Abstract: The present technology provides for receiving communications at an authentication service, and the communication is indicative of a change in a security posture of an authenticated session between a user device and a secure service. The authentication service can then determine that the change in the security posture of the authenticated session impacts the trust level associated with the user device and causes the trust level to fall below the threshold. The authentication service can then send an enforcement signal to a security agent on a network device that provides remedial actions that a user can undertake to improve the security posture of the authenticated session.

Abstract: The present disclosure provides protection to communications after establishing a secured connection to a secured website or application. An authentication service, after establishing a secured session, can calculate a trust score for a user. Based on the trust score, the security agent can encrypt access tokens used to authenticate a secure connection. The system can interrupt the secure connection based on the trust score of the user or the user device. The interruption takes place by ignoring requests to decrypt the access token. Without the decrypted access token, the browser is unable to authenticate the session, preventing further communications. After the user improves the security posture of the device or user, the security agent can recalculate the trust score. When the trust score is above a threshold, the security agent can being decrypting the access token, thereby authenticating communications from the browser.

Abstract: A multi-level inverter using cascaded H-bridge modules, where each module can balance its at least two charge storage elements by means of voltage equalization. Modules are arranged in series into at least one cascade inverter phase with optional center taps, and modules communicate with a control unit by being addressed over at least one serial communication bus. Additional features that can be included in embodiments are the configuration of modules to react to multiple specific addresses in order to increase the maximum output voltage slew rate, metal circuit breaking springs to provide fusing within modules, and the ability to interconnect multiple physically distinct inverters into a single unit. This inverter is predominantly intended for electric vehicle applications, and the optional incorporation of a switching array allows the possibility for power transfer to or from a wide range of voltage sources including other inverters.

Abstract: This disclosure describes techniques for identifying an application (e.g., accessing application) that is attempting to access a resource. In some examples, access may be managed by an authentication service. When an access request is received at the authentication service from an application on a client device, the authentication service may ask the application to communicate with an identification agent on the client device. The identification agent may perform one or more tests to discover the identity of the application. In some cases, the identification agent may send the identity of the application to the authentication service. The authentication service may then allow or deny access by the accessing application to the resource based at least in part on the discovered identity.

Abstract: This disclosure describes techniques for identifying an application (e.g., accessing application) that is attempting to access a resource. In some examples, access may be managed by an authentication service. When an access request is received at the authentication service from an application on a client device, the authentication service may ask the application to communicate with an identification agent on the client device. The identification agent may perform one or more tests to discover the identity of the application. In some cases, the identification agent may send the identity of the application to the authentication service. The authentication service may then allow or deny access by the accessing application to the resource based at least in part on the discovered identity.

Abstract: This disclosure describes techniques for identifying an application (e.g., accessing application) that is attempting to access a resource. In some examples, access may be managed by an authentication service. When an access request is received at the authentication service from an application on a client device, the authentication service may ask the application to communicate with an identification agent on the client device. The identification agent may perform one or more tests to discover the identity of the application. In some cases, the identification agent may send the identity of the application to the authentication service. The authentication service may then allow or deny access by the accessing application to the resource based at least in part on the discovered identity.