Abstract: A system including memory, a lookup circuit and an address circuit. The memory can store a plurality of tables. Each table can have a plurality of entries and each entry can have an entry index. The lookup circuit can be coupled with the memory. The lookup circuit can provide the plurality of entry indexes of the plurality of tables to the address circuit. The address circuit can include a first circuit, a second circuit, and third circuit. The first circuit can include a plurality of entry scramblers. The second circuit can include a plurality of translators, and the third circuit can include a plurality of row scramblers.

Abstract: Described are techniques for asset management using an asset management identification key. The techniques include populating, based on input to a front-end portal, a plurality of fields including a plurality of attributes and a serial number of a device. The techniques further include hashing each of the plurality of fields. The techniques further include hashing a contiguous sequence of the hashed plurality of fields to generate an asset management identification key. The techniques further include transmitting the asset management identification key to a blockchain and authenticating the device using the asset management identification key stored on the blockchain.

Abstract: An embodiment may involve a database including a table, wherein the table contains database records and a schema by which the database records are arranged. The embodiment may further involve one or more processors configured to: obtain a query that references the table and one or more elements of the schema; copy at least part of the table into a second table; transform, using a deterministic one-way function, the schema of the second table and the database records within the second table; transform, using the deterministic one-way function, the query into a second query; and write, to memory, at least part of the second table and the second query.

Abstract: Systems and methods for restricting access and visibility to sensitive personal data during ingestion and storing within a data repository are disclosed. In one embodiment, a process for determining whether to grant access to protected data includes defining risk thresholds for predetermined data access patterns of a data repository, monitoring new data access patterns to build a security data profile based on quantifiable characteristics as risk factors, receiving a second request for data from a client device at the data repository, determining if any access control policies applies to the second request generating a risk score for the second request for data based on the security data profile, determining whether to grant access to the second request for data based upon at least one applicable access control policy and the risk score, and providing the requested data in response to the second request for data when access is granted.

Abstract: A system for managing consumer research may include a processing server, a collaboration server, and a scheduling server. The processing server, the collaboration server, and/or the scheduling server may be instantiated on a cloud-based processing device. The system may include various databases, include a respondent database, a segment database, and/or a document database. The system may include virtual dashboards for a researcher conducting a research study, a virtual dashboard for a research subject participating in the research study, and/or a virtual dashboard for a customer that requests the research study.

Abstract: Example techniques involve playback of curated playlists based on media preferences. In an example implementation, a playback device receives data representing one or more instructions to play back a particular curated playlist of a streaming audio service and, in response, plays back audio tracks of the particular curated playlist. During playback, when a preference database includes a negative preference for a given audio track, the playback device skips that audio track.

Abstract: The disclosed embodiments include methods and systems for providing digital identification cards are disclosed. In one aspect, the disclosed embodiments may provide digital identification cards, such as proof of insurance cards, to mobile devices that are compliant with one or more standards set by identification-requiring organizations, such as a department of motor vehicles. Certain disclosed embodiments may update digital identification cards based on changes to user information or formatting information associated with one or more identification-requiring organizations.

Abstract: In accordance with embodiments, there are provided mechanisms and methods for creating, exporting, viewing and testing, and importing custom applications in a multitenant database environment. These mechanisms and methods can enable embodiments to provide a vehicle for sharing applications across organizational boundaries. The ability to share applications across organizational boundaries can enable tenants in a multi-tenant database system, for example, to easily and efficiently import and export, and thus share, applications with other tenants in the multi-tenant environment.

Abstract: The present disclosure provides a computer-implemented method for applying access rights to a database comprising a plurality of data units. The method may comprise receiving a request from a user to perform an operation directed to at least a subset of data objects stored in the database. Next, access rights associated with the user may be determined. The access rights may comprise an access permission to a subset of one or more of the data units that is implemented by performing a filter operation. The operation and the filter operation may then be performed concurrently to the at least subset of data objects to obtain a filtered data set.

Abstract: A method for securing a data storage device (DSD) against rogue behaviour by a host, the method executed by a controller of the DSD and comprising: determining a host type of the host; detecting one or more access activities performed by the host on the DSD; processing the one or more access activities to determine a security threat level of the host, wherein the security threat level is determined by weighting one or more corresponding access activity parameters by one or more impact weights; and in response to determining that the security threat level of the host is greater than or equal to a rogue host threat level, controlling the access activities performable by the host on the DSD to safeguard the DSD against the host, wherein the one or more impact weights are dynamically determined based on the host type.

Abstract: A system and methods are described for retrieving, displaying, and/or analyzing law firm analytic data in response to natural language queries. The system, at an interface or bot, receives queries as plaintext messages requesting information about or maintained by a law firm. The system generates intent scores for the message for each of multiple intents and determines an intent for the message based on a highest generated score exceeding a threshold. The system extracts entities from the message, applies an algorithm to the determined intent and extracted entities, and identifies a data source from which to retrieve information. The system then retrieves and displays information from the identified data source.

Abstract: A relational similarity determination engine receives as input a dataset including a set of entities and co-occurrence data that defines co-occurrence relations for pairs of the entities. The relational similarity determination engine also receives as input side information defining explicit relations between the entities. The relational similarity determination engine jointly models the co-occurrence relations and the explicit relations for the entities to compute a similarity metric for each different pair of entities within the dataset. Based on the computed similarity metrics, the relational similarity determination engine identifies a most similar replacement entity from the dataset for each of the entities within the dataset. For a select entity received as an input, the relational similarity determination engine outputs the identified most similar replacement entity.

Abstract: A system, method, and computer-readable medium for performing a data center monitoring and management operation. The data center monitoring and management operation includes: receiving data center data; identifying unprotected sensitive data center data contained within the data center data; classifying the sensitive data center data contained within the data center data according to a sensitivity based classification; and, remediating the sensitive data center asset data according to the sensitivity based classification of the sensitive data center data.

Abstract: An apparatus includes a processor operatively coupled to a memory. The processor receives a first set of risk assessment rules including first user privilege criteria and first device criteria. The first device criteria include a computing device patch level, a network type, and/or a password policy. The processor identifies a user-specific security risk based on the first set of risk assessment rules and applies a privilege mitigation measure based on the user-specific security risk without being in communication with a management server. The processor later receives a second, updated set of risk assessment rules at the computing device. Upon detecting another login of the user, the processor identifies an updated user-specific security risk based on the updated set of risk assessment rules, and applies a modified privilege mitigation measure based on the updated user-specific security risk, again without being in communication with the management server.

Abstract: This disclosure relates to method and system for identifying suspicious code contribution of a user to a source code repository. The method includes receiving a plurality of updated code files of a source code repository from a user through an event. The method further includes extracting a plurality of user action parameters from the event corresponding to each of the plurality of updated code files. The method further includes storing the plurality of updated code files and the plurality of user action parameters from the event corresponding to each of the plurality of updated code files in a database. The method further includes identifying at least one of the set of user actions as a suspicious code contribution of the user for at least one of the plurality of updated code files of the source code based on the plurality of user action parameters.

Abstract: A method for setting access rights to project data in an application by defining an area of authority for a user, includes: determining a plurality of fields of data for a project in the application; determining a topology of one or more fields, from among the determined plurality of fields, for which the area of authority is to be settable; setting an area of authority for a registered user of the application, based on a field of the determined topology; and preventing access by the registered user to data for which a value of the field does not comply with the set area of authority.

Abstract: User permissions for a search on content managed by a content management system (CMS) can be evaluated in a search engine based on a user identity of a user providing a query input for the query rather than after return of an initial results set to the CMS or some other front-end application. The search engine can constrain possible results returned from a search for the query input using a content index of a plurality of content items maintained in a repository of the content management system. The constraining can include limiting the search engine from adding a content item of the plurality of content items to a permissions-filtered results set unless the evaluating of the user permissions and the search for the query input against the content index do not exclude the content item. Other aspects can support index updating by selective use of a metadata index.

Abstract: Provided is a method of accessing a service by using authentication of an electronic device. An operation method of the electronic device includes: selecting a cloud server for storing data, based on first authentication information including an identifier of the electronic device and network addresses of a plurality of cloud servers; transmitting, to a service providing server, second authentication information including the identifier of the electronic device, a network address of the selected cloud server, and information about a service executed on the electronic device; and receiving, from the service providing server, information about a result of subscribing to the service determined based on the second authentication information.

Abstract: An information processing terminal, connected with an information processing device, to enable viewing data managed in a data management device with ease. The data management device includes: circuitry; and a memory storing executable instructions which, when executed by the circuitry, cause the circuitry to: communicably connect with an information processing terminal and an information processing device via a network; transmit access information to the information processing device, the transmitted access information being used to view data stored in the memory; receive an acquisition request from the information processing device, the received acquisition request being transmitted in response to a user operation performed on the access information in the information processing terminal connected to the information processing device, and being used to acquire the data; and transmit the acquired data to the information processing device based on the access information included in the acquisition request.

Abstract: A method for sharing and analyzing information to support execution of multi-party workflows in an electrification ecosystem. The method may include creating or updating shared data schema and data governance rules associated with data to be received from a plurality of parties, wherein the plurality of parties are stakeholders to the multi-party workflows, and the data is associated with a battery system; submitting the shared data schema and the data governance rules for approval to the plurality of parties; creating or updating decision logics associated with the data to be received; submitting the decision logics for approval to the plurality of parties; receiving the data from the plurality of parties; and applying the approved shared data schema, the approved data governance rules, and the approved decision logics to the multi-party workflows and the received data from the plurality of parties to perform automated decision optimization.

Abstract: When a communication is performed in a particular frequency channel included in a 6 GHz band, if a signal that is not according to the IEEE 802.11 series standard is detected in the 6 GHz band, control is performed such that a signal according to the IEEE 802.11 series standard is not allowed to be transmitted in the particular frequency channel.

Abstract: Provided are a server connected to a first terminal operated by an orderer, a second terminal operated by a recipient that accepts an order, and a third terminal operated by a third party. The server includes: a first receiver configured to receive, from the first terminal, an order content indicating a content of the order; a first creating unit configured to create a work order, based on the order content; a first viewing controller configured to display the work order on the second terminal; a second receiver configured to receive, from the second terminal, acknowledgement information indicating acceptance of the order; a second creating unit configured to create a written acknowledgement for the accepted order, based on the acknowledgement information; and a second viewing controller configured to display the written acknowledgement on the third terminal in such a manner that a part of the order content is invisible.

Abstract: A source table can be provided by a provider account in a data system. A secure view of the source table is provided to one or more consumer accounts, the secure view limiting access to a subset of data in the source table. A plan to execute a command using the secure view may be generated, the plan including a secure view boundary on a subset of operations defining the secure view. The plan may be modified to move a first operation that was outside the secure view boundary to within the secure view boundary to generate a second plan to optimize performance in view of limitations or restrictions placed by the secure view.

Abstract: Aspects of the subject disclosure may include, for example, authenticating a user device based on communication over a data plane of a network, generating a decryption key, transmitting the decryption key to the user device, and transmitting encrypted content to the user device. The encrypted content may be accessible at the user device via the encryption key, potentially as a function of location and/or time. Other embodiments are disclosed.

Abstract: A method for updating configuration settings of a backup database supported by a data management system is described. The method may include receiving, from a first user in a first user group, a request to update configuration settings of the backup database. The method may further include determining that the first user is authorized to update the configuration settings of the backup database based on a set of permissions associated with the first user. The method may further include identifying a second user in a second user group that is authorized to approve the request from the first user. The method may further include transmitting an indication of the request to the second user and receiving a notification that the second user has approved the request from the first user. The method may further include updating the configuration settings of the backup database in response to the notification.

Abstract: At least one of the embodiments described herein relate generally to a method of obtaining metadata for content stored in a first repository. The method may be performed at a second repository, and may include the acts of: identifying a content object stored in the first repository, the content object comprising learning content usable in an electronic educational system to provide electronic learning; identifying metadata for the content object stored in the first repository, the metadata associated with the learning content of the content object; retrieving the metadata associated with the learning content from the first repository; and storing a harvested content object corresponding to the content object, wherein the harvested content object includes the metadata associated with the learning content of the content object stored in the first repository.

Abstract: The present disclosure provides a bill of material conversion method, an electronic apparatus and a non-transitory computer-readable storage medium. A bill of material conversion method, including steps S1 to S4: Step S1: obtaining an unprocessed first node in a first bill of material; Step S2: according to a preset correspondence, creating a second node corresponding to a second bill of material according to the obtained first node, and storing the created second node into a list; Step S3: determining whether the first node currently obtained is a last first node of the first bill of material; in response to the first node currently obtained not the last first node of the first bill of material, repeatedly performing steps S1 through S3; in response to the first node currently obtained being the last first node, performing step S4: converting respective second nodes in the list into the second bill of material.

Abstract: According to examples, an apparatus may include a processor and a memory on which is stored instructions that may cause the processor to determine that information has been inputted into an object, the object including a child object nested within the object. The instructions may also cause the processor to generate a child-object hash value based on contents of the child object, generate a hash value for the object based on contents of the object, the contents of the object including the child-object hash value, and determine whether the generated hash value differs from a stored hash value, the stored hash value corresponding to contents of the object without the inputted information. The instructions may also cause the processor to, based on a determination that the generated hash value differs from the stored hash value, save the object including the child object nested within the object.

Abstract: A system and method to filter potentially unwanted traffic from trackers, third-party cookies, malicious websites or other sources and present the aggregated results of said filtering to the VPN user. One of the embodiments enables a VPN user to opt-in or opt-out from the filtering activities while being able to access the aggregated information about filtering. In another embodiment, the user can choose to customize the filtering parameters to add or remove specific targets from the filtering policies.

Abstract: Methods and apparatus are provided for configuring a plurality of User Equipments (UEs) to communicate with a base station. In one example, a method includes determining, for each UE, a respective bandwidth based on an indication of channel quality between the UE and the base station, and configuring at least a subset of the plurality of UEs to communicate with the base station based on the respective bandwidths.

Abstract: A computing device generates and displays a data visualization in a data visualization user interface. The data visualization includes a plurality of visual data marks representing data from a data source. The computing device detects a first user input to select a visual data mark of the plurality of visual data marks. In response to detecting the first user input, the computing device identifies a first aggregated data value, for the visual data mark, corresponding to a first data field in the data source. The computing device retrieves a first disaggregated set of data rows corresponding to the first aggregated data value, from a first table, in the data source, containing the first data field. The computing device displays, in the data visualization user interface, a plurality of data rows from the first disaggregated set of data rows.

Abstract: The present disclosure provides a method for changing an uplink grant, a method for sending information, and a communications apparatus. The method for changing an uplink grant includes: in a case that a logical channel satisfies a change trigger event, changing an uplink grant usable by the logical channel.

Abstract: An example operation may include one or more of encrypting a private key with an encryption key, generating a plurality of keys based on the encryption key and converting the plurality of keys into a plurality of key shares based on a secret input value, storing the encrypted private key on a blockchain, and distributing the plurality of key shares to a plurality of blockchain peers of the blockchain, where the distributing comprises transmitting a different key share from among the plurality of key shares to each blockchain peer among the plurality of blockchain peers.

Abstract: The invention relates to method and system for providing security and access control in a network model. The method includes generating a network model including process entities. Each of the process entities is represented by a corresponding node on a node-based User-Interface. Each of nodes corresponding to the entities is configured to be linked with at least one of remaining nodes of the nodes in the node-based User-Interface, via an interconnection network link. The method further includes receiving one or more attributes associated with each of the nodes; and creating an access control policy for a target node of the nodes. Accessing the target node includes at least one of view the attributes associated with the target node; modifying the attributes associated with the target node; or modifying an interconnection network link between the target node and another node of the nodes.

Abstract: A system and method for execution context processing with addressable universal data location that can address, process, and standardize data contained in different types of memory structures is presented. The present disclosure provides for an addressable data locator system called an Execution Context Property Path (XPP) that can access a ‘property’ within a ‘Property Collection,’ a ‘property’ within a graph of nested ‘Property Collections,’ or a ‘property’ within an array of ‘Property Collections.’ An execution context is a dynamic system that can change the processing logic and data requirements of functions at runtime by passing a ‘function’ a reference to an ‘execution context’ object and have the function retrieve the data items it needs through the ‘execution context’ object. For example, when new ‘input data’ is received on a listener, the listener can spawn a new thread and an ‘execution context’ object to manage the processing of the ‘input data.

Abstract: Examples of the present disclosure describe systems and methods for enterprise search that leverage periodically updated user context of an enterprise user for intent understanding and treat a search session as a dialog between the user and a digital assistant to allow multi-modal interaction. For example, a query input by the user may be received from a client application having search functionality and an integrated assistant. A current state of the user context may be leveraged to understand the query. Based on the understanding, one or more responsive entities may be retrieved from an enterprise search index as results. Based on the results, a response may be generated that includes the results and a prompt to cause the user to further refine the query and/or provide feedback. The response may be provided to the client application for output as part of a search session dialog between the user and assistant.

Abstract: System, device, and method of controlling a Ceiling Fan via multi-path wireless communication. A method includes: constructing in an electronic device of a user, a control message indicating a user command intended to be performed by a Home Automation Device (HAD) of the user; wherein the constructing includes inserting into the control message a unique Message-Identifier. The method then transmits the control message, from the electronic device of the user to the HAD, concurrently via at least two different wireless communications channels which include at least: (i) a first wireless communication channel that includes passage of traffic through the Internet, and (ii) a second wireless communication channel in which no traffic passes through the Internet.

Abstract: Systems and methods for centralized meta-data management across platforms may include storing meta-data associated with one or more entitlements or roles of software platforms in a centralized hub, wherein each user is assigned a user account assigned to at least one or more entitlements or roles, identifying at least one user as a manager of the at least one or more entitlements or roles of a first user assigned as an owner of the at least one or more entitlements or roles, receiving a request from the manager to transfer at least a selected portion of the at least one or more entitlements or roles of the first user to one or more other users of the plurality of users, transferring the selected portion, and assigning the one or more other users as the one or more owners of the selected portion.

Abstract: The embodiments set forth a technique for enabling a computing device to securely configure a peripheral computing device. According to some embodiments, the method can include the steps of (1) approving a request received from the peripheral computing device to engage in a setup procedure for the peripheral computing device, (2) receiving, from the peripheral computing device: (i) an audio signal that encodes a password and timing information, and (ii) a light signal. Additionally, the method can involve, in response to identifying that the timing information correlates with the light signal: (3) extracting the password from the audio signal, and (4) establishing a communication link with the peripheral computing device based on the password. In turn, the method can involve (5) providing configuration information to the peripheral computing device over the communication link.

Abstract: A server device is provided for protecting personal information. The server device includes a transceiver configured for operable communication with at least one client over a communication network, and a processor including a memory configured to store computer-executable instructions. When executed by the processor, the instructions cause the server device to store a database including one or more fields of personally identifiable information (PII), generate a query for the database to request access a first field of the one or more fields of PII, wherein the query includes a use for the requested field of PII, query the database to determine if the use for the requested field of PII is valid, and when the use for the request field of PII is valid, provide access to the requested field of PII data.

Abstract: An information processing system comprises processing circuitry configured to render a virtual space; render each mobile medium associated with each user, each mobile medium being able to move within the virtual space; associate designated movement authority information to a first mobile medium, the first mobile medium being associated with a first user based on a first input from the first user; switch the designated movement authority information from association with the first mobile medium to association with a second mobile medium, the second mobile medium being associated with a second user different from the first user and based on a second input from the first user; and judge, based on the designated movement authority information, whether to allow one mobile medium to move toward a designated position within the virtual space.

Abstract: A system for computer security of a remote device having a processor includes a way to determine an operating mode of the remote device and a way to validate a resource (e.g., program, script, web address). When an attempt is made to access a resource, the operating mode of the remote device is determined and when the operating mode of the remote device is a corporate operating mode, then the resource is evaluated using a corporate protection file. Otherwise, when the operating mode of the remote device is determined to be a personal operating mode, then the resource is evaluated using a personal protection file. When the resource validation determines that the resource is approved, access to the resource is provided; otherwise, access to the resource is prevented.

Abstract: A method for transmitting software artifacts from a source network to a target network is disclosed. Each target and source network is assigned to a proxy system comprising a plug-in. The transmission is monitored on the target network side. A target network-internal information structure is provided containing entries, each of which characterizes a software artifact that can be downloaded when authorization is granted by an operator of the target network by the plug-in. The entries are read from the target network-internal information structure. Requests from the target network relating to the availability of new software artifacts are received on behalf of the source network. For each request, at least one entry which matches the request is searched in the target network-internal information structure. Based on the at least one matching entry being present in the target network-internal information structure, either the software artifact is retrieved or the request is blocked.

Abstract: This disclosure enables various computing technologies for selectively controlling access to descriptive contents within productivity documents. As such, these forms of access control may be technologically useful in work environments involving sensitive information (e.g., classified information, confidential information, private information) by providing granular compartmentalization of the sensitive information within the productivity documents. For example, when the work environments employ collaborative productivity computing environments (e.g., Microsoft Office 365, Microsoft Teams, Google Workspace) to access (e.g., read, edit) the sensitive information, then these forms of access control may provide the granular compartmentalization of the sensitive information within the collaborative productivity computing environments, whether for an individual productivity application or across a suite of productivity applications, while still enabling real-time user collaboration.

Abstract: Using container-centric managed access, an administrator is enabled to define a set of future grants for each object that will be created in the future in a container managed by the administrator. When a user creates a database object, the system checks the future grants to determine if any apply to the user, the database object, or the combination. Any applicable future grants are applied to the database object before the user is allowed to modify it. As a result, the administrator is enabled to control the privileges associated with the database object even before the database object is created, while restricting individual object owners from managing privileges on their owned objects.

Abstract: A server can receive a request to subscribe to a data tenancy in an extended region. The server can determine a size of stored data records associated with the data tenancy in a home region to be replicated in the extended region. Based in part on the size of the stored data records, the server can open a new communication channel dedicated to replicating the stored data records from the first server in the home region to the second server in the extended region. The server can pull the stored data records from the first server in the home region, store the pulled data records on the second sever in the extended region. The server can receive updated data records over an established communication channel between the first server in the home region and the second server in the extended region and store the updated data records on the second server.

Abstract: Techniques are disclosed relating to the distribution of database key permissions. A database system may distribute first permission information to a plurality of database nodes that identifies a distribution of key range permissions to ones of the plurality of database nodes. A given key range permission being distributed to a given database node may permit that database node to write records whose keys fall within a key range associated with the given key range permission. The database system may receive, from a first database node, a request for a first key range permission provisioned to a second database node. The database system may modify the first permission information to derive second permission information that provisions the first key range permission to the first database node instead of the second database node. The database system may distribute the second permission information to ones of the plurality of database nodes.

Abstract: A novel architecture for a data sharing system (DSS) is disclosed and seeks to ensure the privacy and security of users' personal information. In this type of network, a user's personally identifiable information is stored and transmitted in an encrypted form, with few exceptions. The only key with which that encrypted data can be decrypted, and thus viewed, remains in the sole possession of the user and the user's friends/contacts within the system. This arrangement ensures that a user's personally identifiable information cannot be examined by anyone other than the user or his friends/contacts. This arrangement also makes it more difficult for the web site or service hosting the DSS to exploit its users' personally identifiable information. Such a system facilitates the encryption, storage, exchange and decryption of personal, confidential and/or proprietary data.

Abstract: A player profile management system collects player data from various systems and generates and manages player profiles. A snapshot pipeline of the player profile management system generates a snapshot player profile associated with a player. The player profile management system receives, after generating the snapshot player profile associated with the player, player data associated with the player. An update pipeline of the player profile management system generates, based on the snapshot player profile and the player data associated with the player, an update player profile associated with the player.

Abstract: Case management systems and techniques are disclosed. In various embodiments, for each of a plurality of case nodes comprising a case model a trait definition comprising a corresponding set of traits associated with that case node is received. The respective trait definitions are used to bind each set of traits to the case node with which the set of traits is associated in case instances created based on the case model.