Abstract: Photonic devices, photonic integrated circuits, optical elements, and techniques of making and using the same are described. A photonic device includes an input region adapted to receive an optical signal including a multiplexed channel characterized by a distinct wavelength, a dispersive region optically coupled with the input region to receive the optical signal, the dispersive region including a plurality of sub-regions defined by an inhomogeneous arrangement of a first material and a second material, and a plurality of output regions optically coupled with the input region via the dispersive region. The plurality of sub-regions can include an input channel section, one or more coupler sections, and one or more branching sections. The plurality of sub-regions together can configure the photonic device to demultiplex the optical signal and to isolate the multiplexed channel at a first output region of the plurality of output regions.

Abstract: Photonic devices, photonic integrated circuits, optical elements, and techniques of making and using the same are described. A photonic device includes an input region adapted to receive an optical signal including a multiplexed channel characterized by a distinct wavelength, a dispersive region optically coupled with the input region to receive the optical signal, the dispersive region including a plurality of sub-regions defined by an inhomogeneous arrangement of a first material and a second material, and a plurality of output regions optically coupled with the input region via the dispersive region. The plurality of sub-regions can include an input channel section, one or more coupler sections, and one or more branching sections. The plurality of sub-regions together can configure the photonic device to demultiplex the optical signal and to isolate the multiplexed channel at a first output region of the plurality of output regions.

Abstract: Photonic devices, photonic integrated circuits, optical elements, and techniques of making and using the same are described. A photonic device includes an input region adapted to receive an optical signal including a multiplexed channel characterized by a distinct wavelength, a dispersive region optically coupled with the input region to receive the optical signal, the dispersive region including a plurality of sub-regions defined by an inhomogeneous arrangement of a first material and a second material, and a plurality of output regions optically coupled with the input region via the dispersive region. The plurality of sub-regions can include an input channel section, an in-coupler section, a parallel channel section, an out-coupler section, and an output channel section. The plurality of sub-regions together can configure the photonic device to demultiplex the optical signal and to isolate the multiplexed channel at a first output region of the plurality of output regions.

Abstract: Access to secured items in a computing system is requested instead of being persistent. Access requests may be granted on a just-in-time basis. Anomalous access requests are detected using machine learning models based on historic patterns. Models utilizing conditional probability or collaborative filtering also facilitate the creation of human-understandable explanations of threat assessments. Individual machine learning models are based on historic data of users, peers, cohorts, services, or resources. Models may be weighted, and then aggregated in a subsystem to produce an access request risk score. Scoring principles and conditions utilized in the scoring subsystem may include probabilities, distribution entropies, and data item counts. A feedback loop allows incremental refinement of the subsystem. Anomalous requests that would be automatically approved under a policy may instead face human review, and low threat requests that would have been delayed by human review may instead be approved automatically.

Abstract: Techniques are described for providing and accessing network services via a peer-to-peer wireless network connection which is established between a first computing device and a second computing device. The first computing device has an additional network connection that allows it to access network services via external networks (e.g., the internet). The second computing device is only connected to the peer-to-peer wireless network connection and has no Internet access. A primary data channel is established between the first and second computing devices over the peer-to-peer wireless network connection (e.g., for streaming audio and/or video content). A secondary data channel is negotiated between the first computing device and the second computing device. The secondary data channel is used by the second computing device to access the network services via the first computing device which performs relay and/or proxy operations for the second computing device.

Abstract: Various technologies are described for modifying peer-to-peer sessions over a wireless network connection. In particular embodiments, a “pause” functionality is provided that allows a peer-to-peer session (such as a Miracast session) to be paused. In some embodiments, the session is paused for a user-selected selected period of time. In other embodiments, the session is paused until a resume message is received from the source device. In particular implementations, the pause functionality allows the source device to be used for another purpose during the period in which the session is paused and/or allows the source device to be removed from the range of the sink device.

Abstract: Techniques are described for providing and accessing network services via a peer-to-peer wireless network connection which is established between a first computing device and a second computing device. The first computing device has an additional network connection that allows it to access network services via external networks (e.g., the internet). The second computing device is only connected to the peer-to-peer wireless network connection and has no Internet access. A primary data channel is established between the first and second computing devices over the peer-to-peer wireless network connection (e.g., for streaming audio and/or video content). A secondary data channel is negotiated between the first computing device and the second computing device. The secondary data channel is used by the second computing device to access the network services via the first computing device which performs relay and/or proxy operations for the second computing device.

Abstract: The manual entry of displayed access codes can be avoided by using a camera connected to or integrated with a computer system to capture an image of a display on another device containing a displayed access code. In response to an indication of where a pin is located in the captured image, optical character recognition is performed on the captured image to extract the access code and enter the access code into the computer system.

Abstract: A method for creating an archive protection plan for archiving a backup of data is provided. An indication of an archive data protection kind and an archive data protection duration are received. In response to receiving the archive data protection kind and the archive data protection duration, an archive scheme is determined and an archive protection plan representative of the archive scheme is generated.

Abstract: A method for creating a group plan for protecting an object located at a production location is provided. A selection of an object for which a group plan is to be created is received along with protection intents for the selected object. The protection intents are translated into a group plan for protecting the selected object.

Abstract: A method for creating an archive protection plan for archiving a backup of data is provided. An indication of an archive data protection kind and an archive data protection duration are received. In response to receiving the archive data protection kind and the archive data protection duration, an archive scheme is determined and an archive protection plan representative of the archive scheme is generated.

Abstract: A method for creating an archive protection plan for archiving a backup of data is provided. An indication of an archive data protection kind and an archive data protection duration are received. In response to receiving the archive data protection kind and the archive data protection duration, an archive scheme is determined and an archive protection plan representative of the archive scheme is generated.

Abstract: A method for verifying data copies generated by a data protection system is provided. In accordance with the method, intents for selecting a data copy to be verified are determined. The intents may specify a time period after which data is to be verified and an interval for which the verification is to be repeated. Additionally, utilizing the intents, a data copy matching those intents is identified and verified. A data copy may be verified by comparing a checksum of the data copy with a known checksum value. If the data copy fails to be verified, a copy of the data copy is generated.

Abstract: A backup system in accordance with an implementation of the present invention includes one or more light-weight (i.e., stateless) storage nodes that are positioned close enough to one or more assigned production servers to enable as rapid and efficient a data recovery as possible. The one or more light-weight storage nodes are driven by, and implement backup policies in accordance with, control settings determined by and received from a centralized backup server. Changes to the control settings are simply produced at the centralized backup server and propagated to each storage node in the system. In addition to efficient backup times, general backup administration can be greatly simplified at least in part since a large number of production serves can be serviced through a small or large number of light-weight storage nodes, which in turn can be managed by a single centralized backup server.

Abstract: A backup system in accordance with an implementation of the present invention includes one or more light-weight (i.e., stateless) storage nodes that are positioned close enough to one or more assigned production servers to enable as rapid and efficient a data recovery as possible. The one or more light-weight storage nodes are driven by, and implement backup policies in accordance with, control settings determined by and received from a centralized backup server. Changes to the control settings are simply produced at the centralized backup server and propagated to each storage node in the system. In addition to efficient backup times, general backup administration can be greatly simplified at least in part since a large number of production serves can be serviced through a small or large number of light-weight storage nodes, which in turn can be managed by a single centralized backup server.

Abstract: Systems and methods are described for distributing and updating trusted certification authorities to computer systems and users. When a digital certificate is encountered during a secured electronic transaction, the root authority of the certificate is determined. It is then determined whether the root authority is a trusted authority by attempting to locate the root authority in a trusted root list. If the root authority is not included in the trusted root list, a remote site is accessed and an updated version of the trusted root list is downloaded. The new trusted root list is checked for the presence of the encountered certificate and, if found, the transaction is allowed to proceed. In one implementation, the entire trusted root list is not downloaded. Instead, if an appropriate digital certificate is located, then the certificate is downloaded and added to the trusted root list of the computer system. The transaction may then proceed.

Abstract: A method for verifying data copies generated by a data protection system is provided. In accordance with the method, intents for selecting a data copy to be verified are determined. The intents may specify a time period after which data is to be verified and an interval for which the verification is to be repeated. Additionally, utilizing the intents, a data copy matching those intents is identified and verified. A data copy may be verified by comparing a checksum of the data copy with a known checksum value. If the data copy fails to be verified, a copy of the data copy is generated.

Abstract: A method for creating a group plan for protecting an object located at a production location is provided. A selection of an object for which a group plan is to be created is received along with protection intents for the selected object. The protection intents are translated into a group plan for protecting the selected object.

Abstract: A method for creating an archive protection plan for archiving a backup of data is provided. An indication of an archive data protection kind and an archive data protection duration are received. In response to receiving the archive data protection kind and the archive data protection duration, an archive scheme is determined and an archive protection plan representative of the archive scheme is generated.

Abstract: The present invention is directed to a system and method for dynamically detecting, downloading and installing drivers on a client system. The present invention operates in a client/server architecture of a network environment. In operation, information relating to a client system is provided to a server, and that information is used to match available driver information located on the server to the received client system information.