US Pat. No. 11,030,327

DATA PROCESSING AND SCANNING SYSTEMS FOR ASSESSING VENDOR RISK

OneTrust, LLC, Atlanta, ...

8. A vendor risk analysis data processing system comprising:at least one computer processor;
one or more computer storage systems that store one or more privacy templates associated with a vendor; and
memory operatively coupled to the at least one computer processor, wherein the computer system is configured for:
scanning, by the one or more computer processors, content associated with one or more webpages associated with the vendor to identify one or more vendor attributes, wherein the one or more vendor attributes comprise one or more indications of one or more third-party processors associated with the vendor,
wherein each of the one or more indications of the one or more third-party processors associated with the vendor
indicates that a respective third-party processor of the one or more third-party processors performs one or more services associated with the vendor;
accessing, by the one or more computer processors from the one or more computer storage systems, a completed privacy template from among the one or more privacy templates associated with the vendor, the completed privacy template comprising a plurality of question/answer pairings regarding the vendor;
calculating, by the one or more computer processors, a vendor risk rating by:
assigning a particular weighting factor to a particular attribute of the one or more vendor attributes based, at least in part, on a privacy disclaimer associated with the particular attribute; and
calculating the vendor risk rating based at least in part on:
(a) the one or more third-party processors associated with the vendor;
(b) the one or more vendor attributes;
(c) the particular weighting factor of the particular attribute of the one or more vendor attributes; and
(d) content of the at least one of the plurality of question/answer pairings in the completed privacy template; and
taking, by one or more computer processors, one or more automated actions based on the vendor risk rating.

US Pat. No. 11,030,326

EXCHANGING USER INFORMATION WITH OTHER PHYSICALLY PROXIMATE USERS

1. A method of registering user interest using a wireless handset, the method comprising:receiving information encoding a time stamp from the wireless handset;
receiving location information indicating a location of the wireless handset;
determining a geographic location of the wireless handset proximate to a time indicated by the time stamp based on the indicated location of the wireless handset;
retrieving one or more profiles each corresponding to a business contact that is present in a vicinity of the determined geographic location of the wireless handset proximate to the time indicated by the time stamp;
transmitting a list of the one or more profiles of the retrieved profiles to the wireless handset;
receiving a profile response for each of the one or more profiles indicating a user interest in the business contact present in the vicinity of the determined geographic location of the wireless handset proximate to the time indicated by the time stamp that corresponds to the profile; and
updating a user profile to include a record for each received profile response to reflect the user interest in the business contact present in the vicinity of the determined location of the wireless handset proximate to the time indicated by the time stamp that corresponds to the profile for which the profile response is received, wherein a reply associated with the profile response is based on the time stamp.

US Pat. No. 11,030,325

SYSTEMS AND METHODS FOR GENERATING SECURITY IMPROVEMENT PLANS FOR ENTITIES

BitSight Technologies, In...

1. A computer-implemented method for generating a security improvement plan for a particular organization, the method comprising:receiving an organization data set for the particular organization, the organization data set comprising:
(i) a value for at least one static parameter indicative of a type of the organization;
(ii) a value for at least two input parameters indicative of a security profile of the particular organization; and
(iii) a value of a security class parameter indicative of a security class of the particular organization;
adjusting a value of a first input parameter of the input parameters;
determining a value of a second input parameter of the input parameters based on a relationship between the value of the first input parameter and the value of the second input parameter;
using a trained statistical classifier on the adjusted value of the first input parameter and the determined value of the second input parameter to infer an adjusted value of the security class parameter; and
if the adjustment of the value of the first input parameter results in an increased value of the security class parameter, generating a security improvement plan based on the adjusted value of the first input parameter and the determined value of the second input parameter, such that execution of the security improvement plan by the particular organization results in an increase in the value of the security class parameter of the particular organization.

US Pat. No. 11,030,324

PROACTIVE RESISTANCE TO RE-IDENTIFICATION OF GENOMIC DATA

KONINKLIJKE PHILIPS N.V.,...

1. A method for assessing risk associated with a request from an inquirer for allele frequency from a database of genetic data, comprising:generating an allele database comprising allele frequency information and request frequency information for each of a plurality of alleles, wherein the allele frequency information is extracted from a plurality of genetic sequences, and wherein the request frequency information comprises, for each of the plurality of genetic sequences, a count of previous requests for information about each of the plurality of alleles found within a respective genetic sequence;
generating an inquirer database comprising allele request information about a plurality of inquirers, wherein the allele request information comprises information about allele frequency information previously requested by each of a plurality of inquirers;
receiving a request for genetic data from an inquirer, comprising a request for allele frequency for one or more alleles and an identifier of the inquirer;
updating in the allele database, for each of the plurality of genetic sequences comprising the one or more alleles, the request frequency information based on the received request;
updating in the inquirer database, based on the received inquirer identifier, the allele request information for the requesting inquirer;
calculating an allele risk score based on the updated allele database wherein the allele risk score is calculated using the equation:
where Ri is the risk level of the genetic sequence, n is the number of rare alleles, F(j) is the frequency of allele j, and Index (i,j) is the number of requests for allele j for genetic sequence i;calculating an inquirer risk score based on the updated inquirer database; and
assessing, based on the allele risk score and the inquirer risk score, a risk associated with the received request.

US Pat. No. 11,030,323

SYSTEM TO MANAGE SECURITY SCANNING IN MEDIA ENVIRONMENTS

Disney Enterprises, Inc.,...

1. A computer-implemented method of using application programming interfaces (APIs) to manage security scanning in a media processing environment, the computer-implemented method comprising:determining to perform a security scanning operation on a remote device in the media processing environment;
determining, using a signal chain management API over a data communications network, a first signal chain within the media processing environment, the first signal chain comprising a plurality of remote devices that includes the remote device;
determining, using an operational status API of each of the plurality of remote devices of the first signal chain over the data communications network, that at least one remote device is currently performing, or is scheduled to perform, a media processing operation within a first window of time;
scheduling to determine, after the first window of time has elapsed and using the signal chain management API, a second signal chain comprising a plurality of remote devices that includes the remote device; and
determining, using an operational status API of each of the plurality of remote devices of the second signal chain, that each of the plurality of remote devices of the second signal chain is not currently performing, and is not scheduled to perform, any media processing operation within a second window of time; and
initiating, by operation of one or more computer processors, performance of the security scanning operation on the remote device.

US Pat. No. 11,030,322

RECOMMENDING THE MOST RELEVANT AND URGENT VULNERABILITIES WITHIN A SECURITY MANAGEMENT SYSTEM

International Business Ma...

1. A method, in a data processing system comprising at least one processor and at least one memory, wherein the at least one memory comprises instructions executed by the at least one processor to cause the at least one processor to implement a security management system for accessing security vulnerability issue information, the method comprising:monitoring, by the security management system, human security analyst interactions with security vulnerability issues via the security management system to generate analyst interaction log data;
generating, by the security management system, one or more security analyst models corresponding to one or more human security analysts by performing a machine learning operation on the analyst interaction log data to configure the one or more security analyst models to map identifiers of security analyst interests and identifiers of expertise to different types of security vulnerability issues, wherein each of the one or more security analyst models comprises one or more first vector representations of issues viewed by a corresponding security analyst and issues fixed by the corresponding security analyst;
generating, by the security management system, an analyst-issue model based on a combination of one or more security vulnerability issue models and the one or more security analyst models, wherein each of the one or more security vulnerability issue models comprises one or more second vector representations of issues present in an issue repository, and wherein generating the analyst-issue model comprises generating a weighted graph based analyst-issue model, based on the one or more first vector representations and the one or more second vector representations; and
outputting, by the security management system, an issue recommendation for a human security analyst based on the analyst-issue model.

US Pat. No. 11,030,321

PROCESSING AND EVALUATING DATA BASED ON ASSOCIATED DEVICE VULNERABILITY

International Business Ma...

1. A method, comprising:classifying, by a data collector, a plurality of devices into a plurality of groups based on respective measures of vulnerability associated with each device;
determining, by the data collector, a respective weighting factor for each respective group of the plurality of groups based at least in part on a number of devices included in the respective group;
receiving, at the data collector, data from a first device of the plurality of devices, wherein the first device is affected by one or more vulnerabilities;
modifying, by the data collector, an evidentiary value of the received data based on the respective weighting factor associated with the first device;
determining, by the data collector, a probable state of a physical environment, based in part on the data received from the first device; and
initiating one or more actions, based on the probable state of the physical environment, to improve a state of the physical environment.

US Pat. No. 11,030,320

MANAGING THE LOADING OF SENSITIVE MODULES

WEBROOT INC., Broomfield...

1. A computer-implemented method for evaluating an application accessing a module, comprising:scanning one or more files associated with the module to reveal one or more module attributes, wherein the one or more module attributes includes digital certificate information,
determining, based on the one or more module attributes, a sensitivity level for the module;
determining a trust level associated with the application;
when the application accesses the module, evaluating the sensitivity level for the module and the trust level associated with the application to determine whether the application is suspicious;
based on determining the application is suspicious, performing an action selected from the group of actions consisting of:
preventing the application from accessing the module;
monitoring the application; and
querying a user as to whether to permit the application to access the module.

US Pat. No. 11,030,319

METHOD FOR AUTOMATED TESTING OF HARDWARE AND SOFTWARE SYSTEMS

AO Kaspersky Lab, Moscow...

1. A method of automated testing of hardware and software systems comprising:receiving a formalized architecture description describing an architecture of a system being designed, wherein the formalized architecture description includes at least components of the system and links between components of the system;
receiving a formalized threat description describing threats to systems similar to the system being designed based on comparisons of purposes or goals for which the systems are designed;
building, by a processor, a use model based on the formalized architecture description;
building, by a processor, a threat model based on the formalized threat description;
determining, by a processor, kinds of use of the system by comparing the threat model to the use model; and
determining, by a processor, components of the system based on the kinds of use of the system.

US Pat. No. 11,030,318

INTERACTIVE VERIFICATION OF SECURITY VULNERABILITY DETECTIONS USING RUNTIME APPLICATION TRAFFIC

Synopsys, Inc., Mountain...

1. A method comprising:receiving information defining an application state of an application, the information including a current step in navigation flow of the application;
receiving, using a protocol, an application service request, the application service request including identification of a requested action and an application service request parameter value associated with an application service request parameter;
parsing, by an application service parser, the application service request to identify the application service request parameter of the application service request and the parameter value assigned to the application service request parameter;
altering the application service request parameter by replacing the application service request parameter value with a different value;
reconstructing the application service request, the reconstructed application service request comprising the different application service request parameter value and corresponding to the application state of the application;
transmitting the reconstructed application service request to the application server for execution of the application using the protocol;
analyzing behavior of the reconstructed application service request while executing the reconstructed application service request to detect a security vulnerability by determining whether the reconstructed application service request is handled in an insecure manner by the application server, wherein analyzing the behavior of the application is performed using instrumentation at specific locations of interest in the execution of the application;
subsequent to determining, based on the analysis, that the reconstructed application service request is handled in an insecure manner by the application server, verifying whether the detection of the security vulnerability corresponds to a true vulnerability or a false positive; and
transmitting the results of the verification of the detection of the security vulnerability.

US Pat. No. 11,030,317

INDEPENDENTLY RECOVERABLE SECURITY FOR PROCESSOR AND PERIPHERAL COMMUNICATION

INTEL CORPORATION, Santa...

1. An apparatus comprising:a peripheral including a first set of secure fuses having a first credential burned therein; and
a processor including a second set of secure fuses having a second credential burned thereon, wherein firmware on the processor is to receive, from the peripheral, a first security attribute derived from the first credential, derive a shared secret based on the first security attribute and a second security attribute derived from the second credential, and transmit the shared secret to the peripheral, wherein the processor is to derive the shared secret during a first power cycle, and wherein during a second power cycle, the peripheral is to prompt the processor to re-derive the shared secret.

US Pat. No. 11,030,316

SYSTEM AND METHOD FOR PROVIDING SECURITY PROTECTION FOR FPGA BASED SOLID STATE DRIVES

Samsung Electronics Co., ...

1. A method for providing security to a storage device, the method comprising:receiving, by the storage device, a public key via a network;
sending, by the storage device, the received public key and a proposed configuration corresponding to the storage device to a controller that resides in a control plane of the network;
determining, by the controller, that the public key received from the storage device matches a private key available to the controller;
downloading, by the controller, the proposed configuration to the storage device;
determining, by the controller, that the proposed configuration is successfully downloaded to the storage device;
operating the storage device according to the proposed configuration; and
granting, by the controller, a request to lease the storage device operating in the proposed configuration for a time interval,
wherein the downloading by the controller, further comprising:
downloading, by the controller to the storage device, user specific bitfile and firmware corresponding to the proposed configuration;
determining, by the controller, that the time interval granted to lease the storage device is expired;
issuing, by the controller, based on determining that the time interval granted to lease the storage device is expired, a command to delete the user specific bitfile and firmware downloaded to the storage device;
determining, by the controller, that the user specific bitfile and firmware are successfully deleted from the storage device leased for the time interval; and
determining, by the controller, based on determining that the user specific bitfile and firmware are successfully deleted from the storage device, the storage device is ready to be leased by a new user.

US Pat. No. 11,030,315

SYSTEMS, METHODS, AND COMPUTER PROGRAM PRODUCTS FOR MANAGING DISABLING OF SERVICES

Google LLC, Mountain Vie...

1. A method to manage secure elements, comprising:receiving, by a trusted service manager (TSM), a request to disable a version of an applet, the request comprising a secure element profile identifier, the secure element profile identifier being part of a single profile associated with a plurality of secure elements, the single profile accessible to the TSM and describing an availability state of each version of the applet installed in the associated plurality of secure elements;
accessing, by the TSM using the secure element profile identifier, the single profile;
modifying, by the TSM in the single profile accessed, the availability state of the version to indicate that the version is unavailable;
determining, by the TSM, whether an earlier version of the applet installed in the associated plurality of secure elements is compatible with the associated plurality of secure elements based on the single profile accessed;
modifying, by the TSM in the single profile accessed, the availability state of the earlier version to “available,” in a case where the TSM determined that the earlier version is compatible with the associated plurality of secure elements; and
transmitting, by the TSM, instructions to the associated plurality of secure elements corresponding to the single profile accessed to conform each version to the single profile accessed as modified.

US Pat. No. 11,030,314

STORAGE SYSTEM WITH SNAPSHOT-BASED DETECTION AND REMEDIATION OF RANSOMWARE ATTACKS

EMC IP Holding Company LL...

1. An apparatus comprising:a storage system comprising a plurality of storage devices and a storage controller;
the storage controller being configured:
to generate a plurality of snapshots of a storage volume of the storage system at respective different points in time;
to monitor a differential between a given one of the snapshots and a current version of the storage volume; and
to generate an alert indicative of at least a potential ransomware attack on the storage system based at least in part on the monitored differential satisfying one or more specified conditions, the potential ransomware attack comprising a suspected ransomware attack not yet confirmed as an actual ransomware attack;
wherein generating an alert indicative of at least a potential ransomware attack on the storage system based at least in part on the monitored differential satisfying one or more specified conditions comprises:
determining that the monitored differential satisfies the one or more specified conditions;
determining compressibility of at least a portion of the storage volume; and
generating the alert responsive to the monitored differential satisfying the one or more specified conditions and the compressibility of the storage volume being below a specified level of compressibility, the specified level of compressibility being based at least in part on a minimum compressibility achievable for said at least a portion of the storage volume;
wherein determining compressibility of at least a portion of the storage volume comprises collecting compressibility statistics for the storage volume as data is written to the storage volume; and
wherein the storage controller comprises at least one processing device comprising a processor coupled to a memory.

US Pat. No. 11,030,313

REMOTE MALWARE SCANNING CAPABLE OF STATIC AND DYNAMIC FILE ANALYSIS

F-Secure Corporation, He...

1. A method of remote malware scanning, the method comprising:obtaining, at a second node, metadata of an electronic file to be scanned for malware from a first node, said metadata including at least information for identification of one or more file items contained in the electronic file;
identifying, at the second node, based on the obtained metadata of the electronic file that at least one file item of the electronic file is pre-known in a knowledge base of the second node and that at least one file item of the electronic file is not pre-known in a knowledge base of the second node;
based on the obtained metadata identifying that the at least one file item of the electronic file is not pre-known in a knowledge base of the second node, delivering an instruction to the first node requesting the at least one file item of the electronic file that is identified as not pre-known be communicated from the first node to the second node;
reconstructing, at the second node, the electronic file by assembling its file items, including the at least one file item of the electronic file requested from the first node based on the obtained metadata of the electronic file identifying the at least one file item of the electronic file is not pre-known in a knowledge base of the second node, and on a prior version of the electronic file which is pre-known in the knowledge base of the second node, wherein the metadata comprises an indication of a path of each of the at least one file item of the electronic file that is not pre-known in a knowledge base, and comprises a secure hash value for each of the path, for each of the electronic file item of each of the at least one file item of the electronic file that is not pre-known in the knowledge base, and for the prior version of the electronic file; and
executing, at the second node, a dynamic malware analysis on a runtime behavior of the reconstructed electronic file, comprising executing a dynamic malware analysis on a runtime behavior of the at least one file item of the reconstructed electronic file that is not pre-known in the knowledge base of the second node based on the metadata.

US Pat. No. 11,030,312

SYSTEM AND METHOD FOR MACHINE BASED DETECTION OF A MALICIOUS EXECUTABLE FILE

International Business Ma...

1. A system for training a file classification model for classifying malicious software comprising at least one hardware processor adapted to:computing a plurality of training datasets, each for one of a plurality of training executable software files, each file having a class label, each of the plurality of training datasets is computed by:
receiving a respective training executable file;
detecting a plurality of binary functions in the respective training executable file;
translating each of the respective plurality of binary functions into a symbolic language to produce a plurality of disassembled functions;
clustering a plurality of operation codes identified in the plurality of disassembled functions into a plurality of operation code clusters according to respective operation code;
computing a plurality of statistical values of the plurality of disassembled functions and the plurality of operation code clusters; and
associating the plurality of statistical values with the training executable file's class label to produce a training dataset; and
training a file classification model using the plurality of training datasets to compute at least one classification score of an input file.

US Pat. No. 11,030,311

DETECTING AND PROTECTING AGAINST COMPUTING BREACHES BASED ON LATERAL MOVEMENT OF A COMPUTER FILE WITHIN AN ENTERPRISE

CA, Inc., San Jose, CA (...

1. A computer-implemented method for detecting and protecting against a computing breach based on lateral movement of a computer file within an enterprise, at least a portion of the method being performed by a computing device comprising one or more processors, the method comprising:obtaining data associated with an existence a computer file in a first computing device and a second computing device of an enterprise;
detecting a pattern of lateral movement of the computer file from the first computing device to the second computing device over a predetermined period of time, based on the data;
generating a file movement graph comprising a first node and a second node, wherein the first node is associated with a first device and a first timestamp representative of when the computer file was determined to be associated with the first device, and wherein the second node is associated with a second device and a second timestamp of when the computer file was determined to be associated with the second device;
calculating a likelihood score that the computer file is malicious based on the detected pattern and the file movement graph;
determining that the likelihood score satisfies a predetermined breach threshold; and
in response to determining that the likelihood score satisfies the predetermined breach threshold, initiating remedial action on the computer file to protect the enterprise against the computer file.

US Pat. No. 11,030,310

SYSTEMS AND METHODS FOR DISABLING A MALICIOUS ECU IN A CONTROLLER AREA NETWORK (CAN) BUS

Red Bend Ltd., Hod Hasha...

1. A computer implemented method of disabling a malicious electronic control unit (ECU) of a plurality of ECUs in communication with a controller area network (CAN) bus network, the method executed by a computing device in communication with the plurality of ECUs and the CAN bus network, the method comprising:detecting a malicious message transmitted by the malicious ECU over the CAN bus network; and
injecting a plurality of bits over the CAN bus network to trigger a predefined plurality of errors for disabling the malicious ECU before the malicious ECU makes an additional attempt to retransmit an additional instance of the malicious message;
wherein the predefined number of the plurality of errors are triggered by a plurality of injection sessions, wherein each bit injection session is triggered in response to detection of an additional error;
wherein a first injection session of the plurality of injection sessions comprises injecting bits to trigger a first error and transmission of a first error flag, wherein a current error count value stored by at least one error counter of the malicious ECU is increased by the transmission of the first error flag; and further comprising:
interrupting the error frame storing the first error flag and injecting bits as an additional bit injection session for manipulating the form of the error frame to trigger a form error, wherein the form error triggers transmission of another error flag which triggers another increase of the current error count value stored by the at least one error counter of the malicious ECU;
iterating the interrupting of an additional error frame and the injection of bits as an additional bit injection session for manipulating the form of the error frame, to trigger at each iteration the transmission of a form error form and a respective increase of the current error count value,
wherein the number of iterations are performed accordingly to generate the predefined number of the plurality of errors for disabling the malicious ECU.

US Pat. No. 11,030,309

THREAT DETECTION SYSTEM

F-Secure Corporation, He...

1. A method of detecting a threat against a computer system, the method comprising:a) analysing the computer system to find any at least one of applications or services exhibiting common at least one of vulnerability types or misconfigurations known to exist;
b) monitoring installation and normal operation of such found at least one of applications or services of the analysed computer system that are detected to exhibit said at least one of vulnerability types or misconfigurations;
c) creating and storing representations of expected behaviors of monitored at least one of applications or services on the basis of the monitoring, comprising maintaining a respective behavior profile for each respective monitored at least one of applications or services, wherein the respective behavior profile identifies, for one or more procedures of the respective monitored at least one of application or services, a respective characteristic action and respective one or more expected actions for each of the respective monitored at least one of application or services;
d) monitoring the behavior of the computer system to detect the one or more procedures of the monitored at least one of applications or services that do not match the expected behaviors of the respective monitored at least one of applications or services defined in the respective behavior profile; and
e) upon detection of the one or more procedures not matching the expected behaviors of the monitored at least one of applications or services, identifying said at least one of applications or services as malicious or suspicious.

US Pat. No. 11,030,308

INTER-APPLICATION DEPENDENCY ANALYSIS FOR IMPROVING COMPUTER SYSTEM THREAT DETECTION

NEC Corporation

1. A system for improving threat detection in a computer system by performing an inter-application dependency analysis on events of the computer system, comprising:a memory device for storing program code;
a processor operatively coupled to the memory device and configured to perform the inter-application dependency analysis by executing program code stored on the memory device to:
receive a Tracking Description Language (TDL) query for performing a tracking analysis, the TDL query including general constraints for performing the tracking analysis, a tracking declaration specifying at least events of the computer system to be analyzed, and an output specification specifying a location for storing a tracking graph generated by the tracking analysis;
parse the TDL query using a language parser;
execute the tracking analysis based on the parsed TDL query by implementing a progressive tracking method to generate a result of the tracking analysis by:
splitting dependents of a given one of the events of the computer system into a plurality of execution windows with each of the execution windows being defined as a 3-tuple, where begin is a starting time point, finish is an ending time point, and e is an event of interest, wherein the events of the computer system are used as edges in the tracking graph;
enumerating all events occurring in each of the execution windows; and
prioritizing the plurality of execution windows based on their respective ending time points;
generate a tracking graph by cleaning the result of the tracking analysis by removing all nodes that fail to meet constraints of the TDL query; and
output, via an interface, query results based on the tracking graph, the query results including at least one of the tracking graph and an optimized version of the tracking graph.

US Pat. No. 11,030,307

AUDIT LOG ENHANCEMENT

VARONIS SYSTEMS LTD., He...

1. A system comprising a processor and a non-transitory, tangible computer-readable medium in which computer program instructions are stored, which instructions, when read by a computer, cause the computer to enable monitoring actual access to data elements in an enterprise computer network and providing associated data, the system further comprising:an at least near real time data element audit subsystem providing audit output data including at least one of a time stamp, identification of an accessor, user depository stored data regarding said accessor, accessed data element data, affected data element data, type of access operation, source IP address of access and access outcome data, in at least near real time, relating to actual access of said accessor to data elements within said enterprise computer network;
an additional data providing subsystem operative to:
receive in at least near real time at least a part of said audit output data relating to said actual access of said accessor;
automatically search said enterprise computer network in order to find at least one useful data source outside of said enterprise computer network;
utilize said at least part of said audit output data for automatically retrieving, in response to said audit output data, additional data relating to said actual access of said accessor from said at least one useful data source outside of said enterprise computer network, which said additional data is not part of said audit output data; and
utilize a combination of at least said part of said audit output data relating to said actual access to said data elements within said enterprise computer network and said additional data relating to said actual access of said accessor from said at least one data source outside of said enterprise computer network for said monitoring said actual access to said data elements in said enterprise computer network and providing a monitoring access output for said actual access; and
a protective measure subsystem operative to provide at least one automatic protective measure in at least near real time to said enterprise computer network when said monitoring access output indicates that said actual access may be problematic.

US Pat. No. 11,030,306

METHOD FOR EXECUTING A PROGRAM INTENDED TO BE INTERPRETED BY A VIRTUAL MACHINE PROTECTED AGAINST FAULT INJECTION ATTACKS

1. A method comprising:in an electronic device comprising a hardware processor that executes a virtual machine stored in a non-volatile memory, receiving, by the virtual machine, a command to execute a target program;
when executing the target program, the virtual machine determines a reference code instruction intended to be interpreted using machine code,
reading interpretation rights data (DR) of the target program indicating a portion (P1) of the target program containing code instructions allowed to be interpreted by the virtual machine, wherein the portion of the target program has a range of addresses defining the portion within the target program,
from the read interpretation rights data, checking if the reference code instruction has an address within the range of addresses, and
interpreting, by the virtual machine, the reference code instruction using machine code executed by the hardware processor, only if the address of the reference code instruction is within the range of addresses, to prevent the virtual machine from interpreting code instructions outside the range of addresses, wherein when the reference code instruction is not within the range of addresses, signaling an error indicating a security exception by the virtual machine.

US Pat. No. 11,030,305

VIRTUAL RELAY DEVICE FOR PROVIDING A SECURE CONNECTION TO A REMOTE DEVICE

Unisys Corporation, Blue...

1. A method of providing a remote device access to a shared network, comprising:receiving, at a router, an incoming connection request to open an IPsec tunnel to the shared network from the remote device belonging to a community of interest having a unique key;
initiating a virtual device host, wherein the virtual device host executes a virtual device relay for the remote device;
hosting the router and the virtual device relay on a server;
routing, to the virtual device host, data received from the incoming connection;
receiving, at the virtual device relay, data from the remote device, the data being encrypted with the unique key; and
forwarding the data to a second host on the shared network having the same community of interest by the virtual device relay, such that the second host can use the unique key to decrypt the data;
wherein the remote device and the second host can securely communicate through the virtual device relay by use of the unique key.

US Pat. No. 11,030,304

BUFFER OVERFLOW DETECTION BASED ON A SYNTHESIS OF ASSERTIONS FROM TEMPLATES AND K-INDUCTION

Oracle International Corp...

1. A method for buffer overflow detection comprising:obtaining a program code configured to access memory locations in a loop using a buffer index variable;
obtaining an assertion template configured to capture a dependency between the buffer index variable and a loop index variable of the loop in the program code;
generating an assertion using the assertion template;
verifying that the assertion holds, using a k-induction comprising:
making a determination that the assertion holds for k-1 iterations of the loop when executing the loop with constraints based on concrete values, and based on the determination:
symbolizing the constraints,
executing k-1 iterations of the loop using the symbolized constraints to obtain additional constraints,
executing a single iteration of the loop using the symbolized constraints and the additional constraints, and
based on a determination that the assertion holds for the single iteration, concluding that the assertions holds for all executions of the loop; and
determining whether a buffer overflow exists using the assertion.

US Pat. No. 11,030,303

TIME LIMITED APPLICATION ENABLEMENT

MICROSOFT TECHNOLOGY LICE...

1. A method of managing execution of applications in a computing environment, comprising:obtaining a list of one or more applications that are permitted to execute in the computing environment;
receiving, from each of a plurality of devices in the computing environment, an execution history of at least one application in the list with respect to the device;
determining a common time at which the at least one application in the list executes on the plurality of devices based on historical execution times identified in the execution histories;
assigning, to the at least one application in the list, a rule that specifies a time period during which the application is allowed to execute, the specified time period being automatically determined based at least on the common time at which the at least one application in the list executes on the plurality of devices;
permitting the at least one application to execute in the computing environment during the specified time period; and
preventing the at least application from executing in the computing environment outside of the specified time period.

US Pat. No. 11,030,302

RESTRICTING ACCESS TO APPLICATION PROGRAMMING INTERFACES (APIS)

Webroot Inc., Broomfield...

1. A system comprising:at least one processor; and
memory storing instructions that, when executed by the at least one processor, causes the system to perform a set of operation, the set of operations comprising:
monitoring at least one application programming interface (API) associated with performing one or more file finding functions;
intercepting a call operation directed to the at least one API, wherein the call operation is associated with a process attempting to perform at least one of the one or more file finding functions;
determining a trust level for the process; wherein determining the trust level for the process comprises:
accessing a process data store to compare one or more attributes of the process to information for a set of known processes to determine whether the process is an unknown process;
accessing a call operation data store to compare one or more attributes of the call operation to information for a set of known call operation attributes to determine whether the call operation is untrusted; and
determining the trust level for the process based at least in part on the determination whether the process is an unknown process and the determination whether the call operation is untrusted;
evaluating the determined trust level to determine whether the process is trusted or untrusted;
based on determining the process is untrusted, presenting a prompt to a user to allow the call operation;
responsive to a user indication to allow the call operation, allowing the call operation; and
based on determining the process is untrusted and absent a user indication to allow the call operation, blocking the call operation directed to the at least one API from performing the at least one of the one or more file finding functions.

US Pat. No. 11,030,301

HACKING-RESISTANT COMPUTER DESIGN

1. A computer system comprising:a first partition and a second partition;
the first partition comprising:
a first CPU; and
a first memory module comprising:
at least one memory address range for program code, wherein the program code comprises computer-executable code;
at least one memory address range for other data; and
wherein the system is configured for the first CPU to execute only the computer executable code in the at least one memory address range for program code;
the second partition comprising:
a second CPU;
a second memory module; and
at least one communication module configured to couple to a network;
wherein the system is configured for the first partition to read data from the second partition into only the at least one memory address range for other data;
wherein the first partition is configured to send data to the second partition; and
wherein the second CPU is restricted from directly accessing the first memory module.

US Pat. No. 11,030,300

SYSTEMS AND METHODS FOR GENERATING AND VALIDATING CERTIFIED ELECTRONIC CREDENTIALS

PARADIGM, INC., Virginia...

1. An electronically implemented method for validating a certified electronic academic credential using a credential recipient personal access key, the method comprising:storing, in a publisher validation database, a plurality of certified electronic credential records corresponding to a plurality of certified electronic academic credentials and associated authentication information, including a first certified electronic credential record received from a first credentialer, each record associated with an authentication information and comprising an academic credential status;
storing, in a publisher credential recipient personal access key database, a first credential recipient personal access key associated with at least one of the first certified electronic credential record and an authentication information associated with the first certified electronic credential record;
receiving at a publisher validation service, a certified electronic credential validation request and proffered authentication information from a first credentialer validation portal unique to the first credentialer, the certified electronic credential validation request submitted by a validating entity, the proffered authentication information including a proffered personal access key;
identifying the first certified electronic credential record in the publisher validation database associated with the proffered authentication information;
comparing the proffered personal access key with the first credential recipient personal access key;
generating a publisher validation response based on the identified certified electronic credential record;
transmitting the publisher validation response to the first credentialer validation portal; and
providing validation information based on at least a portion of the publisher validation response to the validating entity.

US Pat. No. 11,030,299

SYSTEMS AND METHODS FOR PASSWORD MANAGERS

CAPITAL ONE SERVICES, LLC...

1. A system, comprising:a browser extension configured for execution on a first user device, wherein the browser extension is configured to:
display a response code comprising:
a unique session identifier identifying the browser extension and a user browsing session, and
metadata including a security question, a browser type identifier, and a time zone identifier;
receive login credentials from a server; and
encrypt the received login credentials with a private key; and
a password manager application configured for execution on a second user device, the second user device having a scanner configured to scan the response code, wherein the password manager application is configured to:
establish a handshake with the server based on the metadata;
extract the unique session identifier;
extract the security question;
parse the unique session identifier into session identifier content;
send the security question and a portion of the session identifier content to the server;
receive an approval from the second user device;
receive a security question answer from the server, wherein the security question answer is associated with the password manager application; and
send a notification to the server.

US Pat. No. 11,030,298

CANDIDATE USER PROFILES FOR FAST, ISOLATED OPERATING SYSTEM USE

Microsoft Technology Lice...

1. A computer device, comprising:a memory to store data and instructions;
at least one processor configured to communicate with the memory; and
an operating system configured to communicate with the memory and the at least one processor, wherein the operating system is operable to:
create a candidate account representing a blank user profile for use on the computer device;
automatically login the candidate account and lock the computer device; and
create a user specific isolated environment on the computer device for the candidate account.

US Pat. No. 11,030,297

SYSTEMS AND METHODS FOR DEVICE AND USER AUTHORIZATION

COMCAST CABLE COMMUNICATI...

1. A method comprising:receiving, from a first user device associated with an account holder of a service account, a first request to grant a user one or more permissions associated with the service account;
causing, based on the first request, a first record to be created on a first distributed ledger associated with the account holder, wherein the first record comprises an indication of a second user device associated with the user;
causing, based on the first request, a second record to be created on a second distributed ledger associated with the user and different than the first distributed ledger, wherein the second record comprises an indication of the one or more permissions;
receiving, from the second user device, a second request to access a function associated with the one or more permissions; and
accessing, based on the second request, the first record and the second record; and
granting, based on the accessing the first record and the second record, the second user device access to the function.

US Pat. No. 11,030,296

LOGIN TO A SUSPENDED ACCOUNT

Advanced New Technologies...

1. A method for loss reported account acquisition, comprising:acquiring a loss reported account by:
performing a loss report for an account on a network server, wherein performing the loss report includes:
obtaining an account loss report request at the network server, the account loss report request comprising an account name of the loss reported account;
deactivating logging into the loss reported account based on inputting the account name and a password during a period of time, the loss reported account being registered with the account name and the password;
generating an operation code according to the account name of the loss reported account, wherein the operation code includes a bar code or a Quick Response (QR) code;
obtaining a user contact address associated with the loss reported account corresponding to the account name; and
sending the operation code to the user contact address;
receiving a login request at the network server from a client terminal, the login request comprising the operation code correlated with the loss reported account;
determining, at the network server, that the operation code meets a preset condition, wherein determining that the operation code meets the preset condition further comprises determining that a number of times the operation code is used is within a preset threshold of a number of times, and wherein the preset threshold is defined by a user of the loss reported account and is more than one;
acquiring a predetermined access right associated with the loss reported account according to the operation code, wherein the predetermined access right is defined by the user of the loss reported account from a plurality of access rights, and wherein the plurality of access rights include a right to unsuspend account and a right to check account; and
logging in to the loss reported account with the predetermined access right on the network server during the period of time.

US Pat. No. 11,030,295

ENABLING WEBGUI ACCESS TO TARGET SYSTEMS

SAP SE, Walldorf (DE)

1. A computer-implemented method for web-based graphical user interface (GUI) access to security sessions with target systems through access control of an intermediate system, the method being executed by one or more processors and comprising:receiving, by an intermediate system from a web browser, a request to access a web-based application executed within a target system;
in response to the request, transmitting, by the intermediate system, a request for a reentrance ticket to access the web-based application executed within the target system, the request for a reentrance ticket comprising user credentials;
receiving, by the intermediate system from the target system, the reentrance ticket and a uniform resource locator (URL) of the web-based application executed within the target system; and
transmitting, by the intermediate system, the reentrance ticket and the URL of the web-based application to the web browser, the web browser transmitting a request for a security session to the web-based application using the URL, and executing one or more calls directly with the web-based application executed within the target system during the security session, the request for a security session being absent user credentials.

US Pat. No. 11,030,294

COMPUTERIZED SYSTEMS AND METHODS FOR DETERMINING AUTHENTICITY USING MICRO EXPRESSIONS

COUPANG CORP., Seoul (KR...

1. A method for calculating authenticity of a human user, performed by a device having at least one processor, the method comprising:receiving, via a network, a request, the request instantiating a connection with a user device;
providing, via the network, a first question to the user device;
extracting a plurality of facial expressions from data received via the connection;
calculating, using a first convolutional neural network, first data corresponding to one or more predetermined emotions based on at least one extracted facial expression, and using a second convolutional neural network, second data corresponding to the one or more predetermined emotions based on at least two extracted facial expressions and the received data;
generating candidate emotion data using the first and second data;
determining whether the candidate emotion data predicts a predetermined emotion; and
based on determining whether the candidate emotion data predicts the predetermined emotion:
generating a second question to collect additional data for aggregating with the first and second data; or
determining the authenticity of the human user and using the determined authenticity to decide on the request.

US Pat. No. 11,030,293

METHOD AND SYSTEM FOR CONFIGURABLE DEVICE FINGERPRINTING

Beijing Didi Infinity Tec...

1. A method of configurable device fingerprinting, the method comprising:providing, by a server, a user interface comprising a list of selectable system attributes of a first client device that includes:
a basic input/output system universal unique identifier (biosUuid) attribute;
an operating system product identification number (osProductId) attribute;
a system serial number;
a hard disk serial number;
a media access control (MAC) address;
an internet protocol (IP) address; and
a hostname;
rendering the list of selectable system attributes on the user interface;
receiving, from a second device via the user interface, a selection of at least three of the selectable system attributes to generate first information including respective values corresponding to the at least three of the selectable system attributes that correspond to the first client device,
wherein the at least three of the selected system attributes includes:
the biosUuid;
the osProductId; and
at least one of:
the system serial number;
the hard disk serial number;
the MAC address;
the IP address; or
the hostname;
storing, at the server, the first information;
receiving, at the server, a first signal requesting that a first client device be registered, the first signal including system information corresponding to the first client device;
determining a fingerprint of the first client device based on a matching of at least a portion of the system information with the stored first information;
generating a first identifier corresponding to the first client device based at least in part on the portion of the system information that matched the stored first information;
storing, by the server, the fingerprint and corresponding first identifier;
sending, by the server, the first identifier to the first client device;
receiving, by the server, a first token request that includes the first identifier and the system information;
verifying, by the server, the first token request by comparing the received first identifier and the received system information with the stored fingerprint and the stored first identifier; and
in response to the verification:
determining that the first token request was sent by the first client; and
sending a token to the first client,
wherein subsequent communications between the first client and the server are secured using the token.

US Pat. No. 11,030,292

AUTHENTICATION USING SOUND BASED MONITOR DETECTION

Advanced New Technologies...

1. A computer-implemented method performed by at least one processor, the method comprising:obtaining, by the at least one processor, an image of a user of a computing device as part of an image-based authentication process of the computing device;
accessing, by the at least one processor, sound data that is generated by at least one microphone of the computing device, the sound data describing sound that is detected by the at least one microphone;
generating, by the at least one processor, based on frequency characteristics of the detected sound indicating presence of sound emitted by a display monitor, prediction information that describes a probability that the display monitor is operating in proximity to the computing device during the image-based authentication process;
determining, by the at least one processor, based on the prediction information, that the image of the user is a spoofed image displayed by the display monitor; and
determining, by the at least one processor, based on determining that the image of the user is a spoofed image, that the image-based authentication process is to be aborted.

US Pat. No. 11,030,291

METHODS AND SYSTEMS FOR USER AUTHENTICATION

Comcast Cable Communicati...

1. A method, comprising:receiving, by a user device, a request to access the user device;
receiving, based on the request, a plurality of images of a user, wherein the plurality of images comprises one or more visemes of the user speaking one or more words;
determining a match between the one or more visemes of the user and one or more stored visemes of the user speaking the one or more words; and
granting, based on the match between the one or more visemes of the user and the one or more stored visemes, access to the user device.

US Pat. No. 11,030,290

BIOLOGICAL DATA REGISTRATION SUPPORT DEVICE, BIOLOGICAL DATA REGISTRATION SUPPORT SYSTEM, BIOLOGICAL DATA REGISTRATION SUPPORT METHOD, BIOLOGICAL DATA REGISTRATION SUPPORT PROGRAM, RECORDING MEDIUM FOR STRONG BIOLOGICAL DATA REGISTRATION SUPPORT PROGRAM

NEC CORPORATION, Tokyo (...

1. An authentication data registration support system comprising:a memory storing a computer program; and
one or more processors configured to run the computer program to perform:
obtaining a plurality of scenarios each corresponding to a service, each scenario including at least one verification method which is related to an authentication data;
determining two of the plurality of scenarios as a first registration scenario and a second registration scenario for the service based on request information;
acquiring input authentication data related to the at least one verification method of the first registration scenario and the second registration scenario;
when the first registration scenario is used for the service, collating the input authentication data with the authentication data related to the at least one verification method of the first registration scenario;
when the first registration scenario is not used for the service, collating the input authentication data with the authentication data related to the at least one verification method of the second registration scenario; and
in case that the verification is successful, providing the service corresponding to the registration scenario.

US Pat. No. 11,030,289

HUMAN PRESENCE DETECTION

STMicroelectronics, Inc.,...

1. A method, comprising:sensing through time-of-flight measurements a distance of an object from an electronic device;
sensing motion of the electronic device;
sensing acoustic signals received by the electronic device;
detecting presence of a human proximate the electronic device based on the sensed distance, motion and acoustic signals;
determining a plurality of system states of the electronic device based on the sensed distance and motion, the plurality of system states including:
a lid vertical state indicating whether a lid of the electronic device is vertical,
a resting position state indicating whether the electronic device is resting on a lap,
a moved state indicating whether a position of the electronic device has moved since last detection of human presence, and
a vibration state indicating a reliability of sensed vibration data the last time human presence was detected; and
controlling access to the electronic device based on the determined system states.

US Pat. No. 11,030,288

ELECTRONIC DEVICE FOR AUTHENTICATING USING BIOMETRIC INFORMATION AND METHOD OF OPERATING ELECTRONIC DEVICE

Samsung Electronics Co., ...

1. An electronic device comprising:a display;
at least one processor; and
at least one memory storing one or more computer programs including instructions configured to be executed by the at least one processor to cause the at least one processor to at least:
detect an event for executing an application which provides an authentication service,
based on the detecting of the event, change at least one biometric information recognition related variable comprising at least one variable indicating a state of a captured image obtained through a camera of the electronic device,
match the captured image to an authentication guide image,
control the display to display an application execution screen including at least one authentication guide image comprising a changed authentication guide image changed from the authentication guide image based on the changed at least one biometric information recognition related variable, and
perform user authentication based on the at least one biometric information recognition related variable,
wherein the at least one biometric information recognition related variable further comprises a variable indicating a state of a reference area set for recognizing biometric information from the captured image, and
wherein the at least one authentication guide image further includes another changed guide image changed from another guide image based on the variable indicating the state of the reference area.

US Pat. No. 11,030,287

USER-BEHAVIOR-BASED ADAPTIVE AUTHENTICATION

T-MOBILE USA, INC., Bell...

1. One or more non-transitory computer-readable media collectively storing computer-executable instructions that upon execution cause one or more computing nodes to collectively perform acts comprising:obtaining, from multiple instances of a collection application installed on multiple user devices associated with a user, user behavior data of the user that comprises at least verbal expressions of the user as captured by a user device of the multiple user devices;
identifying, using a machine learning algorithm, a baseline behavior pattern of a user based on the user behavior data collected within a predetermined time period from the multiple user devices;
detecting, using the machine learning algorithm, an event that deviates from the baseline behavior pattern of the user during a specific time period based on new user behavior data of the user obtained during the specific time period; and
in response to receiving a request from an application to authenticate a particular user for access or continued access to a resource, generating an authentication question and a correct answer for the authentication question based on a detail of the event that deviates from the baseline behavior pattern, the authentication question comprising a natural language question relating to the event that deviates from the baseline behavior pattern and the correct answer comprising the detail of the event that deviates from the baseline behavior pattern.

US Pat. No. 11,030,286

AUTHENTICATION APPARATUS, METHOD, SYSTEM AND PROGRAM, AND SERVER APPARATUS

NEC CORPORATION, Tokyo (...

1. A multi-factor authentication apparatus comprising:at least one memory configured to store instructions; and
at least one processor configured to execute the instructions to perform:
selecting a security parameter according to a service to be provided to a terminal;
evaluating a first success probability of an attacker through a first scenario including a first combination of procedures of multi-factor authentication;
comparing the first success probability with the security parameter; and
based on the first success probability exceeding the security parameter, stopping provision of the service through the first scenario to the terminal,
wherein the at least one processor is further configured to execute the instructions to perform:
changing the first scenario to a second scenario including a second combination of procedures of multi-factor authentication so that the first success probability of the attacker through the second scenario becomes lower than the security parameter; and
providing the service to the terminal through the second scenario.

US Pat. No. 11,030,285

SELECTIVE-ACCESS DATA-CENTER RACKS

Vapor IO Inc., Austin, T...

1. An apparatus, comprising:a modular building;
a rack inside the modular building, the rack comprising:
a plurality of rack units each configured to receive rack-mounted computing equipment; and
a plurality of lockers each housing a different respective subset of the rack units, wherein respective lockers among the plurality comprise:
a first respective barrier disposed between a respective pair of the rack units, the first respective barrier being affixed to the rack;
a second respective barrier, the second respective barrier being affixed to the rack;
a third respective barrier that is orthogonal to the first barrier and the second barrier, the third respective barrier being moveably or removeably coupled to the rack;
a respective volume configured to receive one or more computing devices mounted in rack units between the first respective barrier and the second respective barrier and behind a closed position of the third respective barrier; and
a respective lock configured to secure the third respective barrier to the rack in the closed position when in a locked state and permit movement of the third respective barrier when in an unlocked state from the closed position to an open position, thereby providing access to the respective volume,
wherein;
each locker comprises a respective set of network and power connections that are independent of network and power connections of other lockers among the plurality of lockers;
the first respective barrier is configured to prevent physical access to another volume of an adjacent locker among the plurality of lockers when the third respective barrier is in an open position;
the modular building is an edge modular data center hosting, in the lockers, rack-mounted computers of a plurality of different tenants such that each tenant is prevented from physically accessing rack-mounted computers of other tenants by lockers of the other tenants;
the modular building comprises an exterior door with an electronic lock configured to unlock responsive to different credentials of different tenants to provide access to an interior of the modular building; and
respective locks on a subset of the plurality of lockers are configured to unlock in response to the electronic lock of the exterior door being unlocked with a given set of credentials corresponding to a given tenant having rack-mounted computing devices in the subset of the plurality of lockers, such that unlocking the exterior door also unlocks the subset of the plurality of lockers and does not unlock other lockers among the plurality of lockers.

US Pat. No. 11,030,284

SMART GAMEPAD

Google LLC, Mountain Vie...

1. A system comprising:a gamepad comprising:
a wireless network interface configured to couple to any of a plurality of host game consoles;
a memory configured to store an encryption key; and
a hardware processor coupled to the wireless network interface and the memory,
wherein the hardware processor is configured to:
detect a first host game console and establish a first wireless connection with the first host game console via the wireless network interface;
receive via the first wireless connection a first login code from the first host game console as part of a first authentication process to authenticate the gamepad with a game server executing a game;
encrypt, using the encryption key accessed from the memory, the first login code to generate an encrypted first login code; and
transmit the encrypted first login code for receipt by the first host game console via the first wireless connection for further transmission to the game server as part of the first authentication process.

US Pat. No. 11,030,283

MEDIA CONTENT MANAGEMENT

TUNEGO, INC., Henderson,...

1. A method for media content management, comprising:creating, via a digital vault, a container file comprising media content submitted by a first user and content metadata;
verifying, via the digital vault, a completeness of the content metadata associated with the media content in the container file;
classifying, via the digital vault, the container file based on the completeness of the media content; and
capturing, via the digital vault, event metadata when a second user gains access to the container file, the event metadata comprising identification of the second user, an activation timestamp, a duration of access, portions of the container file accessed, and changes to the container file.

US Pat. No. 11,030,282

METHOD AND DEVICE FOR SECURING A DOCUMENT, METHOD AND DEVICE FOR CONTROL CORRESPONDING THERETO AND SECURE DOCUMENT

1. Device for protecting a document, comprising:an image sensor configured to generate a digital file representing an image of at least a part of the document;
a data processor configured to extract characteristic elements of the image and positions of said characteristic elements on the document, to generate a message containing information regarding the document, and to encode the message in an anti-copy mark, said data processor is further configured to encode into a matrix code said characteristic elements, data representative of the position of said characteristic elements and said anti-copy mark; and
a printer for printing the matrix code on or in said document.

US Pat. No. 11,030,281

SYSTEMS AND METHODS FOR DOMAIN-DRIVEN DESIGN AND EXECUTION OF MODULAR AND DYNAMIC SERVICES, APPLICATIONS AND PROCESSES

EnterpriseWeb LLC, Glens...

1. A system that dynamically interprets, configures and controls objects based on a context of one or more interactions, the system comprising:one or more processors; and
memory storing instructions that, when executed by the one or more processors, cause the system to perform:
determining a context of one or more interactions based on real-time state;
transforming two or more base objects into two or more interpreted objects by interpreting at run-time the two or more base objects based on evaluation of the context, each of the two or more base objects modeled using a same declarative modeling language, the same declarative modeling language enabling transitions between the two or more interpreted objects;
transitioning between at least two of the two or more interpreted objects by chaining the at least two of the two or more interpreted objects based on a post-condition of a particular interpreted object of the at least two of the two or more interpreted objects to create at least a portion of a non-linear process; and
executing the at least the portion of the particular non-linear process.

US Pat. No. 11,030,280

HARDWARE BASED IDENTITIES FOR SOFTWARE MODULES

Microsoft Technology Lice...

1. A computer system comprising:one or more processors; and
one or more computer-readable media having stored thereon instructions for executing a computer process comprising:
obtaining a public key for a first software module implemented on a hardware device, the first software module comprising a Module Management Agent (MMA) software module; and
providing the public key to a hardware secure module (HSM) of the hardware device;
receiving a signature from the HSM, the signature being based on the public key and further based on a hardware protected key for the MMA software module, wherein the hardware protected key for the MMA software module is stored within the HSM at a location inaccessible to read entities external to the HSM;
creating a certificate for the first software module using the public key, the signature, and the hardware protected key for the MMA software module;
obtaining a different public key for a second software module; and
using the certificate as a verifiable identify for the first software module when the first software module is communicating with the second software module.

US Pat. No. 11,030,279

SECURE DRM-AGNOSTIC KEY ROTATION

OPENTV, INC., San Franci...

1. A method comprising:determining a renewal time during which a user device obtains renewal of access to a piece of content, the renewal time being transmitted with an initial license and comprising a time prior to a key rotation time, the renewal time being incrementally different for the user device and one or more other user devices accessing the piece of content, the renewal time comprising a time between a current time and the key rotation time when a current key expires and key rotation occurs, a request to renew the access to the piece of content being triggered during the renewal time;
in response to a license request received from the user device, generating the initial license to the piece of content, the initial license comprising a first key to decrypt the piece of content, the initial license being associated with the renewal time;
in response to the generating of the initial license, transmitting, via a network, the initial license with the renewal time to the user device;
receiving, from the user device via the network at the renewal time, the request to renew the access to the piece of content;
in response to the request to renew the access to the piece of content, generating, by one or more processors, a next license to the piece of content, the next license comprising a next renewal time prior to a next key rotation time and a second key to decrypt the piece of content as encrypted after the key rotation time, the next renewal time comprising an incremental change applied to the next key rotation time and different incremental changes are applied to the next key rotation time for the user device and the one or more other user devices; and
in response to the generation of the next license, transmitting the next license to the user device prior to the key rotation time.

US Pat. No. 11,030,278

CODE SIGNING SYSTEM AND METHOD

BlackBerry Limited, Wate...

1. A mobile device comprising:one or more hardware processors enabled to receive a signed application from a software developer, wherein the signed application is signed by a code signing authority, wherein the signed application is to be loaded on the mobile device;
at least one sensitive application programming interface (API), wherein the signed application is authorized to access the at least one sensitive API, and wherein the signed application comprises a digital signature generated by a device external to the mobile device; and
at least one non-sensitive API, wherein access to the at least one sensitive API is further restricted relative to the at least one non-sensitive API.

US Pat. No. 11,030,277

MEDICAL PROCESSING SYSTEMS AND METHODS

Express Scripts Strategic...

1. A method of natural language processing of source data from a plurality of data sources via a network, the method comprising:obtaining, from the plurality of data sources via the network, the source data, wherein:
the source data includes two or more selected from (a) feedback concerning at least one service, product, or experience, (b) an employee complaint, (c) a telephone call transcript, (d) email correspondence, (e) text messaging, (f) a chat session, (g) a scan of hardcopy correspondence, (h) a social media posting, (i) electronic correspondence, (j) phone call data, (k) website feedback, (l) a website user ranking, (m) patient satisfaction data, and (n) a survey, and
the plurality of data sources includes two or more selected from a pharmacy benefit manager, a client support center, a customer call center, a message center, a mobile application store, an email server, a text messaging server, a chat room server, and a social media website server;
generating tagged source data by tagging a subset of terms in the source data, wherein the subset of terms excludes confidential information;
performing data substitution in the tagged source data by applying an ontology to the tagged source data, wherein:
applying the ontology includes removing one or more non-alphanumeric characters from the source data, and
the removing ignores the subset of terms;
detecting at least one instance of confidential information among the tagged source data based on an access level of a user associated with a user device, wherein the detecting ignores the subset of terms;
transforming the tagged source data into modified data by replacing the at least one instance of confidential information in the modified data with at least one contextual placeholder, wherein the transforming ignores the subset of terms;
identifying a set of terms and a set of phrases in the modified data based on the ontology;
for each term of the set of terms tabulating a corresponding count indicating a frequency of appearance in the modified data;
identifying a first term;
identifying a first phrase in the set of phrases including the first term, wherein the first phrase is in a first level of the ontology;
tabulating a first count indicating a frequency of appearance of the first phrase in the modified data;
identifying a second phrase in the set of phrases including the first term, wherein the second phrase is in a second level of the ontology;
tabulating a second count indicating a frequency of appearance of the second phrase in the modified data;
reducing a first term count corresponding to the first term by the first count;
reducing the first term count corresponding to the first term by the second count;
generating based on the ontology applied, a user interface respectively reflecting each term of the set of terms;
transforming the user interface by adjusting a feature of each term of the set of terms to indicate a corresponding count of the corresponding term; and
in response to receiving user input, modifying the user interface to remove a portion of terms of the set of terms based on a parameter of the user input.

US Pat. No. 11,030,276

METHODS AND APPARATUS FOR SORTING DATA

10X GENOMICS, INC., Plea...

1. A system for processing a plurality of string data values generated from a nucleic acid sequencing machine upon processing a nucleic acid sample, said system comprising:a database comprising said plurality of string data values generated from said nucleic acid sequencing machine upon processing said nucleic acid sample; and
one or more computer processors operatively coupled to said database, wherein said one or more computer processors are individually or collectively programmed to:
(i) obtain a string data value from said plurality of string data values;
(ii) map said string data value to a data container among a plurality of data containers, wherein each of said plurality of string data values is addressable by genomic position with respect to a genome;
(iii) append said string data value to said data container
(iv) repeat (i)-(iii) for a remainder of said plurality of string data values;
and
(v) output a continuous output sequence generated from (i)-(iv) wherein (i)-(iii) are performed without sorting said plurality of string data values.

US Pat. No. 11,030,275

MODELLING ORDINARY DIFFERENTIAL EQUATIONS USING A VARIATIONAL AUTO ENCODER

Microsoft Technology Lice...

1. A computer-implemented method comprising:from each of multiple trials, obtaining a respective series of observations y(t) of a subject over time t;
using a variational auto encoder to model an ordinary differential equation, ODE, wherein the variational auto encoder comprises an encoder for encoding the observations into a latent vector z and a decoder for decoding the latent vector, the encoder comprising at least a first neural network and the decoder comprising one or more second neural networks, wherein the ODE as modelled by the decoder has a state x(t) representing one or more physical properties of the subject which result in the observations y, and the decoder models a rate of change of x with respect to time t as a function f of at least x and z: dx/dt=f(x, z); and
operating the variational auto encoder to learn the function f based on the obtained observations y by tuning weights of the first and second neural networks, the learning comprising performing variational inference over the latent vector z, whereby z has a plurality of dimensions and in the encoder each dimension is constrained to comprising one or more samples of a predetermined type of probabilistic distribution parameterized by a respective one or more parameters.

US Pat. No. 11,030,274

DATA PROCESSING USER INTERFACE MONITORING SYSTEMS AND RELATED METHODS

OneTrust, LLC, Atlanta, ...

1. A consent receipt management system comprising:one or more processors; and
computer memory that stores a plurality of consent records, each of the plurality of consent records being electronically associated with:
a respective transaction of a plurality of transactions involving a particular data subject of a plurality of data subjects and an entity; and
a respective data subject of the plurality of data subjects, wherein the consent receipt management system is configured for:
receiving, at a particular consent capture point, a plurality of requests from the one or more data subjects to initiate a particular transaction of the plurality of transactions, the particular transaction involving collection or processing of personal data associated with the one or more data subjects by the entity as part of a processing activity undertaken by the entity that each of the one or more data subjects is consenting to as part of the transaction;
monitoring the particular consent capture point to determine a consent record rate for the particular consent capture point;
analyzing the consent record rate to identify a particular change in the consent record rate;
determining, based at least in part on the particular change in the consent record rate, that the particular consent capture point is not functioning properly; and
in response to identifying the particular change in the consent record rate, taking one or more automated actions, wherein the one or more automated actions comprise flagging one or more pieces of computer code associated with the particular consent capture point for modification.

US Pat. No. 11,030,273

CONVERTING SPREADSHEET APPLICATIONS TO WEB-BASED APPLICATIONS USING A DATA FILE THAT INCLUDES INTERACTIVITY ATTRIBUTES OF CELLS FOR THE WEB-BASED APPLICATIONS

Google LLC, Mountain Vie...

1. A method comprising:receiving, by a processor, a spreadsheet application that is executable using a spreadsheet program;
generating, by the processor, a data file that is used to convert the spreadsheet application to a networked version of the spreadsheet application, the data file including interactivity attributes for cells in the networked version of the spreadsheet application and information defining logical functions implemented by cells in the spreadsheet application, the interactivity attributes indicating at least one of how the cells in the networked version are to be displayed or whether the cells in the networked version are to be editable, wherein the generating of the data file comprises:
determining an associated workbook of the spreadsheet application referenced in the logic functions, the associated workbook being different from a main workbook including the cells in the spreadsheet application,
determining whether the associated workbook is currently open,
in response to determining that the associated workbook is currently open, including, into the information defining the logic functions in the data file, a data structure that represents the associated workbook having cells with current values, and
in response to determining that the associated workbook is not currently open, including, into the information defining the logic functions in the data file, a data structure that represents the associated workbook having cells with last available values; and
transmitting, by the processor, the data file to a server to allow one or more client devices connected to the server to access the networked version of the spreadsheet application based on the data file.

US Pat. No. 11,030,272

SYSTEM FOR AUTOMATING THE CREATION AND EVALUATION OF WEBSITE VARIATIONS TO IMPROVE USER ENGAGEMENT

Capital One Services, LLC...

1. A method for automatically generating variations of a website, the method comprising:determining a performance metric for each website of a set of websites, the performance metric reflecting one or more user interactions with each website;
wherein set of websites that include one or more variations of a website layout, each variation of the website layout including a different value provided for an element defined within source code of the set of websites, the different values selected from an initial set of values;
wherein the performance metric includes an amount of time for a user to perform an action on the website;
ranking websites based on the performance metrics for the set of websites;
wherein ranking websites based on the performance metrics includes ranking each website from a least amount of time for the user to perform the action to a greatest amount of time for the user to perform the action;
identifying one or more websites from the set of websites satisfying a threshold performance metric;
wherein identifying one or more websites from the set of websites based on the determined performance metric includes identifying one or more highest ranking websites within a predetermined number of highest ranking websites or a predetermined percentage of highest ranking websites; and
publishing a subsequent generation of websites by updating the source code of the set of websites with one or more subsequent values selected from the one or more websites.

US Pat. No. 11,030,271

CONTENT CACHING FOR FAST LOAD TIME

Microsoft Technoiogy Lice...

1. A method comprising:receiving, from a search service, a plurality of search results in response to a search query, wherein each of the plurality of search results includes a result link pointing to an object stored on a content source;
receiving, from the search service, auxiliary information indicating that, for at least one of the plurality of search results, a copy of at least a portion of the object that the result link of the at least one search result points to is cached within a cache service associated with the search service;
retrieving, from the cache service, the cached copy of at least the portion of the object in response to a selection of the result link of the at least one search result;
presenting, in a front view of a user interface, the cached copy of at least the portion of the object, the front being viewable by a user;
presenting the object in a back view of the user interface while the object is being retrieved from the content source, where the back view is not viewable by the user; and
switching the presenting of the object to the front view of the user interface once the object is retrieved from the content source.

US Pat. No. 11,030,270

DATA VISUALIZATION PLATFORM FOR USE IN A NETWORK ENVIRONMENT

SSB Legal Technologies, L...

1. A data visualization platform system comprising:a data store configured to store analytics data associated with one or more judicial entities; and
a data visualization server comprising computer hardware and in communication with the data store, wherein the data visualization server is configured to:
receive, from a remote user computing device associated with a user, an indication that the user has selected a first judicial entity associated with a first geographical region via a user interface (UI) displayed on the remote user computing device;
access, from the data store, first analytics data associated with the first judicial entity, the first analytics data indicating a number, fraction, or frequency of cases transferred to each of a plurality of additional judicial entities associated with the first geographical region in response to reassignment requests submitted in cases assigned to the first judicial entity, wherein the plurality of additional judicial entities includes a second judicial entity having a highest number, fraction, or frequency of cases transferred from the first judicial entity in response to the reassignment requests submitted in the cases assigned to the first judicial entity; and
generate, based at least on the first analytics data, instructions to display a UI element associated with the first judicial entity on the remote user computing device, the UI element including, when displayed on the remote user computing device, a plurality of visual indicators corresponding to a set of additional judicial entities that are each different from the first judicial entity, wherein each of the plurality of visual indicators indicates a value associated with a corresponding one of the set of additional judicial entities,
such that the UI element enables a visual comparison of the values associated with the set of additional judicial entities and renders one or more judicial entities to which cases assigned to the first judicial entity have been transferred most frequently in response to reassignment requests immediately apparent to the user at the remote user computing device,
wherein the plurality of visual indicators are presented in a ranked order such that one of the plurality of visual indicators corresponding to the second judicial entity having the highest number, fraction, or frequency of cases transferred from the first judicial entity in response to the reassignment requests submitted in the cases assigned to the first judicial entity is at a top of the ranked order.

US Pat. No. 11,030,269

ANALYTIC DATA COLLECTION FOR APPLICATION NAVIGATION

Apple Inc., Cupertino, C...

6. The method of claim 1, wherein:the respective first data object includes information that is pertinent to a first interaction with the first module by a user; and
the respective second data object includes information that is pertinent to the navigation event and a second interaction with the second module by the user.

US Pat. No. 11,030,268

PROCESSING TREE STRUCTURE HAVING BREADCRUMB ROOT NODE

International Business Ma...

1. A method, said method comprising:after a first task node has been generated in a tree structure at a breadcrumb root node in the tree structure in response to receiving a request for visiting a first web task associated with a website, and in response to sequentially receiving requests for multiple subtasks of the first web task, sequentially establishing in the tree structure, by a processor of a computer system, multiple subtask nodes of the first task node, wherein the subtask nodes of the multiple subtask nodes of the first task node are respectively associated with the subtasks of the multiple subtasks of the first web task and are sequentially connected to the first task node according to a sequential order of the sequentially received requests for the multiple subtasks of the first web task; and
after said sequentially establishing in the tree structure the multiple subtask nodes of the first task node, said processor processing the multiple subtask nodes of the first task node based on a policy of the first web task, wherein said processing the multiple subtasks nodes of the first task node comprises said processor responding to a user's click on the tree structure of at least one subtask node of the first task node, by invoking at least one web page associated with the at least one subtask node and sending the at least one web page to the user's client,
wherein said processing the multiple subtask nodes of the first task node based on the policy of the first web task comprises dynamically reconfiguring the multiple subtask nodes of the first task node in response to the user's visitation of one or more subtask nodes of the multiple subtask nodes of the first task node, said dynamically reconfiguring avoiding one or more repetitive operations during performance of the first web task, and
wherein said avoiding one or more repetitive operations comprises:
prohibiting the first web task from being performed repeatedly during a visit to the website;
in response to the first web task having been completed, setting both the first task node and the multiple subtask nodes of the first task node into a read-only mode; and
in response to said setting both the first task node and the multiple subtask nodes of the first task node into the read-only mode, setting a web page associated with the first task node and web pages associated with the multiple subtask nodes of the first task node into the read-only mode.

US Pat. No. 11,030,267

DYNAMIC LANGUAGE TRANSLATION OF WEB SITE CONTENT

MOTIONPOINT CORPORATION, ...

1. A method implemented on a computer having at least one processor, storage, and communication platform for improving Internet search on a webpage in a second language, comprising the steps of:accessing a webpage in a first language represented by an original URL;
parsing the webpage to identify one or more candidate search engine relevant elements in the first language;
selecting, from the one or more candidate search engine relevant elements, at least one candidate search engine relevant element;
obtaining a translation of the at least one candidate search engine relevant element to generate a corresponding at least one translated search engine relevant element in the second language; and
generating a new URL representing the webpage in the second language based on the at least one translated search engine relevant element in the second language.

US Pat. No. 11,030,266

VENUE RECOMMENDATIONS BASED ON SHARED GUEST TRAITS

Blazer and Flip Flops, In...

1. A method for itinerary personalization for a first venue attendee of a plurality of venue attendees in a predetermined venue area, the method comprising:receiving, from a mobile device associated with the first venue attendee, a location of the mobile device associated with the first venue attendee;
retrieving a plurality of venue attendee profiles including at least a first venue attendee profile corresponding to the first venue attendee and a second venue attendee profile corresponding to a second venue attendee, wherein each venue attendee profile identifies a plurality of traits about one of the plurality of venue attendees;
identifying that the first venue attendee is similar to the second venue attendee based on identifying at least a first shared trait common to both the first venue attendee profile and the second venue attendee profile;
retrieving locations of a plurality of points of interest located within the predetermined venue area;
selecting a recommended point of interest for the first venue attendee from the plurality of points of interest based on the recommended point of interest being within a predetermined range of the location of the mobile device associated with the first venue attendee, an indicator of positivity regarding the recommended point of interest and corresponding to the second venue attendee, and the prior identification that the first venue attendee is similar to the second venue attendee; and
sending at least the recommended point of interest to the mobile device associated with the first venue attendee.

US Pat. No. 11,030,265

CROSS-PLATFORM DATA MATCHING METHOD AND APPARATUS, COMPUTER DEVICE AND STORAGE MEDIUM

PING AN TECHNOLOGY (SHENZ...

1. A method of matching cross-platform data, comprising:receiving a data matching request sent by a terminal operated by a user, wherein the data matching request carries an identifier of a first social network platform, a first user group in the first social network platform designated by the terminal, an identifier of a second social network platform and root node users in the second social network platform designated by the terminal;
obtaining a group behavior data corresponding to the first user group in the first social network platform corresponding to the identifier of the first social network platform, and performing behavior learning to the group behavior data to obtain a first group feature distribution function corresponding to the first user group;
obtaining associated users of the root node users in the second social network platform, and obtaining behavior data corresponding to the root node users and each of the associated users in the second social network platform;
learning the behavior data of the root node users based on the A group feature distribution function, and generating a second group feature distribution function after matching the root node users, wherein the second Troup feature distribution function corresponds to a new user group, the new user group including the first user group and the root node users;
performing behavior learning to the behavior data of each associated user based on the second group feature distribution function, and generating a third group feature distribution function after matching each of the associated users;
calculating a maximum entropy value of the third group feature distribution function, and determining the associated users corresponding to a largest maximum entropy value as being matching users of the first user group; and
determining a next matching user until the determined matching users meet a set quantity condition by using the determined matching users as current root node users, and competing a group matching.

US Pat. No. 11,030,264

SYSTEMS AND METHODS FOR MATCHING A QUERY

Superfy Technologies Ltd....

1. A method of setting up an interactive communication session between a querying client terminal and at least one target client terminal, comprising:creating a structured data set storing structured data by:
extracting a set of user generated unstructured content from posted profiles of a plurality of user credentials of a social network;
wherein each user generated unstructured content is mapped to at least one user credentials by user reactions to the user generated unstructured content;
clustering the set of user generated unstructured content into a plurality of clusters, wherein each cluster comprises a subset of the set of user generated unstructured content;
for each respective cluster of the plurality of clusters,
(i) identifying a respective feature closest to a cluster center, the respective feature denoting a respective user interest of the respective cluster,
(ii) assigning the respective user interest to each user generated unstructured content of the respective cluster, and
(iii) computing a respective score for the respective cluster based on a total number of user reactions to the subset of user generated unstructured content of the respective cluster weighted with a total number of user generated unstructured content in the subset of user generated unstructured content of respective cluster;
ranking the plurality of clusters according to respective scores;
for each user generated unstructured content of each of a top number of ranked clusters, indexing each respective user generated unstructured content with the assigned respective user interest to create a respective structured data associated with indexed user interests; storing each respective structured data associated with indexed user interests in the structured dataset;
receiving a query from the querying client terminal;
analyzing the query to identify at least one user interest of the query;
semantically matching the query to a structured data by matching the at least one user interest of the query to indexed user interests stored in the structured dataset, to obtain a matched structured data;
selecting a plurality of matched user credentials of users of the social network according to an analysis of the matched structured data;
distributing a request for joining an interactive communication session to a plurality of matched client terminals of the plurality of matched user credentials;
receiving at least one response to the request from at least one responding client terminal of at least one responding user credentials; and
establishing an interactive communication session between the querying client terminal and the at least one responding client terminal of the at least one responding user credentials.

US Pat. No. 11,030,263

SYSTEM AND METHOD FOR UPDATING A SEARCH INDEX

Verizon Media Inc., New ...

1. A method implemented on at least one machine comprising at least one processor, memory, and a communication platform connected to a network for updating a search index, the method comprising:obtaining event data representing actions performed on content items managed via the search index;
filtering the event data based on pre-determined criteria to generate updated event data, wherein the updated event data represents relevant actions performed on at least one of the content items and are associated with the search index, and wherein the pre-determined criteria comprises (i) a list of content items represented within the search index including the at least one of the content items, and (ii) an action associated with the at least one of the content items corresponds to one of the relevant actions; and
generating an updated search index based on the updated event data to reflect the action associated with the at least one of the content items.

US Pat. No. 11,030,262

RECYCLABLE PRIVATE MEMORY HEAPS FOR DYNAMIC SEARCH INDEXES

Verizon Media Inc., New ...

1. A method, comprising:generating and storing in memory, by a search engine, a first search index segment of a search index, the first search index segment being stored in a first heap of the memory, the first search index segment including one or more first inverted index segments mapping content to a first set of documents, the search index being an inverted index;
generating and storing in the memory, by the search engine, a second search index segment of the search index, the second search index segment being stored in a second heap of the memory concurrent with the first heap of the memory, the second search index segment including one or more second inverted index segments mapping content to a second set of documents, the second set of documents being more recently processed by the search engine than the first set of documents;
updating the second search index segment until a threshold corresponding to a number of documents or an amount of memory has been reached;
responsive to determining that the threshold corresponding to the number of documents or the amount of memory has been reached:
cutting off a current generation of documents associated with the second heap of the memory by changing a status of the second search index segment being stored in the second heap of the memory from a read/write status to a read-only status; and
initiating a next generation of documents by generating a third search index segment of the search index, wherein the third search index segment is assigned the read/write status and is stored in a new heap of the memory associated with the next generation of documents; and
releasing, by a garbage collection module, a third heap of the memory, the third heap of the memory storing a fourth search index segment of the search index, the fourth search index segment generated by the search engine and including one or more third inverted index segments, the third heap of the memory being released based on at least one of a determination that a threshold of amount of memory has been consumed or a determination that a threshold number of search index segments are stored.

US Pat. No. 11,030,261

COMPUTERIZED SYSTEMS AND METHODS FOR MANAGING AND MONITORING SERVICES AND MODULES ON AN ONLINE PLATFORM

Coupang Corp., Seoul (KR...

1. A computer-implemented system for managing and monitoring services and modules, comprising:a memory storing instructions; and
at least one processor configured to execute the instructions to:
receive, from a user device, a request to perform a test on a target application programming interface;
call the target application programming interface;
retrieve a search result page associated with the target application programming interface;
retrieve a rule based on the target application programming interface, wherein the rule comprises:
determining a number of products on the search result page when a product category is selected:
determining types of products on the search result page when a search query is submitted;
determining types of products on the search result page when a product category is selected; or
determining images of products on the search result page when a search query is submitted or a product category is selected;
apply the rule to the retrieved search result page associated with the target application programming interface; and
based on the results of the applied rule, determine whether to implement the target application programming interface.

US Pat. No. 11,030,260

SYSTEM AND METHOD FOR DYNAMICALLY NORMALIZED SEMANTIC DISTANCE AND APPLICATIONS THEREOF

IP.COM I, LLC, Fairport,...

1. A method, implemented on a machine having at least one processor, storage, and a communication platform for assessing semantic distance, comprising:receiving, via the communication platform, a query;
obtaining, via a document representation constructor, a first query representation of the query capturing characteristics of the query;
obtaining, via a query representation constructor, a second query representation of the query capturing the characteristics of the query;
determining, via a dynamic norm determiner, a dynamic norm based on a discrepancy between the first and the second query representations, wherein the dynamic norm is indicative of a bias between the document and query representation constructors;
identifying a plurality of documents relevant to the query based on the second query representation; and
for each of the plurality of documents,
computing a similarity between the document represented by a document representation obtained via the document representation constructor and the query represented by the second query representation obtained via the query representation constructor, and
determining a semantic distance between the query and the document based on the dynamic norm and the similarity, wherein the semantic distance is derived by adjusting a distance between the query and the document based on the dynamic norm to address the bias.

US Pat. No. 11,030,259

DOCUMENT SEARCHING VISUALIZED WITHIN A DOCUMENT

Microsoft Technology Lice...

1. A persistent storage device having contents that, when executed by a processor, cause the processor to:for a document comprised of document portions:
generate a visual representation of at least part of the document containing visual representations of two or more document portions;
for each of at least one of the document portions whose visual representations are contained by the document's visual representation:
perform an aggregation operation on information describing two or more previous search transactions in whose results the document portion is included to obtain an aggregation result;
annotate the document portion's visual representation in the document's visual representation in accordance with the obtained aggregation result; and
display the annotated visual representation of the document to be displayed, the annotated visual representation including an indication adjacent to text of the document portion,
wherein, for each of the two or more document portions whose visual representations are contained by the document's visual representation, the aggregated search transactions include performed search transactions in whose results the document portion was actually included;
wherein the indication includes at least one of a color or a pattern; and
wherein the indication relates to a relevance of the document portion on a scale; and
wherein, for a selected one of the document portions whose visual representations are contained by the document's visual representation:
the information describing the two or more previous search transactions in whose results the document portion is included identifies for each search transaction a query that was the basis for the search transaction, and
the annotation includes the content of the query of at least one of the search transactions in whose results the document portion is included, where the query was the basis for the search transaction.

US Pat. No. 11,030,258

RANKING ANOMALIES ASSOCIATED WITH POPULATIONS OF USERS BASED ON RELEVANCE

Microsoft Technology Lice...

1. A method for generating an alert, the method comprising:storing in a database, a plurality of records of a plurality of entities, each record storing one or more attributes describing an entity of the plurality of entities;
performing data collection, the collected data representing responses associated with the plurality of entities;
identifying a set of anomalies based on the collected data, wherein each anomaly in the set of anomalies is associated with multiple entities comprising a subset of the plurality of entities;
for each anomaly in the set of anomalies, determining a relevance score for said each anomaly based on factors comprising information describing the subset of entities associated with said each anomaly, wherein the factors used for determining the relevance score for said each anomaly comprise a number of entities in the subset of entities associated with said each anomaly;
ranking the set of anomalies based on the relevance score for each anomaly in the set of anomalies;
determining a subset of the set of anomalies based on the ranking; and
sending one or more alerts based on the subset of anomalies.

US Pat. No. 11,030,257

AUTOMATICALLY GENERATING THEME-BASED FOLDERS BY CLUSTERING MEDIA ITEMS IN A SEMANTIC SPACE

ADOBE INC., San Jose, CA...

1. A non-transitory computer readable medium for generating a customized user interface for navigating files, the non-transitory computer readable medium comprising instructions that, when executed by at least one processor, cause a computing device to:generate tags and confidence scores for media items in a collection of media items, wherein the confidence scores indicate how strongly a given tag corresponds to a given media item;
map the collection of media items to a semantic space based on the tags;
cluster the collection of media items in the semantic space to create clusters;
determine themes for the clusters based on the tags of the media items in the clusters;
generate a reverse index that maps the tags to associated media items with associated confidence scores;
generate a media item navigation graphical user interface comprising the collection of media items organized by the themes and a search query element;
receive a search query via the search query element;
based on determining that the search query is not in the reverse index, determine a nearest term to the search query; and
provide media items associated with the nearest term based on corresponding confidence scores.

US Pat. No. 11,030,256

METHODS AND USER INTERFACES FOR VISUALLY ANALYZING DATA VISUALIZATIONS WITH MULTI-ROW CALCULATIONS

Tableau Software, Inc., ...

1. A method of visually analyzing multi-row calculations for data visualizations, comprising:at a computer having a display, one or more processors, and memory storing one or more programs configured for execution by the one or more processors:
receiving user selection of a data source;
displaying a data visualization in a data visualization user interface, according to placement of data fields, from the data source, in shelves of the user interface, wherein the data visualization comprises a plurality of visual data marks representing data from the data source;
detecting a first user input to select a subset of the visual data marks;
in response to detecting the first user input:
displaying a view data window including a summary of the selected subset of visual data marks;
obtaining a data model encoding the data source as a tree of logical tables, each logical table having its own physical representation and including a respective one or more logical fields, each logical field corresponding to either a data field or a calculation that spans one or more logical tables, wherein each edge of the tree connects two logical tables that are related, and each data field is either a measure or a dimension;
determining, based on the data model, one or more aggregate measures corresponding to the selected subset of visual data marks, wherein each aggregate measure is aggregated from a plurality of logical tables of the data model; and
displaying each aggregate measure of the one or more aggregate measures in the view data window, each aggregate measure displayed as a tab in the view data window.

US Pat. No. 11,030,255

METHODS AND SYSTEMS FOR INFERRING INTENT AND UTILIZING CONTEXT FOR NATURAL LANGUAGE EXPRESSIONS TO GENERATE DATA VISUALIZATIONS IN A DATA VISUALIZATION INTERFACE

Tableau Software, LLC, S...

1. A method for generating data visualizations, comprising:at a server having one or more processors and memory storing one or more programs configured for execution by the one or more processors:
receiving user selection of a data source;
receiving a first natural language command that includes a request for information about the data source;
determining one or more first keywords from the first natural language command;
determining, based on the one or more first keywords, a first user intent to generate a data visualization;
generating a visual specification that specifies the data source, a plurality of visual variables, and a plurality of data fields from the data source, each data field of the plurality assigned to one or more respective visual variables, wherein:
each of the visual variables determines a characteristic of the data visualization to be displayed based on data values for data fields assigned to the visual variable; and
each of the visual variables is specified based on the first user intent; and
generating and displaying the data visualization based on the visual specification.

US Pat. No. 11,030,254

STORAGE ESTIMATION IN A DATA INDEXING AND QUERY SYSTEM

SPLUNK INC., San Francis...

1. A method comprising:receiving, by a data intake and query system, user input indicative that a first data source is to be a subject of a storage related estimate;
receiving, by the data intake and query system, raw data generated by the first data source;
parsing, by the data intake and query system, the raw data generated by the first data source into a first plurality of events;
generating the storage related estimate, by the data intake and query system, based on at least some of the first plurality of events;
causing an indication of the storage related estimate to be output to a user of the data intake and query system; and
completing, by the data intake and query system, an indexing of only a sample of the received first plurality of events based on a sampling criterion, the sample being fewer than all of the first plurality of events, and not completing indexing of a remainder of the first plurality of events in the absence of a user input indicative that the first data source should be indexed, wherein completing indexing includes committing data being indexed or to be indexed to persistent storage.

US Pat. No. 11,030,253

MANAGING DATA FEEDS FROM DIFFERENT APPLICATIONS FOR USERS

SAP SE, Walldorf (DE)

1. A non-transitory machine-readable medium storing a program executable by at least one processing unit of a device, the program comprising sets of instructions for:receiving from a client device a request for data feed items relevant to a user;
determining a set of categories associated with the user;
querying a database for a first set of data feed items specify the user as a recipient of the data feed item, the database configured to store data feed items received from a plurality of applications, each data feed item received from an application in the plurality of applications comprising a type of the data feed item, a set of categories associated with the data feed item, a relevancy score, and a set of recipients of the data feed item;
retrieving a second set of data feed items from an external content provider comprising data feed items associated with at least a category in the set of categories, each data feed item in the second set of data feed items comprising a relevancy score;
modifying the relevancy scores of the first set of data feed items and the second set of data feed items based on the set of categories associated with the user and a set of factors, the modifying further comprising increasing the relevancy scores of data feed items in the second set of data feed items associated with at least a category in the set of categories associated with the user;
generating a result set of data feed items comprising the first and second sets of data feed items ordered based on the modified relevancy scores from highest relevancy score to lowest relevancy score; and
providing the result set of data feed items to the client device.

US Pat. No. 11,030,252

EFFECTIVE EXTRACTION OF INFORMATION ON TIME-VARYING USER INTEREST

FUJITSU LIMITED, Kawasak...

1. An information extraction apparatus comprising:a memory; and
a processor coupled to the memory and the processor is configured to:
store a plurality of operations to be performed for a plurality of interesting matters;
set, for a first user among users, a first time-width as a time-width indicating a period of time which precedes a current time and for which a usage history of each of the users is to be acquired;
set a credibility for each of the plurality of operations;
extract a first interesting matter of the first user from the usage history acquired within the set first time-width;
provide help information obtained based on the extracted first interesting matter to the first user to acquire a result of an operation that is performed by the first user in response to provision of the help information; and
calculate an interest group probability by dividing a sum of products of multiplying a total number of the plurality of operations with the credibility for each of the plurality of operations by a number of items in the usage history, wherein
the processor sets the first time-width for the first user, based on the acquired result of the operation by the first user.

US Pat. No. 11,030,251

METHOD AND SYSTEM FOR PROVIDING QUERY SUGGESTIONS BASED ON PERSONALIZED SPELLING CORRECTION

Verizon Media Inc., New ...

1. A method, implemented on a machine having at least one processor, storage, and a communication platform connected to a network for providing a query suggestion, the method comprising:receiving a request for query suggestions with respect to a query prefix input by a user, wherein the query prefix includes a misspelled portion;
obtaining personal data of the user for identifying at least one spelling correction candidate for the query prefix, the personal data including a list of item candidates;
generating one or more spelling correction candidates based on the personal data and the query prefix, wherein each of the one or more spelling correction candidates represents a possible spelling correction of the query prefix, wherein the one or more spelling correction candidates are generated by:
determining a set of matching item candidates based on one or more versions of the query prefix and the list of item candidates, wherein each of the one or more versions is determined by shortening the query prefix by one or more characters until a predetermined threshold condition is met, wherein the one or more spelling correction candidates comprise the set of matching candidate items;
determining one or more query suggestions for the query prefix based on the one or more spelling correction candidates; and
providing the one or more query suggestions as a response to the request.

US Pat. No. 11,030,250

COGNITIVE SEARCH QUERY VALIDATION

INTERNATIONAL BUSINESS MA...

1. A computer implemented method comprising:generating a plurality of domain language detection models respectively corresponding to respective domains from a plurality of domains;
obtaining a query as submitted by a user;
selecting a domain language detection model applicable to the query from the plurality of domain language detection models;
determining intent of the query, wherein the determining intent includes using the domain language detection model from the selecting;
formulating alternative queries based on one or more classification label corresponding to the intent of the query from the determining; and
producing the alternative queries.

US Pat. No. 11,030,249

EXPLORABLE VISUAL ANALYTICS SYSTEM HAVING REDUCED LATENCY IN LOADING DATA

Palo Alto Networks, Inc.,...

1. A method, comprising:providing, using a processor, a tree corresponding to a dataset having a number of data points, the tree having a plurality of levels, each of the plurality of levels including at least a portion of the number of data points organized into at least one tile, the plurality of levels being based on the number of data points in the data set and at least one client resource of a client, a first level of the plurality of levels including not more than a maximum number of data points corresponding to the at least one client resource, each tile of the at least one tile in a remaining portion of the plurality of levels including not more than the maximum number of data points;
providing, using the processor, a manifest for the tree, the manifest indicating a particular number of data points in each of the at least one tile for each level of the tree;
providing the manifest to the client; and
receiving, from the client, a request for a portion of the at least one tile of a level of the plurality of levels, the portion of the at least one tile for the level corresponding to a portion of the dataset and being determined based on the manifest, the portion of the at least one tile including not more than the maximum number of data points.

US Pat. No. 11,030,248

RESOURCE DEPENDENCY SYSTEM AND GRAPHICAL USER INTERFACE

PALANTIR TECHNOLOGIES INC...

1. A method of dynamically generating an interactive dependency-based user interface, the method comprising:generating and causing display of a folder navigation user interface;
receiving, via the folder navigation user interface, a first selection of a first folder location, wherein a first item is located at the first folder location;
determining child items dependent on the first item;
determining parent items the first item depends on;
based on the receipt of the first selection, generating and causing display of a graph user interface that is linked to the folder navigation user interface such that interactions with one user interface affects the other user interface, wherein the graph user interface comprises a visual representation of dependency information associated with the first item, the graph user interface comprising:
the first item, wherein the appearance of the first item is differentiated from any of the child items or parent items;
the child items, wherein the first set of child items appear on a first side of the first item; and
the parent items, wherein the parent items appear on a second side of the first item;
receiving, via the graph user interface, a second selection of a second item from the child items or the parent items; and
based on the receipt of the second selection, causing display of an updated folder navigation user interface comprising a second folder location, wherein the second item is located at the second folder location, and wherein the second item has a dependency relationship with the first item.

US Pat. No. 11,030,247

LAYERED GRAPH DATA STRUCTURE

Electronic Arts Inc., Re...

1. A system comprising:one or more processors;
computer readable media storing instructions that when executed by the one or more processors perform operations comprising:
receiving a request to find related entities associated with a target entity, the request including an entity identifier corresponding to the target entity and a graph level of the request;
exposing an application programming interface to receive the request;
setting a target identifier to an initial value based on the entity identifier;
performing one or more iterations based on the graph level of the request to generate a result set responsive to the request, wherein the one or more iterations include:
accessing a vertex table, the vertex table including:
a vertex identifier column, and
a first graph identifier column;
determining, from the vertex table, a graph identifier for the target identifier based on an entry in the first graph identifier column corresponding to an entry in the vertex identifier column matching the initial value of the target identifier;
accessing an edge table, the edge table including:
a second graph identifier column,
a node identifier column, and
an edge type column;
determining a next identifier value based on an entry in the node identifier column corresponding to an entry in the second graph identifier column matching the graph identifier;
determining to perform a next iteration of the one or more iterations based on:
the graph level of the request, and
an entry in the edge type column corresponding to the entry in the second graph identifier column matching the graph identifier;
based on the determination to perform the next iteration:
setting the value of the target identifier to the next identifier value and performing the next iteration, or
adding entity information corresponding to the next identifier to the result set; and
providing the result set via the application programming interface, the result set generated by performing a plurality of searches in the vertex table and the edge table, wherein a number of the plurality of searches is based on the graph level of the request.

US Pat. No. 11,030,246

FAST AND ACCURATE GRAPHLET ESTIMATION

Palo Alto Research Center...

1. A computer-implemented method for estimating a number of graphlets in a graph, comprising:obtaining, by a computer system comprising a set of processors, a data structure representing a graph comprising vertices and edges;
performing graph sampling, using a graph sampling technique by the computer system, on the graph based on a property of the graph to obtain a subgraph of the graph wherein the subgraph comprises a subset of vertices and edges of the graph selected by the graph sampling technique;
determining a first number of occurrences of one or more graph features in the sampled subgraph of the graph;
determining, based on graph combinatorics, a combinatorial relationship applicable to the first number of occurrences of the one or more graph features;
determining, based on applying the combinatorial relationship to the first number of occurrences, a second number of occurrences of a graphlet pattern in the sampled subgraph of the graph, wherein the combinatorial relationship is between the one or more graph features and the graphlet pattern, and wherein the graphlet pattern indicates a number of vertices in a graphlet and a pattern of edges between the vertices of the graphlet; and
determining, based on the second number of occurrences, a total number of graphlets associated with the graphlet pattern in the graph by scaling up the second number of occurrences based on a topological factor.

US Pat. No. 11,030,245

SYSTEM AND METHODS FOR RETRIEVING DATA USING A DATABASE CONFIGURATION FILE

1. A method of retrieving data from a data source, the method comprising:receiving a set of display options, a first set of data retrieval filters and a selection option from a user via a user interface, wherein the set of display options and the first set of data retrieval filters correspond to the data source, and wherein the selection option corresponds to a second XML configuration file;
embedding the first set of data retrieval filters, the set of display options and the selection option into a first XML configuration file;
selecting the second XML configuration file based on the selection option, the second XML configuration file further comprising a second set of data retrieval filters;
retrieving a set of data from the data source in accordance with the first set of data retrieval filters embedded in the first XML configuration file and the second set of data retrieval filters specified in the second XML configuration file;
storing the set of data in a database in accordance with a predefined format; and
generating one or more portlets to display the set of data to the user in accordance with the set of display options,
wherein the first set of data retrieval filters and the second set of data retrieval filters include at least one of IP addresses, subnet masks, domain name server addresses, host name and suffix, execution parameters, and system information pertaining to the user.

US Pat. No. 11,030,244

METHODS AND SYSTEMS FOR DATA RETRIEVAL USING AN XML CONFIGURATION FILE

1. A method for exchanging data between a user and a first data source, the method comprising:configuring a non-transitory computer readable medium to access a first set of data from the first data source via a first data source query in accordance with a set of data retrieval filters specified in a first user-defined XML configuration file, the first user-defined XML configuration file further specifying a first set of display options;
retrieving the first set of data from the first data source in accordance with connection information that includes a URL and an IP address, system information of the user, system information of the data source, execution parameters, and data retrieval filters that include one or more identities indicative of the first data source and instructions to extract the first set of data specified in the first user-defined XML configuration file;
displaying the first set of data in accordance with the first set of display options specified in the first user-defined XML configuration file; and
applying, via the non-transitory computer readable medium, a second user-defined XML configuration file to a second data source query to display a second set of data from a second data source in accordance with the first set of display options specified for the first data source in the first user-defined XML configuration file.

US Pat. No. 11,030,243

STRUCTURE BASED STORAGE, QUERY, UPDATE AND TRANSFER OF TREE-BASED DOCUMENTS

International Business Ma...

1. A method for storing, accessing, and routing data values of an extensible markup language (XML) document without revealing context-identifying metadata that describes the data values or encrypting the data values, comprising:generating a tree structure from the data values of the XML document by parsing the XML document with a Document Object Model (DOM) parser, creating the tree structure including a plurality of nodes that are each sequentially assigned a whole number integer node identifier (ID) from a sequential set of natural numbers, with each node being characterized by one of a set of node value(s) extracted from the respective data values of the XML document, where the tree structure omits the context-identifying metadata;
calculating, using the whole number integer node IDs identifiers (IDs) sequentially assigned to each of the plurality of nodes from the sequential set of natural numbers, a structure identifier (ID) that mathematically defines relationships among and between the plurality of nodes of the tree structure, the structure ID being a set of number(s) that forms a representation of node relationships in the tree structure, with the structure ID being independent of node names and further independent of the set of node value(s);
storing a mapping of the structure ID to the tree structure; and
assigning the whole number integer node IDs sequentially from the sequential set of natural numbers to each node of the tree structure, wherein each parent node of the tree structure comprises at least one child node, and where calculating, using the whole number integer node IDs sequentially assigned to each of the plurality of nodes from the sequential set of natural numbers, the structure ID that mathematically defines the relationships among and between the plurality of nodes of the tree structure comprises:
selecting, using the assigned whole number integer node ID of a respective parent node as an index, a prime number within an indexed set of prime numbers that corresponds to the index;
calculating the structure ID by calculating a plurality of results, where each result represents one parent node and comprises the selected prime number raised to a power of a number of child nodes of the respective parent node; and
calculating the structure ID as a mathematical product of the plurality of results to represent a structure of the tree structure;
matching, by a router, subscription information of one or more subscribers, comprising a subscriber structure ID against the structure ID of the tree structure, or a fragment thereof;
filtering, by the router, data values of the XML document corresponding to the subscription information matching the structure ID of the tree structure or the fragment thereof;
formatting, by the router the data values of the XML document corresponding to the subscription information matching the structure ID or fragments thereof into a pre-determined format comprising a delimiter separating multiple data items and a predetermined separator for parsing the structure ID of the tree structure; and
routing, by the router, the data values of the XML document corresponding to the structure ID or the fragment thereof of that matches the subscriber information, to the one or more subscribers mapped to the subscriber structure ID.

US Pat. No. 11,030,242

INDEXING AND QUERYING SEMI-STRUCTURED DOCUMENTS USING A KEY-VALUE STORE

Rockset, Inc., San Mateo...

1. A computer-implemented method for processing queries based on documents, the method comprising:storing a plurality of indexes based on documents, each document having a document identifier and comprising fields, wherein each field has field data comprising one or more of: a field name, a field value, and a field type, wherein each index comprises key-value pairs stored in a key-value store, each index associated with a respective set of attributes selected from: (1) a document identifier attribute, (2) a field name attribute, (3) a field value attribute, and (4) a field type attribute, the set of attributes combined for obtaining keys of key-value pairs of the index, the plurality of indexes comprising:
a document index configured to identify documents matching a criteria based on fields;
a field index configured to access fields of a given document; and
a columnar index configured to determine aggregate values associated with fields;
receiving, from a query source, a query requesting information stored in documents indexed using the plurality of indexes, the query specifying a search criteria;
selecting an index from the plurality of indexes for processing the query based on a type of the query;
generating a key-expression by combining the set of attributes corresponding to the selected index;
accessing the requested information using the selected index, the accessing comprising identifying key-value pairs matching the generated key-expression; and
transmitting the accessed information to the query source.

US Pat. No. 11,030,241

QUERY USAGE BASED ORGANIZATION FOR VERY LARGE DATABASES

Imperva, Inc., San Mateo...

1. A method for defining large databases, comprising:receiving an identification of a collection of data in a cloud store, the cloud store accessible via a public access network for storing data in a location independent manner;
determining, based on an expected usage of the collection, whether to intake the collection into an object store, the object store having a predefined format under the control of the user;
selecting, if the collection remains in the cloud store, a catalog organization for the collection, the catalog organization defining a structure for accessing the data in the manner called for by the expected usage, the expected usage defining a computational intensity and storage demand of a query directed to the collection; and
generating the catalog organization by associating elements of the collection with a created entry in the catalog organization, wherein selecting the catalog organization includes:
determining an intended query usage and:
generating a name and source, if the query usage is not foreseeable;
generating an index on a subset of fields, if a keyword lookup query is expected; and
generating a columnar organization of the data, if data analytics are expected.

US Pat. No. 11,030,240

SYSTEMS AND METHODS FOR EFFICIENTLY SENDING VIDEO METADATA

HONEYWELL INTERNATIONAL I...

1. A method for sending time-stamped metadata corresponding to a video stream across a communication path having a limited bandwidth, the video stream including a plurality of sequential video frames, the method comprising:generating time-stamped metadata for a first reference video frame of the plurality of sequential video frames of the video stream, the time-stamped metadata for the first reference video frame identifying objects detected in the first reference video frame;
sending the time-stamped metadata for the first reference video frame across the communication path;
generating time-stamped metadata for each of a plurality of first delta video frames following the first reference video frame, the time-stamped metadata for each of the plurality of first delta video frames identifying changes in detected objects relative to the objects identified in the time-stamped metadata for the first reference video frame;
sending the time-stamped metadata for each of the plurality of first delta video frames across the communication path;
generating time-stamped metadata for a second reference video frame of the plurality of sequential video frames of the video stream, the second reference video frame following the plurality of first delta video frames, the time-stamped metadata for the second reference video frame identifying objects detected in the second reference video frame;
sending the time-stamped metadata for the second reference video frame across the communication path;
generating time-stamped metadata for each of a plurality of second delta video frames following the second reference video frame, the time-stamped metadata for each of the plurality of second delta video frames identifying changes in detected objects relative to the objects identified in the time-stamped metadata for the second reference video frame; and
sending the time-stamped metadata for each of the plurality of second delta video frames across the communication path.

US Pat. No. 11,030,239

AUDIO BASED ENTITY-ACTION PAIR BASED SELECTION

GOOGLE LLC, Mountain Vie...

1. A system for transmission of packetized data in a voice activated computer network environment, the system comprising a data processing system having a processor and a memory to:receive, via an interface, an input audio signal detected by a microphone of a client computing device;
identify a first search query within the input audio signal detected by the microphone of the client computing device;
identify a first search entity based on the first search query;
determine a first entity-action pair associated with the first search entity and an action of the first entity-action pair comprising a first action performed regarding the first search entity and determine a second entity-action pair associated with the first search entity and an action of the second entity-action pair comprising a second action, different than the first action, performed regarding the first search entity;
select a first content item associated with the first entity-action pair based on a first quality score and a second content item associated with the second entity-action pair based on a second quality score; and
transmit, to the client computing device, an output audio signal comprising the first content item based on a ranking of the first entity-action pair and the second entity-action pair.

US Pat. No. 11,030,238

DETERMINING AND UTILIZING CONTEXTUAL MEANING OF DIGITAL STANDARDIZED IMAGE CHARACTERS

FACEBOOK, INC., Menlo Pa...

1. A method comprising:determining contextual meanings for a plurality of standardized image characters based on a manner in which the plurality of standardized image characters are utilized in a repository of electronic documents;
analyzing digital text in an electronic communication of a client device;
generating, based on analyzing the digital text and the contextual meanings for the plurality of standardized image characters, a suggested standardized image character corresponding to the digital text; and
providing, for display via the client device, the suggested standardized image character.

US Pat. No. 11,030,237

METHOD AND APPARATUS FOR IDENTIFYING INPUT FEATURES FOR LATER RECOGNITION

Atheer, Inc., Santa Clar...

1. A method, comprising:defining a preliminary geometric feature for a real object;
defining a first region, wherein the first region is a first virtual reality object or a first augmented reality object defined for a position in real space or virtual space;
detecting, by a first imaging device, the real object at a first point in time based on the preliminary geometric feature, the real object being within the first region performing a first action associated with a first instruction;
in response to detecting the first action by the real object, executing the first instruction;
identifying, by a processing device, a defining feature of the real object as the real object performs the first action, wherein the defining feature of the real object is different than the preliminary geometric feature;
generating a model of the real object, wherein the model includes the defining feature of the real object;
detecting, by the first imaging device, the real object at a second point in time based on the model of the real object, the real object being within the first region performing a second action associated with a second instruction, wherein the second action is different than the first action; and
in response to detecting the second action by the real object, executing the second instruction.

US Pat. No. 11,030,236

IMAGE SEARCHING BY EMPLOYING LAYERED SEARCH CONSTRAINTS

Adobe Inc., San Jose, CA...

1. A computer-readable storage medium having instructions stored thereon for searching content, which, when executed by a processor of a computing device cause the computing device to perform actions comprising:receiving a first search constraint for the content;
embedding a vector representation of the first search constraint within a vector space;
generating an initial set of search results based on the first search constraint, wherein the initial set of search results comprises content items that each correspond to vector representations of the content items;
receiving a second search constraint and a user-defined weight value associated with the second search constraint;
embedding a vector representation of the second search constraint and the user-defined weight value associated with the second search constraint within the vector space;
generating a search stack vector based on a weighted combination of the vector representation of the first search constraint, the vector representation of the second search constraint and the user-defined weight value associated with the second search constraint;
re-ranking each of the content items of the initial set of search results based on determining a distance between the search stack vector and each of the vector representations of the content items of the initial set of search results that were generated by the first search constraint; and
providing the each of the content items of the initial set of search results in a new order as a re-ranked set of search results.

US Pat. No. 11,030,235

METHOD FOR NAVIGATING THROUGH A SET OF IMAGES

Facebook, Inc., Menlo Pa...

1. A method for navigating through a set of images depicting a scenery, said method comprising:receiving information relating to a subset of images within said set of images, said information comprising metadata of each image within said subset of images, said metadata including a geographical position of an image capturing sensor when acquiring the corresponding image, a viewing angle of the image capturing sensor when acquiring the corresponding image, and image property information, wherein said subset of images is selected from the set of images based upon each image in the subset of images being acquired from a geographical position within a bounding area defined in relation to a start geographical position of navigation and a target geographical position of navigation;
receiving weight information for determining similarities between images within said subset of images, said weight information controlling weights to be provided for determining a plurality of different measures of similarities between images within said subset of images based on different types of metadata;
calculating a plurality of combined measures of similarity between pairs of images in the subset of images, each combined measure of similarity representing a similarity between the images in a pair of images within said subset of images, said calculating being performed using said metadata and said weight information;
generating a graph representation, wherein at least one node in the graph representation is associated with an image included in the subset of images and at least one edge in the graph representation is associated with a transition between two images included in the subset of images, and said generating the graph representation is associated with said calculating of the plurality of combined measures of similarity;
receiving an indication of a target geographical position associated with a distance in a direction relative to a viewing angle of a current image; and
determining a best ranked path from a first image in the subset of images to a second image in the subset of images, wherein the first image has a geographical position within a distance from the start geographical position that is smaller than a set threshold, the second image has a geographical position within a distance from the target geographical position that is smaller than a set threshold, and the path comprises a number of transitions between images from the first image via intermediate images to the second image; said determining comprising:
calculating a transition measure of a path from the first image to the second image as a sum of the combined measures of similarity between pairs of images included in the transitions and associated with a starting node representing the first image and a target node representing the second image in the graph representation; and
selecting the best ranked path based on a comparison of the transition measures for paths from the first image to the second image.

US Pat. No. 11,030,234

METHOD AND SYSTEM FOR SHARING AN ITEM OF MEDIA CONTENT

1. A method of sharing an item of media content comprising the steps of:associating a first location with the item of media content at a first mobile device;
sending the item of media content from the first mobile device to a second mobile device at a second location via a network;
displaying on a graphical user interface at the second mobile device a simulated journey from the second location to the first location; and
displaying at the second mobile device the item of media content;
wherein the simulated journey from the second location to the first location includes:
displaying a map;
identifying the first location and second location on the map;
calculating an aerial path from the second location to the first location on the map;
generating and displaying a first animation stage based on the second location and comprising zooming out from the second location on the map;
generating and displaying a second animation stage based on the calculated aerial path and comprising following the aerial path between the second location and the first location; and,
generating and displaying a third animation stage based on the first location and comprising zooming in to the first location on the map.

US Pat. No. 11,030,233

AUTO-CITING REFERENCES TO OTHER PARTS OF PRESENTATION MATERIALS

International Business Ma...

1. A method, comprising:displaying, simultaneously in a presentation view of a graphical user interface (GUI) on a first device and an audience view of the GUI on a second device, a given zone of a plurality of zones included in a presentation document, wherein the GUI displays a single zone of the plurality of zones in the presentation document at a given time and navigates to different zones of the plurality of zones only via commands received from the first device;
identifying, in an utterance received from a given audience member not in control of the presentation view of the GUI while the given zone is displayed in the GUI, a given key concept;
identifying, via a content association map associated with the presentation document that identifies key concepts recited in the presentation document and which zones of the plurality of zones the key concepts appear in, a different zone of the plurality of zones that is not currently displayed in the GUI but in which the given key concept appears;
selecting a content item from the different zone related to the given key concept; and
displaying, in the audience view of the given zone on the second device and not in the presentation view of the given zone on the second device, a visual indicator related to the different zone that includes the content item.

US Pat. No. 11,030,232

SYSTEM AND METHOD FOR MANAGING REGULATORY INFORMATION

Veeva Systems Inc., Plea...

1. A system for managing regulatory information, comprising:a submission controller for:
generating a submission user interface which comprising a first area for receiving a first query for a first document; a second area for receiving a request for a submission structure for a first submission, a third area for receiving a request for a first task, and a fourth area for displaying a search result in response to the first query;
in response to the request for the submission structure for the first submission, displaying the submission structure for the first submission, wherein the submission structure for the first submission comprises a hierarchy of documentation of the first submission;
in response to the first query, searching a content and data management system for the first document, and displaying a search result in the fourth area;
in response to a request for adding the first document to the submission structure for the first submission, adding the first document to the submission structure; and
storing metadata of the first document to the content and data management system, and
a registration controller for displaying a user interface for receiving product registration information.

US Pat. No. 11,030,231

ANGULAR K-MEANS FOR TEXT MINING

Intel Corporation, Santa...

1. An electronic processing system, comprising:a processor;
memory communicatively coupled to the processor; and
logic communicatively coupled to the processor to:
identify a dataset of N data objects,
identify K centroids,
determine an angular distance between a first data object of the data objects and a first centroid of the centroids,
assign the first data object to the first centroid based on the determined angular distance,
generate a N by K matrix of respective lower bounds, for each data object of the data objects and each centroid of the centroids, based on a triangle inequality, and
generate an array of size N of respective upper bounds for each data object of the data objects based on the triangle inequality.

US Pat. No. 11,030,230

SYSTEM AND METHOD FOR PROVIDING TECHNOLOGY ASSISTED DATA REVIEW WITH OPTIMIZING FEATURES

OPEN TEXT HOLDINGS, INC.,...

1. An electronic document system, comprising:a processor;
a non-transitory computer readable medium, comprising instructions for:
selecting a control set of documents from a plurality of documents in a data store;
presenting the control set of documents to a user;
receiving an indicator of responsiveness for each of the documents of the control set of documents;
and instructions for causing the document system to perform the steps of:
a) determining a responsiveness score for each of the plurality of documents according to a scoring algorithm including determining a document responsiveness probability for the document, determining a weighted topic score for the document for each of a set of topics in a topic-related generative model based on the document responsiveness probability and a topic-document weight between the topic and the document, generating an initial responsiveness score based on the topic-document weights of the document for each topic and the weighted topic score, and normalizing the document responsiveness probability based on the initial responsiveness score to determine the responsiveness score for the document;
b) determining a set of responsive documents of the plurality of documents based on the responsiveness score determined for each of the plurality of documents and the decision boundary score;
c) determining a confidence score for the document system using the responsiveness score for each of the documents of the control set and the indicator of responsiveness for each of the control set documents received from the user;
d) selecting one or more of the plurality of documents based on the responsiveness scores of the plurality of documents;
e) presenting the one or more selected documents to the user;
f) receiving the indicator of responsiveness from the user for each of the selected documents;
g) refining the scoring algorithm based on the indicator of responsiveness for each of the selected document; and
h) generating a desired confidence score for the document system and presenting the set of responsive documents to the user when the desired confidence score for the document system is achieved, wherein the confidence score for the document system is determined by comparing the responsiveness score for the documents of the control set to the indicator of responsiveness for the documents of the control set received from the user or by comparing the responsiveness score for the selected documents to the indicator of responsiveness for the selected documents received from the user.

US Pat. No. 11,030,229

AUTOMATIC RULE MODIFICATION

SPLUNK Inc., San Francis...

1. A computer-implemented method, comprising:receiving raw machine data;
generating, using one or more processors, a set of events, wherein each event in the set of events includes a portion of the raw machine data;
associating a time with each event in the set of events, the time for each event extracted from the raw machine data included in that event;
storing the set of events in a data store such that they are searchable at least by their associated times;
causing display of an extraction rule, wherein the extraction rule specifies how to extract a value for a field from raw machine data included in an event;
causing display of a subset of events of the set of events;
visually emphasizing in the displayed subset of events a value for the field that would be extracted from each of the events in the subset of events by applying the extraction rule;
receiving input indicating that the emphasized value in a given event in the subset of events should not be the value extracted for the field for the given event;
based on the input indicating that the emphasized value should not be the value for the field for the given event, automatically modifying the extraction rule so that it would extract a different value as a value for the field for the given event when applied to the given event; and
modifying the displayed given event to visually emphasize the different value for the field for the given event.

US Pat. No. 11,030,228

CONTEXTUAL INTERESTINGNESS RANKING OF DOCUMENTS FOR DUE DILIGENCE IN THE BANKING INDUSTRY WITH TOPICALITY GROUPING

International Business Ma...

1. A method of ranking documents according to contextual interestingness comprising:receiving a document to be analyzed in computer-readable form, by executing first instructions in a computer system;
receiving a subject of interest and a category of interest which is independent of the subject of interest, by executing second instructions in the computer system;
classifying the document to determine that it belongs to the category of interest, by executing third instructions in the computer system, wherein said classifying is carried out by a machine learning service which utilizes multiple natural language text classifiers each of which provides a decision as to a most likely category out of a plurality of available categories for a given passage, the category of interest is a mode of the decisions from all of the natural language text classifiers, and at least one of the natural language text classifiers is a naïve Bayes classifier with feature vectors generated using Word2Vec modeling;
identifying at least one entity in the document that corresponds to the subject of interest, by executing fourth instructions in the computer system;
grouping passages from the document that relate to the entity, by executing fifth instructions in the computer system;
analyzing the passages for sentiment to generate a sentiment score for each passage, by executing sixth instructions in the computer system; and
ranking the document based on the sentiment scores, by executing seventh instructions in the computer system.

US Pat. No. 11,030,227

DISCREPANCY HANDLER FOR DOCUMENT INGESTION INTO A CORPUS FOR A COGNITIVE COMPUTING SYSTEM

International Business Ma...

1. A method for ingesting a new document into a corpus of a cognitive computing system comprising the steps of:receiving, by a computing system, at least a portion of the new document prior to ingestion of at least the portion of the new document into the corpus of the cognitive computing system;
prior to ingestion of at least the portion of the new document into the corpus:
automatically querying, by a computing system, using the cognitive computing system, the corpus of the cognitive computing system plus at least the portion of the new document outside the corpus according to one or more questions previously associated with a category of documents in the corpus;
responsive to the querying, automatically detecting, by a computing system, one or more discrepancies between the portion and the corpus;
assigning, by a computing system, a confidence factor to each detected discrepancy;
reporting, by a computing system, the one or more discrepancies and the assigned confidence factors to a user; and
responsive to a user command, ingesting, by a computing system, the portion into the corpus.

US Pat. No. 11,030,226

FACILITATING ANSWERING QUESTIONS INVOLVING REASONING OVER QUANTITATIVE INFORMATION

INTERNATIONAL BUSINESS MA...

1. A system, comprising:a memory that stores computer executable components;
a processor, operably coupled to the memory, and that executes computer executable components stored in the memory, wherein the computer executable components comprise:
an analysis component that:
transforms a natural language query into a first logical representation,
wherein the natural language query involves one or more mathematical computations,
determines a context of the natural language query based upon data collected related to an activity of a user associated with the natural language query,
selects a domain from a plurality of domains based upon the context, and
translates extrinsic knowledge associated with the domain into a second logical representation relevant to the natural language query;
a merging component that merges the first logical representation and the second logical representation into a third logical representation; and
an answering component that generates answers for the natural language query based on processing of the third logical representation, wherein the answers comprise respective confidence values for the answers, and a confidence value for an answer is based on a quantity of sources in the domain that have a same set of equations for determining the answer.

US Pat. No. 11,030,225

GOLF COURSE MANAGEMENT TOOL

1. A method for managing a golf course, the method comprising:receiving a plurality of player locations respectively associated with a plurality of rounds of play on a golf course the plurality of player locations determined by sensors associated with individual players during the plurality of rounds of play on the golf course, at least some of the plurality of player locations representing ball-strike locations;
storing the plurality of player locations linked with their associated round of play in a database;
receiving a first user command over a network from a client device identifying a first portion of the golf course;
retrieving a set of one or more ball-strike locations from the plurality of player locations stored in the database, the set of one or more ball-strike locations located within the first portion of the golf course;
creating a first graphical representation based on the set of one or more ball-strike locations, the first graphical representation comprising a spidograph of approach shots to a green included in the first portion of the golf course, the spidograph providing information about percentages of the approach shots that are long, short, left and right of the green;
sending the first graphical representation over the network to the client device for presentation to a user;
receiving a second user command over the network from the client device defining a first selected area within the first portion of the golf course;
identifying a first set of rounds of play from the plurality of rounds of play on the golf course that are associated with a ball-strike location of the plurality of player locations that is located within the first selected area;
calculating at least one time-of-play statistic for the first set of rounds of play;
sending the at least one time-of-play statistic for the first set of rounds of play over the network to the client device for presentation to the user;
receiving a third user command over the network from the client device identifying a second portion of the golf course;
obtaining an overhead image of the second portion of the golf course;
retrieving a collection of one or more player locations from the plurality of player locations stored in the database, the collection of one or more player locations located within the second portion of the golf course;
creating a second graphical representation based on the collection of one or more locations and the overhead image of the second portion of the golf course;
sending the second graphical representation over the network to the client device for presentation to the user;
receiving a fourth user command from the client device over the network, the fourth user command including identification of three or more points on the second graphical representation to define a second selected area on the golf course;
receiving at least a first maintenance cost for a first feature type and a second maintenance cost for a second feature type of the golf course from the client device over the network;
identifying a current feature type of the second selected area as the first feature type and a proposed feature type for the second selected area as the second feature type; and
calculating a maintenance cost difference for the second selected area between the current feature type and the proposed feature type as a function of the first maintenance cost and the second maintenance cost.

US Pat. No. 11,030,224

DATA IMPORT AND RECONCILIATION

SAP SE, Walldorf (DE)

1. A method comprising:storing a plurality of unique area identifications each associated with a corresponding geospatial shape of geospatial shapes, wherein the plurality of unique area identifications are stored in a first field in one or more tables and the geospatial shapes are stored in a second field in the one or more tables;
storing a plurality of master geo-descriptors each associated with one of the unique area identifications, wherein the plurality of master geo-descriptors are stored in a third field in the one or more tables and the unique area identifications are stored in a fourth field in the one or more tables;
storing a plurality of alternative geo-descriptors in association with the unique area identifications, wherein each unique area identification is associated with a plurality of the alternative geo-descriptors, the plurality of alternative geo-descriptors are alternate representations of each of the master geo-descriptors, the plurality of alternative geo-descriptors and the master geo-descriptors are stored in a fifth field in the one or more tables, and the unique area identifications are stored in a sixth field in the one or more tables;
receiving a data set comprising at least one location field to be mapped to the unique area identifications;
joining the one or more tables; and
comparing data elements in the at least one location field to the plurality of alternative geo-descriptors, wherein
when particular data elements match one of the plurality of alternative geo-descriptors, determining the unique area identification associated with the matched one of the plurality of alternative geo-descriptors and associating the unique area identification with the matching data elements; and
when a particular data element does not match any of the plurality of alternative geo-descriptors:
performing a similarity search of the particular data element against the plurality alternative geo-descriptors to return a result set comprising one or more of the plurality alternative geo-descriptors having a likelihood greater than a threshold;
presenting the result set to a user for selection; and
determining the unique area identification associated with the user selected result.

US Pat. No. 11,030,223

COLLABORATION ACTIVITY SUMMARIES

Box, Inc., Redwood City,...

1. A method for summarizing collaboration activity into a graphical user interface that comprises ordered groupings of data, the method comprising:collecting multiple event records from a storage device of a collaboration system, the multiple event records characterizing one or more interaction events that are associated with multiple users that act on at least one of a first collaboration object or a second collaboration object within the collaboration system;
identifying one or more interaction event groups for the one or more interaction events at least by clustering one or more feature vectors associated with the one or more interaction events;
creating multiple summary entries for the one or more interaction event groups, wherein a summary entry of the multiple summary entries comprises first textual description of a first action performed by a first set of users of the multiple users on the first collaboration object and second textual description of a second action performed by a second set of users on the second collaboration object;
determining multiple different combinations of summary entries from the multiple summary entries;
generating a plurality of candidate summary pages that respectively correspond to the multiple different combinations of summary entries, wherein a candidate summary page of the plurality of candidate summary pages comprises both the first and the second description respectively pertaining to the first and the second collaboration objects;
determining at least one scored summary page from the plurality of candidate summary pages based at least in part upon a respective summary score, wherein the at least one scored summary page corresponds to a candidate summary page and is scored with the respective summary score based at least in part upon a different combination of summary entries for the candidate summary page and at least by combining multiple individual summary scores for individual summary entries in the different combination into the respective summary score; and
initiating operations to display, to a particular user, the at least one scored summary page within the graphical user interface.

US Pat. No. 11,030,222

SIMILARITY SHARDING

FAIR ISAAC CORPORATION, ...

1. A computer-implemented method comprising:parsing a datatype item into one or more tokens;
extracting at least one selected token from the parsed datatype item, the at least one selected token comprising a character string including one or more characters;
standardizing the character string of the at least one selected token;
extracting a first character from the one or more characters included in the at least one standardized selected token; and
assigning the datatype item to a select shard of a plurality of shards via a character distribution lookup based on the extracted first character, wherein the character distribution lookup comprises a pre-computed distribution of characters based on analysis of first character frequencies of a plurality of representative geographic locale-specific data samples, the pre-computed distribution of characters configured to balance frequency of occurrence of datatype items associated with the geographic locale across the plurality of shards.

US Pat. No. 11,030,221

SYSTEM FOR FAST AND SECURE CONTENT PROVISION

PERMUTIVE LIMITED, Londo...

1. A system for displaying content to a user, the system comprising a user device, a web element server and a code provisioning server:wherein the user device is arranged to initiate a web element request indicative of a web element;
the web element server is arranged to transmit the web element to the user device in response to the web element request;
the code provisioning server is arranged to receive a code portion request in response to the web element request;
the code provisioning server is arranged to transmit a code portion to the user device in response to the code portion request;
the user device is arranged to execute the code portion in response to the web element request, wherein:
executing the code portion causes a processor at the user device to collate user data at the user device;
executing the code portion causes a processor at the user device to generate an instruction to execute an action based on the collated user data; and
executing the code portion causes a processor at the user device to associate the user with at least one of a plurality of categories.

US Pat. No. 11,030,220

GLOBAL TABLE MANAGEMENT OPERATIONS FOR MULTI-REGION REPLICATED TABLES

Amazon Technologies, Inc....

1. A system, comprising:one or more hardware processors with associated memory that implement a database system, configured to:
receive, from a client device, a request to perform a management operation on a database object at a first location;
determine that the database object is one replica in a group of replicas maintained as part of a global object, wherein individual ones of the replicas are located at different locations, and changes in one replica of the global object are transmitted to one or more other ones of the different locations and replicated across all replicas of the global object;
determine that the management operation specifies a modification to a metadata property of the database object that is to be kept consistent across all replicas of the global object;
send the management operation from the first location to one or more other ones of the different locations to perform the management operation on one or more other replicas of the global object;
perform the management operation on the database object at the first location; and
acknowledge that the management operation has been performed on the global object.

US Pat. No. 11,030,219

METHOD FOR REPLACING A CURRENTLY OPERATING DATA REPLICATION ENGINE WITH A NEW DATA REPLICATION ENGINE WITHOUT APPLICATION DOWNTIME AND WHILE PRESERVING TARGET DATABASE CONSISTENCY, AND BY USING AUDIT TRAIL TOKENS

GRAVIC, INC., Malvern, P...

1. An automated method for replacing a currently operating data replication engine with a new data replication engine without application downtime and while preserving target database consistency,the currently operating data replication engine and the new data replication engine replicating source database transactions from an audit trail of a source database in a source system to a target database;
the method comprising replacing the currently operating data replication engine with the new data replication engine, the replacing comprising the steps of:
(a) the currently operating data replication engine replicating source database transactions including any new source database transactions committed in the audit trail of the source database before the currently operating data replication engine stopped replicating;
(b) generating a list of active database transactions, and recording the list of active database transactions as a first token into a position in the audit trail;
(c) stopping the currently operating data replication engine when all of the database transactions in the first token have completed;
(d) starting the new data replication engine;
(e) positioning the new data replication engine to begin processing source database transactions in the audit trail of the source database at a beginning position that is located at or prior to the position of the first token in the audit trail; and
(f) the new data replication engine replicating source database transactions, the replicating comprising:
(i) ignoring source database transactions in the first token,
(ii) ignoring source database transactions which completed prior to the position where the currently operating data replication engine stopped,
(iii) replicating remaining source database transactions from the source database to the target database, the remaining source database transactions being source database transactions started prior to the current data replication engine stopping, and not replicated by the currently operating data replication engine, and
(iv) replicating all new source database transactions started after the currently operating data replication engine stopped.

US Pat. No. 11,030,218

COMPUTER SYSTEM AND DATA PROCESSING METHOD

Hitachi, Ltd., Tokyo (JP...

1. A computer system configured to allocate master data and replica data that is reproduction of the master data in a plurality of server devices in a distributed manner, the computer system comprising:a memory; and
a processor in communication with the memory, the memory storing a program executable by the processor to cause the processor to:
configure a storage area management range covering the plurality of server devices as a range;
provide in advance, in the range, a temporary area for dynamic control of a total capacity to a master server that is one of the plurality of server devices in which the master data is allocated and a slave server that is one of the plurality of server devices in which the replica data is allocated;
manage a use status of the temporary area of each of the master server and the slave server with a capacity management table;
determine whether a data write request for requesting writing of data is executable or not based on the use status of the temporary area of the master server and the use status of the temporary area of the slave server in the capacity management table of a range to which the data requested to be written by the data write request belongs;
cause both of the master server and the slave server to execute the data write request when the processor determines that the data write request is executable; and
prevent both of the master server and the slave server from executing the data write request when the data write request is determined to be inexecutable.

US Pat. No. 11,030,217

BLOCKCHAIN IMPLEMENTING CROSS-CHAIN TRANSACTIONS

International Business Ma...

1. A computing system comprising:a storage configured to store, via a master chain, partition information that links together storage across a plurality of blockchains; and
a processor configured to receive a request to execute a blockchain transaction from a client, determine whether the blockchain transaction is associated with data stored on one blockchain or data stored separately on different blockchains based on the partition information stored on the master chain;
wherein, in response to a determination that the blockchain transaction is associated with data stored separately on different blockchains, the processor is further configured to identify, via the master chain, a location of each blockchain from among the different blockchains and transmit the locations to a system configured to perform the blockchain transaction.

US Pat. No. 11,030,216

REPLICATING NON-SUPPORTED DATA TYPES USING AN EXISTING SUPPORTED REPLICATION FORMAT

International Business Ma...

1. A method, in a data processing system, for replicating non-supported data types using an existing replication format supported by an existing replication system operating at a primary site and a secondary site, the method comprising:responsive to detecting an application, at the primary site, writing data in a non-supported format to a local storage that is to be replicated to the secondary site, intercepting, by an intercept routine operating at a primary site, the input/output (I/O) operation being performed by the application operating at the primary site;
converting, by the intercept routine, the data of the I/O operation m the non-supported format to a format supported by the existing replication system;
generating, by the intercept routine, a replication log record for the data in the format supported by the existing replication system; and
transmitting, by a primary site replication engine operating at the primary site, the data in the format supported by the existing replication system to the secondary site, wherein by transmitting the data in the format supported by the existing replication system to the secondary site, a secondary site replication engine operating at the secondary site:
stores the data in the format supported by the existing replication system described by the replication log record in a storage device at the secondary site thereby forming a replicated file;
converts the data in the format supported by the existing replication system to the non-supported format; and
stores the data in the non-supported format in the storage device at the secondary site for use by an application operating at the secondary site.

US Pat. No. 11,030,214

SYSTEM FOR IDENTIFICATION OF OUTLIER GROUPS

Microsoft Technology Lice...

1. A system comprising:a processing unit; and
a storage device comprising instructions, which when executed by the processing unit, configure the processing unit to:
retrieve metric data on a plurality of groups of users, the metric data including a value of a performance metric for each of the plurality of groups;
determine a control group of the plurality of groups utilizing a model based on a distance metric to calculate alikeness between users;
determine that a first group of the plurality of groups is anomalous with respect to a value of the performance metric of the control group, wherein determining that the first group is anomalous includes determining that a difference, between a median value of the performance metric for the plurality of users and a median value of the performance metric for the control group, exceeds a threshold value; and
present a user interface, the user interface including:
a first portion including a visualization of a comparison of the value of the performance metric for the first group and values of the performance metric of other groups in the plurality of groups, and an indication of the determined anomaly with reference to the determined control group; and
a second portion including a visualization of trend data of the performance metric for the first group over a period of time.

US Pat. No. 11,030,213

TRANSFORMING DATA STRUCTURES AND DATA OBJECTS FOR MIGRATING DATA BETWEEN DATABASES HAVING DIFFERENT SCHEMAS

Bank of America Corporati...

1. A computing platform, comprising:at least one processor;
a communication interface communicatively coupled to the at least one processor; and
memory storing computer-readable instructions that, when executed by the at least one processor, cause the computing platform to:
query a logical view of a data table associated with a first database maintained by a first database server in a first schema;
responsive to querying the logical view of the data table associated with the first database maintained by the first database server in the first schema, receive, via the communication interface, from the first database server, source data associated with the logical view;
split the source data associated with the logical view to produce a plurality of data chunks associated with the logical view;
move the plurality of data chunks associated with the logical view to a plurality of nodes associated with the computing platform;
command the plurality of nodes associated with the computing platform to transform the plurality of data chunks associated with the logical view to produce transformed data; and
move the transformed data from the plurality of nodes associated with the computing platform to a second database maintained by a second database server in a second schema different from the first schema,
wherein splitting the source data associated with the logical view to produce the plurality of data chunks associated with the logical view comprises identifying one or more available nodes and determining a uniform size of the plurality of data chunks associated with the logical view based on the one or more available nodes,
wherein a numerical column included in the logical view of the data table associated with the first database maintained by the first database server provides an index indicative of a total size of the source data associated with the logical view, and
wherein splitting the source data associated with the logical view to produce the plurality of data chunks associated with the logical view comprises splitting the source data associated with the logical view based on the numerical column to balance processing load across the one or more available nodes.

US Pat. No. 11,030,212

REDIRECTING QUERY TO VIEW MASKED DATA VIA FEDERATION TABLE

INTERNATIONAL BUSINESS MA...

1. A computer-implemented method comprising:receiving, by a computer device, a database query of a database from a database client;
determining, by the computer device and based on the database query, a to-be-masked portion of data, the to-be-masked portion of the data including data that is not to be accessed by the database client;
sending, by the computer device, the database query to at least one view of the database for the to-be-masked portion of the data, the at least one view of the database residing on a federated database system and containing none of the data that is not to be accessed by the database client;
receiving, by the computer device and in response to the sending, masked resultant data from the federated database system;
determining, by the computer device and based on the database query, an unmasked portion of the data;
directing, by the computer device, the database query to the database for the unmasked portion of the data;
receiving, by the computer device and in response to the directing, unmasked resultant data from the database;
combining, by the computing device, the masked resultant data and the unmasked resultant data to form combined data; and
forwarding, by the computer device, the combined data to the database client,
wherein the to-be-masked portion of the data is masked in the at least one view of the database.

US Pat. No. 11,030,211

MIGRATING PAGE LAYOUT REPRESENTATIONS OF DATABASE ENTRIES

Salesforce.com, Inc., Sa...

1. A method comprising:receiving at a communications interface a plurality of representation configuration messages identifying a source database object representation, the source database object representation including a first plurality of graphical elements that are each associated with a respective database object field, the source database object representation facilitating the display and editing of data associated with one or more instances of one or more database objects stored in a database, the database being accessible via an on-demand computing services environment configured to provide computing services to a plurality of organizations via the internet, the source database object representation being common to the plurality of organizations;
creating a first interactive database object representation via a processor based on the source database object representation and a first one of the representation configuration messages, the first interactive database object representation including a second plurality of graphical elements that are each associated with a respective database object field, the first interactive database object representation being customized for a first one of the plurality of organizations;
creating a second interactive database object representation via the processor based on the source database object representation and a second one of the representation configuration messages, the second interactive database object representation including a third plurality of graphical elements that are each associated with a respective database object field, the second interactive database object representation being customized for a second one of the plurality of organizations; and
publishing the first and second interactive database object representations to a storage medium for transmission upon request to client machines via a network, each of the respective database object fields being associated with a respective database object definition within the database, the second plurality of graphical elements being different than the third plurality of graphical elements, the first and second interactive database object representations facilitating the display and editing of data associated with the one or more instances of the one or more database objects.

US Pat. No. 11,030,210

HIERARCHICAL RULES FOR DISPLAYING USER INTERFACE PAGES

salesforce.com, inc., Sa...

1. A system comprising:one or more processors; and
a non-transitory computer readable medium storing a plurality of instructions, which when executed, cause the one or more processors to:
store one or more action override rules into a hierarchy of rules applicable to a plurality of users, the hierarchy of rules having a default first level rule and one or more default second level rules, the default first level rule and the one or more default second level rules each including display criteria associated with a corresponding one of a plurality of user interface pages, each of the one or more action override rules including display criteria associated with a corresponding user interface page of the plurality of user interface pages;
receive a user action associated with a request criteria;
determine whether the request criteria associated with the user action matches the display criteria of the one or more action override rules;
cause, in response a determination that the display criteria of one of the action override rules matches the request criteria associated with the user action, the display of the user interface page associated with the display criteria of the action override rule with the matching criteria; and
cause, in response to a determination that there is no action override rule having display criteria that matches the request criteria associated with the user action, the display of the user interface page associated with the display criteria of a corresponding one of the one or more default second level rules.

US Pat. No. 11,030,209

UNSUPERVISED LEARNING TO FUSE FOR INFORMATION RETRIEVAL

International Business Ma...

1. A method comprising:evaluating, using a hardware processor exercising a plurality of rankers, a query on a corpus of electronic documents stored in a document database using a plurality of retrieval methods corresponding to the plurality of rankers;
obtaining, using the hardware processor, a ranked list for each of the plurality of retrieval methods;
generating, using the hardware processor, a plurality of fused ranked lists;
sampling, using the hardware processor, the plurality of fused ranked lists, each fused ranked list fusing said ranked lists for said plurality of retrieval methods;
sorting, using the hardware processor, said sampled fused ranked lists;
in an unsupervised manner, optimizing, using the hardware processor, an objective comprising a likelihood that a fused ranked list, fusing said ranked lists for each of said plurality of retrieval methods, is relevant to a query and a relevance event, to optimize said sampling, until convergence is achieved;
determining, using the hardware processor, documents of the fused ranked list based on the optimization; and
generating a user interface for displaying an identification of the documents of the fused ranked list.

US Pat. No. 11,030,208

DISTANT CONTENT DISCOVERY

MICROSOFT TECHNOLOGY LICE...

1. A computer-implemented method for surfacing distant relevant information to a user in a content feed, comprising:querying, by a computer, an organizational graph for activity data associated with the user and one or more individuals with whom the user is not closely related;
analyzing signals between the one or more individuals with whom the user is not closely related and one or more distant information items on which the user has not acted, wherein the one or more distant information items are information items associated with the one or more individuals with whom the user is not closely related;
determining scores for the one or more distant information items by calculating two scores for each of the one or more distant information items, wherein a first score is calculated using a feature weight for a colleague, and a second score is calculated using a feature weight for an elevated peer;
ranking the one or more distant information items for inclusion in the content feed for the user, wherein the ranking is based on the scores, and ranks the one or more distant information items as a possible content feed candidate;
determining, by the computer, whether the one or more distant information items are content feed candidates; and
responsive to a positive determination that a distant information item of the one or more distant information items is a content feed candidate, generating a content card for the distant information item for display in the content feed.

US Pat. No. 11,030,207

UPDATING DISPLAYED DATA VISUALIZATIONS ACCORDING TO IDENTIFIED CONVERSATION CENTERS IN NATURAL LANGUAGE COMMANDS

Tableau Software, Inc., ...

1. A method of using natural language for visual analysis of a dataset, comprising:at computer having a display, one or more processors, and memory storing one or more programs configured for execution by the one or more processors:
displaying a data visualization based on a first dataset retrieved from a database using a first set of one or more queries;
receiving a first user input to specify a first natural language command related to the data visualization;
extracting a first set of one or more independent analytic phrases from the first natural language command;
computing a first set of one or more conversation centers associated with the first natural language command based on the first set of one or more analytic phrases;
creating a first set of one or more functional phrases by computing a first set of analytical functions associated with the first set of one or more conversation centers;
updating the data visualization based on the first set of one or more functional phrases;
receiving a second user input to specify a second natural language command related to the updated data visualization;
extracting a second set of one or more independent analytic phrases from the second natural language command;
computing a temporary set of one or more conversation centers associated with the second natural language command based on the second set of one or more analytic phrases;
deriving a second set of one or more conversation centers from the first set of one or more conversation centers and the temporary set of one or more conversation centers using one or more transitional rules; and
updating the data visualization based on the second set of one or more conversation centers, including highlighting or filtering data marks whose characteristics correspond to a data attribute corresponding to the second set of one or more conversation centers.

US Pat. No. 11,030,206

DISPLAY METHOD AND DISPLAY APPARATUS

FUJITSU LIMITED, Kawasak...

1. A non-transitory computer-readable storage medium storing a computer program that causes a computer to execute a process comprising:accepting designation of a first entity included in a database that includes a plurality of entities and a plurality of links indicating relationships between the plurality of entities, each of the plurality of entities having an entity type, the designated first entity having a first entity type;
acquiring a query template that describes a look-up condition for searching the database, the query template including a parameter to which identification information of one of the plurality of entities is to be assigned, and acquiring an entity type condition indicating a second entity type of the parameter;
generating a first query from the query template by assigning first identification information of the designated first entity to the parameter, in response to determining that the first entity type is identical to the second entity type;
selecting a second entity that is coupled to the designated first entity via one or more links in the database and has the second entity type from among the plurality of entities, in response to determining that the first entity type is not identical to the second entity type, and generating a second query based on second identification information of the selected second entity and the query template; and
retrieving data to be used in display processing from the database by using generated one of the first query and the second query.

US Pat. No. 11,030,205

CONTEXTUAL DATA TRANSFORMATION OF IMAGE CONTENT

MICROSOFT TECHNOLOGY LICE...

1. A method performed by a processor of a computing system, comprising:generating, by a contextual image analysis service, an annotation for an object located within an image, wherein the annotation identifies a type of the object;
prefixing, by the contextual image analysis service, content to the annotation to generate a query, wherein the query is a question;
identifying, by the contextual image analysis service, a search result based upon the query, wherein the search result is an answer to the question;
causing a user interface to be displayed on a display, wherein the user interface comprises the image and the query;
responsive to receiving a selection of the query displayed within the user interface, updating the user interface to additionally display the search result; and
causing a user interface feature to be presented on the display to allow user feedback for training the contextual image analysis service, wherein the contextual image analysis service adapts over time and learns at least one of placement, positioning, size, and amount of contextually relevant data objects to present to users, the contextually relevant data objects comprising questions and answers to the questions.

US Pat. No. 11,030,204

SCALE OUT DATA STORAGE AND QUERY FILTERING USING DATA POOLS

MICROSOFT TECHNOLOGY LICE...

1. A computer system, comprising:one or more processors; and
one or more computer-readable media having stored thereon computer-executable instructions that, when executed at the one or more processors, cause the computer system to perform the following:
receive a first database query at a master node or a compute pool within a database system, the first database query targeting an external data source;
based on receiving the first database query, and based on the first database query being a read query:
identify a data pool within the database system, in which, (i) the data pool comprises a plurality of data nodes, each data node including a relational engine and relational storage; and (ii) each data node caches a different partition of data from the external data source in its relational storage; and
process the first database query across the plurality of data nodes, including requesting that each data node perform a filter operation against its cached partition of the external data source stored in its relational storage, and return any data from the partition that matches the filter operation;
receive a second database query at the master node or the compute pool within the database system;
based on receiving the second database query, and based on the second database query being a write query, route the second database query to the external data source, which modifies at least one record in the external data source; and
subsequent to routing the second database query to the external data source, ingest the modified at least one record from the external data source into the data pool.

US Pat. No. 11,030,203

MACHINE LEARNING DETECTION OF DATABASE INJECTION ATTACKS

SAP SE, Walldorf (DE)

1. A method, implemented in a computing system comprising one or more processors and one or more memories coupled to the one or more processors, the one or more memories comprising computer-executable instructions for causing the computing system to perform operations comprising:receiving user input for a first dynamic query, the user input comprising one or more characters;
escaping the user input to provide escaped user input, the escaping comprising adding at least one character to the one or more characters to indicate that at least one character of the one or more characters corresponds to user input, the escaped user input comprising the one or more characters of the user input and the at least one character;
forming a first version of the first dynamic query by adding the user input to a dynamic query language statement comprising a plurality of query language operators and executable by a database system to provide first query results;
forming a second version of the first dynamic query by adding the escaped user input to the dynamic query language statement, the second version of the first dynamic query comprising the plurality of query language operators and executable by the database system to provide second query results, wherein the second query results are the first query results or are different than the first query results;
parsing and tokenizing the first version of the first dynamic query to obtain a first set of tokens;
parsing and tokenizing the second version of the first dynamic query to obtain a second set of tokens;
comparing the first and second set of tokens;
determining whether the first and second sets of tokens are equal based on the comparing;
generating a training label based on the determining, the training label indicating whether the user input may be associated with an attempted security violation; and
training a machine learning component with the user input and the training label to, at least in part, provide a trained classifier, wherein the trained classifier is usable to determine whether a second dynamic query may be associated with an attempted security violation.

US Pat. No. 11,030,202

METHOD AND DEVICE FOR RECOMMENDATION OF MEDIA CONTENT

TENCENT TECHNOLOGY (SHENZ...

1. A computer-implemented method for recommending media items stored in a media content library to a user, the method comprising:at a computing device having one or more processors and memory storing program modules to be executed by the processors:
assigning a plurality of labels to the media items, each label corresponding to a respective one of the media items;
for each of the plurality of labels,
computing a label score for the label based on a first ratio of a count of media items stored in the media content library having the label and a count of media items stored in the media content library and a second ratio between a total amount of user-assigned scores of the media items having the label and the first ratio;
identifying, within the media content library, a first plurality of media items having the label;
excluding, from the first plurality of media items having the label, media items that have been made accessible to the user during a predefined time period to obtain a second plurality of media items having the label;
ranking the second plurality of media items having the label in accordance with their respective user-assigned scores; and
selecting, based on the ranking, a predetermined number of recommended media items having highest user-assigned scores to be recommended to the user;
selecting a first subset of labels having highest label scores from the plurality of labels in accordance with their respective label scores;
identifying, within the media content library, a list of recommended media items corresponding to the first subset of labels;
sorting the list of recommended media items in a descending order based on their respective user scores and corresponding label scores; and
pushing the sorted list to a user terminal associated with the user.

US Pat. No. 11,030,201

PRELIMINARY RANKER FOR SCORING MATCHING DOCUMENTS

MICROSOFT TECHNOLOGY LICE...

1. A computer-implemented method for a preliminary ranker prior to a final ranker to generate a preliminary rank score for a document based on a search query, the method comprising:accessing a table associated with the document that stores pre-computed data used to derive a frequency for each of a plurality of terms in the document;
algorithmically determining the frequency of at least one term from the search query based on the pre-computed data from the table; and
computing a preliminary rank score of the document based at least on the frequency and one or more real-time components that are computed in real-time based on the document and the search query.

US Pat. No. 11,030,200

INTEGRATION OF ARTIFICIAL INTELLIGENCE-BASED DATA CLASSIFICATION PROCESSES WITH A PROCUREMENT SYSTEM TO RELATIVIZE AN ENTITY SCORE

Coupa Software Incorporat...

1. A method, comprising:generating first actionable output that identifies a particular supplier and an intrinsic score for the particular supplier that is calculated using intrinsic factor data for the particular supplier, wherein the intrinsic factor data is obtained from a plurality of instances of procurement software;
determining a set of weights using peer spend data of a set of peer suppliers, wherein the set of peer suppliers is identified based on a spend category that is associated with the peer spend data by an artificial intelligence-based process;
applying the set of weights to a set of intrinsic scores for the set of peer suppliers to produce a set of peer scores, wherein a weight in the set of weights is calculated using the peer spend data;
aggregating the set of peer scores to produce an aggregate peer score;
generating second actionable output, wherein the second actionable output replaces or modifies or supplements the first actionable output based on a comparison of the intrinsic score for the particular supplier to the aggregate peer score, wherein the method is performed by one or more computing devices.

US Pat. No. 11,030,199

SYSTEMS AND METHODS FOR CONTEXTUAL RETRIEVAL AND CONTEXTUAL DISPLAY OF RECORDS

RIPCORD INC., Hayward, C...

1. A computer-implemented method for contextual enhancement of search queries, comprising:(a) receiving from a user, via a user interface, a search query;
(b) determining, with aid of one or more computer processors, a first natural language processing (NLP) model of a plurality of NLP models corresponding to the search query, wherein the first NLP model corresponds to a first set of one or more keywords;
(c) determining, with aid of one or more computer processors, a second NLP model, of the plurality of NLP models, wherein the second NLP model corresponds to a second set of one or more keywords, wherein the first NLP model and the second NLP model have a proximity relationship with a weight value at or above a predetermined threshold;
(d) enhancing the search query with keywords of the second set of one or more keywords not originally present in the search query, to generate an enhanced search query; and
(e) executing the enhanced search query.

US Pat. No. 11,030,198

REDUCING RESOURCE CONSUMPTION OF A SIMILARITY INDEX IN DATA DEDUPLICATION

INTERNATIONAL BUSINESS MA...

1. A method for reducing resource consumption of a similarity index in a data deduplication system by a processor, comprising:representing in the similarity index only a latest generation of repository data, wherein a single latest entry is maintained for a representative value in the similarity index;
applying implicit deletion in the similarity index such that a similarly index entry is not removed or overwritten until a change with associated data of the similarity index entry is detected;
maintaining a subset of bytes of the representative value in the similarity index entry to reduce an input/output (I/O) load on the similarity index of the data deduplication system;
deduplicating a respective one of a plurality of similarity units with a corresponding similarity unit of a previous snapshot; and
examining a deduplication coverage;
wherein if a deduplication coverage threshold is not met, a similarity search is conducted and the respective one of the plurality of similarity units is deduplicated with a unified set of digest matches combined from the corresponding similarity unit of the previous snapshot and a found similarity unit residing in the similarity index.

US Pat. No. 11,030,197

SYSTEM, METHOD, AND NON-TRANSITORY COMPUTER-READABLE STORAGE MEDIA FOR LOCATING A RECEIPT FOR A PRODUCT

WALMART APOLLO, LLC, Ben...

1. A system comprising:one or more processors; and
one or more non-transitory computer-readable media storing computing instructions configured to run on the one or more processors and perform:
storing electronic receipts for a user in a database;
receiving, from an electronic device of the user, product identification information;
searching the electronic receipts to identify two or more of the electronic receipts listing a product referenced by the product identification information; and
facilitating a simultaneous display, on the electronic device of the user, of each respective electronic receipt of the two or more of the electronic receipts,
wherein the simultaneous display of each respective electronic receipt comprises:
(i) an overall view of the respective electronic receipt; and
(ii) an individual item view for the product listed in the respective electronic receipt.

US Pat. No. 11,030,196

METHOD AND APPARATUS FOR PROCESSING JOIN QUERY

HUAWEI TECHNOLOGIES CO., ...

1. A join query processing method, comprising:determining a frequent table combination, wherein the frequent table combination is a table combination whose emergence frequency in a historical query record is greater than a preset value, and wherein the table combination comprises a join key and tables that are joined by using the join key;
creating a clustered index according to information about the join key in the frequent table combination, wherein a quantity of index columns in the clustered index is the same as a quantity of join keys in the frequent table combination, and wherein the clustered index indicates a storage location of records that have a same index column value in the frequent table combination; and
performing a shuffle operation according to the index columns in the clustered index, and centrally saving the records that have the same index column value into at least one data block to form a table cluster corresponding to the frequent table combination, wherein at least one of the at least one data block includes one index column value, and wherein the records that have the same index column value are records in the tables that are joined by using the join key.

US Pat. No. 11,030,195

IDENTIFYING AND MITIGATING HIGH-RISK DATABASE QUERIES THROUGH RANKED VARIANCE ANALYSIS

FMR LLC, Boston, MA (US)...

1. A system for identifying and mitigating high-risk database queries through ranked variance analysis, the system comprising a server computing device that:identifies a plurality of database queries executed against one or more databases in a production computing environment within a predetermined time period, each database query associated with a plurality of execution plans, each execution plan having corresponding plan data elements comprising a query id number, a parsing schema, a number of plan executions, an average execution time, an average number of buffer gets, and a query text;
for each database query:
generates execution variance data for the plurality of execution plans for a database query based upon the corresponding plan data elements, comprising:
determining an execution time variance between the plurality of execution plans for the database query, comprising:
identifying the average execution time for each of the plurality of execution plans for the database query;
selecting a maximum average execution time (MaxAET) and a minimum average execution time (MinAET) from the identified average execution times;
determining a variance between MaxAET and MinAET by:
(MaxAET?MinAET)/MinAET; and
assigning the determined variance as the execution time variance; and
determining a buffer gets variance between the plurality of execution plans for the database query;
ranks the plurality of database queries according to (i) the execution time variance for each database query, and (ii) the buffer gets variance for each database query;
identifies one or more high-risk database queries based upon the rank of the plurality of database queries; and
adjusts one or more execution settings for each of the identified high-risk database queries to mitigate performance degradation in the production computing environment caused by execution of the identified high-risk database queries, comprising changing an execution status for each of the identified high-risk database queries in the database which prevents the identified high-risk database queries from being executed in the production computing environment, and
when the production computing environment requests execution of any of the identified high-risk database queries, the production computing environment analyzes the execution status for the requested high-risk database queries and determines that the requested high-risk database queries are unavailable for execution.

US Pat. No. 11,030,194

DEMAND-DRIVEN DYNAMIC AGGREGATE

International Business Ma...

1. A method of generating an aggregate, the method comprising:receiving, by one or more processors, a second query for execution subsequent to executing a number of previous first queries;
determining, by the one or more processors, if the second query can be executed against an aggregate to obtain data responsive to the second query, wherein the aggregate comprises a prefabricated result summary of a group of query statements;
based on determining that the second query cannot be executed against the aggregate, obtaining, by the one or more processors, a value from a counter, wherein the value indicates a number of times the second query has been received by the one or more processors for execution;
based on determining that the second query has been received by the one or more processors for execution a predefined number of times, optimizing, by the one or more processors, efficiency related to data accesses in a database by generating a new aggregate, the generating comprising:
based on receiving the second query comprising a filter criterion, determining whether at least a threshold number of previous first queries executed during a predefined time period before receiving the second query comprise a similar filter criterion, wherein a first query of the at least the threshold number of previous first queries comprises the similar filter criterion if a first set of filtering fields of the first query is a subset of a second set of filtering fields of the second query and a number of different filtering values between the first query and the second query is below a predefined threshold number of different filtering values;
based on determining, responsive to receiving the second query, that the at least the threshold number of previous first queries comprise the similar filter criterion, dynamically generating the new aggregate, on-the-fly, using the similar filter criterion as an aggregation criterion, wherein future queries comprising the similar filter criterion or comprising the filter criterion, are satisfied by executing the future queries against the new aggregate instead of against containers or tables of the database comprising underlying base data of the new aggregate, wherein the new aggregate is generated using filtering fields comprised in aggregate generating filter criterion, wherein the second query is satisfied by being executed against the new aggregate and the second query comprises a native query of the new aggregate, and wherein the new aggregate is generated on an abstraction layer above the native query such that the new aggregate is a generalization of the native query; and
satisfying, by the one or more processors, the second query by executing the second query against the new aggregate, wherein the new aggregate provides data responsive to the second query;
receiving, by the one or more processors, a new query for execution against the database to access data in the database;
determining, by the one or more processors, that the new query comprises the similar filter criterion or the filter criterion;
determining, by the one or more processors, if one or more of the containers or the tables of the database comprising the underlying base data of the new aggregate have been updated;
based on determining that the underlying base data of the new aggregate have been updated, automatically invalidating, by the one or more processors, the new aggregate and automatically executing the new query against the containers or the tables of the database comprising the underlying base data of the new aggregate;
based on determining that the underlying base data of the new aggregate have not been updated, automatically executing, by the one or more processors, the new query against the new aggregate instead of against the containers or the tables of the database comprising the underlying base data of the new aggregate, wherein the new aggregate provides data responsive to the new query, wherein the executing comprises:
determining, based on executing the new query against the new aggregate, that a number of occurrences of values corresponding to a filtering field comprised in the filter criterion having generated the new aggregate exceed a threshold count; and
generating a smaller aggregate based on narrowing the new aggregate by dividing the value range of the filter field into an upper portion and a lower portion to lower a number of results in the result set of the new query.

US Pat. No. 11,030,193

SUBQUERY PREDICATE GENERATION TO REDUCE PROCESSING IN A MULTI-TABLE JOIN

International Business Ma...

1. A computer-implemented method, comprising operations for:determining that a query is to be rewritten based on database statistics showing mismatched key ranges for column values used for a join between a first table and a second table, wherein the query includes a predicate for a first column of the first table and a second column of the second table, wherein the mismatched key ranges comprise a first range for the first table and a second range for the second table that have a common subset of values, wherein the database statistics are collected for the first table and the second table, and wherein the predicate is one of an equi-join predicate and a range-join predicate;
generating first subquery predicates for the first table that are to be applied to the second table;
generating second subquery predicates for the second table that are to be applied to the first table;
rewriting the query with the first subquery predicates and the second subquery predicates;
determining the first range with minimum and maximum values for columns of the first subquery predicates and a second range with minimum and maximum values for columns of the second subquery predicates;
merging the first range and the second range to determine inclusive ranges that exist in the first table and the second table, wherein the inclusive ranges are for the common subset of values;
rewriting the first subquery predicates and the second subquery predicates as derived local subquery predicates with the inclusive ranges; and
executing the query with the derived local subquery predicates to retrieve data.

US Pat. No. 11,030,192

UPDATES TO ACCESS PERMISSIONS OF SUB-QUERIES AT RUN TIME

SPLUNK Inc., San Francis...

1. A computer-implemented method, comprising:assigning a first access permission to a first query, wherein the first access permission grants access rights to a portion of a data source that satisfies the first query;
receiving a second query that is associated with a second access permission that grants the access rights of the first access permission to the portion of the data source in response to executing the second query, wherein the first query is a subquery of the second query; and
in response to the executing the second query, granting the access rights of the first access permission to the portion of the data source that satisfies the first query based at least on identifying the second access permission is associated with the second query, such that when the first query is executed as the subquery of the second query, the portion of the data source that satisfies the first query is accessed.

US Pat. No. 11,030,191

QUERYING OVER EXTERNAL TABLES IN DATABASE SYSTEMS

Snowflake Inc., San Mate...

1. A method comprising:receiving, from a client, by a database platform comprising one or more hardware processors, a query comprising one or more predicates, the query directed at least in part to an external table stored in an external storage platform that is external to the database platform, the external table comprising a plurality of rows and a plurality of columns, data in the external table being organized according to a hierarchical structure of a source directory of the external storage platform, the hierarchical structure comprising subfolders and further comprising leaves corresponding to files in which the data in the external table is arranged, the files being stored in the subfolders;
receiving, from the client, by the database platform, an indication of the hierarchical structure;
generating, by the database platform and based on the received indication of the hierarchical structure, metadata that includes defining different partitions of the external table as corresponding to different ones of the subfolders, the metadata being internal to the database platform, the metadata comprising, for each of the different partitions, ranges of values in at least one column of the plurality of columns;
determining, by the database platform, based on the one or more predicates of the query and based further on the ranges of values in the metadata, that a given partition of the external table comprises data satisfying the one or more predicates of the query;
identifying, based on the metadata, that the given partition of the external table corresponds to a given subfolder in the hierarchical structure;
retrieving, by the database platform, the data satisfying the one or more predicates of the query from the given subfolder corresponding to the given partition; and
responding, by the database platform, to the query at least in part with the retrieved data.

US Pat. No. 11,030,190

EXPERIENCE ANALYTIC OBJECTS, SYSTEMS AND METHODS

Wormhole Labs, Inc., Hun...

1. An experience analysis system, the system comprising:one or more computer processors;
one or more computer readable storage devices;
an experience database configured to store, by the one or more computer processors, experience data related to a user and associated with a plurality of experience feeds; and
an analysis engine coupled with the experience database and configured to:
identify, by the one or more computer processors, a first collection of experience feeds associated with a first event and a second collection of experience feeds associated with a second event;
obtain, by the one or more computer processors, a first set of experience data from the database for the first collection of experience feeds and a second set of experience data from the database for the second collection of experience feeds;
analyze, by the one or more computer processors, first set of cluster-based metrics of a first cluster of participants associated with the first event and a second set of cluster-based metrics of a second cluster of participants associated with the second event, wherein the first cluster of participants and the second cluster of participants, are located in different locations, and wherein the first set of cluster-based metrics includes a first demographic-based metric and the second set of cluster-based metrics includes a second demographic-based metric;
generate, by the one or more computer processors, a first rules set associated with the first set of cluster-based metrics and the first set of demographic-based metrics;
generate, by the one or more computer processors, a second rules set associated with the second set of cluster-based metrics and the second set of demographic-based metrics;
configure, by the one or more computer processors, an output device to present a first customized experience feed associated with the first rules set and a second customized experience feed associated with the second rules set,
wherein the first customized experience feed includes one or more portions of the first collection of experience feeds to curate a first user-customized experience feed, and
wherein the second customized experience feed includes one or more portions of the second collection of experience feeds to curate a second user-customized experience feed.

US Pat. No. 11,030,189

MAINTAINING UP-TO-DATE MATERIALIZED VIEWS FOR TIME-SERIES DATABASE ANALYTICS

Timescale, Inc., New Yor...

1. A computer-implemented method comprising:creating a first table in a database system, wherein the first table stores a set of records, wherein each record has values of a first plurality of attributes, the first plurality of attributes including a first time attribute;
creating a second table in the database system associated with the first table, wherein the second table stores a set of records, wherein each record has a second plurality of attributes, the second plurality of attributes including a second time attribute, and the records of the second table are at least partially derived from records in the first table;
repeating the following steps one or more times:
(a) processing one or more insert requests, the processing comprising, for each of the one or more insert requests:
receiving, by the database system, the insert request specifying a set of one or more input records, each input record having values of the first plurality of attributes;
updating the first table by storing the set of input records in the first table;
determining a first set of regions of the first table representing records that have been updated in the first table and are pending update to the second table using derived records, wherein the first set of regions is determined based on factors comprising the values of the time attributes of the input records; and
updating metadata stored in the database system to represent the first set of regions; and
(b) for each iteration from one or more iterations:
responsive to the first table being updated, using the updated metadata to determine a second set of regions of the first table representing records that have been updated in the first table and are pending update to the second table using derived records, where the second set of regions overlaps with the first set of regions;
calculating one or more derived records of the second table based on the second set of regions, each derived record having values of the second plurality of attributes, wherein each derived record is at least partially derived from one or more records in the first table, and wherein at least one derived record is at least partially derived from one of the input records;
updating the second table by storing the derived records in the second table; and
updating the metadata to reflect that the second table has been updated using records derived from records of the first table from one of more regions of the second set of regions; and
responsive to a subsequent query, generating a set of query results derived from records in the first or second table.

US Pat. No. 11,030,188

PLATFORM FOR ATOMIC TRANSFER OF SMART ASSETS WITHIN BLOCKCHAIN NETWORKS

Advanced New Technologies...

1. A computer-implemented method executed by one or more processors and comprising:receiving a transfer request that comprises a sending node identifier of a sending node in a blockchain network, a receiving node identifier of a receiving node in the blockchain network, an identifier of an original smart asset, and a transfer value that represents a quantity of the original smart asset that is to be transferred from the sending node to the receiving node;
determining that the original smart asset is transferrable, and then:
generating, from the original smart asset, a remainder smart asset and a transfer smart asset that each include the same properties as the original smart asset;
assigning a first identifier and a first value to the remainder smart asset, wherein the first value is a remainder of an original value of the original smart asset minus the transfer value, and assigning a second identifier and the transfer value to the transfer smart asset;
recording the remainder smart asset to the sending node of the blockchain network and recording the transfer smart asset to the receiving node of the blockchain network; and
deleting the original smart asset upon recording the remainder and the transfer smart assets;
receiving a merger request upon a successful completion of the transfer request, the merger request comprising an identifier of the receiving node and an identifier of the transfer smart asset;
determining whether the transfer smart asset is capable of merger with a target smart asset associated with the receiving node at least partially based on the identifier of the transfer smart asset and an identifier of the target smart asset; and
in response to determining that the transfer smart asset is capable of being merged with the target smart asset, automatically:
updating the target smart asset to include properties of the transfer smart asset and a new value,
recording the updated target smart asset to the receiving node, and
deleting the transfer smart asset; and
in response to determining that the transfer smart asset is not capable of being merged with the target smart asset, automatically recording the transfer smart asset to the receiving node.

US Pat. No. 11,030,187

DISTRIBUTED DATABASE SYSTEMS AND STRUCTURES

salesforce.com, inc., Sa...

1. A method comprising:generating a tree structure of chunks in a data repository to store a set of values, the generating comprising:
dividing the set of values amongst first chunks;
determining first chunk identifiers for the first chunks by, for each chunk of the first chunks, inputting one or more values of the chunk into a function to calculate a chunk identifier for the chunk;
dividing the first chunk identifiers amongst second chunks;
determining second chunk identifiers for the second chunks by, for each chunk of the second chunks, inputting one or more of the first chunk identifiers in the chunk into the function to calculate a chunk identifier for the chunk;
storing each chunk of the first chunks and the second chunks, respectively, at a storage address determined from the chunk identifier determined for the chunk; and
storing a root chunk that comprises the second chunk identifiers at a storage address determined based on inputting the second chunk identifiers into the function; and
reading, by one or more computer processors, the set of values by retrieving each chunk of the root chunk, first chunks, and second chunks from the storage address determined for the chunk.

US Pat. No. 11,030,186

INCREMENTAL REFRESH OF A MATERIALIZED VIEW

Snowflake lnc., San Mate...

1. A system comprising:a compute service manager for managing internal operations of a cloud-based database platform;
a plurality of shared storage devices collectively storing database data, wherein the plurality of shared storage devices is independent of the compute service manager; and
an execution platform comprising a plurality of execution nodes, wherein the execution platform independent is independent of the plurality of shared storage devices and the compute service manager;
wherein the compute service manager is configured to:
generate a materialized view based on a source table, the materialized view being a database object that includes results of a persistent query, the source table including a set of micro-partitions, and the materialized view combining information in the set of micro-partitions in the source table into a single micro-partition in the materialized view;
merge the source table and the materialized view to generate a merged table to identify whether an update has been executed on the source table that is not reflected in the materialized view, the update including a modification to one or more of micro-partitions in the set of micro-partitions in the source table;
in response to detecting an update made to the source table that is not reflected in the materialized view, assign tasks to one or more execution nodes of the execution platform to apply the update to the materialized view, the applying of the update including updating the single micro-partition in the materialized view corresponding to the set of micro-partitions in the source table to generate an updated materialized view; and
generate a response to a query using data directly from the updated materialized view without accessing the source table.

US Pat. No. 11,030,185

SCHEMA-AGNOSTIC INDEXING OF DISTRIBUTED DATABASES

Microsoft Technology Lice...

1. A method of storing a data set on a set of servers, wherein the set of servers comprises at least one storage server that stores at least a portion of the data set, the method comprising:configuring an index server of the set to:
store a data set index comprising:
a first index in a first index format that fulfills queries of a first query type, and
a second index in a second index format that fulfills queries of a second query type;
receive a record to be stored by a storage server of the set;
add the record to both the first index and the second index of the index server including an indication of the storage server that stores the record, wherein the data set further comprises:
a first subset of records that are stored by a first storage server according to a first data set schema, and
a second subset of records that are stored by a second storage server according to a second data set schema that is different than the first data set schema, the data set index employing a single indexing schema for the first and second subsets of records, the indexing schema decoupled from the first and second data set schemas; and
evaluate a query over the data set that involves the record by:
from the data set index, choosing a selected index that fulfills queries of a query type that matches the query;
using the selected index, identifying the storage server that stores the record; and
initiating a fulfillment of the query by the storage server.

US Pat. No. 11,030,184

SYSTEMS AND METHODS FOR DATABASE ACTIVE MONITORING

JPMORGAN CHASE BANK, N.A....

1. A method for database activity monitoring, comprising:in an information processing device comprising at least one computer processor:
a database monitor monitoring a plurality of user sessions associated with a database system, wherein the database system is monitored for abort statements, blocking user sessions, blocking on a system table, system database free space, excessive delay for one of the user session, and an availability of storage for user queries;
the database monitor accessing both a system property file of the database system and a session property file for each user session, the session property file comprising session data for each corresponding user session;
the database monitor comparing the session data to at least one threshold, wherein the at least one threshold is based on the session property file;
the database monitor executing an automated action for one of the user sessions in response to the session data breaching one of the thresholds, wherein the automated action comprises aborting one of the user sessions; and
the database monitor initiating an alert based on the breached threshold, wherein the alert comprises an identifier of the breached threshold, an identifier of the automated action, and an impact indicator of the user session or database system.

US Pat. No. 11,030,183

AUTOMATIC CONTENT-BASED APPEND DETECTION

DR HoldCo 2, Inc., Bosto...

33. A computer program product embodied in a tangible non-transitory computer readable storage medium and comprising computer instructions for:identifying, based at least in part on contents of a first data set comprising a first plurality of columns and contents of a second data set comprising a second plurality of columns:
a plurality of matching columns comprising:
one or more columns among the first plurality of columns; and
corresponding one or more matching columns among the second plurality of columns, wherein the one or more columns among the first plurality of columns and the corresponding one or more matching columns among the second plurality of columns have at least some matching content,
wherein identifying the plurality of matching columns comprises performing a clustering technique on an extracted plurality of features of cells in the first plurality of columns of the first data set and an extracted plurality of features of cells in the second plurality of columns of the second data set; and
a plurality of non-matching columns comprising:
one or more columns among the first plurality of columns, that are included in the first data set and that do not match with any columns among the second plurality of columns; and
one or more columns among the second plurality of columns, that are included in the second data set and that do not match with any columns among the first plurality of columns;
obtaining a specification of:
a selection of a first column among non-matching columns of the first data set to be appended to a second column among non-matching columns of the second data set, a selection of a first column among non-matching columns of the second data set to be appended to a second column among non-matching columns of the first data set, or both;
a change to the plurality of matching columns; or
both; and
appending at least a portion of the first data set and at least a portion of the second data set according to the plurality of matching columns and the specification, including:
appending at least some of the first one or more non-matching columns with at least some of the second one or more non-matching columns;
appending matching columns that are not subject to the change to the plurality of matching columns; or
both.

US Pat. No. 11,030,182

TIMESTAMP BLOCK ITERATOR

SAP SE, Walldorf (DE)

1. A system, comprising:at least one data processor; and
at least one memory storing instructions which, when executed by the at least one data processor, result in operations comprising:
iterating through at least a portion of a table stored in a database by at least identifying a first timestamp block associated with a first range of rows comprising at least the portion of the table;
in response to determining that the first timestamp block comprises a sparse timestamp block, storing timestamps associated with some but not all of a plurality of rows in the first range of rows, generating a bitmap including a plurality of binary values, each of the plurality of binary values corresponding to one of the plurality of rows in the first range of rows, and each of the plurality of binary values indicating whether the first timestamp block includes a timestamp associated with a corresponding one of the plurality of rows in the first range of rows;
iterating through the first range of rows by at least accessing, based at least on the bitmap, the first timestamp block to read or write at least a first timestamp associated with a first row in the first range of rows, the first timestamp further being associated with a first transaction; and
in response the first timestamp block having reached a maximum capacity during a writing of at least the first timestamp, allocating a second timestamp block for storing the first timestamp, the second timestamp block being a first dense timestamp block configured to store every timestamp associated with the first range of rows.

US Pat. No. 11,030,181

SYSTEMS AND METHODS FOR MULTI-BRAND EXPERIENCE IN ENTERPRISE COMPUTING ENVIRONMENT

OPEN TEXT SA ULC, Halifa...

1. A method for providing a multi-brand experience in a content management system, the method comprising:presenting a brand configurations page of a content management user interface to a brand configuration user of the content management system;
receiving, through the brand configurations page of the content management user interface from the brand configuration user of the content management system by a server machine embodying the content management system in an enterprise computing environment, a request to create a new brand, the new brand comprising a selection of settings defining a look and feel of a user interface of the content management system;
collecting, through the brand configurations page of the content management user interface, information inputted from the brand configuration user of the content management system, the collected information including a folder created for the new brand, a folder property set to the folder, a name of the new brand, a description of the new brand, and values relating to the settings defining the look and feel of the content management system;
creating, by the content management system, the new brand in response to the request received through the brand configurations page of the content management user interface from the brand configuration user based on the collected information from the brand configuration user;
presenting, through a display device, a user groups page of the content management user interface to the brand configuration user of the content management system;
receiving, from the brand configuration user of the content management system through the user groups page of the content management user interface, a selection of a user group in the enterprise computing environment to associate with the new brand;
associating, by the content management system, the selected user group with the new brand;
presenting, through the user groups page of the content management user interface, a branding tab for providing a list of brands with a respective description;
receiving, through the list of brands under the branding tab of the user groups page of the content management system, a selection of one or more settings for the user group associated with the new brand, wherein the one or more settings includes adding some brands from the list of brands to the user group;
storing, by the content management system, the selection of one or more settings for the user group associated with the new brand;
directing enterprise users of the content management system to a single instance of an entry point of the content management system regardless of user group affiliations;
presenting the single instance of the entry point as a login or portal page to an enterprise user on a client device in the enterprise computing environment;
receiving, through the login or portal page, login information from the enterprise user; and
responsive to the login information of the user, rendering a user interface of the content management system for the enterprise user according to the selection of one or more settings for the user group associated with the new brand based on a predetermined affiliation of the enterprise user with the user group such that different groups of enterprise users can experience totally different look and feel of the same single instance of the content management system.

US Pat. No. 11,030,180

INTRA-PLATFORM DATA MIGRATION

SALESFORCE.COM, INC., Sa...

1. A server of a database (DB) platform system, the server comprising:a network interface to communicate with a data storage system, the data storage system including a source DB and a target DB; and
a processor system coupled with a memory system and communicatively coupled with the network interface, the memory system to store program code comprising instructions, wherein execution of the instructions by the processor system is to cause the processor system to:
generate a unique external identifier (external_id) for each record in the source DB;
cause initiation of data migration of the records in the source DB to the target DB;
compare external_ids of records in the source DB to external_ids of records the target DB;
cause insertion, into the target DB, of records from the source DB not having corresponding external_ids in the target DB;
cause update of records in the target DB with records from the source DB having an external_id in the target DB; and
wherein the external_id of each record comprises a source identifier (source_id) combined with a record identifier (record_id), the source_id identifying a source of a corresponding record in the source DB, and the record_id uniquely identifying the corresponding record in the source DB.

US Pat. No. 11,030,179

EXTERNAL DATA ACCESS WITH SPLIT INDEX

Microsoft Technology Lice...

1. A method, comprising:employing at least one processor configured to execute computer-executable instructions stored in memory to perform the following acts:
creating an index in a primary data storage system describing data stored externally of the primary data storage system in a secondary data storage system, the secondary data storage system being a non-relational distributed file system;
during a period of time during which the index is available for execution with queries of the data within the non-relational distributed file system:
initiating execution of at least a portion of a query with the index over a first portion of the data described by a first portion of the index determined to be current and without the index over a second portion of the data described by a second portion of the index determined to be out of date by initiating a scan of the second portion of the data within the non-relational distributed file system to obtain a query response; and
performing an incremental update to the index for the second portion of the index describing the second portion of the data for which the scan was initiated.

US Pat. No. 11,030,178

DATA STORAGE METHOD AND APPARATUS

HUAWEI TECHNOLOGIES CO., ...

1. A data storage method, comprising:obtaining a primary index of a data object, wherein each row identifier of the primary index comprises a first field, a second field, a third field, a fourth field, and a fifth field, and wherein the first field comprises a first index field for the primary index;
generating a secondary index of the data object according to the row identifier of the primary index, wherein each row identifier of the secondary index comprises the first field, the second field, and the third field, wherein the second field comprises a second index field for the secondary index, wherein the first index field and the second index field are different, and wherein each row identifier of the secondary index does not comprise the fourth field and the fifth field; and
storing the data object according to the primary index and the secondary index.

US Pat. No. 11,030,177

SELECTIVELY SCANNING PORTIONS OF A MULTIDIMENSIONAL INDEX FOR PROCESSING QUERIES

Amazon Technologies, Inc....

1. A system, comprising:a memory to store program instructions which, if performed by at least one processor, cause the at least one processor to perform a method to at least:
receive, at a database client that implements a multidimensional query engine, a first query from an application directed to a multidimensional index for a database table, wherein the first query includes one or more predicates for one or more dimensions of a plurality of dimensions included in the multidimensional index, and wherein the multidimensional index is generated from the plurality of dimensions according to a space filling curve;
in response to receiving the first query at the database client:
identify, by the database client, one or more dimensional ranges of the one or more dimensions that satisfy the predicates;
identify, by the database client, a range of the multidimensional index to scan for processing the first query based, at least in part, on the identified dimensional ranges, wherein the range of the multidimensional index comprises a plurality of different portions, each including one or more multidimensional index values that satisfy the predicates, and an another portion, adjacent to at least some of the different portions, not including multidimensional index values that satisfy the predicates, and wherein boundaries of the different portions are determined at least in part by the dimensional ranges that satisfy the predicates;
send a request from the database client to a processing node of a database service, the request causing the processing node to access storage that stores the database table to perform a scan of respective items mapped to the different portions of the range of the multidimensional index to apply the first query, wherein the request from the database client comprises an initial multidimensional index value and a filter for the items incorporating the dimensional ranges;
upon receipt of a result of the performance of the scan of the respective items of at least one of the different portions of the range:
determine, by the database client based at least in part on the received result, that a next multidimensional index value to scan lies within the other portion of the range adjacent to the one portion of the range, wherein the next multidimensional index value is not within the dimensional ranges, and wherein the received result excludes items determined, according to the filter, not to satisfy the first query; and
in response to the determination that the next multidimensional index value is not within the dimensional ranges, skip the other portion of the range; and
provide a result of the first query according to the performance of the scans of the respective items of the different portions of the range.

US Pat. No. 11,030,176

DISTRIBUTED STORAGE OF METADATA FOR LARGE BINARY DATA

eBay Inc., San Jose, CA ...

1. A distributed storage system comprising:one or more processors; and
a non-transitory machine-readable medium storing instructions that, when executed by the one or more processors, cause the one or more processors to perform operations comprising:
receiving a request for a logical object that is comprised of binary data and metadata describing characteristics of the binary data, the request including an identifier associated with the logical object;
storing a plurality of replica sets that each include a replica of the metadata, each replica of the metadata being associated with a corresponding storage partition identifier;
determining, based on the identifier associated with the logical object, mapping information that indicates a first storage location at which the metadata is stored, the first storage location comprising one of the storage partition identifiers;
accessing, based on the mapping information, the metadata from the first storage location by transmitting a request to the one of the storage partition identifiers, the accessed metadata including location information that indicates a second storage location at which the binary data is stored;
subsequent to accessing the metadata from the first storage location, accessing, based on the location information that is included in the metadata, the binary data from the second storage location; and
in response to the request, returning the binary data accessed from the second storage location and at least a portion of the metadata accessed from the first storage location.

US Pat. No. 11,030,175

BLOCKCHAIN BASED HIERARCHICAL DATA STORAGE

Advanced New Technologies...

1. A blockchain-based hierarchical storage method comprising:generating, for a target level of storage, an empty data worksheet in response to determining that the target level of storage meets a data migration condition;
storing at least a portion of a first state Merkle tree corresponding to a newly created block of a blockchain to the empty data worksheet;
migrating a second state Merkle tree corresponding to a target block stored in a data worksheet to the empty data worksheet, wherein the target block has a largest block number among block numbers of blocks corresponding to state Merkle trees stored in the target level of storage; and
after migrating the second state Merkle tree corresponding to the target block, migrating the state Merkle trees stored in the data worksheet to a lower level of storage than the target level of storage, wherein the lower level of storage has lower storage cost.

US Pat. No. 11,030,174

QUANTIZED TIME RANGE INDEXING FOR OUT OF ORDER EVENT COLLECTIONS

Amazon Technologies, Inc....

1. A computer-implemented method, comprising:obtaining a set of log data;
identifying a beginning timestamp and an end timestamp associated with the set of log data;
generating an index for the set of log data by at least:
encoding bits associated with the beginning timestamp to generate an encoded beginning timestamp and encoding the end timestamp to generate an encoded end timestamp;
determining a maximum prefix length between the encoded beginning timestamp and the encoded end timestamp, wherein the determination is performed by at least comparing the bits associated with the encoded beginning timestamp and the encoded end timestamp;
interweaving, based at least in part on the determination, the encoded beginning timestamp and the encoded end timestamp using a tristate representation to result in an index value prefix;
padding the index value prefix to generate an index value; and
adding the index value to the index; and
using the index to satisfy a query request to locate log data, the query request including information indicating a start and an end time.

US Pat. No. 11,030,173

REPORT ACCELERATION USING INTERMEDIATE RESULTS IN A DISTRIBUTED INDEXER SYSTEM

Splunk, Inc., San Franci...

1. A method, comprising:partitioning a plurality of time-stamped events into a plurality of partitions, each event having associated therewith a portion of raw data and a timestamp extracted thereform, wherein each partition of the plurality of partitions comprises a subset of the plurality of time-stamped events;
calculating, by an indexer of a plurality of distributed indexers, an intermediate result on event data extracted from a partition of the plurality of partitions the calculating performed responsive to a determination that the event data is reducible for a query, wherein reducible event data is operable to be reused for subsequent queries, and wherein the intermediate result comprises information responsive to recurring instances of the query; and
generating a report by based on a partial result produced by the indexer combined with a partial result produced by at least one other indexer from the plurality of distributed indexers operating on a different partition of the plurality of partitions, wherein the partial result produced by the indexer is determined using the intermediate result.

US Pat. No. 11,030,172

DATABASE ARCHIVING METHOD AND DEVICE FOR CREATING INDEX INFORMATION AND METHOD AND DEVICE OF RETRIEVING ARCHIVED DATABASE INCLUDING INDEX INFORMATION

ARMIQ Co., Ltd., Seoul (...

1. A database archiving and retrieving method for a database, the database archiving method comprising:selecting at least one record group including a plurality of records from an original table of the database in which data is archived, based on information on a field value of each of the at least one record group;
storing group compression data compressed to be created for the each of the at least one record group and a stored key value uniquely assigned to the group compression data, in a compression table of the database;
storing the field value and the stored key value corresponding to the each of the at least one record group, in a group index table; and
deleting the plurality of records included in the at least one selected record group from the original table;
storing a primary key value, key index information which is a position in the group compression data, and information on a stored key value corresponding to the group compression data, with respect to each of records included in the original table, in a key index table;
when there is at least one connected table which is connected with the original table by means of the primary key, with respect to second group compression data which is created by compressing a plurality of records in the at least one connected table, retrieving a record having the same primary key value as a record including in the original table, among a plurality of records included in the second group compression data; and
further storing sub-index information which is a position in the second group compression data with respect to the retrieved record having the same primary key value on the key index table; and
retrieving records satisfying a retrieving condition in parallel, based on a determined number of DB retrieving processes,
wherein the retrieving of the records in parallel is performed further based on the stored key value, the key index information, the sub-index information, and the second group compression data.

US Pat. No. 11,030,171

ELASTIC SHARDING OF DATA IN A MULTI-TENANT CLOUD

Ariba, Inc., Sunnyvale, ...

1. A method comprising:receiving, via a computer network, first primary data from a first tenant;
receiving first auxiliary data relating to the first primary data from the first tenant;
creating, using one or more hardware processors, a first index for the first primary data and the first auxiliary data from the first tenant;
storing, in a memory, the first index as a first shardlet;
bundling the first shardlet with one or more other shardlets for the first tenant in a first shard group for the first tenant, causing the first shard group to contain a plurality of shardlets for the first tenant;
receiving second primary data from a second tenant in the computer network;
receiving second auxiliary data relating to the second primary data from the second tenant;
creating, using the one or more hardware processors, a second index for the second primary data and the second auxiliary data from the second tenant;
storing, in the memory, the second index as a second shardlet;
bundling the second shardlet with one or more other shardlets for the second tenant in a second shard group, causing the second shard group to contain a plurality of shardlets for the second tenant;
packing the first shard group and second shard group in a first shard, causing the first shard to contain the plurality of shardlets for the first tenant and the plurality of shardlets for the second tenant;
storing the first shard in a first instance of a distributed database, the distributed database comprising a plurality of instances, each instance operating on a different logical or physical device;
distributing the first shard to a first search core;
distributing a second shard to a second search core;
receiving a first search request;
determining that the first search request involves data located at an index included as a shardlet in a shard group in the first shard; and
in response to the determining, forwarding the first search request to the first search core in lieu of the second search core.

US Pat. No. 11,030,170

SYSTEMS AND METHODS FOR SCALABLE DELOCALIZED INFORMATION GOVERNANCE

Nuix Pty Ltd, Sydney (AU...

1. A method for indexing a storage system, the method comprising:analyzing a storage system comprising a plurality of items, wherein the plurality of items includes at least one of email accounts; documents; folders; and items that are not text-searchable held in email system files or document management systems, each item stored in one of a plurality of data centers, by accessing each item within the data center where that item is stored;
determining whether to index at least one of the plurality of items using a first process, wherein the first process determines whether to index an item directly, or to index the at least one of the plurality of items using a second process, each of the first and second processes being executed in a cloud computer service;
indexing the at least one of the plurality of items using the first process or the second process in the cloud computer service, wherein indexing items that are not text searchable comprises performing a character recognition operation on those items to generate text and identifying character strings within the text; and
collecting results from the indexing at a control system; and providing a master index comprising all of the results, thereby allowing a user to find material within the storage system by using the master index.

US Pat. No. 11,030,169

DATA RE-SHARDING

Amazon Technologies, Inc....

1. A system, comprising:one or more computer systems comprising computer hardware configured to implement a resource manager to:
cause a set of shards of a common dataset to be stored in storages of a first set of computing nodes;
determine a number of new shards to add for the common dataset, wherein the number is determined based on a current number of shards in the set and is less than the current number; and
create the determined number of new shards for the common dataset, wherein create the determined number of new shards for the common dataset comprises:
identify an equivalent number of existing shards from the set of shards as a sub-set of shards to split;
cause only each shard of the sub-set of the set of shards stored in the storages of the first set of computing nodes to be split into a first portion and a second portion; and
cause only the second portions of the first and second portions to be stored in storages of a second set of computing nodes.

US Pat. No. 11,030,168

PARALLELIZATION OF ORDER DEPENDENT PROCEDURES DURING SOFTWARE CHANGE PROCESSES

SAP SE, Walldorf (DE)

1. A system, comprising:at least one data processor; and
at least one memory storing instructions which, when executed by the at least one data processor, cause operations comprising:
receiving, by a transport processor of an application server and via a client interface associated with the application server, a request to transport data;
generating, at least in part by the transport processor, a dependency table comprising a plurality of procedures for executing the request;
generating, by the transport processor, a dependency tree based on the dependency table, the dependency tree comprising at least one independent string of procedures from the plurality of procedures, the dependency tree indicating the order that the plurality of procedures will be executed by the transport processor; and
executing, by the transport processor, the dependency tree.

US Pat. No. 11,030,167

SYSTEMS AND METHODS FOR PROVIDING DATA QUALITY MANAGEMENT

Capital One Services, LLC...

1. A system for providing data quality management, the system comprising:at least one memory storing instructions; and
at least one processor connected to a network and executing the instructions to perform operations comprising:
extracting a plurality of first data elements from a data source;
generating a data profile based on the first data elements;
creating, by a machine learning algorithm and based on a property of the first data elements, a first set of rules for assessing data quality of the first data elements;
generating a second set of rules based on the first data elements and the first set of rules;
extracting a plurality of second data elements;
assessing the second data elements based on a comparison of the second data elements to the second set of rules;
detecting a plurality of defects based on the comparison, at least one of the detected defects including an event;
determining, using a decision tree algorithm, data quality according to the detected defects, the data quality comprising a pocket of defect concentration; and
transmitting instructions, to a client device, to display a representation of the determined pocket of defect concentration in a user interface of the client device.

US Pat. No. 11,030,166

SMART DATA TRANSITION TO CLOUD

ACCENTURE GLOBAL SOLUTION...

1. A system for migrating data from a source data warehouse to a cloud environment, the system comprising:a processor;
a location recommender coupled to the processor to:
store data type connection information;
predict a location in the cloud environment based on the migrating data; and
predict query performance of the cloud environment and classify tables in the source data warehouse based on query usage, wherein the location recommender predicts the location based on a table accessed by a referential key and wherein the query performance is determined prior to migration to a target data warehouse based on a source database query execution time; and
a data identifier coupled to the processor to:
provide data values based on historical data pertaining to past migration of the cloud, wherein the historical data is to train models for examining the data, executing queries, and responding to the queries, the models being generated based on data and metadata corresponding to the tables;
identify incorrect and sensitive data;
obfuscate the incorrect and the sensitive data; and
load the migrating data on the cloud environment.

US Pat. No. 11,030,165

METHOD AND DEVICE FOR DATABASE DESIGN AND CREATION

Wipro Limited, Bangalore...

1. A method of database design and creation, the method comprising:determining, by a database creation device, ranks for each of a plurality of variables in each of a plurality of databases based on at least one attribute associated with each of the plurality of variables;
arranging, by the database creation device, each of the plurality of variables in a sequence of arrangement with respect to an associated database from the plurality of databases;
computing, by the database creation device, a correlation coefficient between the plurality of variables across the plurality of databases based on the ranks and the sequence of arrangement, wherein computing the correlation coefficient comprises identifying difference between the ranks for each of the plurality of variables across the plurality of databases, when the plurality of variables of a database is arranged in a same sequence of arrangement as the plurality of variables in another database, wherein the correlation coefficient measures the strength of association between two variables;
while the correlation coefficient is less than zero:
iteratively performing the arranging and the computing until the correlation coefficient is equal to or greater than zero;
determining, by the database creation device, when the correlation coefficient is positive, that a relationship exists between one or more of the plurality of variables across the plurality of databases; and
creating, by the database creation device, a database using the plurality of databases based on the relationship, when the relationship exists between the one or more of the plurality of variables.

US Pat. No. 11,030,164

ARTIFACT DEPLOYMENT FOR APPLICATION MANAGED SERVICE INSTANCES

SAP SE, Walldorf (DE)

1. A computer-implemented method, comprising:executing a first instance of a deployer application in a non-server mode to deploy shared artifacts to a shared service instance, wherein the shared service instance is accessible to each tenant of a multi-tenant application;
ending execution of the first instance of the deployer application after the shared artifacts have been deployed to the shared service instance;
executing a second instance of the deployer application in a server mode, wherein the second instance of the deployer application is configured to deploy tenant-specific artifacts for the multi-tenant application;
receiving a first onboarding request for a first tenant for the multi-tenant application;
creating, in response to the first onboarding request, a first service instance for the first tenant;
receiving, by the second instance of the deployer application, a first request to deploy tenant-specific artifacts to the first service instance; and
deploying, by the second instance of the deployer application, the tenant-specific artifacts to the first service instance.

US Pat. No. 11,030,163

SYSTEM FOR TRACKING AND DISPLAYING CHANGES IN A SET OF RELATED ELECTRONIC DOCUMENTS

Workshare, Ltd., London ...

1. A method executed by a computer system for displaying changes in a plurality of related documents, comprising:receiving an input representing the selection of a plurality of documents that are related in a group, where each of the plurality of documents is comprised of at least a first version file and a second version file;
using the selection input to automatically select the plurality of documents that comprise the group;
for each selected document among the plurality of documents that comprise the group, selecting the first version file and the second version file using a predetermined version selection rule, the plurality of documents including at least a first document and a second document, the first document having a first pair of first and second version files, the second document having a second pair of first and second version files;
executing a plurality of document comparisons to detect changes between each pair of selected first version files and selected second version files, each comparison corresponding to each selected document in the group, the changes including (i) changes between the first and second version files of the first pair of the first document and (ii) changes between the first and second version files of the second pair of the second document;
generating and storing a display output data structure comprised of data representing the detected changes;
using the display output data structure to display on a computer screen data formatted to position together on the display, for each pair of the selected first and second version files, the detected changes corresponding to each of the plurality of documents;
automatically parsing the second version files of a group of documents to identify locations in the group of documents of at least one of definitions or section references;
inserting into the output data references to the identified locations;
automatically parsing text to determine the locations in a first or second version of a document where the text is comprised of two regions that represent two definitions where the definitional portion of the text is different; and
inserting into the output data file a reference to the document indicating a definition inconsistency.

US Pat. No. 11,030,162

DISTRIBUTED PROCESSING MANAGEMENT METHOD AND DISTRIBUTED PROCESSING MANAGEMENT APPARATUS

FUJITSU LIMITED, Kawasak...

1. A distributed processing management method comprising:extracting, by a processor, a reference item name of a reference item that is referenced in processing from among a plurality of items of each of a plurality of records by analyzing a source file of a processing program describing the processing, the processing being performed on the plurality of records, the plurality of records being distributed and stored in a plurality of servers;
generating, by the processor, a deletion program describing a process of deleting, from the records to be transmitted, data of a non-reference item that has an item name other than the reference item name;
generating, by the processor, an insertion program describing a process of inserting, in each of the records with data of the non-reference item deleted therefrom, dummy data in a position where the data of the non-reference item was located; and
causing, by the processor, the plurality of servers to execute the processing on the plurality of records in a distributed manner, based on the processing program, the causing including:
before transmitting any of the plurality of records, causing the servers to delete data of the non-reference item from each of the records to be transmitted, according to the deletion program,
causing the servers to transmit the plurality of records with the data of the non-reference item deleted therefrom via a network,
causing the servers to receive the plurality of records with the data of the non-reference item deleted therefrom, each of the servers receiving a record transmitted from another server via the network, and
causing the servers to insert the dummy data in a position in each of the received records where the data of the non-reference item was located, based on the insertion program, the received records into which the dummy data is inserted having a same data structure as the plurality of records before deletion of the data of the non-reference item,
wherein:
the extracting includes, when the source file specifies the reference item that is referenced in the processing from among a plurality of items that occur repeatedly with the reference item name in each of the plurality of records, by specifying an occurrence number indicating an order of the reference item among the plurality of items in each of the plurality of records, extracting the reference item name with the occurrence number of the reference item added thereto; and
the generating the deletion program includes specifying, as a non-reference item, an item other than the item that occurs in an ordinal position indicated by the occurrence number from among the plurality of items that occur repeatedly with the reference item name.

US Pat. No. 11,030,161

BLOCKCHAIN SCALING METHOD AND BLOCKCHAIN SCALING APPARATUS

EXOSITE LLC, Minneapolis...

1. A blockchain scaling method, comprising:determining, by a processor, whether a transaction parameter of a block generating process in an original chain exceeds a threshold, wherein the transaction parameter is a block fill rate being a ratio of a current block size of the original chain and a maximum block size of the original chain;
stopping, by the processor, the original chain when the transaction parameter exceeds the threshold; and
generating, by the processor, a pair of sub-chains when the original chain is stopped, wherein each of the two sub-chains comprises same previous block information corresponding to the original chain and a sub-chain identification.

US Pat. No. 11,030,160

PROJECTING THE EFFECTS OF IMPLEMENTING VARIOUS ACTIONS ON A STORAGE SYSTEM

Pure Storage, Inc., Moun...

1. A method of proactive management in a multi-array system, the method comprising:receiving, at a storage array services provider from a plurality of storage arrays of the multi-array system, one or more performance metrics;
comparing one or more performance metrics of a particular storage array in the plurality of storage arrays to one or more corresponding performance metrics of other storage arrays in the plurality of storage arrays;
identifying, based on the comparison, one or more actions for improving one or more conditions of the particular storage array; and
presenting one or more projected effects of implementing the one or more actions on the storage array.

US Pat. No. 11,030,159

SYSTEM AND METHODS FOR IMPLEMENTING A SERVER-BASED HIERARCHICAL MASS STORAGE SYSTEM

Microsoft Technology Lice...

1. A method comprising:in a system connected to a network connection and comprising a hierarchical storage stack for storing data, wherein the hierarchical storage stack comprises a local data storage layer for storing data locally in the system and a remote data storage layer that stores data with a remote data storage service;
receiving a request to back-up a data volume;
creating a snapshot volume of the data volume in the system, wherein the snapshot volume comprises a set of data chunks and wherein creating the snapshot volume comprises:
dividing a first set of data chunks into a first set of data slices, creating a first set of data slice fingerprints for said first set of data slices, and placing said first set of fingerprints in said fingerprint data map; and
copying a second set of existing data slice fingerprints for a second set of existing data slices from a second set of data chunks in said snapshot volume; and
copying data from the snapshot volume stored in the local data storage layer to the remote data storage service.

US Pat. No. 11,030,158

IMPROVING PERFORMANCE OF ASYNCHRONOUS REPLICATION IN HSM INTEGRATED STORAGE SYSTEMS

International Business Ma...

1. A computer program product comprising a computer readable storage medium having a computer readable program stored therein, wherein the computer readable program, when executed on a computing device, causes the computing device to:for a given file to be replicated from a primary storage system to a remote storage system, access the remote storage system to determine file existence and migration status at the remote storage system for the given file;
responsive to the primary storage system determining that the given file exists at the remote storage system and has been migrated from first tier storage to second tier storage at the remote storage system, determine a first performance penalty value representing a first performance cost for recall of the given file from the second tier storage to the first tier storage at the remote storage system and a second performance penalty value representing a second performance cost for sending whole file data of the given the from the primary storage system to the remote storage system; and
responsive to the primary storage system determining that the first performance penalty is greater than the second performance penalty, send whole file data for the given file from the primary storage system to the remote storage system to replicate the given file at the remote storage system.

US Pat. No. 11,030,157

TEMPLATE BASED DATA REDUCTION FOR COMMERCIAL DATA MINING

NEC Corporation

1. A method for mining commercial data, including:mining commercial activity data from a network of point of sale devices, the commercial activity data including at least one type of independent commercial event and corresponding dependent features;
continuously collecting and compressing a stream of the commercial activity data from the network of point of sale devices with a middleware system;
concurrently storing in a database compressed commercial activity data corresponding to the commercial activity data of the stream, wherein compressing the stream includes producing compressible file access templates (CFATs) according to frequent patterns of commercial activity data and replacing dependent feature sequences with a matching compressible file access template; and
determining patterns in commercial activities across the network of point of sale devices using a commercial pattern analysis system.

US Pat. No. 11,030,156

KEY-VALUE STORE WITH PARTIAL DATA ACCESS

SANDISK TECHNOLOGIES LLC,...

1. A method comprising:receiving a data object for storage in a key-value store, the data object comprising a key and a value;
generating a plurality of block objects smaller than the data object, wherein:
each block object of the plurality of block objects comprises a new key and a new value, the new key based on the key for the data object and on metadata for the new value, the new value based on at least a portion of the value for the data object,
the new key comprises a start offset and an end offset for the new value, the start offset and the end offset appended to the key for the data object,
the start offset indicates a first byte location within the data object, and
the end offset indicates a second byte location within the data object; and
storing the plurality of block objects in the key-value store.

US Pat. No. 11,030,155

KEY VALUE FILE SYSTEM

Samsung Electronics Co., ...

1. A file system comprising:an application programming interface (API) configured to provide a file system access to an application running on a host computer;
a key value file system configured to represent a file or a directory as an inode including one or more key-value pairs;
a virtual file system configured to direct a file system call received from the application to the key value file system; and
a key value API configured to provide the file system access to data stored in a data storage device,
wherein each key-value pair contained in the inode includes a name of the file or the directory as a key and an identifier of a container that is associated with the file or the directory as a value,
wherein the data of the file is stored in the data storage device as being divided into one or more data blocks of a fixed size, and each of the one or more data blocks associated with the data of the file is accessible within the key value file system using the one or more key-value pairs,
wherein the data storage device stores the inode as a container inode or an inline inode depending on a predetermined number of entries in the inode, and
wherein the container inode includes one or more key-value pairs corresponding to each of the entries, and the inline inode includes a single key-value pair, a value of the single key-value pair includes a list of attributes corresponding to the entries.

US Pat. No. 11,030,154

FILE MANAGEMENT METHOD FOR SELECTING FILES TO PROCESS A FILE MANAGEMENT INSTRUCTION SIMULTANEOUSLY

NHN Entertainment Corpora...

1. A method performed by a digital device comprising a touch interface display apparatus to simultaneously process files displayed thereon, the method comprising:providing a file list of where a plurality of files are displayed in a first direction, at least a part of information of on each of the plurality of files are displayed on the file list in a second direction crossing the first direction;
tracing a first user input on a first file of the plurality of files, the first user input comprising a is movement of a user touch on the first file in the second direction;
displaying a command selection graphic user interface on a path of the movement of the first user input when a distance of the movement of the first user input is greater than a predetermined distance during tracing of the first user input, the command selection graphic user interface including provides a plurality of command icons each of which corresponds to one of a plurality of commands;
detecting a stop position stop of the movement of the first user input in on a command icon of the command selection graphic user interface, and determining a command corresponding to one of the command icons where the movement of the first user input stopped as an execution command; and
tracing a second user input comprising which is a movement of a user touch from on the one of command icons in the first direction;
detecting a stop position of the movement of the second user input in on a second file of the plurality of files, and executing the execution command for the first file, second file, and files displayed between the first file and the second file.

US Pat. No. 11,030,153

SYSTEM AND METHOD FOR STORING DATA WITH RULES ON CONTAINERS FOR COLLECTIONS OF DATA

1. A computer-implemented method for automatically filing data objects into containers comprising:importing a set of preprogrammed inclusion rules defining which data objects are included in a container and exclusion rules defining what data objects are excluded from a container;
correlating the inclusion and exclusion rules to containers in a data system organized by containers;
storing records of the inclusion and exclusion rules and the correlated containers in a database;
monitoring Operating System events signifying addition of a new data object into the data system;
upon addition of a data object into a data system organized by containers:
a) collecting pre-existing metadata from the data object;
b) extracting key information from content of the data object;
c) analyzing the key information by interpreting and classifying content to create enhanced metadata;
d) querying the database by performing phrase matching of the pre-existing metadata and enhanced metadata on the inclusion and exclusion rules;
e) retrieving a set of containers correlated with matching inclusion and exclusion rules;
f) said computer, automatically storing a persistent copy of the data object in any and all matching containers on a data storage.

US Pat. No. 11,030,152

EFFICIENTLY DELETING DATA FROM OBJECTS IN A MULTI-TENANT DATABASE SYSTEM

salesforce.com, inc., Sa...

1. A system comprising:one or more processors; and
a non-transitory computer readable medium storing a plurality of instructions, which when executed, cause the one or more processors to perform operations comprising:
receiving a first request to delete data related to a first data object of a plurality of data objects associated with a first organization in a multi-tenant database, the first request identifying a data structure that specifies values for one or more fields of the first data object, the first organization being a tenant of the multi-tenant database;
obtaining, based on the received first request, one or more characteristics of a first data store storing the first data object in the multi-tenant database;
determining, based on the obtained one or more characteristics, a first performance requirement associated with the first data store for identifying one or more records of the first data object in the first data store using the specified values included in the first request;
identifying the one or more records of the first data object based on a determination that the first performance requirement satisfies one or more rules; and
initiating a delete of the identified one or more records of the first organization by executing a delete operation of the identified one or more records stored in the first data store.