Abstract: Systems and methods for steering clients based on network service access characteristics. Systems can include a network service access characteristics specific network device client steering system and a network service access characteristics specific radio client steering system. Methods can include steering clients to network devices in accessing network services based on network service access characteristics and steering clients to radios in accessing network services based on network service access characteristics.

Abstract: An attempt to authenticate to a system resource using a particular device and particular credentials is identified and an identity of a user associated with the particular credentials is determined. In association with the attempt to authenticate, a location associated with the particular device is determined and sensor data generated by a set of sensors deployed in an environment is accessed, at least some of the sensor data including biometric data. The sensor data is used to detect a location of the user, and a degree of proximity between the location associated with the particular device and the location of the user is determined. An authentication action is caused to be performed corresponding to the attempt to authenticate based on the degree of proximity.

Abstract: A method providing use of an application may include providing a session for a user of the application, wherein the session is provided based on a credential for the user. While providing the session, image data for the session may be obtained, and responsive to the image data for the session, authentication may be performed based on a determination whether the image data for the session includes a facial image that matches the user credential. Responsive to success of the authentication based on the image data for the session, the session for the user of the application may continue to be provided. Related devices and computer program products are also discussed.

Abstract: An electronic artifact is accessed which includes content of a particular type of media. Text is determined corresponding to the content and natural language processing is performed on the text to identify at least a subset of words in a statement within the text and determine meanings of each word in the subset of words. A context image is generated for the electronic artifact based on the natural language processing, where the context image includes a graph including nodes corresponding to the subset of words and the context image defines relationships between the subset of words.

Abstract: An attempt to authenticate to a system resource using a particular device and particular credentials is identified and an identity of a user associated with the particular credentials is determined. In association with the attempt to authenticate, a location associated with the particular device is determined and sensor data generated by a set of sensors deployed in an environment is accessed, at least some of the sensor data including biometric data. The sensor data is used to detect a location of the user, and a degree of proximity between the location associated with the particular device and the location of the user is determined. An authentication action is caused to be performed corresponding to the attempt to authenticate based on the degree of proximity.

Abstract: An electronic artifact is accessed which includes content of a particular type of media. Text is determined corresponding to the content and natural language processing is performed on the text to identify at least a subset of words in a statement within the text and determine meanings of each word in the subset of words. A context image is generated for the electronic artifact based on the natural language processing, where the context image includes a graph including nodes corresponding to the subset of words and the context image defines relationships between the subset of words.

Abstract: Data is received from a computing system describing particular content of a digital work. The data is processed to identify a particular concept represented in the particular content. A search of a corpus is initiated to identify a set of other digital works in the corpus including content related to the particular concept. Similarity scores are determined representing a degree of similarity between the particular content of the digital work and the respective content of each of the set of digital works related to the particular concept. A data provenance system determines that a particular one of the other digital works is a source of the particular content of the digital work based on the similarity scores. Result data is generated and sent to the computing system to indicate that the particular other digital work is a source of the particular concept.

Abstract: Systems and methods for steering clients based on network service access characteristics. Systems can include a network service access characteristics specific network device client steering system and a network service access characteristics specific radio client steering system. Methods can include steering clients to network devices in accessing network services based on network service access characteristics and steering clients to radios in accessing network services based on network service access characteristics.

Abstract: A method providing use of an application may include providing a session for a user of the application, wherein the session is provided based on a credential for the user. While providing the session, image data for the session may be obtained, and responsive to the image data for the session, authentication may be performed based on a determination whether the image data for the session includes a facial image that matches the user credential. Responsive to success of the authentication based on the image data for the session, the session for the user of the application may continue to be provided. Related devices and computer program products are also discussed.

Abstract: A computer-implemented method for detecting cache-poisoning attacks in networks using SDPs may include maintaining a cache of service information that identifies services provided by client devices connected to a network using an SDP. The method may also include detecting a cache-poisoning attack by (1) receiving, from a client device connected to the network, an SDP message related to a service allegedly provided via the network, (2) identifying, within the SDP message, an attribute of the service allegedly provided via the network, and then (3) determining that the client device is attempting to corrupt the cache of service information by determining that the identified attribute of the service suggests that the service is illegitimate. Finally, the method may include performing a security action to mitigate the cache-poisoning attack in response to detecting the cache-poisoning attack. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: A computer-implemented method for detecting cache-poisoning attacks in networks using SDPs may include maintaining a cache of service information that identifies services provided by client devices connected to a network using an SDP. The method may also include detecting a cache-poisoning attack by (1) receiving, from a client device connected to the network, an SDP message related to a service allegedly provided via the network, (2) identifying, within the SDP message, an attribute of the service allegedly provided via the network, and then (3) determining that the client device is attempting to corrupt the cache of service information by determining that the identified attribute of the service suggests that the service is illegitimate. Finally, the method may include performing a security action to mitigate the cache-poisoning attack in response to detecting the cache-poisoning attack. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: In wireless networking, such as per the IEEE 802.11 standard, a technique automatically republishes an authentication credential to a global credential repository. A station can have a first credential, as is created when the station connects to a first access node of a wireless network. Upon trying and failing to connect to a second access node of the wireless network, the station can have a second credential created and published to the global credential repository. In some situations, the station then roams back to the first access node using the first credential. Efficiently, when the station uses the first credential at the first access node, the first credential can be automatically republished as a global credential. The automatic republishing of the first credential can ensure that the station is able to access the wireless network via various access nodes when roaming.

Abstract: In wireless networking, such as per the IEEE 802.11 standard, a technique automatically republishes an authentication credential to a global credential repository. A station can have a first credential, as is created when the station connects to a first access node of a wireless network. Upon trying and failing to connect to a second access node of the wireless network, the station can have a second credential created and published to the global credential repository. In some situations, the station then roams back to the first access node using the first credential. Efficiently, when the station uses the first credential at the first access node, the first credential can be automatically republished as a global credential. The automatic republishing of the first credential can ensure that the station is able to access the wireless network via various access nodes when roaming.