Abstract: A policy-based printing system is implemented to allow access to a private domain to print using a public domain. The private domain includes private servers that store documents. The public domain includes servers and a printing device. A public policy server uses a domain list and a protocol connection with a private authentication server to validate a user and identify which private domain to access. The public policy server receives requests from the printing device to process a print job of a document in the private domain. A user account may be used for personal and business printing by the user. The status of a document is determined and treated according to whether the document is a personal document.

Abstract: A method for fee-charging data of an application transmitted on a section of a communication network, implemented in a device for accessing the network. The method includes: detecting an activation of the application; transmitting an identification message including information relating to the identification of the application intended for an entity for managing sections of the network; receiving, from the entity for managing sections of the network, a notification message including at least one identifier of a section of the network and of fee-charging parameters associated with the at least one identifier; and, depending on the received message, initializing the fee-charging of the data of the application.

Abstract: Mechanisms for generating documents with confidential information are provided, the systems comprising: a memory; and a first collection of at least of one hardware processor coupled to the memory and configured to: receive from a user device a request for a first document with confidential information; generate a second document, that corresponds to the first document, with at least one token corresponding to the confidential information; transmit the second document to a second collection of at least one hardware processor in a high-trust network that is entitled to access the confidential information; receive from the second collection of at least one hardware processor in the high-trust network a uniform resource locator (URL) corresponding to the first document; and transmit the URL to the user device. In some of these mechanisms, the user device is in the high trust network.

Abstract: Removing protections on a session-key protected design include receiving a double encrypted vendor private key and an encrypted session key. The double encrypted vendor private key is decrypted into a single encrypted vendor-private key using a user private key, and the single encrypted vendor-private key is decrypted into a vendor private key using a vendor pass phrase. The encrypted session key is decrypted into a session key using the vendor private key, and the session-key protected design is decrypted into a plain design using the session key.

Abstract: A method comprising: receiving, for each of a plurality of subjects, each having a specified type of cardiovascular or cardiometabolic disease and receiving at least one specified therapy from a set of therapies for treating cardiovascular and cardiometabolic diseases, a first score representing a first genetic predisposition in said subject to respond to one or more of said set of therapies; at a training stage, training a machine learning model on a training set comprising: (i) all of said first scores, and labels associated with a response in each of said subjects to said at least one specified therapy; and at an inference stage, apply said trained machine learning model to a target said first score received with respect to a target subject, to predict a response in said target subject to at least one of said therapies in said set.

Abstract: Mechanisms (which can include systems, methods, and computer readable media) for generating documents with confidential information are provided, the mechanisms comprising: receiving, using a first collection of at least one hardware processor, a first document from a second collection of at least one hardware processor; replacing, using the first collection of at least one hardware processor, at least one token in the first document to produce a second document; causing the second document to be stored; and transmitting a uniform resource locator (URL) corresponding to the second document to the second collection of at least one hardware processor. In some of these mechanisms, the mechanisms further comprise serving the first document to a user device.

Abstract: Systems and methods for allowing one or more users to access a number of tenant systems in a multi-tenant cloud environment are disclosed. The method includes registering a user to the tenant systems based on an identity information received from the user. The same identity information is associated with each of the tenant systems. The method also includes creating an account corresponding to each of the tenant systems for the user. The method further includes allowing the user to access one or more of the tenant systems based on the identity information entered by the user. The user accesses the tenant systems by entering the same identity information. Further, the same identity information is used for identifying the user in each of the tenant systems.

Abstract: A data conversion unit that converts all or part of first data including secret target information and a part including the secret target information, into second data for reading or viewing; a masking processing unit that performs masking processing on the second data, thereby generating masking data; a storage unit that stores the masking data; and an output unit that outputs the masking data stored in the storage unit.

Abstract: Mechanisms for generating documents with confidential information are provided, the mechanisms comprising: sending, from a user device, a request for a first document with confidential information to a first collection of at least one hardware processor in a low-trust network that is not entitled to access the confidential information; receive a uniform resource locator (URL) corresponding to the first document from the first collection of at least one hardware processor at the user device; request, from the user device, the first document using the URL from a second collection of at least one hardware processor in a high-trust network that is entitled to access the confidential information; receive the first document at the user device; and cause the first document to be presented. In some of these mechanisms, the user device is in the high trust network.

Abstract: A system includes a plurality of nodes, an individual one of which transmits data to which a group signature is attached, and a plurality of management servers that are directly connected to each other. An individual one of the plurality of management servers includes a ledger for managing data received from the nodes. Addition of data to the ledger of at least one of the plurality of management servers is reflected on the ledgers of the other management servers.

Abstract: A method for archiving data relative to a user equipped with an electronic apparatus and having a user account on a server including a database, the method including: transmitting the data relative to the user from an electronic device to the server; storing the data relative to the user in a first container of the database of the server; generating, by the server, a temporary reference associated with the first container of the database; transmitting the temporary reference from the server to the electronic apparatus; accessing the data relative to the user from the electronic apparatus, a connection between the electronic apparatus and the server having been established previously.

Abstract: A system may include a central computational instance disposed within a remote network management platform, where the central computational instance provides authoritative representations of software application licensing information to other computational instances, and where the other computational instances are dedicated to respective managed networks. The system may also include a particular computational instance that is configured to receive a representation of particular software application licensing information for a particular software application installed within the particular computational instance.

Abstract: Techniques associated with data management and distribution are described, including receiving at a content distribution and management system activity data associated with a user from a client, the client having an interface configured to display commercial content and a player configured to access the content distribution and management system, storing the activity data in a database, displaying the commercial content using the interface, receiving other activity data associated with the user from the client, storing the other activity data in the database, determining other commercial content to display using the activity data and the other activity data, and displaying the other commercial content.

Abstract: A method and apparatus are disclosed herein for generating and sending priority alert notifications based on medical information, such as, for example, medical information obtained from analyzing medical images. In one embodiment, the method comprises: determining, using an image analysis engine, whether one or more features in a medical image of a patient meet predefined criteria, the predefined criteria being indicative of a medical condition; determining, using the image analysis engine, whether an alert notification is to be sent regarding results of determining whether the one or more features in the medical image meet the predefined criteria; and sending the alert notification with indicia indicative of a priority level if the one or more features in the medical image meet the predefined criteria, including sending medical information that prompted the image analysis engine to send the notification at the priority level.

Abstract: The disclosure extends to methods, systems, and devices for crowdsourcing an outcome to an issue through a platform. The method includes receiving voting data comprising a vote for an election from a user associated with an account facilitated by a voting server. The method includes generating a record for storing the voting data, wherein the record includes: a hashed identifier assigned to the user of the account, a public key assigned to the user of the account, and the voting data. The method includes broadcasting the record to a distributed network and storing the record on a blockchain database.

Abstract: Provided is a server device including a risk value acquisition unit that acquires a risk value in a case in which a user's anonymous information leaks and a processing execution unit that associates an anonym ID for identifying the anonymous information with the anonymous information. In a case in which the risk value exceeds a predetermined threshold value, the processing execution unit executes at least any of processing of switching the anonym ID associated with the anonymous information or processing of differentiating anonym IDs associated with a plurality of pieces of division information obtained through division of the anonymous information.

Abstract: Methods for secure communications using one-time pad encryption are provided. In one aspect, a method includes generating and sharing, via proximity inter-device communication, unique device codes on each of multiple devices to be paired or grouped together, intermixing the device codes to generate a one-time pad code, generating a random block of data based on the one-time pad code, persisting the one-time pad code and random block of data over each device, and encrypting/decrypting messages between the paired or grouped devices. Systems and machine-readable media are also provided.

Abstract: An Intelligent Platform (“IP”) comprises a Platform that employs an instance of a Software Defined Device (I-SDD) such that the Values of a set of Variables in an I-SDD shall reflect the Device State of interest at any given time. Whenever the Value of a Variable in I-SDD is changed, it could cause the Device to change to a different Device State.

Abstract: Disclosed are various approaches for validating public keys pinned to services or servers on private networks. A client device can request a first certificate from a trust service. The client device can then validate that the first certificate from the trust service is signed by a preinstalled certificate stored on the client device. Subsequently, the client device can receive a uniform resource locator identifying a network location of a secure sockets layer (SSL) pinning service, wherein the SSL pinning service is configured to provide a hash value for a first public key issued to a computing device. Finally, the client device can receive a second public key from the trust service, wherein the second public key is configured to encrypt network traffic sent to the SSL pinning service.

Abstract: Media content items is provided to content consumers for playback and consumption includes plurality of nodes interacting with each other in accordance with defined protocol in communication network. A first node receives a request for playback of a media content from a content consumer. A second node owns the requested media content and provides media content rights to the first participant and/or the content consumer. The first node further provides media content metadata to the consumer device for consumption. A plurality of instances of a distributed media rights transaction ledger, associated with respective node, includes a plurality of media content rights transactions corresponding to an acquisition of the media content rights by the first participant and/or content consumer prior to the consumption of the media content. The plurality of media content rights transactions is categorized, defined, and managed by plurality of nodes in accordance with the defined protocol.

Abstract: A retail payment, advertising, and content switching system and method are disclosed. According to one embodiment, a secure content source or a non-secure content source is allowed to drive a customer user interface, respectively, without compromising security requirements. The content may be video, audio, prompts, or any other type of content. A secure controller is provided to control one or more user input devices and a user interface access module to control whether a secure source or a non-secure source drives the user interface, depending on the security mode of the system. The secure controller, the user interface access module, and the customer input devices are provided in an anti-tampering module. The secure controller prevents the non-secure source from providing unauthorized prompts on the customer user interface to “fake out” the customer so that sensitive customer information is not passed “in the clear.

Abstract: Methods, apparatus and systems for operating a consumer mobile device to consummate an online purchase transaction. In some embodiments, the process features a mobile device processor that receives a mobile device single screen checkout request, initializes a single screen checkout application, and displays a single screen checkout user interface on a touch screen component. The single screen checkout user interface partially overlays a merchant checkout webpage, and includes purchase transaction options and a cardholder verification method (CVM) request message. The process also includes receiving user input responsive to the CVM request message, and displaying a transaction confirmed message on the touch screen component when the user input satisfies the CVM request message.

Abstract: A method for testing a web service is disclosed, the method including testing, by a testing application executing on a client computing system, a web service running at least partially on a server computing system. The testing includes directing a web browser of the client computing system to simulate user interaction with the web service to perform a particular operation that includes a particular set of sub-operations. The directing includes issuing one or more requests to perform the particular set of sub-operations. The testing also includes recording test information based on responses received from the web service in response to performing the particular set of sub-operations. The test information includes latency information for at least one of the sub-operations of the particular set. The method also includes presenting, by the client computing system, a user interface having a graphical element depicting an analysis of the recorded test information.

Abstract: A computer system comprising a processor and a memory for storing instructions, that when executed by the processor performs a copy protection method. The copy protection method comprises executing a software loop of a first software application in a first operating system. A first call is executed in the software loop to a code portion. A decrypted code portion of the first software application is executed in a second operating system in response to the first call. The code portion is decrypted in response to a successful validation of the first software application.

Abstract: Described is a content management system (CMS) arranged to provide a client device direct access to backend storage resources for the client device. The disclosed CMS can provision a transient storage bucket on backend storage resources for the CMS and provide the client device access credentials to upload digital content directly to the transient storage bucket. The CMS can cause the uploaded digital content to be replicated from the transient storage bucket to a persistent storage within the backend storage resources and can update the CMS based on the uploaded digital content. Additionally, the CMS can provide access credentials for the client device to download digital content directly from the backend storage resources for the CMS.

Abstract: Evaluating samples is disclosed. A sample is received. A system component dependency graph is built for the sample. In particular: (1) a dependency relation between at least one system event and at least one system component is analyzed; (2) dependency relations between a plurality of system components are analyzed; and (3) a dependency relation between at least one system component and at least one indirect call component is analyzed. A verdict for the sample is determined based at least in part on the system component dependency graph.

Abstract: Systems and methods to support player-initiated proof of in-game participation by unique digital articles in in-game events are disclosed. Exemplary implementations may execute instances of a game; manage player accounts associated with the players; record usage information pertaining to player-owned unique digital articles on a permanent registry; present a player interface for a player to select an in-game event; store video information of the selected in-game event; and record references to the stored video information on the permanent registry such that the video information is accessible for viewing by users of the permanent registry.

Abstract: File access in a network environment by detecting when files have been accessed at a computers in the network environment, and then generating unique content identifiers of the file content. The content identifier along with access metadata can be transmitted to and stored at a central location. The stored information can be used to track file content movement in the network environment.

Abstract: The specification describes methods and systems for processing information. An exemplary method includes reading, by a computing device through a near field communication (NFC) interface, an electronic tag to obtain product information stored in the electronic tag; storing, by the computing device, the product information in the computing device; generating, by the computing device, an order based on the stored product information; receiving, by the computing device, a settlement file after the order is paid, wherein the settlement file comprises a user identification (ID) and a user credit score corresponding to the user ID; and transmitting, by the computing device, the settlement file to a server for verification based on the user credit score.

Abstract: Systems and methods for evaluation hierarchical permissions are described herein. In an embodiment, a system identifies a plurality of permission sets for a document that is digitally stored in a data repository system, the data repository system having a hierarchical organization, the plurality of permission sets comprising a first permission set for a first hierarchical level of the data repository system and a second permission set for a second hierarchical level of the data repository system. Using at least the first permission set and the second permission set, the system identifies a plurality of requirement sets, each of the plurality of requirement sets comprising one or more required identifiers to satisfy the requirement set. When the system receives a request to access the document, the system determines whether identifiers corresponding to the request satisfy at least one requirement set of the plurality of requirement sets and, if so, permits access to the document.

Abstract: A method, apparatus for determining output information are provided. The method includes: acquiring at least one history behavior of a user after a first content is output, based on history behavior data of the user; determining a behavior habit of the user after the first content is output, based on the at least one history behavior of the user; and; determining output information for the user in response to the output of the first content, based on the behavior habit of the user. By obtaining different behavior habits corresponding to different users, personalized output information for the users is established.

Abstract: Systems, devices, methods, instructions, and other implementations are described for network data management. One embodiment involves request data received at a device associated with a digital lockbox, where the request data includes identifying information for an originating device associated with a location and is associated with a user device. A unique token is generated with the identifying information. The unique token can be used to tokenize a network link to create a secure one-time link. The system transmits the one-time link, which can then be used to facilitate secure communications between a computing system associated with the originating device and the user device.

Abstract: Methods, apparatuses, and systems for improving utilization of a communications system (e.g., a satellite communications system) are provided, using delayed reliability techniques as part of a multicast transport protocol. Embodiments may operate in a client-server context, in which the server-side of the communication link multicasts data to requesting users and to users where the data is being speculatively prepositioned. Requesting users may implement reliability checks to verify receipt of complete data in response to the request while user systems where data is being speculatively prepositioned may receive multicast reliability information in response to reliability requests from other users, but may not request replacement of missing or corrupted data themselves until a request is made for the data by that system.

Abstract: A file fingerprint may be provided as a composite of multiple hashes of different portions of the file. The composite hash allows the fingerprinting process to be interrupted while still providing information about a likely hood of two files being identical.

Abstract: Techniques for utilizing a metric tracking agent to track how resources are used to process a payload across different network boundaries are disclosed herein. A process that is to be performed on a payload within a boundary is identified. A metric tracking agent is also identified, where this metric tracking agent defines a scope of the process and is associated with a metric counter used to determine a metric value for the process. While the process is being performed in accordance with the defined scope, the metric value is calculated so as to reflect the resource usage expended by the network boundary and is logged by a log associated with the metric tracking agent. The metric tracking agent, which includes the metric value, is then provided to either a subsequent system boundary or to a metric store.

Abstract: Systems and methods for automatically generating top level index files for use in adaptive bitrate streaming in accordance with embodiments of the invention are disclosed. One embodiment of the method of the invention includes receiving a request from a playback device at a playback server, where the request identifies a piece of content, retrieving a list of assets associated with the identified piece of content using the playback server, filtering the list of assets using at least one predetermined criterion using the playback server, generating a top level index file describing each asset in the filtered list of assets using the playback server, and sending the top level index file to the playback device using the playback server.

Abstract: Methods, systems, and apparatus, including computer programs encoded on a computer storage device, for receiving a first request for a particular document relating to a food ingredient supplier or an ingredient supplied by the food ingredient supplier, from a first customer of the food ingredient supplier, receiving a second request for the particular document, from a different, second customer of the food ingredient supplier, providing, to the food ingredient supplier, an interface including a representation of the first and second requests, receiving, from the food ingredient supplier, the document relating to the food ingredient supplier or the ingredient supplier by the food ingredient supplier, and an indication that the document is to be distributed to both the first customer and the second customer, and in response to indication, providing the document to both the first customer and the second customer.

Abstract: A method for maintaining links and revisions for a plurality of documents is described. The method is carried out by one or more computing devices. Requests that indicate revisions to be carried out on the plurality of documents are received, at least one of the requests corresponding to revisions for different documents of the plurality of documents. For each request: a workspace revision counter that is shared by the plurality of documents is incremented, the workspace revision counter indicating a revision state of the plurality of documents, the revision is queued in a workspace revision queue that is shared by the plurality of documents, and the revision indicated by the request is caused to be performed on one or more documents of the plurality of documents that correspond to the request.

Abstract: In one aspect, the present disclosure relates to a method for improved security in a networked computing environment, the method comprising: receiving, from a user device, a registration request comprising a user identifier for a user; receiving, from the user device, user credentials to access one or more online accounts associated with the user; accessing the one or more online accounts to retrieve user activity data for the user; analyzing the retrieved user activity data to determine one or more merchants associated with the user; storing, in a database coupled to a server device, a mapping between the user and the one or more merchants; receiving, from a monitoring service, an indication that a first merchant of the one or more merchants has experienced a data breach; and sending a notification to the user in response to determining that the first merchant has experienced a data breach.

Abstract: A server network accepts asynchronous notification messages from multiple application servers and efficiently routes notification messages in the form of notification taps to a user device, which can operate in a low power mode. The user device may or may not be a cellular device. The server network maintains states for the user devices in terms of identifiers useful for routing. A network server proximate to the user device registers the identifiers useful for routing the notifications. When the server network receives a notification from a source application, the proximate network server determines a routing based on the registration and sends a notification tap to the user device. The user device can obtain notification content sourced by the source application. The user device can delegate the role of receiving notification taps to a delegate device, where the delegate device may have wall-power and/or a wired or wireless network connection.

Abstract: The apparatus disclosed herein, in various aspects, includes a digital asset, and an amulet that comprises an encrypted self-validating string. The amulet may be external to the digital asset. The apparatus may include a manager that cooperates securely with the digital asset and cooperates securely with the amulet to control access to the digital asset as specified by the amulet. In some aspects, the manager cooperates with the digital asset and with the amulet, at least in part, through shared memory in process space. In other aspects, the manager cooperates with the digital asset and with the amulet, at least in part, through a RAM drive in memory, the RAM drive at least partially hidden from an operating system of the computer. In yet other aspects, the manager cooperates with the digital asset and with the amulet, at least in part, through a virtual machine accessible only by said apparatus.

Abstract: A technology is provided for synchronizing data with delayed subscriptions. A request may be received at a data proxy for a data snapshot for an application that has been offline at the client. A subscription may be held for a pre-determined amount of time after the request for the snapshot. The data snapshot may be sent to the client. The data for the subscription may be sent after the pre-determined amount of time.

Abstract: A local node for updating detection models while maintaining data privacy has an aggregation module, a retraining module, an instructions module, and a sharing module. The aggregation module aggregates the data into features that describe the contents of the data. The retraining module retrains the detection model using the features by implementing an algorithm that includes at least one selected feature and a threshold for triggering an activity alert. The instructions module determines instructions for calculating the at least one selected feature from a different collection of data. The sharing module generates a package having the instructions for calculating the at least one selected feature from the different collection of data and the threshold, and transmits the package to a local node for implementation of the retrained detection model with data stored at the local node.

Abstract: An index generation device 100 generates key presence information for a plurality of input files when lexical analysis on the plurality of input files are executed, the key presence information including information whether each of a plurality of keys is present in the plurality of input files and presence positions of the respective plurality of keys when the respective plurality of keys are present in the plurality of input files. The index generation device 100 generates index information about the keys and the positions for the plurality of input files based on the key presence information.

Abstract: Various embodiments for configuring a medical database by a processor in communication with at least one storage device in a computing environment are provided. Medical data are assigned to a patient. A plurality of data types is organized for the medical data. Portions of each of the plurality of data types are designated as public and private data. A plurality of access levels is organized for the medical data. Each of the plurality of data types includes the plurality of access levels. A first access level of the plurality of access levels corresponds to the patient. The medical data is classified according to the plurality of data types, for each of the plurality of data types, according to the plurality of access levels, and according to one of the public and the private data. The medical data is encrypted in a hierarchical structure corresponding to each of the plurality of access levels.

Abstract: The invention provides, in one aspect, an improved system for data access comprising a file server that is coupled to a client device or application executing thereon via one or more networks. The server comprises static storage that is organized in one or more directories, each containing, zero, one or more files. The server also comprises a file system operable, in cooperation with a file system on the client device, to provide authorized applications executing on the client device access to those directories and/or files. Fast file server (FFS) software or other functionality executing on or in connection with the server responds to requests received from the client by transferring requested data to the client device over multiple network pathways. That data can comprise, for example, directory trees, files (or portions thereof), and so forth.

Abstract: There is described a method and data processing gateway comprising: data processing circuitry for performing data processing operations in response to program code; a first execution environment (FEE) and a second execution environment (SEE) for storing data and program code, wherein data and program code stored in the FEE when accessible to the data processing circuitry configured to operate in the FEE is inaccessible to the data processing circuitry when configured to operate in the SEE, the FEE comprising: a data ingestion store for receiving a device decryption mechanism into the FEE to decrypt encrypted device data, the data ingestion store further for receiving encrypted device data into the FEE and for decrypting the encrypted device data using the device decryption mechanism; and a subscriber client manager for receiving a first subscriber encryption mechanism into the FEE, and further for encrypting device data using the first subscriber encryption mechanism and further for transmitting encrypted dev

Abstract: A method, device, and computing apparatus for acquiring broadcasting content are provided. The method includes: in a recognition step, recognizing a type of multimedia player in a target webpage and an output mode for broadcasting multimedia resource; and in a broadcasting-content acquiring step, based on the type and the output mode, acquiring broadcasting content of a multimedia resource played by the multimedia player.

Abstract: Systems and methods for obtaining access to a session with a remote cloud service server. The methods comprising: receiving, by a first client computing device, a user unique identifier from a mobile device located in proximity to the first client computing device; and performing facial recognition operations by the first client computing device subsequent to the reception of the user unique identifier. The facial recognition operations comprise: capturing an image of the mobile device's user; and analyzing the image to obtain a user name associated with the facial features represented therein. A determination is made as to whether the user name matches the user unique identifier. If so, a first session with the remote cloud service server is automatically launched.

Abstract: A transaction system has Internet-connected partner platforms hosted by real-estate sale enterprises, displaying property for sale or rent with an Offer-Now button initiating coded instructions to display an electronic input form enabling a person to configure an offer on one of the properties, and an Internet-connected service enterprise providing the coded instructions to the partners, configured specifically to partner requirements. Upon the person activating the Offer Now button from a mobile device, a verification code is sent to the device, to be returned to verify the device, and offer input provided through the device and the electronic form is tracked to be saved as an offer for sale or rent of the specific property.