US Pat. No. 10,972,638

GLARE CORRECTION IN SENSORS

Zoox, Inc., Foster City,...

1. A system comprising:a time-of-flight sensor configured to generate data based on light received at a receiver of the time-of-flight sensor;
one or more processors; and
memory storing processor-executable instructions that, when executed by the one or more processors, configure the system to:
receive sensor data from the time-of-flight sensor, the sensor data comprising an intensity image including intensity pixels having measured intensities of one or more surfaces sensed by the time-of-flight sensor and a depth image including depth pixels having measured depths of the one or more surfaces;
determine, based at least in part on at least one of the intensity image or the depth image, a glare region, the glare region comprising a subset of the intensity pixels and a subset of the depth pixels;
determine, based at least in part on a measured intensity value associated with a first intensity pixel in the glare region, a glare intensity;
determine, based at least in part on a measured depth value associated with a first depth pixel in the glare region, a glare depth;
generate corrected data comprising a corrected depth image associating the depth pixels with corrected depth values of the one or more surfaces, the corrected depth values being determined based at least in part on the measured intensity values, the glare intensity, the measured depth values, and the glare depth; and
determine, based at least in part on the corrected data, information about an object in an environment of the time-of-flight sensor.

US Pat. No. 10,972,637

SYSTEMS AND METHODS FOR SYNCHRONIZING SENSOR CAPTURE

Lyft, Inc., San Francisc...

1. A method comprising, by a computing device of a first sensor:receiving synchronization information from a controller, the synchronization information being generated based on a clock of the controller;
determining, based on the synchronization information, a first offset between a first clock of the first sensor and the clock of the controller;
storing the first offset at a synchronization table of the first sensor, wherein the synchronization table converts timing information generated relative to the clock of the controller to first timing information generated relative to the first clock of the first sensor; and
performing, based on the stored first offset and the first timing information, a first data capture by the first sensor synchronized with a second data capture by a second sensor, the first data capture and the second data capture being requested by the controller.

US Pat. No. 10,972,636

PRECISION TIMING FOR BROADCAST NETWORK

GRASS VALLEY CANADA, Mon...

1. A system for timing synchronization of audio video (AV) data, the system comprisinga receiver configured to receive an AV stream with a plurality of data packets having the AV data and each being encoded with a time marker that is indexed to a precision time protocol (PTP) time stamp used as a time reference for a media stream network;
a timing module configured to determine a phase of the AV data based on the time marker in each respective data packet to align the phase of the AV data with the time reference for the media stream network;
a controller configured to determine a system offset value based on a worst case absolute phase offset value of the AV data and set a media buffer based on the determined system offset value to prevent overflow of the AV data;
wherein the controller is configured to determine a frequency of the AV data based on the time marker;
wherein the controller is configured to detect a phase offset value of the AV data based on an absolute reference value of the time marker to determine the worst case absolute phase offset value;
wherein the AV data comprises a plurality of different types of media streams, the time marker comprises a plurality of time markers, and the controller is configured to detect a plurality of different phase offset values for each of the plurality of different types of media streams of the AV data based on absolute reference values of the plurality of time markers.

US Pat. No. 10,972,635

SYNCHRONIZING WIRELESS SENSOR DATA AND VIDEO

MYRIAD SENSORS, INC., Mo...

1. A computer-implemented method for synchronizing and simultaneously playing sensor data and video frame data, the method comprising:receiving, at a computing device, input indicating a selection of a particular timestamp value from a plurality of timestamp values, and a selection of a particular timestamp range that starts at the particular timestamp value;
sending, from the computing device to a multi-sensor device, a configuration request comprising both: a frequency configuration information specifying a frequency at which sensor data is to be received from the multi-sensor device, and a datapoints types configuration information specifying types of data is to be received from the multi-sensor device; wherein the frequency configuration information is different than the datapoints types configuration information;
receiving, at the computing device, from the multi-sensor device, a data point set that includes a plurality of data points, of the one or more types, that have been captured during the particular timestamp range;
generating a first graphical representation of the data point set;
receiving a video frame set that includes a plurality of video frames that have been captured during the particular timestamp range;
generating a second graphical representation of the video frame set;
receiving placement configuration data for the first graphical representation and the second graphical representation;
based on the placement configuration data, adjusting relative sizes and placements of displays of the first graphical representation and the second graphical representation;
synchronizing playing contents of the first graphical representation with playing contents of the second graphical representation by queueing the first graphical representation and the second graphical representation at the particular timestamp value and by playing their respective contents from the particular timestamp value and over the particular timestamp range.

US Pat. No. 10,972,634

COLOR CALIBRATION ALGORITHM

Twine Solutions Ltd.

1. A method for calibrating a dispensing rate for a dyeing machine, the method comprising:for each of multiple ink channels of a dyeing machine:
performing a maximizing stage, comprising determining an effective maximum ink dispensing rate corresponding to an effective maximum colorimetric value for said dyeing machine;
performing a linearizing stage, comprising:
determining multiple ink dispensing rates for said linearizing stage by dividing said effective maximum ink dispensing rate into multiple intervals;
calculating a linear correspondence between said multiple ink dispensing rates and multiple measured colorimetric values;
dyeing a first set of substrates according to said multiple ink dispensing rates,
acquiring color values of said dyed first set of substrates;
building a non-linear correspondence between said multiple ink dispensing rates and said acquired color values; and
mapping said linear correspondence to said non-linear correspondence.

US Pat. No. 10,972,633

IMAGE FORMING APPARATUS, METHOD FOR CONTROLLING IMAGE FORMING APPARATUS, AND STORAGE MEDIUM

Canon Kabushiki Kaisha, ...

1. An information processing apparatus comprising:a memory device that stores instructions; and
one or more processors that executes the instructions to:
perform first login processing of one user to the information processing apparatus based on identification information corresponding to the one user; and
perform second login processing of the one user to the information processing apparatus based on selection of one of object from among a plurality of objects displayed on a display of the information processing apparatus, wherein the one object is associated with the one user and the other of the plurality of objects are associated with other users;
wherein the first login processing based on identification information is performed by reading the identification information from an external storage medium at least while the objects are being displayed on the display, and
wherein each of the objects are associated with individual user information.

US Pat. No. 10,972,632

INFORMATION PROCESSING APPARATUS WITH VOICE PRINT AUTHENTICATION AND PROGRAM

Konica Minolta, Inc., To...

1. An information processing apparatus in which voice operation is enabled, the information processing apparatus comprising:a voice input device that accepts voice input for voice operation; and
a hardware processor that:
sets an inputted condition as a job;
identifies a content of voice operation on the basis of a voice inputted to the voice input device, and reflects the content of the voice operation in setting of the job;
returns the job set by the hardware processor to an initial setting condition in a case where a predetermined time has elapsed;
identifies a user by performing voice print authentication each time a voice is inputted to the voice input device; and
changes a time until a setting condition of the job is returned to the initial setting condition by the hardware processor, between a case where a user who has uttered the voice inputted to the voice input device is changed in the voice print authentication and a case where the user is not changed in the voice print authentication.

US Pat. No. 10,972,631

APPARATUS FOR APPLYING COATING TO NAILS

PREEMADONNA, INC., Sunny...

1. A system to point a target, the system, comprising:a display configured to display an image of the target;
an applicator to apply a coating onto the target;
a processor operably coupled to the display and the applicator,
wherein the applicator is coupled to a coating reservoir;
an imaging system coupled to the display and the processor, the imaging system being operable to acquire the image of the target to be painted; wherein:
the system receives authorization to use the coating reservoir;
wherein, the authorization is received from a point of sale of the coating reservoir;
further wherein, the coating reservoir optionally includes an authentication system to prevent use of an unlicensed reservoir.

US Pat. No. 10,972,630

METHOD FOR FLATTENING LASER-BASED IMAGE OF CURVED BOOK PAGE

DALIAN CZUR TECH CO., LTD...

1. A method for flattening a laser-based image of a curved book page, comprising:placing an opened book on a scanning platform that is horizontally arranged, and emitting a laser beam to a curved book page, wherein the laser beam forms a plurality of parallel laser lines on the curved book page;
acquiring a horizontal image of the curved book page having the plurality of parallel laser lines, and acquiring a 2D planar coordinate (x, y) of each pixel on each of the plurality of parallel laser lines in the horizontal image;
calculating an actual spatial height of a pixel on one of the plurality of parallel laser lines according to a tangent function using a y-coordinate of an intersection line of the laser beam and the scanning platform, and an intersection angle of the laser beam and the scanning platform;
repeating the calculating step for all pixels on each of the plurality of parallel laser lines to obtain the actual spatial heights of all pixels on each laser line;
constructing a 3D spatial curve for each of the plurality of parallel laser lines;
constructing a 3D curved surface of the acquired book page using the 3D spatial curves for all of the plurality of parallel laser lines;
associating pixels on the 3D curved surface with pixels in the horizontal image of the curved book page;
replacing a pixel value of each of the pixels on the 3D curved surface with a pixel value of a corresponding pixel thereof in the horizontal image to transform a page content from a planar image of the curved book page to the 3D curved surface.

US Pat. No. 10,972,629

IMAGE PROCESSING APPARATUS CONFIGURED TO COMBINE IMAGE INFORMATION SUCH THAT THE COMBINED FIRST IMAGE INFORMATION AND SECOND IMAGE INFORMATION HAVE THE FIRST RESOLUTION

TOSHIBA TEC KABUSHIKI KAI...

13. A method, comprising:storing second image information of a second image in a storage device;
reading the second image information from the storage device;
reading first image information of a first image, the first image information associated with a first resolution;
changing a second resolution of the second image information stored in the storage device to the first resolution;
combining the first image information and the second image information at the first resolution; and
printing the combined first and second image information on a sheet, wherein
the second resolution of the second image information is lower than a resolution of an image reader.

US Pat. No. 10,972,628

METHODS FOR ESTIMATING WATERMARK SIGNAL STRENGTH, AN EMBEDDING PROCESS USING THE SAME, AND RELATED ARRANGEMENTS

Digimarc Corporation, Be...

1. An apparatus comprising:memory for storing image data;
means for embedding a machine-readable signal into stored image data, the machine-readable signal comprising a synchronization signal and a plural-bit identifier, thereby generating embedded image data;
memory for storing substrate data, the substrate data associated with a substrate upon which the embedded image data is to be printed upon;
memory for storing printer data, the printer data associated with a printer that is anticipated to print the embedded image data upon the substrate;
means for processing the embedded image data with reference to the substrate data and the printer data, thereby generating processed, embedded image data;
means for estimating a signal strength of the machine-readable signal embedded within the processed, embedded image data, in which said means for estimating utilizes the synchronization signal, and in which said means for estimating yields an estimated signal strength; and
means for controlling visual display of the estimated signal strength.

US Pat. No. 10,972,627

INFORMATION PROCESSING APPARATUS, INFORMATION PROCESSING METHOD, AND NON-TRANSITORY COMPUTER READABLE MEDIUM FOR CORRECTING CHARACTER RECOGNITION RESULT

PFU LIMITED, Ishikawa (J...

1. An information processing apparatus comprising:a memory;
a non-volatile memory; and
a processor coupled to the memory and the non-volatile memory, the processor configured to:
store characters recognized in the character recognition processing and characters rectified by a user regarding these recognized characters in association with items;
compare, for the respective items, a newly input result of the character recognition processing with the recognized characters and rectified characters stored in the non-volatile memory to calculate total similarity;
select a set of the characters of which the calculated total similarity is the highest based on the calculated similarity;
evaluate properness of the selected set of the characters based on an amount of corrections and a number of times of rectifications corresponding to rectification history stored in the non-volatile memory; and
correct the newly input result of the character recognition processing by using the selected set of the characters when the properness is affirmed.

US Pat. No. 10,972,626

IMAGE READING APPARATUS

SHARP KABUSHIKI KAISHA, ...

1. An image reading apparatus comprising:a scanner that scans originals by a batch-scan that are placed on an original table;
an original reading circuitry that reads an image of each of the scanned originals;
an image processing circuit that crops the image of each original from the read images;
an image output that outputs the cropped image of each original;
control circuitry that controls the scanner, the original reading circuitry, the image processing circuit, and the image output; and
a display, wherein
the control circuitry executes a continuous multi-crop process-according to a selection by a user, and
when the continuous multi-crop process is executed, the control circuitry displays on the display one operation key that receives an instruction to start the next scan and another operation key that receives an instruction to end the reading respectively every time each batch-scan is executed to enable the batch-scan to be repeatedly executed until receiving the instruction to end the reading, and handles the images of the originals read by the repeated batch-scans as a series of image data.

US Pat. No. 10,972,625

OPTICAL SCANNING DEVICE AND IMAGE FORMING APPARATUS

SHARP KABUSHIKI KAISHA, ...

1. An optical scanning device for scanning an object to be scanned with a beam, the optical scanning device comprising:a light source that emits a beam;
a rotating polygon mirror that reflects the beam emitted from the light source;
an f? lens on which the beam reflected by the rotating polygon mirror is incident; and
a reflection mirror that guides the beam emitted from the f? lens to an object to be scanned, wherein
a housing is configured by a lower housing including an opened top part and an upper housing that covers the opened top part of the lower housing,
the lower housing includes a raised area being raised upward from a bottom surface of the lower housing, and
the f? lens is mounted to face a lower side of the raised area.

US Pat. No. 10,972,624

SMART INTERNET HIGH-DEFINITION SCANNER WITH LASER CORRECTION

DALIAN CZUR TECH CO., LTD...

1. A smart Internet high-definition scanner with laser correction, comprising:a scanning area configured to receive a book to be scanned;
a calibration laser emission unit located above the scanning area;
a camera; and
an image processing unit,
wherein the calibration laser emission unit emits a laser beam to the book unfolded to a current page and placed on the scanning area to form a laser line on a surface of the current page;
wherein the camera collects a planar image of the current page with the laser line by establishing a three-dimensional coordinate system including a plane of the scanning area;
wherein according to coordinates of pixel points of the laser line and an intersection angle between the laser beam and the plane of the scanning area, the image processing unit obtains height coordinates of each pixel point on the laser line in the planar image in the three-dimensional coordinate system through calculation of tangent function, the image processing unit restores a 3D curve of the laser line in the three-dimensional coordinate system, and the image processing unit constructs a 3D curved surface of the current page in the three-dimensional coordinate system according to the 3D curve; and
wherein the image processing unit obtains a correlation between points on the 3D curved surface and the pixel points in the planar image through calculation, the image processing unit replaces pixel values of the points on the 3D curved surface with pixel values of corresponding pixel points in the planar image, and the image processing unit straightens the 3D curved surface with the replaced pixel values, to complete scanning the current page.

US Pat. No. 10,972,623

INFORMATION PROCESSING APPARATUS HAVING IMPORT FUNCTION TO IMPORT INFORMATION REGARDING USER SO THAT REGISTRATION UPPER LIMIT IS NOT EXCEEDED BASED ON USER'S LAST LOGIN DATE AND CONTROL METHOD FOR THE SAME, AND STORAGE MEDIUM

Canon Kabushiki Kaisha, ...

1. An information processing apparatus comprising:storage that stores first personal setting information of users who use the information processing apparatus, and last login time and date when each of the first users last logged in to the information processing apparatus;
at least one memory that stores a set of instructions; and
at least one processor that executes the set of instructions, the set of instructions, when executed, causing the information processing apparatus to perform operations comprising:
setting whether to permit automatic deletion of the first personal setting information stored in the storage;
receiving an import instruction of second personal setting information including at least personal settings for a second user;
determining whether total personal setting information to be stored in the storage exceeds a registration upper limit when import processing of the second personal setting information is executed;
identifying, in a case where it is determined that the total setting information to be stored in the storage exceeds the registration upper limit when the import processing of the second personal setting information is executed according to the import instruction and in a case where it is set that the automatic deletion of the first personal setting information is permitted, at least one piece of the first personal setting information to be deleted, based on the last login time and date stored in the storage, and deleting the identified at least one piece of the first personal setting information stored so that the total personal setting information to be stored in storage does not exceed the registration upper limit after executing the import processing of the second personal setting information; and
performing control, in a case where it is determined that the total personal setting information to be stored in the storage exceeds the registration upper limit, and in a case where it is set that the automatic deletion of the first personal setting information is not permitted, to display information indicating that the import processing of the second personal setting information cannot be performed.

US Pat. No. 10,972,622

PRINT CONTROL DEVICE AND PROGRAM

Konica Minolta, Inc., To...

1. A non-transitory recording medium storing a computer readable program causing a computer, which is incorporated in a print control device that controls a print job, to perform:a) determining whether or not a reference source part included in a print target document related to the print job and a reference destination part included in the print target document and corresponding to the reference source part are arranged on different pages in a printout obtained by printing out the print target document;
b) estimating a binding position in the printout; and
c) changing at least one of arrangement target areas of the reference source part and the reference destination part in the printout based on the binding position and the arrangement position of the reference source part or the reference destination part in the printout, when it is determined in the a) that the reference source part and the reference destination part are arranged on different pages in the printout.

US Pat. No. 10,972,621

RECORDING APPARATUS

Seiko Epson Corporation, ...

1. A recording apparatus comprising:a recording unit that performs recording on a medium;
a housing including the recording unit therein;
a scanner unit that includes a document stand on which a document is placed and a reading unit that reads the document placed on the document stand, is provided to be rotatable with respect to the housing, and is configured to open and close an upper portion of the housing through rotation;
a panel unit that is provided in a free end of the scanner unit and is configured to be tilted between a first posture and a second posture in which the panel unit is more parallel to the document stand than the first posture;
a restriction unit that is configured to switch between a restriction state in which rotation of the scanner unit in an opening direction from a closed state in which the scanner unit is closed with respect to the housing is restricted and a rotation allowing state in which the rotating of the scanner unit in the opening direction from the closed state is allowed, the restriction unit being in the rotation allowing state when the panel unit is in the first posture and being in the restriction state when the panel unit is tilted from the first posture to the second posture; and
a posture holding unit that is configured to switch between a posture holding state in which a posture of the panel unit with respect to the scanner unit is held in the first posture and a tiltable state in which the posture of the panel unit with respect to the scanner unit is configured to be tilted from the first posture to the second posture, the posture holding unit being switched to the tiltable state when the scanner unit is in the closed state and being switched to the posture holding state when the scanner unit is rotated in the opening direction from the closed state.

US Pat. No. 10,972,620

INFORMATION PROCESSING APPARATUS CAPABLE OF DISPLAYING SETTINGS HISTORY BUTTON, METHOD OF CONTROLLING SAME, AND STORAGE MEDIUM

CANON KABUSHIKI KAISHA, ...

1. An information processing apparatus that displays a setting screen for setting a plurality of setting values used for a function selected by a user, in a state where initial values registered at factory shipment are set thereon, the information processing apparatus comprising:a memory storing instructions; and
a controller including a processor that implements the instructions to execute a plurality tasks, including:
a control task that controls execution of the function that uses the plurality of setting values set on the setting screen;
a display control task that controls displaying of a settings-history button for calling the plurality of setting values used for the function according to execution of the function;
a reference switching that switches an identification reference for use in identifying, from the plurality of setting values used for the function, a setting value that is different from an initial value thereof on the setting screen;
a generation task that generates setting value information indicative of the setting value identified based on the identification reference; and
a change instruction-receiving task that receives an instruction for changing the initial values on the setting screen to other initial values other than the initial values registered at factory shipment,
wherein the display control task controls displaying of the setting value information for the settings-history button, and
wherein in a case where the initial values on the setting screen are changed to the other initial values, the reference switching task switches the identification reference to the other initial values.

US Pat. No. 10,972,619

DISPLAY APPARATUS FOR DISPLAYING POP-UP WINDOW AT APPROPRIATE DISPLAY POSITION ON SCREEN OF DISPLAY DEVICE, AND COMPUTER-READABLE NON-TRANSITORY RECORDING MEDIUM STORING DISPLAY CONTROL PROGRAM

KYOCERA Document Solution...

13. A computer-readable non-transitory recording medium storing a display control program, the display control program causing a computer including a display device and a processor to function as a controller displaying a plurality of items on a screen of the display device, specifying a display region for each item of the plurality of items on a basis of a position of each item when the controller displays a pop-up window associated with a first item of the plurality of items, on the screen of the display device, detecting a first free region which is closest to the first item among all free regions in which the pop-up window does not overlap display regions of all the items on the screen of the display device, and displaying the pop-up window in the first free region, by the processor executing the display control program,wherein the controller
detects a second free region which is closest to the first item among all free regions in which the pop-up window does not overlap display regions of all items including a second item different from the plurality of items on the screen of the display device, and displays the pop-up window in the second free region when the controller displays the second item on the screen of the display device, and
detects a first assumed free region including a display region of the first item and excluding display regions of all other items, which are different from the first item, including the second item in the screen of the display device and displays the pop-up window in the first assumed free region when the controller is unable to detect the second free region.

US Pat. No. 10,972,618

IMAGE PROCESSING DEVICE, IMAGE PROCESSING SYSTEM, AND CONTROL METHOD OF IMAGE PROCESSING DEVICE

KABUSHIKI KAISHA TOSHIBA,...

1. An image forming device comprising:a communication interface;
a printer configured to form an image on a medium;
a memory in which first information is stored, the first information indicating one or more function IDs of one or more image forming device functions associated with a user ID; and
a processor configured to:
receive, through the communication interface, second information indicating one or more function IDs of one or more image forming device functions available in another image forming device in an image forming device network, the second information being associated with the user ID;
determine whether or not an image forming device function identified by a function ID included in the second information and not included in the first information is available in the image forming device;
after determining that the image forming device function identified by the function ID included in the second information and not included in the first information is unavailable in the image forming device, install an application program corresponding to the image forming device function unavailable in the image forming device during login of a user identified by the user ID;
update the first information by adding a function ID of the image forming device function corresponding to the installed application program in association with the user ID; and
control the communication interface to transmit the updated first information.

US Pat. No. 10,972,617

INFORMATION TERMINAL CONFIGURED TO TRANSMIT DATA WITH USE OF WIRELESS COMMUNICATION, IMAGE PROCESSING APPARATUS, IMAGE PROCESSING SYSTEM, AND STORAGE MEDIUM

Canon Kabushiki Kaisha, ...

1. An image processing system comprising:an image processing apparatus; and
an information terminal,
wherein the information terminal comprises:
a first short range wireless communicator that transmits information relating to authentication to the image processing apparatus by short-range wireless communication,
wherein the first short range wireless communicator receives, from the image processing apparatus by the short-range wireless communication, connection information for communicating with the image processing apparatus by wireless communication different from the short-range wireless communication; and
a first wireless communicator that transmits, by the wireless communication established using the connection information, setting information of a transmission function included in the image processing apparatus to the image processing apparatus, and
wherein the image processing apparatus comprises:
a second short range wireless communicator that receives the information relating to the authentication from the information terminal by the short-range wireless communication,
a controller that causes a user to log-in to the image processing apparatus according to success of authentication using the received information, wherein the second short range wireless communicator transmits the connection information for carrying out the wireless communication if the authentication using the received information is successful;
a second wireless communicator that receives the setting information of the transmission function from the information terminal by the established wireless communication; and
a display that displays, according to receipt of the setting information of the transmission function, a transmission setting screen in which the received setting information is set.

US Pat. No. 10,972,616

IMAGE PROCESSING SYSTEM

KYOCERA Document Solution...

1. An image processing system comprising:an image processing device which is a reference device operated by an operator; and
an image processing device which is another device with a function not present in the reference device, wherein
the reference device and the other device are connected through a network,
the reference device includes:
an operation section which functions as a display section and an input section;
a function collecting section which sends a function list request to the other device connected to the network and receives a function list from the other device as a response;
a function selection screen generating section which generates a function selection screen including a function of the reference device and the function present only in the other device by comparing the function list received from the other device to a function list of the reference device and displays the function selection screen on the operation section; and
a remote connection section which, when the function present only in the other device is selected in the function selection screen, remotely connects the other device in which the selected function is present to the operation section of the reference device,
the other device includes a function assigning section which, in performance of set functions during remote connection, assigns a function to be performed by the reference device and a function to be performed by the other device, and
the function assigning section
assigns a function performable by only the other device to the other device, and
with regard to functions performable by either the reference device or the other device, assigns an attended function which requires the operator to be present for performance to the reference device and assigns an unattended function which may be performed without the operator present to whichever of the reference device or the other device that performs a function performed directly before the unattended function.

US Pat. No. 10,972,615

DATA PROCESSING APPARATUS, DATA PROCESSING METHOD, AND STORAGE MEDIUM

KONICA MINOLTA, INC., To...

1. A data processing apparatus which processes measured data obtained from a first line sensor and a second line sensor which measure a shape of a measured target as measured data on two-dimensional coordinates, the apparatus comprising:a hardware processor,
wherein the hardware processor is configured to,
obtain measured data from the first line sensor and the second line sensor, wherein a first coordinate plane measured by the first line sensor and a second coordinate plane measured by the second line sensor are the same or are parallel, and a reference plane plate positioned so that a surface is orthogonal to the first coordinate plane and the second coordinate plane is measured in two or more positions differed by rotation around an axis orthogonal to the first coordinate plane and the second coordinate plane, and
calculate an angle between the same coordinate axes in the first coordinate plane and the second coordinate plane and a relative position of an origin of the first coordinate plane and an origin of the second coordinate plane based on measured data obtained from the first line sensor and the second line sensor in the two or more positions of the reference plane plate.

US Pat. No. 10,972,614

SYSTEMS AND METHODS OF AUDIO NOTIFICATION UPON STATE CHANGE

Microsoft Technology Lice...

1. A method of alerting a user to information, the method comprising:receiving a notification while at least one earphone is in communication with an electronic device;
queuing the notification on the at least one earphone for later playing;
terminating the communication between the at least one earphone and the electronic device; and
playing an audible alert of the notification alert after both terminating the communication and the user positioning the at least one earphone adjacent to or in a user's ear.

US Pat. No. 10,972,613

CHARGING CONTROL METHOD, CHARGING TRIGGER APPARATUS, AND ONLINE CHARGING SYSTEM

HUAWEI TECHNOLOGIES CO., ...

1. A method for allocating a chargeable service resource to a user terminal, comprising:sending, by a policy control apparatus of a communication system, to a charging trigger function apparatus of the communication system, a first message, wherein the first message carries a first unit type to be used to measure a chargeable service resource allocated to the user terminal;
determining, by the charging trigger function apparatus according to the first unit type, a first quantity of units of the chargeable service resource to be requested from an online charging system of the communication system;
sending, by the charging trigger function apparatus, a first credit request to the online charging system, wherein the first credit request comprises the first unit type and the first quantity of units of the chargeable service resource; and
receiving, by the charging trigger function apparatus, a first credit response from the online charging system, wherein the first credit response carries the first quantity of units of the chargeable service resource allocated to the user terminal.

US Pat. No. 10,972,612

COMPLEX COMPUTING NETWORK FOR ENABLING SUBSTANTIALLY INSTANTANEOUS SWITCHING BETWEEN CONVERSATION MODE AND LISTENING MODE ON A MOBILE APPLICATION

Stereo App Limited, Ashf...

1. A method for enabling substantially instantaneous switching between conversation mode and listening mode on a mobile application, the method comprising:determining, using one or more computing device processors, a first user accesses a mobile application on a first mobile device of the first user;
enabling, using the one or more computing device processors, the first user to select a conversation mode option or a listening mode option on the mobile application, wherein the conversation mode option and the listening mode option are presented simultaneously on a user interface of the mobile application on the first mobile device of the first user, wherein the first user cannot simultaneously select both the conversation mode option and the listening mode option;
in response to the first user selecting the conversation mode option, modifying, using the one or more computing device processors, a first image of the conversation mode option, and determining, using the one or more computing device processors, a second user for conversing with the first user, wherein the second user accesses the mobile application on a second mobile device of the second user, or in response to the first user selecting the listening mode option, modifying, using the one or more computing device processors, a second image of the listening mode option, and determining, using the one or more computing device processors, a first audio conversation involving a third user for broadcasting to the first user on the mobile application, wherein the third user accesses the mobile application on a third mobile device of the third user; and
in response to selecting, using the one or more computing device processors, the listening mode option, a first visual representation of the third user not comprising a first photographic or video image of the third user, is displayed on the user interface, associated with the mobile application, on the first mobile device of the first user during the broadcasting of the first audio conversation involving the third user,
wherein the first visual representation comprises at least one of an avatar, an emoji, a symbol, a persona, an animation, a cartoon, an indicia, an illustration, a histogram, or a graph.

US Pat. No. 10,972,611

SYSTEMS AND METHODS FOR COMMUNICATION ROUTING

Cogito Corporation, Bost...

1. A method for routing voice information, the method comprising:receiving, via a computer network, by a processor of an intake processing system, a request from a computing device associated with a requestor that is associated with a first type of communication channel;
receiving, by the processor of the intake processing system, information included in a set of communications with the requestor computing device, the information comprising voice data associated with a human agent, and transmitting, by the processor of the intake processing system, the voice data to an augmented intelligence system;
extracting, by a processor of the augmented intelligence system, from the voice data, metrics comprising one or more from the group consisting of pitch, tone, spoken pace, and vocal effort;
calculating, by the processor of the augmented intelligence system, from the metrics, an emotional exhaustion score associated with the human agent;
identifying, by the processor of the augmented intelligence system, that the emotional exhaustion score has at least met an emotional exhaustion threshold;
identifying, by the processor of the augmented intelligence system, an action based on the emotional exhaustion score at least meeting the exhaustions threshold;
transmitting, by the processor of the augmented intelligence system, the metrics and data associated with the action to a graphical user interface of a supervisor user; and
displaying, on the graphical user interface, in real time, the metrics and data associated with the action.

US Pat. No. 10,972,610

TECHNIQUES FOR ESTIMATING EXPECTED PERFORMANCE IN A TASK ASSIGNMENT SYSTEM

Afiniti, Ltd., Hamilton ...

1. A method comprising:receiving, by at least one computer processor communicatively coupled to and configured to operate in a contact center system, a plurality of contact-agent interactions, wherein each of the plurality of contact-agent interactions is associated with a contact type of a plurality of contact types, an agent set of a plurality of agent sets, and an outcome;
assigning, by the at least one computer processor, each of the contact-agent interactions of the plurality of contact-agent interactions to a plurality of interaction sets, wherein each interaction set of the plurality of interaction sets is associated with one of the contact types of the plurality of contact types and one of the agent sets of the plurality of agent sets;
calculating, by the at least one computer processor, for the plurality of interaction sets, a plurality of aggregated outcomes;
determining, by the at least one computer processor, a pairing strategy based on the plurality of aggregated outcomes, wherein the pairing strategy is configured to cause a connection to be established between a contact and an agent in a switch of the contact center system;
determining, by the at least one computer processor, an expected utilization of an agent set from the plurality of agent sets based on the pairing strategy;
determining, by the at least one computer processor, an allocation of a contact type from the plurality of contact types based on the pairing strategy; and
outputting, by the at least one computer processor, an estimated performance of the pairing strategy based on the expected utilization and the allocation,
wherein a size of the plurality of interaction sets is greater than a sum of a size of the plurality of agent sets and a size of the plurality of contact types.

US Pat. No. 10,972,609

CALLER DEFLECTION AND RESPONSE SYSTEM AND METHOD

Nuance Communications, In...

1. A call processing method, carried out by one or more processors accessing one or more computer memory, the method comprising:receiving an audio call from a caller device at an automated response system;
engaging, by the automated response system, in a conversational dialogue with a caller;
presenting a text response option to the caller; and
in response to selection of the text response option during the conversational dialog:
prompting the caller to leave a message and recording at least one audio file from the caller device;
electronically transcribing the at least one audio file to form an electronic transcription, the at least one audio file describing an issue;
processing the electronic transcription to determine concepts and intents of the audio call, the concepts and intents indicating a subject matter of the issue;
determining a skill group from a plurality of skill groups based on the determined concepts and intents, the skill group having a predetermined association with the subject matter;
compiling a set of files associated with the audio call, the set of files comprising the electronic transcription and an identification of the caller;
electronically forwarding the set of files to the skill group for determining a first issue response; and
electronically initiating a text response session with the caller associated with the first issue response;
terminating the text response session based on a determination that the caller has opted to receive a callback response;
augmenting the set of files with information from the text response session;
electronically forwarding the augmented set of files to the skill group for determining a second issue response; and
electronically initiating a callback to the caller associated with the second issue response.

US Pat. No. 10,972,608

ASYNCHRONOUS MULTI-DIMENSIONAL PLATFORM FOR CUSTOMER AND TELE-AGENT COMMUNICATIONS

N3, LLC, Atlanta, GA (US...

1. A method of customer relationship management (“CRM”) implemented in a computer system, the method comprising:administering by the computer system a communications session comprising a first and a subsequent communications contact between one or more tele-agents and one or more customer representatives, the session and the first and subsequent contacts comprising a structure of computer memory of the computer system; and
generating by the computer system a first digital transcript of the content of the first contact;
displaying by the computer system to the one or more tele-agents the first digital transcript of the content of the first contact during the subsequent contact; and then
generating by the computer system a second digital transcript of the content of the subsequent contact;
wherein administering a communications session comprises establishing, as structure of computer memory of the computer system, the session, the first, and the subsequent contacts as object-oriented modules of automated computing machinery.

US Pat. No. 10,972,607

SYSTEM AND METHOD FOR PROVIDING AUDIBLE SUPPORT TO A SERVICE REPRESENTATIVE DURING A CALL

United Services Automobil...

1. A method of providing assistance during a call between a representative and a user using a user device for the call, the assistance being performed by an intelligent voice assistant separate from the user device, wherein the intelligent voice assistant includes a microphone; comprising the steps of:monitoring the call between the representative and the user by the intelligent voice assistant located in a same environment as the user;
receiving audible information from the microphone of the intelligent voice assistant;
processing the audible information to generate a stress level indicator associated with the user; and
informing the representative of the stress level indicator associated with the user by sending a message to the representative from the intelligent voice assistant.

US Pat. No. 10,972,606

TESTING CONFIGURATION FOR ASSESSING USER-AGENT COMMUNICATION

Language Line Services, I...

1. A computer program product comprising a computer readable storage device having a computer readable program stored thereon, wherein the computer readable program when executed on a computer causes the computer to:generate, at a computer-implemented service provider platform, a simulated user request for a service;
send, from the computer-implemented service provider platform to a computing device associated with an agent, the simulated user request for the service;
perform, with a processor at the computer-implemented service provider platform, an assessment of agent responsiveness to the simulated user request for the service prior to detection by the agent that the simulated user request is a simulation; and
automatically generate, with the processor at the computer-implemented service provider platform, one or more actions based on the assessment.

US Pat. No. 10,972,605

SIGNATURE BASED COMMUNICATION AUTHENTICATION

Lenovo (Singapore) Pte. L...

1. A method, comprising:detecting, using an application of an information handling device and over a first communication channel, an incoming call from another device;
identifying, as being associated with the incoming call and over a second communication channel, an identifying message signed with a user-specific signature, wherein the user-specific signature is encrypted with a private key associated with the another device;
determining, using a processor, whether the user-specific signature is associated with a valid signature, wherein the determining comprises:
determining whether a public key exists that is associated with the another device; and
identifying, responsive to determining that the public key exists, whether the public key is a pair to the private key; and
rejecting, responsive to determining that the user-specific signature is not associated with the valid signature, the incoming call.

US Pat. No. 10,972,604

DEVICE INDEPENDENT TEXT CAPTIONED TELEPHONE SERVICE

Ultratec, Inc., Madison,...

1. A method to transcribe communications, the method comprising:obtaining, at a first communication device, first communication data during a communication session between the first communication device and a second communication device;
transmitting the first communication data to the second communication device by way of a wireless local device that is locally coupled with the first communication device;
receiving, at the first communication device, second communication data from the second communication device through the local device;
transmitting the second communication data to a remote transcription system;
receiving, at the first communication device, transcription data from the remote transcription system, the transcription data corresponding to a transcription of the second communication data, the transcription generated by the remote transcription system; and
presenting, by the first communication device, the transcription of the second communication data.

US Pat. No. 10,972,603

FORKING TRANSMIT AND RECEIVE CALL AUDIO CHANNELS

Plantronics, Inc., Santa...

1. A method for forking transmit and receive call audio channels, comprising:during an active call, receiving a first audio stream of first call audio that originates from a far-end telephony device;
during the active call, receiving a second audio stream of second call audio that originates from a microphone of a near-end headset;
during the active call, generating a third audio stream containing the first call audio by processing the first audio stream;
during the active call, generating a fourth audio stream containing the second call audio by processing the second audio stream;
during the active call, generating a fifth audio stream containing the first call audio;
during the active call, generating a sixth audio stream containing the second call audio;
during the active call, concurrently transmitting:
the third audio stream containing the first call audio for output by a speaker of the near-end headset, and
the fourth audio stream containing the second call audio for receipt by the far-end telephony device; and
transmitting the fifth audio stream containing the first call audio and the sixth audio stream containing the second call audio for receipt by a predetermined destination, the fifth audio stream being transmitted as a separate stream than the sixth audio stream to the predetermined destination.

US Pat. No. 10,972,602

CALL INDICATORS FOR CATEGORIES OF CALLS

1. An apparatus comprising:a processing system including at least one processor; and
a computer-readable medium storing instructions which, when executed by the processing system when deployed in a communication network, cause the processing system to perform operations, the operations comprising:
obtaining a call request from a calling device to a destination device;
identifying a caller category associated with the calling device; and
forwarding the call request to the destination device via the communication network with an indicator of the caller category, wherein the indicator of the caller category is to cause the destination device to present at least one of: a first ringtone that is associated with the caller category or a first vibration pattern that is associated with the caller category, wherein the forwarding the call request to the destination device with the indicator of the caller category comprises providing a designated network signaling to the destination device that is indicative of the caller category.

US Pat. No. 10,972,601

SYSTEMS AND METHODS FOR CONTROLLING ACCESS TO A COMPUTING DEVICE

CITRIX SYSTEMS, INC., Fo...

1. A method, comprising:detecting, by a computing device in a first state, two or more user actions of tactile input applied to only one or more physical volume control buttons of a housing of the computing device;
determining that the detected two or more user actions of the tactile input are valid based on a code sequence; and
in response to determining that the detected user actions are valid, changing the first state of the computing device to a second state to enable use of at least one functionality of the computing device.

US Pat. No. 10,972,600

DISPLAYING RELEVANT USER INTERFACE OBJECTS

Apple Inc., Cupertino, C...

1. An electronic device comprising:a display;
a movement sensor configured to detect movement of the electronic device,
a rotatable input mechanism configured to rotate with respect to a housing of the electronic device;
one or more processors; and
memory storing one or more programs configured to be executed by the one or more processors, the one or more programs including instructions for:
detecting an input from the movement sensor based on a movement of the electronic device;
in response to detecting the input from the movement sensor, displaying, on the display, a first plurality of user interface objects based on a relevance algorithm, wherein the first plurality of user interface objects is selected from a larger plurality of user interface objects available for display, and wherein the first plurality of user interface objects includes a first user interface object associated with a first application and having a first displayed size corresponding to a relevance of the first user interface object determined based on the relevance algorithm;
while displaying the first plurality of user interface objects, receiving a user input, the user input representing rotation of the rotatable input mechanism with respect to the housing of the electronic device;
in response to receiving the user input, displaying, on the display, a second plurality of user interface objects based on the relevance algorithm, wherein the second plurality of user interface objects is selected from the larger plurality of user interface objects available for display, and wherein the second plurality of user interface objects includes a second user interface object associated with a second application that is different than the first application and having a second displayed size corresponding to a relevance of the second user interface object determined based on the relevance algorithm and different from the first displayed size of the first user interface object;
detecting updated input for use by the relevance algorithm; and
after detecting the updated input for use by the relevance algorithm, displaying the second user interface object based on the updated input for use by the relevance algorithm, including:
in accordance with a determination that the relevance of a third user interface object determined based on the relevance algorithm is greater than the relevance of the second user interface object, displaying the second user interface object having a third displayed size that is smaller than the second displayed size.

US Pat. No. 10,972,599

ENHANCED TEXT-TO-911 SYSTEM VIA CLOUD-BASED PAGE SERVICE

BEAMLIVE INC, Woodside, ...

1. A computer implemented method of generating event-based request communications (ERC) to enable enhanced content to be transmitted in association with a communication from a client device programmed with an ERC software application to a service center, the method being implemented in a computer system having one or more physical processors programmed with computer program instructions that, when executed by the one or more physical processors, cause the computer system to perform the method, the method comprising:receiving, via the ERC software application, an indication to initiate the communication to the service center;
generating, by the ERC software application, an ERC to a cloud-based page service;
receiving, from the cloud-based page service, a page identifier for a dynamic event page created by the cloud-based page service for an event;
initiating, by the ERC software application, the communication to the service center including the page identifier; and
wherein the indication to initiate the communication to the service center is received based on:
generating, at an Internet-of-Things (IoT) sensor, event-related sensor data;
establishing a connection between the IoT sensor and the cloud-based page service; and
sending, from the cloud-based page service to the client device, the indication to initiate the communication to the service center.

US Pat. No. 10,972,598

BONE CONDUCTION HEADSET

PANASONIC INTELLECTUAL PR...

1. A bone conduction headset comprising:a support member having a U-shape;
a pair of bone conduction speakers respectively provided to a first end of the support member and a second end of the support member, the second end being opposite to the first end;
a microphone coupled to the first end; and
a mute switch provided to either the first end or the second end, the mute switch being configured to perform a control to lower volume on the pair of bone conduction speakers,
wherein:
the pair of bone conduction speakers include a speaker circuit;
the mute switch includes:
a button configured to accept an operation by a user;
a resistor configured to be coupled to the speaker circuit; and
a switch configured to couple the resistor to the speaker circuit, and
the mute switch is configured to be closed when the button is operated such that the resistor is coupled to the speaker circuit, and the volume on the pair of bone conduction speakers is lowered.

US Pat. No. 10,972,597

MANAGING EXECUTABLE COMPONENT GROUPS FROM SUBSET OF USER EXECUTABLE COMPONENTS

T-Mobile USA, Inc., Bell...

1. A method comprising:identifying a subset of executable components associated with a user of a telecommunications device, wherein the subset of executable components includes a portion of executable components accessible by the telecommunications device;
determining first and second executable component groups from the subset of executable components;
causing the generation of a first display on the telecommunications device, wherein the first display includes a first representation of at least a portion of the first or second executable component groups and a divider display object, wherein the divider display object is positioned adjacent to at least one executable component displayed in the first representation, wherein the divider display object partitions the first executable component group from the second executable component group, and wherein the divider display object is identified on the first display as adjustable to modify positioning of the divider display object relative to the executable components in the first and second executable component groups;
obtaining at least one modification input associated with the divider display object for repositioning the divider display object;
causing the generation of a second display on the telecommunications device, wherein the second display includes a second representation of at least a portion of the subset of executable components and the divider display object, wherein the divider display object in the second representation is repositioned based on the at least one modification input, and wherein the divider display object in the second representation is repositioned adjacent to at least one different executable component in the second display as compared to the first display; and
modifying members of the first and second executable component groups based on the at least one modification input;
wherein the method is implemented in a computer system.

US Pat. No. 10,972,596

ATTACHMENT TO A CELL PHONE

Innovation Specialties, ...

1. An apparatus for retaining a cell phone comprising:(a) a swivel base including a top surface, a bottom surface which is affixed to a top surface of an adhesive disc, the adhesive disc having a bottom surface with a cover wrapping, the swivel base having a circumferential sidewall with a circumferential exterior surface and a circumferential interior surface which surrounds an interior chamber, the circumferential interior surface includes a multiplicity of spaced apart upper circumferential teeth which are adjacent a top surface of the swivel base leaving a circumferential gap between the multiplicity of spaced apart upper circumferential teeth a lower portion of a circumferential interior surface, creating an interior chamber within the swivel base;
(b) a retaining base sized to be rotatably retained within the interior chamber of said swivel base, the retaining base including a front recessed arcuate sidewall, a parallel opposite rear arcuate recessed sidewall, a left recessed arcuate sidewall and a parallel opposite right arcuate recessed sidewall, the front and rear recessed sidewalls are each at ninety degrees to both the left and right arcuate recessed sidewalls, the four arcuate recessed sidewalls surround an interior section;
(c) the retaining base including a first straight pivot arm having a first lower base with opposite pin members, the first lower base extends to oppositely disposed parallel side arms which extend to first upper transverse arm with a first central recessed portion, the first upper transverse arm is integrally formed with and between parallel side arms, the first upper transverse arm is parallel to first lower base, the first lower base is rotatably affixed between left recessed arcuate sidewall and right recessed arcuate sidewall and is adjacent the front recessed arcuate sidewall, a first bent pivot arm includes a first lower recessed channel section rotatably retained in the central recessed portion of the first upper transverse arm of the first straight pivot arm, the first lower recessed channel section extends to integrally formed parallel first bent pivot arms which support a first bent pivot upper transverse retaining section with a first cylindrical mating dowel;
(d) the retaining base including a second straight pivot arm having a second lower base with opposite pin members, the second lower base extends to oppositely disposed parallel side arms which extend to second upper transverse arm with a second central recessed portion, the second upper transverse arm is integrally formed with and between parallel side arms, the second upper transverse arm is parallel to second lower base, the second lower base is rotatably affixed between left recessed arcuate sidewall and right recessed arcuate sidewall and is adjacent the rear recessed arcuate sidewall, a second bent pivot arm includes a second lower recessed channel section which is rotatably retained in the central recessed portion of the second upper transverse arm of the second straight pivot arm, the second lower recessed channel section extends to integrally formed parallel second bent pivot arms which support a second bent pivot upper transverse retaining section with a second cylindrical mating dowel; and
(e) a cylindrical cap with a first interior mating tunnel with the first cylindrical mating dowel rotatably retained in the first interior mating tunnel, the cylindrical cap including a spaced apart second interior mating tunnel with the second cylindrical mating dowel rotatably retained in the second interior mating tunnel, a cover label affixed to the an upper surface of the cap;
(f) wherein, after the cover wrapping is removed, the lower surface of the adhesive disc is affixed to a rear surface of the cell phone, and the cap is pulled away from the retaining base with the first and second straight pivot arms rotate about a respective first and second lower base to move the cap to an elevated position, and the respective first and second bent pivot arms rotate about the respective first lower recessed channel and second lower recessed channel of the elevated position to enable a person to place one finger in an interior space bounded by the retaining base, the first and second straight pivot arms, the first and second bent pivot arms, and a lower surface of the cap with the palm of the same hand as the finger resting on the rear surface of the cell phone, and the rotation of the retaining base within the fixed swivel base enables the person to hold the cell phone in a comfortable position for both holding as well as talking.

US Pat. No. 10,972,595

AUDIO HEADSET SYSTEM

James Clarke, Newton (GB...

1. An audio communication system base station, comprising:a first communication interface operable to communicate with a headset; and
a physical cartridge connection means for connection to one of a plurality of different types of cartridges, wherein said plurality of different types of cartridges are manually and removably connectable thereto and each different type of cartridge has an associated one of a plurality of different communication protocols, and
wherein the physical cartridge connection means comprises a second communication interface;
means for detecting the communication protocol of a connected cartridge from the plurality of different communication protocols; and
means for configuring the base station for use with the detected communication protocol;
wherein the base station is configured such that in use when a cartridge is connected, duplex communication data can be transmitted between the connected cartridge and the base station via the second communication interface,
between the base station and a remote device via the connected cartridge using the detected communication protocol, and between the base station and the headset via the first communication interface, such that duplex communication data can be transmitted between the remote device and the headset via the base station.

US Pat. No. 10,972,594

CASING ASSEMBLY AND TERMINAL

GUANGDONG OPPO MOBILE TEL...

1. A casing assembly, comprising:a rear casing, having a front surface and a rear surface opposite the front surface, the rear casing defining a mounting hole extending through the front surface and the rear surface; and
a decorative member, disposed in the mounting hole and coupled to the rear casing, the decorative member covering the mounting hole and extending out of the rear surface;
wherein:
the mounting hole comprises a first hole and a second hole communicating with the first hole, wherein the first hole has a maximum width larger than a maximum width of the second hole, the first hole has a first wall coupled to the rear surface, and the second hole has a second wall coupled to the front surface; and
the decorative member passes through the first hole and is coupled to a bottom wall of the first hole;
wherein a side of the decorative member facing away from the rear surface is provided with a layer selected from a group consisted of a fluorescent layer, a photochromic layer, or a light guide film.

US Pat. No. 10,972,593

RADIO FREQUENCY MODULE AND COMMUNICATION DEVICE

MURATA MANUFACTURING CO.,...

1. A radio frequency module, comprising:a module board including a first principal surface and a second principal surface on opposite sides of the module board;
an antenna connection terminal;
an LC filter connected to the antenna connection terminal and including at least a first chip inductor;
a transmission power amplifier;
a reception low noise amplifier; and
a second chip inductor disposed on one of a transmission path connecting the LC filter and the transmission power amplifier and a reception path connecting the LC filter and the reception low noise amplifier, wherein
the first chip inductor is mounted on the first principal surface, and the chip second inductor is mounted on the second principal surface.

US Pat. No. 10,972,592

MOBILE TERMINAL

LG ELECTRONICS INC., Seo...

1. A mobile terminal, comprising:a first frame;
a second frame movably accommodated within the first frame and configured to be moved in a first direction relative to the first frame to slide out from the first frame;
a third frame movably accommodated within the second frame and configured to be moved in the first direction relative to the second frame to slide out from the first and second frames;
a flexible display comprising:
a first region disposed on a front side of the mobile terminal and coupled to the first frame;
a second region disposed on a backside of the mobile terminal and coupled to the third frame, the second region being entirely exposed externally outside the mobile terminal; and
a third region elongated between the first and second regions,
wherein the third region is configured to be disposed on the front side or a backside of the mobile terminal while being exposed externally outside the mobile terminal based on a moving direction of the second frame causing the third region to be rolled around the second frame; and
a drive unit configured to:
move the second and third frames relative to the first and second frames, respectively, in the first direction, to switch the mobile terminal from a first state to a second state, wherein only the first region, among the first, second, and third regions of the flexible display, is exposed externally to the front side of the mobile terminal in the first state, and wherein only the first and third regions are exposed externally to the front side of the mobile terminal in the second state; and
pull out the third region from the backside of the mobile terminal toward the front side of the mobile terminal through the second frame by moving the second and third frames in the first direction, such that the mobile terminal is switched to the second state.

US Pat. No. 10,972,591

HOUSING, METHOD OF PRODUCING THE SAME, AND ELECTRONIC DEVICE INCLUDING THE SAME

Samsung Electronics Co., ...

1. An electronic device, comprising:a rear cover comprising a flat portion and a curved portion extending from at least one edge of the flat portion;
a side frame connected to the rear cover, the side frame forming at least partially an external shape of the electronic device and comprising:
a first side surface, a second side surface extended substantially perpendicularly from the first side surface, a third side surface substantially parallel to the first side surface and substantially perpendicular to the second side surface, and a fourth side surface extended substantially perpendicular from the third side surface and the first side surface and substantially parallel to the second side surface;
a first adhesive disposed between the rear cover and the side frame;
a support extending at least partially from the side frame to an internal space of the electronic device, wherein the support comprises conductive material; and
a polymer member coupled to at least a portion of the support or the side frame and at least partially facing the rear cover,
wherein the polymer member comprises a flat surface corresponding to the flat portion of the rear cover and a curved surface extending from the flat surface and corresponding to the curved portion of the rear cover, and comprises a first area in which the first adhesive is disposed and a second area extended from the first area and contacting the side frame.

US Pat. No. 10,972,590

ELECTRIC SIGNAL TRANSMISSION LINE IN A COMMUNICATION DEVICE

HUAWEI TECHNOLOGIES CO., ...

1. A communication device, comprising:a processor;
at least one electrical component;
a battery configured to extend in a main extension plane;
a casing housing the battery and comprising:
a back cover configured to cover the battery, the back cover extending in a plane substantially parallel to the main extension plane;
a front opposite the back cover extending in a plane substantially parallel to the main extension plane;
a surrounding frame configured to mount the back cover to the front wherein the battery is situated inside the surrounding frame and between the front cover and the back cover;
an inner wall between the battery and the surrounding frame and extending alongside the battery in a plane substantially perpendicular to the main extension plane; and
an electrical signal transmission line comprising:
a first portion positioned between the battery and the surrounding frame and coupled to the at least one electrical component along a longitudinal extension of the first portion, wherein the first portion extends alongside the battery in a plane substantially perpendicular to the main extension plane;
a longitudinal stiffener attached to the first portion extending alongside the first portion substantially parallel to the first portion;
a fastener affixing the first portion and the longitudinal stiffener to the inner wall, wherein the fastener comprises electrically conductive material and wherein the first portion is grounded by the fastener; and
a second portion coupled to the processor.

US Pat. No. 10,972,589

BRACKET STRUCTURE, INPUT/OUTPUT ASSEMBLY AND ELECTRONIC DEVICE

GUANGDONG OPPO MOBILE TEL...

1. A bracket structure, comprising:a first bracket;
wherein the first bracket comprises a first face, a second face, and a third face, the first face and the second face are arranged on two opposite sides of the first bracket, the third face is connected to the first face and the second face, the second face is provided with at least two accommodating chambers, the first face is provided with at least two through holes corresponding to the at least two accommodating chambers, the third face is provided with a mounting hole passing through the first face and the second face, the mounting hole is arranged between two of the at least two accommodating chambers;
wherein the first bracket further comprises a fourth face opposite to the third face and connected to the first face and the second face, the at least two accommodating chambers comprise a first chamber, a second chamber, a third chamber and a fourth chamber arranged in sequence, the mounting hole is arranged between the first chamber and the third chamber, the second chamber is arranged between the mounting hole and the fourth face, and the fourth chamber is arranged at a side of the third chamber away from the first chamber.

US Pat. No. 10,972,588

MICRO-LEVEL NETWORK NODE FAILOVER SYSTEM

T-Mobile USA, Inc., Bell...

1. A computer-implemented method comprising:obtaining one or more key performance indicator (KPI) values associated with one or more nodes in a core network that offer a first service, wherein the one or more KPI values are associated with the first service;
comparing a first KPI value in the one or more KPI values with a first threshold value;
determining that the first KPI value exceeds the first threshold value;
determining that the first KPI value corresponds with a first node in the one or more nodes;
instructing the first node to re-route requests corresponding to the first service to a second node in the one or more nodes that is redundant to the first node;
obtaining one or more second KPI values associated with the one or more nodes after the first node is instructed to re-route the requests;
determining that a second KPI value in the one or more second KPI values exceeds a second threshold value;
determining that the second KPI value corresponds with a third node in the one or more nodes;
instructing the first node to no longer re-route the requests corresponding to the first service; and
instructing the third node to re-route second requests corresponding to the first service to a fourth node in the one or more nodes that is redundant to the third node.

US Pat. No. 10,972,587

SYSTEMS AND METHODS FOR ALTERING THE CHARACTER OF NETWORK TRAFFIC

Berryville Holdings, LLC,...

1. A system for altering the character of data originating from a Virtual Private Network (VPN), the system comprising:a first network interface device configured to receive first data from the VPN;
a second network interface device configured to send second data to a webserver;
a data processor coupled to the first network interface device and the second network interface device having memory storing instructions, which when executed result in operations comprising:
receiving the first data from the first network interface device, the first data comprising a first plurality of packets;
generating a message by combining the first plurality of packets;
generating the second data by segmenting the message into a second plurality of packets, wherein a third plurality of packets in the second plurality of packets is equal to the network maximum transfer unit allowed by the Internet and the last packet in the second plurality of packets is less than the network maximum transfer unit allowed by the Internet; and
forwarding the second data to the second network interface device;
wherein each packet in the first plurality of packets is smaller than a network maximum transfer unit allowed by the Internet due to the VPN removing VPN headers from third data originating from a user computing device in communication over the Internet with the VPN.

US Pat. No. 10,972,586

REUSABLE MESSAGE FLOW BETWEEN APPLICATIONS OF A MESSAGE BROKER INTEGRATED SYSTEMS ENVIRONMENT

International Business Ma...

1. A computer-implemented method for modifying and deploying a data conversion flow between a first application of a first message broker system and a second application of a second message broker system by dynamically loading a set of user-defined design parameters to alter the data conversion flow, without restarting the data conversion flow, the computer-implemented method comprising:receiving a source message conversion flow from a source input message queue, wherein the source conversion flow identifies a plurality of design parameters, wherein the plurality of design parameters includes a plurality of data format parameters, a plurality of data description parameters, a plurality of conversion routine parameters, a plurality of conversion routine path parameters, and a plurality of output routing information parameters;
identifying a message interface corresponding to the received message conversion flow;
accessing a plurality of user-defined design parameters corresponding with at least one interface;
identifying the set of user-defined design parameters from the plurality of user-defined parameters based on matching the corresponding at least one interface with the identified message interface;
altering the plurality of design parameters based on the identified set of user-defined design parameters to form a target message conversion flow without changing the source message conversion flow; and
sending the target message conversion flow including the altered plurality of design parameters to the second application to deploy the target message conversion flow.

US Pat. No. 10,972,585

ESTABLISHING A TRUST ASSOCIATION

Twitter, Inc., San Franc...

1. A method, comprising:receiving, by a messaging platform, a request to associate a web source with a first account of a user on the messaging platform;
obtaining a link to the web source from the first account, wherein the messaging platform is configured to obtain the link based on a profile associated with the first account or based on the request;
accessing the web source in response to the request to associate using the link;
locating within the web source, a first tag associated with the first account, wherein the first tag is an authorization to associate the web source with the first account, wherein the first tag is located by analyzing code of the web source and wherein the first tag within the web source includes an identifier;
creating, in response to locating the tag within the web source a first trust association between the first account and the web source, wherein creating the first trust association includes comparing the identifier included in the first tag with an identifier associated with the first account on the messaging platform and creating the first trust association when there is a match based on the comparison; and
providing an indication of the first trust association for display in a user interface of a client device, wherein the indication of the first trust association is viewable by one or more other users of the messaging platform.

US Pat. No. 10,972,584

APPARATUS, METHOD AND SYSTEM FOR A TUNNELING CLIENT ACCESS POINT

IOENGINE LLC, Norwalk, C...

1. A portable device configured to communicate with (i) a communications network comprising a plurality of communications network nodes and (ii) a terminal comprising a processor, an output component, and a memory configured to store program code, including first program code which, when executed by the terminal processer, is configured to facilitate a key exchange between the terminal and the portable device, the portable device comprising:(a) a network interface configured to enable transmission of communications between the portable device and a communications network node;
(b) a communication interface configured to enable transmission of communications between the portable device and the terminal;
(c) a processor; and
(d) a memory having executable program code stored thereon, including:
(1) second program code which, when executed by the portable device processor, is configured to cause a communication to be transmitted to the terminal to display an interactive user interface by the terminal output component, the interactive user interface comprising at least one user interface element configured to be manipulated by a user to cause the portable device processor to execute stored program code;
(2) third program code which, when executed by the portable device in response to a command resulting from user manipulation of a user interface element of the interactive user interface, is configured to cause a communication to be transmitted to the terminal to affect the display of the interactive user interface by the terminal output component;
(3) fourth program code which, when executed by the portable device processor in response to a command resulting from user manipulation of a user interface element on an interactive user interface, is configured to cause a secure communication to be transmitted through the portable device network interface to a communications network node; and
(4) fifth program code which, when executed by the portable device processor, is configured to (i) process secure data received from the communications network node through the portable device network interface and (ii) cause the processed data to be securely transmitted through the communications interface to the terminal for display by the terminal output component, wherein the portable device is configured to employ a key exchange between the portable device and the terminal to securely transmit the processed data through the communication interface to the terminal.

US Pat. No. 10,972,583

METHODS AND SYSTEMS FOR PERSONALIZING USER EXPERIENCE BASED ON PERSONALITY TRAITS

Spotify AB, Stockholm (S...

1. A method, comprising:at an electronic device associated with a media-providing service having one or more processors and memory storing instructions for execution by the one or more processors:
tracking behavior of a user over a predefined time period;
determining that at least a portion of the tracked behavior is associated with a first personality trait identified by the media-providing service;
based at least in part on the tracked behavior, assigning the first personality trait to the user; and
providing to the user, personalized content associated with the first personality trait assigned to the user.

US Pat. No. 10,972,582

SYSTEM AND METHOD FOR SCOPED ATTRIBUTES

General Electric Company,...

1. A computer-implemented method comprising:storing, in one or more data stores, a user attribute of a user, a resource attribute of a resource of a web service, one or more scope conditions to be satisfied in order to apply one of the user attribute and the resource attribute in generating a decision of whether to permit or deny an action, and a script comprising an access control policy for accessing the resource of the web service, the user attribute comprising user information about the user other than an identification of the user, the resource attribute comprising resource information about the resource other than an identification of the resource, and the access control policy comprising one or more policy conditions to be satisfied in order to permit the action, the one or more policy conditions comprising at least one of the user attribute and the resource attribute;
wherein the user attribute, resource attribute, and the one or more scope conditions are stored in a tree data structure that is separate from the script;
receiving a web service request for accessing the resource of the web service, the web service request corresponding to the user and comprising an access token for the user, action data identifying the action being requested to be applied to the resource, and resource data identifying the resource;
determining that the one or more scope conditions are satisfied for the web service request by traversing the tree data structure;
generating, by a machine having a memory and at least one processor, a decision to either permit or deny the web service request based on the access control policy, the one of the stored user attribute and the stored resource attribute being used in generating the decision based on the determination that the one or more scope conditions are satisfied, and the generating of the decision comprising interpreting the script; and
transmitting the decision to the web service;
wherein the resource attribute comprises an organization associated with the resource, a group associated with the resource, or a role associated with the resource;
wherein when the resource is accessed in response to the web service request, the web service utilizes the resource to build, test, or implement a first industrial internet application;
wherein placement of the scoped conditions in the data structure allows an administrator to set conditions for accessing a resource by configuring a user account rather than re-writing the access control policy in the script.

US Pat. No. 10,972,581

MEDIA PROCESSING METHOD AND DEVICE

HUAWEI TECHNOLOGIES CO., ...

1. A method, comprising:acquiring a media content directory that resides on at least one media server and identifying media description information in at least two media resource objects in the media content directory;
integrating the at least two media resource objects in response to media resources corresponding to the at least two media resource objects having the same media content, so that the at least two integrated media resource objects are represented by one media identifier, wherein each media resource object of the at least two media resource objects has at least one of a media format or a resolution that is different from at least one other media resource object of the at least two media resource objects;
generating, according to the media content directory, a content list having media identifiers identifying media resources on the at least one media server, the media identifiers including the one media identifier, wherein the content list is free of duplicate media identifiers;
receiving, by a media control device, from each connected media playback device of a plurality of connected media playback devices connected to, and remote from, the media control device, capability information and supported media formats of the respective connected media playback device, wherein the capability information comprises a resolution and screen size of the respective connected media playback device, and wherein the supported media formats comprises a list of one or more media formats for which the respective connected media playback device supports decoding;
generating a match list according to the capability information and the supported media formats of each of the plurality of connected media playback devices, wherein the match list identification numbers of the media resources corresponding to the at least two media resource objects which are suitable to be played on each respective connected media playback device of the plurality of connected media playback devices;
determining that more than one of the media resources is supported by a media playback device of the plurality of connected media playback devices, and assigning a priority, according to at least one of a first priority assignment manner or a second priority assignment manner, to each of the more than one media resources supported by the media playback device, wherein the first priority assignment manner comprises assigning a priority to each of the more than one media resources according to a media resolution and a media encapsulation format of the respective more than one media resource with respect to a screen resolution and a media format playback capability of the media playback device, and wherein the second priority assignment manner comprises assigning a priority to each of the more than one media resources according to a playback response delay of playing the respective more than one media resource on the media playback device, resources is determined by the media playback device prefetching a portion of the more than one media resource, performing decoding, and attempting to perform playback; and
sending, by the media control device, to the media playback device of the plurality of connected media playback devices selected by a user, a media resource address corresponding to a first media resource of the more than one media resources suitable to be played on the selected media playback device having a highest priority, represented by the one media identifier and selected from the content list, so that the selected media playback device acquires and plays the first media resource, wherein the first media resource corresponds to one of the at least two media resource objects.

US Pat. No. 10,972,580

DYNAMIC METADATA ENCRYPTION

Amazon Technologies, Inc....

1. A computer-implemented method, comprising:intercepting a first request to access a computing resource;
causing, based at least in part on an identity associated with the first request, authentication of the first request; and
causing a stateless function to run as code to:
parse the first request for a tag associated with the requested computing resource;
call a key management service to cause encryption of the tag to generate an encrypted tag;
generate a second request identifying the encrypted tag; and
submit the second request to the computing resource to cause, in response to the first request, access to the computing resource.

US Pat. No. 10,972,579

ADAPTIVE SCHEDULING FOR EDGE DEVICES AND NETWORKS

Nebbiolo Technologies, In...

1. A computer-implemented system for adaptively scheduling a plurality of computer-based applications executed on a plurality of fog nodes communicably coupled via an Ethernet time sensitive network (TSN), said system comprising:a processor;
a memory module communicably coupled to said processor, said memory module storing computer program code, wherein said memory module and said computer program code stored therein are configured, with said processor, to:
communicably couple each of said plurality of fog nodes to at least one edge device respectively, and configure each of said plurality of fog nodes to process information received from corresponding edge devices as at least a part of a dataflow;
calculate a global time schedule applicable for each of said plurality of fog nodes and said corresponding edge devices communicably coupled thereto, based on at least one of a cycle-by-cycle execution of said dataflow and a real-time execution of said dataflow across said plurality of fog nodes and said corresponding edge devices;
provision at least a plurality of kernels and a plurality of real-time applications embedded within respective fog nodes to execute, at least in part, said data flow and process said information in line with said global time schedule applicable to said respective fog nodes;
monitor each of said kernels processing said information, and in response to identifying at least one kernel as witnessing a time delay in processing said information, trigger said at least one kernel to determine a computing context corresponding to said processing of said information, and re-instantiate said processing of said information, based on said computing context, at a future time slot pre-determined by said global time schedule;
selectively identify a real-time application embedded within at least one of said plurality of fog nodes, and selectively configure said real-time application to process said information at a predetermined time slot forming a part of said global time schedule;
trigger said real-time application to dynamically identify based on said cycle-by-cycle execution of said dataflow, an offset occurred in respect of said processing of said information, wherein said offset is represented as a difference between said predetermined time slot and a time slot defined in said global time schedule based on said cycle-by-cycle execution of said dataflow, at which said real-time application was originally provisioned to process said information; and
selectively calibrate said global time schedule based on said offset, and reschedule said real-time application to process said information always at said predetermined time slot, thereby deterministically scheduling said real-time application to process said information, based on said offset identified dynamically from said cycle-by-cycle execution of said dataflow.

US Pat. No. 10,972,578

RECOMMENDING MEDIA CONTENT TO A USER BASED ON INFORMATION ASSOCIATED WITH A REFERRAL SOURCE

Google LLC, Mountain Vie...

1. A system, comprising:a memory; and
a hardware processor that, when executing computer executable instructions stored in the memory, is configured to:
receive a request to present a first media item hosted by a media source, wherein the request to present the first media item is received in response to a selection of a link associated with the first media item at a referral source and wherein the referral source is different from the media source;
in response to receiving the request to present the first media item, present, via a user interface, the first media item hosted by the media source;
in response to presenting the first media item hosted by the media source, determine, from location information included in the link associated with the first media item, a location of a device that posted the link to the first media item at a time the link was generated at the referral source;
identify a second media item from a plurality of media items that are hosted by the media source, wherein the second media item is identified based on a determination that the second media item was referred to other users through the referral source and was selected by the other users for presentation at the media source, and wherein the second media item is selected from the plurality of media items based on the determined location of the device that posted the link to the first media item; and
cause a recommendation to be presented in the user interface that includes the second media item.

US Pat. No. 10,972,577

SYSTEMS, METHODS, AND STORAGE MEDIA FOR MANAGING TRAFFIC ON A DIGITAL CONTENT DELIVERY NETWORK

CBS Interactive Inc., Sa...

1. A system configured for managing traffic on a digital content delivery network, the system comprising:one or more hardware processors configured by machine-readable instructions to:
receive an item of digital content on a digital content delivery network;
assign a type category to the item of digital content;
determine an update time variable of the item of digital content;
determine a cache time for the item of digital content based on the type category of the item of digital content and the update time variable of the item of digital content, wherein the step of determining a cache time comprises applying a rule to determine the cache time, wherein the rule includes multiple time periods that are each respectively associated with a corresponding update time variable and wherein a time period is selected as the cache time based on the time period corresponding to the update time variable of the item of digital content, wherein the rule further includes type categories each having a corresponding offset and the step of determining the cache time further comprises multiplying the selected time period by the offset corresponding to the type category of the item of digital content; and
cause an instance of the item of digital content to be cached in a cache memory associated with the content delivery network for the cache time and allowing removal of the instance of the item of digital content from the cache memory after the cache time has lapsed.

US Pat. No. 10,972,576

CONTENT ACCELERATION FOR CROSS-SITE RESOURCES BY CDN

International Business Ma...

1. A method comprising:receiving cross-site rules for a web asset,
wherein the web asset contains a first link to a first cross-site resource;
distributing, by a content delivery network (CDN), the cross-site rules to a first CDN edge server;
determining, based on the cross-site rules, that the first cross-site resource will be accelerated;
wrapping, by a processor, the first link of the first cross-site resource in the web asset at the first CDN edge server;
caching, by the first CDN edge server based on the determination that a first cross-site resource should be accelerated, the first cross-site resource at the first CDN edge server;
receiving, by the first CDN edge server, a request for the first cross-site resource;
determining, based on the receiving that the first cross-site resource has been cached at the time the request is received; and
sending, to a client by the processor, the first cross-site resource directly from the first CDN edge server.

US Pat. No. 10,972,575

METHOD AND SYSTEM FOR SUPPORTING EDGE COMPUTING

HUAWEI TECHNOLOGIES CO., ...

1. A system comprising at least one processor and at least one non-transitory memory storing instructions for execution by the at least one processor to implement a data repository function and a policy control function (PCF), the data repository function and the policy control function being communicatively coupled through an interface, wherein the data repository function is configured to:store data associated with an application function (AF) request and at least one of user data and policy data, wherein the AF request and the data associated with the AF request are associated with a user equipment (UE) and the AF request is to influence traffic routing for the UE, the UE being associated with a home public land mobile network (HPLMN), and wherein a visited public land mobile network (VPLMN), that is different from the HPLMN, comprises the data repository function and the PCF; and
transmit a notification to the PCF, the notification indicative of the data associated with the AF request,and wherein the PCF is configured to:subscribe, to the data repository function, to receive the AF request; and
receive, from the data repository function, the notification;and wherein the system further comprises:a network exposure function (NEF) implemented using the at least one processor and the at least one non-transitory memory, the NEF configured to: initiate storage of the data associated with the AF request in the data repository upon receiving the AF request from the AF; and
a unified data management function (UDM) implemented using the at least one processor and the at least one non-transitory memory, wherein initiating storage of the data associated with the AF request comprises transmitting a request, to the UDM, to cause the UDM to interact with the data repository to store the data associated with the AF request.

US Pat. No. 10,972,574

METHODS AND SYSTEMS FOR STREAM-PROCESSING OF BIOMEDICAL DATA

Seven Bridges Genomics In...

1. A method for stream-processing of data, the method comprising:receiving, by a file system on a computing device, from an application executing on the computing device, a first request for access to at least a first portion of a file stored on a remotely located storage device;
receiving, by the file system, a second request for access to at least a second portion of the file;
determining, by a pre-fetching component of the file system and executing on the computing device, whether the first request and the second request are associated with a sequential read operation; and
automatically retrieving, by the pre-fetching component, via a network connection to the remotely located storage device, a third portion of the requested file, after receiving the first request and after receiving the second request and before receiving a third request for the third portion of the file, based on a determination, by the pre-fetching component of the file system, that the first request and the second request are associated with the sequential read operation.

US Pat. No. 10,972,573

BROWSER OPTIMIZATION THROUGH USER HISTORY ANALYSIS

VIASAT, INC., Carlsbad, ...

22. A non-transitory computer-readable medium comprising processor-executable program code configured to cause a processor to receive, at a computing device, a web object from a content server;determine, by the computing device, whether the web object is a root object or a child object; and
responsive to a determination that the web object is a child object, identify, by the computing device, a first root object of a pending web page transaction, the web object requested as a part of the pending web page transaction, and
associate the web object with the pending web page transaction.

US Pat. No. 10,972,572

PROGRAMMABLE DELIVERY NETWORK

Zycada Networks, Campbel...

1. A method of processing network requests, comprising:receiving a plurality of client code snippets, each client code snippet associated with one or more clients, and each client code snippet including (i) identity information of a respective one or more origin servers, and (ii) standard responses for a respective one or more network requests;
in response to receiving a first client code snippet corresponding to a first client, configuring and causing a first one or more programmable content delivery nodes from amongst a plurality of programmable content delivery nodes to execute the first client code snippet to respond to network requests based on one or more standard responses included in the first client code snippet;
receiving one or more network requests corresponding to the first client;
in response to receiving the one or more network requests:
buffering the one or more network requests to send to a first one or more origin servers corresponding to the first client, the first one or more origin servers identified in the first client code snippet;
while buffering the one or more network requests, obtaining and outputting a response to a first network request of the one or more network requests by causing the first one or more programmable content delivery nodes to process the first network request;
sending the buffered one or more network requests to the first one or more origin servers corresponding to the first client;
receiving responses from the first one or more origin servers corresponding to the buffered one or more network requests; and
reconfiguring the first one or more programmable content delivery nodes to execute the first client code snippet to respond to the network requests based on the received responses from the first one or more origin servers.

US Pat. No. 10,972,571

LOCK-FREE WEAK-REFERENCE HYBRID CACHE

International Business Ma...

1. A computer-implemented method executed on a processor in a data processing system for caching content, the computer-implemented method comprising:employing a cache array and a retrieval data structure to store content;
determining, by the processor, whether the content is popular content or unpopular content;
storing the popular content and the unpopular content with strong references in specific locations within the cache array, the cache array providing for low latency access, wherein the cache array is used to directly locate and retrieve the popular content and is used by an eviction mechanism for both the popular and unpopular content; and
storing the unpopular content with weak references randomly in the retrieval data structure, the retrieval data structure providing higher latency than the cache array, wherein the retrieval data structure is used to locate and retrieve the unpopular content.

US Pat. No. 10,972,570

RESTFUL METHOD AND APPARATUS TO IMPORT CONTENT BY GEO-AWARE CONTENT CACHING SERVICE

Open Text Corporation, W...

1. A method for geo-aware content transfer, comprising:receiving, by a server computer, a representational state transfer (REST) application programming interface (API) request from a client device for an upload link, the REST API request containing a network location associated with the client device;
obtaining, by the server computer using the network location associated with the client device, a upload universal resource locator (URL) targeting a caching server that is geographically closest to the network location associated with the client device;
constructing, by the server computer, an upload link containing the upload URL and a completion callback parameter;
sending the upload link to the client device, wherein the client device uses the upload URL in the upload link constructed by the server computer to upload content to the caching server and, in response, the caching server interprets the completion callback parameter in the upload link to obtain a completion URL targeting the server computer and, upon completion of the uploading of the content from the client device, makes a REST API call to the server computer using the completion URL;
responsive to the REST API call by the caching server, executing, by the server computer or another server computer in a cluster with the server computer, an inbound operation to complete the uploading of the content to a content management system, the inbound operation including associating the content with a content URL in the content management system; and
returning the content URL to the caching server, the returning performed by the server computer, wherein the caching server sends the content URL to the client device.

US Pat. No. 10,972,569

APPARATUS, METHOD, AND COMPUTER PROGRAM PRODUCT FOR HETEROGENOUS COMPRESSION OF DATA STREAMS

International Business Ma...

1. An apparatus comprising:a sampling module that:
samples a data stream a plurality of times at a predetermined incremental amount of data,
determines a type of data in the data stream at each data sample based on a signature corresponding to the type of data in each data sample,
compares a first type of data for a current data sample of the data stream to a second type of data for an immediately preceding data sample of the data stream to determine a match, wherein:
a match is determined in response to a first signature corresponding to the first type of data for the current data sample meeting a predetermined threshold of compatibility for a second signature corresponding to the second type of data for the immediately preceding data sample, and
a non-match is determined in response to the first signature corresponding to the first type of data for the current data sample not meeting the predetermined threshold of compatibility for the second signature corresponding to the second type of data for the immediately preceding data sample, and
generates an interval boundary between data types in response to the first type of data for the current data sample not matching the second type of data for the immediately preceding data sample, wherein:
the interval boundary separates intervals of the data stream including different types of data,
the data stream includes a plurality of intervals defined by a plurality of interval boundaries,
at least two intervals in the plurality of intervals include different lengths, and
the data stream includes a plurality of different types of data; and
a mapping module that correlates each different type of data within the data stream to a preferred data compression method of a plurality of data compression methods linked to each respective different type of data within the data stream, wherein:
at least two different data types in the data stream are linked to different preferred data compression methods of the plurality of data compression methods, and
each data compression method being other than chunk-based data deduplication; and
a processing module that:
compresses each different type of data within each interval boundary in the data stream using the preferred data compression method linked to each respective different type of data within the data stream such that a first data type in the data stream is linked to a first preferred data compression method and a second data type in the data stream is linked to a second preferred data compression method that is different from the first preferred data compression method.

US Pat. No. 10,972,568

HIGH PERFORMANCE DISTRIBUTED SYSTEM OF RECORD

Akamai Technologies, Inc....

1. A computing system, comprising:a set of distributed hardware processors;
computer memory associated with each of the set of distributed hardware processors; wherein a computer memory holds computer program instructions configured as one of: an edge server, and a processing node, wherein at least one processing node is configured in a set of processing nodes;
wherein edge servers receive requests from clients and in response, generate messages, wherein a message is associated with a transaction for inclusion in a blockchain;
wherein the set of processing nodes are configured to receive messages from edge servers;
wherein ordered segments of a block to be added to the blockchain are associated with respective processing nodes, wherein a segment of the block comprises a set of one or more transactions that are unique to the segment;
wherein the set of processing nodes process the block into the blockchain using the ordered segments;
wherein the set of processing nodes are configured in a non-blocking full mesh interconnect topology, and wherein the messages are propagated across the set of processing nodes using a topology-aware data propagation protocol.

US Pat. No. 10,972,567

MULTI-DIMENSIONAL TAGGING NAMESPACE FOR CLOUD RESOURCE MANAGEMENT

International Business Ma...

1. A method for generating a multi-dimensional tag metric in a cloud resource management environment, comprising:providing a tagging namespace for managing a resource in the cloud resource management environment, the namespace being a matrix comprising at least two dimensions and a plurality of positions, wherein tags associated with a vector of at least one dimension share a common classification and wherein at least one of the plurality of positions is associated with a task responsive to having a tag received therein;
receiving a set of tags associated with the resource into the tagging namespace;
verifying a match of each tag of the set of tags to a position within the namespace into which that tag was received;
triggering an alert in the case of a failure to verify a match of a tag of the set of tags to a position; and
performing the task responsive to a tag being received in the at least one of the plurality of positions.

US Pat. No. 10,972,566

SYSTEMS AND METHODS FOR ELECTRONIC NOTIFICATION BROADCASTS

salesforce.com, inc., Sa...

1. A method for managing displays of user notifications to a user device, comprising:determining an event has occurred that requires a user notification;
receiving information about characteristics, including notification priority, app used, user activity, and where a user is located associated with the user device;
determining a multi-factor assessment of the user device that is based upon the received notification priority, app used, user activity, and where a user is located associated with the user device;
wherein detection of the user device having apps that are unique to the user device is used within the determining of the multi-factor assessment to halt displaying the user notification on the user device; and
displaying the user notification on the user device based upon the determined multi-factor assessment.

US Pat. No. 10,972,565

PUSH NOTIFICATION DELIVERY SYSTEM WITH FEEDBACK ANALYSIS

Airship Group, Inc., Por...

1. A system, comprising:a source interface configured to receive, from an originator server, a message to be delivered via a push notification associated with a mobile application;
a data store configured to store a set of push information associated with the mobile application, the push information comprising information related to historical application life cycle events of the mobile application; and
a notification server configured to:
retrieve, responsive to receiving the message from the originator server, destination information of the message, wherein the destination information includes information to identify one or more target devices on which the message is intended to be delivered,
retrieve the set of push information associated with the mobile application,
process the push information to determine a push time for the push notification to be transmitted in an occurrence of a target life cycle event, and
transmit the message to at least one of the target devices as the push notification in accordance with the push time and responsive to the occurrence of the target life cycle event at the at least one of the target devices.

US Pat. No. 10,972,564

SYSTEM AND METHOD FOR AUTOMATING ACTIONS IN DISTRIBUTED COMPUTING

ServiceNow, Inc., Santa ...

1. A system comprising:non-transitory memory; and
one or more hardware processors configured to read instructions from the non-transitory memory to perform operations comprising:
receiving one or more trigger event specifications that define one or more trigger events that will cause notifications to be transmitted;
determining that the one or more trigger events have occurred;
responsive to the determination that the one or more trigger events have occurred, generating a first notification that uses a first delivery mechanism;
responsive to the determination that the one or more trigger events have occurred, generating a second notification that uses a second delivery mechanism;
determining that excess content is to be included in the first notification based on usage or availability of resources of the first delivery mechanism or the second delivery mechanism;
including the excess content in the first notification; and
sending the first notification and the second notification, wherein the first notification includes the excess content that is not included in the second notification.

US Pat. No. 10,972,563

OUT-OF-NETWORK NOTIFICATIONS OF NETWORK-TRANSMITTED CONTENT ITEMS

Microsoft Technology Lice...

1. A method comprising:selecting a plurality of target entities from a set of target entities based on one or more selection criteria;
for each target entity in the plurality of target entities:
identifying one or more first interests associated with said each target entity;
for each interest of the one or more first interests, assigning said each target entity to said each interest;
selecting a plurality of content items from a set of content items based on one or more measures of quality, wherein a measure of quality of a content item is based on one or more of a number of likes of the content item, a number of shares of the content item, a number of clicks on the content item, a number of comments on the content item, a relevance model whose input is multiple features of the content item, an identity of an originator of the content item, or identities of entities who have interacted with the content item;
for each content item in the plurality of content items:
identifying one or more topics associated with said each content item;
for each topic of the one or more topics, assigning said each content item to said each topic;
matching the interests associated with the plurality of target entities to the topics associated with the plurality of content items, wherein matching comprises assigning, for each target entity of the plurality of target entities, zero or more content items to said each target entity;
for each target entity that is assigned one or more content items based on the matching:
generating a notification based on at least one of the one or more content items, and
causing the notification to be transmitted over a computer network to a computing device of said target entity;
wherein the method is performed by one or more computing devices.

US Pat. No. 10,972,562

INFORMATION PROCESSING APPARATUS, INFORMATION PROCESSING METHOD, AND PROGRAM

SONY CORPORATION, Tokyo ...

1. An information processing apparatus having installed thereon an activity social network application, the information processing apparatus comprising:circuitry configured to
collect activity data of a user recognized from acceleration data;
generate, by performing statistical processing on the activity data, commentary text data that indicates a result of the statistical processing, the commentary text data including a description or comment regarding a user status and including an identifier corresponding to a location in which the user is moving towards;
create a commentary image that includes a virtual speaker and a text balloon, the text balloon including the commentary text data; and
post the commentary image to social media.

US Pat. No. 10,972,561

METHODS AND APPARATUS FOR ADJUSTING MODEL THRESHOLD LEVELS

The Nielsen Company (US),...

15. A tangible computer readable storage medium comprising instructions which, when executed, cause one or more processors to at least:when a ratio of (A) a number of modeled users that satisfy a model threshold within a first period of time to (B) a sum of the number of the modeled users that satisfy the model threshold and a number of deterministic client device users does not satisfy a minimum ratio threshold, increase the number of modeled users to satisfy the model threshold;
generate an adjusted count of users by applying an adjustment factor based on volume estimates and an updated total volume target to an absolute count of users, the volume estimates corresponding to the number of users that satisfy the model threshold within the first period of time; and
adjust the model threshold based on the adjusted count of users.

US Pat. No. 10,972,560

SYSTEM AND METHOD FOR SCALABLY TRACKING MEDIA PLAYBACK USING BLOCKCHAIN

Beatdapp Software Inc., ...

1. A system comprising:a processor; and
memory, the memory storing instructions to cause a processor to execute a method, the method comprising:
receiving a request to play a media file from a client device or a digital service provider (DSP) platform;
validating the request to play the media file via a blockchain protocol;
upon validating the request to play the media file, transmitting the media file for playback at the client device or DSP platform; and
tracking the number of times the media file is played via the blockchain protocol.

US Pat. No. 10,972,559

SYSTEMS AND METHODS FOR PROVIDING RECOMMENDATIONS AND EXPLANATIONS

Verizon Media Inc., New ...

1. A computing device comprising:a processor; and
memory comprising processor-executable instructions that when executed by the processor cause performance of operations, the operations comprising:
collecting features associated with a plurality of users of a social network including a first user and a second user;
storing the features in a database;
analyzing the database to determine linkages between users based upon the features, wherein the linkages includes a linkage between the first user and the second user;
responsive to determining that the linkage between the first user and the second user exceeds a first threshold, generating an electronic recommendation for the first user to follow the second user, wherein the generating comprises:
responsive to determining that a strength of a social linkage between the first user and the second user exceeds a strength of a topical linkage between the first user and the second user, generating, as at least part of the electronic recommendation, a first explanation of the social linkage between the first user and the second user, wherein the first explanation is indicative of one or more social connection links between the first user and the second user; and
controlling a graphical user interface of the first user to display the electronic recommendation.

US Pat. No. 10,972,558

SYSTEM AND METHOD FOR TRACKING USERS OF COMPUTER APPLICATIONS

VERINT SYSTEMS LTD., Pit...

1. A system, comprising:a network interface; and
a processor, configured:
to establish, with a server for a computer application, one or more user profiles for the processor as a robot user of the computer application,
to register, with the server, a given user of the computer application as a contact of the robot user, with respect to the computer application,
to cause, subsequently, a status-update message, indicating a status of one of the established user profiles with respect to the computer application to be sent to the server,
to receive via the network interface, subsequently, at a first time, a first message from the server, and, at a second time, a second message from the server,
the first message being destined for a given internet protocol (IP) address, and
the second message being destined for one of the established user profiles,
in response to the second time being within a given interval from the first time, to posit, with a particular level of confidence, that the given user is using the IP address, and
to act on an assumption that the given user is using the IP address, in response to the level of confidence exceeding a given threshold;
wherein the one or more user profiles include a first user profile and a second user profile,
wherein the processor is configured to register, with the server, (i) one of the first user profile and the second user profile as a contact, with respect to the computer application, of the other one of the first user profile and the second user profile, and (ii) the given user as a contact, with respect to the computer application, of the first user profile,
wherein the status-update message indicates a status of the first user profile and is sent by the first user profile, and
wherein the processor is configured to posit the given user is using the IP address responsively to the second message corresponding to the status-update message and being destined for the second user profile.

US Pat. No. 10,972,557

DATA PACKET TRANSMISSION OPTIMIZATION OF DATA USED FOR CONTENT ITEM SELECTION

Google LLC, Mountain Vie...

1. A system to optimize exchange of data used for third-party content selection, comprising:one or more processors; and
a memory storing computer code instructions stored thereon, wherein the computer code instructions when executed cause the one or more processors to:
receive, via a user interface, selection criteria indicative of a product or service context of interest to a third party content provider, the selection criteria including at least a client device type;
access, using the selection criteria, a data structure maintaining one or more data records, each of the one or more data records indicating at least one online activity associated with (1) a client device, and (2) one or more keywords;
match, using the selection criteria, at least one data record, the data record associated with a device type the same as the client device type of the selection criteria to identify at least one selected client device;
identify, using the data record, one or more keywords associated with the at least one selected client device for recommending to the third-party content provider to use in providing third-party content related to the product or service context;
determine performance metric values of the one or more keywords based on online activities indicated in the one or more data records associated with the at least one selected client device; and
provide, to a third-party computing device, access to the one or more keywords and the performance metric values.

US Pat. No. 10,972,556

LOCATION-BASED FUNCTIONALITY FOR VOICE-CAPTURING DEVICES

Amazon Technologies, Inc....

1. A system, comprising:one or more computing devices implementing one or more services in a service provider environment, wherein the one or more services comprise a voice input analysis component, a device management component, and a set of available voice-enabled functionalities; and
a voice-capturing device, wherein the voice-capturing device is communicatively coupled to the service provider environment over one or more networks; and
wherein the device management component is executable by the one or more computing devices to:
store an association between a location value for a location parameter and one or more voice-enabled functionalities selected from the set of available voice-enabled functionalities, wherein the location value is in a set of authorized location values for granting access to the one or more voice-enabled functionalities associated with the location parameter;
maintain a device account corresponding to the voice-capturing device;
store an assignment of the location value to the device account, wherein the assignment that is stored indicates that the voice-capturing device is in a location associated with the location value; and
based at least in part on a determination that the location value, that is associated with the device via the assignment, is in the set of authorized location values, enable the one or more voice-enabled functionalities associated with the location value for use by the voice-capturing device such that, at least partly responsive to a request by the voice-capturing device, the service provider environment performs one or more tasks associated with the one or more voice-enabled functionalities.

US Pat. No. 10,972,555

FUNCTION BASED DYNAMIC TRAFFIC MANAGEMENT FOR NETWORK SERVICES

Amazon Technologies, Inc....

1. A method comprising:obtaining one or more metrics from one or more individual service host computers of a fleet of service host computers, wherein the one or more metrics are associated with a network service;
determining, based at least in part on a distributed traffic management policy and the one or more metrics, a fleet-wide throttle rate for the fleet of service host computers for one or more service requests of a service request classification, wherein the service request classification is based at least in part on at least one of a size of a service request, an amount of computing resources for processing the service request, or a probability that the service request was generated by a bot;
generating one or more update events based at least in part on the service request classification; and
transmitting, to the one or more individual service host computers, the one or more update events instructing the one or more individual service host computers to adjust the fleet-wide throttle rate for the service request classification to an adjusted fleet-wide throttle rate.

US Pat. No. 10,972,554

MANAGEMENT OF DISTRIBUTED ENDPOINTS

Amazon Technologies, Inc....

1. A system comprising:a plurality of endpoints, each endpoint being situated in a different geographic location and containing at least one server computing device configured to provide a network-accessible service associated with a network address;
at least one global access point providing access to the network-accessible service, wherein the at least one global access point includes a processor and is configured to:
receive from a client device a network packet addressed to the network address;
select a data center including a plurality of endpoints based on implementation of a distribution algorithm;
select an endpoint, from the plurality of endpoints, to which to route the network packet based at implementation of a selection algorithm; and
route the received packet to the selected endpoint via encapsulated communications;
wherein the plurality of endpoints are allocated into subgroups that share a common encapsulated tunnel, and wherein each of the endpoints in the subgroup are configured to transmit communication messages to other subgroups for at least one of forwarding client packets or providing fragmentation information.

US Pat. No. 10,972,553

SOFTWARE-AS-A-SERVICE DEPLOYMENT OF PRINTING SERVICES IN A LOCAL NETWORK

PrinterLogic, Inc., St. ...

1. A method for configuring, via a website, a device to provide printing services to a local network, comprising:creating, via the website, a service host object that comprises a network address of the device on the local network and a service host name, wherein the website is hosted by a server located behind a firewall blocking network traffic from the local network, the server being configured to communicate with the device through the firewall;
configuring, via the website, one or more printing service settings for one or more printing services;
sending an indication to the device on the local network to run a service manager that enables the device as a printing service host to act as a proxy for the server to communicate with the one or more printing services running on the local network behind the firewall; and
sending an indication to the service manager to run the one or more printing services on the local network based on the one or more printing service settings, wherein the one or more printing services communicate at regular intervals with the server to determine whether the printing service settings have been reconfigured or updated.

US Pat. No. 10,972,552

METHOD AND SYSTEM FOR USER PLANE PATH SELECTION

HUAWEI TECHNOLOGIES CO., ...

1. A method comprising:sending, by an application server (AS) controller, a request related to a user equipment (UE) to a network element in a control plane of a communication network, wherein the request comprises a list of AS locations, and the request further comprises a location area indicating where to apply a user plane (UP) path reselection based on the list of AS locations to establish a new path for the UE and a time period indicating when to apply the UP path reselection;
receiving the request, by the network element in the control plane of the communication network;
when a current UE location of the UE is at the location area, triggering, according to the time period, by the network element in the control plane of the communication network, the UP path reselection for the UE based on the list of AS locations so that the new path is established for the UE;
wherein the UP path reselection includes:
selecting a path for the UE based on the list of AS locations, wherein the path goes through an AS location selected from the list of AS locations, and a network element in a user plane of the communication network; and
configuring the network element in the UP to direct a traffic of the UE to the AS location included in the list of AS locations.

US Pat. No. 10,972,551

BUILDING MOBILE APPLICATIONS ON STATEFUL BACKEND SYSTEMS

SAP SE, Walldorf (DE)

10. A system, comprising:a memory; and
at least one processor coupled to the memory and configured to:
record a transaction executed on an application in a cloud platform, wherein the application accesses a backend system using a stateful protocol;
generate a data structure that describes the transaction, wherein the data structure comprises an input field, an output field, and operation performed using the stateful protocol while completing the transaction;
send the data structure to a generator service that generates a stateless connector; and
expose a stateless service in the cloud platform using the stateless connector, wherein the stateless service allows the transaction to be performed on a mobile device by a mobile application using a stateless protocol.

US Pat. No. 10,972,550

COMMUNICATIONS MANAGEMENT SYSTEM WITH A SEPARATE PERIPHERALS SERVER

Amadeus SAS, Sophia Anti...

1. A client workstation for passenger processing, comprising:at least one processor; and
a non-transitory memory containing instructions that, when executed by the at least one processor, cause the client workstation to perform operations comprising:
establishing, by a virtualization client running on the client workstation, a first communication channel for virtualization with a virtualized application hosted on a remote virtualization server;
establishing, by a peripherals client running on the client workstation and distinct from the virtualization client, a second communication channel for peripherals management with a peripherals manager hosted on a peripherals server;
coupling a peripheral device to the peripherals client running on the client workstation;
sending, by the virtualization client running on the client workstation to the virtualized application hosted on the remote virtualization server and using the first communication channel, an instruction received from the remote virtualization server for the peripheral device;
receiving, by the peripherals client running on the client workstation from the peripherals manager hosted on the peripherals server, the instruction for the peripheral device; and
providing, by the peripherals client running on the client workstation, the instruction to the peripheral device.

US Pat. No. 10,972,549

SOFTWARE-DEFINED NETWORKING PROXY GATEWAY

International Business Ma...

1. A software-defined networking (SDN) communication system, comprising:a server computer system in a networked computing environment;
a plurality of computing nodes operating within the server system;
a hardware gateway that connects the server computer system to a network,
a SDN controller; and
a SDN proxy gateway operating outside of an operation of the SDN controller, the SDN proxy gateway having:
a SDN controller driver that processes a communication between the SDN controller and the hardware gateway, the communication including a request from a computing node of the plurality of computing nodes to establish a connection to the network;
a SDN proxy gateway translator that transforms instructions within the communication that are in a first format of the SDN controller into translated instructions in a standardized hardware gateway protocol; and
a SDN gateway driver that pushes the translated instructions for establishing the connection to the network to the hardware gateway.

US Pat. No. 10,972,548

DISTRIBUTED SYSTEM DEPLOYMENT

International Business Ma...

1. A computer-implemented method comprising:obtaining network information describing network communication characteristics between a plurality of machines of a network;
obtaining inter-container communication information describing at least one characteristic of communication between pairs of machines of the plurality of machines for a predetermined time period;
determining a cost function, the cost function mapping a potential container deployment configuration to an expected communication time, based on the network information and the inter-container communication;
processing the cost function with an optimization algorithm; and
in response to the processing, identifying a container deployment configuration having an associated cost that meets a cost requirement.

US Pat. No. 10,972,547

SYSTEMS AND DEVICES AND METHODS FOR INITIATING COMMUNICATIONS BASED ON SELECTED CONTENT

RingCentral, Inc., Belmo...

1. A communications device, comprising:at least one processing device configured to:
receive an input selecting content of a previous communications session with at least one first user;
receive an input selecting a second user different from the at least one first user;
identify at least one object in the selected content to determine information descriptive for the selected content;
initiate a new communications session with the second user; and
transmit a message, including the descriptive information for the selected content, to the second user.

US Pat. No. 10,972,546

IMAGE PROCESSING SYSTEM, CONNECTION MEDIATION SERVER, AND RECORDING MEDIUM

Konica Minolta, Inc., To...

1. An image processing system comprising:an application server installed on a network;
an image processing device installed on a local network that is connected to the network through a firewall;
a relay server, installed on the local network, that relays communication between the image processing device and the application server; and
a connection mediation server, installed on the network, that transmits a connection request to the relay server according to a communication request from the application server to cause the relay server to connect to the application server, wherein
the application server:
adds, to the communication request, identification information that comprises a predetermined process to be performed by the image processing device and an amount of data to be transmitted, and
transmits the communication request to the connection mediation server,
the connection mediation server:
accepts the communication request received from the application server, and
upon accepting the communication request, transmits a connection request to the relay server,
upon receiving the connection request, the relay server establishes a connection state between the application server and the image processing device, and
upon accepting the communication request for causing the image processing device to perform the predetermined process, the connection mediation server transmits the connection request to the relay server according to the communication request, and
upon accepting a new communication request for the image processing device while the predetermined process is being performed by the image processing device, the connection mediation server determines based on the identification information whether the predetermined process is update of firmware,
upon determining that the predetermined process is not the update of firmware, the connection mediation server determines whether the predetermined process is a process having the amount of data equal to or greater than a predetermined value, and
upon determining that the predetermined process is at least one of the update of firmware and the process having the amount of data equal to or greater than the predetermined value, the connection mediation server determines that the predetermined process either delays communication between the image processing device and an external device or makes the communication impossible and refrains from transmitting the connection request according to the new communication request to the relay server.

US Pat. No. 10,972,545

METHOD AND APPARATUS FOR MULTIPATH COMMUNICATION

Nokia Technologies Oy, E...

1. An apparatus comprising:at least one processor; and
at least one memory, the at least one memory comprising instructions which, when executed by the at least one processor, cause the apparatus to at least:
receive, from a node over a connection, connectivity information relating to a plurality of accesses comprised in the node, the plurality of accesses comprising at least one access that is inactive with respect to at least transmission and/or reception, the connectivity information indicating the at least one access is inactive;
transmit, to the node over the connection, a request to activate the at least one access responsive to determining, based on the connectivity information, the at least one access has a capability needed on the connection;
receive, from the node, updated connectivity information relating to the at least one access; and
communicate, in response to receiving the updated connectivity information, with the at least one access over one or more separate paths on the connection, the connection being modified to add the one or more separate paths.

US Pat. No. 10,972,544

AUTONOMOUS VEHICLE COMMUNICATION SYSTEM AND METHOD

Nissan North America, Inc...

1. An autonomous vehicle communication method comprising:sensing a condition associated with the autonomous vehicle;
transmitting the sensed condition to a vehicle manager;
detecting an external agent external of a vehicle with an externally mounted sensor of the autonomous vehicle;
initiating, by a controller disposed in the autonomous vehicle in response to the sensing of the condition, communication pertaining to the autonomous vehicle between the vehicle manager remote to the autonomous vehicle and the external agent external to the autonomous vehicle, the external agent being detected prior to initiating communication with the external agent; and
controlling the autonomous vehicle remotely in response to a command that is based on the condition associated with the autonomous vehicle and the communication between the vehicle manager and the external agent.

US Pat. No. 10,972,543

CUSTOMER BASED INTERNET OF THINGS (IOT)—TRANSPARENT PRIVACY FUNCTIONALITY

CenturyLink Intellectual ...

1. A method, comprising:providing, with a network interface device (“NID”) serving as a demarcation point between a local area network (“LAN”) at a customer premises and a service provider network, connectivity between the NID and each of one or more first user devices of a plurality of user devices associated with at least one of the customer premises or a user who is associated with the customer premises;
providing a customer with a user interface to select privacy settings for Internet of Things (“IoT”)-connected devices in a network;
receiving, via the user interface, user selections for privacy settings for at least one of one or more first user devices connected to the network or one or more applications running on one or more first user devices connected to the network;
in response to determining that the received user selections comprise a selection to restrict access to information regarding at least one portion of the at least one of one or more first user devices connected to the network or one or more applications running on one or more first user devices connected to the network, restricting, with the NID, access by a third party to the information regarding the at least one portion of the at least one of one or more first user devices connected to the network or one or more applications running on one or more first user devices connected to the network;
based on a determination that the received user selections comprise a selection to set to privacy settings to private for one of a software application or a virtual network function (“VNF”) that is running on one or more of the plurality of user devices, restricting, with the NID, a third party from access to resources mapped to the one or more of the plurality of user devices on which the one of the software application or the VNF that is running;
determining, with a virtual infrastructure manager (“VIM”), a type and amount of resources required by each of the one or more first user devices to each perform one or more functions;
determining, with the VIM, which resource nodes of a plurality of resource nodes in communication with the ND possess desired types and amount of resources that are determined to be required; and
allocating, with the VIM, resources to each of the one or more first user devices based at least in part on the determined type and amount of resources required by each of the one or more first user devices to each perform the one or more functions, based at least in part on the determined resource nodes having the desired types and amount of resources determined to be required, and based at least in part on the mapping of each of the one or more first user devices with each of the one or more second user devices and with each resource node.

US Pat. No. 10,972,542

DATA STORAGE METHOD AND APPARATUS

HUAWEI TECHNOLOGIES CO., ...

1. A data storage method, comprising:receiving, from a first tenant, a data write request via a client, wherein the data write request indicates that the first tenant is requesting storing N duplicates of to-be-written data, and wherein N is an integer greater than or equal to one;
determining, based on the data write request and storage permission of the first tenant, at least one resource zone (RZ) available to the first tenant from a plurality of RZs, wherein the RZs comprise a first RZ and a second RZ;
determining, in response to receiving the data write request, a distribution of the N duplicates in at least one of the RZs based on a space occupation status of the first RZ and a first data distribution policy, wherein the first data distribution policy indicates a first distribution priority of the N duplicates in at least one of the RZs, and wherein the space occupation status indicates a size of occupied space of the first RZ or a size of remaining space of the first RZ; and
storing, based on the distribution of the N duplicates in at least one of the RZs and a second data distribution policy, the N duplicates into a first node that corresponds to at least one of the RZs, wherein the second data distribution policy indicates a second distribution priority of the N duplicates at a plurality of nodes that correspond to each of the RZs.

US Pat. No. 10,972,541

PRIORITY ENCODED DATA SLICE RETENTION

PURE STORAGE, INC., Moun...

1. A computing device comprising:an interface configured to interface and communicate with a dispersed or distributed storage network (DSN);
memory that stores operational instructions; and
processing circuitry operably coupled to the interface and to the memory, wherein the processing circuitry is configured to execute the operational instructions to:
receive, via the interface, memory device information and encoded data slice (EDS) information from at least some storage units (SUs) within the DSN that distributedly store a set of EDSs;
process the memory device information and the EDS information to determine a total number of errors associated with the at least some SUs; and
based on an unfavorable comparison of the total number of errors with the at least some SUs to a priority error threshold level, initiate a corresponding priority data retention process for the set of EDSs.

US Pat. No. 10,972,540

REQUESTING STORAGE PERFORMANCE MODELS FOR A CONFIGURATION PATTERN OF STORAGE RESOURCES TO DEPLOY AT A CLIENT COMPUTING ENVIRONMENT

INTERNATIONAL BUSINESS MA...

1. A computer program product for requesting storage performance information from a service provider for storage resources at a client computing environment, wherein the computer program product comprises a non-transitory computer readable storage medium having program code that when executed by a processor causes operations to be performed, the operations comprising:sending a request to a service provider with information of a new configuration pattern of storage resources to deploy in the client computing environment;
receiving, from the service provider, a configuration pattern data structure determined by the service provider to be similar to the new configuration pattern and including a configuration pattern of storage resources including attributes values for storage attributes of the storage resources deployed at a client supplying the configuration pattern data structure to the service provider, a storage performance model created for workloads at the configuration pattern of storage resources based on storage performance metrics for the configuration pattern of storage resources within a computing environment of the client supplying the configuration pattern data structure, and a confidence level indicating a degree of detail of an internal structure of the storage resources considered in determining the storage performance metrics, wherein the confidence level is based on whether one of black box testing, white box testing, and grey box testing is used to determine the confidence level, wherein the white box testing results in a highest confidence level, the grey box testing results in a next highest confidence level below the highest confidence level, and the black box testing results in a lowest confidence level; and
applying the storage performance model for the configuration pattern data structure to model performance at the client computing environment to determine provisioning of the new configuration pattern of storage resources.

US Pat. No. 10,972,539

METHODS AND APPARATUS FOR DETERMINING BLOCK STORAGE STATUS

Walmart Apollo, LLC, Ben...

1. A system comprising:a computing device configured to:
identify a plurality of datacenters for which to request block storage status data;
receive a user request to execute a plurality of requests for block storage status data of at least one of the plurality of datacenters;
generate, in response to the user request, the plurality of requests to the at least one of the plurality of datacenters, wherein each of the plurality of requests is a request to a processing task responsible for managing block storage and executing on a corresponding datacenter of the at least one of the plurality of datacenters and for block storage status of each corresponding datacenter;
transmit the plurality of requests to the at least one of the plurality of datacenters;
receive at least one response to the transmitted plurality of requests comprising block storage data;
determine a status of the at least one of the plurality of datacenters based on the block storage data; and
provide for display an indication of the status of the at least one of the plurality of datacenters.

US Pat. No. 10,972,538

SYNCHRONIZATION OF COMPONENTS IN HETEROGENEOUS SYSTEMS

International Business Ma...

1. A method for synchronizing components of heterogeneous systems, said method comprising:retrieving, by one or more processors of a computer system, from one or more loadable modules at a host computer, an object representing a latest version of a client component pertaining to client code, said host computer comprising a host component, said host component being host software configured to be executed in the host computer;
sending, by the one or more processors, the object to a client computer, wherein the client computer is configured to receive, load and run the object as a new client component to communicate with the host component at a latest level of the client component;
building, by the one or more processors, a host component binary with a set of additional components bound to the host component binary, wherein the additional components are not native to the host computer and represent binary parts of a corresponding client component;
generating, by the one or more processors, an encoding during compilation of the additional components, wherein the encoding transforms the client component into the object with an array populated with data of the client component; and
building, by the one or more processors during link time, the object into the one or loadable modules tightly bound with the host component binary, wherein the one or more loadable modules is one of one or more separate modules, or directly linked into the host component binary in accordance with a host operating system.

US Pat. No. 10,972,537

PROTECTING IN-FLIGHT TRANSACTION REQUESTS

International Business Ma...

1. A computer program product comprising:one or more computer-readable storage media having computer-readable program instructions stored on the one or more computer-readable storage media said program instructions executes a computer-implemented method comprising:
receiving, by a backend server, a first instance of a transaction request from a first application server, said transaction request identified by a transaction identifier;
processing, by the backend server, the first instance of the transaction request and sending a transaction response to a client device;
saving, by the backend server, the transaction response identified by the transaction identifier in a cache;
separately receiving, by the backend server a redundant instance of the transaction request from a second application server, wherein the redundant instance of the transaction request is identified by the transaction identifier of the first instance; and
in response to separately receiving the redundant instance of the transaction request identified by the transaction identifier of the first instance from the second application server, sending the transaction response saved in the cache to the client device.

US Pat. No. 10,972,536

SYSTEM AND METHOD FOR SYNCHRONIZING MEDIA PRESENTATION AT MULTIPLE RECIPIENTS

Apple Inc., Cupertino, C...

1. A method comprising:discovering, by a host device, one or more client devices capable of media playback;
presenting, by the host device, a graphical object for configuring media playback devices for media items selected by a user at the host device;
receiving, by the host device, a user selection of the graphical object;
in response to receiving the selection of the graphical object, presenting identifiers for a plurality of candidate media playback devices, the candidate media playback devices including the discovered client devices and the host device;
receiving, by the host device, user input selecting one or more of the candidate media playback devices; and
causing, by the host device, playback of a selected media item by the selected media playback devices.

US Pat. No. 10,972,535

METHOD AND DEVICE FOR LOAD BALANCING, AND STORAGE MEDIUM

Beijing Baidu Netcom Scie...

1. A method for load balancing, comprising:acquiring a service traffic of a plurality of service requests received by a load balancer configured for an equipment room of a plurality of equipment rooms;
acquiring a dispatching result of the load balancer, according to the service traffic of the plurality of service requests and a service capacity of the equipment room; and
pushing the dispatching result to a distribution proportion configuration center configured to send the dispatching result to the load balancer, wherein the dispatching result is used to indicate to the load balancer to distribute a received service request to one or more equipment rooms of the plurality of equipment rooms.

US Pat. No. 10,972,534

EFFICIENT UN-ALLOCATION OF CLOUD RESOURCES

1. A computer-readable storage medium comprising executable instructions that cause a processor executing the instructions to effectuate operations comprising:receiving a request for an allocation of a first resource, wherein the first resource is of a first type of a plurality of types of resources;
based on the request for the allocation of the first resource, allocating the first resource;
receiving a request for deallocation of a second resource, wherein the second resource is of the first type of the plurality of types of resources; and
based on the request for deallocation of the second resource, determining whether to deallocate the second resource based on an application historical performance for the first type of the plurality of types of resources, wherein the application historical performance is based on average deallocation delay, average allocation delay, reallocations, or allocation requests.

US Pat. No. 10,972,533

MANAGEMENT DEVICE FOR CONTROLLING SCALE-IN PROCESSING, COMPUTER-READABLE RECORDING MEDIUM STORING MANAGEMENT PROGRAM FOR CONTROLLING SCALE-IN PROCESSING AND MANAGEMENT METHOD FOR CONTROLLING SCALE-IN PROCESSING

FUJITSU LIMITED, Kawasak...

1. A management device comprising:a memory; and
a processor coupled to the memory and the processor configured to:
transmit a first instruction to proxy servers;
receive, from each of the proxy servers, each of a plurality of expected completion times for each transaction executed by each of the proxy servers;
perform a selection of a first proxy server corresponding to an earliest expected completion time among the plurality of expected completion times;
transmit a second instruction to the first proxy server indicating that the first proxy server is selected so that the first proxy server executes scale-in processing of the first proxy server when the transaction executed by the first proxy server ends; and
transmit a notification, to one or more proxy servers other than the first proxy server in the proxy servers, indicating that the one or more proxy servers are not selected so that the one or more proxy servers resume suspended acceptance of a request for new connection establishment in response to the notification.

US Pat. No. 10,972,532

DYNAMIC SHARED SERVER RESOURCE ALLOCATION

International Business Ma...

1. A system comprising:a plurality of server systems interconnected by a network and managed by a shared resource application of a service provider; and
a resource allocation system controlling allocation of user assignments to the plurality of server systems over the network, the resource allocation system stored in a memory comprising:
a resource request interface that receives user request parameters from a first user for identifying a desired server resource;
an option calculator that calculates a plurality of user assignment alternatives based on migration of user assignments of at least a second user to make the desired server resource available to the first user;
a downtime calculator that calculates a predicted downtime for each of the plurality of user assignment alternatives; and
a user downtime cost calculator that calculates a predicted business cost for at least the second user based on the predicted downtime and a transaction value per time factor for the second user;
wherein the resource allocation system provides the predicted downtime and the predicted business cost for at least one of the plurality of user assignment alternatives to at least the second user prior to the second user accepting at least one of the plurality of user assignment alternatives.

US Pat. No. 10,972,531

SOCIAL MEDIA DRIVEN INFORMATION INTERFACE

Microsoft Technology Lice...

9. A method of improving provision of time-delineated entries to a user, the method comprising:generating, by a computing device, a first set of time-delineated entries corresponding to a first time range, the first set of time-delineated entries comprising multiple entries that, in aggregate, are: (1) associated with times within the first time range, (2) generated by multiple individuals and (3) directed to multiple different topics;
subsequently generating, by the computing device, from the generated first set of time-delineated entries, a first topic cluster comprising multiple, different social media entries, each entry in the first topic cluster having a topic similarity to other entries in the first topic cluster that is above a first topic clustering threshold, each entry in the first topic cluster being associated with times within the first time range;
subsequently generating, by the computing device, also from the generated first set of time-delineated entries, a second topic cluster comprising multiple, different entries, each entry in the second topic cluster having a topic similarity to other entries in the second topic cluster that is above a second topic clustering threshold, each entry in the second topic cluster also being associated with times within the first time range;
generating, by the computing device, a first event summary for the first time range based upon the generated first topic clusters, the first event summary comprising a combination of text or graphics from multiple different entries from the first topic cluster;
generating, by the computing device, a second event summary for the first time range based upon the generated second topic cluster, the second event summary comprising a combination of text or graphics from multiple different entries of the second topic cluster; and
generating, on a display device communicationally coupled to the computing device, a visual information interface comprising multiple annotated timeslots, including a first annotated timeslot that comprises the generated first and second event summaries, the first annotated timeslot being delineated by the first time range.

US Pat. No. 10,972,530

AUDIO-BASED DATA STRUCTURE GENERATION

GOOGLE LLC, Mountain Vie...

1. A system to route packetized actions to operate a voice-based digital assistant via a computer network, comprising:a data processing system, comprising a server having a processor, that is remote from a client device and a third party provider device of a third party provider, wherein the client device and the third party provider device communicate with the data processing system via a network;
a natural language processor component executed by the data processing system to receive, via an interface of the data processing system, data packets comprising an input audio signal detected by a sensor of the client device;
the natural language processor component to parse the input audio signal to identify a request and a trigger keyword corresponding to the request;
a direct action application programming interface of the data processing system to generate, based on the trigger keyword, an action data structure responsive to the request;
a content selector component executed by the data processing system to select, based on the trigger keyword and via a real-time content selection auction process, a content item for a type of service that is different from a type of service of the action data structure, wherein:
the content item is provided by a second third-party provider device different from the third party provider device, and
the second third-party provider device provides content selection criteria comprising a bid for the content item that is used by the real-time content selection auction process to select the content item;
the content selector component to transmit, to the client device, the content item for presentation by the client device via an output signal;
the direct action application programming interface to transmit the action data structure to the third party provider device to cause the third party provider device to invoke a conversational application programming interface of the third party provider device to establish a communication session between the third party provider device and the client device via the conversational application programming interface; and
the data processing system to receive, from the third party provider device, an indication that the third party provider device established the communication session with the client device via the conversational application programming interface of the third party provider device.

US Pat. No. 10,972,529

PAGE JUMP METHOD AND APPARATUS

Advanced New Technologies...

1. A computer-implemented method executed by one or more processors, the method comprising:receiving, by the one or more processors, a request for a first service;
determining, by the one or more processors, a first jump page associated with the first service, wherein the first jump page is associated with a page identifier;
retrieving, based on the page identifier and by the one or more processors, a first jump route from a page routing table, wherein the first jump route is associated with the first service, and wherein the first jump route includes the page identifier and represents a route for retrieving the first jump page;
in response to retrieving the first jump route, loading, by the one or more processors, the first jump page based on the first jump route;
receiving, by the one or more processors, a second jump route from a jump route server, wherein the second jump route includes the page identifier and represents a route for retrieving a second jump page, the second jump route being associated with a deployed second service that is different from the first service; and
updating, by the one or more processors, the page routing table based on the second jump route.

US Pat. No. 10,972,528

METHODS AND SYSTEMS FOR ACCESSING THIRD-PARTY SERVICES WITHIN APPLICATIONS

Facebook, Inc., Menlo Pa...

1. A method, comprising:at a client device having one or more processors and memory storing instructions for execution by the one or more processors:
in an application associated with a social-networking service provided by a server system, providing to a user a link to a page associated with a third-party service provider, wherein the third-party service provider is distinct from the social-networking service;
detecting user selection of the link;
in response to the user selection of the link:
sending to the server system a request for the page associated with the third-party service provider, wherein the page is injected with a script by the server system for calling application programming interfaces (APIs) of the server system;
loading the page within the application, wherein the page includes the script injected by the server system for calling APIs of the server system;
executing the script, including calling the APIs, to retrieve information associated with the user from the server system;
displaying the page, including the retrieved information associated with the user, within the application; and
using the retrieved information associated with the user to conduct a transaction with the third-party service provider through the page.

US Pat. No. 10,972,527

APPARATUS FOR TRANSMITTING BROADCAST SIGNAL, APPARATUS FOR RECEIVING BROADCAST SIGNAL, METHOD FOR TRANSMITTING BROADCAST SIGNAL AND METHOD FOR RECEIVING BROADCAST SIGNAL

LG ELECTRONICS INC., Seo...

1. A method for transmitting broadcast signals, the method comprising:encapsulating input packets including Internet Protocol (IP) packets or Transport Stream (TS) packets into link layer packets in a link layer,
each header of the link layer packets including a base header having packet type information representing a type of the input packets in a payload of each link layer packet and payload configuration information representing a configuration of the payload of each link layer packet,
for a first link layer packet including a single packet, a base header of the first link layer packet includes header mode information having a value representing that an additional header for the single packet is present following the base header,
for a second link layer packet including a segmented packet, a base header of the second link layer packet includes S/C (segmentation/concatenation) information having a value representing that an additional header for the segmented packet is present following the base header,
for a third link layer packet including a concatenated packet, a base header of the third link layer packet includes S/C information having a value representing that an additional header for the concatenated packet is present following the base header;
processing the link layer packets including the first link layer packet, the second link layer packet, and the third link layer packet into data packets carried by a Data Pipe (DP) in a physical layer; and
transmitting a broadcast signal including the data packets.

US Pat. No. 10,972,526

ESTIMATING NETWORK DATA ENCODING RATE

1. A method comprising:replicating a data packet from a data streaming session conducted between a first device and a second device connected over a network, wherein the data packet contains at least a portion of one of a plurality of file segments containing portions of a file to be delivered via the data streaming session, and wherein a number of the plurality of file segments that is delivered via the data streaming session is limited to a predefined number;
estimating a mean size of the plurality of file segments from data contained in the data packet;
calculating a plurality of potential sizes of the plurality of file segments, wherein each potential size of the plurality of potential sizes corresponds to one number between one and the predefined number; and
calculating an encoding rate of the data streaming session, based at least in part on which potential size of the plurality of potential sizes is closest to the mean size.

US Pat. No. 10,972,525

TARGETED BUFFER PRIORITY MANAGEMENT

Comcast Cable Communicati...

1. A method comprising:receiving, by a computing device and from a user device, a request for a content item;
determining, by the computing device and based on a media type associated with the content item, a buffer priority parameter associated with the content item;
determining, by the computing device and from a plurality of routes of a network, a route comprising a plurality of routing devices;
sending, by the computing device and after receiving the request for the content item, messages to the plurality of routing devices, wherein the messages instruct the plurality of routing devices to use the buffer priority parameter in routing future packets associated with the content item; and
sending, by the computing device, to the user device, via the route comprising the plurality of routing devices, and after sending the messages, the content item.

US Pat. No. 10,972,524

CHAT BASED HIGHLIGHT ALGORITHM

Amazon Technologies, Inc....

1. A computer-readable storage medium storing instructions executable to perform an operation for identifying highlights in a video stream, the operation comprising:receiving a request to generate a highlight from the video stream, wherein the video stream is associated with a plurality of chat messages posted at different points in time during the video stream, the video stream depicting a scene;
identifying, based on the plurality of chat messages, pertinent chat activity that excludes a chat message, of the plurality of chat messages, determined as being extraneous to the scene;
determining, based on evaluating the pertinent chat activity and for at least an interval of time relative to the video stream, a viewer activity threshold representing a specified variance from a baseline measure comprising an expected volume of pertinent chat activity for the video stream during the interval of time, wherein the expected volume is determined based on a viewer count of the video stream;
identifying peak chat activity characterized by the pertinent chat activity exceeding the viewer activity threshold, including identifying a chat activity curve;
identifying, based on the chat activity curve and by operation of a computer processor, a chat activity pattern from a plurality of chat activity patterns having curve types characterized by respective pre-peak and post-peak patterns; andgenerating the highlight by extracting a highlight segment of the video stream at a beginning point determined based on the pre-peak pattern of the chat activity pattern and at an end point determined based on the post-peak pattern of the chat activity pattern, wherein the highlight is output.

US Pat. No. 10,972,523

AUTOMATIC SESSION ESTABLISHMENT IN PEER-TO-PEER COMMUNICATION

Sococo, LLC, Austin, TX ...

1. A computer-implemented method, comprising by a local network node:establishing a respective peer-to-peer session over a respective link with each of multiple remote network nodes in accordance with a connectionless transport protocol;
on behalf of one or more software entities on the local network node, automatically opening one or more channels over which data is transmitted between the local network node and the remote network nodes in the one or more respective peer-to-peer sessions, wherein each channel is identified by a respective unique identifier;
in response to a determination that one of the peer-to-peer sessions with a particular one of the remote network nodes has stopped, automatically attempting to establish another peer-to-peer session with the particular remote network node in accordance with the connectionless transport protocol; and
in response to successful establishment of the other peer-to-peer session with the particular remote network node, automatically opening one or more of the channels that previously were open in the prior respective session.

US Pat. No. 10,972,522

STREAMING MEDIA STATE MACHINE

HOME BOX OFFICE, INC., N...

9. A method comprising:generating, by a system comprising a processor, a state machine for streaming video content playback, wherein the state machine has respective nodes representing video content portions of video content and respective edges representing transition paths between the nodes, wherein the respective nodes comprise transition rules defining conditions for selecting the transition paths, and at least one node comprises transition paths to a plurality of other nodes; and
streaming the video content using different transition paths through the video content based on the state machine, the streaming comprising:
buffering a set of content portions, wherein the set contains a respective number of content portions from each path of the different transition paths, and wherein each respective number is proportional to a rounded probability associated with respective corresponding path;
using the transition rules associated with a node representing a currently playing content portion to determine which transition path associated with the node to select for transitioning to a next buffered content period for playback, wherein the transition rules use one or more criteria to determine which transition path to select, wherein the one or more criteria comprises a determination of whether a client device to which the video content is streamed is moving based on client device motion data; and
transmitting data for the next buffered content period for playback.

US Pat. No. 10,972,521

METHOD AND APPARATUS FOR COVIEWING VIDEO

NetTALK.com, Inc., Miami...

1. A method for audio-video conferencing with a plurality of participants, comprising:receiving, at a control system server network, a first user identifier associated with a first streaming device and a second user identifier associated with a second streaming device;
receiving, at a control system server network, a third identifier associated with a content streaming device;
sending, from the control system server network, a first request comprising the first user identifier to the second streaming device identified by the second user identifier;
sending, from the control system server network, a second request to the content streaming device associated with the third identifier;
receiving, at the control system server network, a content audio stream and a content video stream associated with third identifier associated with from the content streaming device;
sending, from the control system server network, the content audio stream to second streaming device identified by the second user identifier;
receiving, at the control system server network, a second audio stream and a second video stream associated with the second user identifier from the second streaming device wherein the content audio stream has been dampened from the second audio stream;
mixing the content audio stream and the second audio stream into a third audio stream to be played by first streaming device associated with the first user identifier; and mixing the content video stream and the second video stream into a third video stream to be played by first streaming device associated with the first user identifier.

US Pat. No. 10,972,520

MONITOR MIXING SYSTEM THAT DISTRIBUTES REAL-TIME MULTICHANNEL AUDIO OVER A WIRELESS DIGITAL NETWORK

Audio Fusion Systems, Inc...

8. A method comprising:receiving messages from one or more portable devices reporting configuration and audio reception statistics;
preprocessing a multi-channel digital audio stream for each of the one or more portable devices on a per-portable-device basis responsive to the messages, wherein the preprocessing comprises off-loading at least one task that a given portable device was previously performing, wherein the preprocessing is performed on a device that is a central source for the multi-channel digital audio streams for the one or more portable devices; and
packetizing the preprocessed multi-channel digital audio stream for wireless transmission to the one or more portable devices used by one or more musicians in a live performance, wherein the multi-channel digital audio stream is derived from a plurality of digital audio sources corresponding to the one or more musicians during the live performance; and
wirelessly transmitting the packetized, preprocessed multi-channel digital audio stream to the one or more portable devices.

US Pat. No. 10,972,519

REAL-TIME VIDEO STREAMING TO CLIENT VIDEO ELEMENT

FLIR Commercial Systems, ...

1. A method for streaming encoded video comprising:obtaining, by a server, a fragmented video stream using a file-based video compression format; and
transmitting, by the server, the fragmented video stream to one or more client devices for real-time playback, each transmitted video fragment having timing information identifying a duration of the transmitted video fragment within the fragmented video stream;
wherein transmitting the fragmented video stream comprises, for at least one client device, dropping at least one video fragment from transmission to the client device to reduce the size of video fragment data transmitted to the client device, and updating the timing information in at least one preceding video fragment transmitted to the client device to increase the duration of the preceding video fragment to account for the dropped video fragment.

US Pat. No. 10,972,518

TECHNOLOGIES FOR AUDIOVISUAL COMMUNICATION USING INTERESTINGNESS ALGORITHMS

Intel Corporation, Santa...

1. An audiovisual server for audiovisual communication, the audiovisual server comprising:a mixer module to (i) receive a plurality of audiovisual streams from a plurality of audiovisual audience devices, wherein each audiovisual stream is captured by a corresponding audiovisual audience device, and (ii) transmit an audiovisual input stream to the plurality of audiovisual audience devices; and
an interestingness module to: (i) receive sensor input data from each of the plurality of audiovisual audience devices, the sensor input data indicative of a state of a user of the corresponding audiovisual audience device, (ii) determine, using an interestingness algorithm, an interestingness rating associated with each audiovisual audience device and a confidence level associated with the interestingness rating based on the sensor input data, wherein the interestingness rating is indicative of the user of the corresponding audiovisual audience device repeating at least a portion of content of the audiovisual input stream, wherein the repeating of the content is measured by the sensor input data, and wherein the confidence level is indicative of a likelihood that the interestingness rating is correct (iii) select an audiovisual stream of the plurality of audiovisual streams based on the interestingness rating associated with each audiovisual client device, (iv) determine whether the confidence level associated with the interestingness rating of a corresponding audiovisual audience device could be improved by focusing on a particular parameter of the state of the user to indicate a higher likelihood that the interestingness rating is correct, (v) transmit instructions to the corresponding audiovisual audience device to focus the sensor input data on the particular parameter of the user in response to a determination that the confidence level associated with the interestingness rating could be improved, and (vi) update the interestingness algorithm based on historical interestingness data associated with users of the audiovisual audience devices, wherein the historical interestingness data is indicative of cultural differences of the users, wherein a cultural adaptation is utilized to determine two of more of the users have a same level of engagement;
wherein the mixer module is further to transmit the selected audiovisual stream to an audiovisual presenter device.

US Pat. No. 10,972,517

METHOD FOR IMPLEMENTING A CALL CONTROL OF A CLIENT ON A TELEPHONY ENDPOINT REPRESENTING A USER, AND PORT HANDLER DESIGNED THEREFOR

1. A computer-implemented method for executing call control for a client on a telephone terminal representing a user, comprising:transmitting, through a logic unit of a port handler, a first call through a first trunk receiving unit representing a first trunk to a first sending unit assigned to a user, the first sending unit being a switching-capable sending unit;
processing a first identification received through the first trunk receiving unit such that the logic unit assigns the first trunk receiving unit and the first call to the user using a structured database and allocation table,
transmitting by the logic unit at least a second call through a second trunk receiving unit representing at least a second trunk also to the sending unit assigned to the user,
processing a second identification received through the second trunk receiving unit such that the logic unit assigns the second trunk receiving unit and the at least second call also to the user using the database and allocation table, and
the first sending unit assigned to the user and a switching-capable receiving unit assigned to the user using the client to carry out call control for the first call and the at least one second call for the telephone terminal representing the user such that payload of the first call is switchable independently of payload of the at least one second call.

US Pat. No. 10,972,516

SYSTEM, METHOD, AND COMPUTER PROGRAM FOR PROBABILISTIC ESTIMATION AND PREVENTION OF MUTING OCCURRENCES IN VOICE OVER LTE (VOLTE)

AMDOCS DEVELOPMENT LIMITE...

1. A method, comprising:compiling a data lake for a communication network, including for each interface of a plurality of node interfaces existing in the communication network:
identifying a defined minimum number of call records to be included in a data set to be processed by a machine learning framework,
generating the data set by collecting up to the defined minimum number of call records, each of the call records associated with a call between a calling user equipment (UE) and a called UE;
processing the data lake by the machine learning framework to:
determine information including a location context of each call, a time context of each call, a device context of each call, interface level Real-Time Protocol (RTP) packet loss per interface for each call, muting contribution per interface for each call, average mute start time with respect to call start time, average call duration, and expected RTP sequence numbers for each call, and
initiate a change trigger or rollback for one of the interfaces of the plurality of node interfaces that is determined to be contributing to muting,
wherein when multiple of the interfaces of the plurality of node interfaces are determined to be contributing to the muting, the change trigger or the rollback is initiated for a dominant contributing interface of the multiple interfaces.

US Pat. No. 10,972,515

SERVER ASSISTED LIVE STREAM FAILOVER

Verizon Digital Media Ser...

1. A method comprising:receiving a request for an object of a media stream from a client at a stream distribution server;
requesting, by the stream distribution server, the object from a first source on behalf of the client;
receiving a stale message from the first source at the stream distribution server, the stale message comprising an object timestamp of when said object was last updated;
determining a playback duration of one or more segments of the media stream;
deriving a staleness quotient from the playback duration of the one or more segments; and
controlling, with the stream distribution server, continued retrieval of the media stream from the first source or failover retrieval of the media stream from a different second source based on (i) the staleness quotient and (ii) a difference between the object timestamp and a current timestamp, wherein said controlling comprises:
initiating a retry of the request for the object from the first source, without failing over to the second source, based on the difference between the object timestamp and the current timestamp not exceeding the staleness quotient; and
initiating failover of the media stream from the first source to the different second source by issuing the request for the object to the second source instead of the first source based on the difference between the object timestamp and the current timestamp exceeding the staleness quotient, wherein objects of the media stream are redundantly accessible from the first source and the second source.

US Pat. No. 10,972,514

REESTABLISHMENT OF SESSION INITIATION PROTOCOL (SIP) DIALOGS

Avaya Inc., Santa Clara,...

1. A method comprising:establishing, by a processor, a communication session between a first communication device and a second communication device, wherein the communication session comprises a first dialog between an application server and the first communication device and wherein the first communication device uses a first network address in the first dialog;
receiving, by the processor, a SIP INVITE with replaces header message from the first communication device with a second network address of the first communication device; and
in response to receiving the SIP INVITE with replaces header message from the first communication device with the second network address of the first communication device, reestablishing, by the processor, the first dialog between the application server and the first communication device using the second network address.

US Pat. No. 10,972,513

NETWORK DATA SOURCE TIME MANAGEMENT FOR DATA STREAMING PROCESSING SYSTEM

1. A device comprising:a processor of a data source; and
a computer-readable medium storing instructions which, when executed by the processor, cause the processor to perform operations, the operations comprising:
sending to a data stream processing system implementing a coordinator for processing a stream of records, a registration request from the data source to join in providing a plurality of records to the stream;
synchronizing a timing system with the data stream processing system; and
sending an initial timestamp from the data source to the data stream processing system, wherein the initial timestamp is to be posted to a plurality of operators or a plurality of subscribers before the data source is allowed to send the plurality of records into the stream, wherein the initial timestamp is for enabling each of the plurality of operators or the plurality of subscribers to update a respective local timestamp table.

US Pat. No. 10,972,512

SYSTEM AND METHOD FOR IDENTIFYING IDLE RESOURCES IN COMMUNICATION ENDPOINTS

Avaya Inc., Santa Clara,...

1. A method, comprising:receiving, by a microprocessor of a computer network, a request to establish a communication session between a first communication endpoint and a second communication endpoint;
determining, by the microprocessor, that the request to establish the communication session between the first communication endpoint and the second communication endpoint will include an application to be inserted into the communication session between the first communication endpoint and the second communication endpoint;
selecting, by the microprocessor, a first processing resource in a first idle communication endpoint based on an idleness factor of the first processing resource;
sending, by the microprocessor, the application to the first idle communication endpoint; and
sending, by the microprocessor, a request to include the first idle communication endpoint into the communication session between the first communication endpoint and the second communication endpoint,
wherein the application in the first idle communication endpoint is inserted into the communication session between the first communication endpoint and the second communication endpoint, and
wherein the first idle communication endpoint, the first communication endpoint and the second communication endpoint are not computer network elements that relay the communication session in the computer network.

US Pat. No. 10,972,511

STREAMING RELAY FOR DIGITAL SIGNAGE

Adobe Inc., San Jose, CA...

1. A system to provide a video stream for digital signage, the system comprising:one or more processors;
a first renderer module, at least one of controllable and executable by the one or more processors, configured to render frames of first digital signage content in a software application and capture an image of each of a plurality of the rendered frames of the first digital signage content, wherein the first renderer module does not display the first digital signage content on a display screen;
a first encoder module, at least one of controllable and executable by the one or more processors, configured to receive at least some of the captured images from the first renderer module, transform each of at least some of the received captured images of the rendered frames of the first digital signage content into a corresponding video frame of a video stream, and cause transmission of the video stream to a remote display device; and
a second renderer module, at least one of controllable and executable by the one or more processors, configured to render frames of second digital signage content and capture an image of each of a plurality of the rendered frames of the second digital signage content;
wherein the second digital signage content is responsive to an interactive session detected at the remote display device; and
wherein the interactive session is detected at the remote display device after the video stream is transmitted to the remote display device.

US Pat. No. 10,972,510

MEDIA SESSION BETWEEN NETWORK ENDPOINTS

Microsoft Technology Lice...

1. A computer-implemented method of configuring a media session between a first device and a second device of a communication network, the method comprising performing operations by the first device, comprising:performing a determination to identify whether a connectivity check modification condition is met for respective candidate pairs, of a candidate pair set, used for conducting the media session, wherein the connectivity check modification condition is based on characteristics of a potential network path operable between the first device and the second device that uses a potential candidate pair, and wherein the candidate pairs of the candidate pair set are arranged in a first priority ordering for connectivity checks;
modifying, based on the determination of whether the connectivity check modification condition is met, the respective priority of the candidate pairs in the candidate pair set to produce a second priority ordering, such that a candidate pair which meets the connectivity check modification condition is assigned a higher priority in the ordering of the candidate pair set than a candidate pair that does not meet the connectivity check modification condition; and
configuring the media session between the first device and the second device using a candidate pair of the candidate pairs which is determined to be valid, the candidate pair determined to be valid based on a result of connectivity checks that are performed in turn according to the second priority ordering of the candidate pairs.

US Pat. No. 10,972,509

DATA PROCESSING AND SCANNING SYSTEMS FOR GENERATING AND POPULATING A DATA INVENTORY

OneTrust, LLC, Atlanta, ...

1. A data processing intelligent data repository scanning system comprising:one or more computer processors;
computer memory; and
a computer-readable medium storing computer-executable instructions that, when executed by the one or more computer processors, cause the one or more computer processors to perform operations comprising:
connecting the data processing intelligent data repository scanning system to an application executing on one or more remote computing devices using an application programming interface;
scanning one or more data repositories on the one or more remote computing devices to identify one or more data attributes, wherein the one or more data attributes are associated with a processing activity, and wherein the processing activity is associated with one or more individuals;
generating a catalog of one or more pieces of information associated with the one or more individuals, wherein one of the one or more pieces of information is associated with the processing activity, and wherein the one or more pieces of information comprise one or more data elements processed by the processing activity;
analyzing the one or more data attributes and correlating metadata for the scanned one or more data repositories with particular attributes of the one or more data attributes discovered in the one or more data repositories;
categorizing each of the one or more data elements based at least in part on a confidence score associated with each respective data element of the one or more data elements;
analyzing a data flow of the particular attributes of the one or more data attributes between the one or more data repositories;
storing the categorized one or more data elements and the data flow in the computer memory; and
modifying an existing data model of data assets to include an attribute defined by one or more of the one or more data elements.

US Pat. No. 10,972,508

GENERATING A NETWORK SECURITY POLICY BASED ON BEHAVIOR DETECTED AFTER IDENTIFICATION OF MALICIOUS BEHAVIOR

Juniper Networks, Inc., ...

1. A method, comprising:receiving, by a device, information identifying malicious behavior by a compromised endpoint device associated with a network and traffic associated with the compromised endpoint device after the malicious behavior has been identified;
receiving, by the device, endpoint device information identifying other endpoint devices associated with the network,
wherein the compromised endpoint device is not one of the other endpoint devices;
receiving, by the device, network device information identifying network devices associated with the network;
processing, by the device, the traffic, the endpoint device information, and the network device information, with a machine learning model, to generate a security policy to isolate the malicious behavior; and
performing, by the device, one or more actions based on the security policy to isolate the malicious behavior,
wherein performing the one or more actions includes adding a source address of the compromised endpoint device to a traffic feed of the compromised endpoint device to prevent the traffic associated with the compromised endpoint device from reaching the network.

US Pat. No. 10,972,507

CONTENT POLICY BASED NOTIFICATION OF APPLICATION USERS ABOUT MALICIOUS BROWSER PLUGINS

Microsoft Technology Lice...

1. A data processing system for detecting a malicious modification of a browsing application, comprising:a processor; and
a memory, coupled to the processor, storing instructions that when executed by the processor, cause the data processing system to:
receive, via a communication network from a first device executing a browsing application, (i) a request for a web application content and (ii) identification information unique to a user for accessing the web application content using the browsing application;
in response to receiving the identification information, generate a web application user identifier (ID) unique to the user;
transmit, to the first device via the communication network, web application content data including (i) the requested web application content and (ii) trusted content source rules including a list of trusted sources of content and the web application user ID;
receive, from the first device via the communication network, a rule violation report generated by the first device based on the list of trusted sources of content, the rule violation report including the web application user ID and indicating that the browsing application has executed content from a source that is not included in the list of the trusted sources of content;
determine, based on the received rule violation report, that a malicious modification of the browsing application has occurred at the first device; and
in response to determining the occurrence of the malicious modification of the browsing application at the first device, transmit, via the communication network to one or more devices associated with the web application user ID, an alert indicating the occurrence of the malicious modification of the browsing application.

US Pat. No. 10,972,506

POLICY ENFORCEMENT FOR COMPUTE NODES

Microsoft Technology Lice...

1. A method in a policy enforcement system, the method comprising:receiving from a process that performs a task on a compute node including one or more processors, a request for data, the request being associated with user credentials provided to the process by an application executing on a client device, wherein the compute node comprises a node of a distributed computing system that includes a plurality of nodes configured to handle a workload of the application, the workload divided into a plurality of tasks distributed among the plurality of nodes, the plurality of the tasks including the task;
obtaining from a policy store storing a plurality of policies, one or more policies associated with the user credentials, the one or more policies specifying data masking rules that are specific to the user;
intercepting data submitted to the process by a file driver that executes on the compute node, the intercepting including:
forwarding the request for the data to the file driver that fetches the data from a file system in response to the request; and
receiving the data submitted by the file driver to the process;
masking according to the data masking rules of the one or more policies, at least a portion of the data submitted by the file driver; and
sending the data having the portion masked to the process and wherein the policy enforcement system is logically positioned between the file driver and the process.

US Pat. No. 10,972,505

DISTRIBUTED BEHAVIORAL MONITORING

F-Secure Corporation, He...

1. A method, comprising:receiving, by a detection system, continuously collected activity data by at least one sensor indicative of a behavior of one of a user level process or a system level process of an entity, wherein the behavior of the entity is monitored by the at least one sensor, wherein the at least one sensor is provided to monitor applications installed on an endpoint associated with said entity;
receiving, by the detection system, intermittently collected context data from the at least one sensor;
generating a categorization based on said context data and a categorization model, and assigning said categorization to said entity in relation to said at least one sensor;
assessing an activity of said entity represented by said activity data as malicious;
validating a result of said assessing said activity as malicious based on the monitored applications installed on the endpoint and based on said categorization assigned to said entity in relation to said at least one sensor, wherein said context data is indicative of at least one characteristic of said entity in relation to said assigned categorization, and wherein said categorization model is generated at least based on a set of training data attributed with said assigned categorization; and
approving, based on the validating, said result of said assessing said activity as malicious in response to determining said activity represented by said activity data is not permitted in relation to said assigned categorization,
generating a security alert based on said approving, and
communicating, based on said approving, to the entity the security alert and an indication of the assigned categorization for processing data associated with the activity data assessed as malicious; or
denying, based on the validating, said result of said assessing said activity as malicious in response to determining said activity represented by said activity data is permitted in relation to said assigned categorization.

US Pat. No. 10,972,504

DEVICE MANAGEMENT USING A SECONDARY CELLULAR DATA CONNECTION

LATTICE HEALTH SYSTEMS, I...

1. A method comprising:receiving, at a portal, biometric information generated by a controller device for each biometric device that is to be controlled by the controller device, wherein the biometric information comprises activation information indicating that a corresponding biometric device has been activated by the controller device and/or biometric readings from the corresponding biometric device;
determining, at the portal, whether each biometric device associated with the controller device has been activated based on the received biometric information;
receiving, at the portal, wireless local area network (WLAN) parameters for connecting the controller device to a WLAN in response to determining that each biometric device associated with the controller device has been activated, wherein the WLAN parameters include at least one of a service set identifier (SSID) and a password; and
causing the WLAN parameters to be provided to the controller device using a cellular network to enable the controller device to communicate with the portal using the WLAN.

US Pat. No. 10,972,503

DECEPTION MECHANISMS IN CONTAINERIZED ENVIRONMENTS

ACALVIO TECHNOLOGIES, INC...

1. A system for deception mechanism in a containerized environment, the system comprising:one or more data processors; and
a non-transitory computer-readable storage medium containing instructions which when executed on the one or more data processors, cause the one or more processors to perform operations including:
monitoring, by a monitoring service connected to a containerization system in a containerized environment, genuine services in the containerized environment to determine characteristics of the genuine services;
determining one or more decoy services for the containerized environment, wherein the one or more decoy services are determined using the characteristics of the genuine services already existing in the containerized environment;
deploying a decoy service from the one or more decoy services in a decoy container in the containerized environment;
injecting breadcrumb data into the containerized environment, wherein the breadcrumb data is a reference to the decoy service, and wherein injecting the breadcrumb data modifies the containerized environment to include the breadcrumb data, wherein the breadcrumb data includes information for discovering and accessing the decoy service;
monitoring messages to the decoy service, wherein the messages include one or more requests received at the decoy service from a requestor;
transmitting, from the decoy service, one or more responses to the one or more requests, wherein after the one or more responses are received by the decoy service, the one or more responses are transmitted to the requestor by the decoy service; and
determining, using the messages, that the decoy service has been accessed and that the requestor is an intruder to the containerization system.

US Pat. No. 10,972,502

PROCESSING METHOD FOR PREVENTING COPY ATTACK, AND SERVER AND CLIENT

Advanced New Technologies...

1. A computer-implemented method, comprising:receiving, by a server and from a client computing device, service data, wherein the service data comprises a plurality of fields, wherein a first field of the plurality of fields comprises a unique identifier of the client computing device and a second field of the plurality of fields comprises a variable identifier of the client computing device, the unique identifier and the variable identifier being previously generated by the server and being stored in a local secure storage of the client computing device, and wherein the variable identifier of the client computing device is generated through successive integer accumulation and comprises a randomly generated integer comprising a plurality of digits, and wherein an asymmetric encryption or a symmetric encryption is used to exchange the unique identifier and the variable identifier between the client computing device and the server;
parsing, by the server, the service data to obtain the unique identifier and the variable identifier as parsed data;
determining, by the server, whether the unique identifier and the variable identifier in the parsed data are identical to a stored unique identifier and a stored variable identifier associated with the client computing device and recorded by the server as recorded data;
in response to determining that the unique identifier and the variable identifier in the parsed data are identical to the stored unique identifier and the stored variable identifier associated with the client computing device, generating, by the server, a new variable identifier by adding at least a digit to the stored variable identifier; and
transmitting, by the server and to the client computing device, the new variable identifier for storage.

US Pat. No. 10,972,501

METHOD AND SYSTEM FOR IMPROVING NETWORK AND SOFTWARE SECURITY USING SHARED TRUST AND AN EGRESS MAN-IN-THE-MIDDLE (MITM) ALGORITHM FOR PERFORMING CLANDESTINE TRAFFIC MODIFICATION

United States of America ...

1. An egress man-in-the-middle (MITM) system comprising:a trusted computing asset disposed in a first local subnet and connected to a computer network; and
an egress MITM software application disposed in the first local subnet and configured to passively monitor incoming network traffic to the trusted computing asset, and further configured to obfuscate true information regarding the trusted computing asset to other computing assets on the computer network by transmitting, as if from the trusted computing asset, a spoofed response in answer to selected incoming network traffic, wherein the spoofed response comprises false or misleading information regarding the trusted computing asset thereby protecting the trusted computing asset from attack, wherein the egress MITM software application comprises:
a traffic rewriting algorithm configured to decrypt and re-encrypt content of outgoing packets from the trusted computing asset using shared key information so as to maintain cryptographic integrity of packets sent on behalf of the trusted computing asset;
a traffic monitoring algorithm configured to monitor the incoming network traffic and outgoing packets from the trusted computer asset;
a machine learning algorithm configured to predict protocol response content and features of outgoing packets from the trusted computing asset based on previously-monitored incoming network traffic and outgoing packets;
a selection algorithm comprising feature-rewriting rules configured to select in real time suitable content from the predicted protocol response content and features to be included in the spoofed response based on content and features of a packet in the incoming network traffic; and
a spoofing algorithm configured to predict a packet sequence number and to craft and transmit the spoofed response.

US Pat. No. 10,972,500

DETECTION SYSTEM, DETECTION APPARATUS, DETECTION METHOD, AND DETECTION PROGRAM

NIPPON TELEGRAPH AND TELE...

1. A detection system comprising:an authentication apparatus including circuitry configured to perform user authentication; and
a detection apparatus including circuitry configured to:
extract an account and a source address of the account from authentication information obtained from the authentication apparatus, group accounts for each of a plurality of time slots at predetermined time intervals and each of a plurality of source addresses in accordance with a timestamp and the source address of the account, and extract an account group from which duplication of an identical account in an identical group has been excluded;
calculate a number of duplicate accounts among account groups extracted; and
determine that an identical source address is an address of an attacker in a case where a number of account groups of the identical source address, in which the number of accounts calculated exceeds a first threshold, exceeds a second threshold,
wherein, in determining that the identical source address is an address of an attacker, the circuitry performs detection of an attack based on a number of duplicate accounts used in login attempts from each of the plurality of source addresses during a fixed period, and
the circuitry determines an account group number representing a number of account groups in which the number of duplicate accounts exceed a first threshold, and determines whether the account group number exceeds a second threshold in order to identify the identical source address as belonging to the attacker.

US Pat. No. 10,972,499

FRAUD PREVENTION VIA DISTINCTIVE URL DISPLAY

Huawei Technologies Co., ...

1. A system for displaying an address, comprising:a screen;
a memory comprising instructions; and
one or more processors in communication with the memory and the screen, wherein the one or more processors are configured to execute the instructions to facilitate the following being performed by the system:
receiving a first input for selecting a link associated with an address;
identifying a first element of the address that corresponds to a domain component of the address;
identifying a second element of the address that comprises one or more components of the address other than the domain component, the second element comprising a first portion and a second portion;
determining that the first element of the address and the second element of the address do not fit in an address bar of a browser being displayed on the screen;
displaying, in the address bar of the browser, the first element of the address, the first portion of the second element of the address, and an ellipsis indication of the second portion of the second element of the address, wherein the first element of the address is visually distinguished from the first portion of the second element of the address;
receiving a second input; and
in response to the received second input, displaying a view of the address in its entirety in the address bar of the browser, wherein the second portion of the second element of the address is displayed in full together with the first portion of the second element of the address and the first element of the address in the address bar of the browser instead of displaying the ellipsis indication.

US Pat. No. 10,972,498

DYNAMIC PROTECTION FROM DETECTED TO BRUTE FORCE ATTACK

International Business Ma...

1. A computer-implemented method for dynamic change of a password to access an account, the computer-implemented process comprising:a computer processor determining a frequency of access attempts to an account;
responsive to detecting a brute force attack on the account, based on the frequency of access attempts directed to the account, the computer processor determining a quantity of consecutive unsuccessful attempts to access the account;
responsive to the quantity of consecutive unsuccessful attempts to access to the account exceeding a first predefined threshold, the computer processor acquiring a new password of the account, wherein the new password is based on a more complex set of password generation rules than a current password of the account;
the computer processor changing the current password of the account to the new password; and
in response to changing the current password of the account to the new password, the computer processor sending an encrypted message regarding the new password to a user of the account, and resetting a count of the quantity of consecutive unsuccessful attempts to access the account to zero.

US Pat. No. 10,972,497

SYSTEMS AND METHODS FOR RECOVERING AN INFECTED ENDPOINT

NortonLifeLock Inc., Tem...

1. A computer-implemented method for recovering an infected endpoint, at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising:receiving an acoustic signal at an infected endpoint experiencing a denial of access to a user interface that persists until a user fulfills a ransom demand, the acoustic signal having encoded therein an embedded command for executing a security application, wherein the acoustic signal comprises ultrasound corresponding to an ultrasonic data over audio solution;
decoding the acoustic signal to obtain the embedded command; and
executing the embedded command to start a security application at the infected endpoint, the security application operable to mitigate the infected endpoint.

US Pat. No. 10,972,496

UPLOAD INTERFACE IDENTIFICATION METHOD, IDENTIFICATION SERVER AND SYSTEM, AND STORAGE MEDIUM

TENCENT TECHNOLOGY (SHENZ...

1. An upload interface identification method performed at an identification server having one or more processors and memory storing a plurality of instructions to be executed by the server, the method comprising:obtaining request packets that are collected by an intrusion detection system (IDS) server, wherein the request packets are sent by a page client to a page server;
filtering the obtained request packets, to obtain a to-be-identified request packet, the to-be-identified request packet being a non-repeating request packet that is sent by the page client to the page server using the Hypertext Transfer Protocol (HTTP);
parsing a content feature of the to-be-identified request packet;
determining whether the content feature corresponds to a predefined content feature of an upload request packet authorized by the page server; and
in accordance with a determination that the content feature corresponds to the predefined content feature of the upload request packet:
determining that the to-be-identified request packet is the upload request packet and that an interface address indicated by the upload request packet corresponds to an upload interface of the to-be-identified request packet.

US Pat. No. 10,972,495

METHODS AND APPARATUS FOR DETECTING AND IDENTIFYING MALWARE BY MAPPING FEATURE DATA INTO A SEMANTIC SPACE

Invincea, Inc., Reston, ...

1. An apparatus, comprising:a memory; and
a processor operatively coupled to the memory, the processor configured to:
identify a feature vector for a potentially malicious file;
provide the feature vector as an input to a trained neural network encoder to produce a modified feature vector that more closely resembles an identified collection of feature vectors associated with a classification of maliciousness than the feature vector, the modified feature vector being produced based on the classification of maliciousness that was learned by the trained neural network encoder;
generate an output vector by introducing Gaussian noise into the modified feature vector, the Gaussian noise ensuring a Gaussian distribution for the output vector within a set of modified feature vectors;
providing the output vector as an input to a trained neural network decoder associated with the trained neural network encoder to produce as an output an identifier of a class, the set of modified feature vectors being associated with the class; and
performing a remedial action on the potentially malicious file based on the potentially malicious file being associated with the class.

US Pat. No. 10,972,494

VULNERABILITY DETECTION IN IT ASSETS BY UTILIZING CROWDSOURCING TECHNIQUES

BugCrowd, Inc., San Fran...

1. A cybersecurity system, comprising:(a) a target asset amongst a plurality of Information Technology (IT) assets;
(b) a collection of known vulnerabilities related to said IT assets;
(c) an attack surface related to each of said IT assets, said attack surface represented as a feature vector; and
(d) a similarity measure between said target asset and the remainder of said IT assets excluding said target asset, said similarity measure based on said attack surface;
wherein an unknown vulnerability related to said target asset is detected based on said similarity measure.

US Pat. No. 10,972,493

AUTOMATICALLY GROUPING MALWARE BASED ON ARTIFACTS

Palo Alto Networks, Inc.,...

1. A computer-implemented method, comprising:receiving a plurality of samples for performing automated malware analysis to generate log files based on the automated malware analysis;
processing the log files to determine artifacts associated with malware, wherein a raw log file generated for each of the plurality of samples comprises one or more lines based on results of the automated malware analysis for each of the plurality of samples;
automatically grouping malware based on artifacts by clustering the plurality of samples based on a plurality of features associated with malware, wherein each of the features corresponds to a line or a sub-line in one or more log files determined to be an artifact associated with malware based on an automated malware analysis; and
performing an action based on an output of clustering the plurality of samples based on the plurality of features, wherein the action based on the output of clustering the plurality of samples based on the plurality of features further comprises validate the output of clustering the plurality of samples based on the plurality of features based on tags to identify previously identified malware groups.

US Pat. No. 10,972,492

SYSTEMS, METHODS, AND COMPUTER-READABLE MEDIA FOR DATA SECURITY

Nasdaq, Inc., New York, ...

1. A method performed at a data computing system that includes one or more processor devices, one or more communication devices, and one or more memories, the method comprising:monitoring, by the data computing system, one or more requests or activities of a computing device;
comparing, by the data computing system, the monitored one or more requests or activities with a database of predetermined characteristics to determine whether the monitored one or more requests or activities indicates that the computing device accessed or attempted to access sequentially more than a number of data files or objects in less than a predetermined period of time;
determining, by the data computing system, that the monitored one or more requests or activities is suspicious when the comparing determines that the monitored one or more requests or activities indicates that the computing device accessed or attempted to access sequentially more than the number of data files or objects in less than a predetermined period of time; and
initiating, by the data computing system, a response to prevent the monitored one or more requests or activities when the monitored one or more requests or activities is determined to be suspicious.

US Pat. No. 10,972,491

ANOMALY DETECTION WITH MISSING VALUES AND FORECASTING DATA STREAMS

Amazon Technologies, Inc....

1. A computer-implemented method comprising:receiving time series data;
storing the received time series data in an anomalies detection data structure;
receiving a request to generate a forecast for the received time series data;
filtering out one or more sparse anomalies from the received time series data;
storing in a forecast data structure a representation of the time series data excluding the one or more sparse anomalies filtered from the received time series data;
performing a seasonality-based anomaly detection and forecast for the received time series data based upon the received request, the seasonality-based anomaly detection and forecasting to utilize the forecast data structure; and
displaying a result of the forecast as a forecast graph.

US Pat. No. 10,972,490

SPECIFYING SYSTEM, SPECIFYING DEVICE, AND SPECIFYING METHOD

NIPPON TELEGRAPH AND TELE...

1. A specifying system comprising a configuration information storage device that stores information on a terminal in a network and a specifying device that specifies a state of the terminal, whereinthe configuration information storage device stores connection information indicating a connection relation between terminals in the network, and the specifying device includes
a memory; and
processing circuitry coupled to the memory and configured to execute a process comprising:
receiving detection information from a security device that detects hacking into the network or an activity of a terminal related to infection and state specifying a state of the terminal from information of the terminal and content of activity of the terminal, which indicates that the terminal is infected, included in the detection information, and
specifying, when specifying that the terminal is in the state of being infected with malware,
(i) a suspicion score of each of one or more other terminals in the network, before each of the one or more other terminals in the network perform the content of the activity included in the detection information, based on the connection information stored in the configuration information storage device, the suspicion score indicating a degree of suspicion of present infection of the one or more other terminals in the network based on whether each of the one or more other terminals transmits data toward the infected terminal and further based on a total number of devices that transmit data toward the infected terminal, and
(ii) an infection risk score that indicates a degree of risk of future infection of each of the one or more other terminals on a basis of being located on a route downstream from the infected terminal, along which the infected terminal is determined as likely to be used for hacking or for infection of the terminal in the future based on the connection information stored in the configuration information storage device.

US Pat. No. 10,972,489

CYBERSECURITY INCIDENT DETECTION SYSTEMS AND TECHNIQUES

Carbon Black, Inc., Walt...

1. A computer-implemented cybersecurity method, comprising:obtaining first occurrence data indicative of a plurality of first occurrences observed in a computer system;
identifying, based on the first occurrence data, a plurality of first patterns of activity in the computer system;
identifying attributes for each of the identified plurality of first patterns of activity, the identified attributes comprising a user identifier of a user initiating an activity and one or more of the following: a type for a pattern of the activity, a type of the activity, and one or more resources used to perform the activity;
based on the identified attributes, classifying each of the plurality of first patterns of activity as expected;
based on the classifying, adding data representing the plurality of first patterns of activity to data in a behavioral baseline database;
obtaining second occurrence data indicative of a plurality of second occurrences observed in the computer system;
identifying, based on the second occurrence data, at least one second pattern of activity in the computer system;
comparing the at least one second pattern of activity to the data in the behavioral baseline database, said comparing comprising:
identifying one or more attributes of the at least one second pattern of activity; and
querying the behavioral baseline database to identify one or more first patterns of activity having same attributes as the at least one second pattern of activity;
based on the comparing, determining an association between the at least one second pattern of activity and the data in the behavioral baseline database is above a threshold and identifying the second pattern of activity as unexpected; and
based on identifying the second pattern of activity as unexpected, issuing a security alert related to the second pattern of activity.

US Pat. No. 10,972,488

METHOD AND SYSTEM FOR MODELING ALL OPERATIONS AND EXECUTIONS OF AN ATTACK AND MALICIOUS PROCESS ENTRY

CHECK POINT SOFTWARE TECH...

1. A method of using a particular computer for generating a malware attack tree in response to a malware attack executed on a computerized endpoint, comprising:using the particular computer to obtain an attack root for the computerized endpoint where the malware attack executed, the attack root comprising an attack root computer process executed by the computerized end point associated with the malware attack;
using the particular computer to analyze the attack root computer process to identify at least one application process to be added as part of the malware attack tree, and pushing the at least one application process to a queue in a computerized storage media for storing computer processes;
using the particular computer to pop a next application process from the queue, and analyzing the popped application process to identify at least one additional application process to be added as part of the malware attack tree, and pushing the at least one additional application process to the queue, wherein the at least one additional application process pushed to the queue includes: application processes that create files in a file list and that are not part of an entry point of the malware attack, and application process instances of files from the file list that were executed and that are not part of the entry point of the malware attack, the file list being created by obtaining file paths associated with the popped application process, and the entry point of the malware attack being traceable back from the attack root computer process through a sequence of computer processes associated with at least one of executions, creations, or injections;
using the particular computer to repeat the popping the next application process from the queue until the queue is empty; and
the particular computer outputting the attack root computer process, the at least one application process, the at least one additional application process, and relationships between the at least one application process and the at least one additional application process to the attack root, in order to build the malware attack tree,
wherein the attack root computer process and the application processes are instances of computer programs executed on the computerized endpoint.

US Pat. No. 10,972,487

CONTENT DELIVERY NETWORK PROTECTION FROM MALWARE AND DATA LEAKAGE

Zscaler, Inc., San Jose,...

1. A Content Delivery Network (CDN), the CDN comprising:one or more cache servers communicatively coupled to end users, via one or more edge servers, for providing content thereto; and
one or more origin servers communicatively coupled to the one or more cache servers through a plurality of nodes, the plurality of nodes being located in a separate network, remote from the cache servers,
the one or more cache servers are configured to
receive traffic related to the content from the one or more origin servers through the one or more nodes of the plurality of nodes, based on one or more of a push technique and a pull technique, and
the plurality of nodes are configured to
monitor the traffic between the one or more origin servers and the one or more cache servers in an inline manner,
process the traffic such that all traffic within the CDN received from the one or more origin servers by the plurality of nodes for the one or more cache servers and all traffic received from the one or more cache servers by the plurality of nodes for the one or more origin servers is inspected for malware and data leakage by one of the plurality of nodes based on policy, and
block the traffic within the CDN at the one of the plurality of nodes responsive to detection of one or more of the malware and the data leakage, such that the blocked traffic from the one or more origin servers is blocked by the one of the plurality of nodes prior to reaching the one or more cache servers and the blocked traffic from the one or more cache servers is blocked by the one of the plurality of nodes prior to reaching the one or more origin servers.

US Pat. No. 10,972,486

CYBER SECURITY SYSTEM FOR INTERNET OF THINGS CONNECTED DEVICES

Cyberswarm, Inc., Ploies...

1. A security system comprising:a normally open relay between an external network connection and at least one internal network connection;
a network controller configured to monitor for malicious activity on an external network accessible through the external network connection; and
a microcontroller configured to:
cause the normally open relay to temporarily close in response to the network controller failing to detect the malicious activity for a predetermined amount of time; and
cause the normally open relay to remain open and generate an alert in response to the network controller detecting the malicious activity.

US Pat. No. 10,972,485

ENTERPRISE NETWORK THREAT DETECTION

Sophos Limited, Abingdon...

1. A system comprising:an enterprise network;
an endpoint coupled to the enterprise network, the endpoint having computing objects, a data recorder that stores locally on the endpoint an unfiltered event stream of event data for changes detected on the endpoint occurring to the computing objects, a local agent executing a filter on the endpoint for creating a filtered event stream with a subset of event data for changes detected on the endpoint from the unfiltered event stream as the unfiltered event stream is captured by the data recorder, and a query interface for receiving queries to the data recorder from a remote resource, the endpoint further including a local security agent configured to detect malware on the endpoint based on event data stored by the data recorder, and further configured to communicate the filtered event stream over the enterprise network; and
a threat management facility coupled in a communicating relationship with the endpoint and a plurality of other endpoints through the enterprise network, the threat management facility configured to receive the filtered event stream from the endpoint, detect malware on the endpoint based on the filtered event stream, and remediate the endpoint when malware is detected, the threat management facility further configured to modify security functions within the enterprise network based on a security state of the endpoint.

US Pat. No. 10,972,484

ENRICHING MALWARE INFORMATION FOR USE WITH NETWORK SECURITY ANALYSIS AND MALWARE DETECTION

Target Brands, Inc., Min...

1. A system for enriching malware data for security analysis, the system comprising:one or more malware data pipelines configured to provide malware data that includes original data fields identifying information for detected malware instances and corresponding files that are associated with the detected malware instances, at least some of the corresponding files being malware files of the detected malware instances, and at least some other of the corresponding files being carrier files that contained the malware files in data transit, wherein the corresponding files include malware process behavior trace files generated from running the detected malware instances, wherein the one or more malware data pipelines include:
a static data pipeline configured to generate enriched and formatted static data, the enriched and formatted static data being enriched by malware enrichment circuitry and formatted according to a first data format that is associated with static data related to malware, the enriched and formatted static data recording information about malware generated during static analyses of malware performed outside of a network to be protected by the system, and
a dynamic data pipeline configured to generate enriched and formatted dynamic data generated by observation of execution of the malware files in a test environment, the enriched and formatted dynamic data being enriched by the malware enrichment circuitry and formatted according to a second data format different than the first data format, the second data format being associated with dynamic data related to malware, the enriched and formatted dynamic data recording information about malware generated during dynamic analyses of malware performed within a network to be protected by the system;
the malware enrichment circuitry being configured to identify additional information to include in enriched data fields for the detected malware instances, the additional information being identified from the malware files of the corresponding files and also from the carrier files of the corresponding files, wherein the enriched data fields include the additional information extracted from the malware process behavior trace files, wherein the enriched data fields include file system behavior for the detected malware instances, process behavior for the detected malware instances, and registry behavior for the detected malware instances; and
a datastore configured to:
store, after the execution of the malware files in the test environment, the malware data with the original data fields and the enriched data fields, wherein the datastore includes indices for both the original data fields and the enriched data fields to permit for searching and analysis across the original data fields and the enriched data fields of a particular malware instance, wherein at least some of the indices are identifiers of the malware files of the corresponding files and at least some of the indices are identifiers of the carrier files of the corresponding files;
receive a first query;
select, using the indices, first response data for the first query from the stored enriched and formatted static data and from the enriched and stored formatted dynamic data; and
return a first response to the first query comprising the first response data.

US Pat. No. 10,972,483

ELECTRONIC MAIL SECURITY USING ROOT CAUSE ANALYSIS

Sophos Limited, Abingdon...

1. A computer program product comprising non-transitory computer readable code embodied in a computer readable medium that, when executing on one or more computing devices, performs the steps of:receiving an electronic mail at a mail gateway for an enterprise network, the electronic mail addressed from an electronic mail address to a second electronic mail address;
scanning the electronic mail to detect a malicious action originating from within the enterprise network;
when a malicious action is detected, performing the steps of:
identifying a user within the enterprise network associated with the electronic mail address using a database of enterprise network users and corresponding addresses;
identifying one or more devices associated with the user identifier associated with the electronic mail address of the received electronic mail in the database of enterprise network users;
querying a respective endpoint agent executing on each of the one or more devices associated with the user identified as associated with the electronic mail address of the received electronic mail in the database of enterprise network users to identify an endpoint within the enterprise network that originated the malicious action;
performing a root cause analysis of the endpoint; and
remediating the endpoint based on the root cause analysis.

US Pat. No. 10,972,482

AUTOMATIC INLINE DETECTION BASED ON STATIC DATA

WEBROOT INC., Broomfield...

1. A system comprising:at least one processor; and
memory coupled to the at least one processor, the memory comprising computer executable instructions that, when executed by the at least one processor, performs a method for automatic inline detection of malicious content, the method comprising:
intercepting a first portion of an executable file that is being downloaded to a client device during the download to the client device and prior to completion of the download, the first intercepted portion comprising an incomplete portion of the executable file; and
during the download of the executable file to the client device:
determining a format for the executable file using the first intercepted portion of the executable file;
based on the determined format, parsing the first intercepted portion of the executable file to identify first static data within the first intercepted portion of the executable file, wherein the parsing comprises identifying one or more data fields and corresponding data field values of the first static data using a pattern matching technique;
extracting the first static data;
creating a first set of one or more feature vectors using the extracted first static data;
generating an incremental security status score from the first set of one or more feature vectors;
intercepting a second portion of the executable file;
parsing the second intercepted portion of the executable file to identify second static data within the second intercepted portion of the executable file;
extracting the second static data;
creating a second set of one or more feature vectors using the extracted second static data;
updating the incremental security status score based on the second set of one or more feature vectors; and
in response to the incremental security status score indicating that the executable file is not benign, terminating the download of the executable file to the client device prior to completion of the download.

US Pat. No. 10,972,481

WEB APPLICATION SESSION SECURITY

SAP SE, Walldorf (DE)

1. A secure communication system, comprising:a client computing device comprising a processor and a data storage associated with the processor, wherein the client computing device is programmed to perform operations comprising:
receiving, by a session identifier routine executing at the client computing device, a first request message comprising a session identifier field, the session identifier field comprising a client session identifier describing a communication session between a web application executing at the computing device and a server computing device;
accessing, by the session identifier routine, session identifier transformation data from a session vault persistence of the client computing device, the session vault persistence accessible to the session identifier routine and not accessible to the web application;
transforming, by the session identifier routine, the client session identifier to a server session identifier using the session identifier transformation data;
writing, by the session identifier routine, the server session identifier to the session identifier field of the first request message;
initiating, by the session identifier routine, sending the first request message including the server session identifier to the server computing device;
receiving, by the session identifier routine, a second request message comprising a second session identifier field, the second session identifier field comprising the client session identifier;
determining, by the session identifier routine, that the second request message is not authorized to be sent to the server with the server session identifier; and
after determining that the second request message is not authorized to be sent to the server with the server session identifier, sending the second request message including the client session identifier to the server computing device.

US Pat. No. 10,972,480

DEVICE MANAGEMENT PROXY FOR SECURE DEVICES

Hand Held Products, Inc.,...

1. A device, comprising:a first software module;
a second software module;
a third software module;
at least one hardware processor; and
memory storing hardware settings related to at least one hardware element and the first and second software modules executable by the at least one hardware processor to:
cause the first software module to transmit a first digitally signed request to the second software module,
cause the second software module to validate the first digitally signed request received from the first software module by retrieving a digital certificate associated with the first software module from a repository, wherein the first digitally signed request is validated based on the retrieved digital certificate associated with the first software module,
in response to validating the digitally signed request, causing the second software module to generate and transmit a second digitally signed request, to change the hardware settings, to the third software module, wherein the second software module is signed by the third software module using one or more certificates associated with the third software module, and
cause the third software module to change the hardware settings in response to the receipt of the second digitally signed request.

US Pat. No. 10,972,479

TASK COMPLETION USING A BLOCKCHAIN NETWORK

Balanced Media Technology...

1. A method for distributing tasks using a blockchain network, the method comprising:generating a task for completion via an interactive application;
distributing, using the blockchain network, the task via a block in a blockchain associated with the blockchain network, the blockchain network including a plurality of nodes and accessible by a plurality of client devices associated with the interactive application, wherein the task indicated in the block in the blockchain is to generate training data for machine learning algorithms or provide mutation on solutions;
receiving, from one or more of the client devices via one or more of the nodes in the blockchain network, data associated with results of processing the task via the interactive application; and
in response to receiving the data associated with the results of processing the task via the interactive application, validating completion of the task including:
receiving a set of user inputs from a set of the client devices, respectively, as to whether the task was completed; and
generating a consensus determination as to whether the task was completed based on the received set of user inputs.

US Pat. No. 10,972,478

DATA PROCESSING METHOD AND APPARATUS, TERMINAL, AND ACCESS POINT COMPUTER

CLOUDMINDS (SHANGHAI) ROB...

1. A data processing method, applied to a terminal, comprising:receiving an application access request;
determining a target access point corresponding to the application access request according to a mapping relationship between the access point and an application server obtained from a blockchain network;
sending a software defined perimeter SDP authentication request to the target access point; and
after the SDP authentication succeeds, performing interaction of application data through a data channel established with the target access point, wherein the data channel has a period of validity of a preset time lengthi
wherein the method further comprises determining a key for performing data interaction with the target access point;
wherein the performing interaction of application data through a data channel established with the target access point comprises using the key to send encrypted application data to the target access point through the data channel;
wherein the determining a key for performing data interaction with the target access point comprises: if the terminal locally stores the key and the key is not out of date, determining the locally stored key as the key for performing data interaction with the target access point; or, if the key stored locally by the terminal is out of date or the key is not stored locally, negotiating the key with the target access point, determining the negotiated key as the key for performing data interaction with the target access point, and storing the key in the local of the terminal;
wherein the method further comprises obtaining the mapping relationship between the access point and the application server from the blockchain network, and access point information of each access point, the access point information at least comprises a public key of the access point, an IP address and port information;
wherein the sending a software defined perimeter SDP authentication request to the target access point comprises sending the SDP authentication request to the target access point according to the IP address and the port information of the target access point;
wherein the negotiating the key with the target access point comprises performing key negotiation with the target access point through the public key of the target access point;
wherein the performing key negotiation with the target access point through the public key of the target access point comprises: performing identity authentication on the target access point through the public key of the target access point; when the identity authentication of the target access point is passed, the identity authentication of the target access point on the terminal is passed, and the target access point confirms that the blockchain network stores the permission information of the terminal, generating the key to complete the key negotiation; wherein the permission information is used for characterizing that the terminal is allowed to access the target access point.

US Pat. No. 10,972,477

SYSTEMS AND METHODS FOR PERFORMING MICRO-SEGMENTING

NortonLifeLock, Inc., Te...

1. A computer-implemented method for performing micro-segmenting, at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising:identifying at least a portion of a device;
measuring a variance value that indicates a level of variance in terms of websites accessed by the portion of the device over a period of time; and
locking, in response to determining that the variance value satisfies a threshold level of simplicity, the portion of the device by applying a security profile to the portion of the device that limits the portion of the device to accessing a set of websites that is defined in terms of the websites accessed by the portion of the device over the period of time.

US Pat. No. 10,972,476

METHOD FOR LIMITING USAGE OF APPLICATION, AND TERMINAL

HUAWEI TECHNOLOGIES CO., ...

1. A terminal comprising:a memory comprising instructions; and
a processor coupled to the memory and configured to execute the instructions to:
set a usage condition related to time, the usage condition applies to a type of application during a given time period;
allow use of applications belonging to the type of application if the usage condition is satisfied;
restrict use of the applications belonging to the type of application if the usage condition is not satisfied, wherein the applications belonging to the type of application comprise a first application;
display a graphical limitation mark at a location corresponding to each application icons of the applications belonging to the type of application indicating that the use of the applications belonging to the type of application is restricted for a period of time, wherein the graphical limitation mark at the location corresponding to each application icons of the applications comprises a first graphical limitation mark corresponding to the first application;
receive a user input for the first application to remove restriction for the first application, wherein the first application, belonging to the type of application, is restricted; and
maintain restriction for the applications belonging to the type of application, except the first application, after receiving the user input,
wherein the first graphical limitation mark for the first application ceases to display after the restriction for the first application is removed.

US Pat. No. 10,972,475

ACCOUNT ACCESS SECURITY USING A DISTRIBUTED LEDGER AND/OR A DISTRIBUTED FILE SYSTEM

Capital One Services, LLC...

1. A method, comprising:receiving, by a node of a network, user preferences information associated with an account that a user has with an organization;
generating, by the node of the network and based on the user preferences information, a smart contract for the user that specifies permissible types of account access information that the user has consented to having monitored,
wherein the user preferences information is added to a distributed ledger that is used for managing access to the account, and
wherein the user preferences information specifies two or more of:
which account access information of the user is permitted to be monitored,
when the account access information of the user is permitted to be monitored, or
how the account access information of the user is permitted to be monitored;
receiving, by the node of the network, account access information for the account,
wherein the account access information includes:
attempted login information for an attempt to login to the account, or
login configuration information for a particular attempt to modify login information of the account;
causing, by the node of the network, a first record to be added to the distributed ledger that is used for managing access to the account,
wherein the first record includes the account access information or an encrypted identifier that identifies a storage location at which the account access information is to be stored;
determining, by the node of the network, a likelihood that the account is being accessed by the user,
wherein the likelihood is determined based on at least one of:
the account access information, or
historical account access information for one or more accounts, that include the account, that are used to access one or more services associated with the organization, and
wherein determining the likelihood comprises:
providing the account access information as input to the smart contract to cause the smart contract to output an account security score based on the permissible types of account access information that the user consented to having monitored;
causing, by the node of the network, a second record that includes a value representing the likelihood to be added to the distributed ledger; and
causing, by the node of the network, one or more other nodes of the network to be alerted that the first record and the second record have been added to the distributed ledger.

US Pat. No. 10,972,474

LOGICAL ZONES FOR IOT DEVICES

International Business Ma...

1. A computer program product for a group of Internet of Things enabled devices, the computer program product comprising a computer readable storage medium having program instructions embodied therewith, wherein the computer readable storage medium is not a transitory signal per se, the program instructions when executed by a processor to cause the processor to perform operations comprising:defining, by the processor, one or more logical zones, wherein each logical zone of the one or more logical zones includes one or more physical zones and one or more virtual zones, and wherein the each logical zone of the one or more logical zones has associated semantics;
in response to the defining the one or more logical zones, associating, by the processor, the group of Internet of Things enabled devices with the one or more logical zones by, for each Internet of Things enabled device in the group of Internet of Things enabled devices:
determining, by the processor, through a semantic query, whether metadata associated with the each Internet of Things enabled device in the group of Internet of Things enabled devices is relevant to associated semantics of at least one logical zone of the one or more logical zones; and
in response to the determining that metadata associated with the each Internet of Things enabled device in the group of Internet of Things enabled devices is relevant to the associated semantics of the at least one logical zone of the one or more logical zones, associating, by the processor, the each Internet of Things enabled device in the group of Internet of Things enabled devices with the at least one logical zone; and
in response to the associating the group of Internet of Things enabled devices with the one or more logical zones, restricting, by the processor, communication between Internet of Things enabled devices in the group of Internet of Things enabled devices based on trusted communication profiles, wherein the trusted communication profiles include information about the one or more logical zones with which the Internet of Things enabled devices in the group of Internet of Things enabled devices are associated, and wherein communication is only allowed between the Internet of Things enabled devices in the group of Internet of Things enabled devices that belong to a same logical zone of the one or more logical zones.

US Pat. No. 10,972,473

TECHNIQUES TO AUTOMATICALLY UPDATE PAYMENT INFORMATION IN A COMPUTE ENVIRONMENT

Capital One Services, LLC...

1. A mobile device, comprising:a memory to store a mobile application comprising instructions; and
processing circuitry, coupled with the memory, operable to execute the instructions, that when executed, cause the mobile application on the processing circuitry to:
process an indication to change payment token information associated with a website, the website comprising webpages;
in response to the indication to change payment information, automatically enable a veneer screen to present in a display of the mobile application, the veneer screen to overlay an automated navigation to a webpage of the webpages, wherein the webpage comprises payment token information, and the veneer screen to prevent visual display of the automated navigation to the webpage;
initiate a script comprising one or more rules to cause performance of one or more actions to perform the automated navigation to the webpage to change the payment token information;
automatically navigate to the webpage to change the payment token information when the veneer screen is presented in the display of the mobile application;
cause the change of the payment token information with new payment token information in the webpage;
detect a completion of the change of the payment token information with the new token information; and
in response to the completion of the change of the payment token information, automatically disable the veneer screen in the display of the mobile application.

US Pat. No. 10,972,472

ALTERNATE USER COMMUNICATION ROUTING UTILIZING A UNIQUE USER IDENTIFICATION

BANK OF AMERICA CORPORATI...

16. A computer implemented method for providing an alternate treatment for an interaction with unauthorized users, the method comprising:receiving a request from a user to access information;
receiving an authentication credential from the user, wherein the authentication credential is received from one or more user computer systems;
determining that the user is an unauthorized user based on the authentication credential;
providing the alternate to the unauthorized user;
capturing unauthorized user information from the unauthorized user based on the alternate treatment; and
based on the captured unauthorized user information, generating a unique user identification profile for the unauthorized user, wherein the unique user identification profile comprises a historical record of communications with the unauthorized user.

US Pat. No. 10,972,471

DEVICE AUTHENTICATION USING SYNCHRONIZED ACTIVITY SIGNATURE COMPARISON

International Business Ma...

1. An authentication service, comprising:one or more computer processors comprising:
a data management system for periodically collecting and storing signature data from each of a set of registered devices, wherein the signature data includes a plurality of data points, wherein the plurality of data points includes a device usage characteristic;
a system for obtaining a temporal signature state (TSS) vector of a device in response to a completion of a first authentication process for a transaction request from the device wherein the first authentication process is a password authentication process, wherein the TSS vector includes values for a selected subset of the data points forming the signature data; and
an authenticator for comparing the TS S vector of the device with stored signature data in order to authenticate the device, wherein the authenticator analyzes the corresponding stored signature data for a given data point in the subset of data points of the TSS vector, wherein the authenticator analyzes the stored signature data for the given data point as a time based function to predict an expected value of the corresponding stored signature data for a given data point in the subset of data points of the TSS vector, wherein the authenticator compares the predict value for the given data point in the subset of data points of the TSS vector to the actual given data point in the subset of data points of the TSS vector, wherein the authenticator denies or authorizes the transaction request based on the results of the comparison.

US Pat. No. 10,972,470

NETWORK DEVICE ISOLATION FOR ACCESS CONTROL AND INFORMATION SECURITY

Bank of America Corporati...

1. An information security system comprising:a switch configured to provide network connectivity for one or more endpoint devices to a network;
a threat management server operably coupled to the switch and comprising:
a memory configured to store:
a port lease log file identifying:
endpoint devices with a lease for a port on the switch; and
port lease periods that indicates a time period an endpoint device is allowed to access the network; and
a device log file identifying:
endpoint devices that have failed authentication; and
endpoint devices that have passed authentication; and
a threat management engine implemented by a processor configured to:
identify the endpoint device for isolation in response to receiving the device identifier, comprising:
determining the endpoint device is present in the device log file using the device identifier;
determining the number of times the endpoint device has failed authentication exceeds a first threshold value within a first predetermined time period; and
determining the number of times the endpoint device has passed authentication is less than a second threshold value within a second predetermined time period that is a greater period of time than the first predetermined time period; and
send a reroute command to the switch identifying the endpoint device in response to identifying the endpoint device for isolation;
wherein:
the switch is configured to transform the destination of traffic associated with the endpoint device to a safe zone in response to receiving the reroute command; and
traffic in the safe zone associated with the endpoint device is recorded;
and
the threat management engine is configured to add the endpoint device to an unauthorized list identifying endpoint devices that are prohibited from accessing the network in response blocking the endpoint device from accessing the network; and
adding the endpoint device to the unauthorized list triggers a network authentication server to automatically fail authentication for the endpoint device when the endpoint device connects to the switch.

US Pat. No. 10,972,469

PROTECTING CRITICAL DATA AND APPLICATION EXECUTION FROM BRUTE FORCE ATTACKS

Honeywell International, ...

1. A method for protecting data, the method comprising:modifying a header of a file to include a list of one or more applications;
encrypting the header with a read-only format to protect the file against brute force attacks;
responsive to an application attempting to access the file, interrupting access to the file;
determining whether the application that is attempting to access the file is approved based on identifying at least one application included in the list of the modified header that corresponds to the application, wherein the determining of whether the file is approved comprises:
identifying a parameter of the application that is at least one of an application type; and
analyzing the modified header of the file to ascertain whether the parameter of the application is identified in the modified header; and
preventing the application from accessing the file when it is determined that the parameter is not included in the list of the modified header; and
generating a notification to notify a user that a non-approved application is attempting to access the file.

US Pat. No. 10,972,468

ADAPTIVE DEVICE ENROLLMENT

VMware, Inc., Palo Alto,...

1. A method for dynamically determining enrollment requirements and enrolling a user device into a management system, comprising:receiving user credentials at an application installed on the user device, the application not being an agent application dedicated to performing device enrollment;
receiving, at the application, an access token based on the user credentials;
receiving, at the application, an identification of an organizational group to which the user belongs;
receiving a determination as to whether the identified organizational group enables the user device to directly enroll with the management system or requires a dedicated agent application be downloaded to the device to enroll with the management system without using the application for enrollment;
if the identified organizational group enables the user device to directly enroll with the management system, requesting an assessment by a management server that the user device is allowed to enroll at the management server, wherein the assessment is based, at least in part, on restrictions stored at the management server;
receiving the assessment that the user device is allowed to enroll directly with the management server without the use of the dedicated agent application;
displaying, at the user device, a prompt for the user to proceed with enrollment;
enrolling, by the application, the user device with the management server, including sending policies from the management server to the application for enforcement at the user device by the application;
displaying, at the user device, a prompt for the user to select one or more managed applications to install on the user device; and
downloading the managed applications selected by the user.

US Pat. No. 10,972,467

CERTIFICATE BASED PROFILE CONFIRMATION

AirWatch LLC, Atlanta, G...

1. A method for managing a device, the method comprising:sending, to a device from a remote server, a profile and a certificate that is unique to the profile, the profile specifying mandatory settings for the device, and installation of the profile by the device causing the certificate to be accessible by the device;
receiving, by the remote server, a request from the device to do at least one of utilize a resource and execute an application, the request being sent based on the profile;
determining, by the remote server, whether the certificate is accessible by the device and whether the device is compliant with the mandatory settings; and
in an instance where the certificate is accessible by the device and the device is compliant, authorizing the device to do at least one of utilize the resource and execute the application.

US Pat. No. 10,972,466

SECURITY SYSTEMS, METHODS, AND COMPUTER PROGRAM PRODUCTS FOR INFORMATION INTEGRATION PLATFORM

Open Text SA ULC, Halifa...

1. A method, comprising:receiving, by an information integration system, a query from a user device associated with a user, the information integration system having a unified index and adapted for providing a plurality of integration services, the plurality of integration services including a principals service and an authorization service;
performing, by the information integration system, an inbound check on the query utilizing the principals service which provides principals for the user across disparate information systems operating in a computing environment, the inbound check including:
determining a security level associated with the user based at least on the principals provided by the principals service; and
modifying the query from the user device based at least on the security level associated with the user, the modifying including augmenting the query with the principals provided by the principals service;
at query time, performing the query, which has been modified through the inbound check, across the disparate information systems operating in the computing environment, the performing including evaluating the query augmented with the principals, the evaluating including evaluating, in association with the principals for the user, permission information stored in the unified index of the information integration system;
prior to returning search results from the query to the user device, performing, by the information integration system, an outbound check on the search results utilizing the authorization service which provides authorization information from the disparate information systems operating in the computing environment on what search result the user is permitted to view, the outbound check including filtering the search results for the user based on the authorization information provided by the authorization service; and
returning, by the information integration system, the search results filtered through the outbound check to the user device.

US Pat. No. 10,972,465

SECURE AUTHENTICATION THROUGH VISUAL CODES CONTAINING UNIQUE METADATA

CyberArk Software Ltd., ...

1. A non-transitory computer readable medium including instructions that, when executed by at least one processor, cause the at least one processor to perform operations for generating and communicating encoded visual representations containing unique application fingerprints, the operations comprising:receiving application metadata associated with a personal computing device and defining a plurality of diverse attributes of an application installed on the personal computing device;
identifying a request by an identity to access a secure network resource;
identifying a unique verification token;
generating an encoded visual representation that contains the application metadata and the unique verification token; and
making available to the identity the encoded visual representation for the personal computing device to decode the encoded visual representation, the personal computer device being configured to:
decode the encoded visual representation to access the application metadata;
verify the accessed application metadata against the application attributes of the application installed on the personal computing device; and
send, conditional on the metadata verification being successful, the unique verification token to a security server, the security server being configured to:
receive the unique verification token; and
grant the personal computing device access to the secure network resource based on the verification token.

US Pat. No. 10,972,464

NETWORK SYSTEM

SMK Corporation, Tokyo (...

1. A network system comprising:an information device included in an internal network connected to an external network, the information device being configured to transmit specific information including its own identification information and device information provided in advance, in conformity with a predefined protocol; and
a management unit configured to monitor the internal network, and collect the specific information from the information device in conformity with the predefined protocol, wherein
the management unit
collects specific information from an unknown information device, the specific information of the unknown information device including its own identification information and device information,
notifies a user of an authorization request for the unknown information device on a basis of the collected specific information,
determines whether or not to authorize access of the unknown information device to the internal network, in accordance with a response from the user to the authorization request,
generates map information, including connection configuration information which is correspondence information between a port number of each port of an information device with multiple ports and a MAC (media access control) address of the information device connected to each port, representing an image of the following: each information device and each information device with multiple ports, the device information and the port number of the information device with multiple ports connected to each information device, and a connection relationship with other information devices and/or the information device with multiple ports, to make a topology of the internal network visible to the user, on a basis of the collected specific information, and
notifies the user of the generated map information in a manner that is included in the authorization request.