software solutions are described herein. The methods and systems for generating a ledger associated with shared files, which may include scanning data received from applications associated with a number of client devices and from a cloud based scanner. An access manager may control file permissions granted to users based on requests for scan data from each user device requesting access to a shared file. A plurality of different scanning applications may provide data that is collected for each shared file to provide a diverse analysis of a shared file to increase user confidence in a file security status.

Abstract: Described embodiments provide for provisioning devices securely using zero touch deployments. A controller application can receive a first authentication code from the controller. The controller application can establish, responsive to receiving the first authentication code, a short-range wireless connection with the device within a pairing range of the controller application using at least one of one or more short-range wireless communication types. The controller application can receive a second authentication code from the device via the short-range wireless connection. The controller application can determine that the first authentication code received from the controller corresponds to the second authentication code received via the short-range wireless connection.

Abstract: In one disclosed embodiment, a computing system may instruct a first content repository to store a first part of a file but not a second part of the file, the first content repository being associated with a first internet protocol (IP) address, and may instruct a second content repository to store the second part of the file but not the first part of the file, the second content repository being associated with a second IP address that is different than the first IP address. In response to the computing system receiving a request for the file from a client device, the computing system may instruct the client device to retrieve the second part of the file, but not the first part of the file, from the second content repository using the second IP address.

Abstract: Described embodiments provide systems and methods for remapping connections to tunnels selected based on a security level of the communications. A first network device may be in communication with a second network device via a plurality of communication tunnels. The plurality of communication tunnels may include an encrypted communication tunnel and an unencrypted communication tunnel. The first network device may receive a packet, the packet including header information and a payload. The first network device may determine whether the received packet is encrypted to meet a threshold level of security. The first network device may, responsive to determining that the packet is to meet the threshold level of security, communicate an identifier of the payload and the header information to the second network device via the encrypted communication tunnel, and communicate the payload to the second network device via the unencrypted communication tunnel.

Abstract: Methods and systems for securely sharing files with user devices based on location are described herein. A server may detect an endpoint device in response to receipt, from a user device, of a request to share a file, the endpoint device being proximate to the user device. An identifier indicative of the detected endpoint device may be generated by the server. The identifier may distinguish the detected endpoint device from other endpoint devices proximate to the user device. The server may send the identifier to the user device to enable the user device to share the file with the detected endpoint device.

Abstract: A first device connected to a network via a first connection may perform a method that involves determining a need for improved communication between the first device and the network, receiving a message from a second device that includes an indication of at least one performance parameter of a second connection between the second device and the network, establishing a peer-to-peer connection between the first device and the second device based at least in part on the indication, and communicating with the network via a communications channel that includes the peer-to-peer connection and the second connection.

Abstract: A user may, when using an application of a first computing device, intend to share data with other computing devices. To share the data, sharing processes may be performed by the first computing device, any device that the data is to be shared with, and one or more network locations. The sharing processes may determine whether the data is available at any of the devices or at any of the one or more network locations. Any device or network location where the data is available may be selected as a source of the data. Any device where the data is unavailable may be sent the data from one or more sources. Once received, the data may be stored to enable access by an application.

Abstract: Described embodiments provide systems and methods for validating a request to perform an action to access at least one file. A computing device can receive a request from the client, the request being to perform an action to access at least one file and including a first computed value indicative of one or more previous actions on files. The computing device may compare the first computed value to a second computed value maintained by the computing device independently from the first computed value. The second computed value may be indicative of the one or more previous actions on the files. The computing device may perform secondary authentication in addition to primary authentication for the client, responsive to an indication of trustworthiness of the client or the file according to the comparison of the first computed value to the second computed value.

Abstract: In some embodiments, a method may be performed by a computing device that involves displaying an identifier indicative of a file, the display of the identifier being readable by a second device, receiving first data from the second device in response to the identifier being read by the second device, and enabling performance of at least one action with respect to the file with use of the first data. In some embodiments, the method may further involve receiving a first encryption fragment associated with the file, receiving, from the second device, a second encryption fragment associated with the file, reconstructing, using at least the first encryption fragment and the second encryption fragment, an encryption key enabling viewing of the file, and viewing the file using the encryption key.

Abstract: A computing device may receive a file previously uploaded by another device, and may validate the received file using data including a first value encrypted based on a document (e.g., a digital certificate or identification certificate) of the uploading device. The computing device may determine the validity of the certificate based on a certificate of a remote computing device to which the file was uploaded, and may decrypt the first value using a key of the certificate of the uploading device. The computing device may determine a second value for the received file and may determine validity of the received file based on a match of the first value and the second value.

Abstract: Methods and systems for secure authentication in an extended reality (XR) environment are described herein. An XR environment may be output by a computing device and for display on a device configured to be worn by a user. A first plurality of images may be determined via the XR environment. The first plurality of images may be determined based on a user looking at a plurality of objects, real or virtual, in the XR environment. The first plurality of images may be sent to a server, and the server may return a second plurality of images. A public key and private key may be determined based on different portions of each of the second plurality of images. The public key may be sent to the server to register and/or authenticate subsequent communications between the computing device and the server.

Abstract: A computing device may include a processor and a memory. The processor may be configured to provide an encrypted second portion of a key to a client device in response to a match between data decrypted from an encrypted first portion of the key and a first portion of the key, the match being indicative of an absence of a proxy device. The processor may be configured to detect a loss in connectivity between the computing device and the client device based upon a mismatch between a decrypted second portion of the key and a second portion of the key, the mismatch being indicative of the proxy device.

Abstract: The systems and methods of the present disclosure are directed towards a dynamic system that is configured to identify and map networked traffic, such as that of video, voice, file transfer, and web based applications to predetermined Quality of Service (QoS) classes. The different QoS classes can be associated with different traffic priorities. The networked traffic can be encrypted, which can prevent an intermediate device from processing or otherwise reading the packet headers of the traffic. The systems and methods of the present disclosure can predict QoS classes for encrypted traffic based on traffic patterns and other characteristics of the encrypted traffic.

Abstract: A system for optimizing network traffic is described. The system includes a quality of service (QoS) engine configured to acquire information regarding a plurality of data packets comprising a plurality of data packet flows operating over a plurality of links. The QoS engine can be further configured to determine a flow priority to the plurality of data packets flows, and to determine TCP characteristics for the plurality of data packet flows. The system further includes a TCP controller configured to acquire the flow priority to the plurality of data packets from the QoS engine. The TCP controller can be configured to obtain queue information associated with the plurality of data packets, and adjust a receive window size based on the flow priority and the queue information.

Abstract: Methods and systems for providing files of variable sizes based on device and/or network conditions are described herein. A computer device may convert a file into a first modified file that includes content of the file and a second modified file that includes the content of the file. The first modified file may have a first file size and be associated with a first bandwidth range. The second modified file may have a second file size different from the first file size and be associated with a second bandwidth range different from the first bandwidth range. Based on a bandwidth available to a user device, the first modified file or the second modified file may be provided for download by the user device.

Abstract: A method, computer program product, and computer system for receiving, by a computing device, a plurality of file segments of a file, the plurality of file segments being received individually by the computing device. A first file segment of the file may be scanned to identify the presence of malware within the file segment. The first file segment of the file may be encrypted to create an encrypted file segment in response to identification by the scan of the first file segment that malware is absent from the first file segment. The encrypted file segment of the file may be sent to another computing device before a second file segment of the file is received by the computing device.

Abstract: A server includes a network interface to interface with mobile computing devices operating within a geographical area, with at least one of the mobile computing devices providing a request for navigation instructions between two geo-locations based on prompting the user to select an optimized connectivity route prompt. A processor is coupled to the network interface and is configured to generate a network connectivity map based on varying cellular network connectivity metrics for the geographical area, and generate, based on the user-selected optimized connectivity route prompt, the navigation instructions between the two geo-locations to be provided to the at least one mobile communications device via said network interface. The navigation instructions are generated based on the network connectivity map to provide a single route that is optimized to include areas with strong cellular network connectivity metric values.