Abstract: A request generated by an unmanaged app to access a resource is received from a mobile device. A notification is sent to the mobile device. A device level VPN connection to the mobile device is established. A unique identifier is associated with the device level VPN. App level traffic received via the device level VPN is tagged with the unique identifier. Access to the resource is allowed in response to the request based at least in part on a determination based on the tags that app level traffic from a trusted app and app level traffic from the unmanaged app are associated with the same mobile device.

Abstract: A method for diagnosis of a temperature control means (30) of a battery pack (10) that comprises a plurality of battery cells (20) and a plurality of temperature sensors for measuring temperatures of the individual battery cells (20), the battery cells (20) being arranged side by side in the battery pack (10), in a longitudinal direction (12) of the battery pack (10), and mechanically connected to each another, and the battery cells (20) being arranged on the temperature control means (30) and mechanically and thermally connected to it. A battery management system, and/or a battery pack (10) may be configured to execute the method. A vehicle may be fitted with a battery pack that carries out the method.

Abstract: Using a buffer sized according to the size of the filters of a convolutional neural network (CNN), a processor may use a read pointer to generate a two-dimensional virtual matrix of inputs. The number of inputs in each row in the two-dimensional virtual matrix of inputs may match the one-dimensional filter size of the cubic filters. The processor may collapse each of the cubic filters to one-dimensional linear arrays and generate a two-dimensional filter matrix from the one-dimensional linear arrays. The convolution computations for a corresponding layer of the CNN therefore reduce to a single matrix multiplication without any memory movement operations. When the buffer is refreshed using a new input frame, the processor may increment the initial read address of each read pointer by one and increment the final read address by one, circling back to the corresponding initial read address.

Abstract: The invention relates to a method for determining a model error in a mathematical model of an electrical energy storage unit, which method comprises the following steps: a) providing a mathematical error model for determining the model error in the mathematical model, wherein the mathematical error model is provided in at least a two-part form, wherein a first model error of an open-circuit voltage curve of the mathematical model of the electrical energy storage unit is modelled by the first part of the error model, and a second model error of a voltage curve of the mathematical model is modelled on the basis of an electrical current by the second part of the error model; b) determining at least one current value, wherein the electrical current flows in the electrical energy storage unit; c) applying the determined current value to the mathematical error model as the input value for the mathematical error model; d) determining the model error of the mathematical model as an output value for the mathematical e

Abstract: In an embodiment, a system for asserting a mobile identity to users and devices in an enterprise authentication system includes a communication interface and a processor coupled to the interface. The processor is configured to receive, via the communication interface and from a first device, a request to authenticate a user to a service using a unique identity associated with a second device. The processor is configured to determine, based at least in part on the unique identity, an identity certificate associated with the request, generate an identity assertion based at least in part on the identity certificate, and provide the identity assertion via the communication interface to a requesting node with which the request to authenticate is associated.

Abstract: A request generated by an unmanaged app to access a resource is received from a mobile device. A notification is sent to the mobile device. A device level VPN connection to the mobile device is established. A unique identifier is associated with the device level VPN. App level traffic received via the device level VPN is tagged with the unique identifier. Access to the resource is allowed in response to the request based at least in part on a determination based on the tags that app level traffic from a trusted app and app level traffic from the unmanaged app are associated with the same mobile device.

Abstract: A method for ascertaining at least one performance characteristic for the operation of an electrical energy store is described, comprising the steps of: a) receiving operating data, in particular current and/or voltage and/or temperature measured values, of a multiplicity of electrical energy stores, wherein the multiplicity of electrical energy stores satisfy a predefined criterion, for example a predefined number of operating hours; b) ascertaining at least one ageing state variable, in particular an electrical capacitance, of the multiplicity of electrical energy stores by evaluating the operating data of the multiplicity of electrical energy stores; c) ascertaining at least one performance characteristic for the operation of an electrical energy store, in particular a maximum charging current, on the basis of the at least one ageing state variable; d) transmitting the at least one performance characteristic to a further multiplicity of electrical energy stores.

Abstract: Techniques to provide secure access to a cloud service are disclosed. In various embodiments, enterprise mobility management (EMM) data associated with a set of enterprise users of mobile devices associated with an enterprise is received. Cloud service data associated with use of a cloud service of the cloud service provider by users associated with the enterprise is received and correlated with the EMM data. Usage of the cloud service by said users associated with the enterprise is analyzed, including one or both of access of the cloud service using one or more unmanaged devices and access of the cloud service using one or more unmanaged mobile apps.

Abstract: A request generated by an unmanaged app to access a resource is received from a mobile device. A notification is sent to the mobile device. A device level VPN connection to the mobile device is established. A unique identifier is associated with the device level VPN. App level traffic received via the device level VPN is tagged with the unique identifier. Access to the resource is allowed in response to the request based at least in part on a determination based on the tags that app level traffic from a trusted app and app level traffic from the unmanaged app are associated with the same mobile device.

Abstract: Techniques are disclosed to provide VPN and identity based authentication to cloud-based services. In various embodiments, a request to authenticate a user to a service is received. A user identity associated with one or both of the user and the request is determined based at least in part on data comprising the request. An identity assertion is generated based at least in part on the user identity. The identity assertion is provided to a requesting node with which the request to authenticate is associated.

Abstract: A method for diagnosis of a temperature control means (30) of a battery pack (10) that comprises a plurality of battery cells (20) and a plurality of temperature sensors for measuring temperatures of the individual battery cells (20), the battery cells (20) being arranged side by side in the battery pack (10), in a longitudinal direction (12) of the battery pack (10), and mechanically connected to each another, and the battery cells (20) being arranged on the temperature control means (30) and mechanically and thermally connected to it. A battery management system, and/or a battery pack (10) may be configured to execute the method. A vehicle may be fitted with a battery pack that carries out the method.

Abstract: Techniques to provide secure access to a cloud-based service are disclosed. In various embodiments, a request is received from a client app on a device to connect to a security proxy associated with the cloud-based service. A secure tunnel connection between the device and a node with which the security proxy is associated is used to establish the requested connection to the security proxy. Information associated with the secure tunnel is used to determine that the requesting client app is authorized to access the cloud-based service from the device and to obtain from an identity provider associated with the cloud-based service a security token to be used by the client app to authenticate to the cloud-based service.

Abstract: Techniques are disclosed to provide VPN and identity based authentication to cloud-based services. In various embodiments, a request to authenticate a user to a service is received. A user identity associated with one or both of the user and the request is determined based at least in part on data comprising the request. An identity assertion is generated based at least in part on the user identity. The identity assertion is provided to a requesting node with which the request to authenticate is associated.

Abstract: Techniques are disclosed to provide VPN and identity based authentication to cloud-based services. In various embodiments, a request to authenticate a user to a service is received. A user identity associated with one or both of the user and the request is determined based at least in part on data comprising the request. An identity assertion is generated based at least in part on the user identity. The identity assertion is provided to a requesting node with which the request to authenticate is associated.

Abstract: In an embodiment, a system for asserting a mobile identity to users and devices in an enterprise authentication system includes a communication interface and a processor coupled to the interface. The processor is configured to receive, via the communication interface and from a first device, a request to authenticate a user to a service using a unique identity associated with a second device. The processor is configured to determine, based at least in part on the unique identity, an identity certificate associated with the request, generate an identity assertion based at least in part on the identity certificate, and provide the identity assertion via the communication interface to a requesting node with which the request to authenticate is associated.

Abstract: In an embodiment, a system for asserting a mobile identity to users and devices in an enterprise authentication system includes a communication interface and a processor coupled to the interface. The processor is configured to receive, via the communication interface and from a first device, a request to authenticate a user to a service using a unique identity associated with a second device. The processor is configured to determine, based at least in part on the unique identity, an identity certificate associated with the request, generate an identity assertion based at least in part on the identity certificate, and provide the identity assertion via the communication interface to a requesting node with which the request to authenticate is associated.

Abstract: Techniques to provide secure access to a cloud-based service are disclosed. In various embodiments, a request is received from a client app on a device to connect to a security proxy associated with the cloud-based service. A secure tunnel connection between the device and a node with which the security proxy is associated is used to establish the requested connection to the security proxy. Information associated with the secure tunnel is used to determine that the requesting client app is authorized to access the cloud-based service from the device and to obtain from an identity provider associated with the cloud-based service a security token to be used by the client app to authenticate to the cloud-based service.

Abstract: Techniques to provide secure mobile access to a cloud-based service are disclosed. In various embodiments, a request to access the cloud-based service is received from a mobile device. A security certificate associated with the request is used to synthesize a basic authentication header associated with the request. The synthesized basic authentication header is sent to the cloud-based service on behalf of the mobile device.

Abstract: A request generated by an unmanaged app to access a resource is received from a mobile device. A notification is sent to the mobile device. A device level VPN connection to the mobile device is established. A unique identifier is associated with the device level VPN. App level traffic received via the device level VPN is tagged with the unique identifier. Access to the resource is allowed in response to the request based at least in part on a determination based on the tags that app level traffic from a trusted app and app level traffic from the unmanaged app are associated with the same mobile device.

Abstract: Techniques to provide secure access to a cloud-based service are disclosed. In various embodiments, a request is received from a client app on a device to connect to a security proxy associated with the cloud-based service. A secure tunnel connection between the device and a node with which the security proxy is associated is used to establish the requested connection to the security proxy. Information associated with the secure tunnel is used to determine that the requesting client app is authorized to access the cloud-based service from the device and to obtain from an identity provider associated with the cloud-based service a security token to be used by the client app to authenticate to the cloud-based service.