Abstract: Disclosed herein is a system that includes an order processing subsystem and a delivery processing subsystem comprising at least one database and one or more processors. The one or more processors of the delivery processing subsystem is configured to receive a request for a user to access the delivery processing subsystem and a scanning device, authenticate the user by verifying the request with user credentials stored in the at least one database, provide the user with access to the delivery processing subsystem and the scanning device, receive scanned data from the scanning device, retrieve package data regarding a package for an inmate based on the scanned data from the scanning device, and generate, based on the package data, a route in the correctional facility for delivery of the package to the inmate in the correctional facility, wherein the route does not include an identity of the inmate.

Abstract: Systems and methods are disclosed for obfuscating entry of sensitive data at a mobile device, which may be infected with a rogue application configured to steal the sensitive data. One method comprises detecting a prompt for a user to enter sensitive data at a mobile device, and activating one or more of an audio speaker and a vibration motor of the mobile device. The activation of the one or more of the audio speaker and the vibration motor is terminated in response detection conclusion of the user's entry of sensitive data the mobile device.

Abstract: Cloud services are provided by a distributed network including a number of geographically distributed datacenters, to client devices in accordance with data sovereignty requirements. A server within the distributed network may receive a service request and determine whether it complies with the data sovereignty requirements of the client. When the geographic location of the server does not comply with the client's data sovereignty requirements, the server may determine and transmit back to the client device a set of alternative datacenters within the distributed network that comply with the client's data sovereignty requirements. The client device may use network probes to select an alternative datacenter, and the cloud service request of the client device may be migrated from the server to the selected datacenter.

Abstract: The present disclosure discloses a method for measuring energy of natural gas based on Internet of Things (IOT). The method may be performed by a management platform, comprising: in response to a query request received by a user platform, obtaining a natural gas detection parameter detected by a sense control platform via a sense network platform; determining natural gas metering data by processing the natural gas detection parameter; and transmitting the natural gas metering data to the user platform via a service platform.

Abstract: Disclosed herein are systems and method for protecting core files in a content management system (CMS). In one aspect, a method includes detecting execution of a script on a computing device. In response to determining that the script is located in the core folder and is not included in an exclude list that includes paths of scripts and files that are marked as not malicious, the method includes blocking the execution of the script. If the script is not in the core folder, the method includes determining whether the script will upload, to the core folder, a file that is not in the exclude list. In response to determining that the script will upload the file to the core folder, the method includes blocking write functions in the script during the execution.

Abstract: A system may include a first processing component arranged in a secure domain of the system. The system may include a second processing component arranged outside of the secure domain of the system. The system may include one or more hardware accelerators to perform operations in association with providing communication security for the system. The one or more hardware accelerators may be accessible by the first processing component via a channel in the secure domain. The one or more hardware accelerators may be accessible by at least the second processing component via a channel outside of the secure domain.

Abstract: Disclosed are various embodiments for generating relevant notifications of content generated by third party data sources. In some embodiments, a system comprises a computing device and machine readable instructions. The computing device includes a processor and a memory. The machine-readable instructions can be stored in the memory that, when executed by the processor, cause the computing device to receive content from a third party data source based at least in part on a keyword topic. An embedding for the content is generated. The system can classify a portion of the content as associated with the keyword topic. Organizations can be identified from the portions of the content. The system can generate a list from the organizations identified in the content and transmit a notification to a client device regarding the content.

Abstract: A communication system (100) comprises a thin-client mobile terminal (MT) having a device identity (MT_ID), a thin-client service terminal (ST), and a remote system server resource (SS). The thin-client mobile terminal (MT) is configured for receiving (101) from the service terminal (ST) a short-range wireless communication signal (BA) representing an identification request (ID_REQ), and in response communicating (102) with the remote server resource (SS) by long-range broadband data communication to report the identification request (ID_REQ) as well as the device identity (MT_ID) of the mobile terminal (MT).

Abstract: A computer server includes processor and memory hardware. The processor hardware executes instructions including parsing a hypertext transfer protocol (HTTP) request from a first user agent to identify a first data object matching a set of characteristics and generating a new data element based on the HTTP request. The instructions include, in response to the first data object being present: extracting a first set of serialized data elements and serializing them with the new data element to generate a second data object. The instructions include, in response to the first data object being absent and a user associated with the first user agent being identifiable: determining a second set of serialized data elements based on an identity of the user, and serializing them with the new data element to generate the second data object. The instructions include transmitting an HTTP response including the second data object.

Abstract: A system for interactive video content includes one or more interactive engagement platform servers communicatively couplable to a plurality of user devices configured to display one or more video programs received from video provider servers. In another embodiment, the one or more interactive engagement platform servers are configured to: receive at least one of an event ID or metadata associated with the at least one video program stream of the one or more video program streams; retrieve one or more data payloads including supplemental content related to the event ID or metadata associated with the at least one video program stream from at least one of a third-party content provider or a third-party service provider; and generate one or more control signals configured to cause the plurality of user devices to display an interactive content overlay configured to display information associated with the one or more retrieved data payloads.

Abstract: Methods, computer program products, and computer systems for the classification of unstructured data items are disclosed. Such methods, computer program products, and computer systems include ingesting an item into a classification engine, performing term processing on one or more terms of the item, and processing a relational similarity index. The classification engine is implemented in the computer system. The relational similarity index represents a similarity of the item to a reference item, and the relational similarity index is determined using the one or more terms.

Abstract: In an embodiment, a point of sale (POS) device is provided. The POS device includes a memory and at least one processor. The processor is configured to perform an authorized set of functions established by an external management module. The authorized set of functions include purchase transaction processing of inventory identified as available to the POS device by the external management module.

Abstract: Systems and methods are disclosed herein for enabling multiple users' digital rights to be applied as needed to access media while those users are present to consume media. In particular, a media guidance application may receive a selection of a media asset and determine that the user equipment device does not allow access to the media asset. In response, the media guidance application may identify all the users consuming content from that user equipment device and retrieve digital rights for each user. The media guidance application may compare the digital rights of each user with digital rights required to access the media asset. The media guidance application may, based on the comparison, identify a set of digital rights (e.g., for another user present) that enable access to the media asset, and use those digital rights to access the media asset for consumption.

Abstract: A digital asset is represented and verified as a set of related digital asset or other content objects. Related metadata is stored on an immutable distributed ledger separately from the content objects themselves. For example, a transaction object includes metadata such as identifiers for two or more content objects, fingerprints for the content objects. The content objects may be stored in a local or cloud object repository. Validation of a later identified content object may include determining a fingerprint for the later identified content object, mapping that fingerprint to an address within the immutable distributed ledger to retrieve metadata previously mapped, and comparing the two fingerprints. Visual validation may be provided when the first and second fingerprints match, such as by displaying a positive icon adjacent the later identified object.

Abstract: Various embodiments relate generally to data science and data analysis, computer software and systems, to provide a platform to facilitate updating compatible distributed data files, among other things, and, more specifically, to a computing and data platform that implements logic to facilitate correlation of event data via analysis of electronic messages, including executable instructions and content, etc., via a cross-stream data processor application configured to, for example, update or modify one or more compatible distributed data files automatically.

Abstract: A method and apparatus for secure transfer and playback of multimedia content enables the secure transfer of multimedia content from a digital video recorder (DVR) to a personal computer (PC) and further to a handheld device. A DVR determines which devices on a Local Area Network (LAN) are authorized to share and/or retrieve content from the DVR. The DVR receives a connection request from a PC on the LAN, authorizes the connection request and establishes a secure connection between the DVR and the PC. Once the secure connection is established, the DVR receives a request for multimedia content from the PC, prepares the multimedia content for transfer and transfers the multimedia content to the PC.

Abstract: An audio/video (AV) receiver is adapted to be dynamically reconfigured in a selected one of an encrypted content support mode and an unencrypted content support mode. The AV receiver includes a controller configured to dynamically alter one or more encryption settings based at least in part on user input provided to a mode toggle mechanism. The one or more altered encryption settings are effective to facilitate presentation of unencrypted content within a received media stream on a display while selectively preventing presentation of encrypted content included in the received media stream on the display.

Abstract: Systems and methods are provided for a content aggregation system for intelligent searching of indexed content based on extracted security identifiers. An example method includes obtaining content items from content providers based on authorization information associated with one or more users. Collectors are configured to transform content items into articles representing a normalized form associated with a content item. The method includes obtaining a plurality of articles and storing them in one or more databases. The method includes assigning security identifiers to the articles. A security identifier represents an abstraction of a discrete access right or permission associated with user access to an article. The method includes generating respective indexing messages for execution. The indexing messages are included in a queue and each indexing message includes a reference to an article.

Abstract: An example operation may include one or more of receiving from a user node, by a blockchain processor node, a document access request containing a document ID, acquiring, by the blockchain processor node, from a blockchain ledger an encrypted URL of the document and a source hash of the document based on the document ID, verifying, by the blockchain processor node, a document received from a document owner's node storage based on a decrypted URL of the document and, in response to the verification, transmitting the document received from the document owner's node storage to the user node.

Abstract: Embedding functionality of a communication platform into a third-party application is described. The communication platform can receive, from the third-party application, a request to connect to the communication platform, wherein the third-party application and the communication platform are associated with a user account. In response to receiving the request, causing an embedded user interface associated with the communication platform to be presented via a user interface of the third-party application. In an example, data input in the embedded user interface can be presented via a group-based communication user interface of the communication platform.

Abstract: A mobile terminal is adapted for mobile payment through payment in accordance with transaction data from the customer to a merchant via a payment service provider, and is adapted for a clearing of the payment between bank servers. The terminal is characterized in that a) in the secure runtime environment access data are stored for an authentication between the payment trust application and the payment service provider; and b) the agent is further adapted b1) upon an authentication between the payment trust application and the payment service provider, to transmit access data, or authentication data generated employing access data, between the secure runtime environment and the payment service provider, and b2) to accept from the payment trust application a transaction instruction for a payment in accordance with the transaction data and to send it to the payment service provider. A corresponding mobile payment method for a terminal is likewise specified.

Abstract: A coordinating network element manages a protocol that prohibits the coordinating network element from substantively accessing data content that, at least in part, underlies received protocol-compliant requests. By one approach, these teachings provide for preventing substantive access to data information that is included within the protocol-compliant request in tokenized form, wherein the tokens are generated using secrets, at least one of which is unavailable to the coordinating network element.

Abstract: A mechanism is provided for using triggered stimuli to enhance contextual information regarding detected risk events in a networked system. Embodiments monitor a system to identify risk-associated behavior, and upon detecting such behavior, can provide stimulus to a user associated with the risk-associated behavior to determine additional context behind the behavior, thereby initiating a two-way communication to acquire more information. If user response to the stimulus indicates a high risk associated with the behavior, then the system can trigger security measures to restrict the behavior. Some embodiments provide stimuli that are directly related to the nature of the risk-associated behavior, in order to better contextualize the behavior. In some embodiments, the stimuli are only applied if the risk-associated behavior presents a measure of risk above a predetermined threshold.

Abstract: A system can determine a set of users to access an asset of a computing device. User data for a user in the set of users is obtained. The user data can specify organizational information for the user. The system can determine a value usable to regulate access to the asset. The value can be based on the organizational information for the user, and the value can be further based on other user data attributed to another user in the set of users. Based on the determined value, the system can regulate access to the asset.

Abstract: A computer-implemented method for reencrypting data. A key management service receives a web service application programming interface or other request to reencrypt data from a first key to a second key, where the first key and the second key are managed by the key management service on behalf of a user of the service. The key management service response to the request by performing the associated operations and providing a response with the reencrypted data.

Abstract: An asset storage server is provided herein that assigns related files to an asset name and assigns permissions to the asset name such that related files with unrelated names can be assigned permissions independent of the file naming convention and without requiring a user to individually set the permissions of each file. The asset storage server may also generate modified versions of original file names and index a distributed object store based on the modified versions such that related files with related names are not listed in the same partition of the distributed object store. Indexing the distributed object store based on the modified versions of the original file names may reduce data retrieval latency.

Abstract: This application discloses a configuration update method for an LED display screen, a receiver card, an LED display module, and an LED display screen. The method includes: (S201) when it is detected that a receiver card is powered on, reading storage identity authentication data of the receiver card, and verifying whether the receiver card has been replaced; (S202) when it is determined that the receiver card has been replaced, outputting a configuration parameter stored in a memory to the receiver card, to update a configuration parameter of the receiver card; (S203) when it is detected that an LED display module is powered on, reading display identity authentication data of the LED display module, and verifying whether the LED display module has been replaced; and (S204) when it is determined that the LED display module has been replaced, outputting correction data of the LED display module to the receiver card.

Abstract: An authentication system for granting access to an account associated with a user. An authenticator of the authentication system including a processor and a memory, the authenticator configured to: receive a request for authentication that identifies the user; access an authentication account associated with the user, wherein the authentication account indicates a smart device associated with the user; activate a control parameter of the smart device, wherein the control parameter may cause an effect in a media sample from the smart device; receive the media sample from the smart device and determine if the effect corresponding to the control parameter is observed in the media sample; and in response to a determination that the effect is not observed in the media sample, indicate that the request for authentication is a fraudulent request.

Abstract: A method for execution by a computing device of a storage network includes obtaining storage performance information for a set of storage units of the storage network, where data segments are dispersed storage error encoded into pluralities of sets of encoded data slices in accordance with error encoding parameters that include a pillar width number and a decode threshold number, which is a number of encoded data slices the set of encode data slices is required to reconstruct a data segment of data segments. The method further includes determining, based on the storage performance information and the error encoding parameters, a performance threshold number for a write request to store a set of encoded data slices of the pluralities of sets of encoded data slices in the set of storage units, where the performance threshold number is greater than the decode threshold number and less than the pillar width number.

Abstract: A display control method includes: determining, by a computer, a link between an operation target object to be displayed on a display and a terminal that is to output the operation target object; and when detecting specific operations of outputting the operation target object from a plurality of terminals within a certain period of time after detecting a predetermined display operation for displaying the operation target object on the display, providing a guide giving a prompt to perform the specific operation again.

Abstract: A method of managing access to protected file content is disclosed. The method includes: receiving a request to open a first file stored on the computing device; determining that the first file is a protected file; in response to determining that the first file is a protected file: identifying a first application that is suitable for opening the first file; determining that the first application is an unsecured application; and in response to determining that the first application is an unsecured application, locking the first application to prevent unauthorized access of application data of the first application in a locked state.

Abstract: In one implementation, a method for providing security on an externally connected controller includes launching, by the controller, a security layer that includes a whitelist of permitted processes on the controller, the whitelist including (i) signatures for processes that are authorized to be executed and (ii) context information identifying permitted controller contexts within which the processes are authorized to be executed; determining, by the security layer, whether the particular process is permitted to be run on the controller based on a comparison of the determined signature with a verified signature for the particular process from the whitelist; identifying, by the security layer, a current context for the controller; determining, by the security layer, whether the particular process is permitted to be run on the controller based on a comparison of the current context with one or more permitted controller contexts for the particular process from the whitelist.

Abstract: Disclosed is a 5th generation (5G) or a pre-5G communication system provided to support a higher data transmission rate than that of post-4th generation (4G) communication systems, such as long term evolution (LTE). A method of operating a network node in a wireless communication system is provided. The method includes receiving, from a plurality of first network nodes, network data, generating first recommendation operation information for a second network node based on the network data, and transmitting, to the second network node, a first analysis result message including the first recommendation operation information.

Abstract: A processor of a remote crypto cluster (RCC) may receive a public key from a client device through at least one network. The processor of the RCC may obtain an encrypted specific key and a blinded project key from at least one data source through the at least one network. The processor of the RCC may derive a derived key in blind based on the encrypted specific key and the blinded project key. The processor of the RCC may send the derived key in blind to the client device.

Abstract: An anomaly detection device for detecting anomaly in frames flowing through an in-vehicle network system includes: an obtainer that obtains one or more frames; a first holder holding a first rule defining a rule indicating that when a frame satisfies a first condition based on a source or a destination, the frame is to be transferred; a first frame controller that transfers the one or more frames in accordance with the first rule; a second holder holding a second rule defining a rule indicating that a frame satisfying a second condition is to be determined as being anomalous; and a second frame controller that performs, in accordance with the second rule, an anomaly detection process on each of the one or more frames transferred by the first frame controller. When an anomalous frame is detected, the second frame controller provides or stores a detection result.

Abstract: This disclosure is directed to embodiments of systems and methods for containerizing files and managing policy data applied to the resulting containers. In some of the disclosed embodiments, a computing system determines that a file stored in storage medium is to be included in a container to be sent to at least one computing component associated with a device including a user interface. The computing system determines that the file is of a particular type and also determines code that can be used to access files of the particular type. The computing system combines the file and the code into the container such that container is configured to be executed by the at least one computing component so as to cause content of the file to be presented by the user interface. The computing system then sends the container to the at least one computing component.

Abstract: An abnormality detection apparatus for a mobility entity and for detecting an abnormality in a network system is provided. The network system includes a first network and a second network that use different communication protocols. A first communication circuit receives state information indicating a state of the mobility entity. The state information is acquired from the second network. A second communication circuit transmits and receives a first frame according to a communication protocol used in the first network. A memory stores an abnormality detection rule. A processor detects, based on the state information and the abnormality detection rule, whether a control command included in the first frame received by the second communication circuit is abnormal. In a case where the control command is abnormal, the processor prohibits the control command from being transmitted.

Abstract: Disclosed are various approaches for remotely deploying provisioned packages. An installer for an application is stored in a cache location of the client device. A hash of the installer is then written to a registry of the client device. The installer is then executed to install the application on the client device. Then, the client device is registered with a management service. Subsequently, a registration confirmation is received from the management service. The hash of the installer is then confirmed and the installed application is identified to the management service as a managed application installed on the client device.

Abstract: A computer server includes processor and memory hardware. The processor hardware executes instructions including parsing a hypertext transfer protocol (HTTP) request from a first user agent to identify a first data object matching a set of characteristics and generating a new data element based on the HTTP request. The instructions include, in response to the first data object being present: extracting a first set of serialized data elements and serializing them with the new data element to generate a second data object. The instructions include, in response to the first data object being absent and a user associated with the first user agent being identifiable: determining a second set of serialized data elements based on an identity of the user, and serializing them with the new data element to generate the second data object. The instructions include transmitting an HTTP response including the second data object.

Abstract: Systems and methods for selectively sharing of portion of unstructured data containers/documents based on security attributes or policies used to encrypt/decrypt data within the unstructured data containers using standard encryption schemes are provided herein. In some embodiments, a system includes a key generation authority to generate encryption keys based on a selected cryptographic security scheme and one or more security attributes or security policies; an encryption service to selectively encrypt one or more data subgroups using the one or more public keys and based on one or more security attributes or security policies assigned to the one or more data subgroups with the unstructured data containers; and a decryption service to decrypt the one or more data subgroups within unstructured data containers using the one or more secret keys and the one or more public keys.

Abstract: This disclosure relates to systems, methods, and computer-readable media for identifying an asset privacy management trigger on an end-user device related to a third-party application. In response to identifying the asset privacy management trigger, a privacy selection interface to enable a user to select a limited asset access option is displayed. In response to the limited asset access option being selected, an asset selection interface is displayed, where the asset selection interface is configured to define a sub-set of assets of the end-user device as authorized for the third-party application based on user selection. In response to a subsequent request to access assets of the end-user device by the third-party application, the third-party application is able to access only the defined sub-set of assets. For different third-party applications or scenarios, the asset privacy management triggers and asset sub-set definitions may vary.

Abstract: A computer system conditionally processes a template document to produce one or more finished documents. Annotations in the template document are identified, each annotation indicating an instruction name and a portion of the template document to which the annotation is applied. The template document is processed using one or more structured data feeds that indicate, for each annotation, instructions for transforming the portion of the template document associated with the annotation, wherein the instructions are indicated by the instruction name of the annotation. Finished documents are generated by executing the instructions to transform the template document into each finished document, wherein transforming includes: replacing data in the template document, adding data to the template document, and removing data from the template document.

Abstract: Systems and methods for securely storing data for efficient access by cloud-based computing instances is provided. In one or more examples, a computing hub can receive one or more access requests to data stored within a persistent data storage computing resources that in connected to the computing hub. The computing hub can be configured to determine if the access request is from an authorized computing resource, and can then generate one or more tokens that provide access to the computing resource. The one or more tokens can include information regarding the IP address of the requesting cloud-based computing resource, and each time that the cloud-based computing resource uses the token to request access to the stored data, the computing hub can check the IP address of the computing resource against the IP address indicated on the token to decide whether or not to grant access to the data.

Abstract: The systems and methods enforcing communications semantics on a private network, comprising: establishing a secure and encrypted private network with a whitelist of two or more profiles using alias and digital keys; associating each profile with equal access and control irrespective of its associated computing device capability; embedding communication information at source or destination in secure endpoint object; embedding communication information in transit in a secure conversation object wherein each conservation object has one or more message objects with one or more attributes comprising of source address, destination address, time sent, or time received; enforcing one or more of distribution parameters or life cycle parameters for the communication information.

Abstract: The disclosed computer-implemented method for providing web tracking transparency to protect user data privacy may include (i) receiving a browser request for target websites during a browsing session, (ii) identifying a tracking type for website trackers utilized by the target websites, the tracking type including a direct tracking type or a tracking sharing type, (iii) extracting an information category for the target websites, (iv) detecting text patterns shared between the target websites in a common information category, (v) determining information collected about a user by the website trackers by combining the tracking type for the website trackers, the information category for the target websites, and the detected text patterns, and (v) performing a security action that protects against unsolicited website tracking in future browsing sessions by providing the information collected by the website trackers to the user. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: One embodiment provides a computer implemented method of data compression including segmenting user data into data segments; deduplicating the data segments to form deduped data segments; compressing the deduped data segments into compression units using a hardware accelerator; packing the compression units into compression regions; and packing the compression regions into one or more containers.

Abstract: Methods and systems for safeguarding against malware such as ransomware are described. In part, the disclosure relates to systems and methods for restoring user data and other data encrypted by malware or otherwise rendered inaccessible thereby. In one embodiment, the disclosure relates to a method of safeguarding user data. The method includes monitoring a plurality of processes executing on a computing device; detecting when a first process of the plurality of processes attempts to modify one or more parameters of a user data file; determining if first process is a trusted process or an untrusted process using one or more heuristics; and if the first process is determined to be an untrusted process, create a backup version of the user data file, wherein the backup version of the user data file is created with regard to an unchanged version the user data file.

Abstract: A method, system and computer-usable medium for routing data loss prevention (DLP) events across different network levels. A determination is made as to a number of DLP networks. The classification and data as to a DLP network is determined. Certain data is processed, including an entity risk level and certain data is held, such as certificates. The held data is processed by a computing platform. Processed entity risk levels are returned to the DLP networks. When all networks are processed, processed and held data are sent to the computing platform.

Abstract: An example of a non-transitory computer-readable medium storing machine-readable instructions. The instructions may cause a controller to receive an image and detect an object in the image. Based on a contextual setting of the electronic device, overlay data may be retrieved from a database or a remote electronic device to be visually associated with the object on a display.

Abstract: The invention described herein is directed to a secure text messaging and object sharing mobile application that provides encryption, digital rights management (DRM) of the text and of the attachments, the capability of sending SMS, RCS, MIMS, IM or blockchain communications, the capability of attaching documents, photos and so forth, the capability of interfacing with a user's contacts application, and that operates in both Android and iOS environments. The secure text messaging and object sharing mobile application connects to DRM cloud service, and also connects to second secure text messaging and object sharing mobile app thru a P2P network that provides SMS, RCS, MMS, IM, and/or Blockchain communications. The invention also includes systems and methods related to the same.