Abstract: A test method and system for PLC security defense device are provided. The method including: acquiring by the first test end the information about the device under test, involving the type of communication mode, the type of PLC, the attack type and/or attack rule; after the attack messages to the device under test being generated and sent to the device under test, obtaining by the first test end the assessment results of the PLC security defense device on the basis of the second test end's response message. This is a fast, objective and thorough assessment method to testify security defense function of the device under test.

Abstract: Provided are a computer program product, system, and method for interacting with a remote server over a network to determine whether to allow data exchange with a resource at the remote server. Detection is made of an attempt to exchange data with the remote resource over the network. At least one computer instruction is executed to perform at least one interaction with the server over the network to request requested server information for each of the at least one interaction. At least one instance of received server information is received. A determination is made whether the at least one instance of the received server information satisfies at least one security requirement. A determination is made of whether to prevent the exchanging of data with the remote resource based on whether the at least one instance of the received server information satisfies the at least one security requirement.

Abstract: Proposed are a system and a method for the automated measurement, accumulation and monitoring of diverging cyber risks, wherein risk components are exposed by electronic means of the risk components to a plurality of cyber risks. An accumulation device is used for the segmentation of the total cyber risk of a risk component by means of parametrizable risk exposure segments, and wherein, in a searchable trigger table, retrievably stored segmentation parameters are associated with corresponding measuring parameters for capturing the risk exposure of a specific risk exposure segment. The system comprises a trigger module that is connected to the risk components by means of capturing devices in order to dynamically defect and capture measuring values for the measuring parameters related to the occurrence of cyber risk events within the data pathway of said electronic means.

Abstract: This document describes, among other things, a computer-implemented method for improving the security of one or more computing systems. The method can include receiving, at a computing system, first code that defines at least a portion of an electronic resource that is to be served to a client computing device. The method can include generating code that defines a challenge to be solved by the client computing device, in which the code is arranged to cause the client computing device to determine values for one or more parameters that comprise a solution to the challenge, and the values for the one or more parameters that comprise the solution to the challenge may be required for the client computing device to make valid requests to initiate one or more web-based transactions. The computing system can determine whether particular values for the parameters comprise a valid solution to the challenge.

Abstract: Disclosed are various embodiments of techniques that may be used to improve the reliability of network authentication. A communication session is established between a server computing device and a client computing device. The communication session is established via a network using a credential for a network site. A verifier for the credential is generated, which may be used to confirm the authenticity of the credential. The verifier is provided to the client computing device via the network.

Abstract: A computer-implemented method includes generating, by one or more processors, a hyperlink targeting a Uniform Resource Locator (URL), detecting a selection of the generated hyperlink by one or more social entities across one or more social networks, generating a report, wherein the generated report includes analytical details regarding the selection of the generated hyperlink by the one or more social entities, and providing the generated report to a user associated with a protected social entity.

Abstract: A system and method for disposing, in kernel space, a data plane having instructions operable to encrypt and transfer data over a network. The data plane is coupled to a control plane which resides in user space. The control plane has instructions operable to control the transfer of the encrypted data in kernel space. Certain embodiments include an application programming interface (API), which operates to expose a programming interface for encrypted communications which results in a more efficient data transfer because most of the data processing is done in kernel space.

Abstract: A computing device providing a network service to a service area may receive a connection request from a user device and generate a session start request to start a user session in a service domain covering the service area. One or more policy rules may be evaluated to determine whether any rule is applicable to the user device, which includes determining that an authoritative user session has already been established in the service domain. The user session may be established in the service domain for the user device, and at least one permission for access to a controlled network resource may be associated with the user session based on the determination that the authoritative user session has already been established. A request from the user device to access the controlled network resource may be received and access to the controlled network resource may be granted.

Abstract: A data processing method and system, providing a data transmitting interface to a parallel computing system, are provided. The parallel computing system includes a mapper, a reducer, and an operation device. The data transmitting interface intercepts a parallel computing input command transmitted from the mapper and an output result transmitted from the operation device. The data transmitting interface transmits the parallel computing input command to the operation device after receiving the parallel computing input command and when the parallel computing input command is not abnormal based on a security policy is determined. The data transmitting interface transmits the output result to the reducer after receiving the output result and when the output result is not abnormal based on the security policy is determined.

Abstract: There is provided an analysis rule adjustment device that adjusts an analysis rule used in a communication log analysis performed to detect malicious communication through a network. The analysis rule adjustment device includes a log acquisition unit, a log analysis unit, and a first analysis unit. The log acquisition unit acquires a communication log through a network to be defended and a communication log generated by malware. The log analysis unit analyzes the communication log acquired by the log acquisition unit on the basis of predetermined analysis rule and tuning condition. The first analysis unit analyzes an analysis result by the log analysis unit and calculates a recommended tuning value used in an adjustment of the predetermined analysis rule and satisfying the tuning condition.

Abstract: Systems, methods, and software described herein provide for identifying recommended feature sets for new security applications. In one example, a method of providing recommended feature sets for a new security application includes identifying a request for the new security application, and determining a classification for the new security application. The method further provides identifying related applications to the new security application based on the classification, and identifying a feature set for the new security application based on features provided in the related applications.

Abstract: Concepts and technologies are disclosed herein for decoupling hardware and software components of network security devices to provide security software as a service in a distributed computing environment. A computer system includes a processor that can execute computer-executable instructions to perform various operations. The processor can perform operations to provide security services to one or more customer platforms. The operations can include receiving a network security software component from a security service provider, and deploying the network security software component within a distributed computing environment so that the network security software component can be executed by a computing resource of the distributed computing environment to provide a security service to the customer platform(s). The network security software component includes a software component that has been decoupled from a hardware component of a network security device by the security service provider.

Abstract: A cloud infrastructure security assurance service is enhanced to facilitate bursting of cloud applications into other cloud infrastructures. The security assurance service provides a mechanism to enable creation and management of secure application zones within a cloud infrastructure. When the security assurance service receives an indication that a workload associated with a cloud application triggers a cloud burst, the service is extended into a new cloud infrastructure. Once the security assurance service is instantiated in the new cloud infrastructure, it identifies the broad security requirements of the application, as well as the security capabilities of the new environment. Using this information, the security assurance service computes a minimal security environment needed by the cloud application for the burst operation.

Abstract: A method is presented for secure communication, the method including generating a signature using a private key, a nonce, and at least one of an identifier and a key component; and transmitting the signature, the nonce, a security parameter, and the at least one of the identifier and the key component, wherein the security parameter associates a user identity with a public key, the public key being associated with the private key.

Abstract: A system and method that correlate business transaction in a system and traffic generated from this business transaction in a network back to a user identity that invoked this business transaction and generated subsequent network traffic. The method enables a user to set up rules for tracking the activities in a system and network traffic and these rules can then be used later for monitoring user activities. The user activities, network traffic, and the user identity are correlated and stored in a data-to-business mapping file. This data-to-business mapping file can be used for auditing events in the system.

Abstract: User devices configured to select subsets of network identities and network devices configured to deliver messages based on those subsets are described herein. The user devices each receive multiple network identities for a service account, select a subset of the network identities based on preferences, and provide the selected subset to the telecommunication network in message headers. The preferences indicate network identities for which a user wishes the user device to receive communications. A network device receives and caches the subsets. The network device further utilizes the subsets in determining which user device to deliver messages to.

Abstract: Methods, systems, and computer readable media for distributed component model architecture (DCMA) in a session over Internet protocol (SoIP) network is disclosed. According to one system, the system includes at least one session routing engine (SRE) for routing calls in an SoIP network. The system also includes at least one session border controller (SBC) for receiving, from a message source, a first message associated with a call in a SoIP network. The SBC is further configured for identifying a call source, wherein the call source is information, other than a calling party identifier, that identifies a source of the first message. The SBC is also configured for selecting one of the at least one SRE and sending to the selected SRE information associated with the message, the information including the call source. The SRE routes messages associated with the call according to a calling plan associated with the identified call source.

Abstract: A broadcast transmission method includes generating service data for a service, generating service layer signaling data, the service layer signaling data including first signaling data, second signaling data and third signaling data, the first signaling data including reference information referring to the second signaling data and the third signaling data, the second signaling data including a description of a component of the service, and the third signaling data including acquisition information of the component related to the service, and transmitting a broadcast signal including the service data and the service layer signaling data.

Abstract: A method and apparatus for providing a user input back channel (UIBC) in an audio/video (AV) source device and an AV sink device communicating according to a wireless fidelity (Wi-Fi) display (WFD) standard is provided. The method includes: setting up an AV control session and an AV data session between the AV source devices according to the WFD standards; enabling the UIBC from the AV sink device to the AV source device by using the AV control session; and transmitting a user input from the AV sink device to the AV source device through the UIBC.

Abstract: The present invention proposes a method of transmitting a broadcast signal. The method of transmitting the broadcast signal according to the present invention proposes a system capable of supporting a next-generation broadcast service in an environment that supports next-generation broadcasting using a terrestrial broadcast network and an Internet protocol network. In addition, the present invention proposes an efficient signaling scheme for both the terrestrial broadcasting network and the Internet protocol network in the environment that supports next-generation broadcasting.

Abstract: Methods and arrangements for determining one or more actions needed to execute a task communicated to a first device in an Internet of Things. At a first device in the Internet of Things, there is received a communication associated with a task. A data store is consulted for data associated with the task, and thereupon there is determined the present capability of the first device for executing the task collaboratively with at least one other device in the Internet of Things. The at least one other device is communicated with, to assess capability for executing the task collaboratively with the at least one other device. There are thereupon determined one or more actions of the first device that need to be taken to execute the task. Other variants and embodiments are broadly contemplated herein.

Abstract: A method of conveying a location information (2) representing a physical location of a first communication device (D) from the first communication device (D) to a server (S) comprises sending a first invite message (12) of the server (S), the server (S) being triggered by a third communication device (C), to the first communication device (D) to invite the first communication device (D) to initiate a communication connection (26) to a second communication device (T), and sending an answer message (13) of the first communication device (D) in response to the first invite message (12) to the server (S), wherein the location information (2) is inserted in the answer message (13) for insertion in a second invite message (14) of the server (S) to the second communication device (T) to invite the second communication device (T) to accept the communication connection (26).

Abstract: A method of a terminal for providing a video service in a communication system is provided. The method includes requesting a server to transmit first video data in a maximum available bandwidth, receiving, from the server, the first video data in the maximum available bandwidth, determining a first bandwidth for the first video data and a second bandwidth for second video data within the maximum available bandwidth so that the first video data and the second video data have differential image qualities when an event of requesting the second video data is detected, requesting the server to transmit the first video data in the first bandwidth and to transmit the second video data in the second bandwidth, and receiving the first video data in the first bandwidth and receiving the second video data in the second bandwidth from the server.

Abstract: A method and system method for code testing in a video streaming network, A first broadcast stream including a first program containing video content is received by an ingest server of a live cluster of servers, wherein the live cluster of servers is deployed for providing streaming media programs to multiple user devices. The first broadcast stream is provided to one or more user devices. The first broadcast stream is duplicated to generate a copy of the first broadcast stream. The copy of the first broadcast stream is provided to a device under test configured to test processing of the first broadcast stream by new code installed at the device under test. Error performance of the device under test is monitored with respect to the new code's processing of the first broadcast stream.

Abstract: A service may provide media content metadata describing available media content to reader devices, the service including a zeroth characteristic indicating a count of additional data characteristics of the service and a count of read cycles of the data characteristics to retrieve the metadata. Each of the data characteristics may include an indication of the read cycle of the data characteristic, a data element including a portion of the metadata, and an indication of a data offset of the data element into the media content metadata. Responsive to all subscribed reader devices downloading data from one of the data characteristics, including update data of a next read cycle in the characteristic.

Abstract: A content streaming service method for reducing communication cost and a system therefore are provided. The method includes receiving, by an electronic device, a file of content in a streaming scheme from a server through a network, and reproducing the content through an application driven in the electronic device, storing, by the electronic device, the received file in a local storage, generating, by the electronic device, a local server, the local server configured to operate in association with a memory of the electronic device, retrieving, by the electronic device, the file stored in the local storage according to the streaming scheme through the local server, and re-reproducing the content through the application.

Abstract: Methods, apparatus and articles of manufacture for distributing communication of a data stream among multiple devices are disclosed. Example methods disclosed herein include receiving, at a first device, a sharing code from a second device, the sharing code to associate multiple devices with a shared connection to be established to distribute communication of a complete data stream among the multiple devices, the multiple devices including the first device. Disclosed example methods also include transmitting a request including the sharing code from the first device to a distribution system to establish a data connection via which the first device is to receive a first partial data stream corresponding to a portion of the complete data stream from the distribution system. Disclosed example methods further include forwarding the first partial data stream from the first device to the second device.

Abstract: The present invention enables a user to share his/her listening experience selectively with others without sharing headphones and without disturbing others who do not want to listen. In a preferred embodiment, a first listener can accomplish this by storing in a Portable Electronic Device or similar device a library of listening experiences, listening to one of the listening experiences, and while listening to that one listening experience streaming the one listening experience to at least one other Portable Electronic Device or similar device. A second listener at the other Portable Electronic Device can then listen to the same listening experience as the first listener at the same time. It is expected that the listening experiences will typically he songs or other music but the invention may he practiced with any type of audio content. The first listener may also create a playlist of the listening experiences in the library and make the playlist available to others.

Abstract: A method, client and system are provided for a carousel media fragment. The method includes acquiring an index list continuously updated by a server. An updated index list is acquired and the old list is discarded. The sequence of a media fragment currently to be downloaded is recorded when discarding the old index list. The sequence of the media fragment ranking is identified in first broadcast place on the updated index list. When determining that the two sequences are different and discontinuous, an absent sequence is added therebetween. A supplemental broadcast address of a corresponding media fragment is generated according to the added sequence and the recorded sequence. According to the corresponding sequence, the supplemental broadcast address and the broadcast address on the updated index list are sequentially combined to obtain a current index list. The corresponding media fragment is downloaded for broadcasting according to the broadcast address.

Abstract: A system and process for coordinating streaming content or messages is provided. A network-connected server maintains a database containing media content-related data, such as the text of a message, accompanying media, time of airing, payment and related comments. A user can view these feeds or streams of these consciousness messages by downloading a mobile application or browsing to a website. The application can also be used to create, schedule and pay for a media content message.

Abstract: Computer-based systems and methods measure saturation of a media server that transmits media content to a plurality of users via data links The data buffers of the media server are sampled to ascertain whether they contain data to be transmitted to each buffer's associated destination at the time of the sampling. A saturation score is calculated based on the sampling, such as based on the number of non-empty data buffers. This saturation score can be used in routing new connection requests for the media server. The media server's saturation score can be compared to a threshold saturation score for the media server, with the difference between the scores indicating a present available bandwidth of the data links of the media serve. This process can be repeated periodically so that the saturation score of the media server is continuously updated.

Abstract: A method and device for streaming multimedia data over a communication network. Data associated with multimedia content is received over the communication network. Portions of the data are processed into multiple data blocks. The multiple data blocks are associated with multiple segments by associating each segment with at least two data blocks of the multiple data blocks. The segments of the multiple segments are sequenced according to a stream index. The stream index is assigned to a main index that describes a set of streams for the multimedia content.

Abstract: In one embodiment, an HTTP streaming session may be initiated at a client device in a network. The client device may have a buffer and may be configured to request and receive one or more data segments over HTTP from an HTTP server. A first data segment at a first data source rate may be requested and subsequently received. The first data segment may be stored in the buffer. A second data source rate may then be calculated based on a storage level in the buffer, and a second data segment at the second data source rate may be requested.

Abstract: A method and system for annotating Playable Media Files in a social network having a plurality of members, wherein the method includes receiving the Playable Media File from a first member, receiving an annotation from another member, and saving the annotation in a file other than the Playable Media File.

Abstract: A method comprising causation of capture of a stream of visual information, sending of at least a portion of the stream of visual information to a separate apparatus, receipt of information indicative of a stream segment deletion input that identifies a segment of the stream of visual information for deletion, and sending of a stream segment deletion directive to the separate apparatus based, at least in part, on the stream segment deletion input is disclosed.

Abstract: A computer-implemented method for detecting a proxy, the method being performed in connection with a networking system comprising a web server, a domain name system (DNS) server and a database system, the method comprising: receiving at the web server a request from a client; responsive to the received request, generating a file containing a domain name information and a file name information and storing the domain name information and the file name information in the database system and returning the generated script file to the client; receiving at the DNS server a DNS request, the DNS request specifying a second domain name information for a second domain name to be resolved; responsive to the received DNS request, storing a first origination IP address associated with received DNS request and the second domain name information in the database system; receiving at the web server a second request from a client, the second request specifying a second file name information; responsive to the received second r

Abstract: A method of transferring data includes connecting a mobile device to each of a plurality of network devices at separate respective times and via a respective network connection for each network device. Each of the network devices is connected to a separate respective logical computing network. The method also includes transferring a different respective portion of a data file from the mobile device to each respective network device via the respective network connection and storing the respective portion of the data file on the respective logical computing network. The method further includes disconnecting the mobile device from each respective network connection before connecting to any other one of the network devices. It is also contemplated that the method can account for instances where disconnection of the mobile device from a network device results in incomplete or corrupt transfer of data.

Abstract: A data-centric storage system is described herein that changes the focus to what data an organization needs to store, and relieves IT personnel of thinking about how storage is configured to serve that data. For any given organization, a set of application data needs and a set of storage capabilities can be. From these two, a figure of merit can be applied to automatically determine an association between each application's data needs and the available storage devices, to map the data to one or more storage devices. In addition, recommendations can be automatically generated to inform IT personnel where the greatest impact from additional storage nodes can be achieved. Thus, the system allows IT personnel to focus on data and the needs of their organization, and to rely on the system to take on the burden of meeting those needs with particular storage devices and configuration of those storage devices.

Abstract: A computer-implemented method is disclosed that comprises receiving, at a data provider computing system, a data contribution from a client device associated with a user, and based on the received data contribution, determining a user identifier that uniquely identifies the user. The method comprises performing a data validation operation to validate the data contribution. The method comprises, based on validating the data contribution, storing the data contribution in association with the user identifier. Further, the method comprises receiving a data request from a data consuming system. Based on the data request, the stored data contribution is identified and distributed to the data consuming system. Based on distribution of the data contribution to the data consuming system, a distribution value associated with the data contribution is generated. An indication of the distribution value is stored in association with the user identifier.

Abstract: Methods and systems for interface data utilization are described. In one embodiment, a provider server may offer resources and an application server may offer functionality not provided by the resources of the provider server. A user request may be received through the source user interface. A determination may be made whether the user request contains a request to access a functionality that is not offered by the provider but is offered by an application that is communicatively coupled to the provider via a network. In response, an electronic communication may be established between the provider and the application via a network. A policy of the provider may be accessed from a first database, and interface definition data may be accessed from a second database different from the first database. Target interface data may be rendered based on the policy of the provider and the interface definition data.

Abstract: Techniques for performing intelligent load balancer selection in a multi-load balancer environment are provided. In one embodiment, a computer system can generate a user interface for deploying a virtual IP address (VIP) on a load balancer in a network environment, where the network environment includes a plurality of load balancers, and where the user interface presents a plurality of criteria for selecting one of the plurality of load balancers. The computer system can further receive, from a user, a selection of one or more of the plurality of criteria, and can collect, from each load balancer in the plurality of load balancers, statistics that are relevant to the one or more criteria. The computer system can then select a load balancer from among the plurality of load balancers based on the one or more criteria and the collected statistics.

Abstract: Requests received at a service platform may be processed either synchronously or asynchronously, based on, for example, a determination of the expected response time for the service request. Some embodiments may include separate hardware infrastructures and/or may support service requests designated for asynchronous processing.

Abstract: A method for electing a master blade in a virtual application distribution chassis (VADC), includes: sending by each blade a VADC message to each of the other blades; determining by each blade that the VADC message was not received from the master blade within a predetermined period of time; in response, sending a master claim message including a blade priority by each blade to the other blades; determining by each blade whether any of the blade priorities obtained from the received master claim messages is higher than the blade priority of the receiving blade; in response to determining that none of the blade priorities obtained is higher, setting a status of a given receiving blade to a new master blade; and sending by the given receiving blade a second VADC message to the other blades indicating the status of the new master blade of the given receiving blade.

Abstract: Various aspects for scaling an availability of information are disclosed. In one aspect, a response performance associated with responding to data consumption requests is monitored. A characterization of the response performance is ascertained, and a scaling of resources is facilitated based on the characterization. In another aspect, a data consumption status indicative of data consumed is ascertained. Here, a scalability interface is provided, which displays aspects of the status, and receives an input from a content provider. An allocation of resources is then modified in response to the input. In yet another aspect, a response performance associated with responding to data consumption requests is monitored. An application programming interface (API) call is generated based on a characterization of the response performance, and transmitted to a content provider. An API response is then received from the content provider indicating whether a scaling of resources for hosting the data was performed.

Abstract: Host machines and other devices performing synchronized operations can be dispersed across multiple racks in a data center to provide additional buffer capacity and to reduce the likelihood of congestion. The level of dispersion can depend on factors such as the level of oversubscription, as it can be undesirable in a highly connected network to push excessive host traffic into the aggregation fabric. As oversubscription levels increase, the amount of dispersion can be reduced and two or more host machines can be clustered on a given rack, or otherwise connected through the same edge switch. By clustering a portion of the machines, some of the host traffic can be redirected by the respective edge switch without entering the aggregation fabric. When provisioning hosts for a customer, application, or synchronized operation, for example, the levels of clustering and dispersion can be balanced to minimize the likelihood for congestion throughout the network.

Abstract: Initiating peer-to-peer tunnels between clients in a mobility domain. Client traffic in a mobility domain normally passes from the initiating client to an access node, and from the access node through a tunnel to a controller, and then through another tunnel from the controller to the destination access node, and the destination client. When initiated by the controller, the access nodes establish a peer-to-peer tunnel for suitable client traffic, bypassing the “slow” tunnels through the controller with a “fast” peer-to-peer tunnel. Traffic through this “fast” tunnel may be initiated once the tunnel is established, or traffic for the “fast” tunnel may be queued up until traffic has completed passing through the “slow” tunnel.

Abstract: Disclosed are a communication device, a communication method, and a communication system. The communication system includes a communication device configured to determine a device to function as a group owner (GO) device from the communication device and a counterpart communication device communicating with the communication device and transmit information indicating which one of the communication device and the counterpart communication device is the GO device to the counterpart communication device, and the counterpart communication device configured to receive the information indicating which one of the communication device and the counterpart communication device is the GO device from the communication device and transmit, in response to receiving the information, a signal for agreeing to the information indicating which one of the communication device and the counterpart communication device is the GO device to the communication device.

Abstract: A data processing method and system based on an asymmetric P2P network are described. The system includes: a data server, configured to store a to-be-downloaded resource; a computer terminal group, including at least one computer terminal, configured to download the to-be-downloaded resource from the data server and/or another computer terminal in the computer terminal group; and a mobile terminal group, including at least one mobile terminal, the mobile terminal establishing a communication relationship with the data server and the computer terminal, and being configured to download the to-be-downloaded resource from the data server and/or the computer terminal, any two mobile terminals in the mobile terminal group being incapable of downloading the to-be-downloaded resource from each other, and the computer terminal in the computer terminal group being also incapable of downloading the to-be-downloaded resource from any mobile terminal.

Abstract: A method for controlling multiple replication processes that includes allocating, by a local storage system and for each replication process, local resources for performing local operations that comprise transmitting remote replication content to a remote storage system; the allocating is responsive to a state of transmission of the replication content and a maximal local storage system allocation threshold; allocating, by the remote storage system and for each replication process, remote resources for performing remote operations that comprise handling the replication content transmitted from the local storage system; the allocating is responsive to a load associated with the handling of the replication content, and a maximal remote storage system allocation threshold; and executing each replication process by the replication process local and remote storage systems resources.

Abstract: The disclosure is directed to data replication in a distributed computing system. The data, e.g., received from a client, is replicated to a first set of servers (“sync replica set”) synchronously and to a second set of servers asynchronously (“async tree”). A server can be a primary, secondary or a follower server. A sync replica set includes a primary server and one or more secondary servers. The async tree includes multiple follower servers deployed in a tree structure. A primary server can replicate the data to the secondary servers synchronously, and the secondary servers can replicate the data to one or more follower servers, e.g., a root node of the async tree, asynchronously. The root node then replicates the data to children of the root node, which then replicate to their children and so on until the leaf nodes of the async tree receive the data.