US Pat. No. 10,367,923

METHOD FOR PROCESSING A DATA PACKET

Robert Bosch GmbH, Stutt...

1. Method for processing at least one data packet comprising a first header, a second header, which has a higher complexity than the first header, and a payload, comprising:transmitting the first header of the data packet in a first transmission mode having a reduced energy requirement necessary for ascertaining a receiver address,
transmitting the second header and the payload of the data packet in a second transmission mode,
processing the first header by a first analog mode, and
processing the second header and the payload by a second, digital mode,
wherein a number of processing steps for performing the second digital mode is greater than a number of processing steps for performing the first analog mode, wherein the two modes are executed separately from one another.

US Pat. No. 10,367,922

METHOD AND APPARATUS FOR SENDING TRANSMISSION CONTROL PROTOCOL TCP DATA PACKET AND SYSTEM

Huawei Technologies Co., ...

1. A method for sending a Transmission Control Protocol (TCP) data packet, wherein the method comprises:obtaining a first round-trip time of sending a TCP data packet in a network;
determining a second round-trip time, wherein the second round-trip time is a round-trip time that exists when a congestion window that is determined according to a first algorithm and a congestion window that is determined according to a second algorithm have an equal size, wherein in the first algorithm an increase step size of the congestion window is determined according to the first round-trip time, in the second algorithm an increase step size of the congestion window is determined according to the first round-trip time and a target throughput, and the target throughput is a throughput expected to be obtained for a service corresponding to the TCP data packet;
using the congestion window determined according to the first algorithm as a first congestion window when the first round-trip time is longer than the second round-trip time;
using the congestion window determined according to the second algorithm as the first congestion window when the first round-trip time is shorter than or equal to the second round-trip time; and
sending the TCP data packet by using the first congestion window.

US Pat. No. 10,367,921

TRANSMISSION APPARATUS, TRANSMISSION METHOD, RECEPTION APPARATUS, AND RECEPTION METHOD

SONY CORPORATION, Tokyo ...

1. A transmission apparatus comprising:circuitry configured to
create a transmission packet, the transmission packet including
a header, the header including type information and length information, the type information indicating whether an Internet Protocol (IP) header and a User Datagram Protocol (UDP) header are compressed, the length information indicating a length of the transmission packet to transmit an IP packet including a UDP packet, and
a generic payload, the generic payload including a destination index and a payload in the UDP packet, the destination index being corresponding to a destination IP address of the IP packet and a destination port number of the UDP packet based on an index table stored in the transmission apparatus; and
transmit the transmission packet.

US Pat. No. 10,367,920

MECHANISM FOR DETERMINING WHETHER TO REDIRECT A REQUEST ORIGINALLY DESTINED FOR A SERVER BASED ON A UNIFORM RESOURCE LOCATOR

Oracle International Corp...

1. A processor-readable storage device including a memory, and instructions executable by one or more digital processors a client device, the processor-readable storage device including one or more instructions for a method comprising:monitoring, performed by the one or more processors of the client device, one or more request messages from a web application component, wherein the one or more request messages are destined for a server in communication with the client device;
accessing, performed by the one or more processors, an indicator in a first request message of the one or more request messages, wherein the indicator is encoded in a uniform resource locator (URL) of the first request message to determine if a first request is for a native behavior that provides client-side platform specifications implemented by the client device that has client-side resources;
determining, performed by the one or more processors, from the indicator in the first request message that the first request message is for Hanna first action that can be performed by a client-side resource of the client device, wherein the determining further comprises determining that the first request message represents the first request to access the native behavior;
in response to the determining, implementing, performed by the one or more processors, the first action by using the client-side resource of the client device without transmitting the first request from the client device to the server that the first request was originally destined for;
intercepting, performed by one or more processors of the client device, a second request message with a second request specifying a second action;
determining, performed by one or more processors, that the second action cannot be performed by any of the client-side resources of the client device;
transmitting the second request specifying the second action from a client request interceptor of the client device to the server, wherein the transmitting of the second request further comprises transmitting the second request specifying the second action to the server instead of encoding the URL and instead of implementing the second action with one of the client-side resources of the client device;
in response to the server performing the second action, receiving, performed by one or more processors, a response from the server, wherein the receiving further comprises receiving the response at the client request interceptor; and
forwarding the response from the client request interceptor to a native application component of the client device.

US Pat. No. 10,367,919

METHODS AND SYSTEMS FOR EFFICIENT DISTRIBUTION OF VIRTUAL REALITY MEDIA CONTENT

Verizon Patent and Licens...

1. A method comprising:displaying, by a media player device on a display screen, a field of view of an immersive virtual reality world;
receiving, by the media player device over a network from a server remote from the media player device, data representative of a plurality of uniform resource locators (“URLs”) that each correspond to a different content file included in a plurality of content files managed by the server, wherein
each content file in the plurality of content files comprises data representative of a plurality of partially overlapping content sectors that together form a 360-degree image of the immersive virtual reality world, the plurality of partially overlapping content sectors included within each content file including a first content sector and a second content sector,
the plurality of content files managed by the server includes respective content files associated with each particular content sector, the particular content sector with which a respective content file is associated being encoded in a high resolution within the respective content file while a remainder of the immersive virtual reality world not included in the particular content sector is encoded in a low resolution lower than the high resolution, and
the content sectors in the plurality of partially overlapping content sectors are dynamic content sectors that move along with an event occurring within the immersive virtual reality world such that the first content sector persistently depicts a dynamic portion of the immersive virtual reality world to which it is anticipated that a user of the media player device is likely to direct the field of view as the dynamic portion moves within the immersive virtual reality world;
receiving, by the media player device over the network from the server and while the field of view is displayed on the display screen of the media player device, a stream of a first content file that is included in the plurality of content files and is associated with the first content sector such that the first content sector is encoded in the high resolution and the second content sector is encoded in the low resolution;
rendering, by the media player device within the field of view while the stream of the first content file is being received by the media player device and based on the data included in the first content file, content included in the first content sector in the high resolution;
detecting, by the media player device, user input provided by the user of the media player device and representative of a request to shift additional content included in the second content sector but not included in the first content sector into the field of view in place of the content included in the first content sector; and
in response to the user input
transmitting, by the media player device, a command to the server to switch from streaming the first content file to streaming a second content file that is included in the plurality of content files and is associated with the second content sector such that the second content sector is encoded in the high resolution and the first content sector is encoded in the low resolution, the transmitting comprising selecting, from the plurality of URLs, a particular URL corresponding to the second content file,
rendering, by the media player device within the field view before the media player device begins receiving a stream of the second content file from the server over the network and based on the data included in the first content file, the additional content included in the second content sector in the low resolution,
receiving, by the media player device subsequent to transmitting the command to the server, the stream of the second content file from the server over the network in place of receiving the stream of the first content file from the server over the network, and
switching, by the media player device in response to the receiving of the stream of the second content file, from rendering the additional content included in the second content sector in the low resolution based on the first content file to rendering the additional content included in the second content sector in the high resolution based on the second content file.

US Pat. No. 10,367,917

METHOD AND APPARATUS FOR DYNAMICALLY LOCATING RESOURCES

Apple Inc., Cupertino, C...

1. A method comprising:identifying, by a processor of a client device, a remote location from a plurality of locations from which to obtain a resource, the identifying based on preference criteria and dynamically changing conditions, and wherein the preference criteria include configuration information including an address of the remote location for the resource stored on the client device;
transparently obtaining a later version of the resource from the identified location, wherein an earlier version of the resource, which was previously installed, is available for use at the client device even when the client device is disconnected from a network;
updating the configuration information based upon the obtained later version; and
updating the earlier version of the resource with the later version of the resource for use by a user of the client device, wherein the updating of the earlier version includes installing the later version of the resource on the client device.

US Pat. No. 10,367,914

ATTACHING SERVICE LEVEL AGREEMENTS TO APPLICATION CONTAINERS AND ENABLING SERVICE ASSURANCE

CISCO TECHNOLOGY, INC., ...

1. A computer implemented method comprising: providing a template for orchestration of a cloud provided service in a datacenter, the template including selectable:virtual processing services, virtual networking services, storage services, and service level requirements for the cloud provided service, the datacenter including a plurality of segmented sections of the datacenter;
determining a provisioning queue placement for the cloud provided service based on at least the service level requirements; and
automatically provisioning the cloud provided service in at least one of the plurality of segmented sections based on the template, the provisioning including insertion of a request in a queue based on the provisioning queue placement, wherein if the insertion of the request causes displacement of another request, then the another request is shifted backwards in the queue to a next placement following the request, and
wherein the selectable service level requirements at least one of: include a time to provision the cloud provided service, and the provisioning queue placement is based on available computing resources to provision the cloud provided service, an existing queue of tasks requiring computing resources, and a priority level associated with the tasks in the existing queue or
include an uptime requirement and a tolerance for unavailability of the cloud provided service, andthe provisioning of the cloud provided service includes two or more data centers and is based on the uptime requirement and the tolerance for unavailability.

US Pat. No. 10,367,911

METHODS AND SYSTEMS FOR SMART RESOURCE ALLOCATION BASED ON WORK LOCATION PREDICTIONS

UNITED SERVICES AUTOMOBIL...

1. A computerized method comprising:creating, by a processor associated with an enterprise scheduling system, a user profile associated with a user, the user profile including information relating to one or more devices associated with the user and at least one work location, wherein the work location is a physical location where the user performs work associated with an organization;
receiving, from the one or more devices associated with the user, data sufficient to determine a location of the one or more devices;
analyzing, by the processor, the data to determine a predicted work location of the user, wherein analyzing the data comprises:
determining the location of the one or more devices, and
comparing the location of the one or more devices with previously documented work locations;
optimizing, by the processor associated with an enterprise scheduling system, resources based on the predicted work location of the user and predicted work locations of other users,
wherein optimizing the resources includes adjusting at least one of staffing or parking; and
in response to determining that one or more of the resources are insufficient, sending a recommendation to the user to work at an alternative work location.

US Pat. No. 10,367,909

METHOD, DEVICE, AND SYSTEM FOR DISPLAYING INFORMATION ASSOCIATED WITH A WEB PAGE

Alibaba Group Holding Lim...

1. A method, comprises:receiving a web page access request;
in response to receiving the web page access request, obtaining a first web page from a first server;
displaying the first web page and obtaining designated information associated with the first web page, wherein the designated information comprises content associated with the first web page;
receiving an instruction to navigate to a second web page;
in response to receiving the instruction to navigate to the second web page, communicating the designated information to a second server associated with the second web page, wherein the designated information comprises: behavioral characteristic information associated with a user, information associated with a designated location within the first web page, or both;
receiving information associated with the second web page from the second server; and
displaying the second web page.

US Pat. No. 10,367,908

EXTENDING CACHING NETWORK FUNCTIONALITY TO AN EXISTING STREAMING MEDIA SERVER

Level 3 Communications, L...

5. An interface device, in a system for content delivery comprising a streaming media server, a caching server, and one or more storage devices accessible to the caching server, wherein the storage device stores streaming content, the interface device comprising:at least once processor;
memory, operatively connected to the at least one processor and containing instructions that, when executed by the at least one processor, cause the interface device to:
initiate retrieval, by the caching server, of at least one electronic streaming resource from the one or more storage devices in response to an end user's request for the at least one electronic streaming resource received by the streaming media server;
receive an instruction from the streaming media server that includes a first electronic resource locator of the at least one electronic streaming resource;
convert the first electronic resource locator into a second electronic resource locator, wherein the first electronic resource locator is in a streaming format and wherein the second electronic resource locator is in a different format; and
use the second electronic resource locator to initiate retrieval, by the caching server, of the at least one electronic streaming resource.

US Pat. No. 10,367,907

CONTENT DELIVERY NETWORK ARCHITECTURE WITH EDGE PROXY

Level 3 Communications, L...

1. A content delivery network comprising:a proxy cache device configured to receive a request for a resource from a user device, wherein the resource request is transmitted from the user device to the proxy cache device via a first network; and
a plurality of edge servers in communication with the proxy cache device via a second network, each of the plurality of edge servers configured to retrieve a copy of the resource in response to receiving the resource request;
wherein the proxy cache device is further configured to:
calculate a hash value based at least on the resource request;
select an edge server from the plurality of edge servers based at least on the calculated hash value;
transmit the resource request to the selected edge server; and
in response, receive a copy of the requested resource from the selected edge server via the second network.

US Pat. No. 10,367,906

METHOD AND APPARATUS FOR SECURE CONTENT DELIVERY FROM A TELECOMMUNICATION NETWORK CACHE

Telefonaktiebolaget LM Er...

1. A method of providing content over a secure connection to a subscriber device of a telecommunication network comprising:receiving a secure connection request from the subscriber device, said secure connection request being received at a first communication interface of a network data center that is internal to the telecommunication network and being directed to an external network address associated with an external content provider that is external to the telecommunication network;
determining whether or not the external content provider is registered for secure-content caching in the network data center; and
responsive to determining that the external content provider is registered:
establishing a secure session between the network data center and the subscriber device, including establishing a session key for encrypting communications over the secure session;
determining whether the content targeted by the secure connection request is available from a content cache of the network data center;
responsive to determining that the content targeted by the secure connection request is available from the content cache, delivering the content targeted by the secure connection request from the content cache to the subscriber device using the secure session; and
responsive to determining that the content targeted by the secure connection request is not available from the content cache:
initiating a takeover of the secure session by the external content provider by forwarding session information towards the external content provider via a second communication interface of the network data center, said session information including the session key, a network address of the subscriber device, and identification of the content targeted by the secure connection request; and
instructing the telecommunication network to forward all subsequent session messages from the subscriber device for the secure session towards the external content provider rather than towards the network data center.

US Pat. No. 10,367,905

INTEGRATION FRAMEWORK AND USER INTERFACE FOR EMBEDDING TRANSFER SERVICES INTO APPLICATIONS

The Western Union Company...

1. A transaction service integration system comprising:one or more content delivery network servers in a content delivery network, each content delivery network server comprising:
a processing unit comprising one or more processors;
one or more storage devices configured to receive and store a plurality of content resources representing transaction user interfaces;
a network interface configured to receive data from and transmit data to a transaction server; and
memory coupled with and readable by the processing unit and storing therein a set of instructions which, when executed by the processing unit, causes the content delivery network server to:
receive and store a plurality of content resources, from the transaction server, representing transaction user interfaces;
receive requests, from a transaction client device, for a transaction user interface;
retrieve a specific transaction user interface, in response to the requests received from the transaction client device; and
transmit the specific transaction user interface to the transaction client device;
a transaction client device, comprising:
a processing unit comprising one or more processors;
an input/output (I/O) subsystem configured to receive transaction request data; and
a network interface configured to securely communicate transaction request data to the transaction server; and
memory coupled with and readable by the processing unit and storing therein a set of instructions which, when executed by the processing unit, causes the transaction client device to:
execute a host software application configured to provide multi-party communication services via the transaction client device;
invoke, within the host software application, an integrated software component configured to provide secure transaction services;
receive a unique user identifier associated with a current user of the host software application;
receive, by the integrated software component and from the host software application, transaction sender data and transaction receiver data;
transmit, by the integrated software component, transaction sender data transaction receiver data, and an authentication request to the transaction server, wherein the authentication request includes the unique user identifier;
receive, by the integrated software component and from the transaction server, data identifying a transaction user interface and an authentication response;
retrieve, by the integrated software component, the transaction user interface from a particular content delivery network server;
render, by the integrated software component, the transaction user interface within the host software application; and
determine, based on the authentication response received from the transaction server, whether or not to require an input of user credentials via the integrated software component, prior to submitting a transaction request via the transaction user interface; and
the transaction server, wherein the transaction server comprises one or more computer servers configured to communicate with the one or more content delivery network servers and the transaction client device, wherein the one or more computer servers of the transaction server comprise:
one or more processing units, each processing unit comprising one or more processors; and
one or more memory devices respectively coupled to and readable by the one or more processing units, the memory devices storing therein one or more sets of instructions which, when executed by the processing units, causes one or more computer servers of the transaction server to:
transmit a plurality of content resources representing a plurality of transaction user interfaces to one or more content delivery network servers;
receive, from the integrated software component of the transaction client device, transaction sender data and transaction receiver data;
determine, based on the received transaction sender data and transaction receiver data, a transaction sender location and a transaction receiver location;
determine, based at least in part on the transaction sender location and the transaction receiver location, the transaction user interface from the plurality of transaction user interfaces;
determine a particular content delivery network server at which the transaction user interface is stored; and
transmit data identifying the transaction user interface and the particular content delivery network server, to the integrated software component.

US Pat. No. 10,367,904

CONSOLIDATED NETWORK REPOSITORY (CNR) FOR STORING DATA ASSOCIATED WITH DIFFERENT COMMUNICATION NETWORK PLATFORMS

1. A system, comprising:a processor; and
a memory that stores executable instructions that, when executed by the processor, facilitate performance of operations, comprising:
communicating with a storage device comprising a single logical layer that stores consolidated networks data according to a single common schema, wherein the single logical layer is accessed according to the single common schema, wherein the consolidated networks data comprises first network data representative of a first network domain that operates according to a first protocol and that provides a first group of services, and second network data representative of a second network domain that operates according to a second protocol different than the first protocol and that provides a second group of services different than the first group of services;
receiving, from a first device of the first network domain, a request for a first portion of the consolidated networks data, wherein the request is formatted according to the first protocol and specifies access to the first portion according to a platform-specific database schema associated with the first network domain;
translating the request according to the single common schema that specifies access to the first portion according to the single common schema;
generating a modified request based on the translating;
using the modified request to access the storage device and retrieve the first portion; and
transmitting the first portion to the first device.

US Pat. No. 10,367,901

PROACTIVE ENVIRONMENT-BASED CHAT INFORMATION SYSTEM

GOOGLE LLC, Mountain Vie...

1. A method for proactively delivering push notifications in a chat information system (CIS), the method comprising:identifying, by a processor of a user device operatively coupled to a memory of the user device, at least one triggering event;
receiving, at the user device, a push notification comprising metadata for the user device to submit to a networked server;
in response to the push notification being opened by a user via interacting with the user device, generating, by the processor, a request to obtain information associated with the at least one triggering event from the networked server, wherein the request comprises the metadata of the push notification;
receiving, at the user device and from the networked server, information in response to the request;
generating, by the processor of the user device, a push notification message for the user, wherein the push notification message contains the information received from the networked server and is associated, at least in part, with the at least one triggering event; and
providing, by the processor of the user device, the push notification message to the user.

US Pat. No. 10,367,898

INTEREST PROFILES FOR AUDIO AND/OR VIDEO STREAMS

1. A method comprising:in response to an aggregate interest profile associated with a first streaming media item indicating that the first streaming media item is high quality, saving the first streaming media item to a memory, wherein the aggregate interest profile aggregates a first interest profile for the first streaming media item provided by a second user and a second interest profile for the first streaming media item provided by a third user;
in response to a second aggregate interest profile associated with a second streaming media item indicating that the second streaming media item is not high quality, not saving the second streaming media item to the memory;
sending, from a processor, a recommendation for the first streaming media item to a device associated with a first user;
determining, at the processor, a difference between the first interest profile and the second interest profile, the difference associated with a portion of the first streaming media item;
comparing, at the processor, the difference to a threshold value; and
in response to the difference exceeding the threshold value and after sending the recommendation, transmitting, from the processor, a first indication associated with the first streaming media item based on the difference to the device, wherein the first user, the second user, and the third user are distinct users.

US Pat. No. 10,367,897

METHOD AND APPARATUS FOR RELEASING SERVICES IN STAGES

TENCENT TECHNOLOGY (SHENZ...

1. A method for releasing services on a server in stages, the method comprising:setting a number of accounts that can access a new service and releasing the new service to the accounts in a first time period;
setting an access rate for the new service and releasing the new service in accordance with the access rate in a second time period, wherein the access rate indicates a number of accesses to the new service per unit time; and
releasing the new service to the entire server in a third time period,
wherein releasing the new service in accordance with the access rate comprises:
determining a value of the access rate;
when an actual number of access requests received by the server during a unit time is greater than the value of the access rate, directing a portion of the actual number of access requests that are over the value of the access rate to an old service corresponding to the new service,
wherein setting the access rate for the new service and releasing the new service in accordance with the access rate further comprises:
setting an initial access rate and a maximum access rate for the new service; and
increasing the access rate for the new service from the initial access rate to the maximum access rate during the second time period.

US Pat. No. 10,367,894

INFORMATION PROCESSING APPARATUS, METHOD FOR CONTROLLING THE SAME, NON-TRANSITORY COMPUTER-READABLE STORAGE MEDIUM, AND INFORMATION PROCESSING SYSTEM

CANON KABUSHIKI KAISHA, ...

1. An information processing system that performs communication between an image forming apparatus and an information processing apparatus via a relay server,the information processing apparatus comprising:
a plurality of communication clients respectively capable of communicating by different communication protocols; and
a first communication control unit that sets a local host as a connection destination, creates a first communication socket by designating a predetermined port, activates one communication client out of the plurality of communication clients, and in communication between the activated communication client and the relay server, adjusts and relays communication data between HTTP and the corresponding communication protocol via the first communication socket,
wherein at least one of the plurality of communication clients and the first communication control unit is implemented by at least one processor and a memory, and
the image forming apparatus comprising:
a plurality of communication servers respectively capable of communicating by different communication protocols; and
a second communication control unit that sets a local host as a connection destination, creates a second communication socket to one communication server out of the plurality of communication servers by designating a predetermined port designated from the information processing apparatus, and in communication between the communication server and the relay server, adjusts and relays communication data between HTTP and the corresponding communication protocol via the second communication socket,
wherein at least one the plurality of communication servers and the second communication control unit is implemented by at least one processor and a memory.

US Pat. No. 10,367,893

METHOD AND APPARATUS OF PERFORMING PEER-TO-PEER COMMUNICATION ESTABLISHMENT

OPEN INVENTION NETWORK LL...

1. A method comprising:establishing an initial TCP data connection between a first network device and a second network device via a third network device;
transmitting, via the initial TCP data connection, a rendezvous message from the first network device to the third network device;
sending, via the first network device, parallel TCP/user datagram protocol data transfer (UDT) connection messages to attempt a connection with each local interface of the third network device, based on information contained in the rendezvous message;
identifying, via the first network device, an optimal connection based on performance information associated with each connection attempt;
establishing a peer-to-peer (P2P) data connection between the first network device and the second device based on the identified optimal connection, the P2P data connection being independent of the third network device;
transferring a request to the third network device over the initial TCP data connection to connect the first network device with the second network device via the P2P connection;
responsive to receiving the request, listening on a specific port for incoming connection communications from the third network device and executing a script on the second network device via the third network device that performs downloading of dynamic linked libraries (DLLs) from the third network device to the second network device; and
transferring data messages between the first network device and the second network device via the P2P connection.

US Pat. No. 10,367,891

SYSTEM AND METHOD FOR IMPROVING EFFICIENCY OF SSL/TLS CONNECTIONS

CITRIX SYSTEMS, INC., Fo...

1. An appliance of a cluster of appliances, the appliance comprising:one or more network interfaces configured to facilitate a first secure session between a client device and the appliance and a second secure session between the appliance and a server; and
a secure session exchange module configured to:
provide a message that includes an initialization indicator for broadcasting to one or more other appliances of the cluster of appliances when a new connection request is received from the client device, the message indicating that the appliance is acting as a primary instance for the server among the one or more other appliances and is responsible for performing a full handshake procedure with the server, and
acquire at least one session-related parameter through the full handshake procedure for a secure layer with the server, wherein a network interface of the one or more network interfaces is configured to send the at least one session-related parameter to one or more other appliances for use by the one or more other appliances to perform a shortened handshake by reusing the at least one session-related parameter.

US Pat. No. 10,367,890

MAINTAIN SINGLE SESSION WITH A SINGLE APPLICATION ACROSS MULTIPLE CLIENTS

Oracle International Corp...

1. A method for facilitating interaction between computing sessions, the method comprising:initiating a first session with a first application;
providing interface information to the first application via the first session, wherein the interface information characterizes a second session with a second application;
causing the first application to use the second application by employing the interface information that characterizes the second session of the second application in one or more messages transferred from the first application to the second application, wherein causing further includes:
causing the first application to use functionality of the second application, wherein the functionality of the second application is accessed by the first application using the first session and the interface information that characterizes the second session of the second application, thereby causing a request message from the first session to the second session to appear to the second application as coming from the second session.

US Pat. No. 10,367,889

SMART ROUTING FOR ON-VEHICLE TELEMATICS PROTOCOL

FORD GLOBAL TECHNOLOGIES,...

1. A vehicle system comprising:a gateway including a database and configured to transfer messages between a plurality of controllers, each controller connected to one of a plurality of nodes, the gateway further configured to:
broadcast, to all the nodes, a request message received from a first controller for receipt by a second controller;
receive, from a first node, a response message from the second controller for receipt by the first controller; and
link, in the database, the first node and the second controller.

US Pat. No. 10,367,888

CLOUD PROCESS FOR RAPID DATA INVESTIGATION AND DATA INTEGRITY ANALYSIS

FAIR ISAAC CORPORATION, ...

1. A method comprising:receiving summary statistics computed by at least executing one or more analytical processes on a dataset stored in parts across a set of memory based compute nodes, each compute node finding partial statistics of a data part stored on the respective compute node, the partial statistics representative of a respective data part;
storing the summary statistics in a random access memory associated with a server computer, the random access memory being accessible by at least one of the compute nodes, the summary statistics being a combination of the partial statistics and representative of a full dataset;
identifying, for pre-model building data understanding, outlier data by comparing subsets of data in the dataset, the identified outlier data accessible to a predictive model;
generating a graphical representation of at least some summary statistics stored in the random access memory; and
formatting the graphical representation of at least some summary statistics for transmission to and display by one or more client computers.

US Pat. No. 10,367,886

INFORMATION PROCESSING APPARATUS, PARALLEL COMPUTER SYSTEM, AND FILE SERVER COMMUNICATION PROGRAM

FUJITSU LIMITED, Kawasak...

1. An information processing apparatus among a plurality of information processing apparatuses that perform parallel computing processing in a parallel computer system, wherein the information processing apparatuses are coupled to each other and also coupled to a file server, the information processing apparatus comprising;a memory, and
a processor coupled to the memory and configured to execute a process comprising:
determining a data length of target data associated with input/output requests between the information processing apparatus and the file server;
determining a coordinate vector of the information processing apparatus;
receiving data lengths and coordinate vectors from each of other information processing apparatuses among the information processing apparatuses;
calculating a centroid position of the information processing apparatuses based on the determined data length, the determined coordinate vector, and the received data lengths and coordinate vectors from each of the other information processing apparatuses;
determining a specific information processing apparatus, from among the information processing apparatuses, which is nearest to the calculated centroid position; and
when the specific information processing apparatus is determined to be the information processing apparatus, at least one of receiving and transmitting data identified in subsequent input/output requests between the file server and two or more of the other information processing apparatuses.

US Pat. No. 10,367,885

METHODS FOR USING EXTRACTED FEATURES TO PERFORM AN ACTION ASSOCIATED WITH SELECTED IDENTIFIED IMAGE

Network-1 Technologies, I...

1. A method comprising:(a) receiving, at a computer system from a user electronic device, a query related to an image obtained from the user electronic device;
(b) receiving, at the computer system, one or more extracted features of the image, wherein the one or more extracted features include a compact representation of at least a portion of the image related to one or more blocks of pixels of the image;
(c) identifying, using the computer system, one or more annotations associated with the image;
(d) identifying, at the computer system, one or more other images related to the image by comparing the one or more extracted features from the image with reference features from a first plurality of reference works using a sub-linear search of reference features that identifies one or more matches to the image but does not guarantee to identify an exact match to the image, wherein the first plurality of reference works are organized using a clustering technique based on annotations including the one or more annotations to eliminate a second plurality of reference works from being searched;
(e) providing, by the computer system to the user electronic device, the identified one or more other images along with action information associated with the identified one or more other images, wherein the action information is related to an action to be performed at the user electronic device;
(f) receiving, at the computer system from the user electronic device, a selection of one of the identified one or more other images; and
(g) providing, to the electronic device, machine readable instructions for performance of the action associated with the selected one of the identified one or more other images.

US Pat. No. 10,367,884

CONTENTS SHARING METHOD BETWEEN MOBILE TERMINAL AND LOCAL SERVER

SAMSUNG ELECTRONICS CO., ...

1. A method of communicating metadata of contents at an electronic device, the method comprising:receiving the metadata of the contents from a first device;
receiving a contents share service request if the electronic device is determined to be located within a predetermined area;
transmitting a response to the contents share service request for an approval of contents share service; and
establishing a communication channel with a second device, wherein the communication channel is a traffic channel available to the second device;
receiving metadata from the second device; and
transmitting the metadata information of the contents to the second device based on a result of matching the metadata of the contents from the first device and the metadata from the second device.

US Pat. No. 10,367,880

METHOD AND SYSTEM FOR PRESENTING MEDIA CONTENT

1. A media portal device, comprising:a processing system including a processor; and
a memory that stores executable instructions that, when executed by the processing system, facilitate performance of operations, comprising:
receiving a selection of media content from a first communication device, the selection of media content identifying selected media content;
receiving a selection of a media content type from the first communication device, the selection of the media content type identifying a selected media content type option from a plurality of available media content type options for the selected media content, each media content type option corresponding to a different one of a plurality of media content types;
submitting a first request to a second communication device, to accept or decline the selected media content according to the selected media content type option, wherein reception of the first request causes the second communication device to pause a program being presented at the second communication device;
responsive to an acceptance of the first request submitted to the second communication device, storing a metadata pointer associated with the selected media content for use by the second communication device, wherein the acceptance of the first request causes the second communication device to store a notation in a media library of the second communication device, and wherein the notation includes a name associated with the selected media content as defined at the second communication device; and
responsive to receiving a second request from the second communication device for the selected media content:
retrieving the selected media content from a media content source according to the metadata pointer,
processing the selected media content according to the selected media content type option by removing a portion of the selected media content that corresponds to a second media content type option of the plurality of available media content type options to produce processed media for presentation to the second communication device, and
providing the processed media to the second communication device,
wherein the receiving of the second request is responsive to a selection of the name from the media library at the second communication device.

US Pat. No. 10,367,879

DOWNLOAD PRIORITIZATION

Apple Inc., Cupertino, C...

1. A non-transitory machine-readable medium containingexecutable program instructions which when executed by a device cause the device to perform a method comprising:
receiving, from one or more processes running on the device, a plurality of download requests, wherein each download request corresponds to a request for a respective object;
determining a priority hint associated with a process running on the device;
scheduling, based on at least the priority hint associated with the process, a download request from the plurality of download requests;
based on the scheduling of the download request, starting a download process using the scheduled download request to download an object corresponding to the download request;
determining that a change has occurred in the priority hint during the download process;
based on determining that the change occurred, changing a characteristic of the download process; and
storing the object corresponding to the download process.

US Pat. No. 10,367,878

OPTIMIZATION OF PATH SELECTION FOR TRANSFERS OF FILES

BMC Software, Inc., Hous...

1. A system for network path selection for transfers of files within a computing network, including instructions stored on a non-transitory computer readable storage medium and executable by at least one processor, the system comprising:a file transfer manager implemented at a first data center, wherein the file transfer manager is configured to cause the at least one processor to transfer a file from a source computing device to a target computing device, the source computing device being communicatively coupled to the first data center, the target computing device being communicatively coupled to a second data center, wherein the file is associated with file metadata, and with an organization, the file metadata including one or more checksum values and information about the file, the file metadata including security-related metadata and transfer latency metadata,
wherein the file transfer manager is configured to cause the at least one processor to:
intercept, via an application programming interface (API), an operating system call issued at the source computing device, the intercepted operating system call including a file transfer request for transferring the file;
determine whether or not the file already exists at the target computing device based on the one or more checksum values;
compute network metadata about the network conditions of a private wide area network (WAN) and of a plurality of publicly available data hosting services in response to the determination that the file does not already exist at the target computing device, the network metadata including information representing available network bandwidth on the private WAN and available network bandwidth on the plurality of publicly available data hosting services, wherein the private WAN is a computer network administered by the organization, and each of the plurality of publicly available data hosting services is a network that is not administered by the organization; and
programmatically select either the private WAN or one of the plurality of publicly available data hosting services for transferring the file by executing path decision logic, wherein the path decision logic includes decision criteria specifying weights applied to the security-related metadata and the transfer latency metadata, wherein the security-related metadata is associated with a higher weight than the transfer latency metadata,
wherein, in response to the selection of one of the plurality of publicly available data hosting services for transferring the file, the file transfer manager is configured to cause the at least one processor to:
upload the file to the selected publicly available data hosting service;
transfer configuration data to the second data center, the configuration data including information for accessing the selected publicly available data hosting service, the configuration data including a digital certificate;
instruct the second data center to download the file from the selected publicly available data hosting service using the configuration data; and
instruct the second data center to transfer the file from the second data center to the target computing device.

US Pat. No. 10,367,877

SYSTEM AND METHOD FOR IDENTIFYING PUBLICLY AVAILABLE CAMERAS

Purdue Research Foundatio...

1. A method for identifying network cameras, comprising:(a) receiving name of an organization by one or more processors;
(b) performing an internet search via a script for the name associated with the organization by the one or more processors, thereby generating a plurality of website Hypertext Markup Language (HTML) listings, and parsing each of the generated HTMLs to identify a range of internet protocol (IP) addresses for the associated organization by the one or more processors;
(c) querying each IP address in the range of the IP addresses by the one or more processors;
(d) receiving a response from each queried IP address by the one or more processors;
(e) verifying the received response is from a camera by obtaining an image file from the IP address and analyzing the image file by the one or more processors; and
(f) adding the IP address to a list of identified cameras upon verification by the one or more processors.

US Pat. No. 10,367,874

MPEG-DASH DELIVERY OVER MULTICAST

Verizon Patent and Licens...

1. A method comprising:receiving, by a first network device of a multicast network, a program including audio and video data;
generating, by the first network device, Moving Picture Experts Group (MPEG) Dynamic Adaptive Streaming over Hypertext Transfer Protocol (HTTP) (MPEG-DASH) segments that have multiple bit rates in response to the receiving;
transmitting, by the first network device and to a second network device of the multicast network, first packets that include the MPEG-DASH segments in response to the generating;
dividing, by the second network device, each of the MPEG-DASH segments into first multiple slices of program data, wherein the program data includes a portion of the audio and video data;
generating, by the second network device, a first header for each first slice of the first multiple slices, wherein the first header includes sequence information;
multicasting, by the second network device and to a third network device of the multicast network, second packets that include first headers and the first multiple slices of each of the MPEG-DASH segments;
assembling, by the third network device, the MPEG-DASH segments based on the first headers and the first multiple slices;
dividing, by the third network device, each of the MPEG-DASH segments into second multiple slices of the program data;
encapsulating, by the third network device, the second multiple slices of the program data into third packets;
generating, by the third network device, forward error correction packets pertaining to the third packets, wherein the generating of the forward error correction packets pertaining to the third packets comprises:
selecting, by the third network device, P packets from the third packets, wherein P is a numerical value and the P packets are consecutively and sequentially ordered based on the second multiple slices of the program data;
dividing, by the third network device, the P packets into S sub-groups of packets, wherein S is a numerical value, and wherein each sub-group includes a sub-group of packets of the P packets and the sub-group of packets are not consecutively and sequentially ordered; and
generating, by third network device, a sub-group of forward error correction packets for each sub-group based on the sub-group of packets within each sub-group of S sub-groups; and
multicasting, by the third network device and to a user device of a multicast, the third packets and the forward error correction packets.

US Pat. No. 10,367,871

SYSTEM AND METHOD FOR ALL-IN-ONE CONTENT STREAM IN CONTENT-CENTRIC NETWORKS

Cisco Technology, Inc., ...

1. A computer-executable method for assembling a single content stream that enables downloading of a content collection using the single content stream over a content-centric network, comprising:receiving, from a requester, a set of Interests under a same namespace;
obtaining the content collection that includes a plurality of content components, wherein each content component has a modification time;
generating a manifest for the content collection, wherein a respective entry in the manifest corresponds to a content component;
determining, from the plurality of content components, which content components to include in the single content stream; and
assembling the single content stream by including the manifest followed by the plurality of content components in order,
wherein the manifest and the content components are packaged into objects under the same namespace as the set of Interests,
wherein each of the objects specifies a same name prefix, and each of the Interests specifies the same name prefix as the objects,
wherein a content component includes a second single content stream, and wherein the second single content stream includes a second manifest,
wherein one or more content components that are required for rendering the content collection are placed at a beginning of the single content stream, and
wherein the plurality of content components are placed in order based on the modification times with the content component having the most recent modification time or the least recent modification time placed first.

US Pat. No. 10,367,869

REMOTE VEHICLE CONTROL AND OPERATION

FORD GLOBAL TECHNOLOGIES,...

1. A system, comprising:a computer at a remote site, the computer comprising a processor and a memory; and
a vehicle computer onboard a vehicle, the vehicle computer and the vehicle geographically remote from the computer and the remote site, the vehicle operable by an operator of the computer at the remote site, whereby the operator is geographically remote from the vehicle and the vehicle computer;
wherein the memory of the computer at the remote site stores instructions executable by the processor of the computer at the remote site to:
receive a plurality of data streams from the vehicle via the vehicle computer, at least some of the data streams including multimedia data;
determine an available bandwidth and a bandwidth consumption of each of the data streams;
perform a prioritization of the data streams according to one or more factors including at least data describing the operator at the remote site operating the vehicle and the available bandwidth, the prioritization including an identification of one of the data streams having a higher priority than another of the data streams based on sensor data indicating behavior of the operator at the remote site; and
instruct the vehicle computer to at least one of adjust at least one of the data streams and prevent transmission of at least one of the data streams to the computer according to the prioritization.

US Pat. No. 10,367,868

LOCATION-BASED PLAYLIST

Sonos, Inc., Santa Barba...

1. A method comprising:causing, via a mobile device, one or more servers of a media streaming service to generate a location-based playlist of multiple audio tracks, wherein causing the one or more servers to generate the location-based playlist comprises sending, via a network interface of the mobile device over one or more networks to the one or more servers, location messages indicating respective GPS coordinates of one or more locations, wherein the one or more servers add each audio track being played by at least one playback device that is co-located with the mobile device at the one or more locations to the location-based playlist when the respective audio track is played back such that the location-based playlist defines a playback sequence;
after generating the location-based playlist, causing, via the mobile device, a graphical interface to display, in a media playback application of the media streaming service, a graphical representation of the location-based playlist;
receiving, via the mobile device, an input indicating a selection of the generated location-based playlist;
transmitting, via the network interface of the mobile device over one or more networks to the one or more servers, a request for information associated with audio tracks in the selected location-based playlist;
receiving, via the network interface of the mobile device over the one or more networks from the one or more servers of the media streaming service, the requested information associated with the audio tracks in the selected location-based playlist, the information indicating at least the respective location of the mobile device when each audio track of the location-based playlist was added to the location-based playlist;
causing, via the mobile device, the graphical interface to display the requested information associated with the audio tracks in the location-based playlist; and
playing back the location-based playlist on the mobile device, wherein playing back the location-based playlist on the mobile device comprises streaming the multiple audio tracks from the media streaming service.

US Pat. No. 10,367,867

IN-BAND QUALITY DATA

Imagination Technologies ...

1. A method of transmitting data in a media stream to a receiving device, the media stream being in accordance with a media streaming protocol which defines a data structure comprising a type identifier field for specifying a type of data contained within the data structure, wherein the type identifier field is settable to a first type identifier or a second type identifier different from the first type identifier, the method comprising:determining whether or not the receiving device is capable of processing data in a data structure having the type identifier field set to the second type identifier, wherein if it is determined that the receiving device is capable of processing data in a data structure having the type identifier field set to the second type identifier, the method further comprising:
generating data of a first type, the first type being associated with the first type identifier in accordance with said protocol;
encapsulating the generated data in a data structure defined by said protocol;
setting the type identifier field of the data structure to the second type identifier;
forming a packet comprising the data structure; and
transmitting the packet in the media stream.

US Pat. No. 10,367,864

ELECTRONIC DEVICE AND METHOD FOR CONTROLLING ELECTRONIC DEVICE

LG ELECTRONICS INC., Seo...

1. An electronic device comprising:a processor;
a non-transitory recording medium;
an electronic device application to communicate with a companion device; and
a WebSocket server to connect the electronic device application with a companion device application of the companion device,
wherein the WebSocket server includes a first endpoint and a second endpoint,
wherein the first endpoint connects the WebSocket server with the electronic device application of the electronic device,
wherein the second endpoint connects the WebSocket server with the companion device application of the companion device,
wherein the WebSocket server receives a first request from the electronic device application of the electronic device,
wherein the first request includes first uniform resource information including first application identification information for identifying the electronic device application and a connection between the first endpoint and a first app-endpoint of the electronic device application is established,
wherein the first app-endpoint includes the first application identification information,
wherein the WebSocket server receives a second request from the companion device application of the companion device,
wherein the second request includes second uniform resource information including second application identification information for identifying the companion device application and a connection between the second endpoint and a second app-endpoint of the companion device application is established,
wherein the second app-endpoint includes the second application identification information,
wherein the WebSocket server establishes a WebSocket connection by connecting the electronic device application with the companion device application based on a WebSocket protocol when the first app-endpoint and the second app-endpoint are the same, and
wherein the first uniform resource information and the second uniform resource information are configured without including Internet Protocol (IP) address information.

US Pat. No. 10,367,862

LARGE-SCALE PAGE RECOMMENDATIONS ON ONLINE SOCIAL NETWORKS

Facebook, Inc., Menlo P...

1. A method comprising, by one or more processors of one or more computing systems:retrieving, by one or more of the processors from one or more computer storage media, user-concept scores for a first set of users of a plurality of users, wherein the user-concept scores are associated with previous social network activities of the first set of users of the plurality of users, and wherein each user-concept score is associated with a user-concept pair that comprises a first user from the first set of users and a concept from a plurality of concepts;
generating, by one or more of the processors, a data structure comprising a concept matrix Q based on the accessed user-concept scores of the first set of users, wherein the concept matrix Q comprises a plurality of concept trait vectors corresponding to the plurality of concepts, and wherein the concept matrix Q is fixed after being determined;
selecting, by one or more of the processors and from the data structure, a subset of concepts of the concept matrix Q based on a similarity metric of the plurality of concept trait vectors of the concept matrix Q, wherein the subset of concepts is associated with one or more previous social network activities of one or more users of a second set of users, and wherein the second set of users is discrete from the first set of users;
generating, by one or more of the processors, recommendations based on recommended user-concept scores for a subset of user-concept pairs in the second set of users of the plurality of users and the plurality of concepts based on the subset of concepts of the concept matrix Q determined from the first set of users, wherein the subset of user-concept pairs in the second set of users is a random subset of user-concept pairs, wherein a recommendation-algorithm computes the recommended user-concept scores for a user-concept pair by optimizing an objective function comprising a plurality of predicted rating functions, wherein each predicted rating function is determined using a user score, a concept score, a user-bias value associated with a second user in the second set of users, and a concept-bias value associated with the concept; and
sending, to one or more client systems of one or more users of the second set of users, the recommendations for one or more concepts based on the recommended user-concept scores for the second set of users.

US Pat. No. 10,367,861

SYSTEM AND METHOD FOR DIGITAL AUDIO CONFERENCE WORKFLOW MANAGEMENT

Harman International Indu...

1. A computer-program product embodied in a non-transitory computer read-able medium that is programmed to manage a digital audio conference including a plurality of conference units and each conference unit including a microphone, the computer-program product comprising instructions to:receive first information corresponding to a layout of a venue that facilitates an audio conference for users of the plurality of conference units;
store second information corresponding to an arrangement of a plurality of seats in the venue;
associate a first conference unit of the plurality of conference units to a first seat of the plurality of seats;
transmit third information corresponding to a topic for discussion in the audio conference to the plurality of conference units and further corresponding to a duration of the topic in the audio conference;
test the microphone for the conference unit in the audio conference to determine whether the microphone for the conference unit is exhibiting a fault condition;
transmit a command to each of the plurality of conference units to disable the microphone for each of the plurality of conference units prior to testing the microphone;
control one or more first speakers within the venue to transmit a first audio signal;
control a corresponding conference unit of the plurality of conference units to activate the microphone;
receive a sampled audio signal of the first audio signal from the corresponding conference unit after controlling the corresponding conference unit to activate the microphone; and
compare a tone on the sampled audio signal to a portion of the first audio signal to determine if the microphone for the corresponding conference unit is operating properly.

US Pat. No. 10,367,860

SOCIAL NETWORKING PERMISSIONS

Oath Inc., Dulles, VA (U...

1. A computer-implemented method for enabling searches with a graphical user interface, the method comprising the following operations performed by at least one processor:identifying, based on information associated with a social network of a first user, a plurality of first relationships between the first user and a second user in the social network, the first relationships comprising direct relationships through zero intermediary users;
identifying categories associated with the first relationships based on the social networking information;
generating a composite category representative of the identified categories;
determining a portion of a contact list of the second user that is accessible to the first user based on a composite access type associated with the composite category;
generating an instruction to display a graphical user interface on a device of the first user, the graphical user interface comprising a search text field;
receiving, from the device of the first user, search criteria entered into the search text field of the graphical user interface; and
generating an instruction to transmit information associated with the contact list portion to the device of the first user based on the search criteria entered, the information instructing the device to:
(i) display information of the contact list portion to the first user with a set of graphical position indicators, the set of graphical position indicators including a graphical indication of the first user and graphical indications of the intermediary members of the social network between the first user and the contact list portion; and
(ii) enable the first user to modify the presented contact list portion by selecting whether the search criteria is applied to the social network of the first user or an entire member directory stored in a database, wherein the contact list portion is modified to include auxiliary information for members outside of the social network of the first user when the search criteria is applied to the entire member directory.

US Pat. No. 10,367,859

ORGANIZING A SYNCHRONOUS COMMUNICATION SESSION ACCORDING TO CONTEXT

INTERNATIONAL BUSINESS MA...

1. A computer hardware system, comprising: a hardware processor configured to initiate the following executable operations: detecting, based upon an input received from a user, a trigger event; identifying, based upon the trigger event, a foreground application executing within the computer hardware system when the input was received; retrieving, from the identified foreground application, a digital asset displayed in the foreground application when the input was received, the digital asset including content and metadata; analyzing the content of the digital asset to identify a list of candidate participants; displaying, within a user interface separate from the foreground application, the list; and sending, to at least one of the candidate participants selected from within the user interface, an invite for a synchronous communication session, wherein the detecting, the identifying, the retrieving, the analyzing, and the displaying are performed by a context agent executing within the computer hardware system and separate from the foreground application.

US Pat. No. 10,367,849

METHOD AND SYSTEM FOR DETECTING PHISHING PAGE

Baidu Online Network Tech...

1. A method for detecting a phishing page, comprising:intercepting user data attempted to be submitted by a current page to a server;
constructing detection data having a structure identical to a structure of the user data, content of the detection data being different from content of the user data;
submitting the detection data to the server; and
determining whether the current page is a phishing page based on a response from the server;
providing a user with a risk warning in response to determining the current page being a phishing page;
receiving a feedback on the risk warning from the user;
generating a phishing website database based on the feedback; and
determining whether the current page is a phishing website by using the phishing website database, before the intercepting user data attempted by the current page to submit to the server.

US Pat. No. 10,367,845

SYSTEMS AND METHODS FOR EVALUATING INFECTION RISKS BASED ON PROFILED USER BEHAVIORS

Symantec Corporation, Mo...

1. A computer-implemented method for evaluating infection risks based on profiled user behaviors, at least a portion of the method being performed by a computing device comprising at least one hardware processor, the method comprising:collecting, by the computing device comprising the at least one hardware processor, a plurality of user-behavior profiles that comprises:
a plurality of labeled profiles that comprises:
a plurality of infected profiles, wherein each of the plurality of infected profiles comprises a profile of user behaviors that occurred at an associated infected computing system that is known to have encountered malware; and
a plurality of clean profiles, wherein each of the plurality of clean profiles comprises a profile of user behaviors that occurred at an associated clean computing system that is known to be free of malware; and
a plurality of unlabeled profiles, wherein each of the plurality of unlabeled profiles comprises a profile of user behaviors that occurred at an associated computing system that is not known to have encountered malware and not known to be free of malware;
assigning, before training a classification model to distinguish infected profiles from clean profiles, a pseudo label to each of the plurality of unlabeled profiles by:
labeling a first group of the plurality of unlabeled profiles as infected profiles based at least in part on one or more of:
a similarity between unlabeled profiles in the first group and at least one labeled profile in the plurality of infected profiles; or
a mapping of the unlabeled profiles in the first group to a first region of a feature space defined by a lowest-density region of the feature space; and
labeling a second group of the plurality of unlabeled profiles as clean profiles based at least in part on one or more of:
a similarity between unlabeled profiles in the second group and at least one labeled profile in the plurality of clean profiles; or
a mapping of the unlabeled profiles in the second group to a second region of the feature space defined by the lowest-density region of the feature space; and
training the classification model to distinguish infected profiles from clean profiles using features and labels of the plurality of user-behavior profiles;
using the classification model to predict at least one of:
a likelihood that a computing system of a user will become infected based at least in part on a profile of user behaviors of the user; or
a likelihood that a user behavior in the plurality of user-behavior profiles will result in a computing-system infection.

US Pat. No. 10,367,842

PEER-BASED ABNORMAL HOST DETECTION FOR ENTERPRISE SECURITY SYSTEMS

NEC Corporation, (JP)

1. A method for determining a risk level of a host in a network, comprising:modeling a target host's behavior based on historical events, which include network events and process events, recorded at the target host;
determining one or more original peer hosts having behavior similar to the target host's behavior, including an iterative clustering process that assigns a set of initial cluster centroids and updates the centroids after assigning hosts to a closet cluster to identify peer hosts in a lateral space;
determining an anomaly score for the target host using a processor based on how the target host's behavior changes relative to behavior of the one or more original peer hosts over time; and
performing a security management action based on the anomaly score.

US Pat. No. 10,367,841

METHOD AND SYSTEM FOR LEARNING REPRESENTATIONS FOR LOG DATA IN CYBERSECURITY

1. A cybersecurity method comprising:forming a time based series of behavioral features comprising human engineered features by extracting at least one behavioral feature from a first set of log data retrieved over a first time segment, and extracting at least one behavioral feature from a second set of log data retrieved over a second time segment;
analyzing the time based series of behavioral features,
wherein said analyzing the time based series of behavioral features comprises using a neural network based system, a dimensionality reduction system, random forest system, or combinations thereof,
deriving machine learned features from said time based series of behavioral features through said analyzing the time based series of behavioral features; and
detecting an attack or threat to an enterprise or e-commerce system through said analyzing the time based series of behavioral features,
wherein said detecting an attack or threat comprises determining behavioral patterns indicative of said attack or threat based on the combination of said human engineered features and said machine learned features,
wherein the time based series of behavioral features is formatted into a time-based matrix, wherein each behavioral feature is associated with an entity and a time segment.

US Pat. No. 10,367,839

GRAPHICAL USER INTERFACE PROGRAMMED TO DISPLAY COMPLEX INDICATORS BASED ON STRUCTURED THREAT EXPRESSIONS

CISCO TECHNOLOGY, INC., ...

1. A computer system for visualizing cybersecurity threat information provided by a computer network with a plurality of computing devices, the computer system comprising:a display;
one or more processors coupled to the display;
one or more non-transitory computer-readable storage media coupled to the one or more processors and storing data that represents one or more expressions and one or more sequences of instructions which when executed by the one or more processors causes the one or more processors to:
retrieve, from the storage media, the data that represents an expression comprising a plurality of observables;
parse the data that represents the expression to identify the plurality of observables, one or more Boolean operators, and one or more interdependencies between observables of the plurality of observables; wherein an interdependency, of the one or more interdependencies, determines a logical relationship between two observables, of the plurality of observables, that are concatenated using a Boolean operator of the one or more Boolean operators;
generate a plurality of observation objects that corresponds to the plurality of observables; wherein an observation object of the plurality of observation objects corresponds to a respective observable of the plurality of observables, and stores information included in the respective observable;
generate one or more Boolean graphical objects that correspond to the one or more Boolean operators; wherein two observation objects, of the plurality of observation objects, are to be concatenated using a Boolean graphical object, of the one or more Boolean graphical objects, that corresponds to a Boolean operator that concatenates respective two observables of the plurality of observables;
cause to present, in an expression visualizer portion of the display, the plurality of observation objects, contents included in the plurality of observations objects, and the one or more Boolean graphical objects connecting observation objects of the plurality of observation objects to represent the interdependencies determined for the plurality of observables.

US Pat. No. 10,367,835

METHODS AND APPARATUS FOR DETECTING SUSPICIOUS NETWORK ACTIVITY BY NEW DEVICES

EMC IP Holding Company LL...

1. A method comprising:obtaining network event data for a given entity, wherein said given entity comprises one of a user and a user device;
determining, using at least one processing device, a number of distinct other entities associated with said given entity during a predefined short time window, wherein said distinct other entities comprise user devices used by said user if said given entity comprises a user and comprise users of the user device if said given entity comprises a user device;
determining, using the at least one processing device, a number of distinct other entities associated with said given entity during a predefined longer time window, wherein said predefined longer time window is longer than said predefined short time window;
assigning, using the at least one processing device, a risk score to said given entity by one or more of (i) evaluating said number of distinct other entities associated with said given entity during said predefined short time window relative to said number of distinct other entities associated with said given entity during said predefined longer time window, and (ii) evaluating said number of distinct other entities associated with said given entity during said predefined short time window relative to a predefined number; and
detecting, using the at least one processing device, anomalous network activity by said given entity based on said assigned risk score.

US Pat. No. 10,367,831

SYSTEMS, METHODS, AND DEVICES FOR DEFENDING A NETWORK

1. A system, comprising:a memory that stores instructions; and
a processor that executes the instructions to perform operations, the operations comprising:
determining if greater than a configurable amount of network traffic during a time period comprises attack traffic, wherein the network traffic is addressed to a target;
assessing an existing route and next hop for the network traffic;
inserting a route to a backbone network ingress point comprising a longer prefix than the existing route and a next hop address associated with the scrubbing complex, thereby causing the route to be a more specific route than the existing route;
redirecting, if greater than the configurable amount of the network traffic is determined to comprise the attack traffic, a portion of the attack traffic to a scrubbing complex by using the route;
transmitting, to the target, scrubbed attack traffic from the scrubbing complex; and
ranking, by utilizing statistics determined by the scrubbing complex, a plurality of ingress points contributing to the attack traffic and ranking each traffic of the attack traffic contributing to the attack traffic, wherein the statistics specify an amount of the network traffic that each ingress point of the plurality of ingress points contributes to the attack traffic.

US Pat. No. 10,367,830

SECURITY ACTION OF NETWORK PACKET BASED ON SIGNATURE AND REPUTATION

TREND MICRO INCORPORATED,...

1. A device comprising a hardware processor and a memory, the memory comprising instructions that, when executed by the hardware processor, cause the device to:determine a reputation of an entity associated with a network packet;
determine whether a signature matches the network packet or associated flow of the network packet, wherein the signature that matches the network packet or associated flow of the network packet is a partial or full match of a malware; and
determine a security action based on the reputation of the entity associated with the network packet and the signature that matches the network packet or associated flow of the network packet.

US Pat. No. 10,367,829

PROTECTING THREAT INDICATORS FROM THIRD PARTY ABUSE

Anomali Incorporated, Re...

1. A computer-based method for detecting threats based on obfuscated threat indicators, the method comprising:receiving, from a server, an obfuscated threat indicator associated with an identified cyber-threat that was determined by the server to be above a threshold level of quality, the obfuscated threat indicator having been generated by the server responsive to determining that the identified-cyber-threat is above the threshold level of quality by: including a threat data source of a threat indicator and excluding raw information of the threat indicator;
identifying one or more client-side events occurring within a third-party system, each client-side event identified by an entity identifier indicating an entity to which the client-side event is attributed;
determining that the third-party system experienced a cyber-threat when the obfuscated threat indicator matches at least one entity identifier; and
in response to determining that the third-party system experienced the cyber-threat:
generating descriptive information associated with the obfuscated threat indicator; and
transmitting the descriptive information to the third-party system.

US Pat. No. 10,367,828

ACTION RESPONSE FRAMEWORK FOR DATA SECURITY INCIDENTS

International Business Ma...

1. A method for responding to data security incidents in an enterprise network, comprising:storing, in an incident manager, information concerning the data security incidents, the information being one or more incident objects, wherein at least one incident object includes information for at least one data security incident, and one or more incident artifacts that include information for data resources identified within the incident object, wherein the incident objects and the incident artifacts are organized as an object-oriented inheritance hierarchy with the incident artifacts distinct from the incident objects;
comparing the information to a set of action conditions to determine action conditions satisfied by at least some of the information;
combining into a message contents of any incident object and incident artifact associated with a satisfied action condition;
providing the message to one or more devices, wherein at least one device includes a message interface that receives the message over a virtual connection established between the incident manager and the message interface; and
executing actions that reference the information on the one or more devices.

US Pat. No. 10,367,827

USING NETWORK LOCATIONS OBTAINED FROM MULTIPLE THREAT LISTS TO EVALUATE NETWORK DATA OR MACHINE DATA

SPLUNK INC., San Francis...

1. A computer-implemented method for identifying notable events in a set of events to facilitate identification of computer or network security-related events, the set of events including a plurality of subsets of events, an event in the set of events comprising a portion of raw machine data representing activity involving at least one host in a plurality of hosts distributed across an enterprise's network, the method comprising:accessing a plurality of threat location lists from third-party sources;
receiving, from a user:
(i) criteria for at least one correlation search for notable events that occur on the enterprise's network, and
(ii) designation of a set of threat location lists from the accessed plurality of threat location lists;
generating an aggregated threat location list by merging and deduplicating the designated set of threat location lists from the plurality of threat location lists, the aggregated threat list stored in an index;
in response to receiving the criteria for the at least one correlation search, for a subset of events in the set of events:
extracting a network location and values for one or more fields identified in the criteria from at least one event in the subset of events, at analysis time, by using an extraction rule or regular expression that is associated with an identified field and with the subset of events, the extraction rule or regular expression defining how to extract the network location from the portion of raw machine data, and
determining notable events based on the criteria by determining that:
(i) the extracted network location for the at least one event in the subset of events matches a threat location in the aggregated threat location list stored in the index, and
(ii) the extracted values for the one or more identified fields for the at least one event in the subset of events match user-specified values in the criteria;
generating, for each of a plurality of threat locations from the aggregated threat location list, a count of events from the identified notable events that include a network location matching the threat location; and
causing display of a graphical user interface (GUI) including at least one interface element indicating an amount of activity associated with threat locations from the aggregated threat location list, the amount of activity based on the generated count of events, from the determined notable events, for each of the plurality of threat locations from the aggregated threat location list, the amount of activity associated with threat locations used to facilitate operation performance or security associated with at least one component in an IT environment.

US Pat. No. 10,367,825

METHOD AND SYSTEM FOR PARALLEL VALIDATION OF DOMAIN NAME SYSTEM SECURITY EXTENSION RECORDS

VERISIGN, INC., Reston, ...

1. A parallelized method for authenticating a domain name system (DNS) query using domain name system security extensions (DNSSEC), the method comprising:obtaining, at a validating DNSSEC-aware DNS client, a DNS query for a resource record for a fully qualified domain name (FQDN);
segmenting the FQDN into more than one specific sub-FQDN;
providing, in parallel, a DNS query for a DNSSEC-related resource record for each of the more than one specific sub-FQDN to a respective authoritative name server or recursive resolver;
obtaining, in parallel, the DNSSEC-related resource record for each of the more than one specific sub-FQDN;
validating, in parallel, the DNSSEC-related resource record for each of the more than one specific sub-FQDN;
combining each of the DNSSEC-related resource records for each of the more than one specific sub-FQDN; and
verifying a chain of trust of the DNSSEC-related resource records.

US Pat. No. 10,367,824

POLICY MANAGEMENT, ENFORCEMENT, AND AUDIT FOR DATA SECURITY

BlueTalon, Inc., Redwood...

1. A method, comprising:receiving, by a policy enforcement point of a policy appliance, a data request from an application, the request including a user specification specifying the user and a data specification specifying a data item to be accessed, the policy enforcement point being connected to a first database having a first database format and a second database having a second database format;
submitting, by the policy enforcement point, the user specification and the data specification to a policy decision point of the policy appliance, the policy decision point being configured to decide whether the user is permitted to access at least a portion of the data item according to a policy that defines an access privilege of the user on data;
receiving, by the policy enforcement point and from the policy decision point, a data access decision that is made by the policy decision point according to the policy, the data access decision specifying that the user is permitted to access a portion of the data item;
customizing, by the policy enforcement point, the data request for each of the databases based on the data access decision and a respective database format, including changing the data request into a first customized query according to the first database format and changing the data request into a second customized query according to the second database format, the customized query preventing at least a first portion of the data item from being retrieved from the databases;
retrieving, by the policy enforcement point, a second portion of the data item from the databases as a response to the customized query, the second portion being different from the first portion; and
providing, by the policy enforcement point to the application, the second portion of the data item,
wherein the policy appliance, including the policy decision point, and the policy enforcement point, executes in a container on a system that includes one or more computer processors.

US Pat. No. 10,367,823

AUGMENTED AND VIRTUAL REALITY BASED PROCESS OVERSIGHT

The Toronto-Dominion Bank...

1. A system at a second location, the system comprising:a memory;
a communications module; and
at least one hardware processor interoperably coupled with the memory and the communications module, the at least one hardware processor configured to:
monitor, from the second location remote from a first location, a process-based operation performed at the first location;
receive, at the second location and via the communications module, a first signal from the first location indicating availability for oversight of the process-based operation, wherein the first signal is associated with an automatic request for oversight to the system at the second location generated by an application being executed at the first location, wherein the application is associated with the execution of the process-based operation, and wherein the application identifies a particular operation of the process-based operation determined to require oversight prior to the particular operation being performed;
receive, at the second location and via the communications module, a second signal from the first location including contextual data from at least one data source located at the first location associated with a current state of the process-based operation associated with the particular operation;
identify a user at the first location associated with the execution of the application and the process-based operation;
determine a plurality of users associated with the second system authorized to perform oversight to the particular operation being performed and associated with the identified user; and
based on a set of prioritization rules, identify a particular one of the determined plurality of users as a supervising user to which the oversight is assigned;
identify, at the second location and for execution at the first location, a set of instructions associated with the current state of the process-based operation at the first location as provided by the supervising user; and
send, via the communications module, a third signal including the set of instructions as provided by the supervising user to the first location.

US Pat. No. 10,367,821

DATA DRIVEN ROLE BASED SECURITY

MICROSOFT TECHNOLOGY LICE...

1. A computer system comprising:one or more hardware processors;
system memory coupled to the one or more hardware processors, the system memory storing instructions that are executable by the one or more hardware processors; and
the one or more hardware processors executing the instructions stored in the system memory to control performance of a requested user operation, including the following:
determine if the requested user operation can access data on behalf of a user based on user context associated with the user retrieved from an electronic data source, the user context identifying a location of an object representing the user relative to other objects within a hierarchical data structure, the hierarchical data structure organized at least in part based on an organizational structure of an organization;
use the user context to dynamically derive a role for the user, wherein dynamically deriving the role for the user includes using the user context to dynamically identify a direct report of the user;
access a control expression governing performance of the requested user operation for the derived role;
form a set of permissions for the user by evaluating the control expression using the user context and a data context for the data, the data context including information in addition to or other than the data, and wherein forming the set of permissions for the user includes evaluating a location of the data in the hierarchical data structure;
determine authorization of the user to perform the requested user operation from the set of permissions; and
perform the requested user operation according to the determined authorization of the user.

US Pat. No. 10,367,818

RESPONSE TO A MACHINE-READABLE LINK

Hewlett-Packard Developme...

1. A method comprising:receiving, by a system, a user identifier and a link identifier to identify a machine-readable link in an image captured by a first device of a user;
determining, by the system, whether the user identifier indicates that the user is an administrator having an administrative privilege with respect to the machine-readable link or that the user is a consumer having a consumption privilege with respect to the machine-readable link;
in response to determining that the user identifier indicates that the user is the consumer, sending, by the system to the first device, content associated with the machine-readable link for viewing by the user on the first device; and
in response to determining that the user identifier indicates that the user is the administrator, sending, by the system to the first device, a response containing information to allow performance of management with respect to the content associated with the machine-readable link, and permitting the user to change the content associated with the machine-readable link that is viewed by the consumer.

US Pat. No. 10,367,817

SYSTEMS AND METHODS FOR CHALLENGELESS COAUTHENTICATION

University of South Flori...

1. A method of authentication, the method comprising:receiving, at an authenticator, an authentication request to access a resource, wherein the authentication request is generated by a requestor;
receiving, at a collaborator, a verification request to access the resource,
wherein the verification request is generated by the requestor and received from the requestor;
generating, at the collaborator, a participation message, wherein the participation message is generated in response to the verification request to access the resource received from the requestor and wherein the participation message is not generated in response to a challenge generated by the authenticator:
receiving, at the authenticator, the participation message generated by the collaborator in response to the verification request to access the resource generated by the requestor;
analyzing, at the authenticator computing device, the authentication request to access a resource and the participation message to determine whether the requestor should be granted access to the resource; and
granting the requesting user access to the resource when it is determined that the requesting user should be granted access to the resource based upon the analysis of the authentication request to access a resource and the participation message.

US Pat. No. 10,367,815

PROTECTING SENSITIVE INFORMATION FROM A SECURE DATA STORE

Sophos Limited, Abingdon...

1. A method of protecting stored information, the method comprising:storing a security policy for controlling access by a network endpoint to an encrypted remote data store, the security policy requiring a data store connected to the network endpoint to meet one or more security requirements for identification as a secure data store, the one or more security requirements including a requirement that the data store connected to the network endpoint be encrypted;
receiving an indication at a threat management facility that a first endpoint has access to the encrypted remote data store;
auditing the first endpoint to determine whether a security parameter of a first data store connected to the first endpoint is compliant with the one or more security requirements for identification as a secure data store;
when the security parameter of the first data store is compliant with the one or more security requirements for identification as a secure data store, permitting dissemination of data from the encrypted remote data store to the first endpoint; and
when the security parameter of the first data store is not compliant with at least one of the one or more security requirements, causing the first endpoint to implement an action by the first endpoint to regulate dissemination of data from the encrypted remote data store to the first endpoint.

US Pat. No. 10,367,814

ENABLING USER ENTROPY ENCRYPTION IN NON-COMPLIANT MOBILE APPLICATIONS

Citrix Systems, Inc., Fo...

1. A method comprising:initializing, by a processor of a mobile device, a background process of a mobile application executing on the mobile device, wherein said initializing is in response to the mobile device being powered on, and without receiving user input indicating a request to initiate the mobile application;
determining, by the processor of the mobile device, that the background process associated with the mobile application is automatically making an initial request to access to an encrypted resource;
determining, by the processor of the mobile device, whether the mobile application has been secured with user input authentication information; and
responsive to determining, by the processor, that the background process has made the initial request and that the mobile application has not been secured:
suspending, by the processor of the mobile device, prior to receiving the user input indicating the request to initiate the mobile application, and prior to receiving the user input authentication information, the background process until the mobile application has been secured, wherein suspending the background process comprises an initial suspension of the background process and occurs prior to receiving an initial authentication attempt corresponding to the user input authentication information, wherein suspending the background process comprises suspending one or more components if the mobile application configured to access encrypted resources while allowing other components of the mobile application to continue to operation;
and transmitting, by the processor of the mobile device, a request to a mobile application management agent to secure the mobile application using the user input authentication information.

US Pat. No. 10,367,813

DISTRIBUTED AUTHENTICATION WITH THRESHOLDS IN IOT DEVICES

McAfee, LLC, Santa Clara...

1. A non-transitory computer readable medium comprising instructions which, when executed, cause at least one host device processor to at least:determine a processing resource of a child device operably coupled to the at least one host device processor;
derive simplified authentication data from sensor data from the child device, the simplified authentication data able to be processed by the processing resource of the child device to authenticate a user of the child device without analysis of the sensor data by the at least one host device processor;
store the simplified authentication data in an authentication profile for the child device; and
transmit the simplified authentication data to the child device, wherein the simplified authentication data is to allow the child device to authenticate the user without the at least one host device processor,
wherein the simplified authentication data stored in the authentication profile for the child device is to be updated by the at least one host device processor based on a change in the sensor data, the updated simplified authentication data to be provided to the child device to authenticate the user.

US Pat. No. 10,367,810

ELECTRONIC SUBSCRIBER IDENTITY MODULE (ESIM) INSTALLATION AND TESTING

Apple Inc., Cupertino, C...

1. A method comprising:at an embedded Universal Integrated Circuit Card (eUICC):
in a first installation session, installing to a memory of the eUICC an eSIM based on an eSIM package received from an eSIM server;
in a second installation session:
bypassing an authentication of the eSIM server; and
installing to the memory the eSIM based on the eSIM package captured by test equipment.

US Pat. No. 10,367,809

DEVICE REGISTRATION, AUTHENTICATION, AND AUTHORIZATION SYSTEM AND METHOD

Level 3 Communications, L...

1. A system, comprising:a server comprising at least one processor to:
receive a registration request, the registration request comprising a representation of a username and a password;
verify the username and the password and transmit a one-time-use password;
receive the one-time-use password and first device identifier information from a mobile computing device;
receive an access request from the mobile computing device comprising the representation of the username and the password, second device identifier information, and application key information;
verify the username, the password, the second device identifier information, and the application key information at the server, and transmit a token to the mobile computing device;
receive a resource request from the mobile computing device comprising the token and third device identifier information;
verify the token and the third device identifier information; and
transmit information associated with the resource request to the mobile computing device.

US Pat. No. 10,367,807

SECURELY SHARING CONFIDENTIAL INFORMATION IN A DOCUMENT

International Business Ma...

1. A computer program product for securely sharing confidential information in a document, the computer program product comprising a computer readable storage medium having program code embodied therewith, the program code executable to:set, by a first computer, one or more confidential attributes of the confidential information in the document, the one or more confidential attributes including one or more visibility levels of the confidential information and one or more authorization levels of access to the confidential information;
create, by the first computer, metadata of the confidential information, the metadata including information of the one or more confidential attributes;
create, by the first computer, a first file including the confidential information and the metadata;
create, by the first computer, a second file including non-confidential information in the document and the metadata, the metadata in the second file being as a reference to the confidential information;
generate, by the first computer, a hash value from the second file;
request, by the first computer, a user of the first computer to enter a password;
determine, by the first computer, whether the user of the first computer enters the password;
create, by the first computer, a key for encryption, based on the hash value, in response to determining that the user of the first computer does not enter the password;
create, by the first computer, the key for the encryption, by combing the hash value and the password, in response to determining that the user of the first computer enters the password;
encrypt, by the first computer, with the key for the encryption, the confidential information to generate encrypted confidential information;
write, by the first computer, the encrypted confidential information into the first file;
wherein the confidential information in the first file is displayed by a second computer at a confidential information visibility level in accordance with an authorization level of an authorized user of the second computer; and
wherein the second file is displayed at a visibility level of showing no confidential information, wherein the second file is accessible by all users.

US Pat. No. 10,367,804

TRUST METRICS ON SHARED COMPUTERS

Facebook, Inc., Menlo Pa...

1. A method comprising:by a verification authority associated with a virtualized computing resource, receiving a request to access the virtualized computing resource, wherein the request comprises authentication data uniquely identifying a user associated with a client device, wherein the request was generated by the client device;
by the verification authority, accessing a social graph of the user associated with the client device to determine whether one or more social-networking users have previously accessed a shared device, and wherein the shared device is configured for use by a plurality of social-networking users;
by the verification authority, verifying the user associated with the client device is allowed to access the virtualized computing resource based on the authentication data received from the client device and information from the social graph indicating at least one or more of the social-networking users have previously accessed the shared device; and
by the verification authority, upon verifying the user associated with the client device is allowed to access the virtualized computing resource, sending a digital certification to the client device allowing the client device access to the virtualized computing resource.

US Pat. No. 10,367,803

MANAGED OPEN SOURCE MEDICAL DEVICES

1. A method of maintaining electronic access to a medical device, comprising:storing an application in code storage for the medical device,
storing one or more custodian certificates in certificate storage for the medical device,
receiving a signed request to update code for the application stored in the code storage for the medical device,
authenticating the signed update request with at least one of the stored custodian certificates,
adding a further custodian certificate to the certificate storage for the medical device,
authenticating the further custodian certificate based on at least one of the stored custodian certificates,
receiving an additional signed request to update code for the application stored in the code storage for the medical device, and
authenticating the additional signed update request with at least the added authenticated custodian certificate.

US Pat. No. 10,367,801

SYSTEMS AND METHODS FOR CREDENTIALING OF NON-LOCAL REQUESTORS IN DECOUPLED SYSTEMS UTILIZING A DOMAIN LOCAL AUTHENTICATOR

OPEN TEXT SA ULC, Halifa...

1. A system, comprising:a domain, including:
a processor coupled to a memory,
a set of resources,
the processor executing instructions implementing a local domain authenticator for:
providing a member credential to use in accessing the set of resources of the domain during a session,
authenticating the member credential associated with the domain; and
a remote authenticator, for:
providing the member credential to a non-local requestor which is not a member of the domain by:
receiving an authentication request from the non-local requestor outside the domain, wherein the request is to be authenticated for accessing the set of resources,
authenticating the non-local requestor using the authentication request, wherein authenticating the non-local requestor comprises establishing a secure channel with the non-local requester based on a unique previously provisioned domain key associated with both that domain and the non-local requestor,
accessing the local domain authenticator to obtain the member credential associated with the domain, and
providing the member credential to the non-local requester, wherein the non-local requester can access the set of resources of the domain during a session maintained between the non-local requester and the domain using the member credential and authentication of an access of the non-local requester to the set of resources during the session is performed using the local domain authenticator and the member credential.

US Pat. No. 10,367,800

LOCAL DATA AGGREGATION REPOSITORY

MX TECHNOLOGIES, INC., L...

1. An apparatus comprising:a hardware device comprising a local repository of data aggregated, for a user, from a plurality of third party service providers;
the hardware device comprising a local authentication module configured to secure, on the hardware device, the aggregated data and electronic credentials of the user for the plurality of third party service providers; and
the hardware device comprising an interface module configured to provide access controls to the user, the access controls defining which of a plurality of other third party service providers the user authorizes to access the aggregated data, and to provide the aggregated data to the authorized other third party service providers.

US Pat. No. 10,367,797

METHODS, SYSTEMS, AND MEDIA FOR AUTHENTICATING USERS USING MULTIPLE SERVICES

The Trustees of Columbia ...

1. A method for authenticating a user using multiple services, the method comprising:receiving, from a client device, first user-entered credentials for a target service account;
authenticating the target service account based on the first user-entered credentials;
issuing a redirecting request that directs the client device to at least one vouching service in response to authenticating the target service account;
receiving a vouching response indicating that the client device has authenticated a vouching service account with the at least one vouching service by providing second user-entered credentials to the vouching service, wherein the vouching response includes a vouching token, and wherein the second user-entered credentials are different from the first user-entered credentials;
determining, using a hardware processor, whether the vouching service account is associated with the target service account based on the vouching token; and
providing the client device with access to the target service account in response to (1) authenticating the target service account based on the first user-entered credentials, (2) receiving the vouching response indicating that the client device has authenticated the vouching service account with the at least one vouching service, and (3) determining that the vouching service account is associated with the target service account.

US Pat. No. 10,367,794

METHOD AND APPARATUS FOR SECURING A SENSOR OR DEVICE

1. An apparatus comprising:a. a sensor/device network system for communicating with at least one sensor/device;
b. the said sensor/device configured to store one or more encryption keys;
c. an IOT Equipment Registry (IER) database configured to store one or more encryption keys for the said sensor/device;
d. an IOT Access Node (IAN) configured to permit the said sensor/device access to the said sensor/device network;
e. the said sensor/device configured to generate a registration message encrypted with an encryption key from the pre-stored list, the said registration message containing at least a manufacturing serialized number;
f. the said IOT Access Node (IAN) configured to recognize the said message as a registration message;
g. additionally the said IOT Access Node (IAN) configured to forward said registration message to the said IOT Equipment Registry (IER) database;
h. the said IOT Equipment Register (IER) database including a decryption unit including a decryption method for the said registration message using said pre-stored encryption keys;
i. the said IOT Equipment Registry (IER) database including a validation unit to verify the said manufacturing serialized number and the said encryption key;
j. the said IOT Equipment Registry (IER) database further configured to forward a set of said stored encryption keys for the said sensor/device to the said IOT Access Node (IAN); and
k. the said IOT Equipment Registry (IER) database configured to return a registration acknowledgement message to the said sensor/device.

US Pat. No. 10,367,791

RESOURCE LOCATORS WITH KEYS

Amazon Technologies, Inc....

1. A method, comprising:receiving a request for information from a user, the request including a uniform resource locator comprising a first cryptographic key, a portion signed with the first cryptographic key, and an unsigned portion; and
providing access to the information to the user based, at least in part, on the first cryptographic key and on information in the unsigned portion modified by a third party without affecting validity of the signed portion.

US Pat. No. 10,367,790

EFFICIENT SENSOR DATA DELIVERY

International Business Ma...

1. A method comprising:compressing a batch of messages having a message pattern to create a set of compressed messages, the messages including sensor event data;
associating a first batch metadata with the set of compressed messages, the first batch metadata describing how the set of compressed messages is formatted;
applying a security operation to the set of compressed messages to create a set of secured messages;
updating the first batch metadata with security operation information to create a second batch metadata; and
associating the second batch metadata with the set of secured messages;
wherein:
the message pattern for each message in the batch of messages is the same.

US Pat. No. 10,367,789

DATA SYNCHRONIZATION METHOD AND APPARATUS

Alibaba Group Holding Lim...

1. A method for synchronizing data between a first system and a second system in a first device, the method comprising:retrieving data from a storage area corresponding to the first system;
sending the data to a second device for the second device to process the data;
upon receiving processed data returned from the second device:
temporarily storing the processed data in another storage area independent from the storage area corresponding to the first system and a storage area corresponding to the second system,
starting the second system and causing the first system to hibernate, and
storing, through the second system, the processed data into the storage area corresponding to the second system;
determining a last storage time when the processed data returned from the second device is stored into the storage area corresponding to the second system; and
determining that a period of time from the last storage time to a current time exceeds a set threshold.

US Pat. No. 10,367,787

INTELLIGENT FIREWALL ACCESS RULES

McAfee, LLC, Santa Clara...

1. A machine readable storage device or storage disk comprising instructions that, when executed, cause a firewall device to at least:create a dynamic object for a firewall rule, the dynamic object to define a variable set of devices that satisfy a plurality of conditions included in the dynamic object, the dynamic object to be created by:
accessing device data from a real-time data source external to the firewall device;
analyzing the device data from the real-time data source to determine information identifying a first set of devices that satisfy a first one of the plurality of conditions included in the dynamic object; and
populating the dynamic object with the information identifying the first set of devices that satisfy the first one of the plurality of conditions;
evaluate the dynamic object for a first device associated with first network traffic to determine whether to apply the firewall rule to the first network traffic, the dynamic object to be evaluated for the first device based on the information populated in the dynamic object;and
when the firewall rule is to apply to the first network traffic, at least one of block, permit, rate limit, quarantine or capture the first network traffic in accordance with the firewall rule.

US Pat. No. 10,367,786

CONFIGURATION MANAGEMENT FOR A CAPTURE/REGISTRATION SYSTEM

McAfee, LLC, Santa Clara...

1. At least one non-transitory machine-readable storage medium comprising executable instructions that when executed, cause at least one processor to:distribute, to a distributed capture system, a rule defining an action for the distributed capture system to perform regarding packets intercepted by the distributed capture system;
store the rule in a memory element, wherein the memory element is a configuration database including rules stored therein to be selectively distributed to a plurality of distributed capture systems, wherein the distributed capture system is associated with registered objects, each of the registered objects indicated by a respective signature and a respective object identifier that collectively form a searchable key, wherein the action is based on a particular one of the registered objects and content of an intercepted object provided in the packets, and wherein the particular registered object is to be identified, at least in part, by one or more signatures, which can be compared against signatures derived from the intercepted object; and
distribute a plurality of crawler tasks in a network that includes the distributed capture system, wherein the crawler tasks are to search for rule violations within resting objects on the network that are not being transmitted over a network connection.

US Pat. No. 10,367,783

MECHANISM FOR OPTIMIZED CUSTOMER MAC ADDRESS FLUSHING IN PBB-EVPN

CISCO TECHNOLOGY, INC., ...

1. A method comprising:detecting, at a first provider edge (PE) device, at least one failed Ethernet virtual circuit (EVC) on a first interface;
identifying from a plurality of service instances configured on the first interface, at least one service instance from the plurality of service instances that is associated with the at least one failed EVC, wherein the at least one service instance is associated with a plurality of customer edge devices with at least one address; and
sending, to a second PE device, a message that identifies the at least one service instance,
wherein the message causes the second PE device to remove at least address belonging to the plurality of customer edge devices associated with the at least one service instance.

US Pat. No. 10,367,782

SERIAL BUS AUTO-ADDRESSING

Elmos Semiconductor AG, ...

1. A method for controlling a serial data bus system comprising:a bus line;
a bus master connected to the bus line; and
a plurality of bus nodes serially connected to the bus line; wherein the plurality of bus nodes includes:
at least two addressable bus nodes configured to receive addresses in an addressing phase; and
zero or more standard bus nodes having respectively already fixed addresses;
wherein the method includes the addressing phase for assigning addresses to at least one of the at least two addressable bus nodes, and an operating phase for operating the serial data bus system after termination of the addressing phase;
wherein, in the addressing phase, at least two of the plurality of bus nodes are operative to feed into the bus line a respective current flowing to the bus master, and the plurality of bus nodes includes:
a first bus node, connected to the bus line at a site upstream from, and closest to the bus master;
a last bus node, connected to the bus line at a site upstream from, and farthest from the bus master; and
zero or more middle bus nodes, connected to the bus line in between the first bus node and the last bus node;
wherein:
each of the at least two addressable bus nodes is configured to receive a respective address assigned from the bus master during the addressing phase and comprises a respective current measurement circuit adapted to be switched into the bus line and a respective controllable bypass switch connected in parallel to the respective current measurement circuit, and,
each of the zero or more standard bus nodes has the respective address that is fixed prior to performing the addressing phase,
wherein, in the method;
in the addressing phase, the respective address is assigned to the at least one of the at least two addressable bus nodes in an open state of the respective controllable bypass switch, and
in the operating phase, the respective current measurement circuit of the at least one addressed addressable bus node is bypassed by closing the respective controllable bypass switch.

US Pat. No. 10,367,779

METHOD AND CLIENT TERMINAL FOR PROMPTING INSTANT COMMUNICATION MESSAGE

Alibaba Group Holding Lim...

1. A method implemented by a computing device, the method comprising:receiving a new instant message at the computing device; and
enhancing privacy of the new instant message by:
determining a message type based at least in part on the new instant message, the determined message type including at least one of a normal message type or a special message type;
invoking a corresponding way of prompting based at least in part on the determined message type, the corresponding way of prompting comprising a first way of prompting or a second way of prompting, the second way of prompting being different from the first way of prompting, the first way of prompting comprising setting a first prompting indicator at a first predetermined position of an interface image, and the second way of prompting comprising setting a second prompting indicator at a second predetermined position of the interface image, wherein the second prompting indicator is different from the first prompting indicator, the second predetermined position covering at least a part of the first predetermined position;
rendering the first prompting indicator at the interface image to have a first style in response to determining that the new instant message corresponds to the normal message type; and
rendering the second prompting indicator at the interface image to have a second style in response to determining that the new instant message corresponds to the special message type.

US Pat. No. 10,367,776

RESPONSE STATUS MANAGEMENT IN A SOCIAL NETWORKING ENVIRONMENT

International Business Ma...

1. A computer-implemented method for response status management in a social networking environment, the method comprising:detecting, in the social networking environment, a message from a source user to a recipient user;
detecting, in the social networking environment, a calendar-oriented request from the source user to the recipient user;
detecting, in the social networking environment, an information-oriented request from the source user to the recipient user;
detecting, in the social networking environment, an approval-oriented request from the source user to the recipient user;
identifying, related to the recipient user, a set of message response actions;
identifying, related to the recipient user, a set of accessed information in response to detecting the message;
identifying, related to the recipient user, a set of recipient user activities in response to detecting the message;
monitoring, related to the recipient user, the set of message response actions using a set of sensor devices;
determining, based on the set of message response actions, a response status;
determining, based on the set of message response actions, a nature of a set of response operations;
determining, based on the set of message response actions, an anticipated response;
determining, based on the set of message response actions, an expected response timeline;
providing, to the source user, an indication of the response status;
providing, to the source user, a still image indicator which indicates the response status;
providing, to the source user, a video indicator which indicates the response status;
providing, to the source user, an audio indicator which indicates the response status; and
providing, to the source user, a tactile indicator which indicates the response status.

US Pat. No. 10,367,775

CONVERTING ELECTRONIC MESSAGES TO MESSAGE POSTS

Google LLC, Mountain Vie...

1. A computer-implemented method, comprising:receiving an electronic message at a first device, originating from a server, designated for one or more recipients in a first system;
automatically determining, in response to receiving the electronic message at the first device, that the one or more recipients are members of an online social network and members of a specific subset of users of the online social network;
automatically prompting a sender of the electronic message for a confirmation to post at least a portion of the electronic message, wherein the sender is operating a second device different from the first device and the server;
based on determining that the one or more recipients are members of the specific subset of the social network and receiving an indication of the confirmation, converting the at least a portion of the electronic message to a message post;
providing, for a second system associated with the online social network, the message post to a message stream associated with at least one of the one or more recipients with visibility to members of the specific subset; and
upon receiving a reply, prompting a replying recipient for a confirmation to post the reply to the message stream, wherein at least a portion of the reply is provided to the message stream as a reply post upon receiving the confirmation to post the reply.

US Pat. No. 10,367,774

METHODS, SYSTEMS, AND DEVICES FOR ENRICHING MICROBLOG PAGE

Tencent Technology (Shenz...

1. A server for providing an enriched message in a microblog page, comprising:a processor-readable storage medium comprising a set of instructions for providing an enriched message in an online social platform; and
a processor in communication with the processor-readable storage medium, configured to execute the set of instructions to:
provide a page of the online social platform on a terminal of a user, the page being displayed in a timeline format;
provide an enriched message associated with an interactive application in the timeline,
wherein the enriched message is configured to direct the terminal to present the interactive application in the timeline when the user clicks the enriched message; and
perform the following at an interval of predetermined duration:
determining whether the enriched message meets a predetermined content security requirement,
in response to determining that the enriched message does not meet the predetermined content security requirement, setting the enriched message in a reviewed state and prohibiting presentation of the enriched message on the online social platform, and
when a number of enriched messages corresponding to the interactive application that initially met the predetermined content security requirement and was accepted by the online social platform but later fail to meet the predetermined content security requirement is greater than a preset threshold, stop accepting any further enriched message associated with the interactive application.

US Pat. No. 10,367,773

SOCIAL NETWORK BASED ON GPS AND OTHER NETWORK CONNECTIONS

1. A computer-implemented system for interactively providing information to user in a social GPS environment, comprising:a server;
a plurality of user devices, wherein each of the plurality of user devices comprises a beacon installed therein; the plurality of user devices at least includes a first user device and a second user device and
a network communicating with the server and the plurality of user devices;
wherein each beacon emits a beacon signal of user location information to the server via the network when the each beacon is turned on,wherein the server receives a first beacon signal of a first user location information from a first beacon of the first user device and a second beacon signal of a second user location information from a second beacon of the second user device via the network or from a GPS system via a GPS network, and the first user device emits a first message along with the first beacon signal of user location information to the server, and the first message indicates that the second user device receives the first user location information of the first user device, and the server sends a second message to the second user device to share the first user location information of the first user device on a social GPS on the second user device; and a visibility of the each beacon is set at a street level, at a city level or not visible on the plurality of user devices;wherein the second message is accepted via the network by the second user device, the second beacon of the second user device is turned on and the second user location information of the second user device is shared with the first user device by the network, and the second beacon of the second user device is turned off by deleting the second message.

US Pat. No. 10,367,771

IDENTIFYING COMMUNICATION PARTICIPANTS TO A RECIPIENT OF A MESSAGE

Dropbox, Inc., San Franc...

1. A method comprising:receiving, at a management server, a first message to a first conversation among a first set of relevant participants, from an electronic messaging service, to be delivered to a client device of a client user, the message including identifying information of a sender;
receiving, at the management server, a second message to a second conversation among a second set of relevant participants, from the electronic messaging service, to be delivered to the client device of the client user, the message including the identifying information of the sender, wherein the second conversation and the first conversation are at least partially contemporaneous;
generating, by the management server, a first graphical user interface (GUI) comprising the first message and a first default display name of the sender for the first conversation, based at least in part on the identifying information of the sender, by:
extracting the identifying information of the sender;
generating a first initial default display name for the sender, based on the extracted identifying information of the sender;
determining that the first initial default display name does not uniquely identify the sender within the first set of relevant participants to the first conversation;
generating one or more first candidate alternative display names based on corresponding one or more rules by appending one or more additional characters to the first initial default display name that uniquely identifies the sender within the first set of relevant participants to the first conversation;
identifying first candidate alternative display name that is a shortest among the one or more first candidate alternative display names;
assigning, as the first default display name, the shortest first candidate alternative display name; and
populating the first default display name in a first sender display name field of the first message on the first GUI; and
generating, by the management server, a second GUI comprising the second message and a second default display name of the sender for the second conversation, based at least in part on the identifying information of the sender, by:
generating a second initial default display name for the sender, based on the extracted identifying information of the sender;
determining that the second initial default display name uniquely identifies the sender within the second set of relevant participants to the second conversation;
assigning, as the second default display name, the second initial default display name, wherein the second initial default display name does not uniquely identify the sender within the first set of relevant participants to the first conversation; and
populating the second default display name in a second sender display name field of the second message on the second GUI; and
transmitting, by the management server, the first GUI comprising the first message and the first default display name field, and the second GUI comprising the second message and the second default display name, to the client device of the client user.

US Pat. No. 10,367,769

PROCESSING OF EMAIL BASED ON SEMANTIC RELATIONSHIP OF SENDER TO RECIPIENT

International Business Ma...

1. A computer system comprising:a processor in communication with memory;
an application in communication with the processor, the application to:
specify a source of semantic data; and
construct a set of electronic mail processing rules for the specified source, including a first set of rules and a second set of rules, the first sets based on an internal relationship to an organization and a second set based on an external relationship to the organization;
a manager in communication with the processor, the manager to:
receive an electronic mail message;
process the received message based upon the constructed sets of rules, wherein the sets of rules is based upon a semantic relationship derived from the received message, and wherein processing the received message comprises the manager to:
ascertain a property derived from the received message, and apply the first set of rules to the ascertained property;
in response to determining that the ascertained property is associated with the first set of rules, process the received message corresponding to at least one rule in the first set of rules; and
in response to determining that the ascertained property is not associated with the first set of rules, process the received message corresponding to at least one rule in the second set of rules; and
communicate the received message to a recipient based on at least one rule.

US Pat. No. 10,367,767

MODULAR INBOX AND GENERATION OF CONTENT MODULES

FACEBOOK, INC., Menlo Pa...

1. A method, comprising:presenting a module in an inbox interface for a messaging service, the module configured to share one or more content items from a social networking service from a sharer with a plurality of receiving users connected to the sharer in the messaging service, the module displayed in a portion of the inbox interface distinct from a portion of the inbox interface that provides message or message thread presentation features;
ranking the one or more content items and presenting the one or more content items in the module in ranked order;
receiving, through the module, a selection of a content item from the one or more content items;
analyzing the selected content item to determine an identity of the content item;
programmatically selecting, from among a set of users connected to the sharer in the messaging service, one or more recommended users predicted to have an interest in the content item, the selecting performed based on the analyzing; and
displaying the recommended users in the inbox interface;
receiving, through the module, a selection of one or more of the recommended users; and
sharing the content item with the one or more selected users through the messaging service.

US Pat. No. 10,367,765

USER TERMINAL AND METHOD OF DISPLAYING LOCK SCREEN THEREOF

SAMSUNG ELECTRONICS CO., ...

1. A method of displaying a lock screen on a user terminal device comprising communication circuitry, a display, a memory, and a processor, the method comprising:storing, by the processor, a list including at least one friend user in the memory, wherein the at least one friend user is a friend of a user of the user terminal device;
receiving, via the communication circuitry, a message, the message including content capable of being reproduced;
determining whether a user who provided the message is a friend user included in the list;
if the user who provided the message is a friend user, displaying, under control of the processor, a lock screen on the display while the user terminal device is locked, the lock screen comprising information indicative of the content included in the received message, a first user interface element, and a second user interface element;
when a user input signal is received via the first user interface element, executing, by the processor, an application for reproducing the content, and displaying reproduced content on the lock screen while the user terminal device is locked; and
when a user input signal is received via the second user interface element on the lock screen, initiating, by the processor, unlocking of the locked user terminal device.

US Pat. No. 10,367,762

WIRELESS FLIGHT ATTENDANT PANELS

Airbus Operations GmbH, ...

1. An adapter for tapping into an aircraft panel network, the adapter comprising:a first connector configured to connect to a flight attendant panel (FAP) connector;
a second connector configured to connect to a server connector;
a third connector configured to connect to a wireless access point; and
a housing to which the first, second and third connectors are mounted, wherein the housing accommodates power and data connections between the first and second connectors as well as a panel network access connection line between the first connector and the third connectors, thereby enabling connection of the panel network to a wireless access point;
wherein the housing comprises an elongate extension tab formed integrally therewith for highlighting installation of the adapter to flight operatives.

US Pat. No. 10,367,761

COORDINATED CHANNEL SWITCH TIMING AND TRANSMISSIONS IN NEIGHBORHOOD AWARENESS NETWORKS

Intel IP Corporation, Sa...

1. A device, the device comprising a memory and processing circuitry configured to:receive a data path setup request frame from a second device, wherein the data path setup request frame comprises a first device capability attribute that includes a channel switch time (CST) parameter;
cause to send a data path setup response frame, wherein the data path setup response frame comprises a second device capability attribute that includes the CST parameter;
cause to establish a first communication with the second device on a first channel;
cause to establish a second communication with the second device on a second channel at a first time;
cause to wait at least for a duration specified by the CST parameter; and
cause to send data to the second device over the first channel or the second channel based at least in part on the CST parameter.

US Pat. No. 10,367,758

MERGING READ REQUESTS IN NETWORK DEVICE ARCHITECTURE

Marvell World Trade Ltd.,...

1. A network device, comprising:a packet memory configured to store packet data corresponding to a multicast (MC) packet received by the network device from a network link;
a packet processor configured to at least to determine two or more ports via which the MC packet is to be transmitted from the network device; and
a memory controller device coupled to the packet memory, the memory controller device configured to
buffer received read requests in a read request buffer until the packet memory is available for servicing the read requests, wherein the read request buffer includes a plurality of entries for storing respective indications of client devices from which read requests were received by the memory controller device,
determine that two or more pending read requests received by the memory controller device are to read packet data from a particular memory location in the packet memory,
in response to the determining, merge the two or more read requests into a single read request that is stored in a single entry of the pending read request buffer,
in response to the determining, read the packet data a single time from the particular memory location, and
provide respective instances of the packet data read from the particular memory location to respective two or more read client devices for subsequent transmission of the packet data via the two or more ports determined by the packet processor.

US Pat. No. 10,367,757

EXTENSION OF NETWORK CONTROL SYSTEM INTO PUBLIC CLOUD

NICIRA, INC., Palo Alto,...

1. For a first network controller that manages a logical network implemented on data compute nodes assigned to a particular tenant in a public multi-tenant datacenter comprising forwarding elements to which the first network controller does not have access, a method comprising:identifying a first data compute node of the data compute nodes assigned to the particular tenant in the public multi-tenant datacenter that is configured to execute a second network controller; and
distributing configuration data defining the logical network to the first data compute node,
wherein the second network controller executing at the first data compute node distributes sets of the configuration data to a plurality of local agents executing on additional data compute nodes of the data compute nodes assigned to the particular tenant in the public multi-tenant datacenter that send and receive messages through the logical network, wherein both a managed forwarding element and a local agent execute on each of the additional data compute nodes, each local agent on a particular data compute node of the additional data compute nodes for receiving one of the sets of configuration data from the second network controller and configuring the managed forwarding element on the particular data compute node to implement the logical network according to the received set of configuration data.

US Pat. No. 10,367,756

PROGRAMMABLE LOGIC DEVICE WITH INTEGRATED NETWORK-ON-CHIP

Altera Corporation, San ...

1. A programmable integrated circuit comprising:a plurality of Network-on-Chip stations, wherein each Network-on-Chip station of the plurality of Network-on-Chip stations receives a clock input and comprises a hard-IP interface, wherein the hard-IP interface comprises:
a bidirectional connection to a local logic area of the programmable integrated circuit; and
a plurality of bidirectional connections to respective neighbor Network-on-Chip stations of the programmable integrated circuit; and
a user-programmable soft-IP interface configured to:
determine a first bidirectional connection of the plurality of bidirectional connections to send data;
configure the hard-IP interface to send data on the first bidirectional connection; and
regulate flow of the data based at least in part on a packet dropping probability Quality-of-Service constraint.

US Pat. No. 10,367,754

SHARING DUTY CYCLE BETWEEN DEVICES

Intel Corporation, Santa...

1. An apparatus, comprising an internet-of-things (IoT) device, comprising:a cloud radio transceiver to send data to a cloud connection over a first frequency;
a mesh transceiver to communicate with a mesh network over a second frequency;
a duty cycle calculator to determine if a duty cycle for transmissions from the cloud radio transceiver is nearing a limit, wherein the duty cycle calculator is to activate the mesh transceiver if the duty cycle remaining is greater than a preset limit and a state of charge of a battery to power the IoT device is greater than a threshold; and
a data offloader to send data from the IoT device to a sending device in the mesh network capable of receiving the data and sending the data on to the cloud connection.

US Pat. No. 10,367,753

VIRTUAL NETWORK INTERFACE RECORDS

Amazon Technologies, Inc....

1. A system, comprising:a virtualization coordinator implemented by one or more computers, and
a service platform comprising one or more physical compute or storage resources and a network card;
wherein the virtualization coordinator is configured to:
generate a first interface record, wherein the first interface record comprises (a) a first subnet identifier of a first subnet, and (b) a first Internet Protocol (IP) address within the first subnet;
generate a second interface record, wherein the second interface record comprises (a) a second subnet identifier of a second subnet, and (b) a second IP address within the second subnet;
store the first and the second interface record in a repository; and
initiate, in response to one or more programmatic requests, one or more configuration operations to attach the first or second interface record stored in the repository to a particular resource instance such that the particular resource instance is enabled to receive network traffic directed at the first or second IP addresses, wherein the particular resource instance is resident at least in part at the service platform;
wherein the one or more configuration operations are initiated prior to a completion of an activation of the particular resource instance.

US Pat. No. 10,367,752

DATA PACKET MANAGEMENT IN A MEMORY CONSTRAINED ENVIRONMENT

International Business Ma...

1. A computer-implemented method for data packet management in a memory-constrained environment, the memory-constrained environment including a distributed device driver environment, the method comprising:receiving, by a first device that is a self boot engine (SBE), the first device including a memory component having an actual memory size which is less than a threshold memory size, a data packet containing a command;
processing, by the first device using the command, the data packet;
loading, in the memory component by the first device, a first portion of processed data;
communicating, by the first device to a second device that is a service processor (SP), the first portion of processed data;
loading, in the memory component by the first device, a second portion of processed data, wherein a combined size of the first and second portions of processed data exceeds the actual memory size;
communicating, by the first device to the second device, the second portion of processed data;
loading, in the memory component by the first device, a trailer;
communicating, by the first device to the second device, the trailer;
detecting, with respect to processing the data packet, an error event; and
constructing, in response to detecting the error event and in advance of communicating, the trailer, the trailer configured to indicate the error event through the inclusion of packet size information, synchronization data, packet number, communication protocol, destination address, originating address, error severity, error date and evaluation report information within the trailer.

US Pat. No. 10,367,751

DISTRIBUTING AND RATE LIMITING PACKETS AMONG MULTIPLE PATHS IN A SINGLE STAGE SWITCHING TOPOLOGY TO A REORDERING NODE

Cisco Technology, Inc., ...

1. A method, comprising:each particular distribution node of a plurality of distribution nodes distributing a different plurality of ordered packets among a plurality of packet switching devices arranged in a single stage topology to reach a reordering node, with each of the plurality of packet switching devices defining a different path between said particular distribution node and the reordering node;
the reordering node receiving said packets distributed by the plurality of distribution nodes and storing said packets in reordering storage in the reordering node;
in response to determining that an aggregation quantum of packets received from the plurality of distribution nodes via a particular packet switching device of the plurality of packet switching devices stored in said reordering storage is outside a range or value, rate limiting packets being communicated via the particular packet switching device to the reordering node, with the aggregation quantum including quantum of at least one packet received from each of the plurality of distribution nodes; and
the reordering node sending packets stored in said reordering storage from the reordering node in original orderings.

US Pat. No. 10,367,750

TRANSMISSION AND RECEPTION OF RAW VIDEO USING SCALABLE FRAME RATE

Mellanox Technologies, Lt...

1. An apparatus, comprising:an input interface, configured to receive a sequence of packets that carries a stream of video frames; and
transmit-side circuitry, which is configured to:
divide the sequence of packets into multiple interleaved sub-sequences, wherein each sub-sequence carries a respective sub-stream of the stream of video frames, and wherein at least one of the sub-streams is self-contained and viewable independently of any other sub-stream;
convert the multiple sub-sequences into multiple respective paced sub-sequences of packets, wherein each paced sub-sequence is identical in video content to the corresponding sub-sequence, but is longer in duration and has a smaller instantaneous bit-rate than the corresponding sub-sequence; and
transmit the multiple paced sub-sequences of packets to a communication network over respective, different packet flows.

US Pat. No. 10,367,749

AUTOMATICALLY CYCLING AMONG PACKET TRAFFIC FLOWS SUBJECTING THEM TO VARYING DROP PROBABILITIES IN A PACKET NETWORK

Cisco Technology, Inc., ...

1. A method, comprising:concurrently with repeatedly cycling through all of a plurality of packet flows by a network node, the network node processing a plurality of packets;
wherein each particular cycle of said cycling through all of the plurality of packet flows includes repeatedly selecting a current one or more selected packet flows of the plurality of packet flows causing all of the plurality of packet flows to be said selected as in the current one or more selected packet flows in said particular cycle, and with the current one or more selected packet flows being less than all of the plurality of packet flows;
wherein said processing the plurality of packets includes for each particular packet of the plurality of packets: forwarding said particular packet from a particular location within the network node when said particular packet is not in the current one or more selected packet flows at time of said processing said particular packet, and possible drop processing said particular packet when said particular packet is in the current one or more selected packet flows at time of said processing said particular packet; and
wherein said possible drop processing includes: making a packet dropping determination based on a current drop probability, dropping said particular packet in response to the packet dropping determination being to drop or not to forward, and forwarding said particular packet from the particular location in response to the packet dropping determination being not to drop or to forward.

US Pat. No. 10,367,747

FLOW CONTROLLER AUTOMATICALLY THROTTLING RATE OF SERVICE PROVIDED BY WEB API

International Business Ma...

1. A method, in a data processing system, for automatically throttling a rate of service provided by a Web application programming interface (API) for a software service, the method comprising:assigning, by a flow controller executing on the data processing system, a queue to each consumer within a plurality of consumers of the software service resulting in a plurality of consumer queues;
responsive to receiving a current request for the software service from a given consumer of the software service, adding, by the flow controller, the current request to a given queue within the plurality of consumer queues assigned to the given consumer; and
sending, by the flow controller, a next request from the given queue to the Web API based on a licensed rate of service of the given consumer, wherein sending the next request based on the licensed rate of service comprises:
setting, by the flow controller, a timer associated with the given queue based on the licensed rat of service of the given consumer; and
responsive to expiration of the timer, notifying the Web API that a request is ready in the given queue.

US Pat. No. 10,367,745

NETWORK-ON-CHIP WITH FIXED AND CONFIGURABLE FUNCTIONS

Altera Corporation, San ...

8. A Network-on-Chip (NoC) to be used in a programmable logic device, comprising:a plurality of nodes disposed in the programmable logic device that route configuration data within the programmable logic device;
a plurality of latches disposed in the programmable logic device coupled to the plurality of nodes;
a plurality of links disposed in the programmable logic device, wherein the plurality of nodes are communicatively coupled via the plurality of links; and
routing logic disposed in the programmable logic device coupled to the plurality of latches that sends routing values to the plurality of latches;
wherein the plurality of nodes:
in a first mode, dynamically routes a first set of configuration data within the programmable logic device based at least in part on available bandwidth in one or more links of the plurality of links in response to the plurality of latches storing an initial set of routing values;
stores the first set of configuration data as a desired routing pattern in the plurality of latches of the programmable logic device to enter a second mode; and
in the second mode, routes a second set of configuration data within the programmable logic device using the desired routing pattern stored in the plurality of latches.

US Pat. No. 10,367,744

SYSTEMS AND METHODS FOR NETWORK TRAFFIC ROUTING TO REDUCE SERVICE CONGESTION AT A SERVER

Symantec Corporation, Mo...

1. A computer-implemented method for network traffic routing to reduce service congestion at a server, at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising:receiving, by the computing device and from the cloud server, a traffic routing policy;
identifying, for a transaction and using at least one hook inserted into an operating system of the computing device, metadata describing a traffic type;
comparing the metadata with the traffic routing policy to determine the transaction is bypass traffic;
sending the bypass traffic from the computing device to a destination other than the cloud server via a private network; and
sending the metadata to the cloud server as feedback for developing an update to the traffic routing policy.

US Pat. No. 10,367,743

METHOD FOR TRAFFIC MANAGEMENT AT NETWORK NODE, AND NETWORK NODE IN PACKET-SWITCHED NETWORK

MITSUBISHI ELECTRIC CORPO...

1. A method for traffic management at a network node in a packet-switched network, the network node comprising at least one egress port for outputting packets belonging to a packet flow, and one or several ingress ports for receiving incoming packets of the packet flow, the method comprising: perform traffic shaping on a current packet belonging to the packet flow and stored in a memory queue associated with the packet flow, the traffic shaping comprising:if a theoretical reception time, TRT, value of the current packet is smaller than or equal to a time counter value, output the current packet through the egress port;
wherein the TRT value of the current packet is determined by performing traffic policing of incoming packets of the packet flow, using,
(a) when a previous packet of the packet flow received before the current packet has not been discarded by traffic policing, (i) a size of the previous packet, (ii) a transmission rate value associated with the flow, and,
(iii-1) if a TRT value of the previous packet is greater than an actual reception time, ART, value of the previous packet, using the TRT value of the previous packet, or
(iii-2) if the TRT value of the previous packet is not greater than the ART value of the previous packet, using the ART value of the previous packet, or,
(b) when the previous packet has been discarded by traffic policing, using the TRT value of the previous packet.

US Pat. No. 10,367,742

MULTI-SOLUTION BASED RADIO SYSTEM

Samsung Electronics Co., ...

1. A method of controlling a radio system, the method comprising:estimating a quality of service (QoS) with respect to a current solution of the radio system, using information about a channel state, a signal state, a performance when using the current solution, and a complexity measuring processing burden when using the current solution and a power consumption of a terminal with respect to the current solution;
determining whether the QoS satisfies a condition; and
changing a parameter to be applied to the current solution or changing the current solution to an alternative solution in response to determining that the estimated QoS does not satisfy the condition, by changing a parameter to be applied to the current solution or changing the current solution to an alternative solution using updated information about the channel state, the signal state, the performance when using the current solution, and the complexity measuring processing burden when using the current solution and the power consumption of a terminal with respect to the current solution, as feedback information,
wherein the parameter is changed to provide a QoS that is closest to the condition from available changes of the parameter, or the current solution is changed to the alternative solution to provide a QoS that is closest to the condition from available changes of the current solution,
wherein the channel state indicates an information about error and the performance is determined by a maximum cycle or an operation frequency of the radio system permitted for MIMO detection.

US Pat. No. 10,367,741

HIGH PERFORMANCE, SCALABLE MULTI CHIP INTERCONNECT

Mellanox Technologies, Lt...

1. A server node, comprising:a plurality of tiled compute nodes in a node stack topology, with multiple ones of the plurality of tiled compute nodes each comprising:
an array of interconnected tiles with each of the tiles including a processor and a switch with switches of the tiles configured to couple the array of interconnected tiles to network among the processors; and
switching circuitry configured to couple the plurality of tiled compute nodes to an external network, with the switching circuitry configured to provide network functions within the server node.

US Pat. No. 10,367,740

METHOD, SYSTEM AND APPARATUS FOR CONTROLLING FLOW DETECTION, CONTROLLER AND DETECTION DEVICE

HUAWEI TECHNOLOGIES CO., ...

1. A method for controlling flow detection, the method being applied to a network comprising a first detection device, a second detection device, and multiple switching devices, the first detection device being coupled to a first switching device of the switching devices, the second detection device being coupled to a second switching device of the switching devices, and the method comprising:acquiring, by a controller, at least two flows to be detected by the first detection device and at least one flow to be detected by the second detection device in the network, a first flow being transmitted from a source address to a destination address through the first switching device and the second switching device, and the first flow being comprised in the flows to be detected by the first detection device and being comprised in the flow to be detected by the second detection device;
deleting, by the controller according to a set load balancing policy, the first flow from the flows to be detected by the first detection device such that a difference between a number of flows to be detected by the first detection device and a number of the flows to be detected by the second detection device is less than before the deletion; and
delivering, by the controller, a detection instruction to the first detection device to instruct the first detection device to no longer detect traffic of the first flow that keeps being transmitted from the source address to the destination address through the first switching device and the second switching device, the detection instruction comprising a flow identifier of a flow to be detected by the first detection device after the deletion.

US Pat. No. 10,367,739

LOAD BALANCING AMONG ALTERNATIVE PATHS

Telefonaktiebolaget LM Er...

1. A method in a receiving node enabling redirecting of a flow of data packets in a transmitting node to a path of alternative paths, where each data packet is marked with a value indicating the importance of the data packet, the method comprising:receiving a first and a second amount of the data packets on a first and a second path, respectively, of the alternative paths;
determining a metric of congestion for each alternative path, based on the values indicating the importance of the data packets received on each alternative path; and
providing to the transmitting node the metric of congestion for each alternative path; wherein determining the metric of congestion for each alternative path comprises calculating a percentile of the value of importance of the first and second amount of data packets received during a pre-determined time interval on the first and the second path, respectively.

US Pat. No. 10,367,738

THROUGHPUT GUIDANCE BASED ON USER PLANE INSIGHT

NOKIA SOLUTIONS AND NETWO...

1. A method for providing throughput guidance in a throughput guidance entity arranged in a network between a server and user equipment that is downloading content from the server, the method comprising as performed by the throughput guidance entity:monitoring bandwidth available for the download on at least one of a per data bearer, per application or per transmission control protocol flow basis;
providing, on the basis of the monitoring, throughput guidance comprising information on the bandwidth available for the download to an entity configured to perform at least one of transmission control protocol optimization or content level optimization on the basis of the information, wherein the entity is the server or an adaptation gateway; and
providing to the entity, in addition to the throughput guidance, context information comprising information about other bearers, other applications, demand in a cell or demand at a base station.

US Pat. No. 10,367,737

ROUTING METHODS, SYSTEMS, AND COMPUTER PROGRAM PRODUCTS

SITTING MAN, LLC, Raleig...

1. A non-transitory computer-readable media storing computer instructions that; when executed by one or more processors of a first node in a network where the network further includes a previous node configured to utilize, for forwarding data toward the first node, a previous path segment identifier that identifies one of a particular network interface of the first node or a particular network interface of a particular node that relays the data forwarded by the previous node; cause the first node to:generate a first data structure identifying a mapping of a first path segment identifier to a first network interface that is included in the first node or that is included in a hop including an additional node reachable from the first node, where the first path segment identifier identifies a first path segment that is selected from a plurality of path segments based on at least one of a policy, a metric, or a routing table;
receive an incoming data packet with the data, and with a header including incoming network path information that includes the first path segment identifier as an active identifier in the incoming path information;
identify a second path segment identifier as the active identifier rather than the first path identifier in outgoing network path information for a header of an outgoing data packet, the outgoing data packet including the data; and
forward the outgoing data packet via the first network interface that is identified based on the first path segment identifier utilizing the mapping, wherein the second path segment identifier in the outgoing network path information identifies a second network interface of a different node in the network.

US Pat. No. 10,367,736

EXTENDED TAG NETWORKING

Cisco Technology, Inc., ...

1. A computer-implemented method for tag networking, the method comprising:determining that one or more network devices in a computer network are configured to handle a tag;
receiving, at the one or more network devices, a packet of a traffic flow, wherein the packet includes the tag located among data of the packet;
reading the packet to identify the tag that is located among the data of the packet;
performing a tag lookup to find logic that is associated with the tag; and
applying the logic to the packet in response to performing the tag lookup, wherein the logic includes instructions for carrying out a service of the network.

US Pat. No. 10,367,735

CLOUD PROVIDER CLASSIFICATION FOR DIFFERENT SERVICE DEPLOYMENT SCHEMES

Cisco Technology, Inc., ...

1. A method comprising:at a cloud provider to provide one or more services that are cloud-based to tenants of the cloud provider over a network, wherein each service is configured according to a respective one of multiple service deployment schemes:
maintaining, for each service, hierarchical classification information, including:
a scheme type to identify the respective service deployment scheme;
a three-tuple cloud identifier including a cloud identifier to identify the cloud provider, a service identifier to identify the service, and a tenant identifier to identify a tenant permitted access to the service; and
one or more scheme-specific service identifiers to identify components of the service; and
distributing the classification information within the cloud provider, including to the one or more services, to enable a respective tenant to exchange Internet Protocol (IP) packets with, and thereby access, a respective service and components of that service based on the classification information, wherein each IP packet includes, for the respective service, the scheme type, the cloud identifier, the service identifier, the tenant identifier of the respective tenant, and the one or more scheme-specific service identifiers.

US Pat. No. 10,367,733

IDENTIFIER-BASED VIRTUAL NETWORKING

Nicira, Inc., Palo Alto,...

17. A computer system comprising:a plurality of hosts, each having one or more virtual computing instances deployed thereon; and
a network hypervisor configured to carry out a method for processing packets based on unique identifiers associated with virtual machines by:
receiving, from a first virtual machine, a request for address information associated with a second virtual machine;
generating, by an identifier provider of a hypervisor coupled to a virtual switch, one or more arbitrarily assigned addresses for the second virtual machine;
returning, by the identifier provider, the one or more arbitrarily assigned addresses to the first virtual machine;
mapping a unique identifier of the second virtual machine to the one or more arbitrarily assigned addresses, wherein the unique identifier comprises information other than an IP address associated with the second virtual machine;
receiving a packet from the first virtual machine including one or more addresses associated with the first virtual machine and the one or more arbitrarily assigned addresses associated with the second virtual machine;
replacing, in the packet, the one or more addresses associated with the first virtual machine with a unique identifier of the first virtual machine and the one or more arbitrarily assigned addresses associated with the second virtual machine with the unique identifier of the second virtual machine; and
transmitting the packet to a host machine associated with the second virtual machine.

US Pat. No. 10,367,732

ROUTE CONTROL FOR INTERNET EXCHANGE POINT

FUTUREWEI TECHNOLOGIES, I...

1. A method for sending routing information in an Internet exchange point (IXP) network, comprising:receiving, by a server, first control information in a first message from a first IXP member via the IXP network, wherein the first control information comprises an identifier of a second IXP member, wherein the first IXP member is independent from the second IXP member, and wherein the identifier of the second IXP member uniquely identifies the second IXP member;
obtaining, by the server, first routing information from the first IXP member via the IXP network;
generating, by the server, second routing information based on the first routing information; and
sending, by the server, the second routing information to the second IXP member based on the identifier of the second IXP member carried in the first message received from the first IXP member.

US Pat. No. 10,367,730

LAYER TWO OVER MULTIPLE SITES

Futurewei Technologies, I...

1. A network comprising:a service network; and
a plurality of Layer 2 sites coupled to the service network via a plurality of gateways within the plurality of Layer 2 sites, wherein each of the plurality of gateways includes a Layer 2 interface for communicating with a plurality of switches within the plurality of Layer 2 sites,
wherein the service network is aware of addresses of the plurality of gateways within the plurality of Layer 2 sites and unaware of all addresses of the plurality of switches within the plurality of Layer 2 sites;
wherein the gateways are configured to:
map a plurality of Internet Protocol (IP) addresses of a plurality of hosts under a plurality of virtual local area networks (VLANs) in the plurality of Layer 2 sites to a plurality of addresses of corresponding other gateways,
inform the other gateways in other Layer 2 sites of the IP addresses mapped under each of the VLANs in local Layer 2 sites, and forward data frames originated from the plurality of hosts in the local Layer 2 sites to the other gateways in the other Layer 2 sites when destinations of the data frames are residing in the other Layer 2 sites,
maintain local hosts information tables for the local hosts in the same Layer 2 sites of the gateways, the local hosts information tables including a mapping of IP Address to a MAC address under each VLAN for each of the local hosts, and
wherein a host sends out one or more Address Resolution Protocol (ARP)/Neighbor Discovery (ND) requests to obtain a MAC address of another target host in another Layer 2 site.

US Pat. No. 10,367,728

METHODS FOR FORWARDING RULE HOPPING BASED SECURE COMMUNICATIONS

NETSIA, INC., Sunnyvale,...

1. A method as implemented in a sender host sending a packet flow to a receiving host via a software defined network (SDN), the method comprising the steps of:a. communicating with a controller in the SDN, using a control interface, and agreeing on a parametric function for altering one or more header fields in a header of a packet flow over time, wherein the controller also communicates the agreed upon parametric function with the receiver host of the packet flow, wherein the controller calculates new header fields using the agreed upon parametric function, alters forwarding rules and sends the forwarding rules to one or more forwarders in a route of the packet flow; and
b. sending the packet flow along the route in the SDN by altering one or more fields in the header of the packet flow based on the agreed upon parametric function.

US Pat. No. 10,367,727

METHOD FOR ROUTING IN A CENTRAL CONFERENCING ROUTING SERVER

Level 3 Communications, L...

1. A method of designating a master conferencing routing server from a plurality of collaboration routing servers, the method comprising:receiving a first total number of conference bridges to which a first collaboration conferencing routing server of the plurality of collaboration conferencing routing servers is locally connected;
receiving a second total number of conference bridges to which a second collaboration conferencing routing server of the plurality of collaboration conferencing routing servers is locally connected;
designating the master conferencing routing server from the plurality of collaboration routing servers based on the highest of the first total and the second total; and
by the designated master conferencing routing server:
receiving a collaboration conference access request from a requester's communication; and
selecting a hosting conference bridge from a plurality of conference bridges connected to the plurality of conferencing routing servers, wherein the hosting conference bridge is configured to host a collaboration conference.

US Pat. No. 10,367,725

NETWORK PROGRAMMING

Hewlett Packard Enterpris...

1. A network controller, comprising:a path analysis module to define a data path for a flow within a network in response to a data path request from a network device, the data path including a plurality of network devices; and
determine a cost of a direct instruction plan between the network controller and each network device from the plurality of network devices and a cost of an assisted instruction plan between the network controller and each network device from the plurality of network devices;
an instruction module to:
generate a first message including an instruction to establish a first forwarding rule associated with the flow at a first network device from the plurality of network devices in response to the cost of the direct instruction plan between the network controller and the first network device being less than the cost of the assisted instruction plan between the network controller and that network device; and
generate a second message including a first instruction to establish a second forwarding rule associated with the flow at a second network device from the plurality of network devices and a second instruction to establish a third forwarding rule associated with the flow at a third network device from the plurality of network devices in response to the cost of the direct instruction plan between the network controller and the third network device being greater than the cost of the assisted instruction plan between the network controller and the third network device; and
a distribution module to:
provide the first message to the first network device and to provide the second message to the second network device along the assisted instruction plan.

US Pat. No. 10,367,724

OPTICAL CHANNEL DATA UNIT (ODU) FAULT PROPAGATION AND LINK RECOVERY USING ODU-DELAY MEASUREMENT

Juniper Networks, Inc., ...

1. A method, comprising:sending from a source path terminating node within an optical transport network (OTN) to a destination path terminating node within the OTN, a first signal having an optical data unit (ODU) with a path delay measurement (DMp) bit set;
in response to not receiving within a path-length-dependent time period from the destination path terminating node a second signal having the DMp bit set, triggering a protection action at the source path terminating node; and
sending to the destination path terminating node a signal configured to notify the destination path terminating node to trigger the protection action at the destination path terminating node.

US Pat. No. 10,367,723

PACKET SENDING METHOD AND APPARATUS BASED ON MULTI-LINK AGGREGATION

Huawei Technologies, Co.,...

1. A method, comprising:receiving, by a device, a packet carrying priority information indicating a priority of the packet;
sending, by the device, according to a correspondence between packet priorities and component fragment units in a fragment unit group, the packet to a component fragment unit corresponding to the priority of the packet;
configuring, by the device, a correspondence between the component fragment units and component links in a link aggregation group, according to availability of a component link in the link aggregation group and the priority of the packet that corresponds to the component fragment unit;
selecting, by the device, a selected component link corresponding to the priority of the packet, according to a correspondence between packet priorities and the component links, and according to the correspondence between the component fragment units and the component links, wherein the link aggregation group comprises a first component link and a second component link, wherein availability of the first component link is higher than availability of the second component link, and in the correspondence between the packet priorities and the component links, a first priority corresponds to the first component link, a second priority corresponds to the second component link or the first component link, and the first priority is higher than the second priority; and
sending, by the device, the packet on the selected component link.

US Pat. No. 10,367,722

OPTIMIZING PERFORMANCE OF COMPUTER NETWORKS

INTERNATIONAL BUSINESS MA...

1. A computer-implemented method of optimizing performance of a computer network, the method comprising:receiving a request to transmit data from a first location;
for each path in a set of paths, where each path comprises a connection allowing the transmission of data from the location, determining a set of performance measures for the path;
for each path in the set of paths, determining an incremental cost of transmitting the requested data using the path;
using the performance measures and incremental cost for each path to determine which path to use to transmit data; and
transmitting data using the determined path using multipath transmission control protocol techniques (MP-TCP),
wherein determining the incremental cost of transmitting the requested data using the path comprises:
determining an amount of previous data transmitted over the path during a time period;
determining an allotted amount of data for the time period; and
determining the cost for transmitting the requested data using the path,
wherein using the performance measures and incremental cost for each path to determine which path to use to transmit data further comprises analyzing the data to determine if the data meets criteria to be sent via a default path.

US Pat. No. 10,367,721

INTERWORKING WITH LEGACY RADIO ACCESS TECHNOLOGIES FOR CONNECTIVITY TO NEXT GENERATION CORE NETWORK

QUALCOMM Incorporated, S...

1. A method for performing a handover between core networks in a communication network, comprising:receiving, at an interworking core network serving node for interworking between a first core network supporting a first radio access technology (RAT) and a second core network supporting a second RAT, a handover request for performing a handover of a user equipment from a first wireless access network utilizing the first RAT to a second wireless access network utilizing the second RAT, the handover request including an identifier of a target cell within the second wireless access network;
identifying a first core network serving node within the second core network based on the identifier of the target cell; and
forwarding the handover request to the first core network serving node to complete the handover;
wherein the interworking core network serving node receives the handover request from a second core network serving node within the first core network;
wherein the interworking core network serving node is separate and distinct from the first core network serving node and the second core network serving node and the interworking core network serving node is configured to implement functionality of both the first RAT and the second RAT;
wherein the first RAT provides connectivity to one or more data networks via the first core network based on one or more Packet Data Network (PDN) connections;
wherein the second RAT provides connectivity to the one or more data networks via the second core network based on at least one or more Data Network Session (DNS) connections, each including one or more data flows.

US Pat. No. 10,367,720

METHOD FOR OBTAINING A POWERLINE COMMUNICATION ROUTE

1. A method for obtaining an initial communication route between a node device and a data concentrator device in a network using powerline communications based on a communication protocol comprising a method for seeking an initial communication route, said method comprising a first phase, referred to as the authentication phase, during which a first device wishing to establish a communication route to a second device sends an authentication message to said second device, in response to which said second device transmits a message to said first device comprising a short address attributed to said first device in a format that cannot be interpreted by an intermediate device in the network via which said message will pass, said short address being used for each exchange of messages between the first and second devices following the authentication phase, a second phase, referred to as the phase for seeking a best communication route, during which said second device sends a route request in broadcast mode in the network, and a third phase, referred to as the route confirmation phase, during which the first device and the second device exchange a messagecomprising information representing a communication route selected in accordance with a predefined criterion, wherein said method comprises:applying said method for seeking an initial communication route in order to determine the initial communication route when a predefined condition is fulfilled and, when the predefined condition is not fulfilled, an alternative method of seeking an initial communication route is applied, the alternative method of seeking an initial communication route comprising two phases, a first phase corresponding to the authentication phase and a second phase corresponding to the route confirmation phase, the first phase and the second phase being consecutive.

US Pat. No. 10,367,719

OPTIMIZED CONSUMPTION OF THIRD-PARTY WEB SERVICES IN A COMPOSITE SERVICE

Microsoft Technology Lice...

1. A computer-implemented method for routing service requests, the method comprising computer-implemented operations for:routing a first service request from a first web service to a second web service, wherein the first web service consumes the second web service;
identifying routing factors associated with the second web service;
based at least in part on the identified routing factors associated with the second web service, temporarily routing second service requests from the first web service to a third web service for a time frame, wherein the first web service, the second web service, and the third web service are in a composite service, and wherein the first web service consumes the third web service; and
routing a third service request from the first web service to the second web service after the time frame passes.

US Pat. No. 10,367,718

METHOD FOR ACQUIRING, BY SDN SWITCH, EXACT FLOW ENTRY, AND SDN SWITCH, CONTROLLER, AND SYSTEM

Huawei Technologies Co., ...

1. A method for controlling a software defined network (SDN), the method comprising:providing an SDN controller connected to first and second switch devices, the SDN controller being configured to communicate with the first and second switch devices via inband communications;
sending a first control message from the first switch device to the second switch device, the first control message including path information of the first switch device and being carried in a packet corresponding to a protocol used by a reliable connection established between the first switch device and the SDN controller;
generating, by the second switch device, an updated first control message obtained by adding, to the first control message, path information of the second switch device, and sending the updated first control message to the SDN controller;
determining, by the SDN controller, a routing path between the SDN controller and the first switch device in accordance with the path information of the updated first control message; and
sending, from the SDN controller to the first switch device, an exact flow entry according to the routing path.

US Pat. No. 10,367,717

PROCESSING A FLOW ENTRY IN VXLAN

Hewlett Packard Enterpris...

1. A method for processing a first flow entry and a second flow entry in a Virtual eXtensible Local Area Network (VXLAN), comprising:generating, by a controller, a first Software Defined Network (SDN) entry for a VXLAN Tunnel End Point (VTEP), the first SDN entry including a first Match field containing a first VXLAN Network Identifier (VNI) corresponding to the first SDN entry and to a first VXLAN of the VTEP;
sending, by the controller, the generated first SDN entry to the VTEP;
receiving, by the VTEP, the first SDN entry;
converting, by the VTEP, the received first SDN entry into a first routing forwarding entry that forwards packets containing the first VNI to a device of the first VXLAN;
generating, by the controller, a second SDN entry for the VTEP, the SDN entry including a second Match field containing a second VNI corresponding to the second SDN entry and to a second VXLAN of the VTEP;
sending, by the controller, the generated second SDN entry to the VTEP;
receiving, by the VTEP, the second SDN entry; and
converting, by the VTEP, the received second SDN entry into a second routing forwarding entry that forwards packets containing the second VNI to a device of the second VXLAN.

US Pat. No. 10,367,716

INFORMATION DISTRIBUTION IN A WIRELESS COMMUNICATION SYSTEM

BlackBerry Limited, Wate...

1. A method of information distribution in a wireless communication system, comprising:receiving a first information advertisement signal over a first neighbor interface of a propagator node, wherein the first information advertisement signal identifies information available from a first distributor node;
storing, by the propagator node, the first information advertisement signal and an indicator of the first neighbor interface in a distributor routing table;
starting, by the propagator node, a timer after storing the first information advertisement signal in the distributor routing table, wherein the propagator node is configured to discard the first information advertisement signal from the distributor routing table after the timer expires;
restarting, by the propagator node, the timer if the distributor node retransmits the first information advertisement signal to the propagator node before the timer expires;
determining, by the propagator node, whether all or a portion of a first selection request signal received over a second neighbor interface of the propagator node matches all or a portion of the first information advertisement signal stored in the distributor routing table when receiving the first selection request signal before the timer expires, wherein the first selection request signal identifies an information object sought by a first selector node;
responsive to determining that all or a portion of the first information advertisement signal matches all or a portion of the first selection request signal, forwarding all or a portion of the first selection request signal over the first neighbor interface of the propagator node, wherein the first neighbor interface and the second neighbor interface are configured to provide connectivity to a first neighbor node and a second neighbor node, respectively, over different active radio links;
responsive to the propagator node receiving a second selection request signal from a second selector node over one of the first neighbor interface or the second neighbor interface, determining if all or a portion of the second selection request signal matches all or a portion of an information tag stored in an information cache of the propagator node;
responsive to the propagator node determining that all or a portion of the second selection request signal matches all or a portion of the information tag, forwarding an information datagram associated with the information tag to the second selector node; and
responsive to forwarding the information datagram to the second selector node, discarding the second selection request signal unless the second selection request signal is marked as persistent, wherein when the second selection request signal is marked as persistent, the propagator node stores the second selection request signal with a temporary storage indicator indicating when to discard the second selection request signal.

US Pat. No. 10,367,715

PROXY OF ROUTING PROTOCOLS TO REDUNDANT CONTROLLERS

Level 3 Communications, L...

1. A method for exchanging routing data from redundant controllers, comprising:(a) establishing, at a routing device, a first reachability information session between the routing device and a forwarding device in a network, wherein the first reachability information session enables the routing device to exchange advertisements with the forwarding device indicating which addresses are reachable through the respective routing and forwarding devices,
wherein the forwarding device is further part of: (i) a second reachability information session established between the forwarding device and a first control device, the second reachability session enabling the first control device to send advertisements indicating which addresses are reachable through the network, and (ii) a third reachability information session established between the forwarding device and a second control device, the third reachability information session enabling the second control device to send advertisements indicating which addresses are reachable through the network;
(b) receiving, at the routing device, an advertisement from the forwarding device via the first reachability session, the advertisement comprising information specifying how the routing device is to forward data to destination addresses, wherein the forwarding device does not send advertisement information to the routing device when a duplicative advertisement is received by the forwarding device from the first control device or the second control device; and
(c) configuring, by the routing device, a routing table based on the information obtained in (b).

US Pat. No. 10,367,714

APPARATUS FOR TESTING AND DEVELOPING PRODUCTS OF NETWORK COMPUTING BASED ON OPEN-SOURCE VIRTUALIZED CLOUD

ELECTRONICS AND TELECOMMU...

1. An apparatus for testing and developing products of network computing based on an open-source virtualized cloud, the apparatus comprising:a physical space;
a network function virtualization (NFV) infrastructure domain space configured to provide a virtualization function in an independent environment for each user;
an NFV engine space configured to provide a processing based environment for virtual appliances which are units of a virtual network device that is individually operable;
a framework space configured to provide support to allow the virtual appliances to be developed and registered in a form of a container; and
a virtual network service space configured to provide a user interface interoperating with the framework space so that a user configures a virtual network through the user interface and a test function of the configured virtual network is supported,
a type of a virtual network configurable using a virtual network device is at least one of a virtual network based on a host virtual machine (VM) and a nested VM, a virtual network based on a VM and a container, a VM-based virtual network, and a container-based virtual network, and
the virtual network based on the host VM and the nested VM generates the nested VM in a host VM that operates on a kernel-based virtual machine (KVM) hypervisor and implements a virtual network function in the nested VM.

US Pat. No. 10,367,713

CLOUD BASED SYSTEM AND METHOD FOR MANAGING TESTING CONFIGURATIONS FOR CABLE TEST DEVICES

Fluke Corporation, Evere...

1. A method comprising:storing, at a cloud host device, a plurality of test device configuration instructions that each include parameters for configuring a plurality of cable network testing devices to perform different cable network testing procedures;
receiving, at the cloud host device and from a first computing device, each of the following:
a selection of a cable network testing device from the plurality of cable network testing devices, wherein the selected cable network testing device is separate from the first computing device,
a user-defined test device configuration instruction to add to the plurality of test device configuration instructions, wherein the user-defined test device configuration instruction includes parameters for configuring the selected cable network testing device to perform a cable network testing procedure, and
a first selection of test device configuration instructions from the plurality of test device configuration instructions to provide to the selected cable network testing device;
receiving, at the selected cable network testing device and from the cloud host device, one or more data packets that contain the first selected test device configuration instructions including the user-defined test device configuration instruction;
receiving, at the selected cable network testing device and from a user of the selected cable network testing device, a second selection of one or more test device configuration instructions from the first selected test device configuration instructions;
configuring the selected cable network testing device to perform one or more cable network testing procedures based on the second selected test device configuration instructions; and
performing, by the selected cable network testing device, the one or more cable testing procedures in accordance with the second selected test device configuration instructions.

US Pat. No. 10,367,712

AUTO TUNING OF HYBRID WAN LINKS BY ADAPTIVE DUPLICATION OF PACKETS ON ALTERNATE LINKS

Citrix Systems, Inc., Fo...

1. A method for transmitting duplicate packets based on network conditions comprising:determining, by a first device, a metric of a network condition of a first link established between the first device and a second device is within a threshold value, wherein the metric of the network condition of the first link is a packet delay rate over the first link or a packet loss rate over the first link;
determining, by the first device, a packet acceptance rate of a second link established between the first device and the second device based on a number of duplicate packets accepted for lost packets on the first link or based on a number of duplicate packets accepted for delayed packets on the first link;
generating, by the first device, responsive to determining that the metric of the network condition of the first link is within the threshold value, the duplicate packets of packets to be transmitted from the first device to the second device via the second link, the duplicate packets generated based on the packet loss rate or the packet delay rate on the first link and the determined packet acceptance rate on the second link to reach a target effective packet loss rate or a target effective packet delay rate;
transmitting, by the first device, on the first link, the packets to be transmitted from the first device to the second device; and
transmitting, by the first device, the duplicate packets on the second link.

US Pat. No. 10,367,711

PROTECTING VIRTUAL COMPUTING INSTANCES FROM NETWORK FAILURES

VMware, Inc., Palo Alto,...

1. A system for virtual computing instance (VCI) component protection for networking, said system comprising:at least one physical processor; and
at least one memory comprising computer program code, the at least one memory and the computer program code configured to, with the at least one physical processor, cause the processor to at least:
evaluate a networking health status associated with a first host executing the VCI, the evaluating comprising:
pinging, via a first command, a set of network addresses from a first virtual network interface available to the first host, and
pinging, via a second command, the set of network addresses from a second virtual network interface available to the VCI;
define the networking health status based on the evaluation, the defining comprises identifying which of the set of network addresses are reachable; and
initiate a remediation action for the first host based on the defined networking health status.

US Pat. No. 10,367,709

METHOD AND APPARATUS FOR ANALYZING SIGNAL DELAY TIME BASED ON CONTROLLER AREA NETWORK BURST ANALYSIS

Hyundai Motor Company, S...

1. A method of analyzing a signal delay time in a controller area network (CAN) communication network connected to a plurality of controllers, the method comprising:determining, by a measuring device, a transmission start time of a transmitted signal generated in the controller based on data obtained by measuring a receiving time point of a CAN signal;
determining, by the measuring device, a receiving time interval of the CAN signals that are sequentially received via a communication bus;
fixing, by a fixer, a burst period corresponding to CAN signals with the determined receiving time interval less than a predetermined time value;
selecting, by a selector, an analysis target CAN signal in the fixed burst period; and
determining, by a determiner, a maximum transmission delay time ‘a’ corresponding to the selected CAN signal,
wherein the maximum transmission delay time ‘a’ includes a delay time in a transmission buffer according to CAN signals with a higher priority than the selected CAN signal in the fixed burst period and a transmission time of the selected CAN signal.

US Pat. No. 10,367,706

AUTOMATIC IDENTIFICATION OF SOLUTIONS FOR WEATHER-RELATED NETWORK IMPAIRMENTS

1. A device comprising:a processor; and
a computer-readable medium storing instructions which, when executed by the processor, cause the processor to perform operations, the operations comprising:
detecting a first occurrence of a network anomaly from a first set of network operational data collected for a portion of a communication network within a first geographic area and for a first time period;
detecting a first occurrence of a weather event from a first set of weather data for the first geographic area and for the first time period;
determining a first occurrence of a weather-related network impairment when the first occurrence of the network anomaly and the first occurrence of the weather event are detected within the first time period, and when the network anomaly and the weather event match a signature for the weather-related network impairment, wherein the signature comprises a deviation from a baseline for network operational data and a deviation from a baseline for weather data;
receiving a first fault report associated with a first customer premises within the geographic area, wherein the first fault report is received within a first time window associated with the first time period; and
providing a notification of the weather-related network impairment and an instruction set to resolve the weather-related network impairment, wherein the instruction set is stored in a solution record associated with the signature for the weather-related network impairment.

US Pat. No. 10,367,705

SELECTING AND CONFIGURING METRICS FOR MONITORING

Amazon Technologies, Inc....

1. A non-transitory computer-readable storage medium comprising computer-executable instructions stored thereupon which, when executed by a computer, cause the computer to:analyze an infrastructure to determine computing resources utilized by a customer of a service provider network, by
identifying one or more execution environments executing within the service provider network, the infrastructure defining the computing resources utilized within the service provider network by the customer and wherein the infrastructure is specified at least in part by the customer, and
identifying software products executing, on behalf of the customer, within the one or more execution environments;
determine based, at least in part, on the computing resources and the software products, available metrics to monitor;
access first data that provides an indication of a popularity of monitoring one or more of the available metrics by other customers of the service provider network that have similar profiles to a profile of the customer;
determining a top number of metrics used by the at least a portion of the other customers based, at least in part, on the first data;
dynamically select a portion of the available metrics based, at least in part, on the first data and the top number of metrics;
generate second data identifying the portion of available metrics;
generate a software product user interface (UI) element that identifies an individual one of the software products;
generate, based at least in part on the second data, available metric UI elements for the individual one of the software products that identify at least the portion of available metrics;
present the software product UI element and the available metric UI elements for display within a graphical user interface;
receive a selected metric for monitoring;
configure, within the service provider network, the selected metric for monitoring by modifying a collection daemon on at least one computing resource;
collect metric data for the selected metric; and
provide the metric data to a computing device associated with the customer.

US Pat. No. 10,367,704

ENTERPRISE SERVER BEHAVIOR PROFILING

1. A device, comprising:a processor; and
a memory that stores executable instructions that, when executed by the processor, facilitate performance of operations, comprising:
receiving historical security event data representing historical security events of a first device and owner data representing an owner of the first device;
as a function of the historical security event data and the owner data, identifying an existence of an anomalous contact established between the first device and a second device;
generating a severity score for the second device based on a weighted sum value determined as a function of the anomalous contact aggregated in a group of anomalous contacts that have occurred between the first device and the second device within a defined period of time, and as a function of a value representing a number of connections attempted by the second device to a port associated with the first device, wherein the port that has not been accessed prior to the defined period of time; and
in response to identifying the existence of the anomalous contact and based on the severity score, depicting the second device on a connected graph of anomalous contacts established by the first device.

US Pat. No. 10,367,703

ANALYSIS OF NETWORK TRAFFIC RULES AT A NETWORK VISIBILITY NODE

Gigamon Inc., Santa Clar...

1. A method comprising:receiving, at a network visibility node communicatively coupled to a computer network, a plurality of packets associated with network traffic over the computer network, the network traffic associated with communications among a plurality of devices over the computer network, the plurality of devices not including the network visibility node, wherein the network visibility node operates out-of-band with the computer network;
accessing, by the network visibility node, a first set of network traffic rules configured to be applied to the network traffic, wherein the first set of network traffic rules mirror a second set of network traffic rules applied by at least one of the plurality of devices, wherein accessing the first set of network traffic rules includes any one or more of:
receiving an input including the first set of network traffic rules;
receiving programming instructions defining the first set of network traffic rules; or
actively pulling the first set of network traffic rules from any of the plurality of devices applying the network traffic rules; and
processing, by the network visibility node, the received plurality of packets using the first set of network traffic rules to monitor usage of the second set of network traffic rules, by tracking hits and/or misses of the plurality of packets received at the network visibility node against the first set of network traffic rules over a period of time.

US Pat. No. 10,367,702

NETWORK DATABASE HOSTING

Hewlett Packard Enterpris...

1. A system for network database hosting, comprising:a database supplier to supply a number of databases to store data, in which the number of databases implement a number of encryption operations; and
an infrastructure to host the number of databases, in which the infrastructure comprises a number of servers,
wherein a first server in the infrastructure comprises:
a storage device to store a plurality of database instances of a same database, wherein the plurality of database instances are persistently maintained on the storage device, and
an encryption component including an encryption switch to encrypt each database instance of the plurality of database instances using a unique encryption key of a plurality of encryption keys.

US Pat. No. 10,367,701

FRAMEWORK FOR PROVISIONING NETWORK SERVICES IN CLOUD COMPUTING ENVIRONMENT

Tata Consultancy Services...

1. A processor-implemented method for provisioning network services in a heterogeneous cloud computing environment, comprising:receiving, by a cloud provisioning platform, one or more virtual machine provisioning requests from a plurality of cloud administrators, wherein one or more virtual machine provisioning requests are distributed to said cloud provisioning platform via a cloud orchestrator;
assigning of compute and storage resources to one or more virtual machine provisioning requests and generating one or more network service requests for at least one of creation, update, and deletion of at least one of virtual networks, subnets, ports, routers and interfaces by the cloud provisioning platform;
sending the one or more network service requests to a Network as a Service (NaaS) layer by the cloud provisioning platform for provisioning the network services; and
provisioning, by the NaaS layer, a virtual network by configuring an underlying physical network(s), to provide the network services for each of the one or more network service requests, wherein the provisioned virtual network is one of an overlay network or configured underlying physical network, wherein the overlay network is a tunnel network operating on top of the underlying physical network, wherein the underlying physical network is provisioned by configuring underlying physical network elements; wherein the NaaS layer comprises a plurality of interfaces including a north bound interface module, a south bound interface module and an east west interface module for provisioning network services in a cloud system; and wherein the NaaS layer facilitates analysis and data exchange between instances of NaaS layer deployed in one or more clouds and one or more public cloud interfaces in the east west interface module.

US Pat. No. 10,367,699

NETWORK ARCHITECTURE FOR PREDICTIVE SERVICES MANAGEMENT IN CABLE NETWORK ENVIRONMENTS

Cisco Technology, Inc., ...

10. A method executed at an integrated circuit, the method comprising:retrieving key performance indicators from multi-tone signals captured by a data collector located in a cable network;
identifying a fault signature based on the key performance indicators, wherein the fault signature is identified based on phase domain analysis of a channel response, wherein identifying the fault signature comprises;
searching in phase domain for an echo in the channel response,
identifying a phase in which the echo is found,
calculating a tap amplitude corresponding to the identified phase, wherein the calculated tap amplitude is indicative of group delay,
correcting for the group delay, comprising subtracting the calculated tap amplitude from the channel response to obtain a corrected signal, and
identifying the fault signature when amplitude of the corrected signal is greater than a threshold;
accessing a data repository located in a cloud network for geographical information associated with the cable network;
determining a location of a fault in the cable network based on the fault signature and the geographical information;
accessing the data repository for device information associated with the cable network;
determining a type of fault based on the location of the fault and the device information; and
activating repair and maintenance activities based on the type of fault, the location of the fault and the fault signature.

US Pat. No. 10,367,697

GRAPHICAL TIMELINE DISPLAY OF NETWORK CLIENT CONNECTIONS WITH WIRELESS ENDPOINTS

Cisco Technology, Inc., ...

1. A computer-implemented method, comprising:receiving network connection data for a client device and storing the data in a first data repository;
using the data stored in the first data repository, calculating one or more connection time period values for the client device, each of the connection time period values representing a time of wireless network connection of the client device to each of one or more access points, wherein the access points are wireless access points;
generating a network connection timeline that tracks a network connectivity of the client device and storing the timeline in a second data repository, wherein the timeline comprises a frequency band indicator, a time period, and one or more markers based, at least in part, on the connection time period values;
displaying, in a Graphical User Interface (GUI), the network connection timeline including the frequency band indicator, the time period, and the one or more markers, wherein each marker displayed in the GUI represents a connection between the client device and an access point in association with the frequency band indicator displayed in the GUI and the time period displayed in the GUI, wherein each of the displayed one or more markers is selectable to initiate display of network connection details associated with a respective marker;
in response to receiving input selecting a given marker displayed in the GUI, displaying a panel comprising network connection details specifying one or more connectivity issues associated with the given marker and associated access point.

US Pat. No. 10,367,696

AUTOMATIC NETWORK MANAGEMENT SYSTEM AND METHODS

TELEFONAKTIEBOLAGET LM ER...

1. A control, orchestration, management, policy and analytics (COMPA) system, comprising:a first analytics agent configured to: collect data from various data sources, process collected data into insights, and provide requested insights to a consuming agent in response to receiving from the consuming agent a report request identifying a requested insight type;
a first policy agent configured to request the first analytics agent to send to the first policy agent one or more insights; and
a first control orchestration management (COM) agent, wherein
the first policy agent is configured such that, in response to receiving a set of one or more insights from the first analytics agent, the first policy agent uses a policy and the one or more insights to determine whether a first action should be taken, and, as a result of determining the first action should be taken, transmits to the first COM agent a first action request message for identifying the first action,
the first COM agent is configured such that, in response to receiving the first action request message, the first COM agent performs the requested first action, and
the COMPA system further comprises:
a second analytics agent configured to: collect data from various data sources, process collected data into insights, and provide requested insights to a consuming agent in response to receiving from the consuming agent a report request identifying a requested insight type; and
a third analytics agent configured to: 1) request the first analytics agent to send to the third analytics agent one or more insights generated by the first analytics agent, 2) request the second analytics agent to send to the third analytics agent one or more insights generated by the second analytics agent, and 3) generate at least one insight based at least in part on one or more insights transmitted to the third analytics agent from the first analytics agent and one or more insights transmitted to the third analytics agent from the second analytics agent.

US Pat. No. 10,367,695

METHOD FOR SIMULATING A COMMUNICATION SYSTEM, SIMULATION SYSTEM FOR A COMMUNICATION SYSTEM AND COMPUTER PROGRAM

VOLKSWAGEN AG, Wolfburg ...

1. A method for simulating a communication system having a communication protocol which regulates a communication between at least two transmitter-receivers of the communication system via a common communication channel to only permit a first transmitter-receiver to transmit a data packet when no use of the common communication channel by a second transmitter-receiver is indicated to the first transmitter-receiver, the method comprising:sending a data packet by at least the first transmitter-receiver via the common communication channel even when at least the second transmitter-receiver is using the common communication channel; and
damping the common communication channel above a predefined threshold along a downlink direction with respect to the first transmitter receiver;
wherein a channel detection of the first transmitter receiver cannot detect a data packet transmitted below the predefined threshold.

US Pat. No. 10,367,694

INFRASTRUCTURE COSTS AND BENEFITS TRACKING

International Business Ma...

1. A tracking and IT infrastructure reconfiguring method comprising:modeling and enabling, by a computer processor of a special purpose hardware based computing system, an IT infrastructure as a collection of independent hardware components, software components, and networking components, wherein said IT infrastructure comprises electronic circuitry comprising a programmable logic array utilizing state information of specialized firmware program code configured to execute specialized software for personalizing said electronic circuitry for performing said tracking and IT infrastructure reconfiguring method;
deploying, by said computer processor, an observer agent on each of said independent hardware components, software components, and networking components, wherein said independent hardware components, software components, and networking components comprise servers, network hubs, network switches, network routers, network cables, virtual machines, security software, debuggers, monitors, and loggers;
performing, by said computer processor executing each said observer agent, a measurement process with respect to each of said independent hardware components, software components, and networking components, wherein said performing said measurement process comprises:
measuring hardware parameters comprising optimal CPU usage, optimal memory usage, I/O read and write latencies, network bandwidth utilization, network latency, and router throughput;
measuring software parameters comprising: query throughput, query processing latency, classify operations, troubleshooting parameters, failover issues, and error-recovery parameters;
measuring additional parameters comprising electricity consumption, water supply attributes, and air conditioning attributes; and
measuring incurred costs and benefits associated with each of said independent hardware components, software components, and networking components;
performing, by said computer processor executing each said observer agent, a mapping process associated with said measurement process;
deploying, by said computer processor, a centralized aggregation module with respect to results of said mapping process;
performing, by said computer processor executing said centralized aggregation module with respect to said results of said mapping process, an aggregation process with respect to said results of said mapping process;
generating, by said computer processor, a two dimensional moving graph indicating results of said aggregation process;
displaying, by said computer processor, said two dimensional moving graph;
first tracking, by said computer processor executing each said observer agent, a query detecting an operating performance efficiency of an associated software module;
second tracking, by said computer processor executing each said observer agent, health indicators of said hardware components, wherein said health indicators are selected from the group consisting of CPU activity, memory usage, I/O activity, and network activity;
monitoring, by said computer processor executing each said observer agent, said network components to determine a network efficiency level of said network components;
determining, by said computer processor via execution artificial intelligence, efficiency levels of each of said hardware components, said software components, and said networking components; and
reconfiguring, based on results of said performing said measurement process, results of said first tracking, results of said second tracking, results of said monitoring, and results of said determining, said independent hardware components, software components, and networking components of said IT infrastructure such that a group of specified components, selected based on based on recorded operational parameters and performance efficiency detected during said measurement process, of said hardware components, software components, and networking components are removed from and added to said IT infrastructure thereby benefitting operational and technical capabilities of said IT infrastructure by executing troubleshooting, failover, and error-recovery processes such that said group of specified components are configured to ensure a high availability of services executed by said IT infrastructure.

US Pat. No. 10,367,691

MULTI PLATFORM STATIC SEMANTIC CONSISTENCY CHECKING OF NETWORK CONFIGURATIONS

Cisco Technology, Inc., ...

1. A method comprising:receiving a configuration;
receiving a protocol type corresponding to the configuration;
determining, by a computer, parent-child hierarchical relationships in the configuration wherein determining the parent-child hierarchical relationships comprises determining the parent-child hierarchical relationships based on syntactical elements of the received configuration;
applying a set of rules to the configuration based upon the determined parent-child hierarchical relationships and upon the received protocol type; and
producing a report in response to applying the set of rules wherein producing the report comprises producing the report wherein the report indicates at least one of the following: errors in the configuration and corrective suggestions corresponding to the configuration;
wherein applying the set of rules comprises applying the set of rules wherein each rule in the set of rules comprises at least two hierarchical elements that are to be matched against each other.

US Pat. No. 10,367,690

VERIFICATION IN SELF-ORGANIZING NETWORKS

NOKIA SOLUTIONS AND NETWO...

1. A method of operating a network by a self-organizing network (SON) verification function, comprising:monitoring change by another SON function of at least one configuration management parameter and performance data of the network;
observing a performance degradation in the network;
identifying the change as responsible for the performance degradation; and
sending an undo execution request to a SON coordinator for reversion of the change
while blocking another SON function trying to modify the at least one configuration management parameter.

US Pat. No. 10,367,688

DISCOVERING CHANGES OF NETWORK INTERFACE CONTROLLER NAMES

Red Hat Israel, Ltd., Ra...

1. A method comprising:receiving new network configuration data comprising first network interface controller (NIC) configuration data for a NIC device that is identified by a permanent identifier (ID), wherein the new network configuration data comprises a first NIC name corresponding to the permanent ID, and wherein the NIC device is a single root-input/output virtualization (SR-IOV)-enabled NIC device;
identifying the permanent ID of the NIC device in current network configuration data comprising second NIC configuration data for the NIC device;
identifying a second NIC name corresponding to the permanent ID of the NIC device in the current network configuration data;
responsive to the first NIC name being different than the second NIC, updating, by a processing device, the first NIC configuration data in the new network configuration data to be the same as the second NIC configuration data; and
saving, by the processing device, the updated new network configuration data as the current network configuration data.

US Pat. No. 10,367,686

AUTOMATICALLY DETECTING ROLES OF NODES IN LAYERED NETWORK TOPOLOGIES

Microsoft Technology Lice...

1. A method, comprising:identifying, by a node in a network with a layered topology, using a local shortest path tree (SPT), one or more additional nodes in the network that are farthest from the node;
calculating a position of the node using a difference in length between a longest loop-free path in the local SPT and an additional longest loop-free path in a remote SPT, wherein the difference in length represents a number of layers between the node and the edge of the layered topology; and
configuring operation of the node in the network by:
identifying a role of the node based on the calculated position and a layer in which the node appears in the layered topology;
obtaining a configuration policy for the role at the node; and
configuring the node according to the configuration policy.

US Pat. No. 10,367,685

COMMUNICATION DEVICE, CONTROL METHOD OF COMMUNICATION DEVICE, AND STORAGE MEDIUM, FOR PERFORMING WIRELESS COMMUNICATION

Canon Kabushiki Kaisha, ...

1. A communication device comprising:one or more processors; and
one or more memories storing instructions that, when executed by the one or more processors, cause the communication device to:
perform predetermined prevention processing to prevent operating as a base station in communication between a second another communication device and the communication device in a case where the communication device operates in a first mode in which the communication device disconnects from a wireless network according to connection of a first another communication device and the second another communication device to the wireless network to which the communication device is connected, and not perform the predetermined prevention processing in a case where the communication device operates in a second mode in which the communication device remains in a wireless network to which the communication device is connected after the first another communication device and the second another communication device are connected to the wireless network;
connect to a wireless network constructed by the second another communication device as a base station in a case where the communication device operates in the first mode; and
transmit information on the first another communication device to the second another communication device, via the connected wireless network.

US Pat. No. 10,367,684

FAULT DETECTION METHOD AND MOBILE WIRELESS SYSTEM

NEC CORPORATION, Tokyo (...

1. A fault detection method used for detecting a failure location of a wireless facility, the wireless facility including at least one base station installed in each of a plurality of sections of a route and an antenna connected to each of the at least one base station, and a control device that controls each base station installed beside the route and performing wireless communication with at least one mobile body that travels along the route, comprising:measuring a strength of a signal, by one of the at least one mobile body in operation, emitted from a first antenna connected to one of the at least one base station and acquiring a temporary failure determination result based on the signal strength;
transmitting announcement information by the control device via a first base station connected to the first antenna and the first antenna that are determined to be failed in response to the temporary failure determination result is acquired;
transmitting an answer to the control device by at least one arbitrary mobile body in operation that received the announcement information; and
making a final failure determination based on the answer transmitted from the at least one arbitrary mobile body.

US Pat. No. 10,367,683

METHOD AND SYSTEM TO IDENTIFY A SOURCE OF SIGNAL IMPAIRMENT

1. A method comprising:responsive to receiving an indication of impaired performance from a first client of a multimendia network, analyzing performance of an uplink from the first client;
responsive to detecting the uplink from the first client operating normally, performing node performance operations, wherein the node performance operations include:
identifying a plurality of clients of the multimedia network, wherein the plurality of clients share a network node;
generating a performance profile for one or more of the plurality of clients, wherein each performance profile includes a first parameter obtained by querying customer premises equipment of a corresponding client;
identifying one or more candidate clients from the plurality of clients according to a ranking of impairment data associated with the plurality of clients;
performing diagnostics on the one or more candidate clients; and
predicting, based on the diagnostics, a source of the impaired performance, including predicting whether the impaired performance is attributable to an external source, wherein the external source is external to the multimedia network and electromagnetically coupled to the first client of the multimedia network.

US Pat. No. 10,367,682

NODE FAILURE RECOVERY TOOL

Bank of American Corporat...

1. A node failure recovery tool comprising:an interface configured to receive one or more portions of state information from a first node, each of the one or more portions of state information comprising data corresponding to a user and an action and an indication of whether the portion of state information is related to one or more other portions of state information;
one or more processors configured to:
determine a time corresponding to each of the one or more portions of state information;
determine that the first node has crashed, wherein determining that the first node has crashed comprises:
identifying that a received portion of state information comprising a first user and a first action is related to one or more other portions of state information, wherein the received portion of state information was received after the related one or more other portions of state information, and the first user and the first action are related to the one or more other portions of state information;
replacing the related one or more other portions of state information with the received portion of state information; and
determining that the interface did not receive another portion of state information;
after determining that the first node has crashed, determining, based on the time corresponding to each of the one or more portions of state information, the received portion of state information that was last received from the first node; and
send, to the first node, the received portion of state information that was last received from the first node, wherein the first node uses the received portion of state information that was last received from the first node to recover from the crash.

US Pat. No. 10,367,681

MAINTENANCE OF DATA FORWARDER CONNECTION STATE INFORMATION

Hewlett Packard Enterpris...

1. A method, comprising:maintaining connection state information in a fiber channel (FC) over Ethernet (FCoE) Data Forwarder (FDF) or Fiber Channel Data Forwarder (FcDF);
using an FC forwarder (FCCF) or FCoE Forwarder (FCF) connected to the FDF as a service node for the FDF or FcDF; and
providing a secondary adjacent FC forwarder (FCCF) or FCoE Forwarder (FCF) connected to the FDF as a backup service node for the FDF or FcDF upon failure of the FC forwarder (FCCF) or FCoE Forwarder (FCF), wherein changes in the connection state information are not synchronized between (a) the FC forwarder (FCCF) or FCoE Forwarder (FCF) and the (b) secondary adjacent FC forwarder (FCCF) or FCoE Forwarder (FCF).

US Pat. No. 10,367,680

NETWORK RELAY APPARATUS, GATEWAY REDUNDANCY SYSTEM, PROGRAM, AND REDUNDANCY METHOD

NEC CORPORATION, Tokyo (...

1. A network relay apparatus for relaying communication by active-active configuration with another network relay apparatus between an access network and a relay destination network, comprising:a storage that includes, as an internal status, i) a redundancy status for indicating whether the network relay apparatus operates as an active system or a standby system for each subscriber terminal or subscriber terminal group, and ii) a subscriber status for indicating a list of each used address information for each subscriber terminal of a standby system for the network relay apparatus and the another network relay apparatus; and
a processor configured to:
monitor each message of the access network by snooping between the another network relay apparatus and the each subscriber terminal or subscriber terminal group in the active-active configuration, the snooping providing a snooped used address assigned to the each subscriber terminal or subscriber terminal group;
record, into the subscriber status of the each subscriber terminal or subscriber terminal group, the snooped used address information assigned by the another network relay apparatus to the each subscriber terminal;
notify or advertise the recorded internal status to a notification destination at a predetermined timing; and
read, from the subscriber status, when the network relay apparatus switches to operate as active system for a given subscriber terminal for which the internal status indicates the standby system, snooped used address information that has been used by the given subscriber terminal, to continue communication between the given subscriber terminal and the relay destination network with the snooped used address information that has been used by the given subscriber terminal.

US Pat. No. 10,367,677

NETWORK ARCHITECTURE, METHODS, AND DEVICES FOR A WIRELESS COMMUNICATIONS NETWORK

Telefonaktiebolaget LM Er...

1. A method, in a user equipment (UE), for operating in a wireless communications network, the method comprising:operating in a dormant mode, wherein operating in the dormant mode comprises intermittently activating receiver circuitry to scan for synchronization signals and/or system information signals; and
while scanning for synchronization signals and/or system information signals:
performing a measurement on each of a plurality of resources from a predetermined set of resources or demodulating and decoding information from each of a plurality of resources from a predetermined set of resources, where the resources in the predetermined set of resources are each defined by one or more of a beam, a timing, and a frequency;
evaluating the measurement or the demodulated and decoded information for each of the plurality of resources against a predetermined criterion;
discontinuing the performing and evaluating of measurements or discontinuing the demodulating and decoding and evaluation of information, in response to determining that the predetermined criterion is met for one of the resources, such that one or more resources in the predetermined set of resources are neither measured nor demodulated and decoded; and
deactivating the activated receiver circuitry, further in response to determining that the predetermined criterion is met for one of the resources;
wherein the method further comprises:
receiving, in a first subframe, a first Orthogonal Frequency-Division Multiplexing (OFDM) transmission formatted according to a first numerology; and
receiving, in a second subframe, a second OFDM transmission formatted according to a second numerology, the second numerology differing from the first numerology.

US Pat. No. 10,367,676

STABLE LEADER SELECTION FOR DISTRIBUTED SERVICES

Amazon Technologies, Inc....

1. A system, comprising:a plurality of nodes of a distributed service, wherein individual ones of the plurality of nodes are implemented at respective computing devices; and
a distributed role manager implemented at a plurality of computing devices;
wherein the distributed role manager is configured to:
receive a leadership assignment request from a particular node of the plurality of nodes;
determine that designation of the particular node as a leader node of the distributed service is permitted by a role assignment policy of the distributed service, wherein the leader node is responsible for fulfilling a first category of service requirements of the distributed service;
select, from a first subset of a first set of dynamically-assignable role indicator values, in accordance with a role indicator value selection order of the role assignment policy, a particular role indicator value to be assigned to the particular node, wherein the distributed role manager is not authorized to assign role indicator values in a second subset of the first set, wherein the role indicator values in the second subset are different than the role indicator values in the first subset, and wherein a backup role manager of the distributed service is authorized to assign a second role indicator value from the second subset to a node of the distributed service in the event of a failure; and
transmit the particular role indicator value to the particular node; and
wherein the particular node of the distributed service is configured to:
after receiving the particular role indicator value from the distributed state manager, perform an operation to fulfill a service requirement of the first category.

US Pat. No. 10,367,675

TRANSMISSION METHOD, TRANSMITTER APPARATUS, RECEPTION METHOD AND RECEIVER APPARATUS

SUN PATENT TRUST, New Yo...

1. A transmission method comprising:applying modulation to a first data signal and a second data signal using any one of a plurality of modulation schemes to generate first mapped symbols and second mapped symbols, the first data signal and the second data signal each including a video signal or an audio signal, the video signal being to be displayed on a monitor of a reception device, and the audio signal being to be output from a speaker of the reception device;
applying phase shift to the first mapped symbols and the second mapped symbols, using a plurality of phase shift coefficients that are regularly switched between a determined number of mapped symbols;
applying insertion of a plurality of pilot symbols to the first mapped symbols and the second mapped symbols;
applying an Orthogonal Frequency-Division Multiplexing (OFDM) symbol generation process to the first mapped symbols and the second mapped symbols to generate a first OFDM symbol, a second OFDM symbol, a third OFDM symbol, and a fourth OFDM symbol; and
applying transmission from a first transmission branch to the first OFDM symbol at a first frequency and at a first time, and to the third OFDM symbol at the first frequency and at a second time,
applying transmission from a second transmission branch to the second OFDM symbol at the first frequency and at the first time, and to the fourth OFDM symbol at the first frequency and at the second time, wherein
the plurality of phase shift coefficients regularly vary for each first phase amount,
the first OFDM symbol, the second OFDM symbol, the third OFDM symbol, and the fourth OFDM symbol each include the plurality of pilot symbols arranged in a plurality of pilot subcarriers,
the first OFDM symbol includes a first subcarrier, a second subcarrier, and a third subcarrier that are consecutive in a frequency domain,
the second OFDM symbol includes a fourth subcarrier, a fifth subcarrier, and a sixth subcarrier that are consecutive in the frequency domain,
the second subcarrier in the first OFDM symbol and the fifth subcarrier in the second OFDM symbol are part of the plurality of pilot subcarriers at the same frequency and at the first time, respectively,
the plurality of pilot subcarriers of the first OFDM symbol and the plurality of pilot subcarriers of the third OFDM symbol are arranged on different subcarriers, respectively, and
a difference in phase amount between a first symbol arranged in the first subcarrier and a second symbol arranged in the third subcarrier is twice the first phase amount.

US Pat. No. 10,367,674

METHODS AND APPARATUS FOR ARRAY-BASED COMPRESSED SENSING

Massachusetts Institute o...

1. An apparatus for sensing an incident signal, the apparatus comprising:an antenna array to receive the incident signal, the antenna array comprising a first antenna and a second antenna;
a first analog-to-digital converter (ADC), communicatively coupled to the first antenna, to generate a first aliased signal by sampling the incident signal at a first sampling frequency f1 below a Nyquist frequency fn of the incident signal;
a second ADC, communicatively coupled to the second antenna, to generate a second aliased signal by sampling the incident signal at a second sampling frequency f2, different than the first sampling frequency f1, below the Nyquist frequency fn of the incident signal; and
a processing system, communicatively coupled to the first ADC and the second ADC, to compute a spectrum of the incident signal based at least in part on the first aliased signal and the second aliased signal.

US Pat. No. 10,367,673

APPARATUS FOR TRANSMITTING BROADCAST SIGNALS, APPARATUS FOR RECEIVING BROADCAST SIGNALS, METHOD FOR TRANSMITTING BROADCAST SIGNALS AND METHOD FOR RECEIVING BROADCAST SIGNALS

LG ELECTRONICS INC., Seo...

4. An apparatus for transmitting broadcast signals, the apparatus comprising:an encoder to encode service data;
a parity interleaver to interleave parity bits of the encoded service data;
a group-wise interleaver to interleave the parity interleaved service data by splitting the parity interleaved service data into a plurality of groups, wherein the plurality of groups are interleaved by using a permutation order based on a code rate;
a block interleaver to interleave the group-wise interleaved service data in a memory,
wherein a size of the memory is based on a modulation order, and
wherein the block interleaver performs:
row-wise writing bits of the group-wise interleaved service data in the memory; and
column-wise reading 1 bit from each row of the memory;
a frame builder to build at least one signal frame including the block interleaved service data;
a modulator to modulate data in the built at least one signal frame by an Orthogonal Frequency Division Multiplex (OFDM) scheme; and
a transmitter to transmit the broadcast signals having the modulated data.

US Pat. No. 10,367,672

ENHANCEMENTS TO PHASE-NOISE COMPENSATION REFERENCE SIGNAL DESIGN AND SCRAMBLING

QUALCOMM Incorporated, S...

1. A method for wireless communication, comprising:identifying a frequency corresponding to a direct current (DC) tone within a set of resource blocks;
determining a frequency for each of one or more phase-noise tracking reference signals (PTRS) based at least in part on the DC tone, each determined frequency different from the frequency corresponding to the DC tone; and
transmitting the one or more PTRS using the set of resource blocks based at least in part on the determined frequency.

US Pat. No. 10,367,671

TIME DOMAIN TRANSMITTER SIGNAL SHAPING

AVAGO TECHNOLOGIES INTERN...

1. A spectral shaper device, comprising:circuitry comprising
a first stage circuit that receives and processes a signal prior to providing a combined signal to be processed by a second stage circuit and then applied to a power amplifier as a spectrally shaped signal, the power amplifier having a non-linear amplification characteristic, the first stage circuit including
a first path including
a non-linear mapper circuit having a spectral characteristic determined from a first predetermined requirement on a spectral output of the power amplifier, the first path providing a first stage output signal that is combined with an in-band error cancellation signal,
a first stage clipper circuit disposed downstream of the non-linear mapper circuit that provides a clipped output signal that is clipped at a first predetermined threshold, and
a second path that is parallel to the first path and includes an in-band selection filter that performs a filter operation on a difference signal between the clipped output signal and at least one of the input signal and an output of the non-linear mapper circuit to provide the in-band error cancellation signal; and
a second stage circuit that processes the combined signal prior to applying the spectrally shaped signal to the power amplifier, the second stage circuit including a second stage clipper circuit that clips the spectrally shaped signal at another threshold prior to being applied to the power amplifier, at least a portion of the spectral shape of the specially shaped signal being
based on a second predetermined requirement, different from the first predetermined requirement, on the spectral output of the power amplifier.

US Pat. No. 10,367,670

METHOD AND APPARATUS FOR CREST FACTOR REDUCTION

TELEFONAKTIEBOLAGET LM ER...

1. A method implemented at an apparatus in a wireless communication system, the method comprising:detecting multiple signal peaks of a target signal exceeding a predetermined threshold magnitude set to constitute one or more peak clusters;
generating one or more noise shaping pulse clusters;
assigning the one or more noise shaping pulse clusters to the detected signal peaks in one or more peak clusters to clip the detected signal peaks in frequency domain;
calculating an output signal based on the clipped signal peaks;
wherein, the noise shaping pulse cluster comprises multiple sub-noise shaping pulses, bandwidths of the multiple sub-noise-shaping pulses are overlapped and a bandwidth of the noise shaping pulse cluster is greater than the bandwidth of the target signal.

US Pat. No. 10,367,669

BROADCAST SIGNAL FRAME GENERATION APPARATUS AND BROADCAST SIGNAL FRAME GENERATION METHOD USING LAYERED DIVISION MULTIPLEXING

Electronics and Telecommu...

1. A method of generating a broadcast signal frame, comprising:generating a multiplexed signal by combining a core layer signal and an enhanced layer signal at different power levels;
reducing power of the multiplexed signal to a power level corresponding to the core layer signal;
generating a time-interleaved signal by performing interleaving that is applied to both the core layer signal and the enhanced layer signal; and
generating the broadcast signal frame including a preamble for signaling, type information of Physical Layer Pipes (PLPs), and time interleaver information shared by the core layer signal and the enhanced layer signal,
wherein the type information is for identifying one among a first type corresponding to a non-dispersed Physical Layer Pipe and a second type corresponding to a dispersed Physical Layer Pipe.

US Pat. No. 10,367,668

APPARATUS FOR TRANSMITTING BROADCAST SIGNALS, APPARATUS FOR RECEIVING BROADCAST SIGNALS, METHOD FOR TRANSMITTING BROADCAST SIGNALS AND METHOD FOR RECEIVING BROADCAST SIGNALS

LG ELECTRONICS INC., Seo...

1. A method of transmitting a broadcast signal by an electronic device, comprising:encoding data for one or more services of the broadcast signal;
building a signal frame carrying the encoded data;
frequency interleaving data in the signal frame by an interleaving sequence for a 32K Fast Fourier Transform (FFT) mode, the interleaving sequence generated by:
generating a main sequence, the main sequence being used for two consecutive symbols to be processed by an Orthogonal Frequency Division Multiplexing (OFDM) scheme,
generating a symbol offset, a value of the symbol offset being constant for the two consecutive symbols,
generating a sequence based on the main sequence and the symbol offset,
checking a validity of address of the generated sequence, and
outputting the generated sequence as the interleaving sequence after checking that the address of the generated sequence is valid;
modulating the frequency interleaved data by the OFDM scheme; and
transmitting the broadcast signal carrying the modulated data.

US Pat. No. 10,367,667

JOINT AD-HOC SIGNAL AND COLLISION DETECTION METHOD

NXP B.V., Eindhoven (NL)...

9. A collision detection system for classifying received radio frequency signals, comprising:a receiver configured to receive an input signal;
a matched filter configured to matched filter the input signal to produce a correlation result signal;
a collision detector configured to:
sample the correlation result signal at a half bit grids, half-bit-grid and a bit-grid of a plurality of bits to produce a set of modulated phase correlation result samples and a set of non-modulated phase correlation result samples;
calculate a minimum of the set of modulated phase correlation result samples;
calculate a maximum of the set of non-modulated phase correlation result samples; and
classify the input signal as valid data or collision data based on the calculated minimum and the calculated maximum.

US Pat. No. 10,367,666

ADC BASED RECEIVER

XILINX, INC., San Jose, ...

1. A receiver, comprising:an automatic gain controller (AGC) configured to receive an analog signal;
an analog-to-digital converter (ADC) configured to receive an output from the AGC and to output a digitized signal, wherein a most significant bit of the digitized signal corresponds to a sliced data, and a least significant bit of the digitized signal corresponds to an error signal; and
an adaptation unit configured to provide a Vref signal to control a reference voltage of the ADC, and increase or reduce the reference voltage of the ADC, based at least in part on the digitized signal to achieve a desired data digitization and data slicing, wherein the adaptation unit is configured to reduce the Vref signal if a recovered data associated with a ADC code is at a maximum value and an AGC vote is increasing, and wherein the adaptation unit is configured to increase the Vref signal if the recovered data associated with the ADC code is at a minimum value and the AGC vote is decreasing.

US Pat. No. 10,367,663

METHOD FOR CANCELLING SELF-INTERFERENCE BY APPARATUS THAT USES FDR SCHEME

LG Electronics Inc., Seo...

1. A method for performing self-interference (SI) cancellation by a base station (BS) based on a full duplex radio (FDR) scheme, the method comprising:transmitting, to a user equipment (UE), information for estimating an SI channel,
wherein the information is related to a change in reference signal (RS) power boosting when aperiodic SI channel estimation is configured; and
wherein the information includes a starting point and period for estimating the SI channel when periodic SI channel estimation is configured;
transmitting, to the UE, a RS based on the information;
estimating the SI channel based on the RS; and
performing the SI cancellation based on the estimated SI channel.

US Pat. No. 10,367,662

METHOD AND APPARATUS FOR NOVEL ADAPTIVE EQUALIZATION TECHNIQUE FOR SERIALIZER/DESERIALIZER LINKS

INTEGRATED DEVICE TECHNOL...

1. A method comprising:(a) resetting AC gains to zero for a serializer/deserializer receiver, said serializer/deserializer receiver having an input;
(b) resetting DC gains to zero for said serializer/deserializer receiver;
(c) receiving at said serializer/deserializer receiver input a training signal pattern having a sequence of alternating bits and a sequence of three or more consecutive same bits;
(d) adjusting said AC gains when said training signal pattern having said sequence of alternating bits is present until said training signal pattern is at a predefined AC signal level;
(e) adjusting said DC gains when said training signal pattern having said sequence of three or more consecutive same bits is present until said training signal pattern is at a predefined DC signal level;
(f) repeating sequence (d)-(e) until said training signal pattern ends.

US Pat. No. 10,367,661

CONTINUOUS TIME LINEAR RECEIVER THAT MINIMIZES INTERSYMBOL INTERFERENCE DUE TO PRE-CURSOR DISTORTION

CADENCE DESIGN SYSTEMS, I...

11. A circuit for reducing intersymbol interference due to pre-cursor distortion, the circuit comprising:a first set of circuit elements located along a first circuit path of a receiver device, wherein the first set of circuit elements process an analog input signal of the receiver device to form an equalized representation of the input signal;
a second set of circuit elements located along a second, non-equalizing, circuit path that has lower latency than the first circuit path, wherein the second set of circuit elements process the input signal to form a scaled, non-equalized, signal as one of the following: a scaled representation of the input signal, an inverted scaled representation of the input signal a scaled derivative of the input signal, and an inverted scaled derivative of the input signal; and
a circuit arrangement that combines the scaled, non-equalized, signal with the equalized representation, wherein the circuit arrangement cancels out a pre-cursor portion of the equalized representation to form a pre-cursor corrected signal.

US Pat. No. 10,367,660

RATE DETERMINATION APPARATUS, RATE DETERMINATION METHOD, AND RECEPTION APPARATUS

RENESAS ELECTRONICS CORPO...

1. A rate determination apparatus comprising:a memory for storing instructions; and
a processor configured to execute the stored instructions to implement:
a receiver configured to receive a transmission frame modulated by a Frequency Shift Keying (FSK) modulation scheme;
a symbol rate detector configured to detect a symbol rate based on a period of a preamble portion in the received transmission frame;
a multilevel symbol detector configured to detect a multilevel-modulated multilevel symbol based on a frequency deviation in the received transmission frame; and
a bit rate determiner configured to determine a bit rate based on the detected symbol rate and the detected multilevel symbol, wherein
the multilevel symbol detector detects the multilevel symbol based on a difference between a specific frequency deviation pattern corresponding to the multilevel symbol to be detected and a reception frequency deviation in the transmission frame,
the multilevel symbol detector detects the multilevel symbol based on an average of the difference between the specific frequency deviation pattern and the reception frequency deviation,
the specific frequency deviation pattern includes a plurality of frequency deviation routes corresponding to combinations of frequencies between symbols, and
the multilevel symbol detector detects the multilevel symbol based on a frequency deviation route having a smallest average of the difference from the reception frequency deviation among the plurality of frequency deviation routes.

US Pat. No. 10,367,659

APPARATUS AND METHOD FOR ESTIMATING DOWNLINK CHANNEL IN WIRELESS COMMUNICATION SYSTEM

Samsung Electronics Co., ...

8. An apparatus for estimating a downlink channel in a wireless communication system, the apparatus comprising:a receiver configured to receive signals; and
a processor coupled with the receiver and configured to:
remove an orthogonal pattern from a reference signal among the received signals,
recover information bits by estimating a downlink channel based on the reference signal from which the orthogonal pattern is removed,
in response that the recovery of information bits is failed, select a virtual reference signal based on at least one of accuracy of data recovered at a position of a resource carrying each of the received signals, a correlation between the position of the resource carrying each of the received signals and a position of a resource carrying the reference signal, and an average error of a channel estimated at the position of the resource carrying each of the received signals, and
estimate the downlink channel based on the selected virtual reference signal.

US Pat. No. 10,367,658

WIRELESS NETWORK SESSION ESTABLISHMENT METHOD AND APPARATUS UTILIZING A VIRTUAL LOCAL AREA NETWORK LABEL

Huawei Technologies Co., ...

1. A session establishment method, comprising:acquiring, by an L2 session control functional entity, an infrastructure virtual circuit (IVC) corresponding to a user equipment (UE);
configuring, by the L2 session control functional entity, a virtual local area network (VLAN) label corresponding to the IVC;
sending, by the L2 session control functional entity, the VLAN label corresponding to the IVC to a customer location function set, wherein the customer location function set adds the VLAN label to a packet of the UE; and
notifying, by the L2 session control functional entity, an L2 forwarding functional entity of the VLAN label, wherein the L2 forwarding functional entity forwards, to the IVC, the packet sent by the customer location function set according to the VLAN label contained in the packet,
wherein the L2 session control functional entity and the L2 session forwarding functional entity are deployed on a same access node,
wherein the acquiring the IVC corresponding to the UE comprises receiving, by the L2 session control functional entity, a routing policy returned by a policy control system, wherein the routing policy indicates the IVC and a subscriber identity of the UE, and
wherein the configuring the VLAN label corresponding to the IVC comprises binding, by the L2 session control functional entity, through the routing policy, the UE with the VLAN label of the IVC corresponding to the UE.

US Pat. No. 10,367,655

NETWORK SYSTEM AND METHOD FOR CONNECTING A PRIVATE NETWORK WITH A VIRTUAL PRIVATE NETWORK

Alibaba Group Holding Lim...

1. A networking method, comprising steps of:receiving, at an edge router of a cloud data center, a virtual private cloud (“VPC”) network communication from a private network via a dedicated physical connection line to the edge router;
forwarding the VPC network communication from the edge router to a gateway hardware group connected to the edge router via a first connection using Virtual Extensible Local Area Network (“VXLAN”) technology; and
forwarding the VPC network communication from the gateway hardware group to a virtual machine (“VM”) in a VPC of a user of the private network connected to the gateway hardware group via a second connection using VXLAN technology to access the VM,
wherein the gateway hardware group is partitioned into regional gateway hardware subgroups based on a geographic location of the regional gateway hardware subgroups, respectively, and
wherein the regional gateway hardware subgroups are linked via a logical connection via which a network traffic load is balanced among multiple regional gateway hardware subgroups.

US Pat. No. 10,367,654

NETWORK DESIGN METHOD FOR ETHERNET RING PROTECTION SWITCHING

FUJITSU LIMITED, Kawasak...

1. A method for configuring networks, the method comprising:based on topology information representing a network, the topology information comprising nodes and links between the nodes, identifying at least two core nodes and a major ring including the core nodes;
adding a virtual node V and virtual links to the topology information, the virtual node V connecting to the core nodes with the virtual links;
for each non-core node in the topology information, identifying two diverse paths from the non-core node to the virtual node V;
populating a node set Snc with at least some of the non-core nodes;
sorting the node set Snc according to a decreasing number hops of diverse paths to the virtual node V;
repeating until the node set Snc is an empty set:
selecting a first non-core node K in the node set Snc with the greatest number of hops of diverse paths to the virtual node V;
identifying a next sub-ring having two diverse paths from the first non-core node K to the virtual node V;
initializing a node set Pnc with the non-core nodes shared by the node set Snc and the next sub-ring;
adding the first non-core node K to the next sub-ring;
removing the first non-core node K from the node set Snc and the node set Pnc; and
adding additional non-core nodes from the node set Pnc to the next sub-ring until a termination condition for the next sub-ring is satisfied; and
causing the network to be configured with the major ring and the sub-rings.

US Pat. No. 10,367,651

SYSTEM, METHOD, APPARATUS, AND COMPUTER PROGRAM PRODUCT FOR CONFIGURING A NETWORK CONNECTED APPLIANCE TO USE ONLINE SERVICES

ELECTROLUX HOME PRODUCTS,...

1. A method for configuring an appliance to use a home automation system, the method comprising a computer system:causing a plurality of home automation systems to be presented as selectable options via an interface accessed over a network via a user device associated with a user, the plurality of home automation systems being distinct and available for use with a network connected appliance;
receiving an indication of a selected home automation system for the network connected appliance, the indication being received from the user device, and the selected home automation system being user-selected from the plurality of home automation systems presented as selectable options via the interface;
registering the network connected appliance to the selected home automation system; and
enabling communication between the network connected appliance and the selected home automation system, enabling communication between the network connected appliance and the selected home automation system comprising remotely configuring the network connected appliance via a network to communicate with the selected home automation system.

US Pat. No. 10,367,649

SMART SCHEDULING AND REPORTING FOR TEAMS

SALESFORCE.COM, INC., Sa...

1. An apparatus, comprising:a processor; and
a memory device coupled to the processor, the memory device having instructions stored thereon for operating a calendar application, the instructions, in response to execution by the processor, performing operations comprising:
defining a collaboration group within the calendar application, the collaboration group including a plurality of users engaged on a same project;
identifying information based on interactions by the users with the calendaring application about the project, wherein the information includes metadata about the events and additional data, the metadata including quantity of events, types of events, users involved in events, positions of users involved in events, companies of users involved in events, or locations of events, the additional data including content of messages communicated regarding the events, documents associated with the events, or notes associated with the events;
determining a context based on the collected information and using a plural-ML-model (machine learning) based system;
deriving, based on the context, a visualization to inform one or more of the users on a performance of the collaboration group with respect to the project;
comparing the performance of the collaboration group with respect to the project to a performance of a different collaboration group having a different plurality of users, wherein deriving, based on the context, a visualization to inform one or more of the users on a performance of the collaboration group with respect to the project further comprises deriving the visualization based on the comparing; and
presenting the visualization to at least one user of the plurality of users.

US Pat. No. 10,367,648

MULTICAST FORWARDING TABLE ENTRY IN AN OVERLAY NETWORK

Hewlett Packard Enterpris...

1. A method of establishing multicast forwarding table entries in an overlay network, comprising:receiving, by an edge device (ED), a query packet for a multicast group;
recording, by the ED, a port that received the query packet into at least one list in a multicast forwarding table entry corresponding to the multicast group;
if the port that received the query packet is an overlay tunnel port and the query packet includes a forwarding flag, removing, by the ED, the forwarding flag in the query packet to create a modified query packet, and sending the modified query packet to all of overlay tunnel ports in a virtual local area network (VLAN) to which the query packet belongs except the overlay tunnel port that received the query packet, and
wherein the recording, by the ED, the port that received the query packet comprises:
if the port that received the query packet is an overlay tunnel port and the query packet includes a forwarding flag, adding the overlay tunnel port into a list of router ports corresponding to the multicast group; and
if the port that received the query packet is an overlay tunnel port and the query packet does not include a forwarding flag, adding the overlay tunnel port into a list of virtual router ports corresponding to the multicast group.

US Pat. No. 10,367,647

CERTIFICATE ACQUIRING METHOD AND DEVICE

HUAWEI TECHNOLOGIES CO., ...

1. A certificate acquiring device, comprising a hardware are processor coupled with a non-transitory storage medium storing executable instructions: wherein the executable instructions, when executed by the hardware processor, cause the certificate acquiring device to:receive a certificate application representation message sent by a newly installed virtual network function component (VNFC) instance, wherein the certificate application representation message comprises a public key used by the newly installed VNFC instance to apply for a certificate;
send a certificate request message to a certification authority according to the certificate application representation message, to request the certification authority to issue the certificate to the newly installed VNFC instance, wherein the certificate request message comprises a certificate of a master VNFC instance and the public key used by the newly installed VNFC instance to apply for the certificate; and
acquire the certificate issued by the certification authority, wherein the certificate is issued by the certification authority using the public key used by the newly installed VNFC instance to apply for the certificate.

US Pat. No. 10,367,646

CRYPTOGRAPHIC MATERIAL DISTRIBUTION AND MANAGEMENT

Amazon Technologies, Inc....

1. A computer-implemented method, comprising:receiving, by a cryptographic material management service of a computing resource service provider, a request to make cryptographic material available for use by one or more virtual computing resources of a customer of the computing resource service provider;
obtaining, by the cryptographic material management service, cryptographic material that includes a private key associated with a digital certificate; and
distributing, to a control domain, the cryptographic material for use by the one or more virtual computing resources, wherein the control domain:
launches, for each virtual computing resource of the one or more virtual computing resources, a secure module usable to store the cryptographic material or comprising a cryptoprocessor for performing cryptographic operations using the cryptographic material, the secure module being detectable by the virtual computing resource; and
sends the cryptographic material for storage by the secure module, the cryptographic material being non-exportable to the virtual computing resource and use of the cryptographic material for performing one or more cryptographic operations being programmatically available to the virtual computing resource via an interface.