US Pat. No. 10,116,686

SYSTEMS AND METHODS FOR SELECTIVELY INSULATING A PROCESSOR

1. A method for protecting a computer processor system from a harmful communication session from a network linked to the processor system, by interrupting a stream of damaging data from the network, wherein the processor system includes a processor, the method comprising:disconnecting the processor from the network in response to a first event, wherein disconnecting the processor disrupts the continuity of the harmful communication session from the network to the processor, wherein the first event comprises no activity from a human operator interacting with the processor system for a random amount of time and the first event occurs independently of any data available to the processor system; and
resuming communication to the network by connecting the processor to the network in response to a second event, wherein both the first event and the second event are controlled by the processor system independent from the contents of the data received from the network.

US Pat. No. 10,116,685

SECURITY KEY DERIVATION IN DUAL CONNECTIVITY

Sun Patent Trust, New Yo...

1. A secondary base station apparatus, comprising:a transmitter, which, in operation, transmits a change request of a secondary security key to a master base station when a value of a COUNT exceeds a threshold value, wherein the secondary security key is a security key for the secondary base station apparatus;
a receiver, which, in operation, receives from the master base station an updated secondary security key, the updated secondary security key being derived at the master base station using an incremented freshness counter and a currently active security key of the master base station, without refreshing the current active security key of the master base station; and
control circuitry, which, in operation, computes a new encryption key for communication with a mobile terminal using the updated secondary security key.

US Pat. No. 10,116,683

COMPUTER SECURITY VULNERABILITY ASSESSMENT

OPSWAT, INC., San Franci...

1. A method comprising:receiving, by a computerized system, a binaries-to-vulnerabilities database, formed from a binaries-to-products database and a product-to-vulnerabilities database, that provides a correspondence between binary data and vulnerability data, the binary data including first binary hashes formed from a hash technique using strings of bits extracted from at least a portion of binary-level files of software products;
establishing, by the computerized system, a communication connection to a target device;
receiving, by the computerized system, binary files from the target device;
generating, by the computerized system, second binary hashes formed from the same hash technique using strings of bits extracted from at least a portion of the binary files;
scanning, by the computerized system using the binaries-to-vulnerabilities database, the second binary hashes to find matches between the second binary hashes and the first binary hashes; and
determining, by the computerized system, a known security vulnerability of the target device based on 1) results of the scanning and 2) the correspondence between the binary data and the vulnerability data.

US Pat. No. 10,116,682

SYSTEM AND METHOD FOR EVALUATING AND ENHANCING THE SECURITY LEVEL OF A NETWORK SYSTEM

SPHERIC SECURITY SOLUTION...

1. A method for evaluating a security level of a network system, the method being implemented by one or more processors and comprising:identifying a plurality of security elements of the network system;
determining a security architecture of the network system based on the identified plurality of security elements;
wherein determining the security architecture includes implementing a security model that identifies a plurality of pre-determined relationships as between individual security elements in the plurality of security elements, in connection with possible types of threats to the network system and one or more types of assets that can be exposed as a result of a breach;
evaluating the security architecture to determine an evaluation for the network system, the evaluation identifying a monetary value for a risk to the security network as a result of one or more security elements being breached;
determining a set of recommendations based at least in part on the evaluation, each recommendation in the set of recommendations identifying a new component to add to the security network to improve the evaluation of the security architecture;
wherein determining the set of recommendations includes determining the new component based at least in part on both the cost for implementing the new component on the network system as compared to the monetary value for the breach if the new component is not implemented; and
outputting the evaluation to a user, wherein the output includes the determined set of recommendations.

US Pat. No. 10,116,681

METHOD OF DETECTING SHARED VULNERABLE CODE

Denim Group, Ltd.

1. A method of detecting and analyzing vulnerable code shared between at least two applications comprising the steps of:creating a consolidated vulnerability database populated with at least one vulnerability testing result from each of the at least two applications wherein in each vulnerability result comprises a vulnerability type, filename, line number, and data/control flow elements;
identifying at least one shared vulnerability by:
comparing a first vulnerability testing result with the remaining vulnerability testing results within the consolidated vulnerability database and recording any vulnerability type, filename and line number matches as vulnerability location matches; and
comparing the number of data/control flow elements of the first vulnerability testing result with the remaining vulnerability testing results within the consolidated vulnerability database and recording any matches as data/control flow element matches;
analyzing the at least one shared vulnerability by:
assigning a confidence to the shared vulnerability based on the vulnerability location matches and the data/control flow element matches;
assigning a severity to the shared vulnerability type; and
assigning a criticality to each of the at least two applications from which the shared vulnerability originated from; and
creating a database of shared vulnerabilities wherein each shared vulnerability is risk-ranked and confidence-scored based on the confidence, the severity, and the criticality.

US Pat. No. 10,116,677

METHOD AND SYSTEM FOR UNIQUELY IDENTIFYING A USER COMPUTER IN REAL TIME USING A PLURALITY OF PROCESSING PARAMETERS AND SERVERS

THREATMETRIX PTY LTD, Ch...

1. A method for distinguishing a compromised client device from a masquerading device, the method comprising:capturing, by a hardware processor of one or more servers, a plurality of attributes from a network device connecting to a web service, each of the attributes representing a parameter, the plurality of parameters uniquely identifying the network device from a plurality of other networks devices;
maintaining the network device free from any software programs associated with the capturing of the plurality of attributes;
determining, by the hardware processor, a device identifier based on a programmatic transformation of the plurality of attributes captured from the network device;
comparing, by the hardware processor, the device identifier against at least one existing device identifier determined by the hardware processor, wherein the at least one existing device identifier is generated based on a programmatic transformation of a plurality of attributes captured from a respective device; and
determining, by the hardware processor, if the network device is compromised based at least in part the comparison between the device identifier and an existing device identifier.

US Pat. No. 10,116,676

APPARATUS AND METHODS FOR DATA COLLECTION, ANALYSIS AND SERVICE MODIFICATION BASED ON ONLINE ACTIVITY

Time Warner Cable Enterpr...

1. A method performed by a processing apparatus of an online service provider for modifying services based on collected data relating to online activity comprising:collecting a plurality of data;
using a computerized process to create data structures corresponding to a plurality of activity records for a plurality of subscribers based at least in part on the plurality of data, the data structures corresponding to the plurality of activity records being representative of online activity of the plurality of subscribers;
applying a weighting factor to individual ones of the data structures corresponding to the plurality of activity records, the applying of the weighting factor comprising (i) applying a negative weighting factor to the individual ones of the data structures corresponding to the plurality of activity records that are categorized as a negative activity type, and (ii) applying a positive weighting factor to the individual ones of the data structures corresponding to the plurality of activity records that are categorized as a positive activity type;
compiling an aggregate score for an individual subscriber based at least in part on the weighted data structures corresponding to the plurality of activity records;
comparing the aggregate score of the individual subscriber to a pre-determined threshold value; and
modifying services provided to the individual subscriber based at least in part on a result of the comparison of the aggregate score to the pre-determined threshold value.

US Pat. No. 10,116,674

FRAMEWORK FOR EXPLAINING ANOMALIES IN ACCESSING WEB APPLICATIONS

Citrix Systems, Inc., Fo...

1. A method for characterizing anomalous network traffic, comprising:receiving, by a device intermediary to a plurality of clients and a plurality of servers, network traffic, the network traffic including an anomaly;
determining, by the device, whether the network traffic satisfies at least one of the rules of a univariate policy based on a respective single independent network traffic feature, a first anomaly explanation associated with satisfying the at least one of the rules of the univariate policy;
determining, by the device, responsive to determining that the network traffic does not satisfy at least one of the rules of the univariate policy, that the network traffic satisfies a multivariate policy including a plurality of anomaly explanation tests, a second anomaly explanation associated with satisfying at least of the plurality of anomaly explanation tests;
selecting, by the device, responsive to determining that the network traffic satisfies the multivariate policy, the second anomaly explanation; and
generating, by the device, an anomaly explanation output including the selected second anomaly explanation.

US Pat. No. 10,116,673

SYSTEM AND METHOD FOR UPLOADING AND VERIFYING A DOCUMENT

STATE FARM MUTUAL AUTOMOB...

1. A computer implemented method comprising:receiving, at a first data server, a file uploaded from a client device, wherein the file is associated with an insurance company event;
determining, by a malware module of the first data server, whether the file contains a computer security threat;
transmitting the file to a second data server when it is determined that the file does not contain a computer security threat;
determining, by a conversion module of the second data server, whether the file is supported;
converting, by the conversion module of the second data server, the file into a converted file when it is determined that the file is not supported, wherein the converted file is supported;
flagging the converted file for association with an insurance company event; and
transmitting, by a hardware processor, the converted file to a permanent storage server.

US Pat. No. 10,116,672

DISTRIBUTED DENIAL-OF-SERVICE ATTACK DETECTION BASED ON SHARED NETWORK FLOW INFORMATION

International Business Ma...

1. A computer-implemented method for detecting distributed denial-of-service (DDoS) attacks, the computer-implemented method comprising:monitoring, by a first data processing system, current local network flow information corresponding to data packets received by the first data processing system via the network;
recording, by the first data processing system, the current local network flow information in a local flow information table;
generating, by the first data processing system, a current local network flow information message containing the current local network flow information;
computing, by the first data processing system, a hash value of the current local network flow information message;
broadcasting, by the first data processing system, the current local network flow information message to a plurality of randomly selected data processing systems connected to the network based on the hash value of the current local network flow information message, wherein each data processing system has a corresponding node, and each node shares their respective local flow information with other data processing nodes randomly;
analyzing, by a first data processing system, current aggregated flow information for a defined period of time, wherein the current aggregated flow information is a real-time current snapshot of an amount of network data packets flowing to the second data processing system from a plurality of different data processing systems via the network for the defined period of time, and the defined period of time represents a predetermined time interval threshold for when the first data processing system (i) transmits the current local network flow information recorded in the local flow information table to randomly selected other data processing systems connected to the network, and (ii) aggregates current local network flow information messages received from the other data processing systems;
determining, by the first data processing system, whether network flow increased above a defined flow threshold value to a second data processing system connected to a network within the defined period of time based on the analyzing of the current aggregated flow information;
responsive to the first data processing system determining that the network flow has increased above the defined flow threshold value to the second data processing system connected to the network within the defined period of time, determining, by first the data processing system, that the second data processing system is under a DDoS attack and transmitting a notification to the second data processing system indicating that the second data processing system is under a DDoS attack;
determining, by the first data processing system, whether the network flow increased above the defined flow threshold value to the first data processing system, itself, within the defined period of time based on the analyzing of the current aggregated flow information; and
responsive to the first data processing system determining that the network flow has increased above the defined flow threshold value to the first data processing system, itself, within the defined period of time, determining, by the first data processing system, that the first data processing system is under the DDoS attack, and performing, by the first data processing system, mitigation steps to halt the DDoS attack on the first data processing system.

US Pat. No. 10,116,671

DISTRIBUTED DENIAL-OF-SERVICE ATTACK DETECTION BASED ON SHARED NETWORK FLOW INFORMATION

International Business Ma...

1. A data processing system for detecting distributed denial-of-service (DDoS) attacks, the data processing system comprising:a bus system;
a storage device connected to the bus system, wherein the storage device stores program instructions; and
a processor connected to the bus system, wherein the processor executes the program instructions to:
monitor, by a first data processing system, current local network flow information corresponding to data packets received by the first data processing system via the network;
record, by the first data processing system, the current local network flow information in a local flow information table;
generate, by the first data processing system, a current local network flow information message containing the current local network flow information;
compute, by the first data processing system, a hash value of the current local network flow information message;
broadcast, by the first data processing system, the current local network flow information message to a plurality of randomly selected data processing systems connected to the network based on the hash value of the current local network flow information message, wherein each data processing system has a corresponding node, and each node shares their respective local flow information with other data processing nodes randomly;
analyze current aggregated flow information for a defined period of time, wherein the current aggregated flow information is a real-time current snapshot of an amount of network data packets flowing to the second data processing system from a plurality of different data processing systems via the network for the defined period of time, and the defined period of time represents a predetermined time interval threshold for when the first data processing system (i) transmits the current local network flow information recorded in the local flow information table to randomly selected other data processing systems connected to the network, and (ii) aggregates current local network flow information messages received from the other data processing systems;
determine whether network flow increased above a defined flow threshold value to a second data processing system connected to a network within the defined period of time based on analyzing the current aggregated flow information;
determine that the second data processing system is under a DDoS attack in response to determining that the network flow has increased above the defined flow threshold value to the second data processing system connected to the network within the defined period of time and transmit a notification to the second data processing system indicating that the second data processing system is under a DDoS attack;
determine, by the first data processing system, whether the network flow increased above the defined flow threshold value to the first data processing system, itself, within the defined period of time based on the analyzing of the current aggregated flow information; and
responsive to the first data processing system determining that the network flow has increased above the defined flow threshold value to the first data processing system, itself, within the defined period of time, determine, by the first data processing system, that the first data processing system is under the DDoS attack and perform, by the first data processing system, mitigation steps to halt the DDoS attack on the first data processing system.

US Pat. No. 10,116,670

EVENT SPECIFIC RELATIONSHIP GRAPH GENERATION AND APPLICATION IN A MACHINE DATA PROCESSING PLATFORM

SPLUNK INC., San Francis...

1. A method comprising:receiving, by a computer system, raw machine data produced by an information technology environment, the raw machine data indicative of activity of one or more components of the information technology environment;
wherein the received raw machine data include a plurality of data units, wherein the raw machine data in each data unit of the plurality of data units includes data indicative of an activity, entities that participated in the activity, and a timestamp for the activity;
for each data unit of the plurality of data units, by the computer system,
identifying a relationship between the entities indicated in the data unit, the relationship indicative of the activity indicated in the data unit, and
annotating, by using a data structure corresponding to a graph, the raw machine data in the data unit to incorporate data indicative of the relationship into the raw machine data in the data unit; and
providing, to an anomaly detection module, each of the plurality of data units including annotated raw machine data, for detection of a security-oriented anomaly in the information technology environment,
wherein the anomaly detection module is in a real-time path or a batch path, and wherein information regarding identified security-oriented anomalies is shared between the real-time path and the batch path.

US Pat. No. 10,116,669

DETECTING AND MITIGATING WARDRIVING

CA, Inc., New York, NY (...

1. A method comprising:based on detecting a first device attempting to access a network through a wireless access point,
instructing the first device to emit a light; and
activating a set of light detection sensors to detect light emitting from the first device, wherein the set of light detection sensors are distributed throughout a physical space; and
based on determining that light corresponding to the first device was not detected by at least one of the set of light detection sensors,
notifying the wireless access point that the first device was not detected;
determining, by the wireless access point, that the first device is unauthorized to access the network; and
securing the network against access by the first device.

US Pat. No. 10,116,668

SYSTEM AND METHOD FOR ENHANCED DISPLAY-SCREEN SECURITY AND PRIVACY

International Business Ma...

1. A security method comprising: assigning a sensitivity value for a communication with a sensitivity determining module including at least one hardware processor, wherein when the communication includes keywords in a sequence wherein the sequence of fragments includes changing an order of letters in each word of the communication except for a first and last letter of the word, and designated as being sensitive when the sensitivity value is greater than a threshold sensitivity level, and when the communication does not include said keywords designated as being sensitive, the sensitivity values is less than the threshold sensitivity level; formatting said communication for display, wherein when said sensitivity value exceeds the threshold sensitivity level, the communication is parsed into a sequence of fragments; and transmitting the communication as the sequence of fragments when said sensitivity value exceeds the threshold sensitivity level.

US Pat. No. 10,116,667

SYSTEM FOR CONVERSION OF AN INSTRUMENT FROM A NON-SECURED INSTRUMENT TO A SECURED INSTRUMENT IN A PROCESS DATA NETWORK

BANK OF AMERICA CORPORATI...

1. A system for validating resource availability using a block chain distributed network, the system comprising: a memory device with computer-readable program code stored thereon: a communication device; a processing device operatively coupled to the memory device and the communication device, wherein the processing device is configured to execute the computer-readable program code to:generate an availability check configuration for confirming resource availability from an originating entity by receiving information corresponding to available resources associated with the user and updating real time resource availability of user resources on a distributed ledger shared between one or more nodes, wherein the resources associated with the user are processed to the distributed ledger as a token representing a user name and account number comprising the resource availability, wherein the token is associated with the account number via a resource application associated with a financial institution;
receive, physically or electronically, an instrument for resource distribution usage by a user, wherein the instrument is received at the one or more nodes associated with the block chain distributed network;
extract and read data from a scanned or electronic copy of the instrument including a resource distribution amount and a user associated with the instrument, wherein the data is stored at the one or more nodes;
integrate the one or more nodes of the block chain distributed network into resource distribution channel systems to identify available resources associated with the user and provide a real-time resource availability of fluctuations to the distributed ledger validate the instrument against the block chain distributed network, wherein validating the instrument confirms instrument validity for the resource distribution;
confirm resource availability for the resource distribution amount of the instrument by generating a confirmation issued by the originating entity;
marking on the distributed ledger of the block chain distributed network the resource distribution amount required as unavailable;
convert the instrument to a validated secure instrument based on marking on the block chain distributed network the resource distribution amount as unavailable;
and communicate the converting to a receiver of the instrument for completion of the resource distribution.

US Pat. No. 10,116,666

SECURE DEBUG TRACE MESSAGES FOR PRODUCTION AUTHENTICATED CODE MODULES

Intel Corporation, Santa...

1. A computer-implemented method comprising:defining an authenticated code module (ACM) extension module, implemented at least partly in one or more of configurable logic or fixed functionality logic hardware, using an entry of a Firmware Interface Table (FIT) that contains a starting address of the ACM extension module, wherein the starting address is located outside of a protected boot block to enable secure output of debug messages and limit an amount of information potentially revealed about the ACM; and
extending a capability of an authenticated code module (ACM) by using the ACM extension module while reducing a boot block footprint of the ACM.

US Pat. No. 10,116,665

SECURED DISTRIBUTED COMPUTING ACROSS MULTIPLE FIREWALLS

THE BOEING COMPANY, Chic...

1. A method comprising:authenticating a user, by a computing device in a first private domain of an information network, by validating authentication information provided by the user when logging into the first private domain;
generating, by the computing device based on successfully validating the authentication information provided by the user when logging into the first private domain, a user identifier (“ID”) for the user;
providing, by the computing device, the user ID identifier (“ID”) to the user;
providing to the user, by the computing device, a first session ID;
receiving from the user, by the computing device,
a service call for a first analytic service residing in the first private domain, the service call including the user ID and the first session ID;
verifying, by the computing device, the first session ID received in the service call;
verifying, by the computing device, the user ID received in the service call;
providing, by the computing device, via a public domain of the information network, a service message for a second analytic service residing in a second private domain of the information network, the service message including the user ID, the first session ID, and job information for the second analytic service;
receiving, by the computing device, via the public domain, a first verification message from the second private domain, the first verification message including the user ID, the first session ID, and a second session ID;
validating, by the computing device, the user ID and the first session ID included in the first verification message;
providing, by the computing device, via the public domain, a second verification message, the second verification message including the user ID, the first session ID, and the second session ID; and
receiving, by the computing device, via the public domain, a response message from the second private domain, the response message including information determined by the second analytic service based on the job information in the service message.

US Pat. No. 10,116,664

AUTHORIZATION POLICY FOR GROUP-CENTRIC SECURE INFORMATION SHARING

1. An authorization engine for enforcing a group-centric secure authorization policy, the authorization engine comprising:a processor accessible by a user and configured to execute instructions;
a memory containing an access-limited object and further containing executable instructions configured to instruct the processor to execute a stateful security policy, including the operations:
define a group;
receive a join command wherein the user joins the group as a member;
receive a leave command wherein the user leaves the group;
receive an add command wherein the object is added to the group as to be in the group;
receive a remove command wherein the object is removed from the group; and
authorize the user to access the object only when the user is a member of the group and the object is in the group;
wherein the stateful security policy is based on an authorization equivalent to a stateless security policy;
wherein the stateful security policy is configured to enforce well-formedness constraints including:
the object cannot both be added to the group and removed from the group within the same state;
the user cannot both join the group and leave the group within the same state;
two types of operations cannot both occur in the same state for the user or the object;
after joining the group, the user cannot join again unless the user has left the group since joining the group;
after being added to the group, the object cannot be added to the group again unless it has been removed from the group since joining the group;
the user cannot leave the group when the user is not already a member of the group; and
the object cannot be removed from the group unless the object is already in the group; and
wherein the stateful security policy further sorts operations by time and provides an order of precedence wherein:
when add and join occur in the same state, add follows join;
when join and remove occur in the same state, join follows remove;
when add and leave occur in the same state, add follows leave; and
when remove and leave occur in the same state, there is no fixed precedence.

US Pat. No. 10,116,655

HYBRID DATA MANAGED LOCK SYSTEM

Schlage Lock Company LLC,...

1. A method, comprising:programming a user key with new access rights information including an activation date and an expiration date for access privileges for a particular user key;
determining, with a lock device, whether the user key is authorized to update the lock device based on data in the user key;
performing, by the lock device, a set of data checks on data stored in the user key;
updating a memory of the lock device with the new access rights information in response to a determination that the user key is authorized to update the lock device and the set of data checks indicates that (i) the user key is associated with a facility of the lock device, (ii) the user key is associated with the lock device, and (iii) the user key includes a serial number of a previous user key authorized to access the lock device, wherein the user key is a smart card; and
writing data to the user key by the lock device that indicates whether one or more other lock devices have not yet been updated.

US Pat. No. 10,116,649

P2P CONNECTING AND ESTABLISHING METHOD AND COMMUNICATION SYSTEM USING THE SAME

THROUGHTEK TECHNOLOGY (SH...

1. An establishing method for a P2P connection, applied to a link server, for establishing a P2P connection between a client device and a remote device, the establishing method comprising:receiving, by the link server, a connection request from the client device, wherein the connection request is for requesting to be connected to the remote device;
detecting, by the link server, a validation token in a network packet from the client device according to the connection request; and
executing, by the link server, a connection verifying procedure when the validation token from the client device is detected to be valid, wherein the connection verifying procedure comprises:
receiving a first validation code and a first address information of the client device from the client device;
reading a second address information of the remote device and a second validation code of the remote device from a storage unit; and
sending the received first validation code and the received first address information of the client device to the remote device and sending the read second address information of the remote device and the read second validation code to the client device, so as to establish the P2P connection between the client device and the remote device according to the first address information, the first validation code, the second address information, and the second validation code.

US Pat. No. 10,116,648

USER AUTHENTICATION

EMC IP Holding Company LL...

1. A method comprising steps of:receiving a request to access a first application on a device;
determining a level of sensitivity associated with the first application in response to receiving the request, wherein the level of sensitivity is represented by a first sensitivity value;
determining that access has previously been granted to a second application on the device or on another device, wherein the second application is different to the first application;
determining a differential between the first sensitivity value and a second sensitivity value in connection with the second application, wherein the differential describes a difference in sensitivity between the first and second applications;
determining that the first sensitivity value is within a predetermined sensitivity value range;
selecting an authentication method for use as part of an authentication operation in connection with the request, wherein the selection of the authentication method is based on the determined differential and the said determination that the first sensitivity value is within the predetermined sensitivity value range; and
applying the selected authentication method in connection with the request as part of an authentication operation that determines whether to grant the request to access the first application on the device;
wherein the steps are performed by at least one processing device comprising a processor coupled to a memory.

US Pat. No. 10,116,647

UNIFIED PROVISIONING OF APPLICATIONS ON DEVICES IN AN ENTERPRISE SYSTEM

Oracle International Corp...

1. A method comprising:determining, based on a user role associated with an identity of a user, an account enabling the identity to access a first resource, wherein the first resource is accessible from a first device using a first application, wherein the first device is registered for the identity of the user;
configuring, by a computer system, the first application with connection information that enables the first application to connect the first device to a first target system based on the account, wherein the first target system provides access for the first resource according to the account;
configuring, by the computer system, the first application with access information that permits the first application to access the first resource, wherein the access information is based on access permitted to the identity by the account; and
transmitting the first application to the first device upon configuring the first application with the connection information and the access information.

US Pat. No. 10,116,646

SOFTWARE-DEFINED NETWORK THREAT CONTROL

Sprint Communications Com...

1. A method of operating a Software-Defined Network (SDN) data-plane machine that stores flow data and a physically-embedded, read-only, hardware-trust key, the method comprising:a southbound transceiver receiving hardware-trust challenge data transferred by a hardware-trust controller;
a data processing system processing the hardware-trust challenge data based on the physically-embedded, read-only, hardware-trust key to generate hardware-trust response data;
the southbound transceiver transferring the hardware-trust response data for delivery to the hardware-trust controller;
a user data transceiver receiving user data;
the data processing system directing the user data transceiver to route the user data based on the flow data;
the user data transceiver routing the user data responsive to the direction from the data processing system;
the southbound transceiver receiving modification data from an SDN controller;
the data processing system determining that the SDN controller is authorized by the hardware-trust controller to modify the flow data and modifying the flow data based on the modification data responsive to the authorization from the hardware-trust controller;
the southbound transceiver receiving other modification data from another SDN controller;
the data processing system determining that the other SDN controller is not authorized by the hardware-trust controller to modify the flow data and responsively generating flow modification failure data for the other SDN controller; and
the southbound transceiver transferring the flow modification failure data for the other SDN controller for delivery to the hardware-trust controller.

US Pat. No. 10,116,645

CONTROLLING USE OF ENCRYPTION KEYS

Amazon Technologies, Inc....

1. A system-on-chip, comprising:a processor;
a fuse-based memory storing:
information for deriving a first public key for a first asymmetric key pair; and
one or more current key version numbers, each associated with a corresponding secondary public key;
wherein, in a secure boot process, the processor is configured to:
load a digital certificate that includes a secondary public key for a second asymmetric key pair and a key version number associated with the secondary public key;
authenticate the digital certificate using the first public key;
compare a key version number for the secondary public key provided by the digital certificate with a corresponding current key version number in the fuse-based memory;
if the key version number for the secondary public key is lower than the current key version number, determine that the secondary public key is not a trusted public key; and
if the key version number for the secondary public key is equal to or higher than the current key version number, determine that the secondary public key is a trusted public key;
wherein the processor is configured to replace an old secondary public key with a new trusted secondary public key if the key version number for the new secondary public key is equal to or higher than the current key version number.

US Pat. No. 10,116,643

VIRTUALIZED DATA STORAGE AND MANAGEMENT OF POLICY AND CREDENTIAL DATA SOURCES

Oracle International Corp...

1. A method comprising:receiving, at a computer system, using an interface for accessing a plurality of storage systems, a data request for credential information from a single sign-on service of one or more single sign-on services, wherein the credential information is stored at one of the plurality of storage systems, and wherein the data request includes one or more criteria for obtaining the credential information from the single sign-on service;
identifying, using one or more credential criteria identified in the data request based on the one or more criteria, a storage system associated with the data request, wherein the one or more credential criteria are generated for the credential information;
selecting, from a plurality of plug-ins, a plug-in corresponding to the identified storage system, wherein the plug-in is selected based on a type of storage system, and wherein the plug-in converts the data request according to the type of storage system; and
sending, to the single sign-on service for which the data request is received, data associated with the data request, the data being obtained from the identified storage system.

US Pat. No. 10,116,642

IDENTITY MANAGEMENT OVER MULTIPLE IDENTITY PROVIDERS

KONY, INC., Orlando, FL ...

1. A method comprising:requesting a backend service from multiple backend services by a requesting device;
exposing the requested backend service through a call in by a gateway service using a token mapped to the requested backend service, without exposing any of the backend services directly to the requesting device; and
providing, via identity services, a credential vault for a user to store a crypographic hash of a password and username that is used in conjunction with a valid identity token to leverage passwords for non-authorized legacy systems that the user may be required to login to retrieve data or leverage services,
wherein the gateway service directly calls in and is exposed to the requested backend services using the token and a token template, and
wherein the identity services comprise an identity management system which manages identities of plural devices through the use of tokens which are recognized by the backend services when passed by the gateway service.

US Pat. No. 10,116,640

IMAGE PROCESSING SYSTEM, IMAGE PROCESSING DEVICE, AND AUTHENTICATION METHOD

RICOH COMPANY, LIMITED, ...

1. An image processing system comprising:a first image processing device;
one or more second image processing devices; and
a server device, wherein
the first image processing device comprises:
memory storing computer-readable instructions; and
one or more processors configured to execute the computer-readable instructions such that the one or more processors are configured to perform operations including,
receiving an input of first authentication information for authenticating a user based on a first authentication method;
authenticating on an own device by using the first authentication information; and
using the one or more second image processing devices, and
transmitting, when a function of the one or more second image processing devices is to be operated, the first authentication information to the one or more second image processing devices, and transmitting, when authentication to only a second image processing device of a plurality of image processing devices based on the first authentication information has failed, a transmission request of authentication method information indicating a second authentication method of the second image processing device to the second image processing device, the authentication to which based on the first authentication information has failed; and wherein
the server device includes:
memory storing computer-readable instructions; and
one or more processors configured to execute the computer-readable instructions such that the one or more processors are configured to perform operations including,
transmitting, when receiving the first authentication information from the first image processing device, the first authentication information to the one or more second image processing devices, and transmitting, when receiving an authentication result based on the first authentication information from each of the one or more second image processing devices, the authentication result to the first image processing device.

US Pat. No. 10,116,638

METHOD AND DEVICE FOR UPLOADING DATA TO SOCIAL PLATFORM

TENCENT TECHNOLOGY (SHENZ...

1. A method for uploading data to a social platform, comprising:setting a plugin into an application program, wherein the plugin integrates multiple Application Program Interfaces (API) corresponding to multiple social platforms, each API possessing a publishing function provided by at least one of the multiple social platforms;
after the plugin is set into the application program, opening, by the application program, a page;
receiving a request for uploading data associated with the opened page in response to an icon corresponding to the plugin being selected on the user interface of the application program;
obtaining data to be uploaded according to the request;
after obtaining the data to be uploaded, determining at least two social platforms for uploading the data based on user selection among the multiple social platforms whose APIs are integrated by the plugin; and
simultaneously uploading the data to the at least two social platforms through one or more corresponding API integrated by the plugin,
wherein setting the plugin into the application program comprises:
adding an attribute of the plugin into a declaration file of the application program, the declaration file being directed to an operating system running the application program; and
configuring the plugin to inherit an abstract class specified in an SDK of the application program.

US Pat. No. 10,116,637

SECURE TELECOMMUNICATIONS

Wickr Inc., San Francisc...

1. A system, comprising:a processor configured to:
receive, at a first device via a control channel, a secure telecommunication request from a second device, wherein the secure telecommunication request includes at least one of a first meeting identifier and a first meeting key;
transmit, from the first device, the meeting identifier to a communication server, via a communication channel that is separate from the control channel, to obtain encrypted communication data;
receive, at the first device, encrypted communication data from the communication server;
decrypt, by the first device, the encrypted communication data using the first meeting key;
provide the decrypted communication data to a user of the first device; and
a memory coupled to the processor and configured to provide the processor with instructions.

US Pat. No. 10,116,636

APPARATUS AND METHOD FOR SECURE TRANSMISSION AVOIDING DUPLICATE DATA

FUJITSU LIMITED, Kawasak...

1. A communication device, comprising:a memory; and
a processor coupled to the memory and configured to, upon receiving, from another communication device, a sequence of information sets respectively corresponding to a sequence of data-segments, each information set including at least a pair of a segment identifier identifying a data-segment and an encryption key for decoding an encrypted data-segment that is generated from the data-segment by using the encryption key, determine, for each of the sequence of information sets, whether the encrypted data-segment corresponding to the segment identifier is held in the memory in association with the segment identifier, wherein:
in a first case where a first sequence of information sets respectively corresponding to a first sequence of data-segments destined for a first destination and including a first data-segment is received, the first sequence of information sets including a first information set that corresponds to the first data-segment and includes a triplet of a first segment identifier identifying the first data-segment, a first encryption key, and a first encrypted data-segment generated by encrypting the first data-segment with the first encryption key, while the first encrypted data-segment is not held in the memory in association with the first segment identifier, the processor performs a first reception process including:
acquiring the first encrypted data-segment from the first sequence of information sets,
storing the acquired first encrypted data-segment in the memory in association with the first segment identifier without storing the received first encryption key in the memory so as to block the first encryption key from being read by unauthorized access to the memory,
restoring the first data-segment by decoding the first encrypted data-segment with the first encryption key that is obtained from the first information set included in the received first sequence of information sets, and
outputting the restored first data-segment to the first destination as the first data-segment of the first sequence of data-segments; and
in a second case where a second sequence of information sets respectively corresponding to a second sequence of data-segments destined for a second destination and including a second data-segment identical to the first data-segment is received, the second sequence of information sets including a second information set that corresponds to the second data-segment identical to the first data-segment and includes a pair of the first segment identifier and the first encryption key without including the first encrypted data-segment therein, while the first encrypted data-segment is held in the memory in association with the first segment identifier, the processor performs a second reception process including:
acquiring, from the memory, the first encrypted data-segment associated with the first segment identifier,
restoring the first data-segment by decoding the first encrypted data-segment with the first encryption key that is obtained from the second information set included in the received second sequence of information sets, and
outputting the restored first data-segment to the second destination as the second data-segment of the second sequence of the data-segments so as to avoid redundant transmission of the second data-segment for the second destination, which is identical to the first data-segment for the first destination, between the communication device and the another communication device.

US Pat. No. 10,116,635

MOBILE-BASED EQUIPMENT SERVICE SYSTEM USING ENCRYPTED CODE OFFLOADING

OTIS ELEVATOR COMPANY, F...

1. A mobile-based equipment service system applied by a user, the mobile-based equipment service system comprising:a remote server including a computer processor, a non-transitory storage medium, an application executed by the computer processor and stored in the non-transitory storage medium, a user authentication database stored in the non-transitory storage medium and applied by the application;
a mobile device including a user interface, the mobile device being configured to send a user authentication message initiated by the user via the user interface to the remote server, wherein the application is configured to verify the user by comparing the user authentication message to the user authentication database, and once verified, develop and effect the sending of an encrypted blob to the mobile device in response to the user authentication message;
at least one equipment controller including a computer processor, a non-transitory storage medium, executable code, executed by the computer processor and stored in the non-transitory storage medium;
at least one site, wherein each site of the at least one site includes at least one respective equipment controller of the at least one equipment controller, and the encrypted blob is secured by the remote server via a site specific private key associated with a respective site of the at least one site, the authentication message including user credentials and a selected site of the at least one site selected by the user, wherein the computer processor of the equipment controller is configured to receive the encrypted blob and the executable code is configured to decrypt the encrypted blob received from the mobile device and utilizing the site specific private key.

US Pat. No. 10,116,633

SYSTEMS AND DEVICES FOR HARDENED REMOTE STORAGE OF PRIVATE CRYPTOGRAPHY KEYS USED FOR AUTHENTICATION

BANK OF AMERICA CORPORATI...

1. A system for hardened remote storage of private cryptography keys and authentication, the system comprising:a storage device comprising a first computing platform including:
a first memory configured to store one or more private cryptography keys, and
a first processor in communication with the first memory, wherein the first processor is configured to:
receive user configuration inputs that define (i) one or more tamper-related signals and (ii) a threshold amount for each of the one or more tamper-related signals, wherein meeting or exceeding the threshold amount results in deletion of the one or more private cryptography keys from the first memory,
generate the one or more private cryptography keys,
provide for the private cryptography keys to be accessible to a computing node in communication with the storage, while the computing node is executing an authentication routine without having to communicate the private cryptography keys to the computing node, and
in response to receiving at least one of the one or more tamper-related signals and determining that the threshold amount associated with the at least one of the tamper-related signals has been met or exceeded, delete the one or more private cryptography keys from the first memory; and
the computing node that is remote from the storage device and comprising a second computing platform including:
a second memory configured to store the authentication routine, and
a second processor in communication with the second memory, wherein the second processor is configured to, in response to sending data to the storage device, receive a verification result from the storage device, and execute the authentication routine to authenticate a user based at least in part on the verification result.

US Pat. No. 10,116,632

SYSTEM, METHOD AND COMPUTER-ACCESSIBLE MEDIUM FOR SECURE AND COMPRESSED TRANSMISSION OF GENOMIC DATA

New York University, New...

1. A non-transitory computer-accessible medium having stored thereon computer-executable instructions for generating at least one compressed genetic sequence, wherein, when a computer arrangement executes the instructions, the computer arrangement is configured to perform procedures comprising:(a) obtaining at least one reference sequence;
(b) obtaining a particular sequence read for at least one genetic sequence from a sequence platform;
(c) comparing the particular sequence read to the at least one reference sequence;
(d) storing the particular sequence read only if the particular sequence read does not match the at least one reference sequence; and
(e) generating the at least one compressed genetic sequence by repeating procedures (b)-(d) for further sequence reads which are different from the particular sequence read.

US Pat. No. 10,116,630

SYSTEMS AND METHODS FOR DECRYPTING NETWORK TRAFFIC IN A VIRTUALIZED ENVIRONMENT

Bitdefender IPR Managemen...

1. A client system comprising a hardware processor and a memory, the hardware processor configured to execute a virtual machine, an introspection engine, and a network filter, the introspection engine and the network filter executing outside of the virtual machine, wherein:the virtual machine is configured to carry out a communication session with a remote party, the communication session comprising a handshake message followed by an encrypted payload, wherein the handshake message contains an encryption parameter used by the client system to derive an encryption key, and wherein the encrypted payload is encrypted with the encryption key;
the network filter controls a network adapter of the client system and is configured to intercept the handshake message and in response, transmit a notification to the introspection engine; and
the introspection engine is configured to:
infer an occurrence of a first session event of the communication session according to the notification,
identify within the memory a target memory page according to whether a content of the target memory page has changed between the occurrence of the first session event and an occurrence of a second session event of the communication session, and
in response, transmit the content of the target memory page to a decryption engine configured to decrypt the encrypted payload according to the content.

US Pat. No. 10,116,629

SYSTEMS AND METHODS FOR OBFUSCATION OF DATA VIA AN AGGREGATION OF CLOUD STORAGE SERVICES

Carbonite, Inc., Boston,...

1. A method for obfuscation of data via an aggregation of cloud storage services, comprising: identifying, by a synchronization client of a client device, a file for transfer to an aggregation of a plurality of cloud storage services; extracting, by the synchronization client using a comb filter, a first subset of the file by skipping elements of the file to extract every nth element; transmitting, by the synchronization client, the first subset of the file to a first cloud storage service of the plurality of cloud storage services; extracting, by the synchronization client using the comb filter, a second subset of the file by skipping elements of the file to extract every nth element, offset by one, wherein in the extracting of the first subset and the extracting of the second subset, n is selected to avoid having a whole number relationship to a width of a memory read bus used by the synchronization client; transmitting, by the synchronization client, the second subset of the file to a second cloud storage service of the plurality of cloud storage services; and transmitting, by the synchronization client, metadata of the file and an identification of the first subset, first cloud storage service, second subset, and second cloud storage service, to a third cloud storage service.

US Pat. No. 10,116,628

SERVER-PAID INTERNET ACCESS SERVICE

1. A method of operating an access point, the method comprising:receiving a first request from a device associated with a user to access a first web server operated by a first entity that has agreed with a second entity operating the access point to incur costs associated with a connection to a network provided by the access point;
sending a response to the device associated with the user, the response including an address of an authentication program accessible via a secure port of a second web server different from the first web server, the response to cause the device associated with the user to securely communicate with the secure port for a period of time sufficient for the device associated with the user to attempt to be authenticated via the authentication program, the second web server to provide a one-time encryption key to the device associated with the user via the secure port such that the second entity associated with the access point is unable to access the one-time encryption key;
receiving an acknowledgment indicative of a result of the attempt to be authenticated via the authentication program; and
when the received acknowledgement indicates that the device associated with the user is authentic, operating, by executing an instruction with at least one processor, an access controller of the access point to route traffic to and from the device associated with the user based on an access control profile associated with the first web server, wherein the access control profile restricts the device associated with the user to an access range of addresses.

US Pat. No. 10,116,625

SYSTEMS AND METHODS FOR SECURE CONTAINERIZATION

SECUREWORKS, CORP., Wilm...

1. A method for provisioning a secure container for running an application, comprising:routing traffic between the application and a secure container service over a virtual private network;
using network filter rules to restrict network traffic to or from the application other than traffic to or from the secure container service;
using a customized domain name system service to provide name resolution to domain name system requests from the application within the secure container, the name resolution limited to server names allowed by a security policy;
examining the secure container for known vulnerabilities and preventing the secure container from launching when a known vulnerability is detected, the examining including at least one of checking configuration settings to identify combinations of settings that create known vulnerabilities, checking versions of libraries or applications within the secure container to identify unpatched known vulnerabilities, performing a port scan to identify known vulnerabilities, and any combination thereof;
establishing an inbound network proxy to filter and route approved inbound traffic to the application; and
establishing an outbound network proxy to filter and route approved outbound traffic from the application.

US Pat. No. 10,116,622

SECURE COMMUNICATION CHANNEL USING A BLADE SERVER

INTERNATIONAL BUSINESS MA...

1. A system comprising:a security blade server configured to perform a security operation on network traffic exchanged between network devices in a first portion of a virtual network that includes the security blade server and network devices outside the first portion in a second portion of the virtual network, the network devices in the first portion bridged together and secured by the security blade server, wherein the first portion of the virtual network is protected by the security operation of the security blade server, wherein the network devices are bridged together by the security blade server to separate the second portion of the virtual network from the first portion of the virtual network, and wherein a gateway bridges the first portion and the second portion; and
a network controller configured to execute an application and concurrently program, using an application program interface (API), the security blade server and another security blade server to perform the security operation, to encrypt and encapsulate data, to access an address list, to virtualize each of the network devices in the virtual network based on a software defined environment, and to virtually position the security blade server as a bridge in a channel of the network traffic exchanged between at least two of the network devices using the API.

US Pat. No. 10,116,621

METHOD AND SYSTEM FOR MESSAGING SECURITY

Axway Inc., Phoenix, AZ ...

1. A system comprising:a messaging firewall that cooperates with a remote publicly accessible security server to securely transmit e-mail messages,
wherein the messaging firewall encrypts an e-mail message in accordance with at least one encryption key and determines, based on textual content, a destination, a size, and a source of the e-mail message, whether application of a signature to the e-mail message is required, the e-mail message being sent from the source to one or more recipients;
wherein the messaging firewall queries the remote security server for an encryption key including related encryption data which is associated with at least one target server for the e-mail message, and that in response to a determination that application of a signature is required for the e-mail message, retrieves the signature and a certificate associated with the source of the e-mail message;
wherein the encryption key is the recipient's public key;
wherein the certificate is used to store the recipient's public key;
wherein the signature is applied to the e-mail message to allow for a recipient of the one or more recipients to authenticate the source, wherein the encryption key is stored in the remote security server, and the certificate is included with the signature; and
wherein the messaging firewall transmits the e-mail message to at least one target server for which encryption data was retrieved by the messaging firewall.

US Pat. No. 10,116,620

METHOD FOR ACCESS NETWORK VIRTUALIZATION AND PROXY NODE

Huawei Technologies Co., ...

1. A method for access network virtualization, applied in a system comprising a first remote access node and a second remote access node, a proxy node and a management system, wherein the method comprises:establishing, by the proxy node, a relationship mapping table, wherein the relationship mapping table comprises a first mapping relationship and a second mapping relationship, wherein the first mapping relationship comprises an Internet protocol (IP) address of a virtual access node (AN), a first user side port of the virtual AN and a user side port of the first remote access node, wherein the second mapping relationship comprises the IP address of the virtual AN, a second user side port of the virtual AN and a user side port of the second remote access node, wherein the virtual AN is a device which the management system is capable of managing;
receiving a packet sent by the management system;
querying the relationship mapping table according to first parameter information carried in the packet to obtain second parameter information, wherein the first parameter information comprises the IP address of the virtual AN and the first user side port of the virtual AN, and wherein the second parameter information comprises the user side port of the first remote access node; and
sending the packet to the first remote access node corresponding to the user side port of the first remote access node according to the second parameter information.

US Pat. No. 10,116,618

IN-BAND LDAP OVER FICON

INTERNATIONAL BUSINESS MA...

1. A method for exchanging data information packets, by a processor device, comprising:receiving an Internet Protocol (IP) information unit comprising a Lightweight Directory Access Protocol (LDAP) request by a host node executing a Fibre Connection (FICON) software library, the LDAP request received by an LDAP converter module listening to an IP address to which the LDAP request is sent; wherein the IP address receives the LDAP request into a shared memory space of the host node;
writing the IP information unit to a transport layer by converting the LDAP request from the IP information unit to FICON payload and placing the FICON payload comprising the LDAP request into the shared memory space; and
transmitting data including the IP information unit to a target node by accessing the FICON payload comprising the LDAP request in the shared memory by a FICON adapter of the host node and transferring the FICON payload to the target node over a FICON network.

US Pat. No. 10,116,616

SMART ROUTING SYNCHRONIZATION SYSTEM AND METHODS FOR SOCIALIZING A SYNTHETIC REBROADCAST AND GROUP STREAM

Remote Media, LLC, Wheat...

1. A social broadcasting system for enabling members of a user group to synthetically broadcast select content to other members of the user group, the social broadcasting system comprising, in combination: a first non-transitory computer-implementable medium and a group of medium-processing computers associated with each of the members of the user group within an operable network, the first non-transitory computer-implementable medium being implementable via the group of medium-processing computers, the first non-transitory computer-implementable medium thereby being operable to effect real-time synchronization of media content among members of the user group and to synthetically broadcast content among the group of medium-processing computers each of which are in communication with at least two content sources, the at least two content sources each being characterized by a separate legal access point thereby providing at least two legal access points for the same content, the first non-transitory computer-implementable medium being operable to (a) identify select content and direct delivery of the select content from a select optimal content resource location associated with each medium-processing computer and (b) map content resources from amongst differing legal access points without redistributing sourced content, the select optimal content resource location being selected from the at least two content sources, said selection being based on user-defined parameters, the first non-transitory computer-implementable medium further directing delivery of the select content as initiated by content origination member of the user group by (a) establishing an instruction-passing second channel to each medium-processing computer over the operable network; (b) generating routing and playback instructions for governing playback of the select content via a content-delivery first channel; and (c) passing the routing and playback instructions to each medium-processing computer via the instruction-passing second channel for sourcing the select content for consumption, the members of the user group thereby being able to simultaneously access the select content as initiated by content origination member and received from the select optimal content resource locations within the user group for the purpose of providing a content-based platform for social interaction.

US Pat. No. 10,116,614

DETECTION OF ABUSIVE USER ACCOUNTS IN SOCIAL NETWORKS

Trend Micro Incorporated,...

1. A method of identifying abusive user accounts in a social network, the method comprising:receiving social network data of a social network provided by a social networking service, the social network data including data on a plurality of user accounts of users of the social network and messages posted on the social network;
identifying a group of user accounts from the plurality of user accounts that belong to a same user; and
blocking the group of user accounts,
wherein identifying the group of user accounts comprises:
determining delta times between postings of each user account in the group of user accounts;
converting the delta times into sequences of delta times text strings; and
identifying the group of user accounts as user accounts in the plurality of user accounts that have a same sequence of delta times text strings.

US Pat. No. 10,116,609

THIRD PARTY EMAIL SIGNATURE GENERATION AND AUTHENTICATION

Microsoft Technology Lice...

1. A computing device to provide third party email signature generation and authentication, the computing device comprising:a memory;
one or more processors coupled to the memory, the one or more processors executing a first email service in conjunction with instructions stored in the memory, wherein the one or more processors are configured to:
receive a message from a sender through a second email service executed on a server associated with the sender, wherein
the second email service is an email service provider of the sender,
a signature of the message is stamped by the second email service to encode a selector field with a conversion of sender's domain address and a domain field with a combination of a known portion of the sender's domain address and the second email service's domain address,
the second email service is known to stamp signatures of messages based on the conversion in the selector field, and the sender's domain address is not published;
align the sender's domain address with the known portion of the sender's domain address; and
authenticate the message based on the alignment.

US Pat. No. 10,116,607

SPLITTING POSTS IN A THREAD INTO A NEW THREAD

International Business Ma...

1. A computer program product for improving social network users' interactions, the computer program product comprising a computer readable storage medium having program code embodied therewith, the program code comprising the programming instructions for:analyzing content of monitored posts in an original thread of a social networking system to group said monitored posts by topic, wherein a first group of said monitored posts directed to a first topic is posted by a first set of users;
analyzing one or more of past communication patterns and liked pages of said first set of users to determine a likelihood of responding to posts; and
splitting posts in said original thread into a new thread containing said first group of said monitored posts directed to said first topic and having a second set of users of said first set of users to participate in said new thread, wherein each of said second set of users is selected based on said analysis of one or more of said past communication patterns and said liked pages of said first set of users, wherein each of said second set of users has a relationship with one or more users of said second set of users and has a likelihood of responding to a post that exceeds a threshold value.

US Pat. No. 10,116,606

DETERMINING A NUMBER OF USERS ALLOWED TO ACCESS MESSAGE BASED ON MESSAGE OBJECTIVE

INTERNATIONAL BUSINESS MA...

1. A method for controlling access to categorized messages, the method comprising:establishing, based on a number of electronic messages associated with a category, a message objective, wherein the message objective:
comprises a set of rules to determine how an electronic message is shared;
informs user association, message association, and message access rules for each of multiple categories;
comprises an allow more objective to allow grouping of electronic messages without additional input from a message originator;
comprises a share objective to allow the electronic message to be shared with users in addition to the message originator and a message recipient; and
wherein an electronic message comprises a categories field and a message objectives field;
receiving a change to the message objective;
categorizing the electronic message into a number of categories according to the message objective, wherein each category comprises a number of electronic messages;
grouping the electronic messages with other electronic messages in the multiple categories based on semantically similar message content;
determining, based on the message objective, a number of users allowed access to the electronic message;
removing a first user from the number of users allowed access to the electronic message based on the first user having not accessed the electronic message within a specified amount of time;
adding a second user to the number of users allowed access to the electronic message by receiving a request from the second user registering interest in a category; and
allowing the number of users to access the electronic message according to the message objective.

US Pat. No. 10,116,605

TRANSPORT STACK NAME SCHEME AND IDENTITY MANAGEMENT

Cisco Technology, Inc., ...

1. A computer-implemented method, comprising:receiving, by a forwarder executed by a hardware processor in a computer network, a packet that corresponds to an interest, wherein the interest includes a name that is location independent;
in response to determining, with the processor, that the interest is destined for a component of a stack of communication modules that includes a plurality of components, sending the interest to the destined component based on the name for the interest without passing through one or more other components of the stack, wherein the stack does not require a respective communication module to communicate only with a layer above or below thereof; and
in response to determining, with the processor, that the interest is not destined for any of the components of the stack, sending the interest to a network element based on the name for the interest,
thereby facilitating directly addressing individual components of the stack.

US Pat. No. 10,116,602

SYSTEM AND METHODS FOR DEVICE TO DEVICE CONTROL

JAMDEO CANADA LTD., Onta...

1. A method for device to device control, the method comprising:executing, by a device, an application configured to provide the device connection and interoperability with at least one other device associated with the application;
establishing, by the device, a connection with a second device, wherein the second device is identified to the device by the application;
determining, by the device, one or more capabilities of the second device based on a capability matching of the application, wherein determining is based on an application profile for the second device and capabilities output by the second device; and
controlling, by the device, an operation based on one or more matched capabilities, wherein a command is exchanged relative the device and second device by way of communication protocols established by the application.

US Pat. No. 10,116,601

METHODS AND DEVICES FOR DISPLAY DEVICE NOTIFICATIONS

JAMDEO CANADA LTD., Oakv...

1. A method for presenting a notification on a display device, the method comprising:receiving, by a display device, a notification which is at least one of content-based, device-based, and guide-based;
assigning, by the display device, a priority for the notification based at least on a type of the notification;
determining, by the display device, when the notification should be presented based on the priority;
presenting, by the display device, a first graphic, wherein the first graphic is a graphical presentation of notification content presented as a graphical element overlay including information related to the notification, wherein the first graphic has a predefined size and appearance including a visual cue to inform the type of notification and how to interact with the notification , and is located on an edge of the display device, such that the first graphic covers only a first portion of any content on the display device, and wherein presentation of the first graphic is based on the type of the notification;
detecting, by the display device, a first action associated with the first graphic, wherein the first action is a selective interaction with the first graphic; and
presenting, by the display device, a second graphic, wherein the second graphic provides additional information related to the notification, and wherein the second graphic is a dialog-multi function including a plurality of decisions for choosing an action, the dialog-multifunction controlling a change of the display device based on selection of one of the plurality of decisions.

US Pat. No. 10,116,598

SYSTEM AND METHOD FOR INCREASING CLARITY AND EXPRESSIVENESS IN NETWORK COMMUNICATIONS

IMVU, INC., Mountain Vie...

1. A system comprising:a data processor;
a network connection, in data communication with the data processor, for access to a network; and
a message processing system module, executable by the data processor, to:
obtain a message from a first user as part of a network-enabled conversation with a second user, the conversation having a plurality of associated messages;
analyze, by use of the data processor, the content of the message;
automatically use a panel layout based on the content of the message, the panel layout defining a consistent set of expressive elements for at least one message of the plurality of messages associated with the conversation, the panel layout further defining one or more panels for presenting messages of the conversation with the expressive elements;
integrate the message into at least one of the panels with the expressive elements;
automatically select at least one embellishment from an available set of embellishment options based on the panel layout;
apply, by use of the data processor, the automatically selected at least one embellishment to the message to produce an embellished message with configuration data encoded therewith corresponding to the at least one embellishment, the configuration data including a plurality of data values defining particular embellishment properties of the at least one embellishment; and
cause transmission of the embellished message via a network to the second user.

US Pat. No. 10,116,590

NETWORK VIRTUALIZATION AND RESOURCE ALLOCATION FOR THE INTERNET OF THINGS

NEC Corporation, (JP)

1. A computer-implemented method for network virtualization and resource allocation, comprising:storing one or more received network requests in a request table;
managing, using a hardware processor coupled to a memory, network flows and requests by dynamically updating a flow table, a waiting list table, and a candidate group map based on the one or more received network requests, the managing further comprising:
monitoring a transmission progress of each of one or more flows in a network of interconnected computing devices, and moving completed flows from the flow table to a success list;
moving requests in the waiting list table which have reached an attempt threshold from the flow table to a fail list;
compiling any residual requests in the waiting list with new requests to generate a new request table; and
minimizing bandwidth usage by enabling the network to serve a plurality of requests simultaneously by sharing a single copy of bandwidth resources in central nodes using multicasting; and
fulfilling at least one of a deterministic request allocation or an optimizing request allocation based on the new request table,
wherein if no central node is determined to be available to accommodate a highly ranked request, lower ranked in-progress flows are iteratively suspended until the highly ranked request is accommodated.

US Pat. No. 10,116,587

ELECTRONIC DISTRIBUTION OF APPLICATIONS HAVING MULTIPLE SERVICE LEVELS

MICROSOFT TECHNOLOGY LICE...

1. A method for electronic distribution of computer applications having multiple service levels, the method comprising, using instructions stored on a storage unit coupled to a central processing unit (CPU):identifying, by the CPU, one or more application accounts associated with an organizational entity, at least one of the application accounts being associated with a first service level;
electronically verifying that an admin account controls a network domain associated with the organizational entity;
in response to the admin account being determined to control the network domain, electronically verifying fulfillment of service conditions associated with a second service level;
in response to the service conditions being determined as fulfilled, electronically assigning the second service level to each of the identified one or more accounts associated with the organizational entity.

US Pat. No. 10,116,586

MANAGING NETWORK BANDWIDTH FOR NETWORK APPLICATIONS

TENCENT TECHNOLOGY (SHENZ...

1. A method for managing network bandwidth for one or more network applications, comprising:identifying a current network using scene before any restrictions are applied to the one or more network applications, comprising:
detecting a first online application in which a user is engaging on a user device that consumes network bandwidth of the user device;
after identifying the current network using scene:
detecting a second online application which is manually started by the user;
identifying a plurality of processes that consume the network bandwidth of the user device;
categorizing the plurality of processes into multiple categories associated with the current network using scene, comprising:
generating a first category including one or more first processes that are required by the first online application;
generating a second category including one or more second processes that (1) are not required by the first online application or the second online application and (2) compete with the one or more first processes for the network bandwidth of the user device; and
generating a third category including one or more third processes that do not belong to the first and the second categories; and
ending the one or more second processes in the second category that are not required by the first online application or the second online application and restricting a network speed used by a third process belonging to the third category, while applying no network bandwidth restriction to (1) the one or more first processes in the first category based on a network speed protecting policy corresponding to the current network using scene and (2) the second application while engaging in the first online application.

US Pat. No. 10,116,585

INTERNET OF THINGS APPLICATION FRAMEWORK

Verizon Patent and Licens...

1. A method comprising:receiving, by a network device, a packet from an Internet of Things (IoT) device;
determining, by the network device, whether the packet carries IoT data;
determining, by the network device, a type of linked data to obtain in response to determining that the packet carries the IoT data, wherein determining the type of linked data is based on at least one of a source network address of the IoT device or a device identifier of the IoT device that correlates to an application programming interface (API) and corresponding type of linked data;
obtaining, by the network device, the type of linked data in response to determining the type of linked data;
storing, by the network device, the type of linked data and the IoT data; and
granting access and use, by the network device, of the type of linked data and the IoT data to the API of a software application, when the software application is executed.

US Pat. No. 10,116,584

MANAGING CONTENT DELIVERY NETWORK SERVICE PROVIDERS

Amazon Technologies, Inc....

1. A computer-implemented method comprising:under control of a hardware computing device configured with specific computer executable instructions:
obtaining, at a first DNS server, a first domain name system (DNS) query from a client computing device associated with a first point of presence (POP), wherein the first DNS query is associated with a requested resource, wherein the requested resource is associated with a content provider and wherein the first DNS server is associated with a content delivery network (CDN) service provider that is different from the content provider;
determining whether the content provider has exceeded a threshold network usage, wherein the threshold network usage is determined based at least in part on content provider pricing information, wherein the content provider pricing information indicates a price at which the CDN service provider provides content on behalf of the content provider;
selecting an alternative resource identifier associated with a second DNS server at a second POP of the CDN service provider or an internet protocol (IP) address of a cache component at the second POP if the content provider is determined to have exceeded the threshold network usage, wherein the alternative resource identifier includes information for causing a second DNS query to resolve to the second DNS server of the CDN service provider; and
transmitting, to the client computing device, the selected alternative resource identifier or the IP address.

US Pat. No. 10,116,582

RESOURCE ASSIGNMENT SYSTEM WITH ALLOCATION ASSIST

BANK OF AMERICA CORPORATI...

1. A system for allocating resources of a user at initiation of a new resource pool, the system comprising:one or more memory devices storing computer-readable code; and
one or more processing devices operatively coupled to the one or more memory devices, wherein the one or more processing devices are configured to execute the computer-readable code to:
electronically receive an indication from a user to initiate a new resource pool, wherein the indication is received from a user computer system;
electronically identify a purpose of the new resource pool;
electronically access user data for the user regarding resource allocations for current resource pools of the user by accessing one or more user resource pool systems;
electronically identify one or more suggested resource allocations based on the purpose of the resource pool and the user data for the resource allocations for the current resource pools of the user;
electronically provide the user the one or more suggested resource allocations in a user interface, wherein the user interface is provided by one or more entity systems on the user computer system;
electronically receive a selected resource allocation for the new resource pool from the one or more suggested resource allocations, wherein the selected resource allocation is received from the user computer system; and
electronically initiate the new resource pool and the selected resource allocation, wherein the selected resource allocation is initiated through the one or more entity systems;
wherein processing speed of the one or processing devices is improved by automatically initiating the selected resource allocation at the same time as initiating the new resource pool by reducing the number of processing steps for the one or more processing devices.

US Pat. No. 10,116,581

SYSTEM AND METHOD FOR CONTROLLING ACCESS TO WEB SERVICES RESOURCES

Amazon Technologies, Inc....

1. A system comprising:a plurality of compute nodes that implement a distributed data store;
a programmatic interface for the distributed data store implemented via one or more hardware processors of at least some of the plurality of compute nodes;
the distributed data store, configured to:
receive a request to store a record in a table from a client, wherein the table is maintained in the distributed data store, wherein the request is received via the programmatic interface for the distributed data store;
identify a partition of the table to store the record according to a partition key value of the record and an identifier of the table, wherein the table is maintained in the distributed data store across a plurality of different partitions including the partition;
select a plurality of storage hosts implemented at different ones of the plurality of compute nodes to store the record according to a replication factor specified for the table by the client or another client via the programmatic interface, wherein the replication factor is specified to store the record to a first number of hosts, wherein the plurality of storage hosts are mapped to the partition of the table;
send the record to the plurality of storage hosts to be stored; and
upon a determination that a predetermined minimum number of the plurality of storage hosts have successfully stored the record, wherein the predetermined minimum number is less than the first number of hosts, send, via the programmatic interface, a completion indication for the request to the client.

US Pat. No. 10,116,580

SEAMLESS LOCATION AWARE NETWORK CONNECTIVITY

MICROSOFT TECHNOLOGY LICE...

1. A method performed on a computing device that includes at least one processor and memory, the method comprising:intercepting, by the computing device from a client endpoint device of a user, an outgoing communication directed to a destination network;
determining, by the computing device based on a location of the client endpoint device and on a location of the destination network, access methods that are each configured for establishing a connection between the client endpoint device and the destination network on behalf of the user;
establishing, by the computing device via a first of the access methods, the connection between the client endpoint device and the destination network on behalf of the user; and
verifying, by the computing device, the connection between the client endpoint device and the destination network.

US Pat. No. 10,116,579

METHOD AND SYSTEM FOR QUEUE MANAGEMENT IN A PACKET-SWITCHED NETWORK

Alcatel Lucent, Boulogne...

1. A method for queue management in a packet-switched network comprising one or more intermediate network nodes, the method comprising at an intermediate node:receiving first packets belonging to a first class associated with a first queue management mechanism and second packets belonging to a second class associated with a second queue management mechanism;
marking or dropping of the first packets in accordance with the first queue management mechanism and marking or dropping of the second packets in accordance with the second queue management mechanism; and
coupling the marking or dropping of the second packets to the marking or dropping of the first packets,
wherein the marking or dropping of the first packets is performed in accordance with a first marking or dropping probability and the marking or dropping of the second packets is performed in accordance with a second marking or dropping probability; and wherein the coupling comprises computing the second marking or dropping probability based on the first marking or dropping probability.

US Pat. No. 10,116,578

TECHNIQUES FOR OPTIMIZING WIRELESS WIDE AREA NETWORK-WIRELESS LOCAL AREA NETWORK AGGREGATION

QUALCOMM Incorporated, S...

1. A method for wireless communication at a wireless communication device, comprising:receiving wireless wide area network (WWAN) packets at a WWAN processing subsystem of the wireless communication device;
transferring wireless local area network (WLAN) packet information from a WLAN processing subsystem of the wireless communication device to the WWAN processing subsystem, the WLAN packet information comprising a subset of data associated with WLAN packets;
performing a reordering process in the WWAN processing subsystem, the reordering process based at least in part on the received WWAN packets and the WLAN packets that correspond to the transferred WLAN packet information; and
providing an indication of the reordered WWAN packets and the WLAN packets to an application processing subsystem of the wireless communication device.

US Pat. No. 10,116,575

FLOW CONTROL FOR POWERLINE COMMUNICATIONS

TEXAS INSTRUMENTS INCORPO...

1. A method of communication, comprising:a first powerline communications (PLC) node transmitting a first data frame;
said first PLC node receiving an ACK frame that includes a delimiter type; and
upon receiving either a BUSY-ACCEPT or a BUSY-REJECT delimiter type, said first PLC node deferring the transmission of another data frame for a congestion clearing wait time.

US Pat. No. 10,116,574

SYSTEM AND METHOD FOR IMPROVING TCP PERFORMANCE IN VIRTUALIZED ENVIRONMENTS

Juniper Networks, Inc., ...

1. A system, comprising:a memory that stores computer executable components;
a processor that executes computer executable components stored in the memory, wherein the computer executable components comprise:
a data flow identification component configured to identify first configuration data indicative of TCP stack configuration information for a data flow transmitted between a protocol sender and a protocol receiver, wherein at least one of the protocol sender and the protocol receiver resides within a virtualized host;
a protocol override component configured to override the first configuration data with second configuration data indicative of policy-based TCP stack configuration information for the data flow;
a transmitter component configured to transmit the data flow to the protocol receiver using the second configuration data indicative of the policy-based TCP stack configuration; and
a diagnostics component configured to generate diagnostics data indicative of TCP performance associated with the data flow and determine, based on the diagnostics data, that the data flow to the protocol receiver is being slowed by resource scheduling being performed by the virtualized host.

US Pat. No. 10,116,573

SYSTEM AND METHOD FOR MANAGING INTERNET OF THINGS (IOT) DEVICES AND TRAFFIC USING ATTRIBUTE CLASSES

Afero, Inc., Los Altos, ...

1. A method comprising:specifying an attribute for each of a plurality of items of data managed in an Internet of Things (IoT) device and/or an IoT service;
defining a plurality of attribute classes;
associating each of the attributes with one or more of the attribute classes, wherein the attribute classes specify how the items of data are to be stored and processed by components of the IoT device and/or the IoT service;
wherein the attribute classes includes a priority notification attribute class, a first set of attributes to be associated with the priority notification attribute class based on based on a level of importance or severity associated with the first set of attributes;
transmitting notifications from the IoT device for attributes associated with the priority notification attribute class to the IoT service ahead of other notifications for attributes not associated with the priority notification attribute class; and
implementing a set of priority notification attribute rules on the IoT service, upon receipt of the notifications, to attempt to address a potentially hazardous or otherwise undesirable condition associated with the notifications; and
wherein an IoT hub monitors data communication with the IoT device to determine whether the IoT device has reached a data threshold specified by one or more flow control parameters, wherein the IoT hub is configured to block notifications not associated with the priority notification attribute class due to flow control limitations for a particular IoT device and passes through notifications from the IoT device associated with the priority notification attribute class.

US Pat. No. 10,116,572

METHOD, DEVICE, AND SYSTEM FOR ACQUIRING STREAMING MEDIA DATA

HUAWEI TECHNOLOGIES CO., ...

1. A method for acquiring streaming media data, comprising:receiving a streaming media data transmission request from a terminal, wherein the streaming media data transmission request comprises a device type of the terminal and a network type of a network that the terminal accesses;
determining, according to the device type of the terminal, the network type of the network that the terminal accesses, and a mapping of a plurality of bit rates to a plurality of device type and network type combinations, a bit rate for downloading a streaming media file for the terminal; and
sending the bit rate to the terminal to instruct the terminal to determine, according to an index file, an address of streaming media data encoded at the bit rate, and acquire the streaming media data using the determined address;
wherein the mapping of the plurality of bit rates to the plurality of device type and network type combinations is determined according to record information of streaming media service execution that have occurred prior to the streaming media data transmission request, the record information being reported by a plurality of terminals, and wherein the record information comprises:
a respective device type of each of the plurality of terminals;
a respective network type of a respective network that each of the plurality of terminals accesses; and
a respective bit rate for each of the plurality of terminals to download a streaming media file.

US Pat. No. 10,116,571

NETWORK FUNCTION VIRTUALIZATION (NFV) MANAGEMENT AND ORCHESTRATION (MANO) WITH APPLICATION LAYER TRAFFIC OPTIMIZATION (ALTO)

Sprint Communications Com...

1. A method of operating a Network Function Virtualization (NFV) Management and Orchestration (MANO) data communication system to support an Application Layer Traffic Offload (ALTO) system for a Network Service (NS), the method comprising:MANO computer system circuitry processing an NFV MANO orchestrator and an NFV MANO Virtualized Infrastructure Manager (VIM) and responsively exchanging network data to support the NS;
the MANO computer system circuitry processing the NFV MANO orchestrator and an NFV MANO Virtual Network Function Manager (VNFM) and responsively exchanging function data to support the NS;
the MANO computer system circuitry processing the NFV MANO VIM and responsively exchanging the network data with NFV Infrastructures (NFVIs) that execute Virtual Machines (VMs) that instantiate Virtual Network Function (VNFs) to support the NS;
the MANO computer system circuitry processing the NFV MANO VNFM and responsively exchanging function data with the VNFs to support the NS;
the MANO computer system circuitry processing the NFV MANO orchestrator and responsively indexing some of the network data and the function data to generate NFV ALTO topology data that associates individual ALTO Provider Identifiers (PIDs) with individual ones of the NFVIs, that associates the individual ALTO PIDs with individual ones of the NFV VNFs, that associates an ALTO external domain with individual NFV Virtual Links (VLs), that associates the individual ones of the NFV VLs with individual NFVI resource usage, and that associates the individual ones of the NFV VLs with individual VL usage costs; and
the MANO computer system circuitry processing the NFV MANO orchestrator and responsively transferring the NFV ALTO topology data for delivery to the ALTO system.

US Pat. No. 10,116,570

IN-VEHICLE NETWORK SYSTEM

DENSO CORPORATION, Kariy...

1. An in-vehicle network system, the system comprising:in-vehicle devices in a vehicle; and
a network bus communicably connecting plural nodes controlling the in-vehicle devices, the plural nodes communicating with each other using a control protocol, and comprising
a sender node connected to the network bus and sending a first frame, and a receiver node connected to the network bus and sending a flow control frame after receiving the first frame, wherein
the receiver node sends the flow control frame to the sender node after adding payload length information to the flow control frame according to the control protocol, and
the sender node determines a payload length of a consecutive frame to be transmitted after receiving the flow control frame, based on the payload length information.

US Pat. No. 10,116,569

EMBEDDED DIAGNOSTIC TOOL FOR PREDICTION OF PROBLEMS RELATING TO NETWORK BANDWIDTH

EMC IP HOLDING COMPANY LL...

1. A method for data management, comprising:measuring an available bandwidth of a communication path between a client and another entity;
determining a required bandwidth associated with a future transfer of a target dataset between the client and the other entity along the communication path, wherein the required bandwidth is expressed at least partly in terms of a data deduplication rate (DDR), and takes the following form:
required bandwidth=(dataset size/DDR)/time available for backup,
where DDR is determined by:
calculating preliminary DDR values using each of a plurality of estimation models, wherein the plurality of estimation models includes any two or more of (i) a first moving average estimation model that considers the last ‘n’ backups performed in a network in which the client resides, wherein one or more of the last ‘n’ backups were performed by a client other than the client, (ii) a second moving average estimation model that considers the last ‘n’ backups performed only by the client, and (iii) an averaging model that considers DDR information for a particular time period in which the client and other clients perform respective backups;
comparing each of the preliminary DDR values with actual DDR values of each of a plurality of prior backups; and
selecting as a final DDR, the calculated DDR that is closest to the actual DDR values; and
comparing the available bandwidth of the communication path with the required bandwidth of the target dataset, wherein no transfer of the target dataset occurs if the required bandwidth is greater than the available bandwidth.

US Pat. No. 10,116,567

LOAD BALANCING FOR MULTIPATH GROUP ROUTED FLOWS BY RE-ROUTING THE CONGESTED ROUTE

Amazon Technologies, Inc....

1. A device, comprising:interfaces, each configured to output network packets;
a memory storing:
a first multipath group associated with the interfaces, the first multipath group also being associated with a first mapping of the network packets to the interfaces;
a routing table, containing a first route to an interface of the first multipath group;
virtual output queues, each associated with one of the interfaces and configured to store information indicating network packets to be output by the associated interface; and
a congestion control block associated with the first multipath group, wherein the congestion control block stores statistical information for the first multipath group;
statistics collection logic configured to:
update the statistical information of the congestion control block with information determined based on network packets in the virtual output queue of the congested interface;
congestion detection logic configured to determine that an interface of the first multipath group is congested, based on the statistical information of the congestion control block; and
congestion avoidance logic configured to:
upon determining that the interface of the first multipath group is congested:
add, in the routing table containing the first route, a second route to a second multipath group associated with the interfaces of the first multipath group, the second multipath group also being associated with a second mapping of the network packets to the interfaces, the second mapping being different from the first mapping, the second route generated to divert a flow of network packets to the second multipath group instead of to the first multipath group.

US Pat. No. 10,116,566

DYNAMIC NETWORK RATE CONTROL

T-Mobile USA, Inc., Bell...

1. A system, comprising:one or more processors;
a memory; and
one or more modules stored in the memory and executable by the one or more processors to perform operations comprising:
receiving, at a network provider, a bandwidth conservation indication from a client device, the bandwidth conservation indication indicating a client-device-specified preference for a bandwidth for transmitting content from the network provider to the client device that is less than a maximum bandwidth available to the client device, the client-device-specified preference being based on a client-device-specified resolution of content to be received by the client device from the network provider, the client-device-specified resolution of content being less than a maximum resolution of content available to the client device;
receiving, at the network provider, a request to transmit a content to the client device;
initiating, at the network provider, a bandwidth-conserved connection between a content provider and the network provider, the bandwidth-conserved connection indicative of the client-device-specified resolution of content;
receiving, at the network provider, the content as encoded content via the bandwidth-conserved connection;
determining, at the network provider, a transmission pattern for transmitting the encoded content from the network provider to the client device, wherein the transmission pattern includes a transmission period for transmitting at least a portion of the encoded content at a first transmission rate and includes a non-transmission period where none of the encoded content is transmitted, wherein an average transmission bandwidth associated with the transmission pattern is based in part on the bandwidth conservation indication; and
transmitting, from the network provider to the client device, the encoded content in accordance with the transmission pattern.

US Pat. No. 10,116,565

END-TO-END ACCELERATION OF DYNAMIC CONTENT

Limelight Networks, Inc.,...

1. A system for accelerating content between Points of Presence (POPs) in a Content Delivery Network (CDN), comprising:a first POP in the CDN configured to receive a content request from a user device, wherein:
the first POP comprises a first plurality of edge servers that store and distribute content in response to user requests; and
content responsive to the content request comprises a first content portion that is not stored in the first POP;
a second POP in the CDN, wherein the second POP comprises a second plurality of edge servers that store and distribute content in response to user requests, and the first content portion is available through the second POP; and
a persistent connection mesh between the first POP and the second POP, wherein:
the persistent connection mesh is maintained between the first POP and the second POP prior to the content request being received by the first POP; and
the first content portion is transmitted through the persistent connection mesh from the second POP to the first POP.

US Pat. No. 10,116,563

SYSTEM AND METHOD FOR AUTOMATICALLY UPDATING DATA PACKET METADATA

PEARSON EDUCATION, INC., ...

1. A system for content provisioning via the automatic determination of a content attribute, the system comprising:memory comprising:
a content database comprising a plurality of data packets and metadata identifying an attribute of an associated data packet, wherein each of the plurality of data packets is associated with unique metadata;
a user profile database comprising user history data identifying an attribute of an associated user, wherein each user is associated with unique user history data;
a user device comprising:
a first network interface configured to exchange data via a communication network; and
a first I/O subsystem configured to convert received digital communication to user interpretable outputs via a user interface; and
one or more servers communicatingly coupled with the memory and the user device, wherein the server is configured to:
receive a response from a user via a user device, wherein the response is to a previously provided data packet;
identify the previously provided data packet;
retrieve data packet metadata, wherein the packet metadata comprises at least one attribute value identifying an attribute of the data packet, wherein the data packet metadata comprises a model based on a Gaussian distribution, wherein the Gaussian distribution is defined in part by an error value corresponding to a width of the Gaussian distribution;
translate the received response into an observable;
update the data packet metadata based on the observable; and
provide the data packet to another user based on the updated data packet metadata.

US Pat. No. 10,116,562

COMMUNICATION INTERFACE APPARATUS

LSIS CO., LTD., Anyang-s...

1. A communications interface apparatus comprising:a physical layer interface configured to receive first data from an external device and output the received first data;
a medium control access (MAC) layer interface configured to receive the first data output via the physical layer interface, transmit the received first data to an upper layer, and receive second data in response to the transmitted first data; and
a relay, separate from the physical layer interface and the MAC layer interface, configured to receive the first data output via the physical layer interface, create third data based at least on processing condition information of the first data, and output the third data,
wherein the relay is further configured to store the processing condition information corresponding to the first data received from the external device, and create the third data based at least on the processing condition information corresponding to the received first data upon receiving the first data via the physical layer interface, and
wherein the MAC layer interface comprises:
a receive buffer configured to store the received first data;
a transmit buffer configured to store the second data transmitted from the upper layer; and
a transmission status management unit configured to control transmission of the third data and the second data to the physical layer interface,
wherein the processing condition information is based on at least one of: a destination address, a source address, a type, a length, or a transmission time variable of the received first data, and
wherein the transmission status management unit is further configured to receive the third data from the relay, check if the second data is being transmitted at the time of transmitting the third data upon receiving the third data, and transmit the third data to the physical layer interface at the time point where the second data is not transmitted.

US Pat. No. 10,116,558

PACKET SWITCH USING PHYSICAL LAYER FIBER PATHWAYS

Fiber Mountain, Inc., Ch...

1. A system for communicating traffic within a network comprising:a fiber optic pathway bundle providing one or more fiber optic pathways, wherein each of the one or more fiber optic pathways includes a physical layer identifier uniquely identifying the fiber optic pathway;
at least one edge grooming switch having one or more ports, each of the one or more edge grooming switch ports includes a physical layer identifier uniquely identifying each edge grooming switch port, the at least one edge grooming switch being operatively connected to the fiber optic pathway bundle, the at least one edge grooming switch being capable of receiving traffic on the one or more edge grooming switch ports and redirecting the traffic onto the one or more fiber optic pathways of the fiber optic pathway bundle;
at least one path grooming switch connected to the fiber optic pathway bundle and capable of receiving the traffic from the one or more fiber optic pathways and redirecting the traffic to one or more path grooming switch ports, wherein each path grooming switch port includes a physical layer identifier uniquely identifying each path grooming switch port; and
a controller for controlling the at least one edge grooming switch, the at least one path grooming switch and the fiber optic pathway bundle for optimizing the one or more fiber optic pathways for the traffic to flow, wherein the controller configures the one or more fiber optic pathways into logical bundles that form a connection of a certain speed based on a destination of the traffic received by the at least one edge grooming switch, and wherein the controller during the configuring of the one or more fiber optic pathways identifies each path grooming switch port utilizing the path grooming port physical layer identifier, each edge grooming switch port utilizing the edge grooming port physical layer identifier and each fiber optic pathway utilizing the pathway physical layer identifier.

US Pat. No. 10,116,556

TECHNIQUES FOR ROUTING AND FORWARDING BETWEEN MULTIPLE VIRTUAL ROUTERS IMPLEMENTED BY A SINGLE DEVICE

Ericsson AB, Stockholm (...

1. A method in a device, comprising:configuring a second virtual router implemented by the device to learn routes from a first virtual router implemented by the device, wherein the first virtual router stores routing information for a first virtual private network in a first routing table and the second virtual router stores routing information for a second virtual private network in a second routing table;
inserting, by the device, a first route into the first routing table, wherein the first route includes a next hop corresponding to a physical network interface of the device leading to an external destination;
distributing, responsive to said configuring of the second virtual router to learn routes from the first virtual router, the first route to the second virtual router to be installed in the second routing table as a second route, wherein the second routing table includes at least one route for the second virtual private network that is not in the first routing table; and
responsive to receiving a packet, forwarding the packet according to a forwarding table entry corresponding to the second route of the second routing table to send the packet using the physical network interface to the external destination.

US Pat. No. 10,116,555

SWITCH MODE SWITCHING METHOD, DEVICE, AND SYSTEM

Huawei Technologies Co., ...

1. A switch mode switching method, comprising:receiving, by a switch, a mode switch request message sent by a controller, wherein the mode switch request message is used to instruct the switch to switch from a conventional switching mode to an OpenFlow switching mode;
in response to the mode switch request message, freezing, by the switch, all routing and switching information tables of the switch in the conventional switching mode, and converting, according to routing and switching information in each routing and switching information table, the routing and switching information table into an OpenFlow flow table corresponding to the routing and switching information table, wherein the OpenFlow flow table comprises at least one OpenFlow flow entry; and
switching, by the switch, to the OpenFlow switching mode, and sending a mode switch response message to the controller.

US Pat. No. 10,116,554

DATA FLOW PROCESSING METHOD AND APPARATUS

Huawei Technologies Co., ...

1. A data flow processing method comprising:determining a destination switch for service migration when a flow table capacity of a source switch is greater than a specified threshold;
selecting, by a controller, initial flow entries stored in the source switch, wherein the initial flow entries make up a subset of all flow entries in the flow table;
generating, by the controller, equivalent flow entries that are equivalent to the initial flow entries;
delivering the equivalent flow entries to the destination switch for processing data packets that match the initial flow entries and that are forwarded by the source switch, wherein a data packet processing result corresponding to an equivalent flow entry is the same as a data packet processing result corresponding to an initial flow entry;
generating an aggregated flow entry by aggregating the initial flow entries; and
delivering the aggregated flow entry to the source switch for matching the data packets to the aggregated flow entry and for forwarding the data packets to the destination switch.

US Pat. No. 10,116,552

EFFICIENT SHARED RISK GROUP REPRESENTATION AS A BIT VECTOR

Ciena Corporation, Hanov...

1. A method of path computation using a shared risk group representation, the method comprising:in any of a Network Management System (NMS), an Element Management System (EMS), a Path Computation Engine (PCE), and a Network Element (NE), representing a plurality of network risks in a network with a plurality of bit vectors where each network risk is represented as a single bit in associated bit vector such that the associated bit vector represents multiple risks of the plurality of network risks;
computing a pair of paths through the network by one of the NMS, EMS, PCE, and the NE; and
determining diversity of the pair of paths based on a comparison of associated bit vectors for each of the pair of paths,
wherein the bit vector comprises M-bits with an N-bit Group Identifier and P-bits with each of the P-bits representing a risk of the plurality of network risks, wherein M, N, and P are integers and N+P=M, and wherein the network employs the plurality of bit vectors to represent network risks using a single bit for each risk and the Group Identifier uniquely identifies each of the plurality of bit vectors.

US Pat. No. 10,116,550

BROADCAST MESSAGE TRANSLATION IN A NETWORK DEVICE

ABL IP Holding LLC, Atla...

1. A network switch, comprising:a plurality of network interfaces, wherein one of the network interfaces is configured to receive broadcast messages from a control console, and one or more of the network interfaces is associated with a multicast address;
a processor;
a memory accessible to the processor; and
a message translator service executed by the processor, the message translator service causing the network switch to:
obtain a configuration for translating a destination address of a specified type of broadcast message to a different destination address;
receive a broadcast message matching the specified type, wherein the broadcast message is received from the control console and includes an instruction for a group of network nodes;
generate a multicast message based upon the broadcast message and the configuration, wherein the multicast address used as a destination for the multicast message corresponds to the multicast address for the group of network nodes specified by the configuration; and
transmit the multicast message from the one or more network interfaces associated with the multicast address for the group of network nodes, wherein the multicast message includes the instruction for the group of network nodes.

US Pat. No. 10,116,548

PROTOCOL-BASED PACKET TRAFFIC CREATION

Red Hat, Inc., Raleigh, ...

1. A method for generating instructions for packet creation, comprising:accessing, by a computing device comprising a processor device, a packet capture comprising a plurality of packets;
selecting, by the computing device, a first subset of packets from the plurality of packets based on a first computing device identifier (ID);
identifying, by the computing device, based on a particular protocol layer of a plurality of protocol layers, a protocol layer characteristic of packets in the first subset of packets; and
generating, by the computing device, a plurality of instructions that direct a packet generator component to generate a second subset of packets that have the same protocol layer characteristic as the packets in the first subset of packets.

US Pat. No. 10,116,546

OAM PACKET PROCESSING METHOD, NETWORK DEVICE, AND NETWORK SYSTEM

HUAWEI TECHNOLOGIES CO., ...

1. An operation, administration and maintenance (OAM) packet processing method implemented at a local network device, wherein the method comprises:receiving, by a receiver of the local network device, an OAM packet comprising a first Internet Protocol (IP) header, wherein the IP header of the OAM packet comprises a first source device identity (ID) and a first sink device ID; and
returning, by a transmitter of the local network device, an OAM reply packet comprising a second IP header, wherein the second IP header of the OAM reply packet comprises a second source device ID and a second sink device ID, wherein the second source device ID is an ID of the local network device, and wherein the second sink device ID is the same as the first source device ID, wherein information included in the OAM packet and the OAM reply packet improves a fault detection capability of the local network device.

US Pat. No. 10,116,545

METHOD, DEVICE AND SYSTEM FOR PROCESSING OAM PACKET

HUAWEI TECHNOLOGIES CO., ...

1. A method for processing an operation, administration and maintenance (OAM) packet, comprising:receiving, by a first network device, an OAM instruction sent by an OAM server, wherein the OAM instruction comprises first format information indicating a first OAM packet format corresponding to at least one first OAM function implementation and a first sending target identifier;
generating, by the first network device, a first OAM packet according to the first format information;
sending, by the first network device, the first OAM packet to at least one corresponding network device indicated by the first sending target identifier; and
receiving, by the first network device, a second OAM packet sent by a second network device, among the at least one corresponding network device, in response to the first OAM packet,
wherein when the first network device does not include an OAM flow table corresponding to the second OAM packet of the second network device,
by the first network device,
sending the second OAM packet to the OAM server,
receiving a flow table constructing instruction sent by the OAM server, the flow table constructing instruction including second format information indicating a second OAM packet format corresponding to at least one second OAM function implementation different from the at least one first OAM function implementation and a second sending target identifier,
constructing the OAM flow table according to the flow table constructing instruction to include a matching entry used for matching to the second OAM packet in the second OAM packet format; and
after the receiving the flow table constructing instruction sent by the OAM server, generating, a third OAM packet according to the second format information, and sending the third OAM packet to a third network device indicated by the second sending target identifier.

US Pat. No. 10,116,542

COMMUNICATION DEVICE, COMMUNICATION METHOD, PROGRAM, AND COMMUNICATION SYSTEM

Sony Corporation, Tokyo ...

1. A slave communication device configured to perform communication through a bus, comprising:transmitting and receiving circuitry configured to transmit and receive a signal to and from a master communication device; and
error detection circuitry configured to detect whether an error has occurred in the signal, wherein:
in one word received immediately after a continuous re-start is received, the error detection circuitry is configured to confirm whether a predefined bit stream exists,
in a case where the predefined bit stream does not exist in the one word, the error detection circuitry is configured to detect that an error has occurred in the one word, and
the continuous re-start is a pattern that indicates that communication of the signal is continuously restarted but not terminated, and the continuous re-start pattern is received after a command to enter a dynamic address assignment (ENTDAA) procedure is received and before the ENTDAA procedure is terminated.

US Pat. No. 10,116,539

MULTI-LINK NETWORK GATEWAY WITH MONITORING AND DYNAMIC FAILOVER

Tempered Networks, Inc., ...

1. A method for managing communication over one or more networks using one or more network computers, wherein execution of instructions by the one or more network computers perform the method comprising:instantiating a monitoring engine that performs actions, including:
monitoring one or more links that are associated with a gateway computer, wherein the one or more links are associated with one or more network addresses, and wherein the gateway computer is associated with a gateway identifier (GID) that is separate from the one or more network addresses; and
providing one or more metrics that are associated with the one or more monitored links based on the monitoring; and
instantiating a gateway engine that performs actions, including:
providing one or more scores that are associated with the one or more links based on the one or more metrics;
modifying the one or more scores based on policy information provided by a platform engine;
comparing the one or more links based on the one or more scores and the policy information;
employing a result of the comparison to activate at least a portion of the one or more links, wherein the activated portion of the links is employed to communicate over the one or more networks with one or more other gateway computers, and wherein a network address that is associated with the activated portion of the links is provided to the platform engine, and wherein the platform engine associates the GID with the network address;
comparing the one or more links based on one or more updated metrics; and
employing a result of the comparison of the updated metrics to activate another portion of the one or more links, wherein a network address of the other portion of links is associated with the GID.

US Pat. No. 10,116,537

MEDIA PLAYER ANALYTICS

WOWZA MEDIA SYSTEMS, LLC,...

1. A method comprising:receiving, at a client device, a media stream from a media server;
generating, at the client device, client analytics data associated with at least one of receiving, processing, or playback of the media stream;
initiating transmission, from the client device, of the client analytics data to an analytics device, the analytics device comprising a separate device than the media server, the client analytics data including a media server identifier and metadata indicating that the client analytics data is associated with a particular category of data, wherein the media server identifier uniquely identifies the media server, wherein the particular category is part of a first level of a hierarchy, and wherein the media server identifier is associated with a second level of the hierarchy;
receiving, at the client device, a command requesting additional client analytics data based on the media server identifier, the command correlated to a performance characteristic of the media server;
generating the additional client analytics data; and
initiating transmission, at the client device, of the additional client analytics data to the analytics device, wherein initiating transmission of the additional client analytics data is based on the second level of the hierarchy.

US Pat. No. 10,116,534

SYSTEMS AND METHODS FOR WEBSPHERE MQ PERFORMANCE METRICS ANALYSIS

1. A system for monitoring a performance of a computer network architecture comprising:a multi-threaded controller configured to produce messages, request messages, consume messages, and subscribe to queue managers;
a multi-threaded trigger monitor configured to dynamically execute one or more consumer classes;
a multi-threaded message publisher configured to publish multi-topic messages at a predetermined publishing rate;
a scenario database in communication with the controller, trigger monitor, and message publisher, the database configured to provide each of the controller, trigger monitor, and message publisher with one or more test parameters;
a runtime data capture service in configured to:
receive operation data from the controller; and
store the operation data in a data repository; and
an analysis engine configured to produce and monitor performance analysis data relating to the computer network architecture based on operation data in the data repository.

US Pat. No. 10,116,532

CLOUD-BASED OPERATOR INTERFACE FOR INDUSTRIAL AUTOMATION

Rockwell Automation Techn...

1. A system that provides operator interface services using a cloud platform, comprising:a memory;
a processor that executes computer-executable components stored on the memory to implement the system, the computer-executable components comprising:
a gateway interface component configured to receive industrial data from an industrial system, wherein the gateway interface receives the industrial data on a cloud platform;
a context component configured to add contextual metadata to at least a subset of the industrial data, wherein the contextual metadata comprises at least a plant employee identifier and a hierarchical identification tag that identifies an origin of the subset of the industrial data within an industrial enterprise in terms of two or more hierarchical levels of the industrial enterprise, the two or more hierarchical levels comprising at least a plant facility identifier; and
a client interface component configured to send at least a subset of the industrial data from the cloud platform to a client device and render the subset of the industrial data on the client device based on the contextual metadata.

US Pat. No. 10,116,530

TECHNOLOGIES FOR DETERMINING SENSOR DEPLOYMENT CHARACTERISTICS

CISCO TECHNOLOGY, INC., ...

1. A method comprising:running a capturing agent on a device, the capturing agent being deployed on a virtualization environment of the device;
querying, by the capturing agent, the virtualization environment associated with the capturing agent for one or more environment parameters, the one or more environmental parameters including at least one of a module loaded in an operating system hosting the virtualized environment, a service running in the operating system, and/or a configuration setting set for a software network device used by the virtualized environment;
receiving, by the capturing agent, a response comprising the one or more environment parameters; and
based on the one or more environment parameters, determining whether the virtualization environment where the capturing agent is deployed is a hypervisor or a virtual machine.

US Pat. No. 10,116,524

MACHINE-LEARNING OPTIMIZATION FOR COMPUTING NETWORKS

1. A computer-implemented method of optimizing data flow through a plurality of networks, comprising:providing an online platform providing a machine learning module;
interconnecting the online platform and a plurality of network providers via at least one computer having software for causing the at least one computer to perform the following process steps:
(a) acquiring a list of open shortest path first (OSPF) neighbors of the plurality of network providers;
(b) acquiring a list of label distribution paths (LDP) neighbors;
(c) executing for each OSPF neighbor a bandwidth test for collecting latency information thereof;
(d) prompting the machine learning module to predict multiple path outcomes through the plurality of networks and calculate a confidence score of each path outcome based on latency information for associated OSPF neighbors; and
(e) making routing decisions for each OSPF neighbor based on its respective confidence score,
wherein if the confidence score is higher than 60 percent, then 80 percent of the collected latency information of step (c) is used by the software to determine a reliability value of each respective OSPF neighbor.

US Pat. No. 10,116,522

UTILIZING SOCIAL MEDIA FOR INFORMATION TECHNOLOGY CAPACITY PLANNING

International Business Ma...

1. A method comprising:computing, by one or more processors, a number of times that a string of text is identified within an online news feed;
computing, by the one or more processors, a score for the string of text, at least in part, by multiplying the number of times the string of text is identified within the online news feed by a rating assigned to the string of text, wherein the rating ranges from approximately 0.8 to approximately 1, wherein the rating represents a statistical correlation between a use of the string of text within the online news feed and a subsequent change in one or more computer hardware capacity requirements of a networked computer system;
in response to a determination that the score exceeds a first configurable threshold value, generating, by the one or more processors, an electronic notification, wherein the electronic notification alerts of an anticipated change in the one or more computer hardware capacity requirements of the networked computer system, wherein the electronic notification includes a unique identifier of a computer hardware affected by the anticipated change, and a recommendation for allocation of the computer hardware;
extrapolating, by the one or more computer processors, an expected number of matches for the string of text within the online news feed based on an actual number of matches over a period of time;
estimating, by the one or more computer processors, the one or more computer hardware capacity requirements based on the expected number of matches and a factor that represents a relevance of the online news feed for determining the one or more computer hardware capacity requirements;
in response to a determination that the score exceeds a second configurable threshold value, generating, by the one or more processors, a request to allocate the computer hardware within the networked computer system in order to satisfy the estimated one or more computer hardware capacity requirements;
sending, by the one or more processors, the request to a client computer for viewing; and
allocating, by the one or more computer processors, the computer hardware based on the sent request.

US Pat. No. 10,116,521

SYSTEMS AND METHODS FOR DETERMINING NETWORK CONFIGURATIONS USING HISTORICAL REAL-TIME NETWORK METRICS DATA

Citrix Systems, Inc., Fo...

1. A method for optimizing network performance, comprising:receiving data related to one or more network metrics for measuring current network traffic or determining network patterns;
determining, based on the received data, a model associated with at least one of detection and prediction of one or more future network events;
determining whether the received data is to be used for training or updating of the model;
if the received data is to be used for training or updating of the model, then train or update the model, with the trained or updated model to be used with subsequently received data;
if the received data is not to be used for training or updating of the model, then apply the data to the model;
determining a configuration related to the one or more network devices based on the received data being applied to and the determined model; and
configuring the one or more network devices according to the determined configuration.

US Pat. No. 10,116,518

MECHANISM FOR MANAGEMENT CONTROLLERS TO LEARN THE CONTROL PLANE HIERARCHY IN A DATA CENTER ENVIRONMENT

Intel Corporation, Santa...

1. A switch apparatus configured to be implemented in a data center environment having a control plane hierarchy in which an associated hierarchy of manageability controllers are implemented, the switch apparatus comprising:a plurality of ports;
a processor;
memory, operatively coupled to the processor; and
a storage device having instructions stored therein that are configured to be executed by the processor to enable the switch apparatus to,
implement a first manageability controller for a level in the control plane hierarchy associated with the switch apparatus;
receive a first DHCP (Dynamic Host Control Protocol) request from a second manageability controller operating at a control plane hierarchy level that is one level below the switch apparatus, the first DHCP request made by a requesting DHCP client comprising one of a lowest manageability controller in the hierarchy of manageability controllers, a compute node, or a storage node and including a destination address of the requesting DHCP client;
forward the first DHCP request to a third switch apparatus operating at a control plane hierarchy level that is one level above the switch apparatus;
receive a first DHCP response forwarded via the third switch apparatus, the first DHCP response comprising an original DHCP response issued from a DHCP server and further including a respective IP address of at least one manageability controller operating at a level in the control plane hierarchy above the manageability controller of the switch apparatus that was added by that manageability controller to the original DHCP response message;
insert the IP address of the manageability controller of the switch apparatus in the first DHCP response; and
forward the first DHCP response to the second manageability controller.

US Pat. No. 10,116,517

SYSTEMS AND METHODS FOR DETERMINING A TOPOLOGY OF AN ETHERNET RING IN A BUILDING MANAGEMENT SYSTEM

Johnson Controls Technolo...

1. A method of determining a topology of devices in an Ethernet ring, comprising:broadcasting a device discovery command from a ring topology generator to the devices in the Ethernet ring;
receiving device discovery information from one or more of the devices in the Ethernet ring at the ring topology generator;
querying a ring supervisor to confirm that the Ethernet ring is closed and to determine which Ethernet port of the ring supervisor is connected to the Ethernet ring as a forwarding port;
the ring topology generator configured to, for each discovered device in the Ethernet ring:
(i) disabling an Ethernet port of one of the devices in the Ethernet ring;
(ii) verifying that the Ethernet ring is open;
(iii) broadcasting a ring port request onto the Ethernet ring via the ring supervisor;
(iv) receiving a ring port response from each of the devices having received the ring port request;
(v) incrementing a count associated with each device based on receiving a ring port response from the device;
(vi) re-enabling the Ethernet port of the one of the devices in the Ethernet ring; and
(vii) repeating steps (i) through (vi) until each device in the Ethernet ring has had an Ethernet port disabled; and
determining the topology of the devices of the Ethernet ring by ordering the devices in the Ethernet ring based on a value of the count associated with each device, wherein the device having a highest count value being closest to the forwarding port of the ring supervisor, and the device having a lowest count value being furthest from the forwarding port of the ring supervisor.

US Pat. No. 10,116,516

NETWORK TOPOLOGY DISCOVERY METHOD AND DEVICE

Huawei Technologies Co., ...

1. A network topology discovery method, comprising:collecting network characteristic data of all network elements in a to-be-analyzed network;
obtaining at least two corresponding link subsets respectively by using at least two types of topology discovery algorithms and according to the network characteristic data, and gathering all links in the at least two link subsets into one set to obtain a first link set, wherein a confidence value of a link in each link subset is equal to a confidence value of a topology discovery algorithm corresponding to the link subset, confidence values of different topology discovery algorithms are different, and the link is a link that consists of two ports of different network elements;
obtaining a second link set by performing an operation on the first link set, wherein the operation comprises: combining same links, and for at least two links having only one same port, retaining a link having a largest confidence value in the at least two links and deleting a remaining link, wherein the same links are at least two links in which two ports in one link are the same as those in any other link; and
obtaining a network topology of the to-be-analyzed network according to each link in the second link set.

US Pat. No. 10,116,512

SERVICE DISCOVERY AND/OR EFFORT ESTIMATION IN NETWORKED COMPUTING ENVIRONMENTS

Oracle International Corp...

1. A method for facilitating discovery of a software resource in a computing environment that includes a client device operating in a system including one or more client devices in communication with a server system, wherein the server system executes webpage software, wherein the webpage software provides webpage information accessible to the client device, the client device executing steps of the method, the method comprising:employing one or more predicates to query one or more initial services in the computing environment, wherein the query includes filtering based on one or more packages, one or more classes, and one or more methods;
producing a first result in response thereto, wherein the first result indicates one or more target services that are compiled code;
using reflection to analyze the one or more target services;
producing a second result in response to the using of the reflection;
analyzing the second result to determine if the one or more target services meet a criterion for conversion to one or more Representational State Transfer (REST) services, yielding a third result in response thereto, wherein the analyzing includes function point complexity and effort estimation;
providing indications of one or more discovered services based on the third result; and
converting the one or more discovered services into one or more REST services by automatically generating computer code implementing the REST services yielded in the third result.

US Pat. No. 10,116,509

SYSTEM AND METHOD FOR MONITORING AND MANAGING OBJECTS ACROSS DATA CENTERS

1. An application management system for monitoring and managing a plurality of objects on granular object level in a plurality of datacenters by defining and implementing a rule, said system comprising:a memory that stores a database; and
a processor that is configured to
create an application ID with description;
search said plurality of objects across said plurality of datacenters;
add or tag said plurality of objects to said application ID;
manage said plurality of objects that are tagged to said application ID on granular object level, wherein said plurality of objects is managed by
defining a rule for said application ID to monitor and manage said plurality of objects on granular object level; and
automatically implementing said rule to create a work order to perform a task as defined in said rule, wherein said task as defined in said rule comprises at least one of
automatically monitoring (i) configurations of said plurality of objects and (ii) a traffic overload between said plurality of objects that are associated with said application ID;
automatically generating a first graphical depiction of logs of said plurality of objects based on severity of said logs of said plurality of objects that are tagged to said application ID;
automatically determining configuration changes of said plurality of objects that are tagged to said application ID based on said work order for generating (i) a second graphical depiction of said configuration changes occurred over a period of time and (ii) a summary of said configuration changes occurred on said plurality of objects when slides over said second graphical depiction; or
automatically determining frequency of said logs associated with said plurality of objects, frequency of said configuration changes, and status changes associated with said plurality of objects for generating a trend graph for said plurality of objects; and
enable a user to perform a plurality of actions on at least one of said first graphical depiction, said second graphical depiction or said trend graph to manage said plurality of objects on granular object level, wherein said plurality of actions comprises:
navigating to a selected certificate from a list of certificates for (i) un-tagging said selected certificate from a certificate category or said application ID, (ii) ungrouping said selected certificate from said certificate category or said application ID and (iii) grouping said selected certificate with the selected certificate category or said application ID to manage said selected certificate; and
comparing configurations of a plurality of objects of a firewall device and viewing configurations of each of said plurality of objects to manage at least one of (a) said firewall device, or (b) rules/policies of said firewall device.

US Pat. No. 10,116,508

SERVER PROFILE TEMPLATES

Hewlett Packard Enterpris...

1. A method for applying server profile templates, comprising:using a processing resource to execute computer readable instructions to:
define a server template through a user interface (UI), wherein the server template includes a server template identifier, common configuration settings, and a list of associated server profiles which share the common configuration settings;
create a number of server profiles through the UI; and
for each server profile in the list of associated server profiles:
replicate the common configuration settings from the server template to the server profile in response to detecting changes to the common configuration settings in the server template;
evaluate a domain configuration associated with the server profile to identify each physical connection for which there is a configuration in the domain configuration;
configure physical connections of a physical server represented by the server profile with a first portion of the common configuration settings replicated to the server profile, the first portion of the common configuration settings being configuration settings for physical connections which are identified as having a configuration in the domain configuration; and
ignore a second portion of the common configuration settings replicated to the server profile by not configuring the physical connections of the physical server represented by the server profile with the second portion of the common configuration settings replicated to the server profile, the second portion of the common configuration settings being configuration settings for physical connections which are not identified as having a configuration in the domain configuration.

US Pat. No. 10,116,507

METHOD OF AND SYSTEM FOR MANAGING COMPUTING RESOURCES

Hewlett Packard Enterpris...

1. A method comprising:receiving a computing resource configuration change request;
identifying, from the received computing resource configuration change request, a computing resource identifier;
identifying, by performing a search using the identified computing resource identifier in a computing resource allocation database, a client assigned to or associated with the identified computing resource identifier and an associated client service-level agreement (SLA);
determining, by a processor, whether the received computing resource configuration change request is compatible with the identified client SLA; and
approving or rejecting, by the processor, the received computing resource configuration change request based on the determination.

US Pat. No. 10,116,506

METHOD FOR UPGRADING VERSION OF NETWORK DEVICE AND NETWORK DEVICE

Huawei Technologies Co., ...

1. A method for upgrading a version of a network device, comprising:configuring, by the network device, a forwarding plane of the network device to be a first forwarding plane and a second forwarding plane, wherein the first forwarding plane runs a first version, the second forwarding plane runs a second version, and before version upgrade of the network device, the first forwarding plane is used for packet forwarding of the network device;
performing, by the network device in the first forwarding plane, sampling on forwarded packets using a preset sampling ratio, to obtain a sample packet, and copying the sample packet to the second forwarding plane;
forwarding, by the network device, the sample packet in a broadcast manner in the second forwarding plane, to learn a Media Access Control (MAC) address, and generating a MAC address entry according to the learned MAC address; and
in response to a quantity of MAC addresses learned by the second forwarding plane reaching a preset threshold, performing an upgrade so that the second forwarding plane is used for packet forwarding of the network device, wherein the preset threshold is a nonzero positive integer.

US Pat. No. 10,116,504

PACKAGE INTEGRATED SECURITY FEATURES

Intel Corporation, Santa...

1. A microelectronic package, comprising:a package substrate;
a first electrical component;
a second electrical component; and
an encryption bank formed along a data transmission path between the first electrical component and the second electrical component, wherein the encryption bank comprises a plurality of switches integrated into the package substrate.

US Pat. No. 10,116,503

AD HOC WIRELESS MESH NETWORK

AmpliSine Labs, LLC, Lub...

1. A method of operating a wireless device configured to act as a node in an ad hoc network, the method comprising:receiving, with a wireless device, a packet transmitted from a sending node to a receiving node in a multi-hop wireless connection, the sending node and the receiving node being in a different location from the wireless device, wherein the multi-hop wireless connection specifies a route through an ad hoc network, and wherein the route comprises at least three transmitting nodes;
identifying an identifier of the sending node and an identifier of the receiving node within contents of the received packet;
determining based on the identifier of the sending node, the identifier of the receiving node, and a record in a memory of the wireless device that the wireless device is in the route of the multi-hop wireless connection including the sending and receiving nodes;
determining that one or more of a signal strength of a signal conveying the received packet is above a first threshold, a geographic distance between the wireless device and the sending node is beneath a second threshold, or a rate of change of the geographic distance between the wireless device and the sending node is beneath a third threshold; and
in response to the determination that one or more of the signal strength of the signal conveying the received packet is above the first threshold, the geographic distance between the wireless device and the sending node is beneath the second threshold, or the rate of change of the geographic distance between the wireless device and the sending node is beneath the third threshold, wirelessly transmitting a kill packet to the sending node and the receiving node that reconfigures the multi-hop wireless connection to specify a different route through the ad hoc network that bypasses the receiving node.

US Pat. No. 10,116,501

METHOD AND APPARATUS FOR INTER-PROFILE COMMISSIONING IN A NETWORK

PHILIPS LIGHTING HOLDING ...

1. A commissioning apparatus for configuring a non-connected node to operate within a network comprising further nodes, the non-connected node configured to exchange parameters according to a first commissioning process defined in a first application profile, the further nodes configured to exchange parameters according to a second commissioning process defined in a second application profile, different from and incompatible with the first commissioning process, the commissioning apparatus comprising:a transceiver configured to receive information, from the non-connected node, regarding the non-connected node; and
a controller configured to process the information for implementing at least one commissioning procedure corresponding to the first application profile, thereby enabling the non-connected node to operate within the network using the first commissioning process although the network operates in accordance with the second commissioning process,
wherein the commissioning apparatus is configured: to allow devices comprising ZigBee Light Link, ZLL, devices to join the network according to a Touchlink commissioning process, to operate as an initiator, to copy centralized network parameters, and to reinterpret the centralized network parameters within a command comprising a ZLL commissioning cluster command, and wherein the transceiver is configured to communicate with a device comprising a trust center device, about the non-connected device, to request approval prior to sending the centralized network parameters or a network key.

US Pat. No. 10,116,500

EXCHANGING INFORMATION AMONG SYSTEM MIDDLEWARE AND MODELS

The MathWorks, Inc., Nat...

1. A method, comprising:inserting a block into a model associated with a system,
the system being associated with middleware,
the block subscribing to information generated by the middleware based on communication between the middleware and the system, and
the inserting the block being performed by a device;
receiving subscriber configuration information for configuring the block,
the receiving the subscriber configuration information being performed by the device;
receiving, by the model and via communication with the middleware, the information generated by the middleware,
the receiving the information generated by the middleware being performed by the device;
creating, based on the subscriber configuration information, a signal associated with the block,
the signal including the information generated by the middleware that is converted into a format compatible with the model,
the creating the signal being performed by the device; and
executing the model,
where the executing comprises using the signal that includes the information generated by the middleware that is converted into the format compatible with the model,
the executing the model being performed by the device.

US Pat. No. 10,116,499

INTERCONNECTION PLATFORM FOR REAL-TIME CONFIGURATION AND MANAGEMENT OF A CLOUD-BASED SERVICES EXCHANGE

Equinix, Inc., Redwood C...

2. A cloud exchange comprising:a data center that includes respective ports of a switching fabric to which a plurality of networks connect, each of the networks comprising computing resources co-located within the data center,
wherein a first network of the networks is associated with a cloud service provider and provides at least one cloud service;
a plurality of interconnection assets within the data center,
wherein the plurality of interconnection assets are configured to connect, using a first virtual circuit that comprises a path through the switching fabric of the data center, a second network of the networks with the first network associated with the cloud service provider to enable access by the second network to the at least one cloud service, and
wherein the plurality of interconnection assets are configured to connect, using a second virtual circuit that comprises a path through the switching fabric of the data center, a third network of the networks with the first network associated with the cloud service provider to enable access by the third network to the at least one cloud service; and
an interconnection platform configured for execution by one or more computing devices and presenting a software interface configured to, in response to receipt of a request from an application, access the plurality of interconnection assets to satisfy the request.

US Pat. No. 10,116,498

METHOD AND SYSTEM FOR NETWORK AND INTRA-PORTAL LINK (IPL) SHARING IN DISTRIBUTED RELAY CONTROL PROTOCOL (DRCP)

TELEFONAKTIEBOLAGET LM ER...

1. A method supporting network and intra-portal link (IPL) sharing in a link aggregation group at a network device, wherein the network device and a neighbor network device are included in a portal of the link aggregation group, wherein the network device is coupled to the neighbor network device via an intra-portal port (IPP) using an IPL that is a logical point-to-point link between the network device and the neighbor network device, the method comprising:receiving a first type/length/value (TLV) message transmitted from the neighbor network device;
determining that the network device is configured with a network and IPL sharing method consistent with that of the neighbor network device, wherein the determining includes:
comparing a recorded neighbor network and IPL sharing method received from the first TLV message with a home network and IPL sharing method of the network device; and
transmitting frames between the network device and the neighbor network device using the network and IPL sharing method.

US Pat. No. 10,116,496

METHOD OF IMPROVING CLOUD RESILIENCY

INTERNATIONAL BUSINESS MA...

1. A method for improving resiliency in a network of computing components functioning according to a multilayered Open Systems Interconnection (OSI) model by a processor device, comprising:upon exceeding a predetermined threshold for at least one of the multiple layers for a certain event, providing a real-time notification of the event in an inter-layer basis such that a responsible entity comprising a device which detected the event manages the event according to an OSI model-wide system; wherein managing the event further includes notifying, directly by the device which detected the event, all layer 2 or layer 3 devices on the network of the event, the layer 2 or layer 3 devices which support event notification rebroadcasting the notification; and wherein rebroadcasting the notification by layer 2 or layer 3 devices further includes rebroadcasting the notification through all ports of the layer 2 or layer 3 device, except the port from which the notification was received, such as to flood the network to ensure dissemination of the notification; and
using a separate value of the predetermined threshold for a given instance of the certain event in each one of the multiple layers such that the predetermined threshold differs per given instance of the certain event within a respective one of the multiple layers; wherein, for the layer 2 devices, the certain event comprises detecting at least one of frame check sequence errors, receipt of a number x of jabber within a number n amount of time, and receipt of a number y of runts within a number z amount of time; and wherein, for the layer 3 devices, the certain event comprises detecting at least one of changes in Internet Protocol (IP) addresses, destination host unreachable errors, source route failed errors, and network unreachable errors.

US Pat. No. 10,116,495

DEAD DROP NETWORK ARCHITECTURE

LARC NETWORKS, INC., Los...

1. A method for performing an action responsive to detecting an event in a dead drop (DD) domain, the method comprising:receiving, by a node in the DD domain, a message specifying an event to be monitored and a specified action to perform in response to detecting an occurrence of the specified event, wherein the specified event is to occur within a second node of the DD domain;
sending a notification request to the second node of the DD domain, the notification request identifying the specified event and including a notification address to which a notification is to be made when the event occurs, the notification address including a dead drop identifier (DDID) referencing a storage location in the DD domain and a token associated with the DDID
detecting the occurrence of the specified event within the DD domain, wherein detecting the occurrence of the specified event within the DD domain comprises receiving a notification message from the second node indicating that the specified event occurred at the second node, the second node using the token to write the notification message to the storage location referenced by the DDID; and
performing the specified action in response to detecting the occurrence of the specified event within the DD domain.

US Pat. No. 10,116,494

SHARED PATH RECOVERY SCHEME

TELEFONAKTIEBOLAGET LM ER...

1. A method of operating a connection-oriented network in which there is a first working path and a second working path, the method comprising:causing, in response to a signalling received by a first node, the first node to allocate resources for a part of a first recovery path for the first working path, the resources being shared by the first recovery path for the first working path and a second recovery path for the second working path, wherein the signalling comprises a resource reservation protocol for traffic engineering (RSVP-TE) object that carries the address of the second node to be notified;
storing at the first node, an address of a second node on the first working path based on the signalling that identifies the address of the second node; and
notifying the second node that the shared resources are no longer available to the first recovery path when the shared resources are used by the second recovery path for the second working path.

US Pat. No. 10,116,492

METHOD AND NETWORK NODE FOR MANAGING RESOURCE ALLOCATION IN TRAFFIC RESTORATION

TELEFONAKTIEBOLAGET LM ER...

1. A method of managing allocation of network resources in restoration of traffic in a connection oriented network, the method comprising:restoring a first traffic from a first path on an alternative path if the first path is affected by a first failure;
assigning a reserved status to resources of the first path no longer used for carrying the first traffic, wherein the reserved status prevents the no longer used resources of the first path from being reassigned for use in another path unless at least one of a number of predefined exception conditions is satisfied.

US Pat. No. 10,116,491

NETWORK CABLING VERIFICATION

Amazon Technologies, Inc....

1. A computer-readable storage device including instructions thereon for verifying connectivity between a patch panel and a network device, the computer-readable storage device comprising:instructions for communicating with a technician regarding testing two or more ports on the patch panel, wherein the two or more ports are coupled together using a loopback device wherein the loopback device is a removable jumper cable;
instructions for transmitting a test communication from a network device to the patch panel to test the two or more ports;
instructions for detecting, at the network device, the test communication back from the patch panel on the two or more ports after passing through the loopback device in order to verify connectivity between the patch panel and the network device, the network device for automatically measuring how long the test communication took to be received back at the network device and for automatically measuring a signal strength associated with the test communication received back from the patch panel and for automatically reconfiguring the two or more ports based on the signal strength; and
instructions for automatically storing whether the two or more ports passed the testing.

US Pat. No. 10,116,490

USAGE CONTROL FOR SUBSCRIBER GROUP

NOKIA SOLUTIONS AND NETWO...

1. A method for use by an apparatus of a communication network, the method comprising:receiving a session establishment request for a user or user equipment attaching to the communication network;
detecting that the user or user equipment belongs to a usage group, based on group identity information that is allocated to the user or user equipment and identifies the usage group, wherein the detecting comprises requesting the group identity information from a database based on an identifier of the user or user equipment received with the session establishment request for the user or user equipment;
detecting, based on the group identity information, whether or not a first rules function out of several rules functions has been allocated to another user or user equipment of the usage group;
in case it is detected that the first rules function has been allocated to another user or user equipment of the usage group, selecting, for the user or user equipment, the first rules function and
sending a request message to request the session establishment from the first rules function or sending a redirect message to redirect the user or user equipment to the first rules function, for requesting the session establishment from the first rules function.

US Pat. No. 10,116,488

SYSTEM FOR ANALYZING AN INDUSTRIAL CONTROL NETWORK

Rockwell Automation Techn...

1. A system for analyzing an industrial control network, comprising:an interrogator having a network interface configured to communicate with a plurality of device types, the interrogator executing a program stored in a non-transient medium to discover a first-level device on a first-level network by sending a generic message readable by each of the plurality of device types, the generic message being configured to direct a device to identify its device type, then send a specific message to the first-level device based on the device type to discover a second-level network connected to the first-level device, then discover a second-level device on the second-level network by sending a generic message readable by each of the plurality of device types via the first-level device, wherein each message is configured to direct a device to provide a response including a plurality of parameters, and wherein each generic message is sent to a plurality of network locations to determine presence of a device at each network location; and
a processing manager in communication with the interrogator, the processing manager executing a program stored in a non-transient medium operable to:
receive a plurality of data records from the interrogator, each data record including a plurality of parameters for each device providing a response, the plurality of data records forming a data set;
format the data set by populating a plurality of predetermined fields for each data record, the plurality of predetermined fields including a first field indicating a parameter for a device of a data record and a second field indicating a network location for the device of the data record; and
graphically display the predetermined fields.

US Pat. No. 10,116,487

MANAGEMENT OF INTERACTIONS WITH REPRESENTATIONS OF RENDERED AND UNPROCESSED CONTENT

Amazon Technologies, Inc....

1. A system for remote session browsing, comprising:one or more computer processors;
at least one computer memory accessible by at least one of the one or more computer processors; and
a client-side browser executed by the one or more computer processors, wherein the client-side browser is configured to at least:
transmit a request for first network content to a server-side browser executing on a server;
receive, from the server-side browser, a rendered version of the first network content generated by the server-side browser, the rendered version received in accordance with a display-based communication protocol;
cause display of the rendered version of the first network content;
determine, based at least partly on a remote browse session configuration, that a first user interaction with a local interface component of the client-side browser is to be processed remotely by the server-side browser, wherein the local interface component is displayed separately from the first network content;
transmit, to the server-side browser, interaction data reflecting the first user interaction;
receive, from the server-side browser, an updated rendered version of the first network content;
cause display of the updated rendered version of the first network content;
transmit, to the server-side browser, a request for second network content;
receive, from the server-side browser, an unprocessed version of the second network content;
generate, from the unprocessed version of the second network content, a visual representation of the second network content for display;
determine that a second user interaction with the local interface component displayed separately from the second network content is to be processed locally by the client-side browser; and
process the second user interaction locally.

US Pat. No. 10,116,485

TX/RX IMBALANCE AND CARRIER LEAKAGE CALIBRATION

QUALCOMM Incorporated, S...

1. A wireless transceiver, comprising:a calibration path including at least a transmit path and a receive path in the wireless transceiver; and
a calibration processor configured to:
capture a first frequency-domain multi-tone (FDMT) signal transmitted through the calibration path;
generate a frequency-domain representation of the first captured FDMT signal;
capture a second FDMT signal transmitted through the calibration path;
generate a frequency-domain representation of the second captured FDMT signal;
capture a third FDMT signal transmitted through the calibration path;
generate a frequency-domain representation of the third captured FDMT signal;
estimate transmitter in-phase and quadrature (I/Q) imbalances and receiver I/Q imbalances across an entire bandwidth of the wireless transceiver, and the transmit carrier leakage in the wireless transceiver, contemporaneously based at least in part on the frequency-domain representations of the first, second, and third captured FDMT signals;
wherein the estimated transmitter and receiver I/Q imbalances are based on an average of the frequency-domain representations of the first and second captured FDMT signals, and the frequency-domain representation of the third captured FDMT signal; and
determine a transmitter I/Q imbalance correction filter coefficient, a receiver I/Q imbalance correction filter coefficient, and a transmit carrier leakage correction factor contemporaneously based on the estimated I/Q imbalances and the estimated transmit carrier leakage.

US Pat. No. 10,116,484

TECHNIQUES AND APPARATUSES FOR ODD-EXPONENT QUADRATURE AMPLITUDE MODULATION

QUALCOMM Incorporated, S...

1. A method of wireless communication performed by a wireless communication device, comprising:identifying groups of bits of a particular size;
mapping the groups of bits, with corresponding parity bits, to an even-exponent modulation constellation to generate an odd-exponent modulation constellation,
wherein at least one corresponding parity bit, of the corresponding parity bits, is added to a group of bits, of the groups of bits, for the mapping; and
transmitting a signal based at least in part on the odd-exponent modulation constellation.

US Pat. No. 10,116,483

DYNAMICALLY CONVEY INFORMATION OF DEMODULATION REFERENCE SIGNAL AND PHASE NOISE COMPENSATION REFERENCE SIGNAL

QUALCOMM Incorporated, S...

1. A method of wireless communication of a base station, comprising:determining at least one of a number of one or more demodulation reference signal (DM-RS) symbols or one or more locations within a subframe for transmission of the one or more DM-RS symbols;
transmitting the at least one of the number of the one or more DM-RS symbols or the one or more locations within the subframe for the transmission of the one or more DM-RS symbols to a user equipment (UE);
determining a resource allocation scheme for a phase noise compensation reference signal (PC-RS) in relation to the one or more DM-RS symbols in the subframe, wherein the PC-RS is conveyed from the base station to the UE for the UE to estimate a phase noise of the UE; and
transmitting the resource allocation scheme for the PC-RS to the UE.

US Pat. No. 10,116,481

APPARATUS AND METHOD FOR SENDING AND RECEIVING BROADCAST SIGNALS

LG ELECTRONICS INC., Seo...

1. A broadcast signal transmitter, comprising:an input formatting module configured to input process input data and to output at least one Physical Layer Pipe (PLP) data;
a Bit Interleaved and Coded Modulation (BICM) module configured to perform error correction processing on the PLP data;
a framing module configured to generate a signal frame comprising the PLP data, the signal frame comprising a preamble and at least one subframe;
a pilot insertion module configured to insert pilots into the signal frame; and
an Inverse Fast Fourier Transform (IFFT) module configured to Orthogonal Frequency Division Multiplexing (OFDM-modulate the signal frame,
wherein the subframe comprises data symbols and at least one Subframe Boundary Symbol (SBS), and the SBS comprises data carriers and subframe boundary pilots,
wherein the data carriers of the SBS comprise a specific number of active data carriers and a specific number of null carriers, and
wherein, within data carrier indices, the active data carriers are placed at a center and half of the null carriers are placed at each band edge.

US Pat. No. 10,116,480

BROADCAST SIGNAL TRANSMITTING APPARATUS, BROADCAST SIGNAL RECEIVING APPARATUS, BROADCAST SIGNAL TRANSMITTING METHOD, AND BROADCAST SIGNAL RECEIVING METHOD

LG ELECTRONICS INC., Seo...

1. A transmission apparatus for transmitting a broadcast signal, the transmission apparatus comprising:an input formatter configured to format input data and to output physical layer pipe (PLP) data;
a Forward Error Correction (FEC) encoder configured to perform FEC encoding on the outputted PLP data;
a bit interleaver configured to interleave the PLP data on which the FEC encoding is performed;
a constellation mapper configured to map the interleaved PLP data onto constellations;
a frame builder configured to generate a signal frame comprising the mapped PLP data,
wherein the signal frame comprises a preamble and the preamble includes frequency interleaver information indicating whether the frequency interleaver is enabled or not,
wherein when the frequency interleaver information is set to ‘1’, a frequency interleaver performs frequency interleaving on data in the signal frame, and
wherein when the frequency interleaver information is set to ‘0’, the frequency interleaver does not perform the frequency interleaving on the data in the signal frame; and
an Inverse Fast Fourier Transform (IFFT) modulator configured to Orthogonal Frequency Division Multiplexing (OFDM) modulate the signal frame including the data on which the frequency interleaving is performed or not performed.

US Pat. No. 10,116,478

SCATTERED PILOT PATTERN AND CHANNEL ESTIMATION METHOD FOR MIMO-OFDM SYSTEMS

BlackBerry Limited, Wate...

1. A method of transmitting symbols using Orthogonal Frequency Division Multiplexing (OFDM) frames at an OFDM base station using a plurality of processing paths of an OFDM transmitter to transmit OFDM signals, the OFDM frames having a time domain and a frequency domain, each of the OFDM frames comprising a plurality of OFDM symbols in the time domain and a plurality of sub-carriers in the frequency domain, the method comprising the steps of:for a first processing path of the OFDM transmitter, transmitting scattered pilot symbols in a scattered pattern in time-frequency by transmitting a first set of pilot symbols in a first pattern in time-frequency and transmitting a second set of pilot symbols in a second pattern in time-frequency at same frequencies as the first pattern, offset by one OFDM symbol in the time domain; and
for a second processing path of the OFDM transmitter, transmitting scattered pilot symbols using the scattered pattern.

US Pat. No. 10,116,476

RECEIVING METHOD AND RECEIVER FOR SATELLITE-BASED AUTOMATIC IDENTIFICATION SYSTEMS

European Space Agency, P...

1. A method for demodulating a received signal relating to a sequence of transmitted symbols that have been modulated by continuous phase modulation, the method comprising the steps of:A) normalizing samples of a sequence of samples generated from the received signal, to obtain a normalized sequence of samples, wherein an amplitude of each sample of the normalized sequence of samples has an absolute value equal to unity;
B) estimating, on the basis of the normalized sequence of samples, a time offset and a frequency offset of the received signal and using the estimated time offset and the estimated frequency offset for compensating the normalized sequence of samples for the time and frequency offsets to obtain a compensated sequence of samples; and
C) determining a sequence of symbols corresponding to the transmitted sequence of symbols on the basis of the compensated sequence of samples,
wherein estimating the time offset and the frequency offset involves:
filtering the normalized sequence of samples using a low-pass filter to obtain a filtered sequence of samples;
determining the estimate of the time offset on the basis of a first result obtained by auto-correlating the filtered sequence of samples;
determining the estimate of the frequency offset on the basis of a second result obtained by auto-correlating the filtered sequence of samples or a first sequence of samples derived from the normalized sequence of samples;
interpolating the normalized sequence of samples or a second sequence of samples derived from the normalized sequence of samples on the basis of the estimate of the time offset; and
compensating the normalized sequence of samples or a third sequence of samples derived from the normalized sequence of samples for the frequency offset using the estimate of the frequency offset, to obtain the compensated sequence of samples.

US Pat. No. 10,116,475

AUTOMATIC ELECTRICAL SIGNAL DECODING DISCOVERY AND ELECTRICAL SIGNAL CODING BETWEEN A DEVICE AND ITS REMOTE CONTROLLER

Kirio, Inc., Lynnwood, W...

1. A method of operating a signal demodulator in a receiver device, the method comprising:operating the receiver device to receive a modulated signal;
transform the modulated signal to a digital signal;
configuring a signal filter window on a frequency filter to maximize time domain signal resolution;
operating a signal processor to:
(a) apply the digital signal to the frequency filter to filter out a captured waveform that is captured by the signal filter window;
(b) re-configure the signal filter window to increase frequency domain signal resolution;
(c) repeat (a) and (b) until a maximal frequency resolution is attained;
applying signal templates from a signal template library to the captured waveform to calculate a template relationship value for each of the signal templates utilized;
applying the template relationship value to select one or more decoding templates;
applying the template relationship value and the one or more decoding templates to select a modulation scheme; and
operating the signal demodulator to demodulate the digital signal using the template relationship value, the decoding templates and the modulation scheme.

US Pat. No. 10,116,474

MODULATING COMMUNICATIONS BETWEEN PLATFORMS ONTO POWER DELIVERY RAILS

Intel Corporation, Santa...

1. A data consumption platform comprising:a data interface;
a connector;
a direct current (DC) power line coupled to the connector;
a low pass filter coupled to the DC power line;
a power port coupled to the low pass filter;
a high pass filter coupled to the DC power line;
a bandpass filter coupled to the high pass filter; and
an embedded controller coupled between the bandpass filter and the data interface, the embedded controller including:
a converter to receive a modulated analog signal from the DC power line via the high pass filter and the bandpass filter, and convert the modulated analog signal to a digital signal; and
a digital signal processor to demodulate the digital signal to obtain data.

US Pat. No. 10,116,473

CONTROLLING NOISE TRANSFER FUNCTION OF SIGNAL PATH TO REDUCE CHARGE PUMP NOISE

Cirrus Logic, Inc., Aust...

1. An apparatus comprising:a delta-sigma modulator for quantization noise shaping of a digital signal;
a digital-to-analog converter configured to generate an analog signal from the digital signal; and
an amplifier configured to amplify the analog signal and powered from a charge pump, wherein the charge pump is configured to operate at a switching frequency approximately equal to that of a zero of a modulator noise transfer function of the delta-sigma modulator, such that the impact of charge pump noise on a total harmonic distortion noise of the apparatus is minimized.

US Pat. No. 10,116,471

FAST ADAPTIVE MODE-CONVERSION DIGITAL CANCELLER

Valens Semiconductor Ltd....

1. A transceiver comprising:a receiver analog front end (Rx AFE), an adaptive module comprising at least one of an adaptive digital equalizer and canceller (ADEC), a common mode sensor AFE (CMS-AFE), a fast-adaptive mode-conversion canceller (FA-MCC), and a slicer;
the Rx AFE receives a signal of more than 500 Mbps from a second transceiver over a differential wired communication link, and feeds the ADEC that generates an equalized signal;
the CMS-AFE senses a common mode signal of the differential wired communication link and feeds the FA-MCC that generates a compensation signal;
wherein the compensation signal is indicative of differential interference caused by mode-conversion; wherein mode-conversion refers to transferring energy from a common mode signal to a differential mode signal while using differential signaling; and
the slicer utilizes the equalized signal and the compensation signal to generate slicing decisions and slicing errors; wherein the slicing errors are used to adapt the ADEC and the FA-MCC.

US Pat. No. 10,116,467

ETHERNET TAG MAPPING IN VIRTUAL PRIVATE WIRE SERVICE USING ETHERNET VIRTUAL PRIVATE NETWORK

Cisco Technology, Inc., ...

1. An apparatus comprising:one or more network ports;
a processor operatively coupled to the one or more network ports; and
a memory having instructions stored, thereon, wherein the instructions, when executed by the processor, cause the processor to:
when establishing, via the one or more network ports, a Virtual Private Wire Service (VPWS) service tunnel with a provider edge (PE) device, associate with the provider edge device an Ethernet virtual private network (EVPN) Ethernet Auto-Discovery (EAD) route, wherein the EVPN EAD route has an L2VPN Attributes Extended Community comprising a control-flag field that identifies an Ethernet Tag ID associated with the VPWS service tunnel as being a VPWS-ID service, a single tag service, or a double tag service,
wherein the control-flag field comprises bit fields that designate the VPWS service tunnel as being the VPWS-ID service when configured with a zero value,
wherein the control-flag field comprises bit fields that designate the VPWS service tunnel as being the single tag service when configured with a non-zero value, and
wherein the control-flag field comprises bit fields that designate the VPWS service tunnel as being the double tag service when configured with a non-zero value.

US Pat. No. 10,116,464

EVPN INTER-SUBNET MULTICAST FORWARDING

Juniper Networks, Inc., ...

1. A method comprising:configuring, by a first provider edge router, first and second layer-2 domains to forward network traffic;
configuring, by the first provider edge router, a first layer-3 Integrated Routing and Bridging (IRB) interface for the first layer-2 domain and a second layer-3 IRB interface for the second layer-2 domain;
receiving, by the first provider edge router, a multicast packet from a multicast source device, the multicast source device being included in the first layer-2 domain, the multicast packet having a multicast receiver device in the second layer-2 domain, wherein a second provider edge router is elected as a designated router for forwarding multicast traffic on the second layer-3 IRB interface of the second layer-2 domain, and wherein the first provider edge router is a non-designated router for the second layer-3 IRB interface of the second layer-2 domain; and
forwarding, by the first provider edge router and using the first and second layer-3 IRB interfaces, the multicast packet to the multicast receiver device, without receiving the multicast packet from the second provider edge router that has been elected as the designated router for the second layer-3 IRB interface of the second layer-2 domain.

US Pat. No. 10,116,455

SYSTEMS AND METHODS FOR REPORTING MOBILE TRANSCEIVER DEVICE COMMUNICATIONS IN AN LTE NETWORK

ALL PURPOSE NETWORKS, INC...

1. A system for reporting cellular mobile transceiver device communications, the system comprising:a base station optimization server adapted for association with a cellular LTE base transceiver station in an LTE network, the cellular LTE base transceiver station being connected to a back haul network, having an RF coverage area, and configured for RF communication with a mobile transceiver device in the RF coverage area,
wherein the base station optimization server is connected to the cellular LTE base transceiver station, and to the back haul network in parallel with the cellular LTE base transceiver station so as to permit a data packet to flow between any of: (a) the cellular LTE base transceiver station and the back haul network, (b) the base station optimization server and the back haul network and (c) the cellular LTE base transceiver station and the base station optimization server without traversing the back haul network,
wherein the base station optimization server is configured to connect to the mobile transceiver device via a corresponding LTE bearer that is redirected through the cellular LTE base transceiver station to terminate on the base station optimization server instead of on an initial termination point of that bearer for the mobile transceiver device,
wherein the base station optimization server comprises a first publish-subscribe broker communications facility to which the mobile transceiver device is connected via its corresponding redirected bearer, wherein the base station optimization server further comprises a usage data reporting facility for collecting service and data usage for the mobile transceiver device, and
wherein the first publish-subscribe broker communications facility and usage data reporting facility are adapted to collect and report billing usage data for the mobile transceiver device for all data sent by the mobile transceiver device on paths that do not include a packet gateway (PGW) element, where the billing usage data is collected in the LTE network via paths that include the redirected bearer at the cellular LTE base transceiver station, wherein the first publish-subscribe broker communications facility is part of a publish-subscribe network that includes a second publish-subscribe broker communications facility associated with a central billing data collection facility, wherein the second publish-subscribe broker communications facility receives the billing usage data that is published by the first publish-subscribe broker communications facility via the publish-subscribe network.

US Pat. No. 10,116,453

METHOD FOR DISTRIBUTED TRUST AUTHENTICATION

Duo Security, Inc., Ann ...

1. A method for distributed trust authentication, the method comprising:at a service provider:
using a common private cryptographic key of a public/private cryptographic key pair to generate a first private key share and a second private key share;
distributing, via one or more communications networks, each of the first private key share and the second private key share to an identity provider and a remote multi-factor authentication service, respectively; and
distributing a public cryptographic key of the public/private cryptographic key pair to one of the identity provider and the remote multi-factor authentication service, wherein whichever one of the identity provider and the remote multi-factor authentication service that has the public cryptographic key performs a validation of a combined digital signature;
identifying an attempt, by a user operating a computing device, to authenticate to the service provider;
validating the combined digital signature for authenticating the user, wherein:
the combined digital signature is formed by a combination of a first digital signature and a second digital signature,
the first digital signature being generated using the first private key share in response to a successful primary authentication of the user;
the second digital signature being generated using the second private key share in response to a successful secondary authentication of the user,
the first private key share and the second private key share being generated using the common private cryptographic key of the public/private cryptographic key pair;
wherein validating the combined digital signature includes using the public cryptographic key of the public/private cryptographic key pair to validate the combined digital signature; and
authenticating the user to the service provider based on the validation of the combined digital signature.

US Pat. No. 10,116,452

SYSTEMS AND METHODS FOR SEGMENT INTEGRITY AND AUTHENTICITY FOR ADAPTIVE STREAMING

Futurewei Technologies, I...

1. A method for verifying segment integrity and authenticity for adaptive streaming, the method comprising:receiving, by a data processing system, a first representative segment of a media stream comprising a plurality of non-overlapping segments, each of the plurality of non-overlapping segments comprising multiple encoded representative segments of a same corresponding content;
receiving, by the data processing system, a first correct digest or a first correct digital signature for the first representative segment, the first correct digest or the first correct digital signature received through a first Uniform Resource Locator (URL) indicated in a media presentation description, and immediately comparing, after receiving the first representative segment, the first correct digest or the first correct digital signature to a first calculated digest or a first calculated digital signature of the first representative segment to determine whether the first representative segment has been modified;
receiving, by the data processing system, a second representative segment of the media stream, the second representative segment having a different encoding than the first representative segment, the first representative segment and the second representative segment being received one at a time in accordance with a consecutive order of the plurality of non-overlapping segments in the media stream; and
receiving, by the data processing system, a second correct digest or a second correct digital signature for the second representative segment, the second correct digest or the second correct digital signature received through a second URL indicated in the media presentation description, and immediately comparing, after receiving the second representative segment, the second correct digest or the second correct digital signature to a second calculated digest or a second calculated digital signature of the second representative segment to determine whether the second representative segment has been modified.

US Pat. No. 10,116,449

GENERATION DEVICE, TERMINAL DEVICE, GENERATION METHOD, NON-TRANSITORY COMPUTER READABLE STORAGE MEDIUM, AND AUTHENTICATION PROCESSING SYSTEM

YAHOO JAPAN CORPORATION, ...

1. A generation device comprising:a memory storing information regarding several authentication modules each configured to carry out authentication based on a result of verification between registration data registered in advance and predetermined input data; and
a processor programmed to:
receive, from a user, first user input to be used in local authentication processing;
perform local authentication processing based on the received first user input;
when the local authentication processing based on the received first user input results in the user being confirmed as a valid user:
issue a public key and a common private key;
store the common private key in the memory in association with the user; and
transmit the public key to an authentication server; and
upon receiving, from the user, second user input to be used in local authentication processing, the second user input being authentication information corresponding to one of the several authentication modules in the memory:
perform the local authentication processing based on the received second user input; and
when the local authentication processing based on the second user input results in the user being confirmed as a valid user:
generate authentication result information, regardless of a type of authentication information of the second user input, based on the common private key stored in the memory in association with the user, the authentication result information being processed by a specific protocol used between the generation device and the authentication server; and
transmit the generated authentication result information to the authentication server to cause the authentication result information to be processed.

US Pat. No. 10,116,447

SECURE AUTHENTICATION OF USER AND MOBILE DEVICE

Visa International Servic...

1. A method for authentication, comprising:receiving, by a mobile device, a user request to access a service provider application;
in response to the user request to access the service provider application, requesting, by the mobile device, using the service provider application and via an operating system on the mobile device, identification and verification from the user via an identification and verification application residing within the mobile device;
receiving, by the identification and verification application on the mobile device, a positive identification and verification response;
generating, by a cryptogram generation module in the mobile device, a cryptogram using a user identification (ID) associated with the user, a timestamp, a device ID associated with the mobile device, a service provider device ID, and a service provider application ID, wherein the service provider device ID uniquely identifies the mobile device used at a time of registration with the service provider application, and the user that registered with the service provider application; and
transmitting, by the mobile device, the generated cryptogram, the user ID, the timestamp, the device ID, the service provider device ID, and the service provider application ID, to a service provider computer associated with the service provider application,
wherein the service provider computer verifies the cryptogram using the timestamp, the device ID, the service provider application ID, and the service provider device ID.

US Pat. No. 10,116,445

METHOD AND SYSTEM FOR PROTECTED EXCHANGE OF DATA

1. A method for secure transmission of information between a source of information (A) and a destination of information device (B), the method comprising:an intermediary device (C) that interfaces between the source of information (A) and the destination of information device (B), wherein the intermediary device (C):
executes a secure comparison protocol based on whether a first value is above a threshold value, the intermediary device (C) executing the secure comparison protocol with the source of information (A) associated with a user device (U), in order to provide an encrypted comparison result, the encrypted comparison result being blinded by the source of information (A), and based on blinding information associated with the user device (U);
decrypts the blinded, encrypted comparison result to provide the blinded comparison result;
receives from the user device (U) a hash of a bit value and a first and second encrypted version of the bit value and a random number, which are encrypted with public encryption keys of the source of information (A) and the destination of information device (B), respectively;
sends the hash of the bit value and the first encrypted version of the bit value and the random number to the source of information (A), for blinding the comparison result with the bit value;
sends the hash of the bit value and the second encrypted version of the bit value and the random number to the destination of information device (B).

US Pat. No. 10,116,441

ENHANCED-SECURITY RANDOM DATA

Amazon Technologies, Inc....

1. A method, comprising:performing, by one or more computing devices:
in response to identifying a first requirement for a pseudo-random number (PRN):
selecting a first usage context from among a plurality of different usage contexts, wherein the first usage context corresponds to the first requirement;
obtaining a baseline PRN produced at a PRN generator, wherein a first statistical property of the baseline PRN can be predicted using a technique which includes an analysis of a collection of other PRNs produced by the PRN generator;
causing one or more cryptographic transformation functions to be applied to the baseline PRN using another PRN, wherein the one or more cryptographic transformation functions meet a first security criterion based at least in part on the first usage context; and
providing a second PRN from a result of the one or more cryptographic transformation functions to fulfill the first requirement, wherein the technique able to predict the first statistical property cannot predict a corresponding statistical property of the second PRN; and
in response to identifying a second requirement for a PRN:
selecting a second usage context from among the plurality of different usage contexts;
obtaining a second baseline PRN;
providing a third PRN to fulfill the second requirement and meet a second security criterion for the second usage context, wherein the third PRN is based on the second baseline PRN having one or more cryptographic transformation functions applied different than applied for the first security criterion.

US Pat. No. 10,116,439

ENCRYPTED DATA COMPUTATION SYSTEM, DEVICE, AND PROGRAM

KABUSHIKI KAISHA TOSHIBA,...

1. An encrypted data computation system comprising a client terminal, a computation device, and a computation assist device,the client terminal comprising
a numerical value storing circuit configured to store numerical values;
a key generating circuit configured to generate an encryption key to encrypt each of the numerical values, and a secondary computation key and a tertiary computation key that constitute a decryption key corresponding to the encryption key, and
an encryption circuit configured to encrypt each of the numerical values on the basis of the encryption key and generating encrypted data,
the computation device comprising
a tertiary computation key storing circuit configured to store the tertiary computation key,
a primary computation circuit configured to execute primary computation processing on the basis of each of the encrypted data and thereby generate a primary computation result corresponding to data in which a computation result of an expression that has added and subtracted each of the numerical values is encrypted,
a tertiary computation circuit configured to execute tertiary computation processing on the basis of a secondary computation result and the tertiary computation key when the secondary computation result in which the primary computation result is randomized is generated by the computation assist device, and thereby generate a tertiary computation result corresponding to data in which the computation result of the expression that has performed the addition-subtraction is kept secret by random numbers alone, and
a magnitude deciding circuit configured to decide a magnitude relation between a minuend and a subtrahend in the expression on the basis of the tertiary computation result,
the computation assist device comprising
a secondary computation key storing circuit configured to store the secondary computation key,
a random number generating circuit configured to generate the random numbers, and
a secondary computation circuit configured to execute secondary computation processing on the basis of the primary computation result, the secondary computation key, and the random numbers and thereby generate the secondary computation result.

US Pat. No. 10,116,438

MANAGING USE OF SECURITY KEYS

EMC IP Holding Company LL...

1. A method comprising steps of:receiving a request for a key that serves as part of a data security system that limits a number of accesses to key or keys associated therewith, wherein the request comprises one or more attributes associated with the request;
analyzing the one or more attributes associated with the request and a history in connection with one or more previous requests;
based on the analysis, determining a riskiness in connection with the request, wherein the riskiness indicates a high risk in connection with the request; and
upon determining the high risk in connection with the request, determining to refuse the request and creating a new limit that reduces the number of accesses to key or keys associated with the data security system;
wherein the steps are performed by at least one processing device comprising a processor coupled to a memory.

US Pat. No. 10,116,435

CONTROL CIRCUIT AND CONTROL METHOD OF COMMUNICATION DEVICE

MSTAR SEMICONDUCTOR, INC....

9. A control method of a communication device, comprising:detecting a periodic packet of a data signal to generate a packet indication signal corresponding to the periodic packet;
generating a working clock according to a reference clock; and
adjusting the working clock according to a relationship between frequencies of the working clock and the packet indication signal, such that the frequency of the working clock is substantially a predetermined multiple of the frequency of the packet indication signal.

US Pat. No. 10,116,430

ALIGNMENT MARKER INDEPENDENT DATA ALIGNMENT FOR A RECEIVER

XILINX, INC., San Jose, ...

1. An apparatus for a receiver, comprising:at least one delay line configured to receive input data from a communication lane and provide repetitions of the input data delayed with respect to one another, the input data including repeated sequences; and
an exclusive disjunction combinatorial circuit configured to receive the input data and the repetitions thereof and to generate a discontinuity-detection signal for codeword alignment responsive to successive linear combination by exclusive disjunction of the input data and the respectively delayed repetitions thereof to cancel out portions of the repeated sequences of the input data for detection of at least one type of discontinuity in the input data;
wherein the discontinuity-detection signal is generated for detection of a parity block at an end of a sequence of the repeated sequences in the input data indicative of the at least one type of discontinuity due to a difference between lengths of a word block of the sequence and the parity block.

US Pat. No. 10,116,427

FULL-DUPLEX TRANSMISSION MODES FOR WIRELESS NETWORKS

Intel Corporation, Santa...

1. An apparatus for a wireless station (STA), comprising:memory and processing circuitry to configure the STA to communicate in a wireless network;
wherein the processing circuitry is to:
demodulate a two-form request-to-send (RTS) frame transmitted from an access point (AP) that requests acceptance of a downlink data transfer and inquires if the STA has uplink data to send via a two-node full-duplex link;
encode a two-form clear-to-send (CTS) frame to send to the AP that responds to the two-form RTS frame; and,
compute a transmit power level to transmit the two-form CTS frame that is inversely proportional to a measured power level at which the two-form RTS frame from the AP was received.

US Pat. No. 10,116,425

DIPLEXED ANTENNA WITH SEMI-INDEPENDENT TILT

CommScope Technologies LL...

1. An antenna configured to operate in at least two radio frequency (RF) bands including a first RF band and a second RF band, the antenna comprising:a first coarse phase shifter and a second coarse phase shifter, wherein the first coarse phase shifter is independently adjustable from the second coarse phase shifter, and wherein the first coarse phase shifter is configured to provide a first contribution on a first tilt associated with the first RF band, and wherein the second coarse phase shifter is configured to provide a second contribution on a second tilt associated with the second RF band;
a first diplexer, a second diplexer, and a third diplexer, wherein each of the first diplexer, the second diplexer, and the third diplexer is coupled to the first coarse phase shifter and to the second coarse phase shifter;
a first fine phase shifter coupled to the first diplexer;
a second fine phase shifter coupled to the second diplexer; and
a third fine phase shifter coupled to the third diplexer,
wherein the first fine phase shifter, the second fine phase shifter, and the third fine phase shifter are coupled to one or more radiating elements.

US Pat. No. 10,116,423

INTER-CARRIER MODULATION

The University Court of t...

1. A method of communicating information in a plurality of carrier waves, the method comprising the steps of:dividing the information into at least a first information portion and a second information portion, wherein the information portions are non-overlapping series of binary bits;
modulating a plurality of domain resources to encode the first information portion using an index or grammar which indicates a modulation type for the plurality of domain resources; and
encoding the second information portion by modulation of domain resources on respective carrier waves belonging to a subset of the plurality of domain resources used to encode the first information portion, and combines the encoded first and second information portions to recreate the information in the plurality of carrier waves,
wherein:
modulation of the plurality of domain resources to encode the first information portion comprises a first information encoding scheme for allocating at least two different modulation types for encoding information to the plurality of domain resources with which the first information portion is to be encoded;
each of the at least two different modulation types and their allocation represents or encodes a different part or subset of the first information portion;
the plurality of domain resources comprise domain resources of two or more domains; and
selecting the first information encoding scheme, for determining the allocation of the at least two different modulation types amongst the plurality of domain resources, by analyzing the first information portion and determining a quantitative value indicative of the available bandwidth for encoding remaining information portions, that maximizes the available bandwidth for the remaining information portions.

US Pat. No. 10,116,421

METHOD FOR PERFORMING WIRELESS SWITCHING

InterDigital Technology C...

1. A wireless user terminal comprising:a receiver array configured to receive a plurality of orthogonal frequency division multiplexing (OFDM) signals on at least one downlink carrier frequency, wherein each of the plurality of OFDM signals includes assignment information that includes carrier frequency assignment information indicating a downlink carrier frequency,
the receiver array is further configured to receive a plurality of downlink signals each associated with a respective OFDM signal of the plurality of OFDM signals, wherein each downlink signal is received on the downlink carrier frequency indicated in the respective OFDM signal and using a downlink beam, wherein the downlink carrier frequency and the downlink beam dynamically change over the plurality of downlink signals; and
a controller configured to dynamically change the downlink carrier frequency of the receiver array for receiving the plurality of downlink signals based on the assignment information provided in the plurality of OFDM signals, wherein the plurality of downlink signals have different downlink beams.

US Pat. No. 10,116,417

NONLINEAR MIMO-OFDM DETECTOR

NXP USA, Inc., Austin, T...

1. A nonlinear multiple input, multiple output orthogonal frequency-division multiplexing (MIMO-OFDM) detector comprising:a vector arithmetic unit configured to sequentially compute first metrics corresponding to a first current tree level of a first search tree and second metrics corresponding to a second current tree level of a second search tree; and
a sorting and indexing unit configured to sort the first metrics and the second metrics sequentially received from the vector arithmetic unit and configured to sequentially provide first indices of lowest first metrics and second indices of lowest second metrics to the vector arithmetic unit, the lowest first metrics being first inputs to the vector arithmetic unit for a first next tree level of the first search tree and the lowest second metrics being second inputs to the vector arithmetic unit for a second next tree level of the second search tree,
wherein the vector arithmetic unit and the sorting and indexing unit are coupled in a pipeline that computes the second metrics concurrently with sorting and indexing of the first metrics, and
wherein the first search tree corresponds to a first subcarrier of an OFDM symbol.

US Pat. No. 10,116,416

APPARATUS FOR TRANSMITTING AND RECEIVING A SIGNAL AND METHOD OF TRANSMITTING AND RECEIVING A SIGNAL

LG ELECTRONICS INC., Seo...

1. A transmitter for transmitting at least one broadcast signal having Physical Layer Pipe (PLP) data, the transmitter comprising:a Bose-Chadhuri-Hocquenghem (BCH) encoder to BCH encode the PLP data;
a Low Density Parity Check (LDPC) encoder to LDPC encode the BCH encoded PLP data and output Forward Error Correction Frames (FECFrames);
a bit interleaver to bit interleave data in the FECFrames;
a mapper to map the bit interleaved data in the FECFrames onto constellations;
an outer encoder to outer encode signaling information;
a zero-padding module to insert zeros into the outer encoded signaling information;
an inner encoder to inner encode the zero-inserted signaling information;
a parity puncturing module to puncture parity bits of the inner encoded signaling information;
a zero-removing module to remove the inserted zeros from the signaling information on which the parity puncturing is performed;
a time-interleaver to perform time-interleaving the mapped data based on a skip operation, wherein the time-interleaver writes the mapped data into an interleaving block and reads out the written data from the interleaving block excluding cells which are skipped according to the skip operation, wherein the time-interleaving is performed by calculating positions for cells having the mapped data and the cells to be skipped based on a row index and a column index;
a frame builder to build a signal frame including preamble symbols and data symbols, wherein the preamble symbols include the zero-removed signaling information for the time interleaved data and the data symbols include the time interleaved data; and
a modulator to modulate data in the signal frame by an Orthogonal Frequency Division Multiplexing (OFDM) scheme, wherein the signaling information includes channel bonding information for the at least one broadcast signal.

US Pat. No. 10,116,415

TRANSMISSION DEVICE, RECEIVING DEVICE, TRANSMISSION METHOD, AND RECEIVING METHOD

CANON KABUSHIKI KAISHA, ...

1. A transmission device, comprising:one or more processors;
a memory having stored thereon instructions which, when executed by the one or more processors, cause the transmission device to:
generate restoration data packets for restoration of lost data packets by using first data packets, which are data packets forming transmission data and which are transmitted as data packets of a first data stream, and second data packets, which are data packets forming the transmission data and which are transmitted as data packets of a second data stream different from the first data stream; and
a transmitter configured to transmit to a receiving device the first data packets as data packets of the first data stream, transmit to the receiving device the second data packets as data packets of the second data stream, and transmit to the receiving device the restoration data packets generated using the first data packets and the second data packet,
wherein the transmission data includes data of a base layer to be used for displaying by the receiving device an image having a first resolution, and data of an enhancement layer to be used together with the data of the base layer for displaying by the receiving device an image having a second resolution that is higher than the first resolution, and
wherein the transmitter is configured to transmit to the receiving device the data of the base layer as the data packets of the first data stream, and transmit to the receiving device the data of the enhancement layer as the data packets of the second data stream.

US Pat. No. 10,116,414

METHOD AND APPARATUS FOR TRANSMITTING AND RECEIVING CHANNEL STATUS INFORMATION (CSI) FOR SUPPORTING 256QAM IN WIRELESS ACCESS SYSTEM

LG ELECTRONICS INC., Seo...

1. A method for receiving Channel Status Information (CSI) in a wireless access system, the method performed by an evolved Node B (eNB) and comprising:transmitting a radio resource control (RRC) signal including Channel Quality Indication (CQI) table information configuring a second CQI table to a second CSI subset;
transmitting a first Physical Downlink Shared Channel (PDSCH) on a first CSI subset and a second PDSCH on the second CSI subset; and
receiving first CSI including a first CQI index associated with the first PDSCH and second CSI including a second CQI index associated with the second PDSCH,
wherein the first CQI index is selected from a first CQI table for supporting up to a 64 Quadrature Amplitude Modulation (QAM) scheme, and the second CQI index is selected from the second CQI table for supporting up to a 256 QAM scheme,
wherein CQI indices 12 to 15 of the first CQI table are used for the 64 QAM scheme and CQI indices 12 to 15 of the second CQI table are used for the 256 QAM scheme, and
wherein a total number of CQI indexes of each of the first and the second CQI tables is the same, and a size of the first CQI table and a size of the second CQI table are 4 bits.

US Pat. No. 10,116,411

FREQUENCY AGILE ANTI-JAM DATA LINK

Northrop Grumman Systems ...

1. A method for transmitting signals through the atmosphere, said method comprising:sending messages to an intended recipient on a data link at an operating frequency that is close enough to an atmospheric absorption band to cause attenuation of the messages; and
controlling the operating frequency of the data link relative to the absorption band to increase or decrease the attenuation of the messages in the atmosphere in a manner that increases or decreases the signal-to-noise ratio of the messages received by the intended recipient so that the intended recipient of the messages does receive the messages, but unintended recipients of the messages that are farther away from a transmit location of the messages than the intended recipient do not receive the message, wherein controlling the operating frequency of the data link relative to the absorption band includes changing the operating frequency depending on an altitude of the transmit location of the messages, a distance of the intended recipient from the transmit location, and a distance of the unintended recipients from the transmit location.

US Pat. No. 10,116,410

OPTICAL TRANSMITTERS AND RECEIVERS USING POLARIZATION MULTIPLEXING

Telefonaktiebolaget LM Er...

1. An optical transmitter, comprising:a laser having an output;
an optical beam splitter having an input coupled to the output of the laser and two outputs configured so as to produce first and second optical signals;
first and second optical intensity modulators having respective inputs coupled to the outputs of the optical beam splitter and configured to impress multi-level intensity modulation on the first and second optical signals, respectively, based on respective first and second information streams;
a phase modulator coupled in line with the second optical intensity modulator and configured to impress a multi-level phase modulation on the second optical signal, using a multi-level phase modulation signal derived from a third information stream; and
an optical beam combiner having first and second inputs coupled to receive the intensity-modulated first optical signal and the intensity-and-phase-modulated second optical signal, respectively, and configured to combine the intensity-modulated first optical signal and the intensity-and-phase-modulated second optical signal to produce a polarization-multiplexed optical signal for transmission;wherein the optical transmitter is configured so that the intensity-modulated first optical signal and the intensity-and-phase-modulated second optical signal in the polarization-multiplexed optical signal have first and second optical states of polarization, respectively.

US Pat. No. 10,116,408

APPARATUS AND METHOD FOR DISTRIBUTED COMPENSATION OF NARROW OPTICAL FILTERING EFFECTS IN AN OPTICAL NETWORK

1. A reconfigurable optical add-drop multiplexer comprising:a wavelength selective switch to receive input at a sole input and transmit output; and
an optical equalizer, coupled to the sole input of the wavelength selective switch, to pre-equalize a spectral shape of a signal of each channel of an optical signal input to the sole input of the wavelength selective switch, by adjusting a frequency strength of each channel based on optical filtering effects caused by the wavelength selective switch and a plurality of wavelength routing devices downstream of the optical equalizer and along a transmission link to mitigate the optical filtering effects and reduce noise degradation of the optical equalizer.

US Pat. No. 10,116,407

SYSTEM AND METHOD FOR IMPROVING NARROWBAND INTERFERENCE PERFORMANCE

Texas Instruments Incorpo...

1. A orthogonal frequency division multiplexing (OFDM) receiver, comprising:a processor; and
a non-transitory computer readable storage medium storing a program for execution by the processor, the program including instructions to:
receive a signal over a communication channel;
detect a narrowband interferer in a block of samples of the signal in the communication channel;
align a frequency of the narrowband interferer to a center of a subcarrier frequency of the communication channel, to generate an offset signal, introducing inter-carrier interference (ICI) to the offset signal; and
remove the subcarrier frequency from the offset signal, to generate an interferer erased offset signal.

US Pat. No. 10,116,406

METHOD AND APPARATUS FOR REDUCING INTER-CELL INTERFERENCE

1. A method comprising:identifying, for a cluster of wireless cells comprising a plurality of wireless cells, a first wireless cell that is a most interfered wireless cell of the cluster of wireless cells by comparing a hybrid automatic repeat request (HARQ) success rate to a threshold value;
identifying, for a plurality of radio resources available to the first wireless cell, one or more most interfered radio resources of the plurality of radio resources;
identifying one or more user equipment (UE) associated with the one or more most interfered radio resources for the first wireless cell;
identifying at least one UE associated with the one or more most interfered radio resources for the first wireless cell as a cell edge UE based, at least in part, on at least one of a time adjustment (TA) value and a received signal strength power (RSSP) value associated with the at least one UE;
identifying at least one other UE associated with the one or more most interfered radio resources;
determining whether the at least one other UE is one of:
a cell edge UE served by a second wireless cell of the cluster of wireless cells, wherein the second wireless cell is not identified in a neighbor list of the first wireless cell; or
a cell core UE served by a second wireless cell of the cluster of wireless cells, wherein the second wireless cell is identified in a neighbor list of the first wireless cell but no inter-cell interference coordination is provided for the cell core UE,
wherein the at least one other UE is determined to be a cell edge UE or a cell core UE based, at least in part, on at least one of TA value and a RSSP value associated with the at least one other UE;
including the second wireless cell in the neighbor list of the first wireless cell if the at least one other UE is determined to be a cell edge UE for the second wireless cell that is not identified in the neighbor list of the first wireless cell;
falsely identifying the at least one other UE as a cell edge UE if the at least one other UE is determined to be a cell core UE for the second wireless cell that is identified in the neighbor list of the first wireless cell;
determining if the first wireless cell remains the most interfered wireless cell of the cluster of wireless cells by comparing the hybrid automatic repeat request (HARQ) success rate of the first wireless cell to the predetermined threshold; and
issuing an error message based on the determination that the first wireless cell remains the most interfered wireless cell of the cluster of wireless cells.

US Pat. No. 10,116,403

OTN ADAPTATION FOR SUPPORT OF SUBRATE GRANULARITY AND FLEXIBILITY AND FOR DISTRIBUTION ACROSS MULTIPLE MODEM ENGINES

Ciena Corporation, Hanov...

1. A method for Optical Transport Network (OTN) line side adaptation to provide sub-rate granularity and distribution, the method comprising:subsequent to receiving an OTN signal, segmenting the OTN signal into N flows of cells with associated identifiers, based on tributary slots of the OTN signal, wherein N?0, wherein, when N>0, the cells only include allocated payload from the OTN signal, and wherein, when N=0, the cells only include overhead; and
switching the cells, with a scheduler, to one or more line side modems such that the one or more line side modems only transmit on one or more line side allocated tributary slots when N>0 and overhead only without payload when N=0, wherein a rate of the one or more line side modems is independent from a rate of the OTN signal.

US Pat. No. 10,116,400

OPTICAL SIGNAL FREQUENCY CALIBRATION METHOD AND DEVICE

Huawei Technologies Co., ...

1. An optical signal frequency calibration method, comprising:receiving a first optical signal that experiences a frequency offset and that is generated by a laser in a transmitter of an access node;
receiving a reference optical signal sent by a local oscillator, wherein the reference optical signal is obtained after a receiver of the access node performs, by using a received second optical signal sent by a primary node, frequency calibration on a third optical signal generated by the local oscillator;
calculating a difference between a specified frequency difference and a frequency difference between the reference optical signal and the first optical signal; and
performing frequency calibration on the first optical signal according to the difference, modulating to-be-sent uplink data by using the calibrated first optical signal, and sending the modulated uplink data to the primary node.

US Pat. No. 10,116,398

SYSTEM FOR TESTING EFFICACY OF ELECTROMAGNETIC SHIELDING AND METHOD

HON HAI PRECISION INDUSTR...

1. A system for testing efficacy of electromagnetic shielding comprising:a radio frequency anechoic housing;
a testing device positioned in the radio frequency anechoic housing, the testing device comprising:
an antennal substrate comprising at least one antenna;
a signal source connecting to one of the at least one antenna to send a frequency field;
a receiving antenna;
a receiver for receiving a first frequency field through the receiving antenna; and
a shielding shell;
wherein when the antennal substrate and the signal source is positioned in the shielding shell and the shielding shell is positioned in the radio frequency anechoic housing, a receiver receives a second frequency field through the receiving antenna, a shielding efficacy value is obtained according to the first frequency field and the second shielding efficacy value, and a determination of whether the shielding shell meets requirement is obtained according to the shielding efficacy value.

US Pat. No. 10,116,395

PHOTONIC MICROWAVE MIXING APPARATUS AND METHOD THEREOF

National Chung Cheng Univ...

1. A photonic microwave mixing apparatus, comprising:an optical input, wherein the optical input is an optical signal carrying a frequency-to-be-converted microwave signal;
an optical output, wherein the optical output is an optical signal carrying a frequency-converted microwave signal; and
a photonic microwave mixing module to convert the optical input into the optical output, wherein the photonic microwave mixing module comprises a microwave mixing laser to generate a nonlinear wave-mixing optical signal, and wherein an optical power and a carrier frequency of the optical input are adjusted so as to place the microwave mixing laser in period-one nonlinear dynamics and to achieve frequency unlocking between the modulation sidebands of the optical input and the oscillation sidebands of the period-one nonlinear dynamics.

US Pat. No. 10,116,394

OPTICAL PAIRING

11. A system that receives data encoded as an optical signal, the system comprising:an optical receiver on a first device that receives an optical signal; and
a processor on the first device that decodes a sequence of data symbols from the optical signal and determines that the sequence of data symbols represents a security authentication code that establishes a secure data transfer connection between the first device and a second device;
wherein one of the two devices is an integrated solar panel having a controller;
wherein:
the optical receiver is further configured to receive the optical signal as an optical signal containing a plurality of frequency elements that are each modulated in intensity, with each combination of intensities lasting for a predetermined time duration,
the processor is further configured to:
determine that state transitions in the optical signal between each combination of intensities correspond to permutations of the data symbol sequence as defined by a mapping of data symbols to permutation rules; and
decode the sequence of data symbols by mapping a plurality of modulation state transitions in light output to a corresponding plurality of data symbols;
wherein the processor is further configured to:
update a probabilistic calculation for both new and previously received linear transformations to include the population of newer linear transformations and to exclude linear transformations older than a defined threshold.

US Pat. No. 10,116,393

DRIVER MODULE FOR MACH ZEHNDER MODULATOR

INPHI CORPORATION, Santa...

1. A method of driving a dual-channel modulator in a silicon-photonics communication system, the method comprising:coupling the dual-channel modulator with an electrical data interface;
configuring two differential pairs of inputs per channel respectively to receive two digital differential pair signals from the electrical data interface;
coupling a Digital-to-Analog Convertor (DAC) per channel to the two differential pairs of inputs to convert the two digital differential pair signals to a single analog differential pair PAM signal at a differential pair output with two single ended swing voltages respectively being outputted to two near ends of two waveguides of a traveling wave modulator associated with the channel and terminated at corresponding two far ends with a pair of matched resistors; and
configuring a control block including internal voltage/current signal generators to receive control signals from the DAC for providing a dither signal to assist modulation control per channel.

US Pat. No. 10,116,392

CARRIER SUPPRESSED MULTI-LEVEL PULSE AMPLITUDE MODULATION

FUJITSU LIMITED, Kawasak...

1. A method for carrier suppressed multi-level pulse amplitude modulation, the method comprising:receiving input data for transmission over an optical network;
mapping the input data for M multi-levels of pulse amplitude modulation to generate modulation data, the modulation data including symbols at one of the M multi-levels that represent the input data according to a scaling, wherein the modulation data specify an alternating phase of 0 degrees and 180 degrees respectively for each successive symbol;
applying the modulation data to an optical modulator to pulse amplitude modulate the modulation data onto an optical wavelength to generate an output optical signal for transmission over the optical network.

US Pat. No. 10,116,391

OFF QUADRATURE MACH-ZEHNDER MODULATOR BIASING

INPHI CORPORATION, Santa...

1. A method for operating an off-quadrature modulation system, the method comprising:selecting an input value for performing an optical modulation process by an optical modulator;
providing a lookup table, the lookup table comprising an array of n sine values based on a plurality of n dither frequencies, the lookup table further comprising an array of n cosine values based on the plurality of n dither frequencies;
obtaining n measured values of outputs generated by the optical modulator corresponding to the plurality of n dither frequencies;
determining a first sum using the n measured values;
calculating an array of n in-phase values using the array of n sine values and corresponding n measured values;
calculating an array of n quadrature values using the array of n cosine values and the corresponding n measured values;
determining a second sum using the array of n in-phase values and the array of n quadrature values;
calculating a ratio between the first sum and the second sum; and
adjusting the input value using the ratio as a target of a control loop to stabilize the optical modulator.

US Pat. No. 10,116,389

OPTICAL TRANSCEIVER

Telefonaktiebolaget LM Er...

1. A transceiver, comprising:a receive part configured to receive and detect a first signal carried on an optical carrier, wherein the signal is in a first part of a RF spectrum;
a modulator configured to modulate the same optical carrier with a second signal in a second part of the RF spectrum; and
a transmit part configured to transmit the optical carrier modulated with the second signal, wherein the first part of the RF spectrum is separate to the second part of the RF spectrum,
wherein an inter-symbol interference is introduced in the first signal and the second signal as transmitted to reduce bandwidths occupied by the first signal and the second signal, wherein the inter-symbol interference is recovered at the receive part, and
wherein the first signal and/or the second signal is a spectrally compressed binary signal that comprises a maximum frequency of the higher frequency of the first signal and the second signal which is equal or lower than bit rates of the first signal and the second signal.

US Pat. No. 10,116,388

APPARATUS FOR MEASURING A FILTERING CHARACTERISTIC, PRE-EQUALIZER AND COMMUNICATION EQUIPMENT

FUJITSU LIMITED, Kawasak...

1. An apparatus for measuring a filtering characteristic, including:processor circuitry configured to:
one of determine a first part of a filtering characteristic of a receiving end and determine a first part of a joint response of the filtering characteristic of a transmitting end and the filtering characteristic of the receiving end, in a spectrum of a first receiving signal obtained after a first measurement signal and a second measurement signal pass through respective filtering modules, according to a nonoverlapped spectral part of the first measurement signal and the second measurement signal;
one of determine a second part of the filtering characteristic of the receiving end in a spectrum of a second receiving signal obtained after a third measurement signal and the second measurement signal pass through respective filtering modules, according to a nonoverlapped spectral part of the third measurement signal and the second measurement signal and determine a second part of the joint response of the filtering characteristic of the transmitting end and the filtering characteristic of the receiving end, in the spectrum of the second receiving signal obtained after a fourth measurement signal and the first measurement signal pass through respective filtering modules, according to a nonoverlapped spectral part of the fourth measurement signal and the first measurement signal; and
one of determine the filtering characteristic of the receiving end according to the first part of the filtering characteristic and the second part of the filtering characteristic and determine the joint response of the filtering characteristic of the transmitting end and the filtering characteristic of the receiving end according to the first part of the joint response and the second part of the joint response;
wherein, the filtering modules through which the first measurement signal and the third measurement signal pass include a transmitting end filtering module and a receiving end filtering module, a filtering module through which the second measurement signal and the fourth measurement signal pass include the transmitting end filtering module, spectral ranges of the first measurement signal and the second measurement signal are different, and one of frequencies of the third measurement signal and the first measurement signal are complementary and frequencies of the fourth measurement signal and the second measurement signal are complementary;
and frequency complementarity denotes that spectral ranges of two measurement signals cover all a measurement range of the filtering characteristic, and the two measurement signals have an overlapped frequency point; and the first measurement signal, the second measurement signal, the third measurement signal and the fourth measurement signal are continuous signals.

US Pat. No. 10,116,387

CONTROL DEVICE, OPTICAL TRANSMISSION SYSTEM, AND METHOD FOR CONTROLLING OPTICAL TRANSMISSION SYSTEM

FUJITSU LIMITED, Kawasak...

1. A control device for controlling a first transmission device and a second transmission device, the control device comprising:a memory; and
a processor coupled to the memory, the processor configured to:
set a first wavelength path between the first transmission device and the second transmission device;
select a monitoring wavelength path for a monitoring wavelength from established wavelength paths allocated on a transmission line between the first transmission device and the second transmission device; and
subtract a consideration value from a lower limit value of a signal quality of the monitoring wavelength path such that an allowable lower limit value of the signal quality of the monitoring wavelength path is calculated, thereby monitoring the signal quality of the monitoring wavelength path, the consideration value being obtained by multiplying a number of spans within the monitoring wavelength path to a noise increase amount of the monitoring wavelength caused by the first wavelength path; and
increase power of the first wavelength path, based on the signal quality of the monitoring wavelength path.

US Pat. No. 10,116,385

SYSTEM AND METHOD FOR PILOT DATA DETECTION USING CORRELATION PEAK TRACKING

Huawei Technologies Co., ...

1. A method for detecting pilot data comprising:receiving an optical signal from an optical channel, the optical signal comprising a pilot signal, the pilot signal carrying the pilot data;
detecting, by an optical-to-electrical converter, the pilot signal in the optical signal; and
performing operations on the pilot signal including:
(i) for a bit of the pilot data: performing correlation operations on the pilot signal over a first set of frequency values and at a plurality of phases to produce a first set of correlation values, and obtaining from the first set of correlation values an initial maximum correlation peak for use in pilot data detection; and
(ii) for each bit of subsequent bits of the pilot data: performing correlation operations on the pilot signal over a second set of frequency values and at a plurality of phases to produce a second set of correlation values, and obtaining a subsequent maximum correlation peak from the second set of correlation values for use in the pilot data detection, wherein the subsequent maximum correlation peak is selected from correlation values, in the second set of correlation values, that were produced for phases within a window around and encompassing a phase of the initial maximum correlation peak.

US Pat. No. 10,116,383

OUTPHASING AMPLIFIER

NXP B.V., Eindhoven (NL)...

1. An outphasing amplifier having:a first branch arranged to receive and process a first branch signal, the first branch signal being phase modulated, with constant amplitude envelope; and
a second branch arranged to receive and process a second branch signal, the second branch signal being phase modulated, with constant amplitude envelope, and at least a portion of the second branch signal anti-phase from the first branch signal,
wherein each branch includes:
circuitry arranged to successively process the respective branch signal to reduce the energy in sidebands of the respective branch signal away from the central frequency to generate a filtered magnitude signal, while retaining the phase information in the respective branch signal from an unfiltered signal until a threshold is met;
the circuitry arranged to generate a filtered and re-asserted branch signal from the filtered magnitude signal and the phase information; and
an amplifier arranged to amplify the filtered and re-asserted branch signal.

US Pat. No. 10,116,382

AD HOC HIGH FREQUENCY NETWORK

Rockwell Collins, Inc., ...

1. A communication device, comprising:a time source configured to provide timing information for the communication device, the timing information being synchronized with other communication devices participating in a same network the communication device is configured to participate in; and
one or more processors in communication with the time source, the one or more processors configured to facilitate beyond line of sight reflective communications between the communication device and another communication device participating in the same network, wherein the beyond line of sight reflective communications are carried out in a time synchronized manner and in accordance with a time division multiple access (TDMA) based waveform that supports time slots, wherein the one or more processors are further configured to periodically broadcast a location update message on all frequencies specified in a frequency pick list, the location update message includes information regarding the communication device and information regarding direct connection neighbors of the communication device.

US Pat. No. 10,116,366

APPARATUS FOR TRANSMITTING BROADCAST SIGNALS, APPARATUS FOR RECEIVING BROADCAST SIGNALS, METHOD FOR TRANSMITTING BROADCAST SIGNALS AND METHOD FOR RECEIVING BROADCAST SIGNALS

LG ELECTRONICS INC., Seo...


updating a kth parity bit by summing with a (k?1)th parity bit in the parity bits.

US Pat. No. 10,116,331

DATA TRANSMITTING AND RECEIVING APPARATUS HAVING IMPROVED LOW-DENSITY PARITY-CHECK (LDPC) ENCODING, DECODING AND TRANSMISSION RATE

Electronics and Telecommu...

1. A data transmitting apparatus, comprising:a low-density parity-check (LDPC) encoder configured to perform, on data to be transmitted by a faster-than-Nyquist method (FTN), LDPC encoding using a first matrix having a first degree less than a preset reference degree and a second matrix of a single diagonal matrix;
a symbol mapper configured to perform symbol mapping on information bits and a parity bits of data LDPC encoded, independently, by performing interleaving on the information bits and the parity bits using different interleavers and applying differential encoding to a part of codeword of information and a codeword of the parity bits; and
an accelerator configured to accelerate an output signal from the different interleavers by a transmission rate based on the FTN method,
wherein each degree is a value based on the number of 1's elements of a matrix, and
wherein the preset reference degree is according to degree distribution of each LDPC code rate defined in DVB-S2 standard.

US Pat. No. 10,116,306

TOUCH AND FORCE SENSITIVE ROCKER SWITCH

Apple Inc., Cupertino, C...

5. A portable electronic device, comprising:a housing that defines an interior volume, the housing comprising a sidewall that includes a through hole;
a button aligned with the through hole, the button comprising a surface;
a capacitive sensor positioned in the interior volume and at least partially covered by the button; and
a force sensor positioned in the interior volume and at least partially covered by the button, wherein the button is configured to accept i) a touch input to the surface that is detected by the capacitive sensor, and ii) a force touch input that is determined by the force sensor.

US Pat. No. 10,116,305

SEMICONDUCTOR DEVICE FOR DISPLAY DRIVER IC STRUCTURE

Magnachip Semiconductor, ...

1. A semiconductor device, comprising:a first transistor, a second transistor, and a third transistor formed on a semiconductor substrate, wherein
the first transistor comprises
a first gate insulator having a first thickness,
a first source region and a first drain region,
a pair of lightly doped drain (LDD) regions that are each shallower than the first source region and the first drain region, and
a first gate electrode,
the second transistor comprises
a second gate insulator having a second thickness that is thinner than the first thickness,
a second source region and a second drain region,
a pair of drift regions that encompass the second source region and the second drain region respectively, and
a second gate electrode, and
the third transistor comprises
a third gate insulator having the first thickness,
a third source region and a third drain region, and
a pair of drift regions that encompass the third source region and the third drain region respectively, and
a third gate electrode.

US Pat. No. 10,116,299

POWER-ON RESET CIRCUIT

SEMICONDUCTOR MANUFACTURI...

1. A power-on-reset circuit comprising:an execution circuit comprising a first input terminal, a second input terminal, and a first output terminal, the first input terminal directly connected to a power supply voltage, a voltage at the second input terminal having a low level at an initial state, and a voltage at the first output terminal having a low level, wherein the voltage at the first output terminal transitions from the low level to a high level when the power supply voltage at the first input terminal and the voltage at the second input terminal are not less than a predetermined voltage; and
a control circuit comprising a third input terminal connected to the first output terminal, a fourth input terminal connected to the first input terminal, and a second output terminal connected to the second input terminal, wherein the voltage at the second input terminal transitions from the low level to the high level when a difference between the power supply voltage at the first input terminal and the voltage at the first output terminal is greater than a predetermined voltage difference,
wherein the execution circuit comprises a NAND gate having a first input terminal directly connected to the first input terminal of the execution circuit, a gate connected to the second input terminal of the execution circuit, a drain connected to the output terminal of the NAND gate, a source connected in series with a reverse-biased diode circuit to the power supply voltage, and a substrate connected to the power supply voltage.

US Pat. No. 10,116,280

COIL COMPONENT

SAMSUNG ELECTRO-MECHANICS...

9. A coil component comprising:a body including first and second filter parts overlaying each other and a main surface of a substrate, and spaced apart from each other in a thickness direction orthogonal to the main surface of the substrate,
wherein:
each filter part of the first and second filter parts includes upper and lower coils disposed in the body to overlay each other and spaced apart from each other in the thickness direction,
one of the upper and lower coils of the first filter part is electrically connected in series with one of the upper and lower coils of the second filter part such that a first current flowing in the one coil of the first filter part produces a magnetic flux having a direction opposite to a magnetic flux produced by the first current flowing through the series connected one coil of the second filter part,
another of the upper and lower coils of the first filter part is electrically connected in series with another of the upper and lower coils of the second filter part such that a second current flowing in the other coil of the first filter part produces a magnetic flux having a direction opposite to a magnetic flux produced by the second current flowing through the series connected other coil of the second filter part, and
a distance between the coil windings in each of the upper and lower coils of the first filter part is smaller than a distance between the coil windings in each of the upper and lower coils of the second filter part.

US Pat. No. 10,116,276

POWER AMPLIFIER CIRCUIT

National Chi Nan Universi...

1. A radio frequency (RF) power amplifier circuit comprising:a power divider disposed to receive an RF input signal, and configured to divide the RF input signal into more than three RF division signals;
a plurality of power amplification circuits coupled to said power divider for respectively receiving the RF division signals, each of said power amplification circuits being configured to perform power amplification on a respective one of the RF division signals, and to output a respective one of amplified RF division signals; and
a power combiner coupled to said power amplification circuits for receiving the amplified RF division signals, and configured to combine the amplified RF division signals into an RF output signal;
wherein one of said power divider and said power combiner has a first microstrip structure,
said RF power amplifier circuit further comprising a first impedance conversion circuit that has
a first terminal coupled to said one of said power divider and said power combiner that has said first microstrip structure, and
a second terminal that is disposed to receive the RF input signal when said first terminal is coupled to said power divider, and that is disposed to output the RF output signal when said first terminal is coupled to said power combiner,
said first impedance conversion circuit being configured to permit transmission of one of the RF input signal and the RF output signal between said first and second terminals thereof, and being configured such that a first conversion impedance, which is an impedance seen into said first impedance conversion circuit from said first terminal, matches an impedance seen into said one of said power divider and said power combiner from said first terminal; and
wherein said first microstrip structure has a physical length associated with the first conversion impedance,
said RF power amplifier circuit satisfying:

where:
N represents a number of the RF division signals,
?TE represents an equivalent electrical length of said first microstrip structure,
YTE represents an equivalent characteristic transconductance of said first microstrip structure,
? represents an angular frequency of the RF input signal,
?T represents the physical length of said first microstrip structure,
ZL represents the first conversion impedance;
RL represents a real part of ZL,
LL represents an imaginary part of ZL,
Zx represents an impedance seen into said first microstrip structure from a terminal of said first microstrip structure to which one of said power amplification circuits is coupled,
Rx represents a real part of Zx,
Lx represents an imaginary part of Zx, and
? represents a wavelength of the RF input signal.

US Pat. No. 10,116,273

CURRENT REUSE FIELD EFFECT TRANSISTOR AMPLIFIER

Mitsubishi Electric Corpo...

1. A current reuse field effect transistor amplifier comprising:a first field effect transistor including a first gate to which a radio frequency (RF) signal is input, a first source, and a first drain;
a first resistor connected between the first source and a terminal for grounding;
a second field effect transistor including a second source, a second gate connected to the first drain, and a second drain that is connected to a terminal for power supply and outputs the RF signal;
a second resistor connected between the second source and the second gate;
a third field effect transistor including a third source, a third drain connected to the terminal for power supply, and a third gate connected to the terminal for grounding;
a fourth field effect transistor including a fourth source, a fourth drain, and a fourth gate connected to the third source;
one or a plurality of diodes connected in series between the fourth source and the terminal for grounding;
a third resistor connected between the terminal for power supply and the fourth drain; and
a fourth resistor connected between the fourth drain and the first gate,whereinthe first to the fourth field effect transistors are each a depletion mode field effect transistor.

US Pat. No. 10,116,244

MOTOR DRIVING CIRCUIT AND METHOD PROVIDING SMOOTH RECOVERY FROM TRANSIENT POWER LOSS

SEMICONDUCTOR COMPONENTS ...

1. A method for driving a motor including a rotor driven by stator coils, the stator coils receiving drive signals controlled by a drive circuit, the method comprising recovering from a power supply glitch or transient by:deriving a signal from at most one Hall sensor that senses a magnetic field polarity of the rotor;
detecting whether the signal lacks a transition within a predetermined time period, and if so, determining that the rotor is not rotating;
detecting whether the signal includes multiple transitions separated by no more than the predetermined time period, and if so, determining that the rotor is rotating; and
if it is determined that the rotor is rotating:
determining duty cycle values for each of the stator coils based on timing of the multiple transitions; and
driving the motor by supplying the drive signals to the stator coils using said duty cycle values.

US Pat. No. 10,116,238

POWER GRID FREQUENCY FLEXIBLE OPERATION SYSTEM AND METHOD USING THE SAME

Korea University Research...

1. A power grid frequency flexible operation system, comprising:a generating unit which includes a base-load unit and a peak-load unit and generates first alternating current (AC) power;
a high-voltage direct current (HVDC) transmission unit which receives the first alternating current (AC) power generated by the generating unit and transmits second alternating current (AC) power;
a first load; and
a second load,
wherein the high-voltage direct current (HVDC) transmission unit comprises:
a converter which transforms the first alternating current (AC) power generated by the generating unit to direct current (DC) power;
an inverter which is connected to the converter and transforms the direct current (DC) power to the second alternating current (AC) power,
wherein a frequency of the first alternating current (AC) power has a first frequency variation allowance range,
wherein a frequency of the second alternating current (AC) power has a second frequency variation allowance range,
wherein the first frequency variation allowance range of the frequency of the first alternating current (AC) power generated by the generating unit is larger than the second frequency variation allowance range of the frequency of the second alternating current (AC) power,
wherein the second load requires a power having a higher quality than a quality of a power required by the first load,
wherein the first load is supplied with the first alternating current (AC) power having the first frequency variation allowance range larger than the second frequency variation allowance range,
wherein the second load is supplied with the second alternating current (AC) power having the second frequency variation allowance range, and
wherein the first frequency variation allowance range of the first alternating current (AC) power is from ?0.5 Hz to +0.5 Hz on a 60 Hz standard, and the second frequency variation allowance range of the second alternating current (AC) power is from ?0.2 Hz to +0.2 Hz on the 60 Hz standard.

US Pat. No. 10,116,237

INVERTER DEVICE AND CONTROLLING METHOD THEREOF

Huang-Jen Chiu, New Taip...

1. An inverter device electrically connected to a direct current source, comprising:a first stage circuit electrically connected to the direct current source and comprising a first switch module and a charge-discharge module, wherein the first switch module is electrically connected to the charge-discharge module;
a second stage circuit electrically connected to the first stage circuit and an AC output terminal and comprising a second switch module and a filter module, wherein the second switch module is electrically connected to the filter module; and
a control module electrically connected to the first switch module and the second switch module, and outputting a first control signal for controlling the first switch module to turn on/off and a second control signal for controlling the second switch module to turn on/off;
wherein the control module obtains an input current from the first stage circuit, the control module determines a predetermined current value with a varied capacitor voltage of a capacitor included in the charge-discharge module and adjusts the input current to be approaching to the predetermined current value, and the control module obtains an output power from the AC output terminal and adjusts the duty cycle of the first control signal according to the output power and a predetermined output power.

US Pat. No. 10,116,236

ISOLATED SWITCHING MODE POWER SUPPLY WITH MESSAGE CONTROL BETWEEN SR AND PRIMARY SIDE, AND CONTROL METHOD THEREOF

Sync Power Corp., Taipei...

1. An isolated switching mode power supply, comprising:a primary side circuit, comprising:
a primary-side controller; and
an additional winding coupled to the primary-side controller; and
a secondary side circuit coupled to the primary side circuit, the secondary side circuit comprising:
a secondary winding coupled to the primary side circuit;
a secondary switch coupled to the secondary winding; and
a synchronous rectifier (SR) controller coupled to the secondary winding and the secondary switch,
wherein the SR controller is configured to turn off the secondary switch to trigger the secondary winding to feed back a first message to the primary side circuit; and
the primary-side controller enables the primary side circuit to transfer energy to the secondary side circuit if the primary-side controller detects the first message from the additional winding, the first message is a voltage change occurring on the additional winding of the primary side circuit, the first message is a voltage increment in an operating duration of the secondary side circuit, the operating duration represents a time interval between a timing point when a primary switch of the primary side circuit is turned off and a timing point when a current of the secondary winding reaches zero, and the additional winding is configured for receiving the first message through inducing the secondary winding.