Abstract: Certain aspects of the present disclosure provide techniques for processing transactions in a computing system. An example method generally includes receiving a request to perform an operation with respect to an object included in the request. A system identifies an archetype defining properties of the object included in the request. Based on the identified archetype, the system identifies data repositories to commit data to in order to perform the requested operation and rules for performing the operation with respect to the object. One or more actions are executed against the identified data repositories according to the identified rules.

Abstract: One variation of a method for hosting mobile access to dense electroencephalography data includes: receiving a set of signals, in a raw resolution, recorded by a set of channels in an electroencephalography headset during an electroencephalography test; receiving, from a client computing device, a view parameters for viewing the set of signals on a display; calculating a quantity of raw signal points per pixel column of the display based on the view parameters and a length of a segment of the electroencephalography test; for each signal in the set of signals, for each discrete contiguous sequence of the quantity of raw signal points within the segment of the signal, calculating a value set characterizing the discrete contiguous sequence of the quantity of raw signal points in the signal; and generating a static image representing value sets for each channel, in the set of channels, across the segment of the electroencephalography test.

Abstract: Provided are a method for performing task processing on a common service entity, a common service entity, an apparatus and a medium for performing task processing. The method includes: receiving a task processing request; determining whether the common service entity itself performs the processing request; forwarding the request to another common service entity in a case where it is determined that the common service entity itself does not perform the task processing request, wherein the common service entity is associated with the another common service entity; performing, by the common service entity, the task processing request in a case where it is determined that the common service entity itself performs the task processing request.

Abstract: Systems and methods are disclosed for online authentication of online attributes. One method includes receiving an authentication request from a rely party, the authentication request including identity information to be authenticated and credential information to be authenticated; determining whether a user account is associated with the received identity information by accessing an internal database; accessing user data of the user account determined to be associated with received identity information; determining authentication data to obtained from a user associated with the user account based on the user data of the user account and the credential information to be authenticated; transmitting a request for authentication data; receiving authentication data associated with the user; transmitting authentication data associated with the user; and receiving an authentication result from the verification data source server for the user associated with authentication data.

Abstract: A property is identified about which to gather information. A vehicle is deployed to a location associated with the property. The vehicle gathers data at the location. A portion of the gathered data indicating a condition or event at the property is determined and encrypted. The portion of the gathered data is stored or sent to an authorized party.

Abstract: A distributed network and security operations platform is disclosed. The disclosed platform comprises an external service that facilitates network and security operations for a private network. Data from nodes of the private network is received and analyzed by the service, and an output is automatically generated by the service in response to analyzing received data that facilitates modifying the routing performed by at least one or more of the nodes of the private network.

Abstract: A method for preventing tampering with a package includes: affixing a plurality of labels to a physical package, each label including a machine-readable code, the machine-readable code being encoded with a unique value that is unique across the machine-readable code included in each of the plurality of labels; reading, by a computing device, the machine-readable code included in each label of the plurality of affixed labels to obtain the encoded unique value; storing, in the computing device, a cryptographic key pair comprised of a public key and a private key; generating, by the computing device, a digital signature using the private key; and electronically transmitting, by the computing device, a data message to a node in a blockchain network, wherein the data message includes at least the generated digital signature, the public key, and the unique value read for each label of the plurality of labels.

Abstract: A system (100) and computer-implemented method are provided for data collection for distributed machine learning of a machine learnable model. A privacy policy data (050) is provided defining computer-readable criteria for limiting a selection of medical image data (030) to a subset of the medical image data to obfuscate an identity of the at least one patient. The medical image data is selected based on the computer-readable criteria to obtain privacy policy-compliant training data (060) for transmission to another entity. The system and method enable medical data collection at clinical sites without requiring manual oversight, and enables such selections to be made automatically, e.g., based on a request for medical image data which may be received from outside of the clinical site.

Abstract: A primary platform (PP) can (i) support a first set of cryptographic parameters and (ii) securely download an unconfigured secondary platform bundle (SPB) that includes a configuration package (SPB CP). The SPB CP can establish a secure session with a configuration server (CS). The CS can select operating cryptographic parameters supported by the first set. The SPB CP can derive an SPB private and public key. The PP can use the selected operating cryptographic parameters to securely authenticate and sign the SPB public key. The CS can (i) verify the PP signature for the SPB public key and (ii) generate an SPB identity and certificate for the SPB and (iii) send the certificate and SPB configuration data to the SPB CP. The SPB CP can complete configuration of the SPB using the SPB identity, certificate, and configuration data. The configured SPB can authenticate with a network using the certificate.

Abstract: A communication apparatus, a control program of the communication apparatus, and a relay apparatus are provided. The communication apparatus is configured to download electronic data from a server storing a first amount or more of electronic data and to output the downloaded electronic data. The communication apparatus includes an output unit configured to output a second amount of electronic data smaller than the first amount at one time, a download information acquiring unit configured to acquire download information necessary for downloading the first amount of electronic data stored in the server, from the server, a download unit configured to download the second amount of electronic data of the first amount of electronic data from the server, using the download information acquired by the download information acquiring unit. The output unit is configured to output the electronic data downloaded by the download unit.

Abstract: A method including receiving, by a device from a transmitting source application, a transmission packet to be transmitted to a destination application; determining, by the device, connection information included in the transmission packet, the connection information indicating one or more parameters to be utilized by the destination application to connect with the transmitting source application; determining, by the device, a fingerprint associated with the connection information based at least in part on encrypting the one or more parameters; comparing, by the device, the determined fingerprint with a stored fingerprint stored in correlation with an identity of a trusted source application; and processing, by the device, the transmission packet based at least in part on a result of comparing the determined fingerprint with the stored fingerprint. Various other aspects are contemplated.

Abstract: A method including transmitting, by an infrastructure device to a manager device, an invitation link to enable the manager device to manage network services provided by the infrastructure device; transmitting, by the infrastructure device to the manager device based on verifying that the invitation link was activated by the manager device, seed information to enable the manager device to determine authorization information; determining, by the manager device, the authorization information based on utilizing the seed information; transmitting, by the manager device to the infrastructure device during a communication session, a manager request related to an action to be performed regarding the network services, the manager request being signed based on utilizing a first portion of the authorization information; and authorizing, by the infrastructure device, the manager request based on verifying that the communication session is currently active is disclosed. Various other aspects are contemplated.

Abstract: The present technology pertains to steering a playlisting service toward media items that are likely to receive positive feedback from a user operating a client device. The present technology permits a request to play media items without requiring an input context. A playlist service can begin to receive feedback on the playback of the media items and the received playback can be utilized by a steering service in response to a steering request to identify media items for playback that are likely to receive positive feedback based on the feedback received on a sequence of previously played media items.

Abstract: A computing system includes a database and a discovery application. The discovery application obtains credentials for accessing a server hosting a software bus application which connects a plurality of applications within a managed network. The discovery application selects, based on a pattern corresponding to the software bus application, one or more files to access, transmits, to the server, instructions to access the one or more files, and receives therefrom data identifying a plurality of attributes of the software bus application. Based on this data, the discovery application transmits, to the server, instructions to identify communicative connections established between the plurality of software applications by way of the software bus application and receives therefrom data identifying the communicative connections.

Abstract: Methods and systems are presented for automatically scrubbing sensitive data from text data comprising a sequence of words based on a negative word index. The negative word index may be constructed by obtaining articles that are publicly available and extracting words and word sequences from the articles. Statistical information associated with the word and word sequences from the articles may also be determined and included in the negative word index. To scrub sensitive data from the text data, a first sub-sequence of words is identified from the text data. The first sub-sequence of words may be determined to include sensitive information or not based on statistical information associated with the first sub-sequence of words within the negative word index. If the first sub-sequence of words includes sensitive information, the first sub-sequence of words may be removed from the text data.

Abstract: A computer-implemented method includes: receiving, by a computer device, an artifact and a first token with a check-in request; applying, by the computer device, a first level fragile watermark to the artifact, wherein the first level fragile watermark includes ownership information from the first token; receiving, by the computer device, a second token with a check-out request; applying, by the computer device, a second level fragile watermark to a copy of the first level fragile watermarked artifact, wherein the second level fragile watermark includes authentication information from the second token; and transmitting, by the computer device, the second level fragile watermarked copy of the artifact to a client device.

Abstract: Methods, systems, and devices for leveraging data already collected on a user in a secure and private manner, in particular to verify user credentials for third parties. The methods, systems, and devices innovate beyond traditional security and privacy platforms in computer systems by processing the data to create a useable metric for the purposes of the third parties, in which the useable metric preserves the security and privacy of the underlying data.

Abstract: A method of displaying content items, for example message items in a messaging application or service, is disclosed. The method comprises receiving encrypted content items in a chronological sequence; decrypting the content items; causing display of a display sequence, in order of the chronological sequence, of a respective place holder in place of each of the decrypted content items, and, in response to a user input, causing display of the respective content item in place of one or more of the place holders. Each place holder has an appearance of a scrambled version of the respective content item. The display sequence may be contiguous in received items or sent content items may be interleaved with received content items in the display sequence, in which case sent content items may be displayed with place holders in the same way as received items. A corresponding system and corresponding computer readable medium or media are also disclosed.

Abstract: Methods, apparatus, systems and articles of manufacture are disclosed to track a provenance of goods. An example apparatus includes an unsigned block generator to generate a first unsigned block to store first processing data associated with the product by a first entity, a block signature engine to sign the first unsigned block with a first private key to generate a blockchain having a first signed block, the unsigned block generator to generate a second unsigned block in response to a second entity generating second processing data associated with the product by the second entity, the block signature engine to expand the blockchain by signing the second unsigned block with a second private key to generate a second signed block within the blockchain, and a blockchain validator to verify the product provenance by validating the first processing data and the second processing data using respective public keys associated with the first entity and the second entity.

Abstract: Data transaction-specific data packets transmitted over a data communications network from a plurality of source computer nodes are processed. A first data packet communication session is established between one source computer node and one destination computer node to transport data transaction specific data packets over a first path through the data communications network. A second alternative data packet communication session is established between the one source computer node and the one destination computer node to transport data transaction specific data packets over a second path that is different from and bypasses the first path. When a condition based on the data transaction-specific data packets is identified, electronic processing circuitry initiates an alteration of the first data packet communication session.

Abstract: Techniques are disclosed to automate secure propagation of a configuration to a plurality of servers in a server cluster. For example, the techniques may include a method. The method may include receiving, at a first computing device, a first public key associated with a target computing device, the first computing device having an updated configuration. The method may further include encrypting, at the first computing device, the updated configuration using the first public key. The method may further include sending the encrypted configuration to the target computing device. The method may further include decrypting, at the target computing device, the encrypted configuration using a first private key associated with the target computing device, wherein the first public key and the first private key are a first keypair associated with the target computing device. The method may further include updating the target computing device with the updated configuration.

Abstract: A system and method for media content management include creating, via a digital vault, a container file comprising media content submitted by a first user and content metadata; verifying, via the digital vault, a completeness of the content metadata associated with the media content in the container file; classifying, via the digital vault, the container file based on the completeness of the media content; capturing, via the digital vault, event metadata when a second user gains access to the container file, the event metadata comprising at least one of identification of the second user, an activation timestamp, a duration of access, portions of the container file accessed, and changes to the container file; and enabling a private communication channel between parties affiliated with the media content to permit messaging among the parties affiliated with the media content via the private communication channel.

Abstract: Method and apparatus for trusted service management are disclosed. The method includes obtaining an identification identifier and address information of a computing unit; obtaining a mapping table for the identification identifier and the address information of the computing unit; initiating a trusted service request message to a server that provides trusted service management using the identification identifier of the computing unit; and receiving a corresponding trusted service response message, and transmitting the trusted service response message to the computing unit according to the mapping table. This thereby solves the problem that some terminals cannot carry all services logics for communications between a TSM Agent and a TSM Server.

Abstract: A computer-implemented method/system of providing video clip playback, including: (i) receiving a video feed; (ii) converting the video feed into a compressed format structure; (iii) uploading the compressed format structure to a first server; (iv) receiving an electronic edit decision list defining how to manipulate the compressed format structure; (v) saving the electronic edit decision list to a server; (vi) receiving a request to provide to a user terminal a video clip playback corresponding to a video clip defined by the compressed format structure and the electronic edit decision list; (vii) sending to the user code executable to provide the video clip defined by the compressed format structure and the electronic edit decision list, and (viii) responding to requests from the code when executed, to provide content corresponding to the compressed format structure stored, in accordance with the electronic edit decision list, to provide the decision list video clip playback.

Abstract: An authorization device having an activation module and a wireless interface is configured in a non-enabled mode. In the non-enabled mode, the wireless interface is configured to receive data, and the authorization device is configured to block a request received via the wireless interface to interact with the authorization device. The activation module detects an activation operation. In response to detecting the activation operation, the activation module configures the authorization device in an enabled mode. In the enabled mode, the authorization device is configured to process a request to re-configure the authorization device received via the wireless interface, and to transmit authorization information to a reader device via the wireless interface.

Abstract: Certain aspects of the disclosure are directed toward validation and installation of a file system. A method for mitigating security breach for a circuit platform subject to compromise by unauthorized changes to a file system includes abstracting the file system into an encrypted file with cryptographically signed components. The file system may have instruction code or other data for an operating system and may be stored by or on behalf of the circuit platform. During boot time of the operating system, an unencrypted version of the operating system and the encrypted file may be accessed and used by validating a signature associated with the file system. In response to validating the signature, the file system is installed into a transient, non-persistent storage circuit. As such, the operating system executes instruction code via a central processing unit (CPU) circuit under authorization based on the validated signature.

Abstract: Aspects of the subject disclosure may include, for example, a processing system including a processor; and a memory that stores executable instructions that, when executed by the processing system, facilitate performance of operations, including requesting a license for software from first equipment of a license holder; receiving a passed ledger associated with the license from the first equipment of the license holder, wherein the passed ledger comprises a latest block; receiving a hash value for the latest block from a software vendor of the software; calculating a hash value for the latest block; and responsive to the hash value provided by second equipment of the software vendor matching the hash value calculated for the latest block: executing the software. Other embodiments are disclosed.

Abstract: The present disclosure relates to systems and methods for creating and using personas. The method includes receiving a first set of input signals associated with data from one or more source; receiving a second set of input signals associated with data from one or more source; converting the first set of input signals and the second set of input signals to a wavelet; constructing a persona based on the wavelet; storing the persona in a ledger; receiving a request for a decision related to a transaction; converting the request to a new wavelet; determining a difference between the new wavelet and the stored persona; generating a score based on the difference; and authorizing the transaction based on the score.

Abstract: The disclosed embodiments include systems and methods for tracing data. A disclosed tracing system can receive a request to access original data. The request can be associated with access request metadata. The tracing system can generate a tracer based at least in part on the access request metadata and can generate an altered version of the first data by inserting the tracer into the original data. The tracing system can update a database or log file associated with the first data to include association information based on the access request metadata. The tracing system can then provide the altered version of the first data in response to the request.

Abstract: Techniques are provided for computing with private healthcare data. The techniques include a method comprising constructing an isolated memory partition that forms a secure enclave and pre-provisioning software within the secure enclave. The pre-provisioned software is configured to receive at least one of input data or the instructions for the one or more application computing processes in an encrypted form; decrypt the at least one of input data or instructions using one or more cryptographic keys; execute the one or more application computing processes based on the decrypted at least one of input data or instructions to generate output data; generate a proof of execution that indicates that the one or more application computing processes operated on the received input data; encrypt the output data using the one or more cryptographic keys; and provide external access to the encrypted output data and the proof of execution.

Abstract: Methods, systems, and devices for wireless communications are described. Aspects include a device generating data to be sent to a receiving device and determining to provide provenance for the data. The device may generate a data identifier based on an identifier generation key and encrypt the data using an encryption key generated from a key associated with an owner of the device. The device may sign they encrypted data transmission using a signing key where the signing key is based on the encrypted data and the data identifier. In some cases, the device may send the data to a receiving device via one or more proxy devices. In some cases, multiple device may send signed data transmissions to a proxy device and the proxy device may process the multiple data transmission and send the processed data to the receiving device. The receiving device may verify provenance of the data.

Abstract: The disclosed enhanced document creation and parsing systems deal with enhanced documents that allow for the presentation of document content in a preferred visual manner, while ensuring that the document content can be captured accurately by an automated parser with nothing being discarded or misrepresented. The enhanced document creation system may create an enhanced document by encoding document content in accordance with a defined schema, optionally encrypting the resulting structured data into an encrypted byte string, and embedding the encrypted byte string as non-visible metadata in a rendered document. The resulting enhanced document can be completely and accurately parsed by an enhanced document parsing system that is capable of extracting, decrypting and decoding the embedded document metadata.

Abstract: An example computing device is programmed to: (a) detect an attempt to secondarily access a user account, the user account being involved in an ongoing primary financial session with a primary device; (b) raise the level of authentication required to secondarily access the user account beyond that which was required to access the account for the primary financial session; (c) when successful authentication at the raised level is achieved, permit secondary access to the user account through a secondary financial session and compare one or more user activities occurring during the secondary financial session to a plurality of fraud profiles; and (d) indicate fraud when comparison of the user activity is consistent with one or more of the plurality of fraud profiles.

Abstract: Systems and methods create and distribute addressable virtual content with interactivity. The virtual content may depict a live event and may be customized for each individual user based on dynamic characteristics (e.g., habits, preferences, etc.) of the user that are captured during user interaction with the virtual content. The virtual content is generated with low latency between the actual event and the live content that allows the user to interactively participate in actions related to the live event. The virtual content may represent a studio with multiple display screens that each show different live content (of the same or different live events), and may also include graphic displays that include related data such as statistics corresponding to the live event, athletes at the event, and so on. The content of the display screens and graphics may be automatically selected based on the dynamic characteristics of the user.

Abstract: Various systems and methods for using a Merklized Adaptive Radix Forest (MARF), which is an authenticated index data structure that can be used by peers, clients, miners, and/or other participants in a blockchain network for efficiently encoding a cryptographic commitment to a blockchain state is described herein. For example, the MARF data structure can be used to represent a blockchain state as key-value pairs within an authenticated directory. The MARF data structure may include various merklized adaptive radix tries (ARTs) associated with different blocks in the blockchain, some of which may be linked together via one or more back-pointers.

Abstract: An information processing device (100) includes a map information generation unit (11) and a usage amount calculation unit (12). The map information generation unit (11) generates map information by using measurement information including a plurality of types of information measured by a measurement device (300) which measures information on features and is mounted on a measurement vehicle (310). The usage amount calculation unit (12) calculates a usage amount of the map information generation unit (11) used for generating the map information by using at least one of the plurality of types of information included in measurement information.

Abstract: A certificate-based methodology is used to establish the trustworthy relationship between source codes and produced binary files for a given software build. The trustworthy relationship between the source code and binary files is generated by recording build information during building of the source code. The build information may include build environment information, framework information, source files identification, intermediately generated files information, final binary files information, file operations during building of the source code, and/or commands/operations during building of the source code. A certificate is generated using the build information for establishing a relationship between the source code and a binary file created from the source code, and the certificate is signed with a public cryptographic key. A software release package is provided to the recipient including at least the source code, final binary files generated from the source code, and the certificate.

Abstract: An example operation may include one or more of receiving a resource request from a client, identifying a unique chaincode identifier associated with the resource request, re-instantiating a version of chaincode based on the unique chaincode identifier, the re-instantiation configured to disregard any subsequently implemented versions of the chaincode at the computing node, executing the resource request based on the re-instantiated version of the chaincode to generate a result, and transmitting the result to the client.

Abstract: In some examples, a security application may monitor data received from one or more of sensors of a computing device, one or more input devices of the computing device, or one or more biometric sensors of a smartwatch that is connected to the computing device. If the user is not logged in and the user that is carrying the computing device has an uneven gait or is stumbling, the security app may, when the user initiates a login process, gather additional data, such as, from the sensors, the smartwatch, or both. If the user makes too many errors, based on data from the input devices, when attempting to login or after logging in, the security application may gather additional data. If the additional data indicates that the user may be under the influence of prescription or recreational drugs or alcohol, the user may be prevented from logging in.

Abstract: Methods, systems, and computer-readable media are provided for delivering healthcare records with low latency. Healthcare data is collected from various disparate healthcare data sources. The data is filtered in accordance with routing rules to identify healthcare data to deliver to a processing node. The routing rules specify that healthcare data from a particular originating source of a particular data type is to be delivered to a particular processing node. The healthcare data is converted to a local format for use by a computing solution. This system of delivering healthcare data with low latency ensures that the data is delivered to the correct location in the correct format, even if the routing rules change.

Abstract: Systems and associated methods are described for providing content recommendations. The system receives a plurality of sets of range values, each of which corresponds to a respective one of a plurality of parameters for recommending the content. The system selects different values within each of the plurality of sets of range values over time and provides a plurality of content recommendations to users based on the selected different values. The system then analyze users' behavior in response to the provided plurality of content recommendations. The system further updates at least one set of range values based on the analyzed users' behavior.

Abstract: A social networking system maintains characteristics with its users, with various characteristics, such as age, specified by the users (i.e., “asserted characteristics”). The social networking system selects content for a user based at least in part on the characteristics associated with the user. To account for potential inaccuracies in an asserted age of a user, the social networking system clusters users based on ages of other users connected to users. The online system receives verified ages for users in a cluster from a trusted third party system that maintains more accurate characteristics for users than the social networking system. By comparing the asserted ages for users in the cluster to the verified ages for users in the cluster, the social networking system determines an accuracy of the asserted ages for users in the cluster. The accuracy may be used when selecting content for the users.

Abstract: The present invention relates to systems and methods suitable for verifying and compensating nodes for streaming multimedia. In particular, the present invention relates to systems and methods that utilize a blockchain to verify and compensate devices for computational resources contributions when streaming multimedia over a decentralized network.

Abstract: A digital asset security device, includes an asset capture unit configured to electronically capture a digital asset, a processor configured to digitally sign the captured asset, a memory configured to store a digitally signed asset from the processor, and a hashing module in communication the asset capture unit, the processor, and the memory, and configured to provide a cryptographic hash to one or more of the captured asset and the digitally signed asset.

Abstract: Techniques for detecting instances of external fraud by monitoring digital activities that are performed with accounts associated with an enterprise are disclosed. In one example, a threat detection platform determines the likelihood that an incoming email is indicative of external fraud based on the context and content of the incoming email. To understand the risk posed by an incoming email, the threat detection platform may seek to determine not only whether the sender normally communicates with the recipient, but also whether the topic is one normally discussed by the sender and recipient. In this way, the threat detection platform can establish whether the incoming email deviates from past emails exchanged between the sender and recipient.

Abstract: A device, system, and method determines a reading environment by synthesizing downstream needs. The method at a workflow server includes receiving a request from a physician device utilized by a referring physician, the request directed to performing an imaging procedure. The method includes determining at least one normalized need from the request, the normalized need corresponding to the referring physician. The method includes generating information to be included in a reading environment based on the at least one normalized need, the information assisting an image interpreter in interpreting the imaging procedure.

Abstract: Techniques are provided for computing with private healthcare data. The techniques include a de-identification method including receiving a text sequence; providing the text sequence to a plurality of entity tagging models, each of the plurality of entity tagging models being trained to tag one or more portions of the text sequence having a corresponding entity type; tagging one or more entities in the text sequence using the plurality of entity tagging models; and obfuscating each entity among the one or more tagged entities by replacing the entity with a surrogate, the surrogate being selected based on one or more attributes of the entity and maintaining characteristics similar to the entity being replaced.

Abstract: The disclosure relates to method and system for performing optimized image search. The method includes receiving an input image and user requirements with respect to an image search, identifying a sub-section from various sub-sections of the input image based on semantic parameters corresponding to each sub-section and the user requirements, and determining an optimal resolution of the sub-section based on a pixel density of various image formats derived for the sub-section. The method further includes identifying an optimal set of layers from a plurality of layers of an Artificial Neural Network (ANN) based image search model for performing the image search based on the semantic parameters for the sub-section, the optimal resolution of the sub-section, and historical data, and performing the image search to identify a set of output images similar to the sub-section based on a modified ANN based image search model comprising the optimal set of layers.

Abstract: A system and method for determining device attributes using a classifier hierarchy. The method includes: determining at least one exploitation condition for a medical device based on at least one first device attribute of the medical device and a plurality of second device attributes indicated in a vulnerabilities database, wherein the vulnerabilities database further indicates a plurality of known exploits for the plurality of second device attributes; analyzing behavior and configuration of the medical device to detect an exploitable vulnerability for the medical device, wherein the exploitable vulnerability is a behavior or configuration of the medical device which meets the at least one exploitation condition; and performing at least one mitigation action based on the exploitable vulnerability.

Abstract: An information processing apparatus includes an acquisition section that acquires information regarding a version configuration indicating a version of one program held by each of plural processing devices or a combination of versions of plural programs thereof, from each of the plural processing devices, and a selection section that selects a specific version configuration from plural version configurations acquired by the acquisition section in accordance with a predetermined rule, in a case where version upgrade for a program held by a target processing device is performed.