Abstract: Systems, apparatuses, and methods are described for parental controls based on the location of a wireless computing device. Wireless access points may be located in different locations, e.g., in different rooms of a home. The location of the wireless computing device may be determined based on comparing measured signal strengths to baseline signal strengths associated with the location. Information related to an access level associated with the location may be determined. The access level may, for example, permit access to content in a first location, but prevent access to the content in a second location. Content may be provided to the wireless computing device based on the access level associated with the location.

Abstract: The present disclosure relates to system(s) and method(s) for generating an Omni-channel support platform. The method comprises integrating a multi-channel support system with a blockchain framework. Further, the method comprises generating an Omni-channel support platform based on the integration. The Omni-channel support platform comprises an Omni-channel support block for a user from a set of users. The Omni-channel support block comprises a support ledger and a support smart contract for the user. The Omni-channel support block further comprises capturing transaction data associated with the user from the multiple support channels. Further, the Omni-channel support block comprises recommending one or more resolutions to each user upon based on a support request.

Abstract: An authentication system comprises a browser extension and a password manager application. The browser extension can be configured for execution on a first user device. The browser extension can be configured to display a response code and receive a login credential from a server. The response code can comprise a unique session identifier identifying the browser extension and a user browsing session. The password manager application can be configured for execution on a second user device. The second user device can have a scanner configured to scan the response code. The password manager application can be configured to extract the unique session identifier, parse the unique session identifier into session identifier content, send a portion of the session identifier content to the server, receive an approval from a user of the second user device, and send a notification to the server.

Abstract: Systems and methods for location-based assignment of client device data are disclosed. A system can maintain data records associated with a player profile. The system can receive a request to access the player profile from a client device and determine location data of the client device. If the location data satisfies a first category, the system can filter the data records based on a data record type to generate a subset of data records and generate a first aggregate data record value based on a data record value of the subset of data records. If the location data satisfies a second location category, the system can generate a second aggregate data record value based on the data record value of each the data records. The system can provide, for display at the client device, an interface indicating the first aggregate data record value or the second aggregate data record value.

Abstract: A client application sends DNS requests to a threat protection service when a mobile device operating the client application is operating off-network. The application is configured to detect network conditions and automatically configure an appropriate system-wide DNS resolution setting. Preferably, DNS requests from the client identify the customer and the device to threat protection (TP) service resolvers without introducing a publicly-visible customer or device identifier to the DNS requests or responses. The TP system then applies the correct policy to DNS requests coming from off-network clients. In particular, the resolver recognizes the customer for requests coming for off net clients and apply the customer's policy to such request. The resolver is configured to log the customer and the device associated with requests from the TP off-net client. Request logs from the TP resolver are provided to a cloud security intelligence platform for threat intelligence analytics and customer visible reporting.

Abstract: A method and apparatus for modifying a user interface. The method comprises receiving user interface data at a client from a first server, receiving modification computer program code at said client, and executing said modification computer program code at said client to modify said user interface data to generate modified user interface data. The modification computer program code can be received from said first server or from a further server.

Abstract: A system and methods are provided for aggregating communication connections. Multiple users connect to a system (e.g., a web-based system) that hosts an application or service for exchanging communications. Users who exchange communications among themselves may be considered “associates.” When one user who is on-line with the application sends a communication through the system for an associate, the system determines whether the associate is on-line or off-line. If the associate is off-line, the system crafts and sends toward the associate a notification regarding the communication, including an address of the communication server to which the one user is connected. When the associate's device receives the notification, the application may attempt to connect to the specified address. In this way associated users' connections will aggregate or gravitate toward the same communication server, thereby eliminating the latency and cost of exchanging users' communications between multiple communication servers.

Abstract: An authentication method and system for mutual authentication between a first entity and a third entity via a second entity, based on an authentication protocol used by the first entity and the third entity. The second entity forwards mutual authentication messages between the first entity and the third entity. An apparatus is configured to perform an authentication method for a mutual authentication between a first entity and a third entity via a second entity, based on an authentication protocol used by the first entity and the third entity, the second entity forwards mutual authentication messages between the first entity and the third entity.

Abstract: A system providing remote content is provided. The system include a content server including at least one processor in communication with at least one memory device and a token server including at least one processor in communication with at least one memory device. The content server is programmed to a) store a plurality of content, each divided into a plurality of portions; b) receive a request from a client device for a first content of the plurality of content; and c) transmit the first content to the client device. The token server is programmed to: a) receive a request from the client device for an active token associated with the first content; b) retrieve the active token; and c) provide the active token to the client device, wherein the active token indicates an active portion of the plurality of portions of the first content.

Abstract: A multi-instance, multi-user animation platform includes a plurality of modeled parallel dimensions in a computer memory. Each of the parallel dimensions may be an independent model of a physical, three-dimensional space having corresponding features such that the parallel dimensions are recognizable as counterparts to each other. Avatars are located within corresponding ones of the parallel dimensions so as to prevent over-population of any one of the parallel dimensions by avatars. Avatars are animated within different ones of the parallel dimensions using input from respective users to provide virtual-reality data. A common space is modeled in the computer memory configured in relation to the plurality of parallel instances so that an object located inside the common space is visible from viewpoints located inside each of the plurality of parallel instances. Remote clients may output an animated display of a corresponding one of the parallel dimensions and avatars therein.

Abstract: A technology for the optimized capturing of resource file content for resources referred in recorded user interaction sequences is disclosed. Individual resource files are typically referred in multiple recorded resources, therefore it is desired to capture those resources only once and reuse them for all recorded session capturing them. As user interaction sequences are executed and captured in independently operating web-browsers, a direct coordination between recording web-browsers to avoid multiple captures of the same resource is not possible. Data about the global resource capturing and demand situation is generated on a monitoring server that receives all session recording data and transferred to session recording browsers in form of lists identifying resources that are referred in sessions but are still unresolved and should therefore be captured, and for resources that should not captured, because they are already available and capturing them again should be avoided.

Abstract: A system is described. The system includes a processing resource and a non-transitory computer-readable medium, coupled to the processing resource, having stored therein instructions that when executed by the processing resource cause the processing resource to receive a plurality of quality of service (QoS) parameters and client preferences from a client device and manage a QoS policy based on a plurality of QoS objectives included in the received QoS parameters, wherein the plurality of QoS objectives comprise input output operations per second (IOPS), throughput and latency.

Abstract: Aspects of the subject disclosure may include, for example, obtaining, by a processing system including a processor, network data associated with a communication network; generating, by the processing system, Quality of Service (QoS) information by applying machine learning to the network data; and providing, by the processing system, the QoS information to a Policy Control Function (PCF) that selects or generates a first UE Route Selection Policy (URSP) rule according to the QoS information and provides the first URSP to an end user device, where the first URSP rule is implemented to provide a communication service to the end user device utilizing an application via the communication network. Other embodiments are disclosed.

Abstract: The present disclosure relates to streaming individual application windows and/or other desktop elements of a remote desktop. Data used to represent irrelevant desktop areas may be replaced with lower entropy data that may be highly compressed in a video stream and/or with data representative of other visual content. The video stream may also include desktop metadata (e.g., locations for desktop visuals, etc.) used to render the desktop elements on the local desktop. The desktop visuals of an application window may be rendered in a proxy window on the local desktop.

Abstract: A fabric control protocol (FCP) is a data transmission protocol that enables spraying of individual packets for a given packet flow across a data center from an ingress interface of the source data processing unit (DPU) across a plurality of parallel data paths of a logical tunnel in the network fabric to the egress interface of the destination DPU. The FCP has congestion control mechanisms used to determine a degree of congestion at the egress interface of the destination DPU and to modify a send window size at the source DPU based on the degree of congestion. Reliable FCP (rFCP) extensions provide reliability enhancements and improved failure resilience within the data center. The rFCP extensions provide an unsolicited mode for low latency operation with enhanced reliability mechanisms. The rFCP extensions provide failure resilience mechanisms to identify and avoid failed paths among multiple parallel data paths within the logical tunnel.

Abstract: Some embodiments provide a method for providing access in a scalable manner to resources in a first datacenter to clients operating in one or more public clouds. The method of some embodiments implements with multiple machines a public-cloud proxy to connect clients in the public cloud(s) to a reverse proxy in the first datacenter.

Abstract: An assignment of demands to routes on a communication network can be improved by selecting and updating a subset of the routes. A network management system (or other communication network component) can obtain a representation of the communication network. The representation can include a network graph, sets of resources, and a set of paths for the network graph. The network management system can update the set of paths by selecting a path subset and updating the paths of the path subset. The updating can satisfy a total change condition and a network improvement condition. The updating can be limited to unused edge and resource combinations or edge and resource combinations used by paths in the path subset. The network management system can configure the communications network to satisfy the demand using routes corresponding to the updated set of paths.

Abstract: A modular system of medical article containers is used to form enclosures of selectable storage space. The containers are each RF shielded and include an interconnect wall for connecting to another container to form the enclosure. The interconnect walls have a complementary design. The interconnect seam of two containers includes an electrically conductive component that also interconnects the RF shields of the two containers together. The interconnect seam also includes a tortuous path seal for greater RF shielding of the enclosure. The walls of the containers include a substrate of non-electrically conductive material for weight reduction and an electrically conductive element that is coextensive with the substrate. One embodiment is a plastic substrate with a metallic mesh. The enclosure provides a Faraday cage about the interconnected containers. Enclosures of differing heights and sizes can be made, and they may be stacked or otherwise assembled.

Abstract: An electronic device of a first domain, which is a blockchain-based public key infrastructure (PKI) domain, includes: an interface configured to receive, from a first entity belonging to a second domain which is a certification authority (CA)-based PKI domain, a first certificate of the first entity and a second certificate of a second entity, wherein the second entity is an upper node of the first entity and is a node of a blockchain; a memory configured to store the first certificate and the second certificate; and a processor configured to look up a transaction corresponding to the second entity at a distributed ledger of the first domain based on an identifier of the second entity, verify the second certificate based on the transaction, and verify the first certificate based on the second certificate.

Abstract: The subject technology sends a first statement to an execution node for executing the first statement on first storage using micro-partitions. The subject technology sends a second statement to the execution node for executing the second statement on linearizable storage. The subject technology sends a request to prepare a commit of a cross domain transaction associated with the first statement and the second statement. The subject technology generates a new version of a set of tables that were modified by the cross domain transaction and updating first metadata in a metadata database to indicate the new version. The subject technology finalizes the commit of the cross domain transaction and updates second metadata that the cross domain transaction has been committed.

Abstract: Systems and methods for privacy-preserving cross-domain tracking comprise, for each request received at an authentication server from a device associated with a user: obtaining, at the authentication server, a parent identifier, wherein the parent identifier is a pseudonymous identifier which is unique for the user; obtaining, at the authentication server, a child identifier, wherein the child identifier is associated with a software agent of the user and a domain associated with said each request; and linking, at the authentication server, the parent identifier and the child identifier thereby anonymously tracking the software agent of the user across one or more domains associated with said each request.

Abstract: Systems, methods, articles of manufacture, and computer-readable media. A server may receive a phone call and generate a uniform resource locator (URL) comprising a session identifier for an account. The server may transmit the URL to a client device. The server may receive, from a web browser, a request comprising the URL. The server may determine that the session identifier in the URL of the request matches the session identifier for the account, and transmit, to the web browser, a web page at the URL. The server may receive, from the web browser, a cryptogram read by the web page via a card reader of the client device and decrypt the cryptogram. The server may authenticate the identity of the caller for the call based on decrypting the cryptogram and the session identifier of the URL matching the session identifier of the account.

Abstract: Techniques are disclosed for securing traffic flowing across multi-tenant virtualized infrastructures using group key-based encryption. In one embodiment, an encryption module of a virtual machine (VM) host intercepts layer 2 (L2) frames sent via a virtual NIC (vNIC). The encryption module determines whether the vNIC is connected to a “secure wire,” and invokes an API exposed by a key management module to encrypt the frames using a group key associated with the secure wire, if any. Encryption may be performed for all frames from the vNIC, or according to a policy. In one embodiment, the encryption module may be located at a layer farthest from the vNIC, and encryption may be transparent to both the VM and a virtual switch. Unauthorized network entities which lack the group key cannot decipher the data of encrypted frames, even if they gain access to such frames.

Abstract: The present invention relates to a method for asynchronously storing massive data generated during high speed video measurement, the method including the following steps: step (1), constructing a high speed video measurement hardware model; and step (2) realizing asynchronous I/O real-time storage in a high speed solid state disk on the basis of Windows core programming. Compared with the prior art, the present invention solves the problems of incompleteness or frame drop during real-time storage of massive data, and realizes real-time and lossless storage of massive high speed data.

Abstract: A noisy neighbor in a cloud multitenant system can present resource governance issues. Usage quotas can be applied, and traffic can be throttled to mitigate the problem. Network traffic can be monitored from routers of a software defined data center (SDDC) configured to process network traffic for machines of different tenants. By default, the network traffic from the routers can be processed via a first edge router for the SDDC. A second edge router can be deployed for the SDDC in response to the network traffic from a particular router exceeding a threshold. Network traffic from the particular router can be processed via the second edge router while the remaining traffic can continue to be processed via the first edge router.

Abstract: A method for identifying devices on a network, comprising: determining, by a discovery application, a prioritized discovery plan including a plurality of tiers of requests, each of the tiers specifying one or more probes for targeting specific types of devices. For each of the tiers in the prioritized discovery plan: the method further comprises causing, by the discovery application, one or more of the probes specified for the tier to transmit targeted requests to a set of active addresses on the network. Upon receiving responses from at least a subset of the one or more addresses, the method comprises identifying, by the discovery application, one or more devices connected to the network based on the responses to the targeted requests. The method further comprises removing, by the discovery application, addresses corresponding to the identified one or more devices from the set of active addresses on the network.

Abstract: A method includes determining that an application is a consumer of one or more records of an event streaming platform. In response to the application being a consumer of the one or more records, a schema that is associated with the one or more records of the event streaming platform can be determined. The schema can define the data structure of each of the one or more records. The method further includes generating a class that structurally conforms to the schema. During runtime, the object that is instantiated from the class may be used by the application to consume the one or more records.

Abstract: A method includes generating a first lock requests, each for transmission to a storage unit, where each first lock request indicates a first encoded data slice. First ballots are received, each of the first ballots corresponds to a storage unit, each of the first ballots indicates a first ranking of first requesting entities that includes the DST processing unit. First election result data is generated based on the first ballots. The first election result data indicates a first winner. When the first winner is the DST processing unit, slice access requests are generated in response to the first election result data indicating that the first winner is the DST processing unit, each for transmission to one of the storage units, where each of the slice access requests indicates the first encoded data slice.

Abstract: A system designed for increasing network communication speed for users, while lowering network congestion for content owners and ISPs. The system employs network elements including an acceleration server, clients, agents, and peers, where communication requests generated by applications are intercepted by the client on the same machine. The IP address of the server in the communication request is transmitted to the acceleration server, which provides a list of agents to use for this IP address. The communication request is sent to the agents. One or more of the agents respond with a list of peers that have previously seen some or all of the content which is the response to this request (after checking whether this data is still valid).

Abstract: A method includes transmitting, by a first interface card in a trusted domain, data. A second interface card in an untrusted domain receives the data. The second interface card stores the data to a first memory location in the untrusted domain, and verifies integrity of the data. The second interface card writes a result of the verifying in a second memory location in the untrusted domain. The first interface card in the trusted domain retrieves the result of the verifying from the second memory location in the untrusted domain. The first interface card in the trusted domain determines if the data in the transmitting was received by the second interface card based on the result.

Abstract: A method for transmitting data includes generating a plurality of first data frames based on the same type of data content, wherein the plurality of first data frames have the same traffic identifier (TID), and the plurality of first data frames having the same TID have the same access media priority in a plurality of transmission links; and transmitting the plurality of first data frames having the same TID using the plurality of transmission links. An apparatus for performing the method may include a terminal in a wireless communication network.

Abstract: A network arrangement and method for using the same are described. In one embodiment, the network arrangement comprises: a plurality of access points that are part of one or more existing networks and communicate with each other to form a local area network (LAN) to transfer data between two or more of the plurality of access points using point-to-point links independent of their function in the one or more first existing networks, wherein each access point of the plurality of access points is associated with a cache to store content that may be forwarded to other access points in the plurality of access points, where at least one of the access points is responsive to a request from an application being run on a client device to provide the content stored in one or more caches of access points in the LAN to the client device, the content being sent by the at least one access point through a wireless connection.

Abstract: A computer-implemented method may include: receiving, from at least one camera, image data associated with a first user at a public access user computing device; detecting, based on the received image data, by employing a machine learning model trained using a dataset of actions collected from a plurality of previous users, that the first user has moved away from the public access user computing device; automatically encrypting, based upon the detection, a user session associated with the first user, wherein the encrypted user session is configured to be subsequently activated by the first user; and initiating a new generic user session on the public access user computing device for a second user.

Abstract: Systems and methods are disclosed for protecting consumer privacy in an online advertising environment. A request may be received from a browser for a webpage along with a unique browser identifier. The browser may be provided a first portion of the webpage that is locally available. The unique browser identifier may be provided to at least one advertising entity, wherein the advertising entity determines an advertisement based, at least in part, on the unique browser identifier. The advertisement may be received from the advertising entity, and provided to the browser as a second portion of the webpage.

Abstract: Embodiments of the present disclosure provide an application control method and an apparatus, a terminal, and a computer-readable storage medium. The application control method includes: configure a temporary unfreezing rule for an application currently frozen in response to freezing a running application; temporarily unfreeze a frozen application in response to monitoring that the frozen application currently meets the temporary unfreezing rule corresponding to the frozen application; and re-freeze a temporarily unfrozen application in response to monitoring that the temporarily unfrozen application currently meets a re-freezing rule corresponding to the temporarily unfrozen application.

Abstract: The forwarding node includes a first processor, a first memory, and a network adapter. The network adapter includes a second processor, a second memory, and a transceiver. The transceiver includes a first port and a second port. The transceiver is configured to receive a broadcast packet through the first port. The second processor is configured to store a first entry in the second memory. The transceiver is configured to send the broadcast packet through the second port. The transceiver is configured to receive a response packet of the broadcast packet through the second port. The second processor is configured to query the first entry based on first address information to determine the first port. The transceiver is configured to send the response packet through the first port. The second processor is configured to store a second entry in the second memory.

Abstract: A decentralized security system and associated methods are implemented by a distributed set of security controllers that independently detect threats and implement attack protections for endpoints based on cumulative threat states that are synchronized across the distributed set of security controllers in a decentralized manner. A particular security controller receives different states associated with different hashed identifiers from the other security controllers, and also receives a request from a client that is directed to a particular endpoint. The particular security controller generates a hashed value from hashing an identifier from the request that identifies the particular endpoint, updates a first state based on the first hashed value matching a hashed identifier that is associated with the first state, and implements a protective action in response to an updated value generated from updating the first state violating a security rule.

Abstract: A computer system is described. This computer system may implement a controller for multiple different types of computer network devices (CNDs), such as: an access point, a switch, a router, and a dataplane. Moreover, the computer system may have a common framework for program modules (with sets of program instructions) associated with the different types of CNDs. Furthermore, configuration and management of a given type of CND using the program modules may be specified by metadata associated with the given type of CND. Additionally, the common framework may include a unified protocol layer for the program modules, and one or more of the program modules may be modified or configured via the unified protocol layer using a common communication Alternatively or additionally, the computer system may communicate with the different types of CNDs via the unified protocol layer using a second common communication protocol.

Abstract: The present invention is a highly available system comprising a system to send a plurality of bootstrap requests, at least one cloud proxy fit to receive the plurality of bootstrap requests, wherein each instance of the at least one cloud proxy is coupled with an adapter, and at least one host fit to communicate with one of the at least one cloud proxy.

Abstract: A process that includes receiving a peer-to-peer connection initiation signal to establish a peer-to-peer connection with a second client computing device. The process further includes determining that a peer-to-peer connection condition is not satisfied such that the first client computing device is unavailable to establish the peer-to-peer connection with the second client computing device and storing the peer-to-peer connection initiation signal in a signal cache associated with the first client computing device.

Abstract: In an approach to facilitate contactless remote shopping assistance, a computer-implemented method includes one or more processors configured for receiving first order data from a user device corresponding to an order of items to be retrieved from a parking lot of a retail entity proximate to a retail entity location, transmitting the first order data to the retail entity, and assigning the order to a mobility device stationed at the retail entity. The method further includes transmitting order retrieval instructions to the mobility device causing the mobility device to navigate the retail to secure the items, receiving an indication that the mobility device secured the items, and transmitting order delivery instructions to the mobility device. The method further includes receiving a second indication that the mobility device transported the items to the parking lot and placed the items in a vehicle associated with a user of the user device.

Abstract: To generate data for populating/updating accounting databases based on digitized accounting source documents, access to an entity database comprising identifiers of entities associated with an accounting database and to a digital template library comprising processing templates for processing digitized accounting source documents is provided. Each entity in the entity database is associated with one processing template.

Abstract: Aspects related to application based routing of data packets is described. In an example, a method for enabling application based routing of data packets includes retrieving, by a client device, a prioritized list of client application parameters to process data packets from at least one client application. The prioritized list is generated based on application support capabilities of the client device. The method includes transmitting client parameters to a network server to create at least one multi-path proxy (MPP) instance. Each MPP instance of the at least one MPP instance is configured to aggregate and route data packets to a pre-defined core network link. The method further includes receiving identification information pertaining to the at least one MPP instance from the network server. Based on the identification information, the prioritized list is assigned to the at least one MPP instance to process data packets from at least one client application.

Abstract: A system and method for completing a sale of digital shares representing an interest in an asset in an exchange, wherein the exchange comprising a transfer agent, includes registering, by the transfer agent, a user on an exchange; presenting to the user, by the transfer agent an interface allowing the user to select an interest in an asset to sell; communicating, by the transfer agent, with a broker dealer to transmit a sell contract to the user; pairing, by the transfer agent, a buyer with the user to sell the interest in the asset to the buyer; and executing, by the transfer agent, a sale of digital shares representing the interest in the asset.

Abstract: Aspects of the present disclosure involve a system comprising a computer-readable storage medium storing at least one program, method, and user interface to facilitate augmented reality based communication between multiple users over a network. Input data is received from a first device that is indicative of a selection by a first user of virtual content item to apply to a real-world environment that is visible to a second user via a second device. The virtual content item may comprise one or more media objects. Based on receiving the input data, the second device is caused to present the one or more media objects overlaid on the real-world environment that is visible to the second user via the second device.

Abstract: A communication apparatus for connecting to the Internet without using an input/output apparatus is provided. The communication apparatus includes: a first connecting unit configured to connect to a first device; an acquiring unit configured to acquire, via the first device, setup information for connecting to a second device that operates as a router; and a second connecting unit configured to connect to the second device based on the setup information. A code sequence is generated using a code generator that is in common with the first device from an initial value that is shared with the first device. In addition, network identification information extracted from a signal received from the first device is searched for in the code sequence, and network authentication information is segmented from a predetermined offset position using a matching location as a reference.

Abstract: A method for facilitating session data persistence and management is disclosed. The method includes receiving a first indication from an application, the first indication relating to an initiation of a first session; compiling session data from the application, the session data relating to a state of the application; receiving a termination indication from the application, the termination indication relating to a termination of the first session; persisting, in a session cache, the session data based on the termination indication; receiving a second indication from the application, the second indication relating to an initiation of a second session; identifying the corresponding session data in the session cache by using the second indication; and automatically injecting the identified session data into the application.

Abstract: A computing system may detect that a service, which receives a plurality of task requests associated with clients or profiles, is under duress based on performance information associated with the service. The computing system, responsive to detecting that the service is under duress, may successively, until the service is detected to not be under duress, select a profile based on a respective volume of requests associated with the profile, apply a task request limit to the profile, and detect whether the service is still under duress.

Abstract: A computer-implemented method, computer program product and computing system for receiving a plurality of detection events concerning a plurality of security events occurring on a security-relevant subsystem within a computing platform; identifying two or more associated detection events included within the plurality of detection events; and grouping the two or more associated detection events to define a security incident.

Abstract: An auto scale monitoring service performs load balancing on a cloud firewall with minimized traffic disruption using eager and lazy load balancing protocols. The auto scale monitoring service operates through an orchestrator that initializes a new firewall and sends forwarding instructions to the new firewall for rerouting excess traffic. The auto scale monitoring service additionally operates through a software-defined wide area network controller that sends routing instructions to a local branch of network devices to reroute to the new firewall from an overloaded current firewall. The eager protocol immediately tears down a tunneling session from the local branch to the current firewall and the lazy protocols gradually tears down this tunneling session. Both protocols properly inform firewalls how to forward ongoing traffic in each case and establish updated traffic flow through a tunneling session from the local branch to the new firewall.