US Pat. No. 10,893,164

IMAGE SENSOR UNIT AND IMAGE READING DEVICE

Nippon Sheet Glass Compan...

1. An image sensor unit comprising:a linear light source that illuminates a document with a light;
a first erecting equal-magnification lens array and a second erecting equal-magnification lens array arranged in the stated order away from the document so as to receive a light reflected from the document and form an erecting equal-magnification image;
a visual field restriction device provided on an intermediate imaging plane between the first erecting equal-magnification lens array and the second erecting equal-magnification lens array;
a spectral device that disperses a light output from the second erecting equal-magnification lens array; and
a linear image sensor that receives a light dispersed by the spectral device.

US Pat. No. 10,893,163

NON-TRANSITORY COMPUTER-READABLE RECORDING MEDIUM STORING INSTRUCTIONS CAUSING IMAGE OUTPUTTING DEVICE TO EXECUTE OUTPUTTING OPERATION

Brother Kogyo Kabushiki K...

20. An image outputting system, comprising:a computer including a processor, a memory, a user interface and a communication interface; and
an image outputting device configured to execute an outputting operation in accordance with image data, the image outputting device being connected with the computer,
the processor of the computer is configured to perform:
receiving an output instruction instructing output of the image data;
obtaining, from an external program stored in the memory, transfer requirement information requesting to transfer recommendable condition information, the recommendable condition information including multiple parameters respectively corresponding to multiple items constituting an execution condition of the outputting operation;
transmitting parameter request information to a server through the communication interface, the parameter request information including key information indicating a current status of the computer, the parameter request information being information requesting the server to transmit recommendable parameters corresponding to particular items which are parts of the multiple items, the recommendable parameters being parameters relating to the key information;
receiving parameter instruction information including the recommendable parameters associated with the key information from the server through the communication interface as a response to the parameter request information;
transferring the recommendable condition information including the recommendable parameters included in the parameter instruction information to the external program in response to the transfer requirement information so that the external program can identify the recommendable parameters in accordance with the input through the user;
obtaining designated condition information, from the external program, the designated condition information being information representing a condition identified by the external program in accordance with the input through the user interface; and
outputting output instruction information to cause the image outputting device to execute the outputting operation in accordance with the execution condition represented by the designated condition information, and
the image outputting device performing the outputting operation in response to receipt of the output instruction information output by the computer.

US Pat. No. 10,893,162

SYSTEM, METHOD OF DETECTING ALTERNATION OF PRINTED MATTER, AND STORAGE MEDIUM

Ricoh Company, Ltd., Tok...

1. A system comprising:circuitry configured to
embed a digital watermark data in an original image, wherein the original image is divided into a plurality of blocks each block having been embedded with a pattern corresponding to each value of the digital watermark data;
store, in a memory, the original image, the digital watermark data embedded in the original image, and an embedding position of the pattern of the digital watermark data in association with each other;
detect a pattern in a scanned image of a printed matter;
decode the detected pattern to acquire digital watermark data included in the scanned image;
align each block between the original image and the scanned image, based on the embedding position of the pattern associated with the original image and a detection position of the pattern detected from the scanned image; and
obtain a difference between the original image and the scanned image aligned with each other to detect an alteration of the printed matter.

US Pat. No. 10,893,161

PRINTING SYSTEM OPERABLE FROM PLURALITY OF APPLICATIONS, INFORMATION PROCESSING APPARATUS, AND METHOD AND PROGRAM FOR CONTROLLING INFORMATION PROCESSING APPARATUS

Canon Kabushiki Kaisha, ...

1. A printing system comprising:a plurality of external apparatuses, including a first external apparatus having a display configured to display information and including a second external apparatus, configured to execute a plurality of sheet management applications; and
a printing apparatus provided with a plurality of sheet containers and configured to (i) register sheet information in correspondence with the plurality of sheet containers and (ii) to update print adjustment information linked with the registered sheet information in accordance with a request from one of the plurality of sheet management applications,
wherein the printing apparatus includes a printing apparatus controller having a processor and a memory configured to perform operations including:
retaining information corresponding to the first external apparatus executing a first sheet management application, and
providing a first notification to the first external apparatus in a case where a second notification for starting a second sheet management application is acquired from the second external apparatus in a state where the information corresponding to the first external apparatus is retained,
wherein the first external apparatus includes a first external apparatus controller having a processor and a memory configured to perform operations including:
causing the display to display a first screen of the first sheet management application, wherein the first screen is capable of listing the registered sheet information, and
causing the display to display a second screen of the first sheet management application upon acquisition of the first notification from the printing apparatus,
wherein the first screen includes a first message indicating that two or more sheet management applications should not be executed simultaneously, and
wherein the second screen includes a second message related to a process of prohibiting the plurality of external apparatuses from simultaneously executing the two or more sheet management applications.

US Pat. No. 10,893,160

MULTI-FEED DETECTION APPARATUS FOR CHANGING A THRESHOLD VALUE FOR DETECTING MULTI-FEED OR STOPPING DETECTION OF MULTI-FEED BASED ON A SHAPE OF A MEDIUM

PFU LIMITED, Ishikawa (J...

1. A multi-feed detection apparatus comprising:a conveyance roller to convey a medium;
an ultrasonic sensor including an ultrasonic transmitter for transmitting an ultrasonic wave;
an ultrasonic receiver facing the ultrasonic transmitter for receiving the ultrasonic wave through the medium and generating an ultrasonic signal corresponding to the received ultrasonic wave;
an imaging device to image the medium being conveyed by the conveyance roller and sequentially generate a line image; and
a processor to:
detect a width of the medium in each line image,
detect a vertex count of the medium included in the sequentially generated line image based on the width of the medium in the each line image,
detect a length of the medium included in the sequentially generated line image, in a direction perpendicular to a width of the medium,
estimate a shape of the medium based on the vertex count and the length of the medium,
detect a media multi-feed by comparing the ultrasonic signal with a predetermined threshold value, and
change the predetermined threshold value or stop detection of the media multi-feed, based on the estimated shape of the medium.

US Pat. No. 10,893,159

DOCUMENT FEEDER AND IMAGE FORMING APPARATUS

SHARP KABUSHIKI KAISHA, ...

1. A document feeder comprising:a document placing portion on which a document is placed;
a transporter which transports the document placed on the document placing portion so as to output the document from a document output port in an output direction;
a document discharge portion on which the document output from the document output port is stacked; and
a substrate including a light source that emits light with which the document discharge portion is irradiated,
the document discharge portion being disposed below the document placing portion,
the substrate being fixed to the document placing portion so as to incline relative to a horizontal reference of the document feeder, and inclining a surface of the substrate on which the light source is mounted such that an optical axis of the light source extends toward the document output port.

US Pat. No. 10,893,158

DISPLAY DEVICE, PROGRAM, AND DISPLAY METHOD OF DISPLAY DEVICE

SHARP KABUSHIKI KAISHA, ...

1. A display device, comprising:a display that displays an input screen having a plurality of areas arranged with an input element;
determination circuitry that determines a cause of a disabled state if the input element is in the disabled state; and
display controlling circuitry that performs control to identifiably display the plurality of areas arranged with the input element in the disabled state, in a color corresponding to the cause, wherein
the display device further comprises a storage that stores colors corresponding to the plurality of areas, and
if a cause of disabling an input element included in one area is based on a content input in an input element included in a different area, the display controlling circuitry performs control to display a whole of the one area in a color corresponding to the different area.

US Pat. No. 10,893,157

INFORMATION PROCESSING SYSTEM AND INFORMATION PROCESSING APPARATUS

Ricoh Company, Ltd., Tok...

1. An information processing system, comprising:a server including first circuitry and a first memory; and
an information processing apparatus including second circuitry and being connectable to the server via a communication network, wherein
the second circuitry of the information processing apparatus is configured to
acquire, as logged-in user information, information input by a user when the user logs in to the information processing apparatus, and
transmit the logged-in user information to the server, and
the first circuitry of the server is configured to
store the transmitted logged-in user information in the first memory,
acquire a user request to the information processing apparatus based on audio information of voice input via a terminal, the user request including a type of job and user identifying information,
replace the user identifying information included in the acquired user request with the acquired logged-in user information stored in the first memory to generate a modified user request, the user identifying information specifying address information of the user, and
transmit the modified user request including the acquired logged-in user information to the information processing apparatus to instruct the information processing apparatus to execute the user request.

US Pat. No. 10,893,156

SCANNING AUTHORIZATION

KYOCERA Document Solution...

1. A method, comprising:storing in a memory at least one keyword in a word bank, at least one permission in at least one profile, and at least one action to be performed responsive to a scanning operation of a document including the at least one keyword;
obtaining a scan file and a user identification associated therewith of the scanning operation;
performing a recognition operation on an image in the scan file;
checking for the at least one keyword in a recognized content obtained from the image;
responsive to recognizing the at least one keyword in the recognized content, checking for the at least one permission having the user identification to determine whether a user associated with the user identification is authorized to perform the scanning operation; and
performing the at least one action for the scanning operation responsive to an outcome of the checking for the at least one permission:
wherein the at least one action comprises:
allowing a completion of the scanning operation responsive to the outcome indicating the scanning operation is authorized by having the user identification including the at least one permission; and
prohibiting a completion of the scanning operation responsive to the outcome indicating the scanning operation is unauthorized by the user identification not being included in the at least one permission.

US Pat. No. 10,893,155

NON-TRANSITORY COMPUTER-READABLE RECORDING MEDIUM CONTAINING INSTRUCTIONS CAUSING DEVICE TO DOWNLOAD DATA FROM SERVER

Brother Kogyo Kabushiki K...

1. A non-transitory computer-readable recording medium for an information processing device provided with a first communication interface, a second communication interface and a controller, the recording medium containing instructions realizing an application program, the instructions causing, when executed, the controller to perform:a first communication process of downloading content data from a storage server through the first communication interface;
a second communication process of transmitting the content data downloaded in the first communication process to a target device capable of outputting the content data through the second communication interface;
a first determining process of determining whether a startup option including address information is delivered when the application program is started; and
in response to determining, in the first determining process, that the startup option including the address information is delivered, a second determining process of determining whether the address information included in the startup option is address information indicating the storage server,
the instructions further causing, when executed, the controller to:
in response to determining, in the second determining process, that the address information included in the startup option is the address information indicating the storage server:
download, in the first communication process, the content data from the storage server indicated by the address information included in the startup option; and
transmit, in the second communication process, the content data downloaded in the first communication process, to the target device.

US Pat. No. 10,893,154

PERSONALIZED SOUVENIR PRODUCING INTERACTIVE KIOSK SYSTEM

1. A personalized souvenir producing interactive kiosk system, the personalized souvenir producing interactive kiosk system comprising:a kiosk having:
a user interface providing a user-interactive display;
a payment receiving and processing system for accepting and processing payment from a user;
a powering source for powering said kiosk;
a digital input receiver for receiving a digital-image from an electronic device, said kiosk being in communication with said electronic device;
a housing storing:
a supply of magnetic sheeting;
a printer configured to print a user-selected said digital image on a section of said supply of magnetic sheeting stored in said kiosk in response to receiving said digital-image and said payment from said user;
and
a central processing unit controlling functions of said printer;
and
a dispenser tray for dispensing and delivering a personalized souvenir to said user;wherein said personalized souvenir is a refrigerator magnet;wherein said payment receiving and processing system is accessible from an exterior of said kiosk and comprises a paper currency acceptor for receiving and processing paper money payments and paper currency storage bin for storage thereof;wherein said payment receiving and processing system further comprises a mag-stripe reader for reading and processing payment from a payment-card;wherein said powering source comprises a power cord;wherein said user interface comprises a touchscreen digital display;wherein said kiosk further comprises at least one port configured receive a transfer cable and connect with said electronic device for receiving said user-selected said digital-image from said electronic device;wherein said at least one port is a Universal Serial Bus port configured to transfer said digital-image from said electronic device to said central processing unit;wherein said kiosk further comprises wireless communication capability for communicating with a remote said electronic device;wherein said further comprises a cutting press for separating said supply of magnetic sheeting into individual said refrigerator magnet size sections for printing said user-selected digital image thereon;wherein said kiosk further comprises a database configured to store preprogrammed-templates, preprogrammed-images, and preprogrammed-backgrounds for further customization of said personalized souvenir;wherein said digital image is selected from a group consisting of a photograph, a graphic image, and said preprogrammed-image;wherein an orientation of at least one of said digital images is able to be manipulated and customized by said user using said user interface;wherein said digital image is printed on a top-surface of said refrigerator magnet opposing a magnetic base;wherein said top-surface comprises a vinyl substrate;wherein internal components of said kiosk are coated with a non-stick material for aiding in effective dispensing of said personalized souvenir.

US Pat. No. 10,893,153

INFORMATION PROCESSING APPARATUS THAT PERFORMS ALBUM CREATION PROCESS AND METHOD FOR CONTROLLING INFORMATION PROCESSING APPARATUS THAT PERFORMS ALBUM CREATION PROCESS

KYOCERA Document Solution...

1. An information processing apparatus, comprising:a storage medium that stores a plurality of pieces of photograph data and a plurality of comments;
an input device that accepts a selection of, from among the plurality of pieces of photograph data stored by the storage medium, a set of pieces of photograph data to be included in album page data used for printing of an album; and
a processor that places the set of pieces of photograph data selected at the input device in the album page data, adds an enclosure image to each of the set of pieces of photograph data in the album page data, selects, from among the plurality of comments stored by the storage medium, a comment to be added to the each of the set of pieces of photograph data, and performs control so that the comment thus selected is included in the enclosure image, thus adding the comment to the each of the set of pieces of photograph data,
wherein
the input device accepts a total number of pieces of the photograph data to be included in the album page data,
in a case where the number of the set of pieces of photograph data selected at the input device is less than the total number, the processor automatically selects a piece of the photograph data,
when automatically selecting the piece of the photograph data, the processor selects, from among unselected pieces of the photograph data, a piece of photograph data showing a person whose face faces a face of a person shown in any one of the set of pieces of photograph data selected via the input device,
the storage medium stores reply comments that are replies to the plurality of comments, respectively,
the processor places, in the album page data, two pieces of the photograph data side by side so that the faces of the persons shown respectively in the two pieces of the photograph data face each other,
the processor adds the comment to one of the two pieces of the photograph data respectively showing the faces facing each other, and
the processor adds one of the reply comments corresponding to the comment added to the one of the two pieces of the photograph data respectively showing the faces facing each other to the other of the two pieces of the photograph data.

US Pat. No. 10,893,152

METHOD, COMPUTER PROGRAM, AND ALGORITHM FOR COMPUTING NETWORK SERVICE VALUE PRICING BASED ON COMMUNICATION SERVICE EXPERIENCES DELIVERED TO CONSUMERS AND MERCHANTS OVER A SMART MULTI-SERVICES (SMS) COMMUNICATION NETWORK

INCNETWORKS, INC., Somer...

1. A mobile cloud computing (MCC) network system for transferring data during a handover of a user equipment connected to an MCC communication network, the MCC network system comprising:at least one processor; and
a memory coupled to the at least one processor, the memory for storing data to facilitate transfer of the data to the user equipment connected to the MCC communication network, and the memory storing instructions to cause the at least one processor to:
receive, by an MCC access controller connected to the MCC communication network and configured to enable the transfer and execution of at least one mobile cloud application for the user equipment as the user equipment moves to a current visiting MCC network, an access request submitted by the user equipment to move to the current visiting MCC network;
in response to the access request from the user equipment to the current visiting MCC network, perform, by the MCC access controller, a connection handover for the user equipment to the current visiting MCC network;
in response to the access request from the user equipment to the current visiting MCC network, add, by the MCC access controller, each previously visiting MCC network as an ad hoc addition of a server node on a local, regional, national, or global level within the MCC communication network and identifying the user equipment as a visitor within the current visiting MCC network and each previously visiting MCC network;
during the connection handover, execute simultaneously, by the MCC access controller, a Quality of Experience (QoE) data handover to deliver user equipment specific QoE data, which includes, user equipment specific applications, resources, and services presently not available on the current visiting MCC network, from a home MCC network of the user equipment to the user equipment via the current visiting MCC network so that the user equipment can maintain at the current visiting MCC network the same user equipment specific QoE service levels as defined on the home MCC network;
automatically locate, by the MCC access controller, the user equipment specific QoE data on one or more home servers on the home MCC network of the user equipment; and
automatically transferring and storing a copy of the user equipment specific QoE data from at least one home server on the home MCC network to at least one visiting server on the current visiting MCC network; and
automatically maintain, synchronize, and age, by the MCC access controller, the user equipment specific QoE data of the user equipment on the current visiting MCC network,
wherein the MCC access controller receives from the user equipment at the MCC access controller registration information to identify the user equipment on the current visiting MCC network,
wherein the MCC access controller assigns in at least one database, based on the registration information of the user equipment, a home location network associated with the user equipment, a service identity to identify the user equipment to permit access to the current visiting MCC network for requesting and receiving services, and at least one end user permanent device registered and authorized by the user equipment to transmit requests and to receive services on behalf of the user equipment, and
wherein the MCC access controller is configured such that the user equipment is decoupled from the permanent device to permit use of a temporary device to gain access to the user equipment specific QoE data at the current visiting MCC network, a home data access request is transmitted to the home MCC network to gain access to the user equipment specific QoE data, when the user equipment uses the temporary device to connect to the current visiting MCC network and after the user equipment transmits to the MCC access controller a security feature comprising the service identity and successfully completes an user equipment authentication and verification process on the current visiting MCC network.

US Pat. No. 10,893,151

DATA GAP BRIDGING METHODS AND SYSTEMS

Hewlett Packard Enterpris...

1. A non-transitory computer readable medium comprising computer executable instructions stored thereon that, when executed by a processor in a source system, cause the processor to:receive, at a downlink monitor, a sent data volume from an external computing device of a vendor by sending a secure counter check to the external computing device;
determine, by an uplink monitor, an operator received data volume from the vendor based on a charging function;
receive a first charging data report (CDR) including the sent data volume from a vendor;
compare the first CDR to an operator received data volume and when the first CDR is different than the operator received data volume, rejecting the first charging report;
provide a second CDR having the operator received data volume to the vendor;
receive a charging data acceptance including a negotiated data volume from the vendor derived from calculating a constraint-bound charge range between the sent data volume and the operator received data volume based on a representation of the sent data volume relative to the received data volume allowing reconciliation of the difference therebetween;
construct a publicly verifiable proof of charging based on the charging data acceptance; and
send the publicly verifiable proof of charging to the vendor.

US Pat. No. 10,893,150

CODEC SELECTION AND USAGE FOR IMPROVED VOIP CALL QUALITY

INTERNATIONAL BUSINESS MA...

1. A computer-implemented method within an Internet Protocol (IP) phone, comprising:identifying, by the IP phone and from an electronic calendar associated with a user, a call scheduled for a future time;
generating, using a first particular one of a plurality of codecs and anticipated network metrics of the call, a first emulated call and corresponding emulated mean opinion score (MOS) for the first emulated call;
generating, using a second particular one of the plurality of codecs and the anticipated network metrics, a second emulated call and corresponding MOS for the second emulated call;
ranking the first emulated call relative to the second emulated call based upon the corresponding MOSs for the first emulated call and the second emulated call; and
initiating the call using a selected codec based upon the ranking.

US Pat. No. 10,893,149

COMPUTER-PROGRAMMED TELEPHONE-ENABLED DEVICES FOR PROCESSING AND MANAGING NUMEROUS SIMULTANEOUS VOICE CONVERSATIONS CONDUCTED BY AN INDIVIDUAL OVER A COMPUTER NETWORK AND COMPUTER METHODS OF IMPLEMENTING THEREOF

GREEN KEY TECHNOLOGIES, I...

1. A system, comprising:a plurality of computing devices; and
a server operable to establish a virtual private network (VPN), and to establish Voice Over Internet Protocol (VOIP) communications between each of the plurality of computing devices over the VPN via a Session Initiation Protocol (SIP);
wherein a first computing device of the plurality of computing devices is operable to maintain concurrent VOIP communications via the SIP with at least two other computing devices of the plurality of computing devices, to receive packetized audio from the at least two other computing devices via the VOIP communications, and to automatically transcribe the audio in real-time;
wherein the first computing device is further operable to mute at least one computing device of the at least two other computing devices, and to continue automatically transcribing speech from a user of the at least two computing devices that was not muted while the at least one computing device of the at least two other computing devices is muted.

US Pat. No. 10,893,148

SYSTEM AND METHOD FOR UNIFIED CALL LOGS WITH SUPPORT FOR CALL CONTINUITY

Verizon Patent and Licens...

1. A user device, comprising:an interface that communicates with a network;
a memory configured to store instructions and call log data; and
a processor configured to execute the instructions stored in the memory to:
receive an invite message identifying an incoming call and providing a caller telephone number;
store, in the memory, first call log information including a caller identifier based on the invite message;
receive a status message indicating that another user device answered the incoming call;
store, in the memory, second call log information including a timestamp for the status message;
receive a call transfer notification, wherein the call transfer notification solicits a transfer of the answered incoming call from the other user device to the user device;
accept the transferred call;
store, in the memory, third call log information including a timestamp for accepting the transferred call;
determine that the transferred call is ended;
generate, after determining the transferred call is ended, a single call log entry for the user device that indicates the other user device answered the incoming call, the user device answered the transferred call, and a combined duration of the incoming call and the transferred call, wherein the single call log entry is identical or substantially similar to another call log entry generated by the other user device.

US Pat. No. 10,893,147

ROOM SENSOR APPLICATIONS AND TECHNIQUES

Intel Corporation, Santa...

1. A video conference device comprising:at least one processor;
memory to store instructions; and
a communication interface to transmit from and receive signals for the processor,
the at least one processor to execute the instructions to at least:
in a first communication mode, transmit, via the communication interface, a code and an address of the video conference device in a first ultrasound message;
establish, via the communication interface, a Wi-Fi connection with a mobile device in a second communication mode based on the address from the first ultrasound message;
in the second communication mode, pair the video conference device with the mobile device based on authentication of the code when the mobile device is in proximity to the video conference device;
in the second communication mode, enable control of operation of the video conference device by the mobile device via the Wi-Fi connection while the mobile device is in proximity to and paired with the video conference device; and
after an end of the pairing, return to the first communication mode to transmit, via the communication interface, the code and the address of the video conference device in a second ultrasound message.

US Pat. No. 10,893,146

TECHNIQUES FOR BENCHMARKING PAIRING STRATEGIES IN A CONTACT CENTER SYSTEM

Afiniti, Ltd., Hamilton ...

1. A method comprising:determining, by at least one computer processor communicatively coupled to and configured to operate in a contact center system, an adjustable probability distribution for selecting any of the first, second, third, and fourth pairing strategies, wherein each of the first, second, third, and fourth pairing strategies have a non-zero chance of being selected;
at a first time, by the at least one computer processor, selecting a first pairing strategy based on the adjustable probability distribution for pairing a first contact to an agent;
at a second time later than the first time, by the at least one computer processor, selecting a second pairing strategy that is different from the first pairing strategy based on the adjustable probability distribution for pairing a second contact to the agent;
at a third time later than the second time, by the at least one computer processor, selecting a third pairing strategy that is different from the second pairing strategy based on the adjustable probability distribution for pairing a third contact to the agent;
at a fourth time later than the third time, by the at least one computer processor, selecting a fourth pairing strategy that is different from the first and third pairing strategies for pairing a fourth contact to the agent;
determining, by the at least one computer processor, a first performance measurement based on outcomes of the pairings of the first and third contacts;
determining, by the at least one computer processor, a second performance measurement based on outcomes of the pairings of the second and fourth contacts; and
outputting, by the at least one computer processor, data that enables a comparison of the first and second performance measurements;
wherein the first, second, third, and fourth times occur within a time interval of less than 24 hours.

US Pat. No. 10,893,145

CONTEXT-AWARE REDIRECTION FROM TELEPHONY ENVIRONMENT TO MESSAGING ENVIRONMENT

LIVEPERSON, INC., New Yo...

1. A method of context-aware caller redirection from a telephony environment to a messaging environment, the method comprising:receiving telephony information from a telephony system, the telephony information including call context provided by a caller device during a telephone call between the caller device and the telephony system;
identifying a messaging operator based on the call context;
transmitting the call context to a messaging device associated with the messaging operator in response to identifying the messaging operator; and
initiating a messaging connection through a messaging service between the caller device and the messaging device, wherein the messaging service conveys one or more caller messages from the caller device to the messaging device over the messaging connection, and wherein the messaging service conveys one or more operator messages from the messaging device to the caller device over the messaging connection.

US Pat. No. 10,893,144

ELECTRONIC APPARATUS AND CONTROL METHOD THEREOF

Samsung Electronics Co., ...

1. An electronic apparatus mounted on a vehicle, the electronic apparatus comprising:a communicator comprising communication circuitry configured to communicate with an external device;
an application processor (AP); and
a micro controller unit (MCU) comprising a micro controller configured to turn on a power source of the AP in response to a communication connection request being received from the external device in a state in which the power source of the AP is turned off,
wherein the AP, in response to a control command being received from the external device after the power source is turned on, is configured to provide telematics service based on the received control command,
wherein the MCU is configured to control the communicator to turn on a power source based on a predetermined period, in response to the power source being turned on, perform paging of a connection request from the external device, and adjust a paging period by adjusting a Slot Cycle Index (SCI) value or a Discontinuous Reception (DRX) value.

US Pat. No. 10,893,143

METHOD AND SYSTEM FOR AUTOMATIC DETECTION OF AGENT AVAILABILITY TO ATTEND A SCHEDULE AND REASSIGNMENT THEREOF

1. A computerized method for automatic detection of absence of an agent to attend a preassigned schedule of customer calls in a call center and reassignment thereof to another agent, the method comprising:in a computerized system comprising a processor, and a memory including a database of a plurality of agents with a respective plurality of schedules of customer calls stored thereon, querying the plurality of schedules to assess by the processor an availability of an agent to attend a preassigned schedule in a predefined time interval before a starting time of the preassigned schedule,
wherein an agent is assessed as absent when the agent is not logged on terminal;
if the agent is assessed as absent according to the assessment, assessing by the processor, candidate agent availability from the database of the plurality of agents to participate in the schedule of the absent agent;
identifying by the processor one or more candidate agents from the plurality of available agents in the database to replace the agent that is absent based on the candidate agent availability assessment;
assigning by the processor a replacement agent chosen from the one or more candidate agents based on suitable skills or preferences of each of the one or more identified candidate agents; and
notifying by the processor, a supervisor that the chosen replacement agent will attend the preassigned schedule in place of the absent agent.

US Pat. No. 10,893,142

CONTACT CENTER AUTHENTICATION

Eckoh UK Limited, Hemel ...

1. A method of authenticating a service agent on behalf of a user, the method performed at one or more servers and comprising:obtaining at least one unique identifier that is uniquely associated with a first communication session between the service agent and the user, the first communication session established over a first communication channel;
storing the at least one unique identifier in a data store;
receiving, via a second communication channel, a validation request comprising verification information associated with the user;
attempting authentication of the service agent by comparing the verification information with the at least one unique identifier stored in the data store, and in response outputting a validation response via the second communication channel;
wherein, if the verification information corresponds with the at least one unique identifier stored in the data store, the validation response indicates successful authentication of the service agent, and if the verification information does not correspond with the at least one unique identifier stored in the data store, the validation response indicates unsuccessful authentication of the service agent.

US Pat. No. 10,893,141

AUTOMATED CALL REQUESTS WITH STATUS UPDATES

GOOGLE LLC, Mountain Vie...

1. A computer-implemented method comprising:accessing, by a call initiating system for placing telephone calls and conducting conversations between a bot of the call initiating system and human representatives of organizations during the telephone calls, a set of linked nodes that represent a predefined, idealized conversation workflow, each node being linked by a set of one or more respective intents;
accessing training data comprising audio samples of a respective human operator completing a task by conversing with a respective human representative from a group of human representatives of various organizations;
for one or more audio samples corresponding to the respective representative of an organization responding to the respective operator, updating the predefined, idealized conversation workflow by associating a representation of the audio sample with one of the intents in the predefined, idealized conversation workflow or newly connecting nodes of the predefined, idealized conversation workflow using a newly defined intent;
performing, by the call initiating system, the task for a human user by initiating a telephone call with a human representative of an organization that is not included in the group of human representatives from the various organizations; and
using the updated conversation workflow, conducting, by the bot of the call initiating system, a telephone conversation with the human representative of the organization that is not included in the group of human representatives from the various organizations.

US Pat. No. 10,893,140

METHOD, SYSTEM AND DEVICE FOR AN ENHANCED CALL SETUP WITH VERIFICATION OF A USER EQUIPMENT IN A TELECOMMUNICATIONS NETWORK

Telefonaktiebolaget LM Er...

1. A call setup method with a verification of an assumed calling User Equipment (UE) in a second node comprised by a telecommunications network, the telecommunications network further comprising a first node, the assumed calling UE and a called UE, the first node, the second node, the assumed calling UE and the called UE being communicatively connected, wherein the method comprises the steps of:receiving a call setup request comprising an identifier identifying the assumed calling UE;
transmitting to the first node a verification request comprising the identifier identifying the assumed calling UE;
receiving from the first node status information of the assumed calling UE; and
determining whether, depending on the status information, to initiate signaling of the call set up with the called UE.

US Pat. No. 10,893,139

PROCESSING INTERACTION REQUESTS WITH USER SPECIFIC DATA ON A SHARED DEVICE

Facebook, Inc., Menlo Pa...

1. A method comprising:associating a plurality of owner profiles with a computing device;
receiving, by the computing device, a first request for a first action to be performed by the computing device;
determining, based on the first action, a first request type of the first request from a set of request types stored by the computing device, the set of request types including:
a generic request type associated with actions independent of profile data of the plurality of owner profiles;
a personal request type associated with actions using profile data of a single owner profile of the plurality of owner profiles; and
a shared request type associated with actions using profile data of multiple owner profiles of the plurality of owner profiles;
responsive to determining the first request type is of the personal request type, comparing profile data of each of the plurality of owner profiles with information in the first request;
determining a best matching owner profile to the information in the first request; and
performing the first action using the profile data of the best matching owner profile.

US Pat. No. 10,893,137

PHOTOGRAPHY GUIDING METHOD, DEVICE, AND SYSTEM

HUAWEI TECHNOLOGIES CO., ...

1. A terminal, comprising:a display screen, configured to display a photographing screen;
a detection unit, configured to detect at least one search word entered by a user through a voice; and
a retrieval unit, configured to perform a picture retrieval based on the at least one search word detected by the detection unit, wherein the at least one search word is used to describe a feature of a to-be-photographed picture,
wherein the display screen is further configured to display, on the photographing screen, a plurality of reference pictures corresponding to the picture retrieval,
wherein at least one of the plurality of reference pictures is selected as a target reference picture that covers the to-be-photographed picture in a translucent manner,
wherein the displaying of the plurality of reference pictures by the display screen includes arranging and displaying the plurality of reference pictures on the photographing screen according to a priority sequence, and
wherein the priority sequence uses a priority of each one of the plurality of reference pictures that is proportional to a quantity of times that each one of the plurality of reference pictures is selected as the target reference picture.

US Pat. No. 10,893,136

SYSTEM AND METHOD FOR CONTROLLING IN-VEHICLE ELECTRONIC DEVICES

1. A system for controlling an electronic device, the electronic device located within a vehicle and including a first display and a first application, the vehicle including a first monitoring device adapted to monitor a status of the vehicle, the system comprising:a second application installed on the electronic device;
a second monitoring device within the vehicle and including a second display, and adapted to receive vehicle status information from the first monitoring device;
the second application adapted to receive information based at least in part on the vehicle status information from the second monitoring device;
wherein, based at least in part on the information received from the second monitoring device, the second application determines to disable the first application; and
wherein the second display is adapted to mirror at least a portion of the first display.

US Pat. No. 10,893,135

DATA PROCESSING METHOD AND APPARATUS

Alibaba Group Holding Lim...

1. A method implemented by a computing device, the method comprising:obtaining a message comprising a non-triggered event;
determining an event type and a triggering time of the non-triggered event according to the message by parsing and analyzing the message to determine a plurality of pieces of content matching a plurality of feature fields from the message, the plurality of feature fields comprising a time field and a field for determining the event type;
providing a reminder for the non-triggered event according to the event type and the triggering time;
determining that a user is in a ready state of executing the non-triggered event, wherein determining that the user is in the ready state of executing the non-triggered event comprises:
determining a triggering position of the non-triggered event according to the message, locating a position of the user, and determining that the user is in the ready state of executing the non-triggered event if the position of the user matches the triggering position of the non-triggered event; or
determining that the user views the message or responds to the reminder for the non-triggered event before the triggering time; and
controlling a profile of the computing device to be adjusted to a profile corresponding to the event type at a set time when or before the triggering time is reached.

US Pat. No. 10,893,134

DISPOSABLE PHONE CASE INCLUDING FITTING MEANS

1. A case comprising:a barrier material defining a body configured to enclose a personal digital assistant (PDA); and at least one fastener,
wherein: (a) the case is configured to convert between a relaxed configuration which facilitates transfer of the PDA into and out of the case, and a fitted configuration which conforms more closely to the PDA enclosed therein, (b) the at least one fastener is configured to reversibly retain the case in the fitted configuration, (c) the barrier material is effective to prevent viruses and bacteria from penetrating therethrough and (d) the at least one fastener is a strap having one end permanently attached to a body of the case and a free end not permanently attached to the body of the case, and the case further comprises a pressure-sensitive adhesive on at least one of the body and the free end of the strap, which is effective to reversibly bond the free end of the strap to the body of the case.

US Pat. No. 10,893,133

METHOD AND APPARATUS FOR PROVIDING EVENT OF PORTABLE DEVICE HAVING FLEXIBLE DISPLAY UNIT

SAMSUNG ELECTRONICS CO., ...

1. An electronic apparatus, comprising:a main body;
a single display which is mounted on the main body, the single display comprising:
a main display area, and
an auxiliary display area which is extended from the main display area to a rear surface of the electronic apparatus and is smaller than the main display area,
wherein the auxiliary display area comprises a curvature extending from the main display area,
wherein the main body comprises:
a front portion which is coupled with the main display area, the front portion and the main display area form a front surface of the electronic apparatus,
a rear portion which forms the rear surface of the electronic apparatus, and
a side portion which is coupled with the auxiliary display area, the side portion and the auxiliary display area form at least one side surface of the electronic apparatus, and
wherein the side portion comprises a curved area corresponding the curvature.

US Pat. No. 10,893,132

MOBILE TERMINAL

BEIJING XIAOMI MOBILE SOF...

1. A mobile terminal, comprising:a display panel;
a first polarizing component arranged on a first side of the display panel; and
a light sensor arranged on an opposing second side of the display panel that is configured to receive ambient light and light emitted by the display panel, the ambient light being incident onto the light sensor after passing through the first polarizing component and the display panel, and the ambient light being linear polarized light having passed through the first polarizing component, the light sensor including N first regions and M second regions, where a total area of the N first regions is equal to that of the M second regions, and N and M are natural numbers, wherein:
each of the first regions includes a second polarizing component and K photodetectors arranged in an array, where the second polarizing component is located above the K photodetectors, and a polarization direction of the second polarizing component is parallel to that of the first polarizing component; and
each of the second regions includes a third polarizing component and L photodetectors arranged in an array, where the third polarizing component is located above the L photodetectors, K and L are natural numbers, and a polarization direction of the third polarizing component is perpendicular to that of the second polarizing component.

US Pat. No. 10,893,131

CASE FOR A MOBILE ELECTRONIC DEVICE

POPSOCKETS LLC, Boulder,...

1. A protective case for a mobile electronic device, the protective case comprising:a case body sized to receive a mobile electronic device, wherein the case body has a front surface arranged to engage the mobile electronic device, a rear surface opposite the front surface, and a perimeter edge extending outward from the front surface and away from the rear surface; and
a protection element coupled to the rear surface of the case body and configured to define an exterior contact surface that is disposed at a distance from the rear surface and the perimeter edge for protecting the case body and the mobile electronic device, the protection element comprising:
a first chamber filled with a fluid, the first chamber centrally located on the rear surface of the case body, such that the first chamber covers a portion of the rear surface of the case body.

US Pat. No. 10,893,130

MOBILE TERMINAL

LG ELECTRONICS INC., Seo...

1. A mobile terminal comprising:a first frame;
a second frame slidably movable with respect to the first frame along a first direction or a second direction opposite to the first direction;
a slide frame movable along the first direction or the second direction with respect to the second frame;
a magnetic roller coupled to one side of the second frame to be rotatable about a rotation axis extending along a third direction perpendicular to the first direction;
a flexible display comprising a first region coupled to the first frame, a second region coupled to the slide frame, and a third region disposed between the first region and the second region, the third region being bent to surround the magnetic roller; and
a rolling plate attached to a rear surface of the flexible display,
wherein the magnetic roller provides a magnetic force such that the rolling plate is attached to an outer circumferential surface of the magnetic roller.

US Pat. No. 10,893,129

HINGED ELECTRONIC DEVICE WITH MOVING SUPPORT PLATES FOR A FLEXIBLE DISPLAY AND CORRESPONDING SYSTEMS

Motorola Mobility LLC, C...

1. An electronic device, comprising:a first device housing and a second device housing; and
a hinge coupling the first device housing to the second device housing, the first device housing pivotable about the hinge relative to the second device housing;
the hinge comprising:
a cam;
a first support plate pivotally coupled to a first side of the cam and extending distally into the first device housing from the first side of the cam; and
a second support plate pivotally coupled to a second side of the cam and extending distally into the second device housing from the second side of the cam;
wherein each of the first device housing and the second device housing define a support plate receiving recess comprising an inclined plane;
wherein a distal end of each of the first support plate and the second support plate travels along the inclined plane between a first position within the first device housing and the second device housing, respectively, with the distal end situated at a top of the inclined plane, to a second position within the first device housing and the second device housing, respectively, with the distal end situated at a bottom of the inclined plane, when the first device housing and the second device housing pivot about the hinge from an axially displaced open position to a closed position.

US Pat. No. 10,893,128

POWER MANAGEMENT METHOD, LOCAL CONTROL APPARATUS AND POWER MANAGEMENT SYSTEM

KYOCERA CORPORATION, Kyo...

1. A power management method in which a power management server that manages a facility connected to a power grid instructs a local control apparatus provided in the facility to control an equipment provided in the facility, the power management method comprising:a step A of transmitting a first message from the power management server to the local control apparatus according to a first protocol, the first message comprising a first information element indicating information type of the equipment to which a report to the power management server is requested;
a step B of transmitting a second message from the local control apparatus to the equipment according to a second protocol different from the first protocol,
wherein the second message corresponds to the report of the information type of the equipment for the equipment instructed by the first message, and includes a second information element of the second protocol corresponding to the first information element of the first protocol;
a step C of transmitting a second message response from the equipment to the local control apparatus according to the second protocol, in response to the second message, when control content for the equipment instructed by the first message is a report of information on the equipment; and
a step D of transmitting a first message response from the local control apparatus to the power management server according to the first protocol in response to the first message,
wherein
the step D includes:
a step D1 of converting at least one information element complied with the second protocol and included in the second message response into an information element complied with the first protocol; and
a step D2 of transmitting the first message response including the information element complied with the first protocol, and
the step D1 of converting includes: calculating, by the local control apparatus, the information element complied with the first protocol based on the at least one information element complied with the second protocol and included in the second message response.

US Pat. No. 10,893,127

SYSTEM AND METHOD FOR COMMUNICATING INTERACTIVE DATA BETWEEN HETEROGENEOUS DEVICES

Arkade, Inc., Centennial...

1. A method for communicating interactive data between heterogeneous devices, comprising:receiving, by an intermediary computing device via a first wireless interface from a first computing device, interactive data from at least one sensor of the first computing device;
extracting, by the intermediary computing device, at least one data string from the received interactive data;
encapsulating, by the intermediary computing device, the extracted at least one data string in a transport layer header; and
transmitting, by the intermediary computing device via a second wireless interface to a second computing device, the encapsulated at least one data string,
wherein the second computing device extracts the at least one data string from the encapsulated transmission and inserts the at least one data string into memory of a virtual human interface device (HID) driver executed by an operating system of the second computing device.

US Pat. No. 10,893,126

METHOD AND APPARATUS FOR PROTOCOL TRANSLATION AND EXCHANGE OF SELECTABLE, CONTEXTUALIZED DATA BETWEEN A SERVER USING A NEXT-GENERATION PROTOCOL AND A LEGACY SERVER

SIEMENS AKTIENGESELLSCHAF...

1. A method to provide protocol translation and selectable data exchange in a client/server system between a respective server configured to provide industrial automation services using a next-generation protocol and a legacy server using a protocol other than the next-generation protocol, the method comprising:extracting a tag list from a legacy client device connected to the legacy server;
configuring in a configuration manager device the tag list extracted from the legacy client device to obtain a selected tag list excerpt of the tag list from the legacy client device, the configuring of the tag list extracted from the legacy client device arranged to map the selected tag list excerpt to a configuration adapted for the respective server, the configuring of the tag list extracted from the legacy client device further arranged to define contextualization in the selected tag list excerpt;
based on the selected tag list excerpt mapped with the configuration adapted for the respective server and the defined contextualization, generating a tag list for the respective server;
configuring the respective server with the tag list generated for the respective server; and
transferring a stream of data points of the selected tag list excerpt of the tag list from the legacy client device to at least one client device connected to the respective server configured to provide industrial automation services using the next-generation protocol.

US Pat. No. 10,893,125

METHOD AND SERVER FOR ALLOCATING GAME RESOURCES

TENCENT TECHNOLOGY (SHENZ...

1. A method for allocating game resources, comprising:receiving, by a game server, a game participation request from a user, wherein the game participation request includes game subzone information corresponding to a game subzone the user requests to enter, wherein receiving the game participation request includes:
establishing a socket connection to a cloud server;
sending a match request to the cloud server;
generating by the cloud server a game subzone list according to the match request;
sending by the cloud server the game subzone list to the user; and
selecting from the game subzone list the game subzone the user requests to enter;
assigning, by the game server, the user to a first waiting queue according to a time of the game participation request from the user, comprising:
determining a first time segment the user belongs to, according to the time of the game participation request from the user;
obtaining, according to a pre-stored mapping relationship between time segments and waiting queues, the first waiting queue associated with the first time segment the user belongs to; and
assigning the user to the first waiting queue when the first waiting queue has remaining space;
selecting, by the game server, a participant from a second waiting queue different than the first waiting queue of the user, to play a game in a same group with the user, the second waiting queue corresponding to a second time segment in the pre-stored mapping relationship, the second time segment being different than the first time segment; and
allocating game resources for the user and the participant, wherein the user and the participant are from different waiting queues, and wherein the user and the participant are unknown to each other prior to the game.

US Pat. No. 10,893,124

WORKING ENVIRONMENT PROVISIONING METHOD AND APPARATUS FOR EXECUTION OF APPLICATION PROGRAM BETWEEN ELECTRONIC DEVICE AND EXTERNAL SERVER

Samsung Electronics Co., ...

1. An electronic device, comprising:a display;
a radio communication circuit configured to perform radio communication;
at least one processor operatively connected to the display and the radio communication circuit; and
a memory operatively connected to the at least one processor and configured to store a first application program including a first user interface,
wherein the memory is configured to store instructions that, when executed by the at least one processor to:
establish a connection to an external server including a second application program executable in place of at least part of operations of a first application program via the radio communication circuit,
execute, upon receipt of a first user input associated with the first application program, the first application program,
display a first user interface of the first application program on the display, and
display, upon receipt of a second user input associated with the first application program, a second user interface associated with the second application program on the display.

US Pat. No. 10,893,123

APPARATUS AND METHOD FOR FLEXIBLE ACCESS CONTROL AND RESOURCE CONTROL IN A DECENTRALIZED SYSTEM

MOAC BLOCK CHAIN TECH INC...

1. A mechanism for managing a decentralized application functioning within an application shard in a decentralized network, the mechanism comprising:an access control mechanism including access logic that determines if a request to submit a transaction for execution by the decentralized application is valid, wherein the request is received from an originator through the decentralized application; and
a resource control mechanism subject to being called when a request is determined by the access control mechanism to be a valid request, the resource control mechanism including:
resource logic that determines if a criterion is satisfied, the criterion including one or more of a first criterion associated with the originator and a second criterion associated with the application shard, and
forwarding logic that initiates a forwarding of the validated request to the application shard if the criterion is satisfied, wherein the access control mechanism is resident in an access-control node comprising:
a network interface;
a memory; and
a processor coupled to the network interface and the memory and configured to:
provide the access logic to a monitor node over the network interface, wherein the monitor node enables an user interaction with the decentralized application, wherein the monitor node synchronizes with an application-shard node to provide a local access to the decentralized application at the monitor node, wherein the monitor node serves as a feedthrough node by providing an access of a user node to the decentralized application; and
execute the access logic locally within the access-control node, wherein the monitor node forms an access-node group allocated by a decentralized application owner, wherein the monitor node in the access-node group is available for a lease by other nodes within a large-scale decentralized network seeking to initiate a transaction, wherein the other nodes within the large-scale decentralized network are added to a pool of monitor node in the access-node group by initially posting a bond, wherein the monitor node is associated with a plurality of accounts that are compensated in exchange for the lease through an account credit, wherein the access control mechanism is embodied as a smart contract deployed in a public blockchain system.

US Pat. No. 10,893,122

METHODS AND SYSTEMS FOR DETERMINING USER RECOVERY TIMES TO REAL-LIFE EVENT

Rovi Guides, Inc., San J...

1. A method for determining user recovery times to real-life events, the method comprising:retrieving first social media data indicative of a current real-life event of a user;
parsing the first social media data to identify a keyword corresponding to the current real-life event;
transmitting, via control circuitry, a first query based on the keyword to a database listing event types associated with keywords corresponding to current real-life events;
identifying an event type corresponding to the keyword from the database listing event types associated with keywords corresponding to current real-life events based on a comparison of the keyword to the keywords corresponding to current real-life events;
receiving a user request for a media asset;
transmitting, via the control circuitry, a second query based on the media asset to a database listing event types corresponding to the media asset;
identifying the media asset corresponds to the event type based on a comparison of the event type to the event types corresponding to the media asset;
calculating a time period between the current real-life event and the receipt of the user request;
updating a user profile of the user to indicate the time period corresponds to a recovery period for the type of event;
retrieving second social media data indicative of a subsequent real-life event of the event type of the user;
applying a user profile modification for a duration of the recovery period to the user profile based on the second social media data indicative of the subsequent real-life event of the event type of the user, wherein the user profile modification prevents a recommendation of a media asset which corresponds to the event type for the duration of the recovery period; and
generating for display a media asset recommendation to the user that is based on the user profile modification, wherein the user profile modification prevents displaying of a media asset recommendation corresponding to the event type during the recovery period, and wherein the user profile modification allows displaying of the media asset recommendation corresponding to the event type after the recovery period.

US Pat. No. 10,893,121

VIRTUAL SUBSCRIBER IDENTITY MODULE FOR MOBILE COMMUNICATION DEVICE

SIMO Holdings Inc., Gran...

1. A method, comprising:loading profile information for a first simulated subscriber identity module (SIM) associated with a foreign SIM profile;
receiving a first authentication request for a SIM from a local communication network, wherein the first authentication request comprises a Ki authentication request;
responding to the first authentication request by first switching control from a physical SIM to the first simulated SIM and then locally resolving the first authentication request using the first simulated SIM;
establishing a data communication link via the first simulated SIM;
locally loading profile information for a second simulated SIM associated with a local SIM profile;
receiving a second authentication request for the second simulated SIM from the local communication network;
determining whether the data communication link has timed out;
establishing the data communication link via the first simulated SIM again by performing authentication for the first simulated SIM again;
relaying the second authentication request to a remote server via the established data communication link;
receiving an authentication response to the second authentication request from the remote server via the established data communication link; and
responding to the second authentication request with the received authentication response.

US Pat. No. 10,893,120

DATA CACHING AND DATA-AWARE PLACEMENT TO ACCELERATE MACHINE LEARNING APPLICATIONS

INTERNATIONAL BUSINESS MA...

1. A method for data caching and data-aware placement for machine learning by a processor in a multi-tenant computing environment, comprising:caching data in a distributed data store to one or more local compute nodes of a cluster of nodes, the distributed data store comprising a distributed cache shared between and accessible locally to each of the one or more local compute nodes;
scheduling, according to cache and data locality awareness, a new deep learning job on the one or more local compute nodes with the cached data needed for execution; wherein, commensurate with scheduling the new deep learning job, the cached data needed for execution is transferred from a remotely located cloud-based object storage to a plurality of designated nodes in the cluster maintaining the distributed cache of the one or more local compute nodes prior to commencing execution of the new deep learning job;
maintaining a plurality of information of the cached data, wherein the plurality of information includes a node placement, a size of the cached data, and a location of the cached data; and
leveraging the plurality of information by a cache-aware scheduler for determining the scheduling of the new deep learning job to the one or more local compute nodes.

US Pat. No. 10,893,119

TIME-BASED DATA CACHING

Verizon Patent and Licens...

1. A method comprising:receiving, by an orchestration server, a request, from a user device, for a first record stored by a cache of the orchestration server,
the first record including information that indicates whether the user device is permitted to access or receive content from a content provider server;
determining, by the orchestration server, an expiry timestamp embedded in a header of the first record,
the expiry timestamp being based on a cached record timestamp of the first record and a time to live (TTL) value,
the cached record timestamp indicating when the first record was created or changed, and
the TTL value being set based on optimizing use of a network between the orchestration server and an accounts server;
comparing, by the orchestration server, the expiry timestamp of the first record to a timestamp of the request;
determining, by the orchestration server, that the first record is invalid based on comparing the expiry timestamp of the first record to the timestamp of the request;
determining, by the orchestration server and based on determining that the first record is invalid, whether the first record is out of date with respect to a second record stored by the accounts server by comparing the cached record timestamp of the first record and a timestamp of the second record;
updating, by the orchestration server, the first record with information from the second record to form an updated first record when the first record is out of date; and
sending the updated first record to the user device associated with the request,
the updated first record being used to permit the user device to access or receive the content from the content provider server.

US Pat. No. 10,893,118

CONTENT DELIVERY NETWORK WITH DEEP CACHING INFRASTRUCTURE

Level 3 Communications, L...

1. A method comprising:receiving a request for a resource originating from a wireless client device connected to a first network, wherein the request is received prior to the request exiting the first network;
determining whether the requested resource is serviceable by a first caching device of a second network;
initiating delivery of the requested resource to the wireless client device from a second caching device of the first network when the requested resource is not serviceable by the first caching device; and
initiating delivery of the requested resource to the wireless client device from the first caching device of the second network when the requested resource is serviceable by the first caching device, wherein the requested resource is provided to the wireless client device via the second network by bypassing at least a portion of the first network.

US Pat. No. 10,893,117

ENABLING HIGH SPEED AND LOW POWER OPERATION OF A SENSOR NETWORK

INTERNATIONAL BUSINESS MA...

1. A system for enhancing speed and power operation of a sensor network, comprising:at least one hardware processor device operatively coupled to memory and configured to implement:
an input layer configured to generate time-series data associated with one or more Internet of Things (IoT) sensors of an IoT system of the sensor network by aggregating data generated by respective nodes of a set of the plurality of input nodes;
a reservoir layer having a smaller dimension than the input layer placed at an edge location, the reservoir layer having a set of a plurality of reservoir nodes for performing edge computing by compressing the time-series data received from the input layer by reducing a dimensionality of the time-series data using a random projection method implementing an input mask defined by a combination of random projection matrices, wherein the compression of the time-series data reduces spatial redundancy and preserves a structure of the time-series data, wherein the reservoir layer is implemented by a non-linear system including a delayed feedback system having a set of virtual neurons on a feedback loop;
wherein the input layer is further configured to define randomized weights between the input layer and the reservoir layer, and the reservoir layer is further configured to define randomized internal weights between nodes of the set of reservoir nodes; and
an output layer placed at a datacenter location, the output layer further having a set of a plurality of output nodes connected to the set of reservoir nodes for reconstructing the time-series data from the compressed time-series data, thereby enhancing speed and power operation of the sensor network, wherein the output layer further includes a linear filter configured to receive the compressed time-series data, and wherein adjustable interconnection weights for the linear filter are defined based on the compressed time-series data.

US Pat. No. 10,893,116

APPARATUSES AND METHODS FOR EDGE COMPUTING APPLICATION DEPLOYMENT IN AN IOT SYSTEM

Nutanix, Inc., San Jose,...

1. At least one non-transitory computer-readable storage medium including instructions that, when executed by a centralized Internet of Things (IoT) manager of an IoT system, cause the centralized IoT manager to:receive a request to generate a containerized data pipeline application, wherein the request identifies a target category of data sources; and
in response to the request:
identify a data source of the IoT system belonging to the target category of data sources;
identify an edge system of the IoT system connected to the data source;
generate the containerized data pipeline application based on a hardware configuration of the edge system, wherein the containerized data pipeline application includes a transformation container configured to apply a data transformation function to input data to provide transformed data and a processor container configured to manage messaging between components of the containerized data pipeline application; and
provide the containerized data pipeline application to the edge system.

US Pat. No. 10,893,115

ON DEMAND AUCTIONS AMONGST CLOUD SERVICE PROVIDERS

INTERNATIONAL BUSINESS MA...

1. A computer-implemented method of on-demand auctioning of cloud computing services, the computer-implemented method comprising:publishing, by a consumer of at least one cloud computing resource, on a publish-subscribe platform, at least one cloud computing resource requirement;
subscribing to the publish-subscribe platform by at least two providers of one or more cloud computing service;
bidding, by each of the at least two providers, on one or more of the at least one cloud computing resource requirement via a bidding platform such that the at least two providers bid to provide the one or more of the at least one cloud computing resource to the consumer; and
selecting, by the consumer, and publishing on the publish-subscribe platform, at least one of the at least two providers for the at least one cloud computing resource requirement.

US Pat. No. 10,893,114

OPTIMIZING NOTIFICATION TRANSMISSION

JetSmarter Inc., Fort La...

1. A system for enabling clients to claim spots on segments, comprising:one or more front-end servers that interact, over a data communication network, with devices of creators; and
one or more back-end servers in data communication with the one or more front-end servers and that include one or more data processors, the one or more front-end servers or the one or more back-end servers being configured to perform operations comprising:
receiving, from a device of a creator, data specifying a client-initiated segment created by the creator through an interface presented at the device, the data including at least a departure geographic identifier that identifies a departure geographic location from which the client-initiated segment will depart, a destination geographic identifier that identifies a destination geographic location at which the client-initiated segment will arrive, and a number of spots being claimed by the creator;
determining, based on the number of spots being claimed by the creator, that the client-initiated segment includes one or more available spots that are available to be claimed by clients other than the creator;
creating, from a set of clients, a proper subset of the clients that are transmitted a notification that the client-initiated segment is available, the proper subset being created by:
including, in the proper subset, each client from the set of clients having a set of one or more geographic identifiers that matches one or more of the departure geographic identifier for the client-initiated segment or the destination geographic identifier for the client-initiated segment; and
including, in the proper subset, one or more clients that have spent at least a threshold percentage of the client's time in the geographic location identified by the destination geographic identifier of the client-initiated segment;
for each client in the proper subset of clients:
transmitting, to the client, the notification that the client-initiated segment is available; and
enabling the client to claim a spot on the client-initiated segment through a client-side application.

US Pat. No. 10,893,113

GENERATING PUSH NOTIFICATIONS

International Business Ma...

1. A method comprising:receiving a first user device identification data set including information indicative of a plurality of computing devices of the first user;
receiving a request to push a first push notification to the first user;
determining that a first activity level status of a first sub-set of the plurality of computing devices of the first user is inactive based, at least in part, upon a first pre-defined type of user input;
responsive to the determination that the activity level status of the first sub-set of the plurality of computing devices is inactive, holding, by a push notification server, the first push notification to the first user;
subsequent to the hold of the first push notification, determining that a second activity level status of a second sub-set of the plurality of computing devices is active based, at least in part, upon a second pre-defined type of user input; and
responsive to the determination that the second activity level status is active, sending, by the push notification server, over a communication network, the push notification to the second sub-set of the plurality of computing devices.

US Pat. No. 10,893,112

SYSTEM AND METHOD FOR CONTINUOUS TRACKING OF MEDIA PLAYBACK USING BLOCKCHAIN

Beatdapp Software Inc., ...

1. A system for continuous tracking of media file or media stream playback via a blockchain based platform, the system comprising:a processor; and
memory, the memory storing instructions to cause a processor to execute a method, the method comprising:
receiving a user initiated request to play a media file or media stream via an application;
recording an entry in local ram or on a local disk corresponding to the user initiated request to play the media file or media stream;
at predetermined intervals, recording a current play position of the media file or the media stream in local ram or on the local disk; and
transmitting the entry and recorded play positions to a platform stream for recording on a blockchain if one or more of the following conditions are met:
a network connection becomes available;
a user interaction with the application is received;
a predetermined amount of time has passed since a previous network transmission to the platform stream; and
a predetermined threshold amount of data stored in local ram or on the local disk has been reached;
wherein transmitting the entry and the recorded play positions to the platform stream includes transmitting a public key associated with a user to verify the origin of the entry and the recorded play positions.

US Pat. No. 10,893,111

DEVELOPING AND IMPLEMENTING MIGRATION SEQUENCES IN DATA COMMUNICATION NETWORKS

ECI TELECOM LTD., Petah ...

1. A method for migrating a plurality of communications services in a data communication network, comprising:accessing a migration map for the plurality of communications services in the data communication network;
identifying a communications dependency between a first service and a second service in the plurality of communications services according to the migration map, wherein the first service is configured to migrate from a first route to a second route, the second service is configured to migrate from a third route to a fourth route, and the third route at least partially overlaps with the second route;
determining a migration sequence based on the identified communications dependency, wherein the migration sequence includes a largest subset of the plurality of communications services of which no more than M communications services are allowed to migrate from pre-migration configurations to temporary routes, before migrating to post-migration configurations; and
migrating the plurality of communications services from a first plurality of configurations to a second plurality of configurations according to the migration sequence.

US Pat. No. 10,893,110

COMMUNICATION TOOL FOR INITIATION OF SERVICES

Advanced New Technologies...

1. A computer-implemented method, comprising:sending, by one or more processors of a client computing device to a server, a group member selection request, the group member selection request comprising a service identifier of a service operation, a rule for selecting by the server a group member from a communication group, and a communication group identifier, wherein the rule for selecting the group member from the communication group comprises at least one of:
randomly determining at least one piece of group member information of the group member from the communication group,
sequentially determining the at least one piece of the group member information according to a descending order of degrees of activeness of group members in the communication group, and
sequentially determining the at least one piece of the group member information according to time points when the group members join in the communication group from early to late;
receiving, by the one or more processors of the client computing device, the group member information of the group member selected from the communication group by the server based on the rule; and
responding, by the one or more processors of the client computing device, to execution of the service operation by the group member associated with the group member information, or by a group member other than the group member corresponding to the group member information, wherein the service operation comprises a transfer of funds from a first group member from the communication group to a second group member from the communication group.

US Pat. No. 10,893,109

METHOD, DEVICE, NETWORK ENTITY AND COMPUTER PROGRAM PRODUCT FOR PROVIDING AN IP SERVICE APPLICATION

TELEFONAKTIEBOLAGET LM ER...

12. A user equipment (UE) comprising:communication circuitry configured for communicatively coupling the UE to an Internet Protocol (IP) access network; and
processing circuitry operatively associated with the communication circuitry and configured to:
transmit, via the communication circuitry, an indication for one or more network nodes in an IP multimedia network that is accessible via the IP access network, indicating that the UE provides a Domain Name System (DNS) service for a domain corresponding to a subscriber that is associated with the UE; and
execute the DNS service on the UE, including dynamically maintaining DNS records in accordance with an IP service application or applications currently offered by the UE.

US Pat. No. 10,893,108

MAINTAINING APPLICATION STATE OF MOBILE ENDPOINT DEVICE MOVING BETWEEN VIRTUALIZATION HOSTS BASED ON SHARING CONNECTION-BASED METADATA

CISCO TECHNOLOGY, INC., ...

1. A method comprising:detecting, by an apparatus, establishment of a stateful application session between a mobile endpoint device and a stateful virtualized application executed by a first virtualization host in a data network, the mobile endpoint device establishing a network connection with the stateful virtualized application via a first wireless connection with a first network access point in the data network;
generating, by the apparatus, a connection container comprising a connection identifier uniquely identifying the network connection by the mobile endpoint device with the stateful virtualized application, connection metadata associated with the connection identifier and describing the network connection and the first wireless connection, and application state metadata describing execution of the stateful virtualized application for the mobile endpoint device;
predicting by the apparatus, while the mobile endpoint device is connected with the first network access point via the first wireless connection and prior to the mobile endpoint device establishing a wireless connection with a second network access point, an estimated time of arrival that identifies a future event of the mobile endpoint device connecting with the second network access point and disconnecting from the first network access point; and
generating and outputting, by the apparatus based on predicting the future event, a movement notification that specifies the estimated time of arrival, the connection identifier, and the associated application state metadata, the movement notification causing a second virtualization host associated with the second network access point to provide continuous execution of the stateful virtualized application as the mobile endpoint device connects with the second network access point.

US Pat. No. 10,893,107

TECHNIQUES FOR MANAGING PROCESSING RESOURCES

Amazon Technologies, Inc....

1. A computer-implemented method, comprising:obtaining, by a computing system, a training data set comprising historical sensor data associated with a plurality of unmanned aerial vehicles (UAVs);
managing, by the computing system, a set of UAVs configured to perform tasks as instructed by the computing system, the computing system managing a distributed computing cluster comprising at least two UAVs of the set of UAVs;
identifying a first subset of UAVs from the set based at least in part on identifying that UAVs of the first subset are in an idle state;
transmitting, by the computing system to the first subset of UAVs of the distributed computing cluster, instructions associated with training a machine-learning model based at least in part on the training data set;
receiving, by the computing system, additional sensor data from an unmanned aerial vehicle (UAV) of the set of UAVs;
transmitting, by the computing system to a second subset of UAVs of the distributed computing cluster, instructions associated with calculating an incremental update to the machine-learning model based at least in part on the additional sensor data;
receiving, by the computing system, model parameter updates from at least one UAV of the distributed computing cluster;
updating the machine-learning model based at least in part on the model parameter updates; and
deploying the machine-learning model as updated to one or more UAVs of the set of UAVs.

US Pat. No. 10,893,106

GLOBAL NAMESPACE IN A CLOUD-BASED DATA STORAGE SYSTEM

DRUVA, Sunnyvale, CA (US...

1. A system comprising:a plurality of gateways each configured to receive data from a client machine and store the data in a file data repository accessible via the internet, each of the gateways including a respective local namespace and metadata repository characterizing the data;
a central namespace and file data repository storing data received from the plurality of gateways, the stored data sharing a common master namespace; and
a messaging system configured to receive an indication of updated central namespace data and metadata from the central namespace and file data repository and transmit the central namespace data and metadata to the plurality of gateways, wherein the messaging system is further configured to identify a first one of the plurality of gateways that subscribe to updates related to the namespace data and metadata repository and identify a second one of the plurality of gateways that subscribe to updates related to the namespace data and metadata, the updated central namespace data and metadata being transmitted to the identified gateways, wherein the first gateway is configured to update a first local namespace and metadata repository associated with the first gateway based on the updated central namespace data and metadata and wherein the second gateway is configured to update a second local namespace and metadata repository associated with the second gateway based on updated central namespace data and metadata.

US Pat. No. 10,893,105

UTILIZATION OF NETWORKING PROTOCOL FOR SEAMLESS INTEGRATION OF COMPUTE NODES WITH SOFTWARE-DEFINED STORAGE NODES

EMC IP Holding Company LL...

1. An apparatus comprising:a storage system comprising a plurality of storage nodes each comprising one or more storage devices;
each of the storage nodes further comprising:
a network protocol target configured to receive delivery of input-output operations from a network protocol initiator of a host device;
a data server configured to execute the input-output operations on the storage node; and
a data client configured to communicate the input-output operations to at least one of the data server on the storage node and one or more data servers corresponding to one or more additional ones of the plurality of storage nodes;
wherein at least one data client of the data clients comprises a software component on the storage node and is remote from the host device;
wherein the at least one data client has knowledge of a distribution of data across the plurality of storage nodes;
wherein the at least one data client on the storage node receives delivery of the input-output operations from at least one network protocol target of the network protocol targets on the storage node and provides the host device with access to data served by the storage system;
wherein an input-output driver on the host device remote from the at least one data client controls the delivery of the input-output operations from at least one network protocol initiator of the network protocol initiators to the at least one network protocol target;
wherein the input-output operations are delivered from the at least one network protocol target to the at least one data client; and
wherein the storage node is configured to execute one or more commands to map a storage volume on the storage node to the at least one data client.

US Pat. No. 10,893,104

IMPLEMENTING A STORAGE SYSTEM USING A PERSONAL USER DEVICE AND A DATA DISTRIBUTION DEVICE

Latticework, Inc., Sunny...

1. One or more non-transitory machine-readable media storing instructions which, when executed by one or more processors, cause:storing, by a personal user device, a set of one or more content items;
transmitting, by the personal user device to a data distribution device, at least a first content item of the set of content items for storage on the data distribution device;
receiving, by the personal user device from a client device, a first request for the first content item;
determining whether the first request is received through (a) a direct connection between the personal user device and the client device or (b) a tunnel connection, facilitated by the data distribution device, between the personal user device and the client device;
responsive at least to determining that the first request is received through the tunnel connection: transmitting, by the personal user device to the data distribution device, a second request for the data distribution device to transmit, to the client device, the first content item as stored on the data distribution device;
receiving, by the personal user device from the client device, a second request for a second content item of the set of content items;
determining whether the second request is received through (a) the direct connection between the personal user device and the client device or (b) the tunnel connection, facilitated by the data distribution device, between the personal user device and the client device;
responsive at least to determining that the second request is received through the direct connection: transmitting, by the personal user device to the client device, the second content item.

US Pat. No. 10,893,103

DISTRIBUTED AND SCALABLE STORAGE MANAGEMENT USING A STORAGE-MICROSERVICES SERVER

Commvault Systems, Inc., ...

1. A data storage management system for managing storage operations by a service interposed between clients and a storage manager, the system comprising:a first computing device comprising a group storage service and a client-group management database;
a client-group, wherein each client in the client-group comprises a second computing device and a data agent executing thereon that is associated with data generated by the respective second computing device;
a third computing device comprising the storage manager and a management database that comprises information for managing storage operations at a plurality of clients in the data storage management system, including the clients in the client-group;
wherein the group storage service that executes on the first computing device is configured to:
(i) incorporate one or more portions of the management database that are received from the storage manager into the client-group management database at the first computing device, wherein each received portion comprises information pertaining to at least one client in the client-group but not to other clients in the plurality of clients, and
(ii) use the client-group management database to serve a first data agent at a first client in the client-group for performing storage operations for data generated by the first client; and
wherein the storage manager is configured to:
set a trigger for detecting changes in a first table in the management database, wherein the first table comprises information pertaining to at least one client in the client-group,
copy into a capture table one or more rows that changed in the first table, and
extract from the capture table into an extracted client table each row that pertains to the first client.

US Pat. No. 10,893,102

SYSTEMS AND METHODS FOR RESTORING AN INTERFACE TO A GLOBAL FILE SYSTEM

Nasuni Corporation, Bost...

1. In a cloud storage-based versioned file system (VFS) employing a VFS interface service to a local data storage system, a method to upgrade an active VFS interface without performance degradation, comprising:taking a first VFS interface that is the active VFS interface offline so that it no longer accepts new data or requests for data from a local data storage system while maintaining the first VFS interface powered and running at least a first side-loading daemon on the first VFS interface;
taking a snapshot of data from the first VFS interface and synchronizing the data from the first VFS interface to the VFS;
while the first VFS interface is offline but powered and running the first side-loading daemon, bringing a second VFS interface online so that it is powered, running at least a second side-loading daemon, and addressable using a network address;
with the first VFS interface still offline, placing the first and second side-loading daemons in data communication with one another;
with the first VFS interface still offline and the second VFS interface online, receiving at the second VFS interface, through the second side-loading daemon, a copy of data from the first VFS interface, the copy of data being provided through the first side-loading daemon as a background data transfer process; and
while the background data transfer process between the first and second side-loading deamons is on-going, and responsive to receipt of a request for information at the second VFS interface directed to the local data storage system and that cannot be serviced at the second VFS interface, retrieving the information from the first VFS interface to the second VFS interface, and returning the information in response to the request, thereby avoiding retrieval of the information from the cloud storage-based VFS.

US Pat. No. 10,893,101

STORAGE TIER SELECTION FOR REPLICATION AND RECOVERY

VERITAS TECHNOLOGIES LLC,...

1. A computer-implemented method comprising:receiving a replication stream and storage tier selection information at a target replication appliance, wherein
the replication stream and the storage tier selection information are received from a source replication appliance,
the replication stream comprises a plurality of update sets,
the replication stream represents only write operations received at the source replication appliance,
each update set of the plurality of update sets represents one or more write operations of the write operations received at the source replication appliance,
the storage tier selection information identifies a plurality of storage tiers in which each of the plurality of update sets is to be stored, and
each storage tier of the plurality of storage tiers is of a corresponding one of a plurality of storage types;
identifying a storage type of a first storage tier of the plurality of storage tiers, using at least a portion of the storage tier selection information, wherein
at least one update set of the plurality of update sets is to be stored in a storage unit in the first storage tier, and
the storage type is one of the plurality of storage types;
determining whether a consolidation operation can be performed on the at least one update set, based, at least in part, on the storage type;
in response to a determination that the consolidation operation can be performed,
producing a consolidated update set by performing a consolidation operation on the at least one update set, wherein
the consolidation operation consolidates a first write operation of a first update set of the plurality of update sets and a second write operation of a second update set of the plurality of update sets into the consolidated update set, and
storing the consolidated update set in a storage unit of the first storage tier; and
in response to a determination that the consolidation operation cannot be performed,
storing at least one update set of the plurality of update sets in the storage unit.

US Pat. No. 10,893,100

PROVIDING AGENTLESS APPLICATION PERFORMANCE MONITORING (APM) TO TENANT APPLICATIONS BY LEVERAGING SOFTWARE-DEFINED NETWORKING (SDN)

International Business Ma...

1. A computing system comprising:a packet data repository;
a plurality of physical hosts;
a first application of a first tenant, comprising a plurality of first application components, distributed over said plurality of physical hosts;
a second application of a second tenant, comprising a plurality of second application components, distributed over said plurality of physical hosts;
a plurality of virtual switches each associated with a corresponding one of said physical hosts, each of said virtual switches having a plurality of ports;
a first virtual network coupling said plurality of first application components;
a second virtual network, isolated from said first virtual network, coupling said plurality of second application components;
a software defined network controller coupled to said virtual switches;
a cloud management dashboard coupled to said software defined network controller and configured to receive an application performance monitoring request from at least one of said first tenant and said second tenant, and, responsive to said application performance monitoring request, instruct said software defined network controller to turn on port mirroring only for those of said plurality of ports which correspond to problematic ones of said first and second application components, said problematic ones of said first and second application components corresponding to said application of said at least one of said first tenant and said second tenant and exhibiting at least one software problem, to mirror corresponding packets to said packet data repository, wherein said cloud management dashboard is further configured to trace network communication among microservices and combine application layer logs and said network communication traces, wherein said port mirroring is controlled based on said combined application layer logs and network communication traces; and
one or more edge switches hosting individual ones of said microservices, wherein said port mirroring is implemented on said one or more edge switches.

US Pat. No. 10,893,099

MIGRATION PROJECT AUTOMATION, E.G., AUTOMATED SELLING, PLANNING, MIGRATION AND CONFIGURATION OF EMAIL SYSTEMS

SkyKick, Inc., Seattle, ...

1. A method performed by a computing system having a processor for automating a data migration from a source email system to a destination email system, the method comprising:receiving a domain name associated with the source email system;
determining, by the processor, based on the received domain name, a service type of the source email system;
connecting to the source email system using the determined service type information;
discovering and classifying email logic of the source email system including identifying one or more mailboxes, aliases, and distribution groups of the source email system by:
obtaining a set of messages each with a message header;
identifying candidate mailbox addresses and associations of the candidate mailbox addresses with email addresses by scanning recipient fields of the message headers for addresses that are on a same domain as the domain name associated with the source email system; and
classifying the candidate mailbox addresses by:
classifying a first set of the candidate mailbox addresses as mailboxes;
classifying a second set of the candidate mailbox addresses as aliases based on the second set of candidate mailboxes not being in the first set and the associations for each candidate mailbox address, of the second set of candidate mailbox addresses, including only a single associated email address; and
classifying a third set of the candidate mailbox addresses as distribution groups based on the third set of candidate mailboxes not being in the first set and the associations for each candidate mailbox address, of the third set of candidate mailbox addresses, including more than one associated email address;
causing a user interface to be provided with controls to modify the classifications of the candidate mailboxes and to delete mailboxes, wherein the controls include at least A) controls for reclassifying at least one of the classified candidate mailboxes and B) controls for removing at least one of the candidate mailboxes classified as a mailbox from being migrated;
causing a client service executed by a client computing device to configure an email application for the destination email system by:
implementing the discovered email logic, as modified based on the inputs to the user interface, in the destination email system by performing one or more API calls, executing one or more powershell commands, or executing one or more website scripts, wherein the implementing establishes the classified one or more mailboxes, aliases, and distribution groups on the destination email system;
receiving an indication of a maximum overall size for data to be migrated to the destination email system;
creating an archive data store;
migrating message data from the source email system to the destination email system, wherein the migrating comprises copying data exceeding the maximum overall size to the archive data store; and
causing authorized users to have access to the data message data in the destination email system and the archive data store, which is accessible from the destination email system.

US Pat. No. 10,893,098

METHOD AND APPARATUS FOR DATA WRITING

ALIBABA GROUP HOLDING LIM...

1. A method for data writing implemented by a current node of a distributed database system, comprising:obtaining first to-be-written data;
determining a first group identifier corresponding to the first to-be-written data;
determining a first master node corresponding to the first group identifier;
in response to the first master node being a first node of the distributed database system other than a current node,
determining a second group identifier, a second master node corresponding to the second group identifier being the current node,
sending the second group identifier to the first node,
receiving a first update message from the first node, the first update message indicating that at the first node, the first group identifier is modified to the second group identifier, and
modifying the first group identifier to the second group identifier; and
writing the first to-be-written data.

US Pat. No. 10,893,097

METHODS AND DEVICES FOR DISCOVERING AND EMPLOYING DISTRIBUTED COMPUTING RESOURCES TO BALANCE PERFORMANCE PRIORITIES

Verizon Patent and Licens...

1. A method comprising:providing, by a user equipment (“UE”) device, a service request to an orchestration system associated with a federation of compute clusters communicatively coupled with the UE device and available to fulfill the service request;
identifying, by the UE device, a service optimization policy for the service request, the service optimization policy associated with a user preference for balancing a plurality of performance priorities during fulfillment of the service request;
receiving, by the UE device from the orchestration system in response to the service request, cluster selection data representative of a subset of compute clusters from the federation of compute clusters;
characterizing, by the UE device based on the cluster selection data, each of the compute clusters in the subset with respect to the plurality of performance priorities;
selecting, by the UE device based on the service optimization policy and based on the characterization of each of the compute clusters in the subset, a compute cluster from the subset to fulfill the service request; and
providing, by the UE device to the orchestration system, an orchestration request indicative of the selected compute cluster and requesting the orchestration system to orchestrate the fulfillment of the service request by the selected compute cluster.

US Pat. No. 10,893,096

OPTIMIZING DYNAMICAL RESOURCE ALLOCATIONS USING A DATA HEAT MAP IN DISAGGREGATED DATA CENTERS

INTERNATIONAL BUSINESS MA...

1. A method for optimizing dynamic resource allocations in a disaggregated computing environment, by a processor device, comprising:maintaining a data heat map associated with a data access pattern of data elements associated with a workload;
classifying the workload into one of a plurality of classes, each class characterized by the data access pattern associated with the workload;
assigning the workload to a dynamically constructed disaggregated system optimized with resources according to the one of the plurality of classes the workload is classified into to increase efficiency during a performance of the workload; and
modeling, by the data heat map, at least an access latency and a cost per bit versus a location of the data elements relative to certain ones of the resources within the overall disaggregated computing environment.

US Pat. No. 10,893,095

DISTRIBUTED SOFTWARE DEFINED NETWORKING

Acceptto Corporation, Po...

1. A system for processing data packets in a network, the system comprising:a programmable network device hosting a plurality of first network applications;
a programmable cloud device hosting a plurality of second network applications;
wherein at least one of the plurality of first network applications in the programmable network device and at least one of the plurality of second network applications in the programmable cloud device are in secure communication with each other to form a distributed application;
the programmable network device and programmable cloud device are each powered by a sandboxing operating system which facilitates deployment of the plurality of first and second network applications and facilitates upgrades of the first and second network applications with substantially no interruption to operation of the programmable network device and programmable cloud device;
wherein the programmable network device verifies authenticity of the upgrades to the plurality of first network applications and the programmable cloud device verifies authenticity of the upgrades to the plurality of second network applications and wherein the verification is based on unique security keys associated with each of the plurality of first and second network applications;
an application repository storing distributed applications which have been tested for installation in the programmable network device and programmable cloud device; and
an application management portal coupled to the programmable network device, programmable cloud device and the application repository, wherein the application management portal manages usage of the distributed applications on the programmable network device and programmable cloud device.

US Pat. No. 10,893,094

SYSTEM AND METHOD FOR APPLIANCE DETECTION AND APP CONFIGURATION

Universal Electronics Inc...

1. A non-transitory, computer readable media having instructions stored thereon which instructions, when executed by a processing device of a first smart device, cause the first smart device to perform steps comprising:using a first data received from the appliance on a wireless network which includes the first smart device to initiate a retrieval of a first app from a server device;
causing the first app that was retrieved from the server device to be installed on the first smart device whereupon the first app is usable with the first smart device to provide at least a controlling interface between the first smart device and the appliance;
using an identifier for the first app and an identifier for the wireless network to initiate a retrieval of a second data from the server device, the second data being indicative of a state of a second app, corresponding to the first app, that was prior installed on a second smart device different than the first smart device; and
using the second data that was retrieved from the server device to cause the first app installed on the first smart device to be synchronized with the state of the second app that was prior installed on the second smart device.

US Pat. No. 10,893,093

TRANSLATING A USER'S WORKING CONTEXT FROM ONE OPERATING SYSTEM AND ASSOCIATED APPLICATIONS TO A DIFFERENT OPERATING SYSTEM AND ASSOCIATED APPLICATIONS

INTERNATIONAL BUSINESS MA...

1. A computer-implemented method, comprising:receiving, by a translating computer device, an indication to transfer data from a first application on a first computer device running on a first operating system to a second application on a second computer device running on a second operating system that is different than the first operating system;
extracting, by the translating computer device, the data from the first application on the first computer device based on the receiving, the extracting comprising converting the data from the first application into a format useable by the second application; and
transmitting, by the translating computer device, the converted data to the second computer device based on the extracting,
wherein the data extracted from the first application is a partially completed working session,
the converted data transmitted to the second computer device is useable by the second application to complete the partially completed working session,
the first application is a calendar application,
the second application is an email application, and
the converted data is email data after the conversion.

US Pat. No. 10,893,092

ELECTRONIC DEVICE FOR SHARING APPLICATION AND CONTROL METHOD THEREOF

Samsung Electronics Co., ...

1. A method for sharing data with a client device by a host device, the method comprising:forming, by using a processor of the host device, a connection with the client device;
receiving, by a transceiver of the host device, device information of the client device from the client device;
displaying, on a first display of the host device, a first portion of a first execution screen of a first application executed on the host device based on device information of the host device, wherein a second portion of the first execution screen is not displayed on the first display;
displaying, on the first execution screen, a first object corresponding to the client device and a second object corresponding to the first application executed on the host device for sharing with the client device;
receiving, by using the first display, a first input for dragging the second object toward the first object;
based on receiving the first input, transmitting, by using the transceiver, first data of the first application executed on the host device for displaying the second portion with at least a part of the first portion of the first execution screen on the second display of the client device, to the client device, while continuing to display the first portion on the first display;
receiving, by using the transceiver, information on a coordinate of a second input with respect to the second display from the client device, wherein the information on the coordinate of the second input is transmitted by the client device in response to the second input being detected on the second display;
based on receiving the information on the coordinate of the second input, adjusting the information on the coordinate of the second input based on the device information of the client device and the device information of the host device and displaying, on the first display, an event based on the adjusted information on the coordinate of the second input; and
transmitting, by using the transceiver, second data of the first application executed on the host device corresponding to the displayed event to the client device,
wherein the device information of the client device includes display size information and display resolution information of the client device, and
wherein the device information of the host device includes display size information and display resolution information of the host device.

US Pat. No. 10,893,091

MANAGEMENT OF ASYNCHRONOUS CONTENT POST AND MEDIA FILE TRANSMISSIONS

Amazon Technologies, Inc....

1. A system comprising:a computer-readable memory storing executable instructions; and
one or more processors in communication with the computer-readable memory, the one or more processors programmed by the executable instructions to at least:
generate media file transmission information uniquely associated with a media file of a content post, wherein the media file transmission information comprises a network address of a transmission location for the media file, and wherein the content post is generated on a user computing device;
transmit the media file transmission information to the user computing device;
receive, at the transmission location, at least a first portion of the media file from the user computing device;
receive the content post from the user computing device; and
receive, at the transmission location, at least a second portion of the media file from the user computing device subsequent to receiving the content post from the user computing device.

US Pat. No. 10,893,090

MONITORING A PROCESS ON AN IOT DEVICE

INTERNATIONAL BUSINESS MA...

1. A computer-implemented method for monitoring a process on an Internet of Things (IoT) device, comprising:receiving, by the IoT device, a network data transfer from an external device;
receiving, by the IoT device, meta-information including a destination port number of a packet of the network data transfer, the meta-information being generated based on the network data transfer by a network monitoring device;
detecting, by the IoT device, a file storing data of the network data transfer to identify a detected file based on the meta-information, the destination port number enabling identification of the detected file without scanning data in the detected file; and
monitoring, by the IoT device, a process relating to the detected file on the IoT device.

US Pat. No. 10,893,089

SYSTEM AND METHOD FOR CONTROLLING A MOUSE OR CURSOR POSITION IN RESPONSE TO ONE OR MORE INPUT EVENTS FROM A LOCAL COMPUTER AND/OR REMOTE COMPUTER

RealVNC Ltd, Cambridge (...

1. A method of controlling access to a local computing device by a remote computing device, the method comprising:saving a current local position of a mouse or cursor as an expected position;
repeatedly determining whether the local computing device is being used by a local user;
receiving a remote input event from remote computing device, wherein the remote input event is a mouse or cursor event which corresponds to movement of the mouse or cursor from a first position on a display of the local computing device;
if the local computing device is determined as being used by the local user, blocking the remote input event;
if the local computing device is not determined as being used by local user, updating the current local position of the mouse or cursor with a second position to which the remote input event moves the mouse or cursor; and
after the updating, saving the current local position as the expected position; and
wherein determining whether the local computing device is being used by a local user comprises:
receiving the current local position of the mouse or cursor on the display of the local computing device;
comparing the received current local position with the expected position;
and based on the comparing, determining that the local computing device is being used by the local user when the received current local position does not match the expected position and determining that the local computing device is not being used by the local user when the received current local position does match the expected position.

US Pat. No. 10,893,088

SEQUENCE DEPENDENT DATA MESSAGE CONSOLIDATION IN A VOICE ACTIVATED COMPUTER NETWORK ENVIRONMENT

Google LLC, Mountain Vie...

1. A system to perform sequence dependent operations in a voice-based computing environment, comprising:a natural language processor component executed by a data processing system to receive, via an interface of the data processing system, data packets comprising one or more input audio signals detected by a sensor of a client computing device;
the natural language processor component to parse the one or more input audio signals to identify one or more requests and one or more trigger keywords corresponding to the one or more requests;
a direct action application programming interface (“API”) of the data processing system to generate, based on the one or more trigger keywords and in response to the one or more requests, a first action data structure for a first action and a second action data structure for a second action; and
a thread optimization component executed by the data processing system to:
obtain data packets of the first action data structure, and to obtain data packets of the second action data structure;
determine, based on a heuristic technique applied to the data packets of the first action data structure and the data packets of the second action data structure, a sequence dependency parameter;
combine, based on a comparison of the sequence dependency parameter with a threshold, the data packets of the first action data structure and the data packets of the second action data structure into a single thread; and
identify a series of sequence dependent actions for the single thread;
a content selector component to select a content item for at least one of the series of sequence dependent actions; and
the data processing system to:
provide the content item to the client computing device;
identify a condition associated with the second action of the second action data structure based on a time associated with the first action of the first action data structure;
receive an indication of termination of the condition; and
transmit the data packets of the second action data structure to a service provider computing device subsequent to the termination of the condition.

US Pat. No. 10,893,087

STREAMING AND NONSTREAMING MEDIA TRANSFER BETWEEN DEVICES

Mass Luminosity, Inc., L...

1. A method comprising:receiving, by a server, a request message for a handoff of content from a first device displaying the content to a second device;
generating a handoff protocol for the handoff in response to the handoff request message;
transmitting, to one of the first device and the second device, a first notification message that includes a plurality of handoff parameters, based on the handoff protocol, that identifies an algorithm for the handoff of the content; and
receiving a second notification message indicating that the handoff is complete with the second device displaying the content.

US Pat. No. 10,893,086

NODE TYPE BASED CONTROL OF ASSISTANCE FOR DATA STREAMING

Sony Corporation, Tokyo ...

1. A method of supporting streaming of data in a communication network, the method comprising:a streaming client receiving information on a type of node of a node for assisting streaming of data, wherein the node is configured to provide assistance information to the streaming client and the type of node corresponds with a type of assistance information;
depending on the information on the type of node, the streaming client selecting the node to assist in streaming of data to the streaming client;
the streaming client receiving assistance information from the node; and
the streaming client utilizing the assistance information for streaming the data.

US Pat. No. 10,893,085

AUDIO STAGGER CASTING

Coherent Logix, Incorpora...

1. A wireless device, comprising:an antenna; and
receiver logic,
wherein the antenna and the receiver logic are configured to:
receive control information indicating that a first stream and a second stream are associated;
receive the first stream, wherein the first stream comprises audio information and forward error correction;
receive the second stream, wherein the second stream comprises audio information and forward error correction,
wherein the audio information comprised in the first stream and the audio information comprised in the second stream are at least partially overlapping, wherein the first stream and the second stream are received separated in time; and
associate the first stream and the second stream based at least in part on the control information.

US Pat. No. 10,893,084

BANDWIDTH EFFICIENT STREAMING AND SYNCHING MULTIMEDIA CONTENT AT A DESIRED QUALITY OF EXPERIENCE

Citrix Systems, Inc., Fo...

1. A method, comprising:receiving, at a client device, a multimedia file from a server device, the multimedia file including a plurality of chunks, wherein the chunks are of varying quality;
streaming the multimedia file based on the received plurality of chunks;
determining, by the client device, a first subset of the plurality of chunks that meet a quality threshold, and a second subset of the plurality of chunks that do not meet the quality threshold;
performing, in response to determining that a bandwidth characteristic satisfies a threshold, two or more iterations of:
identifying, by the client device, a lowest quality chunk of the second subset;
requesting, by the client device and from the server device, a replacement chunk for the lowest quality chunk of the second subset;
receiving, by the client device and from the server device, the replacement chunk for the lowest quality chunk of the second subset, wherein the replacement chunk meets the quality threshold; and
replacing, by the client device, the lowest quality chunk of the second subset with the replacement chunk; and
after performing the two or more iterations, storing the multimedia file.

US Pat. No. 10,893,083

NEIGHBOR AWARENESS NETWORKING DATAPATH—SCHEDULING, SCHEDULER RANK, AND PRE-DATAPATH OPERATION TRIGGERING

Apple Inc., Cupertino, C...

9. An apparatus, comprising:a memory; and
a processing element in communication with the memory, wherein the processing element is configured to:
determine a first scheduler rank attribute of a wireless station, wherein the first scheduler rank attribute is based at least in part on a number data links and respective quality of service (QoS) requirements of data links associated with the wireless station;
advertise the first scheduler rank attribute as an advertised rank;
establish a data link with a neighboring wireless station;
update the first scheduler rank attribute based on the data link established with the neighboring wireless station;
in response to determining that the neighboring wireless station has a scheduler rank attribute that is greater than the first scheduler rank attribute, mark the neighboring wireless station as a parent peer device; and
advertise the updated first scheduler rank attribute as the advertised rank.

US Pat. No. 10,893,082

PRESENTING CONTENT ITEMS SHARED WITHIN SOCIAL NETWORKS

Microsoft Technology Lice...

1. A method of presenting, on a computing device to a user, content items shared with the user within a social network by other users of the social network and hosted by a website external to the social network, the method comprising:retrieving, from the social network, database records indicating a list of the content items that are shared with the user by other users of the social network and hosted by multiple websites external to a website of the social network;
storing, at the computing device, the retrieved database records indicating the list of the content items that are shared with the user by other users of the social network and hosted by the multiple websites external to the website of the social network, the database records individually identifying one or more of the content items and one of the multiple websites hosting the one or more of the content items; and
upon receiving, at the computing device, a request from the user for a presentation of one of the websites external to the website of the social network in a web browser,
retrieving, from the one of the websites external to the website of the social network, one or more web components of the one of the websites external to the website of the social network;
identifying, from the database records stored at the computing device, one or more content items that are (i) a subset of the list of content items in the database records stored at the computing device, (ii) hosted by the one of the websites external to the website of the social network, and (iii) shared with the user by the other users within the social network based on an identity of the one of the websites external to the website of the social network; and
outputting, in the web browser on the computing device, a webpage of the one of the websites external to the website of the social network and requested by the user, the webpage of the one of the websites external to the website of the social network including both the retrieved web components of the requested one of the websites and the identified one or more content items hosted by the requested one of the websites external to the website of the social network and shared with the user by the other users within the social network.

US Pat. No. 10,893,081

REAL TIME COLLABORATION AND DOCUMENT EDITING BY MULTIPLE PARTICIPANTS IN A CONTENT MANAGEMENT SYSTEM

Dropbox, Inc., San Franc...

1. A method comprising:establishing, by a client application on a host client device, a peer-to-peer connection with a second client device to initiate a collaborative editing session to edit a content item with the second client device, the content item stored in association with a user account at a content management system (CMS) and being displayed via a native application associated with the content item on the host client device, the client application associated with the CMS and being different from the native application;
responsive to the peer-to-peer connection being established, sending, from the host client device, edits made to the content item via the native application of the content item to the second client device, the edits being presented on a screen sharing window within a user interface displayed on the second client device, the user interface associated with the CMS;
receiving, by the client application, document editing information from the second client device, wherein the document editing information comprises a code indicating a type of the document editing information of a plurality of types of the document editing information;
determining, based on the code, that the received document editing information comprises cursor information associated with a cursor of the second client device, wherein the cursor information comprises position information;
translating the code into a document editing command that can be executed by the native application;
providing, to the native application, the position information and the document editing command; and
generating, by the native application based on the document editing command and the position information, a first cursor overlay identifying a user of the second client device for presentation on a third client device, the first cursor overlay corresponding to an overlay layer separate from the native application.

US Pat. No. 10,893,080

RELAYING MULTIMEDIA CONFERENCING UTILIZING SOFTWARE DEFINED NETWORKING ARCHITECTURE

Polycom, Inc., San Jose,...

1. A software defined network (SDN)-adapted media controller (SDNMC), comprising:a first network interface configured to receive a request to establish a multimedia conferencing session between a plurality of endpoints;
an SDNMC manager coupled to the first network interface, the SDNMC manager configured to:
allocate at least one virtual media address for the multimedia conferencing session advertised by the SDNMC; and
create media session information for the multimedia conferencing session based on the at least one virtual media address; and
a second network interface coupled to the SDNMC manager, the second network interface configured to transmit one or more SDN commands to an SDN controller, the one or more SDN commands including the media session information,
wherein the media session information allows for routing media traffic corresponding to the virtual media address directly between the endpoints.

US Pat. No. 10,893,079

SYSTEM AND METHOD FOR PROCESSING TELEPHONY SESSIONS

Twilio Inc., San Francis...

1. A method comprising:operating an internet connected system by performing operations comprising:
initiating a telephony session;
receiving a communication from an application server;
converting the communication into executable operations to process the telephony session;
creating a resource accessible through an Application Programming Interface (API) of the internet connected system, the resource being accessible by outside devices at an addressable Uniform Resource Identifier (URI);
mapping the telephony session to the URI, the URI being associated with the application server;
receiving a representational state transfer (REST) API request that specifies the URI; and
responding to the API request according to the API request and the URI.

US Pat. No. 10,893,078

SYSTEM AND METHOD FOR PROCESSING TELEPHONY SESSIONS

Twilio Inc., San Francis...

1. A method comprising:sending a first communication to an application server using an application layer protocol;
creating a call router resource accessible through an Application Programming Interface (API) of a call router, the call router resource being accessible at an addressable Uniform Resource Identifier (URI);
mapping a telephony session to the URI, the URI being associated with the application server;
sending, to the application server, a second communication comprising state information of the telephony session;
receiving, from the application server, a third communication comprising telephony instructions for sequential processing; and
interacting with media of the call router according to the API of the call router.

US Pat. No. 10,893,077

MIDDLEWARE-MEDIATED USER-TO-USER SERVICE BETWEEN USERS OF DIFFERENT COMPUTING SYSTEMS

Wheel Health, Inc., Aust...

1. A method of mediating user-to-user service between users of different computing systems, the method comprising, by a middleware computing platform:maintaining an active user pool comprising a plurality of servicing users;
exposing an on-demand service-request interface to a plurality of user-to-user service platforms, wherein the plurality of user-to-user service platforms provide independent computing environments that separately execute user-to-user service workflows for requesting users;
receiving, via the on-demand service-request interface, a service request from a particular platform of the plurality of user-to-user service platforms;
automatically selecting a servicing user from the active user pool based, at least in part, on real-time availability of the plurality of servicing users and information included in the service request;
assigning the servicing user to the service request;
transmitting, to the servicing user, a uniform resource locator (URL) to the particular platform;
transmitting, to the particular platform, a message identifying the servicing user, wherein the particular platform establishes a communication session between a requesting user and the servicing user over a network path that excludes the middleware computing platform, and wherein the particular platform executes a user-to-user service workflow via the communication session;
automatically determining that no start event has been received from the particular platform within a predetermined period of time; and
responsive to the automatically determining:
unassigning the servicing user from the service request;
automatically selecting a second servicing user from the active user pool based, at least in part, on the real-time availability of the plurality of servicing users and the information included in the service request:
assigning the second servicing user to the service request;
transmitting, to the second servicing user, the URL to the particular platform; and
transmitting, to the particular platform, a message identifying the second servicing user, wherein the particular platform establishes a second communication session between the requesting user and the second servicing user over a network path that excludes the middleware computing platform, and wherein the particular platform executes a user-to-user service workflow via the second communication session.

US Pat. No. 10,893,076

DATA COMPRESSION FOR COMMUNICATIONS SIGNALLING

Microsoft Technology Lice...

1. A method, implemented in a first device, for establishing a communication session between the first device and a second device, the method comprising:receiving data compression information before establishing the communication session;
generating a plaintext session request to initiate the communication session with the second device;
compressing the plaintext session request using the data compression information by applying a data compression function, corresponding to the data compression information, to the plaintext session request to generate a compressed session request;
transmitting the compressed session request;
receiving a session response to the compressed session request; and
establishing the communication session based on the session response.

US Pat. No. 10,893,075

FLEXIBLE SELECTION OF SECURITY FEATURES IN MOBILE NETWORKS

NOKIA SOLUTIONS AND NETWO...

1. A method, comprising:receiving an attach request, wherein the attach request comprises information regarding integrity algorithm(s), in a user equipment network capability information element of the attach request, and an additional user plane integrity supported bit indicating whether the user equipment supports user plane integrity with all integrated algorithm(s) listed in the user equipment network capability information element, or does not support user plane integrity at all; and
sending a response to the attach request, wherein the response comprises information configured to identify only one selected integrity algorithm and comprises an additional user plane integrity applied bit indicating whether the selected integrity algorithm is to be used for both the control plane integrity and the user plane integrity or only for the control plane integrity, in order to allow selection of a control plane integrity algorithm independently of a user plane integrity algorithm.

US Pat. No. 10,893,074

MONITORING A PRIVACY RATING FOR AN APPLICATION OR WEBSITE

The Privacy Factor, LLC, ...

1. A method of protecting a system from an application or website that fails a privacy condition, the method comprising:receiving a request to load an application or website on a system;
identifying by the privacy analyzing server device at least one policy associated with the application or website;
determining whether the at least one policy has been previously assigned a privacy rating, the privacy rating indicating a particular level of privacy risk of the application or website;
if the at least one policy has not been previously assigned the privacy rating, then
obtaining by the privacy analyzing server device the at least one policy associated with the application or website, the at least one policy being in machine-readable format;
identifying, by the privacy analyzing server device, key words or phrases included in the at least one policy, the identified key words or phrases corresponding to one or more interactions of the application or website, the one or more interactions comprising use of functionality of a computing device or use of personal information;
for each respective key word or phrase identified by the privacy analyzing server device,
determining whether the respective key word or phrase has been previously assigned a particular level of privacy risk;
if the respective key word or phrase has been previously assigned the particular level of privacy risk, then retrieving the particular level of privacy risk from a database;
if the respective key word or phrase has not been previously assigned the particular level of privacy risk, then
generating a respective level of privacy risk associated with one or more particular interactions of the application or website corresponding to the respective key word or phrase; and
assigning to the respective key word or phrase the respective level of privacy risk associated with the one or more particular interactions of the application or website corresponding to the respective key word or phrase;
generating by the privacy analyzing server device the privacy rating for the application or website based on the particular levels of privacy risk and on the respective levels of privacy risk assigned to the respective key words or phrases in the at least one policy;
if the at least one policy has been previously assigned the privacy rating or after the privacy analyzing server has generated the privacy rating, then:
comparing the privacy rating for the application or website against a privacy condition; and
when the privacy condition is satisfied, then allowing the application or website to be loaded onto the system.

US Pat. No. 10,893,073

METHOD AND SYSTEM FOR PROCESSING A STREAM OF INFORMATION FROM A COMPUTER NETWORK USING NODE BASED REPUTATION CHARACTERISTICS

ThreatMETRIX PTY LTD, Ch...

10. A computer-implemented method for controlling one or more nodes of a network, the method comprising:receiving information about one or more nodes from a plurality of forensic source submitters, the one or more nodes being associated with a network and a context and associated respectively with one or more Internet Protocol IP addresses, wherein the submitters are registered contributors in providing evidence;
determining, from a knowledge database, a reputation of each submitter of the plurality of forensic source submitters, wherein the reputation of the submitter is determined based on or more records of historic behavior of the submitter;
calculating, using at least one processor, a node reputation of a node of the one or more nodes based at least in part on the identified reputation of each submitter and weighted according to the context;
updating the knowledge database with the calculated node reputation; outputting, to a source filtering protection/priority module, the calculated node reputation; and
controlling, with the source filtering protection/priority module, traversal of packets on the network associated with the node based on the calculated node reputation.

US Pat. No. 10,893,072

USING CLONED ACCOUNTS TO TRACK ATTACKS ON USER ACCOUNTS

PayPal, Inc., San Jose, ...

1. A system for tracking attacks on user accounts, comprising:a non-transitory memory storing instructions; and
one or more hardware processors coupled to the non-transitory memory and configured to read the instructions from the non-transitory memory to cause the system to perform operations comprising:
detecting a user login attempt for a user account from a client computing device;
determining that a username-password pair entered for the user account is incorrect;
calculating, in response to determining that the username-password pair entered for the user account is incorrect, a risk rank of the user, the risk rank being calculated based on at least one of an internet protocol (IP) address, a visitor identification (VID), a user behavior on the client computing device, or an operating system used by the client computing device;
routing, in response to determining that the calculated risk rank exceeds a predetermined level, the user to a cloned user account; and
performing an analysis of the interaction between the user and the cloned user account.

US Pat. No. 10,893,071

SYSTEMS AND METHODS FOR AIDA BASED GROUPING

KnowBe4, Inc., Clearwate...

1. A method comprising:creating, by a device, a first group of users and a second group of users from a plurality of users based at least on results from a plurality of simulated phishing communications;
receiving, by the device during execution of one or more simulated phishing campaigns comprising the plurality of simulated phishing communications, identification by a model of a first template to use for the first group of users and a second template to use for the second group of users, the model trained via machine learning using results from the plurality of simulated phishing communications, the model trained to identify a template having a predetermined likelihood of a group of users to take a predetermined action; and
communicating, by the device, one or more simulated phishing communications to the first group of users according to the first template and to the second group of users according to the second template during the one or more simulated phishing campaigns.

US Pat. No. 10,893,070

DETECTING A PAGE FOR A REAL-WORLD ENTITY, AN IMPOSTER OF A REAL-WORLD ENTITY, OR A NON-REAL-WORLD ENTITY THAT COMPLIES WITH OR VIOLATES A POLICY OF AN ONLINE SYSTEM

Facebook, Inc., Menlo Pa...

11. A computer program product comprising a non-transitory computer readable storage medium having instructions encoded thereon that, when executed by a processor, cause the processor to:maintain, at an online system, a plurality of pages for one or more of: a set of real-world entities, a set of imposters of the set of real-world entities, and a set of derived entities; wherein the set of derived entities is a set of non-real-world entities related to the set of real-world entities;
access a graph comprising a plurality of nodes representing the plurality of pages, each of the plurality of nodes having a label indicating that a corresponding page is for a real-world entity, an imposter of the real-world entity, a derived entity that complies with a policy of the online system, or a derived entity that violates the policy;
retrieve a plurality of machine-learning models, each of the plurality of machine-learning models trained based at least in part on a set of labels for a set of the plurality of nodes and a set of features of each of a set of pages corresponding to the set of the plurality of nodes;
use a first machine-learning model of the plurality of machine-learning models to predict whether a page maintained in the online system is for a derived entity based at least in part on one or more features of the page;
responsive to predicting that the page is not for a derived entity, use a second machine-learning model of the plurality of machine-learning models to predict whether the page is for a real-world entity or an imposter of a real-world entity based at least in part on the one or more features of the page; and
responsive to predicting that the page is for a derived entity, use a third machine-learning model of the plurality of machine-learning models to predict whether the page is for a derived entity that complies with the policy or a derived entity that violates the policy based at least in part on the one or more features of the page.

US Pat. No. 10,893,069

DIAMETER EDGE AGENT ATTACK DETECTION

Nokia Technologies Oy, E...

1. A method comprising:detecting, by a network node, that at least one message comprising an acknowledgement message received from another network device of a communication network is in response to a message to the another network device from an attacker using a spoofed source address of the network node,
wherein the detecting comprises determining that the at least one message is not associated with an outstanding outgoing message from the network node;
in response to the detecting, generating a mirrored copy of the at least one message such that a sending identity of the mirrored copy of the message comprises a source address of the another network device; and
sending to the another network device the mirrored copy of the at least one message with an indication of at least the sending identity comprising the source address of the another network device and an Internet Protocol realm identity associated with the network node to cause triggering the another network device to prevent any acknowledgement message in response to the at least one message using the spoofed source address of the network node, wherein the triggering is at least based on a mismatch of the Internet Protocol Realm identity associated with the network node and the source address of another network device in the mirrored copy of the at least one message.

US Pat. No. 10,893,068

RANSOMWARE FILE MODIFICATION PREVENTION TECHNIQUE

FireEye, Inc., Milpitas,...

1. A system to detect and prevent ransomware cyber-attacks on a computer, the system comprising:one or more processors; and
a storage device communicatively coupled to the one or more processors, the storage device to store a plurality of logic modules for execution by the one or more processors, the plurality of logic modules include an indicator scanner, a classification engine, a protection logic, an user interaction logic, and a reporting engine, wherein,
the indicator scanner is configured to receive an analyzable event in response to at least one attempted file access by a process and extract features from the analyzable event relating to the at least one attempted file access and the process,
the classification engine is configured to (i) receive the extracted features, (ii) compare the features with a set of known indicators associated with determinations of a cyber-attack to generate a maliciousness score based on a correlation between the extracted features and the set of known indicators, and (ii) classify the analyzable event as either (a) malicious when the maliciousness score exceeds a first threshold or (b) non-malicious when the maliciousness score fails to exceed a second threshold,
the user interaction logic is configured to (i) receive the analyzable event in response to the maliciousness score having a value between the first threshold and the second threshold and (ii) provide a classification of the analyzable event to the classification engine where the classification is based on a determination by a user or administrator as to whether the analyzable event is malicious,
the protection logic is configured to prevent continued execution of the process in response to the classification engine classifying the analyzable event as malicious, and
the reporting engine is configured to generate and issue an alert in response to the classification of the analyzable event as malicious.

US Pat. No. 10,893,067

SYSTEMS AND METHODS FOR RAPIDLY GENERATING SECURITY RATINGS

BitSight Technologies, In...

6. A database reading method, comprising:receiving, by a database, a query indicating a query key value, wherein the database comprises a plurality of records each comprising a respective key and value, wherein the keys of the records are drawn from a keyspace of permissible keys, and wherein the query represents a request for each record of the database having a respective key that matches the query key value;
searching a manifest of a distributed index of the database, wherein the manifest comprises references to a plurality of segments of a distributed index, wherein the manifest and the segments are stored in an object storage system, wherein the keyspace is partitioned into a plurality of key ranges, wherein each of the segments is associated with a respective one of the key ranges and indexes a respective group of records having key values within the associated key range, and wherein the searching of the manifest identifies one or more of the segments of the distributed index, each of the identified segments being associated with a respective key range that matches the query key value;
searching each of the identified segments of the distributed index to identify each record of the database having a respective key that matches the query key value; and
providing the identified records to an issuer of the query.

US Pat. No. 10,893,066

COMPUTER PROGRAM PRODUCT AND APPARATUS FOR MULTI-PATH REMEDIATION

SecurityProfiling, LLC, ...

1. A non-transitory computer-readable media storing instructions that, when executed by one or more processors, cause the one or more processors to:receive first vulnerability information from at least one first data storage that is generated utilizing second vulnerability information from at least one second data storage that is used to identify a plurality of potential vulnerabilities;
said first vulnerability information generated utilizing the second vulnerability information, by:
identifying at least one configuration associated with a plurality of devices including a first device, a second device, and a third device, and
determining that the plurality of devices is actually vulnerable to at least one actual vulnerability based on the identified at least one configuration, utilizing the second vulnerability information that is used to identify the plurality of potential vulnerabilities;
identify an occurrence in connection with at least one of the plurality of devices;
determine that the at least one actual vulnerability of the at least one of the plurality of devices is susceptible to being taken advantage of by the occurrence identified in connection with the at least one of the plurality of devices, utilizing the first vulnerability information; and
cause utilization of different occurrence mitigation actions of diverse occurrence mitigation types, including a firewall-based occurrence mitigation type and a other occurrence mitigation type, across the plurality of devices for occurrence mitigation by preventing advantage being taken of actual vulnerabilities utilizing the different occurrence mitigation actions of the diverse occurrence mitigation types across the plurality of devices;
wherein the at least one configuration involves at least one operating system.

US Pat. No. 10,893,065

MALWARE DETECTION IN DISTRIBUTED COMPUTER SYSTEMS

Teachers Insurance and An...

1. A method, comprising:receiving, by a network router, a network packet originated by a client computer;
responsive to failing to match the network packet to a plurality of predetermined routes identified by respective destination addresses, forwarding the network packet to a command and control server simulator; and
forwarding, to the client computer system, one or more response packets comprising a command and control instruction issued to the client computer system by the command and control server simulator; and
responsive to receiving a notification from the command and control server simulator, creating a routing rule causing the network router to discard subsequent network packets addressed to a destination address of the network packet.

US Pat. No. 10,893,064

IDENTIFYING SERVICE ISSUES BY ANALYZING ANOMALIES

Microsoft Technology Lice...

1. A data processing system comprising:a processor; and
a memory in communication with the processor, the memory storing instructions that when executed by the processor, cause the processor to perform functions of:
collecting data from a computing environment via a network, the data including telemetry data and change event data;
inputting the telemetry data into a first machine-learning (ML) model to identify a plurality of anomalies in the computing environment based at least in part on the telemetry data;
obtaining the identified plurality of anomalies as an output from the first ML model;
grouping the plurality of anomalies into one or more clusters;
classifying each of the one or more clusters based on a plurality of dimensions, the plurality of dimensions being determined by a second ML model,
assigning a weight to each dimension of the plurality of dimensions for each of the one or more clusters;
aggregating the weights assigned to each dimension to calculate a score for each of the one or more clusters;
generating a ranking for each of the one or more clusters based in part on the calculated score;
based on the ranking, identifying at Last one of the one or more clusters as an error requiring attention; and
transmitting data relating to the at least one of the one or more clusters for notifying a user,
wherein the plurality of dimensions includes a dimension for change events.

US Pat. No. 10,893,063

INFORMATION PROCESSING DEVICE AND INFORMATION PROCESSING METHOD

PANASONIC INTELLECTUAL PR...

1. An information processing device provided outside of a vehicle, the information processing device comprising:a processor; and
a memory including at least one set of instructions that, when executed by the processor, causes the processor to perform operations including:
obtaining a first log of communication data from an onboard system of the vehicle, the communication data corresponding to an onboard network of the vehicle;
determining whether an abnormality is included in the communication data, using the first log; and
outputting, in a case where the determining determines that the abnormality is included in the communication data, first detection results to the onboard system, the first detection results indicating the abnormality is included in the communication data and causing transmission of a second log of the communication data from the onboard system to the information processing device,
wherein the first log is of the communication data in a plurality of sampling periods, each of the plurality of sampling periods being included in one of a plurality of sampling intervals, each of the plurality of sampling intervals having a period of a first time duration, each of the plurality of sampling periods having a period of a second time duration that is shorter than the first time duration, and
the second log includes a larger amount of data generated per the sampling interval than the first log.

US Pat. No. 10,893,062

CABLE ASSEMBLY WITH JACKET LEDS

CyberSecure IPS, LLC, Up...

1. A cable assembly comprising:an outer jacket;
a light emitting diode; and
a core, wherein
the outer jacket includes a channel opening, and
the light emitting diode is positioned within the channel opening and between the core and the outer jacket.

US Pat. No. 10,893,061

AUTOMATED DETECTION OF PHISHING CAMPAIGNS VIA SOCIAL MEDIA

PayPal, Inc., San Jose, ...

1. A system comprising:a non-transitory memory; and
one or more hardware processors coupled to the non-transitory memory and configured to read instructions from the non-transitory memory to cause the system to perform operations comprising:
determining that an online post submitted to an online social media platform comprises a link;
analyzing the link;
determining that the link corresponds to a phishing campaign based on the analyzing;
in response to the determining that the link corresponds to a phishing campaign, identifying a user account with an online service provider based on the online post, wherein the online service provider is different from the online social media platform; and
modifying a configuration of the user account.

US Pat. No. 10,893,060

DEFANGING MALICIOUS ELECTRONIC FILES BASED ON TRUSTED USER REPORTING

MATERIAL SECURITY INC., ...

1. A computer-implemented method comprising:determining that a first electronic communication, received in a first private repository of a user, has been identified as including a threat;
determining a probability that the first electronic communication includes the threat;
in response to determining that the probability exceeds a threshold probability, monitoring for a second electronic communication, received in a second private repository, that includes contents that match the contents of the first electronic communication; and
in response to, based on the monitoring, identification of the second electronic communication:
generating a copy of the second electronic communication to an administrative private repository of an administrator;
editing the copy to remove a portion that is likely to include the threat by: scanning the copy for a payload corresponding to the threat and deleting the payload detected during the scanning from the copy;
inserting the copy of the second electronic communication to the second private repository by causing an application programming interface that administrates the second private repository to insert the copy in the second private repository where the second electronic communication was found, so as to replace the second electronic communication; and
deleting the second electronic communication from the second private repository.

US Pat. No. 10,893,059

VERIFICATION AND ENHANCEMENT USING DETECTION SYSTEMS LOCATED AT THE NETWORK PERIPHERY AND ENDPOINT DEVICES

FireEye, Inc., Milpitas,...

1. A cyber security system to determine and verify a presence of a cyber-attack, comprising:a system including at least one processor to communicate over the network directly or indirectly with one or more endpoint devices, intercept in-bound network traffic at or near a periphery of the network, analyze a first object included in the network traffic to identify one or more first features associated with the first object, the one or more first features including behaviors exhibited during processing of the first object in a virtual machine, and generate a first determination of maliciousness in response to the identified one or more first features associated with the first object;
at least one endpoint device targeted to receive the network traffic, the at least one endpoint device including at least one processor to identify one or more second features associated with one or more objects including a second object corresponding to the first object, wherein the one or more second features include behaviors identified during processing of the one or more objects; and
a security logic engine to receive the one or more first features identified by the system and the one or more second features identified by the at least one endpoint device, verify the first determination of maliciousness of at least the first object based on a combination of the one or more first features and the one or more second features to classify the first object as malware, and generate an alert to report the classification as malware,
wherein the alert includes information that identifies (i) a first software profile associated with the virtual machine in which the one or more first features are exhibited and (ii) a second software profile associated with the at least one endpoint device in which the one or more second features are exhibited during processing of a second object.

US Pat. No. 10,893,058

MALWARE DETECTION AND ALERTING FOR NETWORK CONNECTED DEVICES BASED ON TRAFFIC FLOW ANALYSIS ON LOCAL NETWORK

NORTONLIFELOCK, INC., Te...

1. A computer-implemented method for detecting a presence of a malware application on a computing device, the method comprising:identifying at least a first computing device and a second computing device present on a local network segment of a computing network, wherein at least one of the first computing device and the second computing device is associated with a device type known to not provide malware detection capabilities;
monitoring, on the local network segment, at least a first traffic flow initiated between the first computing device and the second computing device on the local network segment;
generating, from the first traffic flow, a signature characterizing the first traffic flow based on at least one of a time or frequency parameter of the first traffic flow; and
determining, based on the signature, whether the malware application is predicted to be present on the at least one of the first computing device and the second computing device by comparing the signature to a plurality of malware signatures, wherein each of the plurality of malware signatures corresponds to another signature generated for another traffic flow from another computing device matching the device type of the at least one of the first computing device and the second computing device after being compromised by the malware application.

US Pat. No. 10,893,056

MESSAGE VERIFICATION

Nokia Technologies Oy, E...

1. An apparatus comprising:at least one processor; and
at least one memory including computer program code for one or more programs, the at least one memory and the computer program code configured to, with the at least one processor, cause the apparatus to perform at least the following:
obtain, from a timestamp, a truncated timestamp comprising a first number of least significant bits of the timestamp and not comprising at least one most significant bit of the timestamp, to derive a hash value based at least in part on the timestamp, a payload and a secret value, and to compile a first message comprising the truncated timestamp, the payload and, at least in part, the hash value, and
transmit the first message toward a recipient.

US Pat. No. 10,893,055

GEO-FENCE AUTHORIZATION PROVISIONING

Snap Inc., Santa Monica,...

1. A computer implemented method, comprising:receiving a request to post content to an event gallery associated with an event, the request comprising activity data that records a screen capture operation performed on a device at a particular location, and identification data identifying at least one of the device or a user of the device;
performing a first authorization operation including determining that the particular location is within a geo-location fence associated with the event;
performing a second authorization operation including using the identification data to verify an attribute of the user; and
based on the first and second authorization operations, posting the content to the event gallery.

US Pat. No. 10,893,054

PROXIMITY DETECTION SYSTEM

Intel Corporation, Santa...

1. A system of providing a walk away lock, the system comprising:means for receiving, at a compute device, a plurality of data packets from a user device, each packet having corresponding time-to-receive values;
means for determining a baseline latency value of the plurality of data packets based on the respective time-to-receive values;
means for receiving additional data packets from the user device, each of the additional data packets having corresponding time-to-receive values;
means for calculating a current latency value of the additional data packets based on an average of the corresponding time-to-receive values; and
means for performing a security operation based on the baseline latency value and the current latency value,
wherein a particular time-to-receive value of the plurality of time-to-receive values comprises the time period from when the compute device started receiving a first byte of the data packet to when the compute device finished receiving a last byte of the data packet.

US Pat. No. 10,893,053

PREVENTING UNAUTHORIZED ACCOUNT ACCESS BASED ON LOCATION AND TIME

Roblox Corporation, San ...

1. A method, comprising:storing, by at least one processing device in a collaboration platform and responsive to successful authentication of a first authentication request for an account at the collaboration platform, first client device information associated with the first authentication request, a first geographic location associated with the first authentication request, and a first time of the first authentication request;
receiving, by the at least one processing device, a second authentication request for the account at the collaboration platform;
identifying, by the at least one processing device, a second geographic location associated with the second authentication request and a second time of the second authentication request;
determining, by the at least one processing device, whether client device information associated with the second authentication request is distinct from the first client device information;
in response to a determination that the client device information associated with the second authentication request is distinct from the first client device information:
determining, by the at least one processing device, whether a difference in time between the first time and the second time is sufficient to enable a user of the account to travel a difference in distance between the first geographic location and the second geographic location within the difference in time; and
providing, by the at least one processing device, access to the account responsive to a determination that the difference in time is sufficient and to successful authentication of the second authentication request, wherein the first client device information comprises a first browser fingerprint of a first browser at a first client device that sent the first authentication request to the collaboration platform, and wherein the client device information that is distinct from the first client device information comprises a second browser fingerprint of a second browser at a second client device that sent the second authentication request to the collaboration platform; and
in response to a determination that the client device information associated with the second authentication request is same as the first client device information, providing, by the at least one processing device, access to the account responsive to successful authentication of the second authentication request.

US Pat. No. 10,893,052

DURESS PASSWORD FOR LIMITED ACCOUNT ACCESS

Facebook, Inc., Menlo Pa...

1. A computer program product comprising a non-transitory computer-readable storage medium containing computer program code for performing the steps:storing a set of passwords in association with a user account on an online system, the set of passwords comprising a primary password and a duress password;
prompting a user to provide a user name and a password to gain access to the user account, the user name uniquely identifying the user account on the online system;
responsive to determining that the user has provided the primary password, granting access to the user account in a regular access mode, wherein a plurality of data items associated with the user account are accessible to the user in the regular access mode; and
responsive to determining that the user has provided the duress password, granting access to the user account in a limited access mode, wherein at least one data item associated with the user account is inaccessible to the user in the limited access mode and is accessible to the user in the regular access mode, and wherein a second set of data items associated with the user account are publicly accessible on the online system, and wherein the second set of data items is accessible to the user in the limited access mode, wherein the second set of data items comprises information stored as part of a user profile associated with the user account.

US Pat. No. 10,893,051

RESOURCE-DRIVEN DYNAMIC AUTHORIZATION FRAMEWORK

Convida Wireless, LLC, W...

1. An apparatus, the apparatus forming a resource hosting entity in a machine-to-machine network, the apparatus comprising a processor, a memory, and computer-executable instructions stored in the memory which, when executed by the processor, cause the apparatus to:receive, from a sensor, a request to create a resource to store raw sensor data;
receive the raw sensor data from the sensor;
create the resource for the raw sensor data;
store the raw sensor data in the resource;
perform a security classification process on the raw sensor data to determine a security class of the resource by extracting information from the raw sensor data, the security class of the resource comprising a security level required to access the raw sensor data stored in the resource;
perform a security achievability determination process in view of the security class of the resource to determine a security achievability mechanism for the resource, wherein the security achievability mechanism comprises a required authentication, authorization, or payment that a client must perform before accessing the data of the resource; and
send, to a resource listing entity, an indication of the security achievability mechanism for the resource such that the security achievability mechanism and information regarding the resource can be discovered by the client.

US Pat. No. 10,893,050

COMPUTER PRODUCT, METHOD, AND SYSTEM TO DYNAMICALLY PROVIDE DISCOVERY SERVICES FOR HOST NODES OF TARGET SYSTEMS AND STORAGE RESOURCES IN A NETWORK

Intel Corporation, Santa...

1. A non-transitory computer-readable storage media comprising instructions stored thereon, that, if executed by at least one processor, cause the at least one processor to:generate an access control list indicating any host node that can access storage resources of one or more target systems, wherein the access control list includes information on one or more hosts provisioned to access storage resources managed by target systems and at least one of the target systems includes one or more physical or virtual subsystems;
receive a request from a requesting host node for storage resources that the requesting host node is permitted to access;
provide host discovery information, based on the access control list, to the requesting host node indicating the storage resources, including one or more virtual subsystems, that the requesting host node is permitted to access; and
provide connection information, based on the access control list, to the requesting host node to connect to the at least one of the target systems.

US Pat. No. 10,893,049

ACCESS POINT NAME AUTHORIZATION METHOD, APPARATUS, AND SYSTEM

HUAWEI TECHNOLOGIES CO., ...

1. An access point name (APN) authorization method, comprising:receiving, by a network device, a connection request message from a user equipment (UE), wherein the connection request message requests access to a target APN, wherein the network device comprises a non-3rd Generation Partnership Project (non-3GPP) access gateway;
obtaining, by the non-3GPP access gateway, information about an authorized access network type corresponding to the target APN of the UE, wherein the information includes subscription data reflecting a relationship between the target APN that the UE is allowed to access and a type of access network that the UE currently accesses; and
determining, by the non-3GPP access gateway according to the type of access network that the UE currently accesses and the information about the authorized access network type corresponding to the target APN of the UE, whether the target APN of the UE is authorized in the type of access network that the UE currently accesses,
wherein when the non-3GPP access gateway determines that the target APN of the UE is not authorized, the method further comprises sending, by the non-3GPP access gateway, an Extensible Authentication Protocol (EAP)-Authentication and Key Agreement Protocol (AKA) message to the UE, wherein the EAP-AKA message includes an authorization failure cause indicating that the target APN of the UE fails to be authorized in the type of the non-3GPP access network that the UE currently accesses, and wherein the authorization failure cause is a Diameter protocol value.

US Pat. No. 10,893,048

MULTI-BLOCKCHAIN NETWORK DATA PROCESSING

Advanced New Technologies...

1. A computer-implemented method, comprising:obtaining a data processing request at a blockchain node that is operating as a blockchain node in both a public blockchain network and an alliance-specific blockchain network, the data processing request containing an identifier used to identify the public blockchain network or the alliance-specific blockchain network as a blockchain network to which the data processing request belongs, wherein the blockchain node comprises a ledger for the public blockchain network and a ledger for the alliance-specific blockchain network;
extracting the identifier from the data processing request; and
executing, based on the identifier, corresponding processing logic associated with the data processing request.

US Pat. No. 10,893,047

SYSTEMS AND METHODS FOR PROVIDING SECURITY VIA INTERACTIVE MEDIA

GANALILA, LLC, Boston, M...

1. A system comprising:a processor; and
a non-transitory, processor-readable storage medium, wherein the non-transitory, processor-readable storage medium comprises one or more programming instructions that, when executed, cause the processor to:
receive a request to access a secured resource;
provide one or more verification challenges to at least one user via a user interface, wherein a verification challenge comprises a game;
receive input from the at least one user in response to at least one verification challenge, the received input comprising at least one gameplay input;
compare the received input against previously captured information comprising a set of learned user characteristics, wherein the set of learned characteristics are based on one or more authorized users' tendencies over several login attempts; and
determine, based on the comparison, at least one of:
that the received input corresponds to at least one parameter indicative of an authorized user;
that the received input does not correspond to at least one parameter indicative of an authorized user;
that the received input corresponds to at least one parameter indicative of an unauthorized user; and
that the received input does not correspond to at least one parameter indicative of an unauthorized user.

US Pat. No. 10,893,046

MANAGING USE OF NETWORK RESOURCES

BlackBerry Limited, Wate...

1. A method of managing use of network resources on a device, the method comprising:receiving, at the device, outbound data from an application associated with a first group of logically separate resources, while the device is connected to both a first network and a second network, wherein the device includes the first group of logically separate resources and a second group of logically separate resources, the first group of logically separate resources includes a first network resource for accessing the first network, the second group of logically separate resources includes a second network resource for accessing the second network, and the first network is different than the second network;
in response to receiving the outbound data from the application associated with the first group of logically separate resources, outputting, on the device, a graphic user interface that requests a user input indicating whether to allow the application associated with the first group of logically separate resources to access the second network resource associated with the second group of logically separate resources; and
in response to receiving the user input indicating whether to allow the application associated with the first group of logically separate resources to access the second network resource associated with the second group of logically separate resources, determining, according to the user input, whether to route the outbound data received from the application associated with the first group of logically separate resources to the second network using the second network resource associated with the second group of logically separate resources while the device is connected to both the first and the second networks.

US Pat. No. 10,893,045

SYSTEM FOR ACCESSING DATA FROM MULTIPLE DEVICES

Liberty Labs Limited, Lo...

1. A method of accessing data at a device, wherein the device comprises a secure element, and wherein the data is stored in a partition associated with the device, and is stored in the device, remotely from the device, or in removable storage, the method comprising:registering an identification code of the secure element with the stored data;
entering, by a user, a passcode or PIN of the partition at the device;
verifying the passcode or PIN entered by the user in the secure element of the device;
sending a request via a secure channel from the device to access the stored data, the request including information specifying the partition, an encrypted identification code of the secure element, and the result of verification of the passcode or PIN entered by the user at the device;
verifying, based at least partly on the identification code, whether access to the stored data is to be allowed or denied; and
allowing or denying the device access to the stored data accordingly;
wherein the stored data facilitates connection to a third party service, and wherein a plurality of identification codes for a corresponding plurality of secure elements can be associated with the stored data.

US Pat. No. 10,893,044

BIOMETRIC IDENTITY REGISTRATION AND AUTHENTICATION

ADVANCED NEW TECHNOLOGIES...

1. A computer-implemented method, comprising:receiving, at an authentication server and from a service server, a first registration information request packet of a user equipment, wherein the first registration information request packet includes an identity of a service account;
generating, by the authentication server, a virtual account identity corresponding to the identity of the service account;
encapsulating, by the authentication server, the virtual account identity into a registration information response packet;
signing, by the authentication server, the registration information response packet using an authentication server private key;
forwarding, by the authentication server through the service server, the registration information response packet to the user equipment;
performing, by the user equipment, a first signature verification on the registration information response packet using a registered authentication server public key, wherein the registered authentication server public key corresponds to the authentication server private key;
determining that the first signature verification is successful;
in response to determining that the first signature verification is successful, receiving, by the authentication server, from the user equipment through the service server, a second registration request packet signed by the user equipment using a user equipment private key, wherein the second registration request packet includes a device identity of the user equipment, the virtual account identity, a biometric authentication type, a biometric feature token, and a service public key, wherein the service public key and a corresponding service private key are generated by the user equipment and are used to perform identity authentication of the user equipment;
obtaining, a registered user equipment public key based on the device identity of the user equipment, wherein the registered user equipment public key corresponds to the user equipment private key;
performing a second signature verification on the second registration request packet using the registered user equipment public key;
performing, by the authentication server, a verification of the second registration request packet based on a registration verification code and a time interval between a transmission of the registration information response packet and a receiving the second registration request packet;
determining that the second signature verification is successful and the verification of the second registration request packet is successful; and
in response to determining that the second signature verification is successful and the verification of the second registration request packet is successful, saving, by the authentication server, a mapping relationship among the device identity of the user equipment, the virtual account identity, the biometric authentication type, the biometric feature token, and the service public key, to perform an identity authentication on the service account.

US Pat. No. 10,893,043

SYSTEMS AND METHODS FOR SECURE DISPLAY OF DATA ON COMPUTING DEVICES

Massachusetts Mutual Life...

1. A method, comprising:receiving, by a server, via one or more pulse sensors, pulse waveform data collected from one or more measurement positions of a known user while wearing a wearable device, wherein the one or more measurement positions comprises at least a temple pulse position and a wrist pulse position;
generating, by the server, a biometric pulse signature characterizing the pulse waveform data identifying the known user wearing the wearable device, wherein the biometric pulse signature associated with the known user wearing the wearable device is stored in a system database comprising a non-transitory machine readable storage medium configured to store a plurality of biometric pulse signatures associated with a plurality of known users;
receiving, by the server, via the one or more pulse sensors, pulse waveform data collected from the one or more measurement positions of a new user wearing the wearable device;
authenticating, by the server, the new user, in response to the server determining the pulse waveform data associated with the new user matches at least one biometric pulse signature of the plurality of biometric pulse signatures stored in the system database; and
transmitting, by the server, instructions to a user computing device to convert scrambled data displayed on a screen of the user computing device into unscrambled data,
whereby the screen of the user computing device displays the unscrambled data as a plurality of segments in a predetermined configuration, at least a portion of the segments not readable without the wearable device, and
wherein the unscrambled data is readable when the screen of the user computing device is viewed through one or more lenses of the wearable device by the new user, the one or more lenses having a segment configuration corresponding to the predetermined configuration of the plurality of segments displayed on the user computing device.

US Pat. No. 10,893,042

WI-FI ENABLED CREDENTIAL ENROLLMENT READER AND CREDENTIAL MANAGEMENT SYSTEM FOR ACCESS CONTROL

Schlage Lock Company LLC,...

1. A method, comprising:receiving, by a credential management system and from a credential reader device, an authentication message including a unique identifier of the credential reader device;
retrieving, by the credential management system, a key based on the authentication message;
verifying, by the credential management system, the authentication message to authenticate the credential reader device to the credential management system by verifying the unique identifier of the credential reader device using the key retrieved by the credential management system;
reading, by the credential reader device, a unique credential identifier of a passive credential device;
transmitting, by the credential reader device, the unique credential identifier of the passive credential device to the credential management system via a secure wireless connection;
receiving, by the credential reader device, credential device data from the credential management system via the secure wireless connection; and
transmitting, by the credential reader device, the received credential device data to the passive credential device.

US Pat. No. 10,893,041

SINGLE USE PASSCODE AUTHENTICATION

INTERNATIONAL BUSINESS MA...

1. A computer-implemented method for single use passcode authentication, the method comprising:generating, by a host processing system, a single use authentication map to map a private set of characters to a public set of characters;
transmitting, by the host processing system, the single use authentication map to a user processing system, the user processing system presenting an authentication interface comprising the public set of characters to a user to enable the user to enter a user passcode using the public set of characters, the user processing system encoding the user passcode into a single use passcode based at least in part on the single use authentication map;
receiving, by the host processing system, the single use passcode from the user processing system;
decoding, by the host processing system, the single use passcode back into the user passcode based at least in part on the single use authentication map;
determining, by the host processing system, whether the user passcode matches an expected passcode; and
responsive to determining that the user passcode does not match the expected passcode, generating, by the host processing system, a second single use authentication map to map a second private set of characters to the public set of characters, the second single use authentication map differing from the single use authentication map.

US Pat. No. 10,893,040

ACCESS CONTROL WITH AUTHENTICATION

Alcatel Lucent, Boulogne...

1. A method for an authentication of a user accessing an access control device providing a service via a communication device associated with the user, comprising:receiving, by an application server via a first interface, a request for a web service from one of the communication device and the access control device operably connected to the application server via a network comprising a presence server that manages a network database and a network server that provides services, the request containing an identifier of the communication device, an identifier of the access control device and pairing data that indicates that the communication device is associated with the access control device via a communication session,
checking in the network database, by the application server via a second interface, a user subscription by means of the identifier of the communication device and the identifier of the access control device,
sending, by the application server via the first interface, a response to the access control device to request the user to enter a secret code via an interface of the access control device,
in a condition that the entered secret code matches a stored secret code at a service provider server, receiving, by the application server via the second interface, a temporary secret code generated by the service provider server, and
sending, by the application server via the first interface, a message to the communication device, the message containing the temporary secret code, to request the user to enter the temporary secret code via the interface of the access control device for access to the service provided by the access control device.

US Pat. No. 10,893,039

PHONE NUMBER PROTECTION SYSTEM

International Business Ma...

1. A system comprising:one or more processors;
a memory coupled to at least one of the one or more processors; and
a set of computer program instructions stored in the memory and executed by at least one of the one or more processors in order to perform actions of:
receiving a request, from a smart phone of a caller, for establishing telephone communication with a smart phone of a callee, wherein the request contains a code to identify the smart phone of the callee,
checking whether the code is recorded in a transaction record, whether the transaction record has a record of the smart phone of the callee providing the code to the smart phone of the caller, and whether the code is retrievable by the one or more processors, and
in response to determining that the code is recorded in the transaction record, that the transaction record has a record of the smart phone of the callee providing the code to the smart phone of the caller, and that the code retrievable by the one or more processors, retrieving a phone number of the caller and a phone number of the callee based on the request,
establishing a phone call connection via a cellular network with the phone number of the caller and the phone number of the callee;
transmitting, by the smart phone of the caller, the code to a third smart phone;
recording, in the transaction record, the smart phone of the caller transmitting the code to the third smart phone;
receiving a second request, from the third smart phone, for establishing telephone communication with the smart phone of the callee, wherein the second request contain the code;
checking whether the transaction record has a record of the smart phone of the caller providing the code to the third smart phone;
in response to determining the transaction record has a record of the smart phone of the caller providing the code to the third smart phone, retrieving a phone number of the third smart phone and the phone number of the callee based on the second request, and
establishing a second phone call connection via the cellular network with the phone number of the third smart phone and the phone number of the callee.

US Pat. No. 10,893,038

ATTRIBUTED NETWORK ENABLED BY SEARCH AND RETRIEVAL OF PRIVITY DATA FROM A REGISTRY AND PACKAGING OF THE PRIVITY DATA INTO A DIGITAL REGISTRATION CERTIFICATE FOR ATTRIBUTING THE DATA OF THE ATTRIBUTED NETWORK

Cognitive Strategies, LLC...

1. A method of generating an attributed network for tracing transmitted data that is attributable to a user, the method comprising:generating a digital registration certificate by packaging a biometric marker with a verified privity marker, the verified privity marker representing a human-witnessed affirmation of an identity of a user;
registering the digital registration certificate in a registry that comprises a block chain by generating an immutable entry in the block chain of the registry, with the generated immutable entry storing the digital registration certificate and representing initial registration of the digital registration certificate, with the immutable entry in the block chain storing the biometric marker and referencing the verified privity marker representing the human-witnessed affirmation of the identity of the user, and with retrieval of the digital registration certificate being required to access the attributed network;
receiving, from a client device, a request to access the attributed network, the request comprising biometric login data;
authenticating the user of the client device by verifying the biometric login data as matching the biometric marker included in the immutable entry in the registry;
responsive to authenticating, obtaining the digital registration certificate from the registry;
causing packaging, by a virtual browser configured for accessing the attributed network, of the digital registration certificate with user data generated by the user and specified by a client device of the user;
generating a new entry on the block chain in the registry, the new entry being linked to the immutable entry, the new entry indicating that the user data are attributed to the user by associating the user data with the privity marker representing the human-witnessed affirmation of the identity of the user;
following transmission of the user data packaged with the digital registration certificate by the virtual browser of the attributed network, receiving a request, from a device, to verify that the user data transmitted from the client device is attributable to the user, with the request including the digital registration certificate;
responsive to the request, retrieving, based on the digital registration certificate, the verified privity marker, representing the human-witnessed affirmation of the identity of the user, that is referenced by the new entry linked to the generated immutable entry; and
verifying, to the device, attribution of the verified privity marker to the user.

US Pat. No. 10,893,037

MEDICAL DEVICE WIRELESS ADAPTER

Welch Allyn, Inc., Skane...

1. A medical device adaptive module comprising:a radio section comprising:
two or more wired means for connecting to and exchanging data packets between the adaptive module, a first host medical device and a second host medical device, the first host medical device comprising a peripheral oxygen saturation (SpO2) monitor and the second host medical device comprising an electrocardiogram (ECG) monitor, the data packets comprising at least a first data packet and a second data packet; and
one or more wireless means for exchanging processed data packets between said adaptive module and a network, the processed data packets comprising a processed first data packet and a processed second data packet, each of the processed first data packet and the processed second data packet comprising medical data; and
a CPU block including one or more memory means and integrated support for hosting one or more applications, wherein the one or more applications comprises a medical data application, the medical data application being configured for continuously for a period of time processing each of the data packets by:
receiving first unprocessed data packets from the first and second host medical devices through the one or more wired means, the first unprocessed data packets comprising SpO2 data and ECG data,
processing and aggregating medical data contained in the first unprocessed data packets to create the processed first data packet,
exchanging the processed first data packet with the network with the one or more wireless means,
then receiving, processing and aggregating and exchanging second unprocessed data packets in the same manner as the first unprocessed data packets, wherein the processing and aggregating comprises determining a pulmonary problem based on the SpO2 data and the ECG data received in the first unprocessed data packets, the pulmonary problem comprising apnea or airway obstruction, and
sounding an alarm identifying the pulmonary problem.

US Pat. No. 10,893,036

BUSINESS MESSAGING INTERFACE

Apple Inc., Cupertino, C...

1. A method at an electronic device that is in communication with a display device and one or more input devices, the method comprising:displaying, via the display device, a messaging user interface that corresponds to a messaging session between a user of the electronic device and a respective participant in the messaging session other than the user of the electronic device, wherein the respective participant is associated with a user account of the user, and wherein displaying the messaging user interface includes concurrently displaying, via the display device:
a plurality of messages from one or more participants in the messaging session; and
a message compose region for composing a new message;
while displaying, via the display device, the messaging user interface, receiving a request from the respective participant for the user of the electronic device to authenticate with the user account that is associated with the respective participant;
in response to receiving the request from the respective participant, updating the messaging user interface to concurrently display, via the display device:
one or more messages from one or more of the participants in the messaging session;
a first credential verification affordance in messaging user interface; and
the message compose region for composing a new message;
detecting, via the one or more input devices, one or more user inputs to authenticate with the user account, wherein the one or more user inputs includes an input corresponding to selection of the first credential verification affordance in the messaging user interface; and
after detecting the one or more user inputs to authenticate with the user account, in accordance with a determination that an authentication with the user account was successful, providing an indication that the user was successfully authenticated with the user account to the respective participant.

US Pat. No. 10,893,035

NETWORK ARCHITECTURE FOR CONTROLLING DATA SIGNALLING

Wire I.P. Limited, Dubli...

1. A network architecture for controlling network data signalling in a network, comprising:at least one core network having at least a first node storing a database of contents and network communication parameters which comprises access rules for users of data processing terminals and devices connected to the network,
wherein the database of contents and network communication parameters stores data related to use of contents data on the network or communication options for one or more users on the network, and wherein the first node is adapted to communicate at least the data related to use of the contents data on the network or the communication options for one or more users on the network;
at least one sub-network operably interfaced with the core network, having at least a network transaction processing node;
wherein each of the first node and the network transaction processing node is adapted to authenticate all users of data processing terminals and devices connected to the network for access to the network or predetermined parts of the network and to allow, block and monitor the network signals of users and devices based on the database of contents and network communication parameters;
at least one information exchange server operably interfaced with the sub-network and storing a registration and communication database having respective unique identifier(s) of each of the one or more network users recorded therein;
wherein access by network-connected data processing terminals to other data processing terminals, devices and contents data on the network is controlled by the first node or the network transaction processing node according to predetermined criteria recorded in the database of contents and network communication parameters or in the registration and communication database; and
wherein the predetermined criteria are updated by each of the first node, the network transaction processing node and the information exchange server.

US Pat. No. 10,893,034

PRESENTING A PERSONALIZED VALUE ADDED OFFER DURING AN ADVANCED VERIFICATION PROCESS

AMERICAN EXPRESS TRAVEL R...

1. A method comprising:tracking, by a processor and via a computer network, a plurality of transactions associated with an account holder;
determining, by the processor, an acceptance rate of value added offers accepted by the account holder;
determining, by the processor, an abandonment rate of value added offers abandoned by the account holder;
receiving, by the processor and via a first access point, a purchase request for a full purchase amount from a computing device of the account holder;
receiving, by the processor, an enrollment verification request, wherein the enrollment verification request comprises data relating to the account holder;
determining, by the processor, an enrollment status of the account holder in a secondary authentication system, based at least in part on data about the enrollment of the account holder;
determining, by the processor, a value added offer, wherein the value added offer is based at least in part on the account holder and comprises at least one of: an account credit, an amount of reward points, a coupon, or a purchase protection plan;
transmitting, by the processor, an authorization request for the full purchase amount to an issuer computing device that issued the account;
configuring, by the processor, a secondary authentication interface personalized for the account holder, wherein the secondary authentication interface is configured to:
(i) prompt the account holder to enter a first plurality or security credentials based on the acceptance rate, and
(ii) prompt the account holder to enter a second plurality of security credentials based on the abandonment rate; and
displaying, by the processor via a second access point, the secondary authentication interface on the computing device of the account holder, wherein the secondary authentication interface comprises the value added offer and the first plurality of security credentials prompt or the second plurality of security credentials prompt.

US Pat. No. 10,893,033

ACCESSING CLIENT CREDENTIAL SETS USING A KEY

salesforce.com, inc., Sa...

1. A method, comprising:providing, by a computer system, a server-based platform accessible to a plurality of users, wherein the server-based platform permits an application that is developed by one of the plurality of users to be utilized by others of the plurality of users;
subsequent to receiving an indication to make available an application for a particular one of the plurality of users, the computer system retrieving configuration data from a different computer system, wherein the configuration data specifies a reference to a key value;
maintaining, by the computer system, a data object that includes a client credential set for the particular user;
in response to an occurrence of an event associated with the application, the computer system:
accessing the client credential set of the particular user from the data object, wherein the client credential set of the particular user is accessed using the key value and an indication of the particular user;
sending, to a destination computer system, a request to authenticate with the destination computer system, wherein the request includes the client credential set; and
receiving, from the destination computer system, a response that indicates whether the computer system has been authenticated with the destination computer system.

US Pat. No. 10,893,032

ENCRYPTION KEY MANAGEMENT SYSTEM FOR CLOUD SERVICES

SAMSUNG SDS CO., LTD., S...

1. An encryption key management system comprising:a key access server comprising a first processor configured to:
encrypt a service key based on a master key corresponding to the service key,
in response to a service key request from a service provision server that provides a cloud service, provide the encrypted service key to the service provision server,
and
assign an identifier indicating a category corresponding to the service key; and
a master key management server comprising a second processor configured to:
extract a plurality of key fragments from the master key,
store the plurality of key fragments in a distributed manner, and
in response to a master key request from the key access server, provide, to the key access server, the master key reconstructed from the plurality of key fragments;
wherein the category is composed of a plurality of layers,
wherein any one of the plurality of layers is set as a reference layer used for master key management, and
wherein the service key of a lower layer belonging to the reference layer is encrypted and stored using a first master key.

US Pat. No. 10,893,031

DYNAMICALLY SERVING DIGITAL CERTIFICATES BASED ON SECURE SESSION PROPERTIES

CLOUDFLARE, INC., San Fr...

1. A method in a server, comprising:receiving a first request from a first client network application executing on a first client device that initiates a first handshake procedure to establish a first secure session;
analyzing the first request to determine a first set of one or more properties of the first request, wherein the determined first set of one or more properties specifies that the first client network application supports:
an Elliptic Curve Digital Signature Algorithm (ECDSA) with a first cryptographic hash algorithm, and
a Rivest-Shamir-Adleman (RSA) signature algorithm with a second cryptographic hash algorithm;
selecting, from a plurality of certificates for a hostname for the server that includes a first certificate that is signed using ECDSA with the first cryptographic hash algorithm and a second certificate that is signed using RSA with the second cryptographic hash algorithm, the first certificate based at least in part on the determined first set of one or more properties of the first request; and
returning the selected first certificate to the first client network application.

US Pat. No. 10,893,030

METHODS, SYSTEMS, AND COMPUTER READABLE MEDIA FOR IMPLEMENTING BANDWIDTH LIMITATIONS ON SPECIFIC APPLICATION TRAFFIC AT A PROXY ELEMENT

KEYSIGHT TECHNOLOGIES, IN...

1. A system for implementing bandwidth limitations on specific application traffic at a proxy element, the system comprising:a processor;
a memory included in the proxy element;
a monitoring engine that is stored in the memory of the proxy element and when executed by the processor is configured for receiving a packet flow from at least one source client, identifying encrypted packets associated with a specific application traffic type from among the packet flow; and
a bandwidth limiter that is stored in the memory of the proxy element and when executed by the processor is configured for receiving the identified encrypted packets, applying a bandwidth limitation operation to the identified encrypted packets, executing a decryption operation on the identified encrypted packets if an accumulated amount of payload bytes of the identified encrypted packets complies with parameters of the bandwidth limitation operation, wherein the bandwidth limitation operation includes determining a number of payload bytes associated with the identified encrypted packets received by the bandwidth limiter and determining if a total payload byte count exceeds the maximum payload byte count threshold, and suspending the decryption operation until an initiation of a following time interval if the total payload byte count is determined to exceed the maximum payload byte count threshold.

US Pat. No. 10,893,029

SECURE COMPUTING SERVICE ENVIRONMENT

Amazon Technologies, Inc....

1. A non-transitory machine readable storage medium includinginstructions embodied thereon, the instructions when executed by a processor:
create a virtual secure maintenance network in a physically secure area of a data center, which allows cleared labor to access a region translation device located in the physically secure area of the data center, wherein physical access to the physically secure area of the data center is limited to the cleared labor, and the data center includes a physical public area with computing resources used to execute both a public region and a secure region, and a virtual secure maintenance network channel allows the cleared labor to connect to the virtual secure maintenance network and access the region translation device to manage the secure region of the data center;
create and configure the secure region of the data center using the virtual secure maintenance network channel, wherein encryption is used to logically separate the secure region from the public region of the data center, wherein ownership of data is determined using the region translation device that has access to a translation table which maps a public region account to a secure region account that owns the data in the secure region, and the translation table specifies a storage location for the data in the secure region of the data center, and the translation table is located with the region translation device in the physically secure area in the data center;
receive a customer request associated with the public region account at the data center requesting the data stored in the secure region of the data center;
identify the secure region account mapped to the public region account using the region translation device to access the translation table;
identify the data stored in the secure region of the data center using the region translation device to access the translation table, wherein the data is encrypted using an encryption technique specified by the secure region account when stored to the secure region;
obtain, using the region translation device, the data from the secure region;
decrypt, using the region translation device, the data using a decryption technique specified by the secure region account; and
transfer the data, using the region translation device, to the public region of the data center for customer-use in the public region in association with the public region account.

US Pat. No. 10,893,027

SECURE ACCESS TO INDIVIDUAL INFORMATION

VYRTY CORPORATION, Issaq...

21. A computing system, comprising:one or more hardware processors; and
a memory having contents whose execution by the one or more hardware processors cause the computing system to perform a method, the method comprising:
in a first computing device:
capturing an image of at least a portion of one facet of a personal data storage device;
identifying in the captured image a non-textual visual symbol encoding information;
decoding the symbol to obtain an identifier identifying a person to whom the personal data storage device was issued;
selecting personal information of the identified person;
encrypting the selected personal information with a key associated with the identifier; and
transmitting the encrypted personal information to a server different from the first computing device;
in a second computing device different from the first computing device and the server:
detecting a connection to the personal data storage device;
using the connection to the personal data storage device, obtaining from the personal data storage device the identifier;
providing the obtained identifier to the server;
receiving the encrypted personal information from the server; and
using the connection to the personal data storage device, storing the encrypted personal information on the personal data storage device.

US Pat. No. 10,893,026

PRIVACY MANAGING ENTITY SELECTION IN COMMUNICATION SYSTEM

Nokia Technologies Oy, E...

1. A method comprising:in a home network of a communication system, wherein one or more cryptographic key pairs are provisioned for utilization by one or more of a plurality of subscribers of the home network to conceal subscriber identifiers provided to one or more access points in the communication system;
receiving, at one of the one or more access points from user equipment, a request for authentication data for one of the plurality of subscribers, the request for authentication data comprising a concealed subscriber identifier and a privacy managing entity identifier, the privacy managing entity identifier identifying one of one or more privacy managing entities in the home network of the communication system configured to de-conceal the concealed subscriber identifier;
utilizing said one of the one or more privacy managing entities in the home network of the communication system identified by the privacy managing entity identifier in the request for authentication data to de-conceal the concealed subscriber identifier; and
obtaining, from one of a plurality of different instances of a user data repository, the authentication data for said one of the plurality of subscribers utilizing the de-concealed subscriber identifier, each of the plurality of different instances of the user data repository maintaining authentication data for a different subset of the plurality of subscribers of the home network;
wherein said one of the one or more privacy managing entities in the home network of the communication system comprises one of:
a central privacy managing entity in the home network that manages de-concealment of concealed subscriber identifiers for a mobile network operator in the home network and one or more mobile virtual network operators in the home network;
a first dedicated privacy managing entity associated with the mobile network operator in the home network; and
a second dedicated privacy managing entity associated with one of the one or more mobile virtual network operators in the home network.

US Pat. No. 10,893,025

SECURITY MANAGEMENT IN COMMUNICATION SYSTEMS WITH NETWORK FUNCTION ASSISTED MECHANISM TO SECURE INFORMATION ELEMENTS

Nokia Technologies Oy, E...

1. A method comprising:in a communication system comprising a first network operatively coupled to a second network, wherein the first network comprises a first security edge protection proxy element operatively coupled to a second security edge protection proxy element of the second network, wherein the first network comprises a visited network in the communication system and the second network comprises a home network in the communication system;
constructing a message at a first network function in the first network destined for a second network function in the second network, wherein the message comprises at least one information element and at least one indicator, wherein the at least one indicator is set to specify at least one security operation to be applied to the at least one information element before sending the message to the second security edge protection proxy element of the second network.

US Pat. No. 10,893,024

PRIVATE NETWORK PEERING IN VIRTUAL NETWORK ENVIRONMENTS

Amazon Technologies, Inc....

1. A system, comprising:a provider network comprising a network substrate;
a plurality of host devices implementing a plurality of resource instances of the provider network, wherein subsets of the resource instances are provisioned in virtual networks on the provider network;
one or more computing devices implementing a peering service, wherein the one or more computing devices are configured to:
determine routing information for routing network packets between one or more resource instances of a first virtual network of the provider network and one or more resource instances of another virtual network of the provider network via a peering on the provider network; and
enable the first virtual network and the other virtual network to exchange network packets via the peering on the provider network, wherein the network packets are routed between the first virtual network and the other virtual network through the peering instead of being routed through a public or private gateway of the first virtual network or the other virtual network.

US Pat. No. 10,893,023

PER-APPLICATION VPN IN CONTAINER BASED ENVIRONMENTS

VMware, Inc., Palo Alto,...

1. A method for enabling per-application virtual private network (VPN) capability for containers, the method comprising:establishing a VPN tunnel of a site-to-site configuration and associating a local area network (LAN) with the VPN tunnel, wherein the VPN tunnel and the LAN are established by invoking one or more application programming interfaces (APIs) of a network virtualization software;
receiving a per-application VPN policy that specifies which applications are permitted to access one or more VPN tunnels and storing the per-application VPN policy;
detecting a launch of an application on a virtual machine (VM) and creating a container to execute the application on the VM;
determining, based on the per-application VPN tunnel policy, that the application being launched is permitted to access the VPN tunnel;
generating a virtual Network Interface Controller (vNIC) for the container of the application on the VM and assigning a new Internet Protocol (IP) address on the vNIC to the container, wherein the vNIC is created for the container using a hypervisor hosting the VM; and
connecting the vNIC to the LAN associated with the VPN tunnel based on the per-application VPN policy to enable the application running in the container to access the VPN tunnel.

US Pat. No. 10,893,022

ROUTING PROTOCOL SECURITY USING A DISTRIBUTED LEDGER

EQUINIX, INC., Redwood C...

1. A method comprising:receiving, by a first network device via a routing protocol peering session with a peer router in a first autonomous system, a plurality of routing protocol routes to destination addresses, each routing protocol route of the plurality of routing protocol routes specifying a network address prefix and an identifier of the autonomous system that originated the routing protocol route;
receiving, by the first network device, network address prefix ownership information from a distributed ledger storing a plurality of associations between respective network address prefixes and respective autonomous system identifiers of autonomous systems confirmed to own the respective network address prefixes;
receiving, by the first network device from a second network device associated with a second autonomous system, threat pattern data indicating patterns in routing protocol route changes in the second autonomous system;
determining, by the first network device and based at least on the network address prefix ownership information and the threat pattern data, whether any of the plurality of routing protocol routes specifies an autonomous system identifier different than specified by the plurality of associations; and
in response to determining that a route of the plurality of routing protocol routes specifies an autonomous system identifier different than specified by the plurality of associations, performing, by the first network device, an action.

US Pat. No. 10,893,021

METHODS FOR MAPPING IP ADDRESSES AND DOMAINS TO ORGANIZATIONS USING USER ACTIVITY DATA

BitSight Technologies, In...

1. A computer-implemented method for mapping Internet Protocol (IP) addresses and domain names to organizations, the method comprising:receiving, by a mapping system from a data provider, a dataset related to a plurality of users of the data provider, the dataset having at least one of:
(a) an IP address for a user device of each user of the plurality of users, or
(b) a domain name for a user account of each user of the plurality of users;
enriching, by an analytics engine of the mapping system, the received dataset with enrichment data from an enrichment source, wherein enriching the received dataset comprises:
determining whether a network of an IP address of the user is (i) of a cellular network or a guest network, and (ii) whether the domain of the email service provider is a free or paid email service provider domain, and adding information related to the determined network and domain to the received dataset;
receiving, by the analytics engine from a storage medium, historical data relevant to the enriched dataset; and
mapping, by the analytics engine, at least one of (i) the IP address or (ii) the domain name of each user of a portion of the plurality of users to an organization based on the enriched dataset and the historical data.

US Pat. No. 10,893,020

DEVICE IDENTIFICATION SYSTEMS

PAYPAL, INC., San Jose, ...

1. A system comprising:one or more hardware processors and;
a non-transitory memory having stored thereon instructions that are executable by the one or more hardware processors to cause the system to perform operations comprising:
responsive to an indication that a particular user account has initiated a first electronic transaction via a first user device, accessing first device data of the first user device and user account data of the particular user account, wherein the first device data includes:
a first IPv6 network address of the first user device;
first hard link information corresponding to one or more hardware characteristics of the first user device; and
first soft link information corresponding to one or more changeable software settings of the first user device;
responsive to an indication that the particular user account has initiated a second electronic transaction via a second user device, accessing second device data of the second user device and the user account data of the particular user account, wherein the second device data includes:
a second IPv6 network address of the second user device;
second hard link information corresponding to one or more hardware characteristics of the first user device; and
second soft link information corresponding to one or more changeable software settings of the first user device;
determining a similarity of the second user device to the first user device based on a comparison of the first device data to the second device data, including:
a comparison of the first IPv6 network address to the second IPv6 network address;
a comparison of the first hard link information to the second hard link information; and
a comparison of the first soft link information to the second soft link information;
based on the similarity of the second user device to the first user device, calculating a transaction risk score for the second transaction; and
processing the second transaction based on the calculated transaction risk score.

US Pat. No. 10,893,019

ADDRESS MANAGEMENT METHOD AND APPARATUS

Huawei Technologies Co., ...

1. An address management apparatus, comprising:a non-transitory memory storage comprising instructions; and
a processor in communication with the non-transitory memory storage, wherein the processor executes the instructions to:
establish a communication connection to a network device based on a routing protocol;
receive, from the network device, a first address pool status message comprising first utilization information of each Internet Protocol (IP) address segment in an address pool of the network device;
determine, based on the first utilization information of the first address pool status message, that the address pool of the network device is in an address insufficient state, wherein the address insufficient state indicates that the utilization of each IP address segment in the address pool is greater than or equal to a first utilization;
send, to the network device, a first routing message using the communication connection according to the first address pool status message, wherein the first routing message carries a first IP address set, and wherein the first IP address set is assigned to the address pool;
receive, from the network device, a second address pool status message comprising second utilization information of each IP address segment in the address pool of the network device;
determine, based on the second utilization information of the second address pool status message, that the network device is in an address abundant state, wherein the address abundant state indicates that the address pool has an IP address segment whose utilization is less than or equal to a second utilization; and
send, to the network device, a second routing message using the communication connection, wherein the second routing message carries a second IP address set, and wherein the second IP address set is a to-be-recycled IP address set in the address pool.

US Pat. No. 10,893,018

SYSTEMS AND METHODS FOR AUTOMATIC INVENTORY AND DNS RECORD GENERATION

Level 3 Communications, L...

1. A network management system comprising:a network management device comprising a processor and a non-transitory computer readable medium storing instructions that, when executed by the processor, cause the network management device to:
receive, in response to transmitting a plurality of requests for response, a response from a responding network device of a network, wherein each request of the plurality of requests for response comprises a destination address included in a range of Internet Protocol (IP) addresses associated with the network;
transmit, based on the response from the responding network device, a request for information associated with the responding network device;
generate a unique device name for the responding network device;
update a domain name system (DNS) server with a DNS record associated with the responding network device, the DNS record comprising the unique device name and an IP address associated with the responding network device;
receive, via a user interface, an input identifying the unique device name;
transmit a DNS request to the DNS server for the IP address associated with the responding network device, the DNS request comprising the unique device name;
receive, via the DNS server, the IP address associated with the responding network device; and
transmit a communication to the responding network device in response to an alarm condition associated with the responding network device, the communication comprising a destination address field comprising the received IP address.

US Pat. No. 10,893,017

USE OF DNS INFORMATION AS TRIGGER FOR DYNAMIC IPV4 ADDRESS ALLOCATION

TIME WARNER CABLE ENTERPR...

1. A method comprising the steps of:obtaining, at a network address translation module of a gateway router, a request from a local host for a universal plug and play port mapping on Internet Protocol Version 4 (IPv4);
responsive to obtaining said request, sending, from said gateway router, into an infrastructure of an internet service provider, a request for an Internet Protocol Version 4 (IPv4) address for said gateway router; and
establishing an IPv4 connection between said gateway router and said infrastructure of said internet service provider using said address for said gateway router.

US Pat. No. 10,893,016

SYSTEMS AND METHODS FOR ELECTRONIC COMMUNICATION USING UNIQUE IDENTIFIERS ASSOCIATED WITH ELECTRONIC ADDRESSES

Events.com, Inc., La Jol...

1. A computer-implemented method for facilitating electronic communication using unique identifiers, the method comprising:establishing an electronic repository in which a plurality of unique identifiers are respectively associated with a corresponding plurality of profiles wherein a profile included within the plurality of profiles includes at least one of an email address, an instant messaging address and a phone number associated with the profile by a user and used for notifying the user of new messages;
executing, by a server system, a computer readable script to access electronic messages directed to one or more specific domain names and received at an email server from user devices wherein an electronic message included within the electronic messages has an address based upon at least one identifier of the plurality of unique identifiers;
determining the address is of a predefined address format specific to the plurality of unique identifiers;
storing message information included within the electronic message in association with the profile wherein the at least one identifier is associated with the profile and wherein the profile further includes user preferences relating to the notifying of the user; and
facilitating access to the message information in accordance with the profile wherein the facilitating access includes (1) sending, based on the user preferences, a notification relating to the electronic message to at least one of the email address, the phone number or the instant messenger address wherein the email address is associated with other than the one or more specific domain names and (2) forwarding, posting or providing, by the server system, the message information to at least one of a platform, messaging system or telephone system different from the server system.

US Pat. No. 10,893,015

PRIORITY TOPIC MESSAGING

ADP, LLC, Roseland, NJ (...

1. A computer-implemented method, comprising:subscribing a plurality of consumer message threads to each of a plurality of topics comprising a high-priority topic and a low-priority topic, wherein the low-priority topic is different from the high-priority topic;
initializing the high-priority topic and the low-priority topic as not-paused;
polling for an unread message from not-paused ones of the high-priority topic and the low-priority topic;
in response to a return of an unread message from the polling for an unread message from not-paused ones of the high-priority topic and the low-priority topic, pausing the low-priority topic and processing the returned unread message;
until determining that no new message is returned, iteratively repolling for new unread messages from not-paused ones of the high-priority topic and the low-priority topic and processing any new unread messages returned from each repolling, wherein the low-priority topic is paused during each repolling executed prior to determining that no new message is returned from the repolling;
in response determining that no new message is returned from a repolling of the iterative repolling, un-pausing the paused low-priority topic; and
polling for another unread message from the not-paused high-priority topic and the un-paused low-priority topic.

US Pat. No. 10,893,014

INFORMATION PROCESSING APPARATUS, INFORMATION PROCESSING METHOD, AND NON-TRANSITORY COMPUTER READABLE MEDIUM

FUJI XEROX CO., LTD., To...

1. An information processing apparatus comprising:a controller configured to function as a plurality of programmed units comprising an acquisition unit configured to acquire input information including (i) information on a user and (ii) information that the user conveys to an interaction partner, wherein the controller is configured to generate response information corresponding to the input information and to control transmission of the response information and the input information to an external device, wherein the response information comprises moving image data, the external device is a computer connected to a display, and the computer reproduces the moving image data on the display,
wherein the interaction partner comprising an automatic response artificial intelligence (AI), and the response information further corresponding to characteristics and condition of the user,
wherein in condition where the external device cannot edit the moving image data to be compatible with an information conveyance medium of the external device, the interaction partner notifies the user using another information conveyance medium of the external device suitable for notifying the response information.

US Pat. No. 10,893,013

RECIPIENT NOTIFICATION OF ELECTRONIC MESSAGE GENERATED BY VOICE-TO-TEXT ENGINE

1. A method of notifying a recipient of an electronic message that the message was produced via a voice-to-text engine, said method comprising:accessing text output data produced by the voice-to-text engine;
adding at least one voice-to-text notification symbol to the text output data to form the electronic message; and
after said step of adding, providing the electronic message to a messaging engine;
wherein the messaging engine sends the electronic message via a communication network to the recipient, and the at least one symbol perceptively indicates to the recipient that the electronic message was produced via the voice-to-text engine and is transcription error prone.

US Pat. No. 10,893,012

CONTEXT AWARE METADATA-BASED CHAT WIZARD

ADP, LLC, Roseland, NJ (...

1. A method for digitally performing a human resources operation on a mobile device, the method comprising:identifying, by a computer system, a mobile context of a chat message received from a mobile application executing on the mobile device;
determining, by the computer system, a human resources operation intended by the chat message, wherein the determination is based in part on the mobile context;
identifying, by the computer system, a business rule corresponding to the human resources operation, wherein the business rule comprises a plurality of linked metadata objects forming an abstract syntax tree interpreter;
interpreting, by the computer system, the plurality of linked metadata objects to implement the business rule within the mobile context;
performing, by the computer system, the human resources operation according to the business rule;
identifying a chat flow corresponding to the human resources operation, wherein the chat flow comprises a set of associated metadata objects linked to the abstract syntax tree interpreter;
interpreting the set of associated metadata objects to generate the first set of chat messages;
parsing, by the computer system, the plurality of linked metadata objects within the mobile context; and
dynamically generating, by the computer system, the abstract syntax tree interpreter from the plurality of linked metadata objects.

US Pat. No. 10,893,011

SEMANTIC INTERFACE DEFINITION LANGUAGE FOR ACTION DISCOVERY IN CLOUD SERVICES AND SMART DEVICES

Gluru Limited

1. A computer-implemented method comprising:receiving a message from a first source among a plurality of sources, each of the plurality of sources defining one or more action discovery queries according to a semantic interface definition language;
processing the message into a predefined set of structured fields according to the semantic interface definition language;
generating a trigger event from the message, the trigger event having one or more parameters defined by the semantic interface definition language;
determining whether an action discovery query (ADQ) in the set of action discovery queries associated with the plurality of sources includes a parameter that can be bound to a matching parameter in the trigger event based on the predefined set of structured fields of the semantic interface definition language;
in response to determining the action discovery query includes a parameter that can be bound to a matching parameter in the trigger event, binding the parameter in the trigger event to the matching parameter of the action discovery query;
in response to determining the action discovery query includes a parameter that cannot be bound to a matching parameter in the trigger event, determining whether the parameter that cannot be bound to a matching parameter in the trigger event can be bound to a matching parameter in a knowledge base; and
in response to determining the parameter that cannot be bound to a matching parameter in the trigger event can be bound to a matching parameter in a knowledge base, binding the parameter in the knowledge base to the matching parameter of the action discovery query.

US Pat. No. 10,893,010

MESSAGE FILTERING IN A VEHICLE BASED ON DYNAMICALLY DETERMINING SPARE ATTENTION CAPACITY FROM AN OVERALL ATTENTION CAPACITY OF AN OCCUPANT AND ESTIMATED AMOUNT OF ATTENTION REQUIRED GIVEN CURRENT VEHICLE OPERATING CONDITIONS

Amazon Technologies, Inc....

1. A system comprising one or more computing devices configured to:store profile information for a plurality of vehicle occupants or groups of occupants;
store historical driving records for the plurality of vehicle occupants or groups of occupants;
receive information related to operation of a vehicle or conditions within which the vehicle is operating;
determine an overall attention capacity of an occupant of the vehicle based on the stored profile information, wherein the stored profile information comprises a profile for the occupant or a group of occupants to which the occupant belongs;
determine an estimated amount of attention required by the occupant for operation of the vehicle for current conditions within which the vehicle is operating based on the stored historical driving records and the received information, wherein the historical driving records comprise historical driving records for the occupant or a group of occupants to which the occupant belongs;
monitor for one or more messages directed to the occupant of the vehicle;
determine an estimated amount of spare attention capacity of the occupant of the vehicle to receive the one or more messages directed to the occupant of the vehicle, wherein the estimated amount of spare attention capacity represents a difference between the overall estimated attention capacity of the occupant of the vehicle and the estimated amount of attention required of the occupant of the vehicle for operation of the vehicle given current conditions within which the vehicle is operating; and
provide the determined estimated amount of spare attention capacity to an application for use in dynamic filtering of the one or more messages, wherein the application filters the one or more messages such that an amount of information from the one or more messages presented to the occupant of the vehicle does not exceed a current amount of spare attention capacity of the occupant of the vehicle to receive the one or more dynamically filtered messages.

US Pat. No. 10,893,009

EMAIL FRAUD PREVENTION

eTorch Inc., Chicago, IL...

1. A system comprising:processing circuitry, storage circuitry, and networking circuitry of a mail transfer agent,
wherein:
the storage circuitry holds a database;
the networking circuitry is operable to receive, via a network connection, an email message;
the processing circuitry is operable to analyze the email message to detect an image present in the email message; and
the processing circuitry is operable to:
determine, based on one or more records of the database, that the detected image is associated with a particular brand; and
process the email message based on whether one or more characteristics of the email message are associated with the particular brand in the database.

US Pat. No. 10,893,008

SYSTEM AND METHOD FOR GENERATING AND COMMUNICATING COMMUNICATION COMPONENTS OVER A MESSAGING CHANNEL

Koopid, Inc, San Ramon, ...

1. A method for generating and communicating communication components over a messaging channel, said method comprising:incorporating a structured micro block that collects strongly typed information from a user as a part of a conversation in said messaging channel, wherein said structured micro block is presented based on said conversation in a form of unstructured natural language between the user and an agent for incorporating said structured micro block as said part of said conversation in said messaging channel, wherein said structured micro block comprises a set of data elements and visual representations of said set of data elements, wherein said structured micro block is strongly typed;
generating a structured workflow by interleaving said structured micro block with said unstructured natural language; and
communicating said structured workflow over said messaging channel for enabling said user to perform one or more operations, wherein a previous state of a conversation history is presented at a later time in said messaging channel based on (a) a Uniform Resource Locator (URL) of said structured micro block, and (b) data corresponding to said structured micro block, wherein a database that stores one or more structured micro blocks along with data entered into said one or more structured micro blocks and retrieves said one or more structured micro blocks along with said data entered into said one or more structured micro blocks to present to said user at said later time.

US Pat. No. 10,893,007

ANSWER MESSAGE RECOMMENDATION METHOD AND DEVICE THEREFOR

SAMSUNG ELECTRONICS CO., ...

1. An electronic device, comprising:a display;
a communicator comprising a circuit; and
a processor configured to:
based on receiving a question message from another electronic device through the communicator, acquire at least one keyword included in a message that is exchanged with the another electronic device;
acquire a recommendation image includible in an answer message for the question message based on the at least one acquired keyword;
obtain the answer message for the question message based on the acquired recommendation image; and
control the communicator to transmit the obtained answer message to the another electronic device.

US Pat. No. 10,893,006

SYSTEM AND METHOD FOR IMPLEMENTING VIRTUAL PLATFORM MEDIA ACCESS CONTROL (MAC) ADDRESS-BASED LAYER 3 NETWORK SWITCHING

CenturyLink Intellectual ...

1. A method, comprising:receiving, at a network node in a network, a data packet having a header comprising a media access control (“MAC”) destination address, wherein the MAC destination address is associated with a destination network node that is the destination of the data packet;
routing, with the network node, the data packet over open systems interconnection (“OSI”) model layer 3 or network layer of the network using the MAC destination address in the header of the data packet, wherein the data packet is routed toward the destination network node associated with the MAC destination address based on the MAC destination address in the header of the packet;
receiving, at the network node, a data frame having a header comprising a second MAC destination address that is the same as the MAC destination address in the header of the data packet; and
routing, with the network node, the data frame over OSI model layer 2 or data link layer of the network, using the same MAC destination address in the header of the data frame, wherein the data frame is routed toward the destination network node associated with the same MAC destination address based on the same MAC destination address in the header of the data frame.

US Pat. No. 10,893,005

PARTIAL RECONFIGURATION FOR NETWORK-ON-CHIP (NOC)

XILINX, INC., San Jose, ...

1. A method for operating an integrated circuit, the method comprising:configuring a Network-on-Chip (NoC) on the integrated circuit;
communicating between subsystems on the integrated circuit via the NoC;
partially reconfiguring the NoC, wherein a first subset of the NoC is reconfigured during the partial reconfiguration of the NoC, and a second subset of the NoC is capable of continuing to pass communications uninterruptedly during the partial reconfiguration of the NoC;
partially reconfiguring a programmable subsystem on the integrated circuit to instantiate an application on the programmable subsystem, wherein partially reconfiguring the programmable subsystem is concurrent with the partial reconfiguration of the NoC; and
after the partial reconfiguration of the NoC, communicating between two or more of the subsystems via the first subset of the NoC.

US Pat. No. 10,893,004

CONFIGURABLE DETECTION OF NETWORK TRAFFIC ANOMALIES AT SCALABLE VIRTUAL TRAFFIC HUBS

Amazon Technologies, Inc....

1. A system, comprising:one or more computing devices of a packet processing service;
wherein the one or more computing devices include instructions that upon execution on or across one or more processors cause the one or more computing devices to:
programmatically attach a plurality of isolated networks, including a first isolated network and a second isolated network, to a virtual traffic hub established on behalf of a client of the packet processing service, wherein the virtual traffic hub comprises one or more action implementation nodes and one or more decision master nodes, wherein individual ones of the action implementation nodes implement one or more routing actions on network packets received at the virtual traffic hub, wherein the one or more routing actions are generated at the one or more decision master nodes;
determine that anomalous sequencing metrics are to be collected with respect to at least a first flow of packets processed at the virtual traffic hub, wherein at least some packets of the first flow originate at the first isolated virtual network;
compare, at the one or more action implementation nodes, (a) a respective expected sequence indicator for one or more packets of the first flow with (b) a respective actual sequence indicator of the one or more packets;
perform, at the one or more action implementation nodes, one or more of the routing actions generated at the one or more decision master nodes on the one or more packets of the first flow, resulting in a transmission of corresponding packets to one or more destinations, wherein at least some destinations of the one or more destinations are in the second isolated network; and
cause an indication of a detected anomalous packet sequence of the first flow to be provided to the client via a programmatic interface, wherein the anomalous packet sequence is detected at least in part using the comparison of the expected sequence indicators and the actual sequence indicators.

US Pat. No. 10,893,003

METHOD AND APPARATUS FOR IMPROVED DATA TRANSFER BETWEEN PROCESSOR CORES

1. An interconnect apparatus configured to communicate data packets through a network, the data packets arranged in a plurality of sub-packets, including an address sub-packet that identifies a target processing core for receiving a data packet, the interconnect apparatus comprising a Data Vortex switch on a chip, and an array of processing cores on said chip same as the Data Vortex chip,wherein the Data Vortex switch receives data from an external source and the array of processing cores receives data from the Data Vortex switch.

US Pat. No. 10,893,002

UNIVERSAL RADIO FREQUENCY ROUTER WITH AN AUTOMATIC GAIN CONTROL

Evertz Microsystems Ltd.,...

1. A radio frequency (RF) router comprising:a controller;
an input stage comprising:
a plurality of RF input terminals, wherein each RF input terminal is configured to receive an incoming RF signal;
a pre-processing circuit coupled to each RF input terminal and the controller, the pre-processing circuit configured to process the incoming RF signal to generate a pre-processed RF signal based on a first signal from the controller; and
an input processor coupled to each pre-processing circuit and the controller, the input processor being configured to process the pre-processed RF signal by applying a power level adjustment to the corresponding pre-processed RF signal based on a second signal from the controller to generate a processed input RF signal;
an intermediate stage comprising a plurality of intermediate switch matrices coupled to the controller, each intermediate switch matrix being coupled to each input processor, the plurality of intermediate switch matrices being configured to route a plurality of intermediate RF signals; and
an output stage having:
a plurality of output processors coupled to the controller, each output processor being configured to receive an output RF signal, the output RF signal being associated with at least one input processor, and to process the output RF signal to generate a processed output RF signal by adjusting, based on a third signal from the controller, a power level of the output RF signal to compensate for the power level adjustment applied at the associated at least one input processor.

US Pat. No. 10,893,001

METHOD FOR COORDINATING ACCESS TO A RESOURCE OF A DISTRIBUTED COMPUTER SYSTEM, COMPUTER SYSTEM AND COMPUTER PROGRAM

TECHNISCHE UNIVERSITAT BR...

1. A method for coordinating access to a resource of a distributed computer system which has a plurality of distributed subscriber stations,wherein there are at least two subscriber stations of said plurality of distributed subscriber stations which each have
at least one computer,
at least one resource of the distributed computer system,
at least one resource manager configured to manage resources of the distributed computer system which are assigned to said at least one resource manager, and
at least one internal communication medium via which the at least one computer,
wherein the at least one resource and the at least one resource manager are coupled inside a subscriber station of the at least two subscriber stations for the purpose of communicating data,
wherein the at least two subscriber stations are coupled to one another for the purpose of communicating the data via at least one external communication medium,
wherein additional resources and/or resource managers of the distributed computer system can be coupled to the external communication medium, comprising:a) a requester wishing to access a desired resource, which may be a resource beyond one or more of the at least two subscriber stations of the requester, transmits a connection request having parameters for establishing an end-to-end communication connection between the requester and the desired resource to the at least one resource manager assigned to said requester or to another resource manager of the distributed computer system,b) the at least one resource manager which receives the connection request transmits, at least when the connection request relates, as the desired resource, to an external resource which is not managed by the at least one resource manager which receives the connection request, requests to establish the desired end-to-end communication connection to at least one other resource manager of the distributed computer system,c) if the desired end-to-end communication connection to the external resource can be established, the desired resource is reserved by the at least one resource manager managing the desired resource according to the parameters of the connection request and the a least one resource manager managing the desired resource signals to the requester that the desired end-to-end communication connection can be established,d) on the request of the requester, the at least one resource manager managing the desired resource according to the parameters of the connection request and the a least one resource manager managing the desired resource signals to the requester that the desired end-to-end communication connection can be established then cooperatively establish the desired end-to-end communication connection according to the reservation, ande) the requester accesses the desired resource via the end-to-end communication connection which has been established.

US Pat. No. 10,893,000

DIAGONAL SCALING OF RESOURCE ALLOCATIONS AND APPLICATION INSTANCES IN A DISTRIBUTED COMPUTING ENVIRONMENT

INTERNATIONAL BUSINESS MA...

1. A method for increasing resource allocations and application instances in diagonal scaling in a distributed computing environment, by at least one processor, comprising:tracking resource consumption of each currently executing one of a plurality of application instances of a same application program;
comparing the tracked resource consumption to resource allocations of each one of the plurality of application instances; and
for each one of a plurality of resource increase operations, computing and applying a resource increase operation to an associated application instance of the plurality of application instances, the resource increase operation applied when a resource increase can be accommodated on a host running the associated application instance and an increase limit associated with the associated application instance for the resource has not been reached, thereby optimizing application efficiency and resource utilization in the distributed computing environment; wherein the increase limit comprises a resource limit of a specific resource allocated to a specific one of the plurality of application instances, the increase limit determined by considering resource availability of the specific resource and application priorities of the specific one of the plurality of application instances notwithstanding whether the specific instance of the currently executing one of the plurality of application instances has a specified differing priority than an alternative instance of the currently executing one of the plurality of application instances of the same application program.

US Pat. No. 10,892,999

DETECTION OF HARDWARE ASSISTANCE FOR AN OVERLAY NETWORK

Amazon Technologies, Inc....

1. A system, comprising:at least one processor;
at least one memory device including a data store to store a plurality of data and instructions that, when executed, cause the system to:
identify, at an agent running on a host computer, that the host computer is running in a virtual network in a service provider environment;
receive, at the agent running on the host computer, an assistance identifier that is assigned to a gateway of the virtual network in the service provider environment;
detect, at the agent running on the host computer, that the assistance identifier assigned to the gateway uses a predefined format;
determine, at the agent running on the host computer and based on the assistance identifier using the predefined format, that the virtual network is included in a hardware assisted overlay network operating in the service provider environment; and
initiate, at the agent running on the host computer, a hardware assisted function that uses hardware resources accessible to the hardware assisted overlay network.

US Pat. No. 10,892,998

ADAPTIVE THROTTLING FOR SHARED RESOURCES

Amazon Technologies, Inc....

1. A computer-implemented method, comprising:allocating use credits to a first user based, at least in part, on a number of input/output (I/O) operations to be performed by the first user;
receiving a request, from the first user, to perform an I/O operation;
determining the number of credits allocated to the first user is sufficient to perform the I/O operation;
determining a first value for a performance parameter of a network resource, the first value being selected from a plurality of monitored metrics, the first value determined at least in part on a highest normalized value of the plurality of monitored metrics;
determining a second value for the second performance parameter of a network resource, the second value being different from the first value and selected from the plurality of monitored metrics:
determining a first adjustment to a credit replenishment rate, based on the first value, is larger than a second adjustment to the credit replenishment rate, based on the second value; and
adjusting the credit replenishment rate for the first user, based at least in part on the second value.

US Pat. No. 10,892,997

SCHEDULING OF DATA FLOW TRANSMISSION IN A DATA CENTER

Telefonaktiebolaget LM Er...

1. A method of scheduling transmission of a data flow in a data center network comprising a plurality of network nodes and links, the method comprising, at a network controller:receiving a transmission request for a data flow,
obtaining a tolerated time interval for the data flow,
scheduling transmission of the data flow within the tolerated time interval and without contention with one or more other scheduling transmissions on the data center network, wherein scheduling transmission of the data flow comprises:
determining whether at least starting time exists within the tolerated time interval for which the data flow may be transmitted as a single block without contention with the one or more other scheduling transmissions on the data center network;
transmitting the data flow at the first acceptable starting time when at least one starting time is determined to exist within the tolerated time interval for which the data flow may be transmitted as a single block without contention with the one or more other scheduling transmissions on the data center network; and
enabling a client server to segment the data flow into macro time slots when at least one starting time is determined to not exist within the tolerated time interval for which the data flow may be transmitted as the single block without contention with the one or more other scheduling transmissions on the data center network, and
scheduling the transmission of data flow such that the data flow or segments of the data flow are separated by one or more guard periods from another data flow on the data center network, wherein the data flow is a high bandwidth flow, wherein the high bandwidth data flow is a data flow with a bandwidth requirement greater than a threshold, wherein the guard period is dimensioned to allow for transmission of low bandwidth flows, wherein a low bandwidth flow is a data flow with a bandwidth below the threshold.

US Pat. No. 10,892,996

VARIABLE LATENCY DEVICE COORDINATION

Apple Inc., Cupertino, C...

1. A non-transitory computer-readable storage medium storing one or more programs, the one or more programs comprising instructions, which when executed by one or more processors of an electronic device, cause the electronic device to:detect, with a first process, an event associated with an audio input;
in accordance with a detection of the event, determine a first delay value associated with the electronic device, wherein the first delay value corresponds to a time required to determine, with a second process, whether the audio input includes a spoken trigger;
in accordance with a determination that the first delay value exceeds a predetermined threshold:
broadcast the first delay value during a first advertising session; and
determine, during a second advertising session, whether the electronic device is to respond to the audio input;
in accordance with a determination that the first delay value does not exceed a predetermined threshold, determine, during the first advertising session, whether the electronic device is to respond to the audio input or wait for the second advertising session.

US Pat. No. 10,892,995

SURGICAL NETWORK DETERMINATION OF PRIORITIZATION OF COMMUNICATION, INTERACTION, OR PROCESSING BASED ON SYSTEM OR DEVICE NEEDS

Ethicon LLC, Guaynabo, P...

1. A surgical hub within a surgical hub network comprising:a controller comprising a processor, wherein the controller is configured to determine a priority of a communication, an interaction, or a processing of information during a surgical procedure based on a requirement of a system or a surgical device used during the surgical procedure in communication with the surgical hub,
wherein the controller comprises a default configuration to:
assign a highest priority of the communication, the interaction, or the processing of information to monitoring a patient status;
assign a second highest priority of the communication, the interaction, or the processing of information to communication of the surgical device with the surgical hub; and
assign a third highest priority of the communication, the interaction, or the processing of information to communication with a second surgical hub within the surgical hub network.

US Pat. No. 10,892,994

QUALITY OF SERVICE IN VIRTUAL SERVICE NETWORKS

VMWARE, INC., Palo Alto,...

1. A method for enforcing Quality of Service (“QoS”) in a Virtual Service Network (“VSN”), comprising:defining, in a virtual layer, bandwidth values for each slice;
weighting a first slice based on its bandwidth value relative to the bandwidth values of the other slices;
receiving packets at a physical switch having ingress ports and egress ports;
placing the packets into a slice-based pool having ingress queues, the ingress queues each corresponding to a slice in the VSN, wherein an agent running on the physical switch places the packets into the ingress queues based on slice classifications of the packets, wherein a first packet is classified differently than a second packet;
routing the packets from the ingress queues to egress queues for the egress ports, the egress queues corresponding to the slices in the VSN; and
forwarding the packets from the egress queues according to a policing algorithm, wherein the first packet is sent before the second packet based on having a prioritized slice classification, the prioritized slice classification being based on the weight of the first slice.

US Pat. No. 10,892,993

QOS INFORMATION CONTROL METHOD AND APPARATUS

Samsung Electronics Co., ...

1. A method of a terminal for controlling quality of service (QoS) information, the method comprising:obtaining an uplink (UL) data packet;
identifying a traffic type of the UL data packet;
in case that QoS control is required for a service flow based on the traffic type, transmitting, to a network device, the uplink (UL) data packet, and first QoS support information, wherein the first QoS support information includes a QoS support policy of the terminal and a request to indicate whether a QoS control is supported at the network device;
receiving at least one packet from the network device;
in case that a downlink (DL) data packet included in the at least one packet corresponds to the UL data packet, identifying at least one second QoS support information of the network device or an other network device included in the at least one packet; and
performing transmission or reception of at least one data packet based on the at least one second QoS support information.

US Pat. No. 10,892,992

LOAD BALANCING

Hewlett Packard Enterpris...

1. In a network switching device, a method to load balance network traffic flows across links of the device, the method comprising, by a processing resource:identifying a flow of the network traffic flows as an elephant flow;
in response to identifying the flow as an elephant flow, collecting remote utilization information for the flow, wherein the remote utilization information for the flow is received from a second device remote from the network switching device;
recomputing a path for the flow based on local utilization information and the collected remote utilization information; and
sending the flow along the recomputed path.

US Pat. No. 10,892,991

RESILIENT HASHING WITH MULTIPLE HASHES

ARISTA NETWORKS, INC., S...

1. A method of packet forwarding comprising:maintaining, by a network device, a first hash table comprising mappings between a first set of hash indices and a set of bit values, wherein for each mapping in the first hash table:
the mapping's hash index corresponds to one of a group of next-hop destinations to which network packets received by the network device may be transmitted, and
the mapping's bit value indicates whether the mapping's hash index corresponds to an active or inactive next-hop destination;
maintaining, by the network device, a second hash table comprising mappings between a second set of hash indices and active next-hop destinations in the group of next-hop destinations;
receiving, by the network device, a network packet;
computing, by the network device, a first hash value using a portion of the network packet and a first hash function;
matching, by the network device, the first hash value to a first mapping in the first hash table based on the first mapping's hash index; and
when the first mapping's bit value indicates that the first mapping's hash index corresponds to an active next-hop destination:
matching, by the network device, the first hash value to a second mapping in the second hash table based on the second mapping's hash index; and
sending, by the network device, the network packet to the second mapping's active next-hop destination.

US Pat. No. 10,892,990

SYSTEMS AND METHODS FOR TRANSMITTING DATA TO A REMOTE STORAGE DEVICE

Veritas Technologies LLC,...

1. A computer-implemented method for transmitting data to a remote storage device, at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising:selecting, by a computing device, a bucket of a hash table for a data packet, wherein the data packet includes a sequence number that indicates an order of the data packet in a set of data packets and is unique in the bucket of the hash table;
periodically incrementing, by the computing device, a current generation number maintained by the computing device to indicate an interval of time for transmission of data packets;
adding, by the computing device, a generation number to the data packet to indicate the interval of time during which the data packet is transmitted, wherein the generation number corresponds to the current generation number and is shared by at least one other data packet in the bucket of the hash table to indicate that the other data packet is also transmitted during the interval of time;
transmitting, by the computing device, the data packet to a remote storage device during the interval of time;
adding, by the computing device, the data packet to a send-list of the bucket;
receiving, by the computing device from the remote storage device, an acknowledgement packet for the data packet;
determining that another generation number of the acknowledgement packet corresponds to the generation number of the data packet in the send-list; and
removing the data packet from the send-list of the bucket in response to the determining.

US Pat. No. 10,892,989

TUNNEL-BASED SERVICE INSERTION IN PUBLIC CLOUD ENVIRONMENTS

VMWARE, INC., Palo Alto,...

1. A method for a network device to perform tunnel-based service insertion in a public cloud environment, the method comprising:establishing a tunnel between the network device and a service path;
in response to receiving, from a virtualized computing instance, a first encapsulated packet that includes an inner packet and a first outer header that is addressed to the network device:
based on one or more characteristics of the inner packet, identifying the service path specified by a service insertion rule;
generating a second encapsulated packet that includes the inner packet and a second outer header that is addressed to the service path; and
sending the second encapsulated packet over the tunnel to cause the service path to process the inner packet according to one or more services;
generating and sending a route advertisement over the tunnel to the service path to cause the service path to send, to the network device via the tunnel, a third encapsulated packet that includes the inner packet processed by the service path; and
in response to receiving, from the service path via the tunnel, the third encapsulated packet that includes the inner packet processed by the service path:
sending the inner packet processed by the service path, or a fourth encapsulated packet that includes the inner packet processed by the service path, towards a destination address of the inner packet.

US Pat. No. 10,892,988

METHODS AND APPARATUS FOR DIRECT ROUTING BETWEEN NODES OF NETWORKS

Sonos, Inc., Santa Barba...

1. A first playback device comprising:at least one processor;
a non-transitory computer-readable medium; and
program instructions stored on the non-transitory computer-readable medium that, when executed by the at least one processor, cause the first playback device to perform functions comprising:
configuring the first playback device to operate according to a bridge table defined by a spanning tree protocol for a mesh network, wherein the bridge table identifies one or more reachable nodes, wherein the one or more reachable nodes include a second playback device, and wherein the bridge table identifies a first communication path between the first playback device and the second playback device;
identifying the second playback device as a destination node of data;
determining that a second communication path between the first playback device and the second playback device is available, wherein the bridge table identifies that the second communication path is blocked;
comparing a communication characteristic of the first communication path to a quality threshold; and
based on comparing the communication characteristic of the first communication path to the quality threshold, overriding the bridge table and transmitting the data to the second playback device via the second communication path.

US Pat. No. 10,892,987

SEGMENT ROUTING NETWORK PROCESSING OF PACKETS INCLUDING PACKETS HAVING A SEGMENT IDENTIFIER STRUCTURE PROVIDING PROCESSING AND/OR MEMORY EFFICIENCIES

Cisco Technology, Inc., ...

1. A method, comprising:forming a particular segment routing (SR) packet by a particular router in a network, with said forming including generating one or more complete segment identifiers, with each of said one or more complete segment identifiers being an Internet Protocol (IP) address; and
sending from the particular router into the network, the particular SR packet including said one or more complete segment identifiers;
wherein said generating each particular complete segment identifier of said one or more complete segment identifiers includes independently retrieving from non-consecutive memory locations and combining a corresponding segment routing discriminator with a corresponding dynamic segment routing identifier portion; and wherein the corresponding dynamic segment routing identifier portion includes a SR node value and a SR function value, with the SR node value stored in higher-order bits than the SR function value in said retrieved corresponding dynamic segment routing identifier portion, and with the SR function value identifying corresponding segment routing processing to be performed by a corresponding router identified based on the SR node value.