Abstract: Described are techniques for generating and employing decentralized asset identifiers for cross-blockchain network asset transfers, the techniques including registering a decentralized asset identifier to an asset with a local asset identifier, where the decentralized asset identifier is immutable. The techniques further include endorsing a proposed transaction for transferring the asset from a first controller associated with a first blockchain network to a second controller associated with a second blockchain network, where the proposed transaction utilizes the decentralized asset identifier. The techniques further include exchanging, in a document associated with the decentralized asset identifier and retrieved from an identity network, the first controller for the second controller.

Abstract: A system including: a transceiver; a boot processor configured to: capture an image of a container of the system, determine whether the system container image has been modified, and post, to a node of a distributed ledger network, a first attestation based on a determination of whether an anomaly exists in the system container image; a system processor; and a memory storing instructions that instruct the system processor to: receive a request to connect to an external device, request a second attestation from a node of the distributed ledger network as to whether an anomaly exists in the external device container image, determine whether an anomaly exists in the external device container image, and either: establish, in response to determining that an anomaly does not exist, a connection with the external device, or deny the request to connect to the external device in response to determining that an anomaly exists.

Abstract: Tracking software usage through the following operations: calculating current digests of common libraries used by software programs and obtaining digital signatures of tracking information of the software programs comprising identifiers of their common libraries and the corresponding current digests; responses are returned to calls for the software programs in association with the corresponding tracking information and digital signatures. A corresponding method under the control of a client comprises receiving a response to a call for a software program in association with the corresponding tracking information and digital signature. The common libraries of the software program are tracked according to a verification of the digital signature and of the current digests against corresponding reference digests. Computer programs and computer program products for performing the methods are proposed. Moreover, corresponding server computing system, client computing system and computing infrastructure are proposed.

Abstract: A system may include a plurality of camera devices configured to acquire image data associated with a property. The system may also include a processor that receives the image data from the plurality of camera devices, receives insurance policy data associated with the property from a database, and adjusts one or more terms of the insurance policy data based on the image data.

Abstract: Described herein are methods, systems, and computer-readable storage media for generation of a secure and dynamically mutable operating system. Techniques include receiving a request to execute an application causing instantiation of an operating system by identifying one or more needed modules that include core kernel modules and operating system service modules that are dynamically plugged-in or unplugged based on the execution of the application. Techniques may further include assigning a separate memory space with a separate virtual address for each of the one or more modules, generating a unique cryptographic key for each of the one or more modules, storing each virtual address and corresponding unique cryptographic key together. Further the operating system generation system encrypts each of the one or more modules using their corresponding unique cryptographic key.

Abstract: This disclosure covers systems and methods that administer a digital survey to respondents who interact with a biometric sensor to collect and convert biometric data into behavioral and physical characteristics of the respondents. In certain embodiments, by converting biometric data into respondent characteristics, the disclosed systems and methods identify various unwritten or nonverbal responses of survey respondents who respond to a digital survey or who interact with a display medium that captures survey data. To facilitate review of respondents' characteristics and responses, in some embodiments, the disclosed systems and methods further categorize the converted respondent characteristics within a response database for the digital survey.

Abstract: A computer-implemented method includes receiving, by a storage system, encrypted data and a set of key identifiers. Each key identifier is associated with information specifying a storage location for which the key identifier is authorized. The method also includes storing, by the storage system, the encrypted data in at least one storage location and receiving, by the storage system, at least one key identifier of the set of key identifiers with a data access request. The method includes determining, by the storage system, whether the data access request is authorized for the at least one key identifier.

Abstract: Embodiments relate to systems and methods for cloud-based brokerage exchange of software entitlements. A user can host on-premise software applications on physical hardware, and extend those applications to the cloud based on a set of entitlements developed in conjunction with the vendor(s) of the software. The set of entitlements enjoyed by the user and/or offered by the vendor(s) can be exposed to a bidding marketplace via a brokerage engine and associated bidding service, which can be hosted on a Web site. Other users, and/or other vendors interesting in consuming or supplying premise or loud-based images of the software, or related services, can be to obtain or supply those resources through the brokerage service. The license terms including usage rates, number of users or images, security constraints, and/or other terms of software delivery and usage can be recorded in a dynamically updated entitlement database.

Abstract: A software development infrastructure can enable user developers to select remote hardware devices at a remote datacenter to develop and test software programs, such as web or mobile applications. The developer can remotely install an application on a selected remote device and observe a mirrored display of the remote device on a browser local to the developer. The software development infrastructure can enable the developer to test offline mode workflows of the application by blocking network traffic to and from the application but allowing network transmission to and from a streaming application installed on the remote device.

Abstract: A digital artwork display device, a digital artwork management method, and an electronic device are provided. The digital artwork display device includes a registration circuit, a transaction circuit, and a file decryption circuit. The registration circuit is configured to apply for a device identifier and a device public-private key pair, and the device public-private key pair includes a device public key and a device private key. The transaction circuit is configured to acquire a use license, and the use license includes the device identifier and a content key ciphertext obtained by encrypting a content key by using the device public key. The file decryption circuit is configured to decrypt the content key ciphertext in the use license by using the device private key to obtain the content key, and decrypt an encrypted file by using the content key to obtain an original file.

Abstract: Routing log-based information between production servers and logging servers is disclosed. A log entry for a logging server is generated at a production server. A shard identifier is computed for a shard associated with the logging server based on application of a hashing algorithm to properties associated with the production server. The hashing algorithm and properties are selected to prevent or minimize the likelihood of computing of the same shard identifier by another production server for the same shard associated with the logging server. The log entry is transmitted to the shard associated with the logging server. A determination is made that the logging server has malfunctioned by detecting that the log entry transmitted to the shard is absent. In response, another shard identifier is computed for another shard of another logging server and a subsequent log entry from the production server is transmitted to the another shard of the another logging over. No load balancers are used by the routing system.

Abstract: Methods and systems for network communication are disclosed. Proxy information may be received. The proxy information may facilitate a gateway device communicating as a proxy for a user device.

Abstract: Aspects of the present disclosure involve a system and a method for performing operations comprising: receiving, by a messaging application, content from a given user; selecting a metric for measuring performance of the content on the messaging application; measuring performance of the content on the messaging application; computing a value of the performance of the content on the messaging application based on the selected metric; and updating a restricted use token wallet stored in a profile for the given user based on the computed value of the performance of the content.

Abstract: Methods and apparatus for secure software defined storage are disclosed. An example apparatus includes memory and a processor to access a read request for data written to a software defined storage location, obtain the requested data from the software defined storage location, perform a classification operation on the requested data to obtain classification data corresponding to the requested data, the classification data to represent whether the requested data includes personally identifiable information, in response to determining that the requested data includes personally identifiable information, apply data loss prevention to the requested data to create response data, determine whether a client requesting the data from the software defined storage location is authorized to access the requested data, and in response to determining that the client requesting data is authorized to access the requested data, transmit the response data to the client.

Abstract: Systems and methods for distribution of enterprise software and compensation for usage of the enterprise software are disclosed. Exemplary implementations may: store information including executable code of software applications; receive user input from administrative users regarding eligibility of individual software applications for different users; facilitate execution of different eligible software applications as selected by the different users; monitor billable execution of the software applications; determine compensation amounts that correspond to monitored billable execution; and presenting information to a given administrative user regarding the determined compensation amounts.

Abstract: Techniques and apparatus for managing remote attestation of infrastructure components based on a customer controlled dynamic attestation policy are described. One technique includes receiving a user-specified configuration for managing remote attestation of infrastructure component(s) hosted in a cloud computing environment. The user-specified configuration indicates information related to managing the life-cycle of the infrastructure component(s). For example, the user-specified configuration can indicate attributes associated with the infrastructure component(s), criteria for validating an attestation policy for the infrastructure component(s), criteria for rotating an attestation policy for the infrastructure component(s), etc. An attestation policy for each infrastructure component is generated, based on the user-specified configuration. The attestation policy for each infrastructure component indicates which of the attributes to use during remote attestation of the infrastructure component.

Abstract: Systems, apparatuses, and methods for implementing a metadata tweak for channel encryption differentiation are disclosed. A memory controller retrieves a device-unique identifier (ID) from a memory device coupled to a given memory channel slot. The memory controller uses the device-unique ID to generate a tweak value used for encrypting data stored in the device. In one scenario, the device-unique ID is embedded in the address bits of the tweak process. In this way, the memory device can be migrated to a different memory channel since the data can be decrypted independently of the channel. This is possible since the device-unique ID used for the tweak operation is retrieved from the metadata stored locally on the memory device. In one implementation, the memory device is a persistent dual in-line memory module (DIMM). In some implementations, the link between memory controller and memory device is a compute express link (CXL) compliant link.

Abstract: Installing and running an application for a terminal are described. A method for installing and running the application includes uploading an application to an application store. The method further includes downloading, by a terminal, the application from the application store, wherein the terminal is connected to the application store by a network. Furthermore, the method includes authorizing, by a terminal management server (TMS) coupled to the terminal and the application store via the network, the terminal to install and run the downloaded application.

Abstract: A method is performed to regulate access to electronic content based on content usage telemetry data. A first computer receives, from a second computer system, a request for access to electronic content. The first computer system determines, based on an access profile associated with the second computer system, that the second computer system is authorized to access the electronic content. A first authorization message indicating that the second computer system is authorized to access the electronic content is transmitted from the first computer system to the second computer system. The first computer system receives, from the second computer system, content usage telemetry data including data items indicating metrics of use of the electronic content by the second computer system. The first computer system modifies the access profile of the second computer system based on the content usage telemetry data.

Abstract: According to embodiments of the present disclosure, there is provided an edge authentication node, a central authentication node, a method implemented in each node, a system including each node, and a corresponding computer-readable storage medium for license authentication. The method implemented in the edge authentication node includes: receiving a license authentication request from a client node, the license authentication request includes client fingerprint information associated with the client node; decrypting, based on the client fingerprint information, a license certificate associated with the client node generated by the central authentication node, so as to obtain license information associated with the client node; and transmitting a license authentication response to the client node based at least partially on the license information obtained.

Abstract: A secondary authentication system and computer-implemented method for obtaining real-time cardholder authentication of a payment transaction associated with a cardholder's payment card includes a memory device for storing data and a processor communicatively coupled to the memory device. The processor is programmed to receive a payment authorization request message including a primary account number corresponding to a payment account of the cardholder for funding the payment transaction. In addition, the processor is programmed to determine whether the payment account requires secondary authentication by the cardholder for the payment transaction, and if, based on the determination, the payment account requires secondary authentication of the payment transaction, place the payment transaction on hold.

Abstract: A method for personalizing reviews for a user on a social network, comprising the steps of: receiving from at least two or more users a rating and a recommendation for a reviewable item, wherein the rating is numerical value in a rating scale, and wherein a recommendation is a binary endorsement; receiving a request from a user to view the ratings and recommendations for one or more reviewable items; determining a combined rating and an combined recommendation for all users of the social network at one or more social degrees for the one or more reviewable items; and displaying, by a user interface, the combined rating and combined recommendation for all users of the social network at one or more social degrees for the one or more reviewable items.

Abstract: Consumption of online content is tracked to increase a likelihood that the user is paying attention. A request is received from a remote processing device to begin receiving content, and a block of content is assembled, the block of content having a known content playback duration. Additionally, a post block verification duration is associated with the block of content. The assembled block of content is communicated to the remote processing device for playback thereon, and a perception indicator is collected during playback of the block of content. The collected perception indicator is compared against a perception threshold. Also, a post block verification is performed immediately after playback of the block of content for the post block verification duration. A contingency result is then determined based upon the comparison of the perception indicator to the perception threshold, and whether a valid feedback is received within the post block verification duration.

Abstract: Systems and methods for text-to-speech audio processing and audio transduction include compiling a digital data collection program to be distributed to computing device(s), the compiling including receiving data collection information that includes textual data of query(s) to be included in the digital data collection program and implementing text-to-speech data processing of the textual data that generates audio data of the query(s). The compiled digital data collection program that includes the generated audio data is distributed to the computing device(s) for execution thereby facilitating displaying, via a user interface of a user device, the query(s) and facilitating providing, via the electroacoustic transducer, an audio output of the audio data corresponding to the displayed query(s). Response data input by a user of the user device and received in response to the query(s) is collected and aggregated with additional response data collected from other user(s) of the computing device(s).

Abstract: Generating anonymized data from events are disclosed. Via a graphical user interface (GUI), an output dataset mode for an anonymized output dataset is received. The output dataset mode is stored or an active stream. The output dataset mode in anonymization configuration information. An anonymized output dataset is produced in accordance with the anonymization configuration information, where the output dataset comprises information related to at least a portion of a plurality of events, wherein the plurality of events each comprise a timestamp and a portion of machine data. Further, the GUI to displays the anonymized output dataset.

Abstract: A virtual computer system service receives a request from a customer to provision a dedicated server for the exclusive use of the customer. The dedicated server may be used to launch one or more virtual machine instances. The virtual computer system service subsequently selects, from a pool of available servers, a server that can be dedicated to the customer and that does not have capacity allocated to any other customer. The virtual computer system service may update a database to specify, in an entry corresponding to the selected server, that the server has been dedicated for the exclusive use of the customer. Once the database has been updated, the virtual computer system service will enable the customer to launch a virtual machine instance using the dedicated server.

Abstract: An apparatus comprising a server. The server can be configured to receive a request for content from a mobile computing device. The server can be configured to transmit the content to the mobile computing device in response to the request. The content can include an advertisement. The mobile computing device can be configured to store an indication of whether the content has been previously presented on the mobile computing device. The server can be configured to receive an identifier from the mobile computing device in response to a presentation of the content by the mobile computing device if the content is being presented for the first time on the mobile computing device. The identifier can indicate whether the content is presented on the mobile computing device for the first time. The server can be configured to monitor the exposure of the advertisement based on the identifier.

Abstract: A charging system includes load meters mounted in a vehicle, the load meters each measuring a load exerted on an axle or a wheel and deciding a measurement result and an onboard unit that acquires the measurement results of the load meters and is capable of communicating weight information on the weight of the vehicle based on the measurement results to a roadside machine.

Abstract: Techniques for encrypting data using a key generated by a physical unclonable function (PUF) are described. An apparatus according to the present disclosure may include decoder circuitry to decode an instruction and generate a decoded instruction. The decoded instruction includes operands and an opcode. The opcode indicates that execution circuitry is to encrypt data using a key generated by a PUF. The apparatus may further include execution circuitry to execute the decoded instruction according to the opcode to encrypt the data to generate encrypted data using the key generated by the PUF.

Abstract: Methods and systems for performing a computational operation on a server host are provided. Exemplary methods include: receiving an encrypted service request from a client host, the client host encrypting a service request to produce the encrypted service request using a shared secret, the service request specifying the computational operation; decrypting, in a secure enclave, the encrypted service request using the shared secret to produce a decrypted service request, the secure enclave preventing other software running on the server host from accessing the shared secret and other data stored in a memory space; performing the computational operation, in the secure enclave, using the decrypted service request to generate a service result; encrypting, in the secure enclave, the service result using the shared secret to create an encrypted service result; and providing the encrypted service result to the client host, the client host decrypting the encrypted service result.

Abstract: Techniques for encrypting data using a key generated by a physical unclonable function (PUF) are described. An apparatus according to the present disclosure may include decoder circuitry to decode an instruction and generate a decoded instruction. The decoded instruction includes operands and an opcode. The opcode indicates that execution circuitry is to encrypt data using a key generated by a PUF. The apparatus may further include execution circuitry to execute the decoded instruction according to the opcode to encrypt the data to generate encrypted data using the key generated by the PUF.

Abstract: A computer-implemented method includes producing medical information that characterizes a group of individuals from a set of private data representing pre or post-encounter characteristics of the individuals, wherein the individuals have had encounters with a healthcare facility. The identity of the individuals is unattainable from the produced medical information. The method also includes providing the produced medical information to report the pre or post-encounter characteristics of the group.

Abstract: An example operation may include one or more of storing, within a blockchain, a request comprising an identifier of content and a value of a user who created the content, detecting consumption of a reusable instance of the content by a second user, designating fractional values of the content to the first and second users based on the detected consumption of the reusable instance, and storing, within the blockchain, a second request comprising an identifier of the reusable instance of the content, identifiers of the first and second users, and the designated fractional values of the content to the first and second users.

Abstract: The data management device includes a determination unit that determines whether the secondary data generated from the source data to be processed complies with the data handling rules that use statistical information and a data processing unit that performs the processing a determination result by the determination unit. The determination unit estimates the statistical information from the source data to be processed, and determines whether the data handling rule is complied with, prior to the generation of the secondary data, based on whether the secondary data generated based on the estimated statistical information satisfies the statistical values of the statistical information. The data processing unit executes processing when it is determined that the data handling rules are complied with to generate secondary data and does not perform the processing process when it is determined that the data handling rules are not complied with.

Abstract: A method and system can include processing title and title opinion document images to generate text information. Trained models may generate data objects representative of period of time during which certain rights to a property exist. The trained models may also generate rules for modifying the data objects and interrelating the data objects to each other. In some examples, a confidence level can be generated and will reflect a likelihood of a data object including correct information. The modified and interrelated data objects may be used to generate a navigable interface which includes a current title status for a property and a navigable chain of title reflecting historical rights to the property.

Abstract: Virtual networks may be launched in a provider network with an initial IP address space (e.g., an IPv4 CIDR block). Methods are described that allow additional IP address spaces to be added to a virtual network. A new IP address space for a virtual network may be specified via an API. The specified space may be checked to insure that it does not overlap with IP spaces that are associated with the virtual network. If there are no overlaps, the space is added to the network, for example by adding the space to the network's route tables.

Abstract: In a communication system, a first network node is configured to execute at least one service application executing a first service and at least one analytics application executing at least part of a distributed analytics service. The first network node obtains information about a new telecommunication service and transmits, to a second network node in the communication system, a request for a policy for the new telecommunication service. The first network node receives, from the second network node, the policy for the new telecommunication service and updates a currently applied policy on the basis of the received policy. The updated policy rebalances resources allocated from a shared computing resource pool of the first network node between the new telecommunication service and the at least one analytics application such that the new telecommunication service maintains adherence to the one or more requirements of a service level agreement.

Abstract: Embodiments of the invention are directed to a computer-implemented method of operating a multi-screen virtual reality environment. The computer-implemented method includes performing a wall arrangement and transmission (WA&T) protocol that includes receiving at a second module a function transmitted by a first module over a network to the second module. The second module and the function received over the network are used to generate priority data that identifies a priority of each of a plurality of individual video streams generated by a plurality of video sources. Based at least in part on the priority, the second module is used to generate reduced-size video streams that include selected ones of the plurality of individual video streams. The second module transmits the priority data and a multi-screen video stream that includes the reduced-size video streams and non-reduced-size video streams of the plurality of individual video streams.

Abstract: The present technology relates to an information processing device, an information processing method, and a program that can ensure content-related application programs can be reliably utilized. A client 11 reproduces content distributed from a content server 12 via a network 21, and if the content being reproduced is identified by an ACR server 13, a T/SS for managing an application relating to the identified content is acquired from a T/SS server 14, a predetermined application distributed from an application server 15 is acquired on the basis of the T/SS acquired, and the activation and so on of that application is managed, and the application can therefore be reliably utilized. The present technology can, for example, be applied to a content distribution system that distributes content and content-linked applications.

Abstract: A management apparatus (20) includes: a storage unit (21) which stores user attribute information that associates a user who manages information related to crises and an attribute of the user with each other, correspondence information that associates the attribute and an external system of which the attribute is login-enabled with each other, and login information with respect to each external system; an external login information processing unit (223) which, when receiving a login request to an external system from a user, refers to the user attribute information, the correspondence information, and the login information stored in the storage unit, acquires an attribute of the user, and acquires information on an external system to which the acquired attribute is login-enabled; and an external login processing unit (224) which executes a login to an external system to which a login has been requested among the login-enabled external systems.

Abstract: At least one information processing apparatus includes a circuitry that: receives, as a package management unit, a setting of a role, which can assign a usage authority of an application package containing at least one application, with respect to the application package, and permits or restricts, as a user management unit, a user to use the application package in conformity with the role, which is allocated to the user of the application, and the role, which is set in the application package.

Abstract: Systems and methods associated with providing portals that processes electronic requests as well as generates and displays associated data are disclosed. In one embodiment, an exemplary method may comprise providing a portal comprising user interfaces configured to receive inputs from members of an organization and process related information, utilizing iframes in the portal to integrate forms from different applications within the organization that have different computing platforms, generating an intake request dashboard for the members comprising an intake form and a cost estimator tool, and generating an approver dashboard comprising an interactive user interface that displays integrated information regarding events to an approver and a UI mechanism for approving the electronic request.

Abstract: Provided herein are method, apparatus, and computer program products for generating a first and second three dimensional interactive environment. The first three dimensional interactive environment may contain one or more engageable virtual interfaces that correspond to one or more items. Upon engagement with a virtual interface the second three dimensional interactive environment is produced to virtual simulation related to the one or more items.

Abstract: A file sharing system and methods therefor share one or more files without requiring the files be sent to or stored on a server. The file sharing system enables files to be shared from a user device allowing users to maintain control of the files by storing and sharing files off the cloud. Sharing and file access is typically effectuated via a server and one or more links provided by the server. File access is limited to selected file access types.

Abstract: Techniques for encrypting data using a key generated by a physical unclonable function (PUF) are described. An apparatus according to the present disclosure may include decoder circuitry to decode an instruction and generate a decoded instruction. The decoded instruction includes operands and an opcode. The opcode indicates that execution circuitry is to encrypt data using a key generated by a PUF. The apparatus may further include execution circuitry to execute the decoded instruction according to the opcode to encrypt the data to generate encrypted data using the key generated by the PUF.

Abstract: Provided is a method, performed by an electronic device, of managing keys for accessing a plurality of services in an integrated manner to improve interoperability and secure security. The method includes transmitting, by a secure domain (SD) in a secure area of the electronic device, a certificate of the SD to a plurality of service providers (SPs); receiving, by an application installed in the electronic device, a certificate of each of the plurality of SPs from the plurality of SPs; receiving, by the application, first signed data from a first SP among the plurality of SPs; authenticating, by the application, the first signed data by using a certificate of the first SP received from the first SP and obtaining an encrypted key of the first SP from the first signed data; decrypting, by the SD, the encrypted key of the first SP by using a private key of the SD; and storing the decrypted key of the first SP in a first instance corresponding to the first SP among a plurality of instances of the SD.

Abstract: Provided are systems and methods enabling enrollment in promotions via a tokenization platform. In one example, the method may include establishing a network communication channel between a tokenization platform and a digital wallet of a user device, transmitting a promotion from the tokenization platform to the digital wallet on the user device via the established network communication channel, receiving authorization to accept the promotion at the tokenization platform from the digital wallet on the user device, and identifying tokenized payment account information of the digital wallet stored at the tokenization platform and automatically transmitting information about the tokenized payment account information of the digital wallet information from the tokenization platform to a promotion enrollment system associated with the promotion.

Abstract: A policy-based printing system is implemented to allow access to a private domain to print using a public domain. The private domain includes private servers that store documents. The public domain includes servers and a printing device. A public policy server uses a domain list and a protocol connection with a private authentication server to validate a user and identify which private domain to access. The public policy server receives requests from the printing device to process a print job of a document in the private domain. A user account may be used for personal and business printing by the user. The status of a document is determined and treated according to whether the document is a personal document.

Abstract: A system includes an ingestion component configured to receive a request from an entity for content related to a content item and a user identity. The request has a content identifier representative of the content item and a token. A request processing component of the system is configured to access a database associated with the system and identify the content item and the user identity using the content identifier and the token, wherein the database has information associating the token with the user identity and associating the content identifier with the content item. In response to identification of the content item and the user identity, the request processing component directs a recommendation engine associated with the system to identify the content related to the content item and the user identity. Information identifying the content related to the content item and the user identity is then transmitted back to the entity.

Abstract: Techniques are described for managing communications between multiple intercommunicating computing nodes, such as multiple virtual machine nodes hosted on one or more physical computing machines or systems. In some situations, users may specify groups of computing nodes and optionally associated access policies for use in the managing of the communications for those groups, such as by specifying which source nodes are allowed to transmit data to particular destinations nodes. In addition, determinations of whether initiated data transmissions from source nodes to destination nodes are authorized may be dynamically negotiated for and recorded for later use in automatically authorizing future such data transmissions without negotiation. This abstract is provided to comply with rules requiring an abstract, and it is submitted with the intention that it will not be used to interpret or limit the scope or meaning of the claims.