Abstract: A method, hybrid server system, and computer program product, prefetch data. A set of prefetch requests associated with one or more given datasets residing on the server system are received from a set of accelerator systems. A set of data is prefetched from a memory system residing at the server system for at least one prefetch request in the set of prefetch requests. The set of data satisfies the at least one prefetch request. The set of data that has been prefetched is sent to at least one accelerator system, in the set of accelerator systems, associated with the at least one prefetch request.

Abstract: Systems and method to facilitate provisioning of a plurality of platforms are provided. First information enabling unique identification of a first provider may be processed. The first provider may be matched to a first category. A first set of platform features may be identified. A first set of service modules may be determined. A first definition of a first platform that is configured to interact with the first set of service modules to provide the first set of platform features may be generated. A first plan to provide access to the first platform with the first set of service modules may be generated. A first platform application may be configured to provide the first platform based at least in part on the plan. The configuring may include integrating the first set of service modules into the first platform application using one or more component interfaces.

Abstract: A method for serving a request for hierarchical data includes receiving, at a processing circuit, a request for hierarchical data stored in one or more databases. The request includes an indication of a particular data hierarchy. The method further includes identifying, by the processing circuit, one or more entity count records corresponding to the particular data hierarchy. The entity count records indicate a distribution of the hierarchical data within the data hierarchy. The method further includes splitting the request for hierarchical data into a plurality of sharded requests based on the distribution of the hierarchical data indicated by the one or more entity count records, assigning the plurality of sharded requests to one or more processing sites for processing at least a subset of the sharded requests in parallel, and reporting a combined result of processing the plurality of sharded requests.

Abstract: A method of obtaining descrambling information at a receiver, the descrambling information for enabling descrambling of scrambled content. A provider verification key is used to access a software image, which has been secured by a provider using a provider signature key corresponding to the provider verification key. A secured version of the descrambling information is received. The accessed software image is used to obtain virtual descrambling information from the secured version of the descrambling information and is provided as inputs to a cryptographic function to produce a given output comprising said descrambling information.

Abstract: A battery-powered trigger-locking device, which is configured to be disposed on a gun with a trigger for firing, includes a data receiver, a data memory and a logic device for determining whether data received by the receiver is the same, or substantially the same, as data stored in the memory. If a data match is indicated, the logic device causes an electromagnetic device to move a trigger-locking member to an unlocked position, permitting the gun to be fired. A separate electronic gun key is provided to transmit gun unlock data to the data receiver of the trigger-locking device. This gun unlock data may be a password, a long pseudo-random number or biologic data identifying the gun owner or some other person who is licensed or otherwise authorized to fire the gun.

Abstract: One or more techniques and/or systems are provided for file acquisition for reputation evaluation. A reputation service may be configured to evaluate files and provide reputations of such files to clients (e.g., an indication as to whether a file is safe or malicious). If the reputation service receives a reputation request for a file that is unknown to the reputation service (e.g., a file not yet fully acquired by the reputation service), then the reputation service may identify a set of chunks into which the file can be partitioned. The reputation service may obtain chunks from various clients, such as a first chunk from a first client and a second chunk from a second client. Such chunks may be evaluated to assign a reputation to the file. In this way, the reputation service may retrieve portions of a file in a distributed manner for reputation evaluation.

Abstract: Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for transmitting a content data set to a computing device for displaying digital content to an author user, the author user having authored the digital content, receiving user input from the author user, the user input corresponding to the digital content, and, in response to receiving the user input, transmitting first data and second data to the computing device for display to the author user, the first data comprising a number of contacts that are able to access the digital content and the second data indicating one or more relationships between the author user and the contacts.

Abstract: An intermediary wireless device that wirelessly communicates media content. The intermediary wireless device includes a first wireless I/O interface configured to communicate with a media content source device using a first wireless protocol, a second wireless I/O interface configured to communicate with at least one media presentation device using a second wireless protocol, and control circuitry. The control circuitry is coupled to the first wireless I/O interface and to the second wireless I/O interface and configured to receive media data from the first wireless I/O interface, modify control information associated with the media data, and provide the media data with the modified control information to the at least one media presentation device through the second wireless I/O interface. A wireless media presentation device is also provided.

Abstract: A method and apparatus for unlocking a mobile terminal. The method comprises acquiring file names of a plurality of user files on an online hard drive; a mobile terminal placing the file names and a search box on a lock-screen page of the mobile terminal; the mobile terminal determining whether to unlock the mobile terminal based on the user's operation on one file name among the plurality of file names and the search box; and if so, the mobile terminal performing unlocking and opening a file corresponding to the file name on the online hard drive. The present invention enables users to implement functions such as unlocking of a mobile terminal and opening of an online hard drive file, which require several complicated operations in the prior art, through simple operations such as dragging, thereby saving users' time and enhancing user experience.

Abstract: Systems and methods are provided to secure restricted information in electronic mail messages. According to some embodiments, it is determined at a client device that an email message is being generated by a user. A security classification may be associated with the email message, and the email message may be sent toward a destination along with an indication of the security classification, wherein the email message is routed based, at least in part, on the security classification.

Abstract: A method for retrofitting a vending machine with a video communications device includes securing a video communications device with a mounting feature of the video communications device removably coupled with a mounting location on a vending machine. The video communications device includes a video communications module for real-time interactions with a ticket office. The video communications module includes a display, a camera, a speaker, and a microphone. The video communications device includes a video communication device communications interface. The method includes electronically coupling the video communications device with a power supply of the vending machine and communicatively coupling the video communications device with the vending machine such that functions of the vending machine are controllable using the video communications device. The method includes communicatively coupling the video communications device with the ticket office for real-time video communications with the ticket office.

Abstract: The current document is directed to an interface and authorization service that allows users of a cloud-director management subsystem of distributed, multi-tenant, virtual data centers to extend the services and functionalities provided by the cloud-director management subsystem. A cloud application programming interface (“API”) entrypoint represents a request/response RESTful interface to services and functionalities provided by the cloud-director management subsystem as well as to service extensions provided by users. The cloud API entrypoint includes a service-extension interface and an authorization-service management interface. The cloud-director management subsystem provides the authorization service to service extensions that allow the service extensions to obtain, from the authorization service, an indication of whether or not a request directed to the service extension through the cloud API entrypoint is authorized.

Abstract: Methods and systems are described for secure delivery of a content item from at least a first content distribution network (CDN1) to at least one content receiving entity using a split-key cryptosystem comprising encryption and decryption algorithms E and D, a cipher algorithm for generating encryption and decryption keys e,d on the basis of secret information S and a split-key algorithm using secret information S for splitting e into i different split-encryption keys e1, e2, . . . , ei and/or for splitting d into k different split-decryption keys d1, d2, . . . , dk respectively, such that Ddk(Ddk-1( . . . (Dd2(Dd1(Eei(Eei-1( . . . (Ee2(Ee1(X)) . . . ))=Ddk(Ddk-1( . . . (Dd2(Dd1(Xe1, e2, . . . , ei))=X wherein i,k?1 and i+k>2.

Abstract: Method, device, and storage medium to receive a request to authorize a release of protected resource data, wherein the request includes one or more indicators that indicate one or more instances of the protected resource data being requested; identify a sensitivity level for each indicator of the protected resource data; determine whether the one or more indicators of the protected resource data require consent from a resource owner of the protected resource data; transmit a request, to a user device associated with the resource owner, for consent from the resource owner in response to a determination that at least one of the one or more indicators require consent from the resource owner; generate an authorization code in response to receiving consent from the resource owner; and transmit, to the sending device of the request, the authorization code.

Abstract: A system and method is described for large scale entity-specific classification of each entity-specific set of candidates in a collection of candidates for each specific entity in a collection of entities. The collection of entities may comprise a specific category or domain of entities (e.g. schools, restaurants, manufacturers, products, events, people). Candidates may comprise webpages or other resources with resource identifiers. Entity specific sets of candidates may be found by leveraging search engine query results and user interaction therewith for queries based on entity-specific attributes. The relationship(s) or class(es) for which candidate resources are being classified relative to a specific entity may comprise an authoritative, official home page (OHP), or other class (e.g. fan page, review, aggregator) relative to a specific entity. A feature generator generates entity-specific features for candidates.

Abstract: Embodiments of the invention are directed to systems, methods and computer program products for receiving a request from a user for access to at least one function associated with a first application; determining that access to at least one function requires user authentication; initiating sensing of an authentication validating carrier comprising a first credential; determining the first credential based at least in part on the sensed authentication validating carrier; validating the first credential, thereby resulting in a first successful user authentication; and granting access to at least one function associated with the first application based on the validation of the first successful user authentication.

Abstract: A system is provided that, in some aspects, determines a user's intent to place a wager or redeem a wager based on bar codes generated by a client device operated by the user.

Abstract: Diversity information associated with a set of advertisement tags is determined. Example ways of determining diversity include determining a list of distinct Uniform Resource Locators, determining a list of distinct domains, and determining whether an advertisement includes one or more dynamic elements. Scans are adaptively performed based on the determined diversity information. Scanning is performed more frequently for advertisement tags having higher associated diversities and scanning is performed less frequently for advertisement tags having lower associated diversities.

Abstract: Mechanisms are provided for calculating state of cryptographic objects and generating search filters for querying cryptographic objects based on the given state or on the given combination of unique states. The mechanism to calculate a state of a cryptographic object allows an application or system to resolve the current state of any cryptographic object with the following set of state altering date values: initial date, activation date, deactivation date, compromise date, and destroy date. A processing module may retrieve the state meta-data and calculate the current state of a given cryptographic object. The current state may be, for example, one of the following: unknown, pre-active, active, deactivated, compromised, destroyed, and destroyed-compromised. The mechanism to generate a search filter may generate a search query language (SQL) search filter to query for cryptographic objects using the state altering date values stored for each object.

Abstract: The invention enables digital music content to be downloaded to and used on a portable wireless computing device. An application running on the wireless device has been automatically adapted to parameters associated with the wireless device without end-user input (e.g. the application has been configured in dependence on the device OS and firmware, related bugs, screen size, pixel number, security models, connection handling, memory etc. This application enables an end-user to browse and search music content on a remote server using a wireless network; to download music content from that remote server using the wireless network and to playback and manage that downloaded music content. The application also includes a digital rights management system that enables unlimited legal downloads of different music tracks to the device and also enables any of those tracks stored on the device to be played so long as a subscription service has not terminated.

Abstract: The inventive system includes a host, a network including a security gateway, and a public application. Established are an access session between the network and the host and an application session between the public application and the network. An application session record is created for the application session, and includes the user's public user identity used to access the public application, the user's private user identity used to access the network, a host identity, and an application session time, To determine the private user identity for the application session, the security gateway sends a query with the host identity and the application session time. These are compared with the host identity and access session time in an access session record, if they match, then the private user identity in the access session record is returned, and it is stored as the private user identity in the application session record.

Abstract: A storage device for protecting content, includes a Secure Area (SA) area in which a decryption key needed to decrypt encrypted content is stored, and access to which is available to a host device that has passed authentication using a secure authentication protocol. The storage device stores a security information file for mapping control information for controlling usage of the encrypted content and the decryption key to the encrypted content.

Abstract: A method and system for anonymizing data to be transmitted to a destination computing device is disclosed. Anonymization strategy for data anonymization is provided. Data to be transmitted is received from a user computer, the data including a plurality of characters, with at least one character case sensitive. A case information word indicative of the case of the characters is created. The characters in the data is converted to a known case. Selective anonymization of the converted data is performed, based on a selected anonymization strategy, using an anonymization module. The anonymized data with the case information word and data indicative of the selected anonymization strategy is transmitted to the destination computing device over a network.

Abstract: Method and device implementations for network communications are disclosed. In at least one implementation, a computer networking method is disclosed which comprises opening a plurality of parallel TCP connections at a client computing device between a client program executed on the client computing device and a server program executed on a server computing device over a computer network. The method further comprises sending each of a plurality of application level web resource requests for respective byte ranges of an object from the client program executed on the client computing device to the server program executed on the server computing device over a corresponding one of the plurality of parallel TCP connections.

Abstract: Apparatus and methods for transport optimization for widget content delivery includes obtaining updated content corresponding to a mobile widget having a plurality of informational hierarchical depths, and obtaining user navigation pattern historical data corresponding to the mobile widget, wherein the user navigation pattern historical data corresponds to the plurality of informational hierarchical depths. The aspects also include obtaining a first informational hierarchical depth range for inclusion in a first content update message for delivery to a device, wherein the first informational hierarchical depth range is based on the user navigation pattern historical data. Further, the aspects include generating a content update message with a first portion of the updated content corresponding to the first informational hierarchical depth range.

Abstract: An example computer 10 that manages folders containing files by using a tree structure is caused to execute a step S104 of identifying a superior folder from predetermined folders managed by the tree structure by retracing the tree structure by at least one level, and a step S501 of specifying a file belonging to a subordinate folder that is subordinate to the superior folder in the tree structure as a processing object.

Abstract: A system is provided that, in some aspects, determines a user's intent to place a wager or redeem a wager based on bar codes generated by a client device operated by the user.

Abstract: Methods, systems, and products are disclosed in which generating evidence of web services transactions are provided generally by receiving in an ultimate recipient web service from an initial sender a request, the request containing a proof of message origin (‘PMO’). The PMO contains an element addressed to the ultimate recipient web service and the element bears a first signature, the first signature having a value. Embodiments also include authenticating the identity of the initial sender; creating a proof of message receipt (‘PMR’) including signing the value of the first signature; sending the PMR to the initial sender, receiving, by the initial sender, the PMR; and saving, by the initial sender, the PMR.

Abstract: Systems and methods for secure content distribution to playback devices connected to a local network via a residential gateway using secure links are disclosed. One embodiment of the invention includes a content server, a rights management server, a residential gateway configured to communicate with the content server and the rights management server via a network, and a playback device configured to communicate with the residential gateway via a local network.

Abstract: A method and system for reducing storage requirements and speeding up storage operations by reducing the storage of redundant data includes receiving a request that identifies one or more data objects to which to apply a storage operation. For each data object, the storage system determines if the data object contains data that matches another data object to which the storage operation was previously applied. If the data objects do not match, then the storage system performs the storage operation in a usual manner. However, if the data objects do match, then the storage system may avoid performing the storage operation.

Abstract: In order to prevent leakage of an authentication symbol string such as a credit card number, and enable a user to be authenticated: an ID issuance server 20 receives the first eight digits of the credit card number from a portable telephone device 10 of the user and issues a one-time ID to the portable telephone device 10; and a service provision server 30 receives the last eight digits of the credit card number and the one-time ID from a PC 11, and transmits the one-time ID and those last eight digits to a number construction and authentication processing server 40 that receives the one-time ID and the last eight digits from the service provision server 30, communicates with the ID issuance server 20 and acquires the first eight digits which correspond to the one-time ID, reconstructs the credit card number, and performs authentication.

Abstract: A one-time password (OTP) based security scheme is described, where a provider pre-generates a number of verification codes (e.g., OTP codes) which will be valid for a predetermined interval. The provider then encodes the verification codes (e.g., by hashing each code with a time value), and stores the verification codes into a data structure. The data structure can be provided to a verification system that can use the set of pre-generated OTP codes to authenticate requests received from users having personal security tokens.

Abstract: A real-time fraud prevention system enables merchants and commercial organizations on-line to assess and protect themselves from high-risk users. A centralized database is configured to build and store dossiers of user devices and behaviors collected from subscriber websites in real-time. Real, low-risk users have webpage click navigation behaviors that are assumed to be very different than those of fraudsters. Individual user devices are distinguished from others by hundreds of points of user-device configuration data each independently maintains. A client agent provokes user devices to volunteer configuration data when a user visits respective webpages at independent websites. A collection of comprehensive dossiers of user devices is organized by their identifying information, and used calculating a fraud score in real-time. Each corresponding website is thereby assisted in deciding whether to allow a proposed transaction to be concluded with the particular user and their device.

Abstract: A method and apparatus for use in securely relaying data. The data is received by a first relay unit from a data provider. The data is sent by the first relay unit to a mail server. The data is retrieved by a second relay unit in a second network from the mail server. The data is sent by the second relay unit to a data subscriber.

Abstract: The invention discloses a system and apparatus for detecting problematic certificate action requests and digital certificates. Ideally, the invention will be used to detect a certificate request that will result in security problems and detect issued certificates that lack essential information. The invention uses a proxy system that intercepts certificate requests and transmitted certificates. The proxy system runs a series of checks on the intercepted request and/or certificate. The checks vary depending on the certificate contents, requester, and system providing the request or certificate.

Abstract: Monitoring and control of electromechanical devices from a central data center. The data center may be located at a separate geographic location, using broadband communication channels, such as Internet or telecom channels, and wireless HAN (home area network) communications. Such electromechanical devices may comprise, for example, an HVAC system at a small-business or residential site, a grounds-maintenance sprinkler system, or a small wind or solar energy generation and storage station.

Abstract: Methods, systems, and computer readable media can be operable to aggregate requested multimedia content and location-based content. Aggregating requested multimedia content and location-based content can be facilitated by determining the location of a client device based on information received from the client device, retrieving location-based content segments and aggregating location-based content segments with user-requested content segments.

Abstract: A method, system and non-transitory computer-readable medium product are provided for enterprise-specific functionality watermarking and management. In the context of a method, a method is provided that includes identifying a request to perform at least one function of a user device associated with an enterprise and identifying at least one watermark template associated with an enterprise. The method further includes applying the at least one watermark template associated with the enterprise to at least one function of the user device associated with the enterprise and authorizing the request to perform the at least one function of the user device associated with the enterprise.

Abstract: A vehicle control system is provided that is able to (i) identify a particular driver from other potential drivers and (ii) monitor various vehicle functions in order to determine if the identified driver repeatedly performs the same behavior upon the occurrence of a particular event or condition. When the control system determines that the identified driver repeats the same behavior upon the re-occurrence of the same event or condition, the controller learns that behavior and associates it with the identified driver so that it can be automatically performed, without driver interaction, when the same event or condition re-occurs.

Abstract: Embodiments provide communication session analysis and intervention methods and systems. Exemplary methods include monitoring a communication session conducted by a first customer service agent, providing script items to the first customer service agent, receiving session information associated with the communication session, identifying an escalation event in the session information, during the communication session, using on one or more predetermined communication criteria, and inviting a second customer service agent to join the communication session, in response to the escalation event.

Abstract: In one implementation, a server receives a request from a client device to access a user account of a user, wherein the user account provides access to one or more credentials associated with the user. The server determines that the client device is not associated with the user account and transmits a message to the client device prompting the user to provide a biometric identification of the user. The server then receives data representing the biometric identification of the user from the client device. Next, the server determines that the data representing the biometric identification of the user matches a biometric profile of the user associated with the user account.

Abstract: A data custodian and curation system may store data from a data supplier in encrypted form and may allow users to consume the data when the consumers obtain access to the data through an agreement. The curation system may manage access to the data, even allowing a consumer to use the data as if it were their own, but may track each usage of the data to implement a payment scheme or various usage restrictions. The curation system may encrypt downstream uses of the data and operate as a digital rights management system for the data. The custodian and curation system may operate as a cloud service that may contain encrypted data from many data providers but where the data providers may individually control access to their data in a managed system at any granular level.

Abstract: Digital fingerprint generation logic executed by a client device includes quirk-exposing logic configured to expose behavioral differences between various system configurations of client devices. The digital fingerprint generation logic queries a remote client device for system configuration, and generates a digital fingerprint of the client device that includes a system configuration characteristic reported by the client device in response to the query. Results of execution of the quirk-exposing logic are compared to expected results that are specific to the reported system configuration. If the results of execution do not match the expected results, the digital fingerprint is determined to have been spoofed.

Abstract: Attendance tracking via mobile devices may be provided. Once a meeting begins, a plurality of mobile devices present at the meeting may be identified. An attendance report for a plurality of attendees at the meeting may be provided based on the presence of each of the identified plurality of mobile devices.

Abstract: A system and method for efficient and private peer-to-peer file sharing consists of ascribing a uniquely identified and anonymous link (an “edgelink”) to any file or set of files on a peer computer. The link is registered with a publishing server along with continuously updated connectivity information about the peer without registering any identifying information about the file. A peer recipient is able to access the link, receive connectivity information about the publishing peer from the server, and then receive the file from the publishing peer without file content passing through the server, mediating any intermediary NAT devices without requiring any manual or automatic device reconfiguration.

Abstract: A network device may include first and second processors and a wireless transceiver under control of the second processor. The network device may further maintain one or more signatures and a wake-up module executable by the second processor. The wake up module may receive a multicast wireless communication while the first processor is in a low-power sleep mode. The wake up module may determine whether a data portion of the multicast wireless communication includes a signature. If the data portion of the wireless communication includes the signature, the wake up module may cause the first processor to leave the low-power sleep mode and process the multicast wireless communication.

Abstract: A wireless communication system for communicating via a wireless communication network, may include: a setting device configured to create a first information needed for joining a wireless device into the wireless communication network and set the first information in the wireless device to be joined into the wireless communication network, the setting device being configured to create setting information that correlates the first information with a second information containing at least one of information indicating a method of setting the first information and information indicating an operator who performed an operation of setting the first information; and a management device configured to select the wireless device, which is to be joined into the wireless communication network, by using the setting information that has been created by the setting device.

Abstract: The invention enables digital music content to be downloaded to and used on a portable wireless computing device. An application running on the wireless device has been automatically adapted to parameters associated with the wireless device without end-user input (e.g. the application has been configured in dependence on the device OS and firmware, related bugs, screen size, pixel number, security models, connection handling, memory etc. This application enables an end-user to browse and search music content on a remote server using a wireless network; to download music content from that remote server using the wireless network and to playback and manage that downloaded music content. The application also includes a digital rights management system that enables unlimited legal downloads of different music tracks to the device and also enables any of those tracks stored on the device to be played so long as a subscription service has not terminated.

Abstract: This invention provides for a method of (or apparatus for) facilitating the delivery of advice to consumers using a server unit which can store and display the names and characteristics of experts and then rapidly assist in connecting the expert and consumer for real-time communication. The server can also have the ability to receive keywords from the consumer, match those keywords to one or more experts, and tell the consumer how to contact an expert.

Abstract: Methods and apparatus for providing a personalized entertainment experience, which may be customized for each user. A user's playback/presentation history and/or user actions may be captured and associated with each played/presented composition. A target time for playback/presentation of a composition to the user may be determined by using a user's playback/presentation history and/or user actions. A customized sequence of compositions may be automatically generated for each user. The personalized sequence may automatically adapt to changing user actions and preferences over time. A user rating (preference) may be explicitly provided by the user or may be determined at least partially based on a count, a cumulative-time and/or control-action(s) by the user, that are related to the composition.