Abstract: Methods, systems, and computer-readable media for deploying and implementing enterprise policies that control augmented reality computing functions are presented. A computing device may receive policy information defining policies that, when implemented, control capture of augmented renderings. After receiving the policy information, the computing device may intercept a request to capture at least one view having at least one augmented reality element. In response to intercepting the request, the computing device may determine whether the policies allow capture of views comprising augmented reality elements. Based on determining that the policies allow capture, the computing device may store view information associated with the at least one view having the at least one augmented reality element. Based on determining that the policies do not allow capture, the computing device may prevent the at least one view having the at least one augmented reality element from being captured.

Abstract: Methods and systems for token transfer are described herein. A remote computing device may receive, from a mobile computing device, a public key of a public-private key pair. The public key may be associated with a first application of the mobile computing device. The first application may be configured to send credentials to a second application of the mobile computing device. The second application may be isolated from other applications executable on the mobile computing device. The remote computing device may receive, from the first application, a token. The token may have been previously issued to the first application and may have been encrypted, using the public key, by the first application. The remote computing device may send, to the second application, the token to enable the second application to authenticate with a plurality of services that interact with the second application.

Abstract: Methods and systems for token transfer are described herein. A remote computing device may receive, from a mobile computing device, a public key of a public-private key pair. The public key may be associated with a first application of the mobile computing device. The first application may be configured to send credentials to a second application of the mobile computing device. The second application may be isolated from other applications executable on the mobile computing device. The remote computing device may receive, from the first application, a token. The token may have been previously issued to the first application and may have been encrypted, using the public key, by the first application. The remote computing device may send, to the second application, the token to enable the second application to authenticate with a plurality of services that interact with the second application.

Abstract: Methods and systems for injection of tokens or certificates for managed application communication are described. A computing device may intercept a request from an application executable on the computing device, the request being to access a remote resource. The computing device may modify future network communications between the computing device and the remote resource to include a token or a client certificate, where the token or the client certificate is an identifier that enables the future network communications to be routed to the remote resource for a given computing session without use of data from the remote resource or data indicative of a connection of the remote resource in which to receive the future network communications. The computing device may send the future network communications to the remote resource to enable action to be taken on behalf of the computing device in response to receipt of the future network communications.

Abstract: A system includes at least one data processor and memory storing instructions which, when executed by the at least one data processor, configures the at least one data processor to: provide, via a display, a visual stimulus including an animation containing at least a first object and a second object, the visual stimulus prompting for user input for authentication to a virtual domain; monitor movement of a user while providing the visual stimulus; identify, based on the monitoring, a sequence of dwell times of a characteristic of the user's movement with respect to the first object and the second object; compare the identified sequence of dwell times to a stored sequence of dwell times; and provide the comparison to enable authentication of the user in the virtual domain. Related apparatus, systems, techniques and articles are also described.

Abstract: A computing device may include a memory and a processor cooperating with the memory to enroll with a server having a metadata anonymization policy associated therewith, generate metadata and combine the metadata with respective user content data, where the computing device has a given metadata permission policy associated therewith from among a plurality of different metadata permission policies. The processor may further determine user content data having metadata combined therewith in violation of the metadata anonymization policy, and when the given metadata permission policy permits modification of metadata, modify the metadata in violation of the metadata anonymization policy so that only the modified metadata is accessible when the user content data is accessed.

Abstract: Methods, systems, and computer-readable media for deploying and implementing enterprise policies that control augmented reality computing functions are presented. A computing device may receive policy information defining policies that, when implemented, control capture of augmented renderings. After receiving the policy information, the computing device may intercept a request to capture at least one view having at least one augmented reality element. In response to intercepting the request, the computing device may determine whether the policies allow capture of views comprising augmented reality elements. Based on determining that the policies allow capture, the computing device may store view information associated with the at least one view having the at least one augmented reality element. Based on determining that the policies do not allow capture, the computing device may prevent the at least one view having the at least one augmented reality element from being captured.

Abstract: Methods and systems for token transfer are described herein. A remote computing device may receive, from a mobile computing device, a public key of a public-private key pair. The public key may be associated with a first application of the mobile computing device. The first application may be configured to send credentials to a second application of the mobile computing device. The second application may be isolated from other applications executable on the mobile computing device. The remote computing device may receive, from the first application, a token. The token may have been previously issued to the first application and may have been encrypted, using the public key, by the first application. The remote computing device may send, to the second application, the token to enable the second application to authenticate with a plurality of services that interact with the second application.

Abstract: Methods, systems, and computer-readable media for deploying and implementing enterprise policies that control augmented reality computing functions are presented. A computing device may receive policy information defining policies that, when implemented, control capture of augmented renderings. After receiving the policy information, the computing device may intercept a request to capture at least one view having at least one augmented reality element. In response to intercepting the request, the computing device may determine whether the policies allow capture of views comprising augmented reality elements. Based on determining that the policies allow capture, the computing device may store view information associated with the at least one view having the at least one augmented reality element. Based on determining that the policies do not allow capture, the computing device may prevent the at least one view having the at least one augmented reality element from being captured.

Abstract: Methods, systems, and computer-readable media for processing policy variance requests in an enterprise computing environment are presented. A computing platform may receive, from a first endpoint computing device, a request for a first policy variance. In response to receiving the request, the computing platform may authenticate the first endpoint computing device based on enrollment information and may validate contents of the request. Subsequently, the computing platform may generate a policy variance result message based on approval or rejection of the request for the first policy variance. Then, the computing platform may send, to the first endpoint computing device, the policy variance result message. By sending the policy variance result message to the first endpoint computing device, the computing platform may cause the first endpoint computing device to execute a policy action corresponding to the approval or rejection of the request for the first policy variance.

Abstract: Methods and systems for recording, tracking, and analyzing digital software usage in a distributed database that is used by multiple participants are described herein. A single usage event may occur, and may be identified by a client device. The usage event may be emitted to one or more nodes, which may include an aggregator node and/or one or more validator nodes. A block in a distributed database may be created to record the usage event. A mixed-mode mechanism may be used by one or more devices to validate the usage event.

Abstract: Methods and systems for token transfer are described herein. A remote computing device may receive, from a mobile computing device, a public key of a public-private key pair. The public key may be associated with a first application of the mobile computing device. The first application may be configured to send credentials to a second application of the mobile computing device. The second application may be isolated from other applications executable on the mobile computing device. The remote computing device may receive, from the first application, a token. The token may have been previously issued to the first application and may have been encrypted, using the public key, by the first application. The remote computing device may send, to the second application, the token to enable the second application to authenticate with a plurality of services that interact with the second application.

Abstract: Methods and systems for injection of tokens or certificates for managed application communication are described. A computing device may intercept a request from an application executable on the computing device, the request being to access a remote resource. The computing device may modify future network communications between the computing device and the remote resource to include a token or a client certificate, where the token or the client certificate is an identifier that enables the future network communications to be routed to the remote resource for a given computing session without use of data from the remote resource or data indicative of a connection of the remote resource in which to receive the future network communications. The computing device may send the future network communications to the remote resource to enable action to be taken on behalf of the computing device in response to receipt of the future network communications.

Abstract: A computing device may include a memory and a processor cooperating with the memory to enroll with a server having a metadata anonymization policy associated therewith, generate metadata and combine the metadata with respective user content data, where the computing device has a given metadata permission policy associated therewith from among a plurality of different metadata permission policies. The processor may further determine user content data having metadata combined therewith in violation of the metadata anonymization policy, and when the given metadata permission policy permits modification of metadata, modify the metadata in violation of the metadata anonymization policy so that only the modified metadata is accessible when the user content data is accessed.

Abstract: Described embodiments provide systems and methods for data encryption. A server communicating data with a client can determine a level of data encryption on the data that the server is capable of handling according to resources available to the server. A level of data encryption can include a type of encryption and a strength of the type of data encryption. The server can receive a level of data encryption on the data that the client is capable of handling according to resources available to the client. The server can identify a level of data encryption with which the server and the client agree to proceed, according to the determined level of data encryption and the received level of data encryption. The server, following a predefined interval, can identify an updated level of data encryption with which the server and the client agree to proceed.

Abstract: A computing system may include a EMM server having a metadata anonymization policy associated therewith, and a client computing device configured to generate metadata and combine the metadata with respective user content data, with the client computing device having a metadata permission policy associated therewith. The client computing device may be further configured to enroll with the server, determine user content data having metadata combined therewith in violation of the metadata anonymization policy, and when the metadata permission policy permits separation of the metadata from the user content data, strip the metadata from the user content data so that the metadata is inaccessible when the user content data is accessed.

Abstract: Described embodiments provide systems and methods for data encryption. A server communicating data with a client can determine a level of data encryption on the data that the server is capable of handling according to resources available to the server. A level of data encryption can include a type of encryption and a strength of the type of data encryption. The server can receive a level of data encryption on the data that the client is capable of handling according to resources available to the client. The server can identify a level of data encryption with which the server and the client agree to proceed, according to the determined level of data encryption and the received level of data encryption. The server, following a predefined interval, can identify an updated level of data encryption with which the server and the client agree to proceed.

Abstract: Disclosed embodiments describe systems and methods for prioritizing messages for conversion from text to speech. A message manager can execute on a device. The message manager can identify a plurality of messages accessible via the device and can determine, for each message of the plurality of messages, a conversion score based on one or more parameters of each message. The conversion score can indicate a priority of each message to convert from text to speech. The message manager can identify a message of the plurality of messages for transmission to a text-to-speech converter for converting the message from text to speech. The message manager can also receive, from the text-to-speech converter, speech data of the message to play via an audio output of the device.

Abstract: A system includes at least one data processor and memory storing instructions which, when executed by the at least one data processor, configures the at least one data processor to: provide, via a display, a visual stimulus including an animation containing at least a first object and a second object, the visual stimulus prompting for user input for authentication to a virtual domain; monitor movement of a user while providing the visual stimulus; identify, based on the monitoring, a sequence of dwell times of a characteristic of the user's movement with respect to the first object and the second object; compare the identified sequence of dwell times to a stored sequence of dwell times; and provide the comparison to enable authentication of the user in the virtual domain. Related apparatus, systems, techniques and articles are also described.

Abstract: Methods, systems, and computer-readable media for deploying and implementing enterprise policies that control augmented reality computing functions are presented. A computing device may receive policy information defining policies that, when implemented, control capture of augmented renderings. After receiving the policy information, the computing device may intercept a request to capture at least one view having at least one augmented reality element. In response to intercepting the request, the computing device may determine whether the policies allow capture of views comprising augmented reality elements. Based on determining that the policies allow capture, the computing device may store view information associated with the at least one view having the at least one augmented reality element. Based on determining that the policies do not allow capture, the computing device may prevent the at least one view having the at least one augmented reality element from being captured.