US Pat. No. 11,032,447

METHOD AND SYSTEM FOR AUTOMATICALLY SYNCHRONIZING AUDIO-VIDEO INPUTS IN A MULTI CAMERA ENVIRONMENT

Sling Media PVT. Ltd., B...

1. A method, comprising:obtaining a plurality of captured images, produced by a camera, that capture images displayed by a display device including at least a first display image displayed for a first time period and a second display image displayed for a second time period that is different than the first time period;
obtaining, from the display device and independent from content of the second display image, display time information based on a system time associated with the display device, the display time information indicating a first time at which the display device displayed the second display image;
identifying, from the plurality of captured images, a target captured image that captures the second display image displayed by the display device;
identifying a second time indicated in capture time information associated with the target captured image; and
determining a time delay that includes a camera delay associated with the camera based on the first time and the second time.

US Pat. No. 11,032,446

IMAGE PROCESSING DEVICE, IMAGE PROCESSING METHOD, AND PROGRAM FOR CORRECTING COLOR IN AN IMAGE

SONY INTERACTIVE ENTERTAI...

1. An image processing device comprising:image data obtaining means that obtains image data of an original image including a plurality of pixels;
evaluation value obtaining means that obtains an evaluation value representing a possibility of generation of banding on a basis of a color distribution in a noted area including a target pixel that is any one of the plurality of pixels;
correcting means that produces an intermediate image of which a color of the target pixel is corrected on a basis of the evaluation value; and
image output means that causes a corrected image to be output on a basis of the produced intermediate image, wherein
the correcting means varies a correction amount of the color of the target pixel in accordance with the evaluation value.

US Pat. No. 11,032,445

INFORMATION PROCESSING APPARATUS AND SYSTEM AND NON-TRANSITORY COMPUTER READABLE MEDIUM

FUJI XEROX CO., LTD., To...

1. An information processing apparatus comprising:a processor programmed to function as:
an instructing unit that provides an instruction to display an approval request screen to a terminal apparatus operated by a second user authenticated to a system, the approval request screen being used for making a request to approve execution of setting changing processing for changing a setting of the information processing apparatus proposed by a first user other than the second user, the first user also being authenticated to the system, the first user being a user of the information processing apparatus;
a response obtaining unit that obtains a response from the second user that is made on the approval request screen; and
an execution unit that executes the setting changing processing in accordance with the response obtained by the response obtaining unit.

US Pat. No. 11,032,444

IMAGE PROCESSING APPARATUS WITH ENHANCED SHOW-THROUGH CORRECTION, AND IMAGE PROCESSING METHOD AND STORAGE MEDIUM THEREFOR

Canon Kabushiki Kaisha, ...

1. An image processing apparatus, comprising:at least one processor or at least one circuit that causes the image processing apparatus to function as:
a first obtaining unit configured to obtain a degree of variation in signal values of a plurality of pixels included in a region of a predetermined size that includes a target pixel of image data obtained by reading a document;
a second obtaining unit configured to obtain a feature amount indicating a brightness of the region of the predetermined size;
an updating unit configured to update a difference between an index value corresponding to the degree of variation and the feature amount based on an amount of a difference between an index value corresponding to the degree of variation obtained by the first obtaining unit in a plurality of index values respectively corresponding to a plurality of degrees of variation and the feature amount obtained by the second obtaining unit;
a decision unit configured to decide a correction value of the target pixel using the updated difference updated by the updating unit and the index value corresponding to the degree of variation obtained by the first obtaining unit; and
a correction unit configured to correct a value of the target pixel using the correction value decided by the decision unit.

US Pat. No. 11,032,443

IMAGE READING APPARATUS FOR DETECTING A DIRT SUBSTANCE FROM A WHITE REFERENCE IMAGE AND A DOCUMENT IMAGE

PFU LIMITED, Kahoku (JP)...

1. An image reading apparatus comprising:an imaging sensor for generating a white reference image of a white reference member and a document image of a document and a periphery of the document; and
a processor for
detecting a first dirt substance from the white reference image,
generating data for shading correction based on the white reference image,
correcting the document image using the data for shading correction to generate a correction image, and
detecting a second dirt substance from the correction image, wherein
the processor detects the second dirt substance from pixels apart from one another by a first distance, in a first range outside a predetermined distance from a first position corresponding to a second position where the first dirt substance is detected in the white reference image in the correction image, and detects the second dirt substance from pixels apart from one another by a second distance that is shorter than the first distance, in a second range within the predetermined distance from the first position in the correction image.

US Pat. No. 11,032,442

IMAGE PROCESSING APPARATUS AND IMAGE PROCESSING METHOD

TOSHIBA TEC KABUSHIKI KAI...

1. An image processing apparatus, comprising:an image processing unit configured to convert a color image to a monochrome image, the color image comprising pixels with a plurality of color components, the image processing unit configured to generate a histogram from the monochrome image showing a color intensity gradation in the monochrome image by pixel frequency; and
a processor configured to:
obtain a first threshold value based on the histogram,
determine for each color component of each pixel in the color image whether or not each color component of the pixel is light based on the first threshold value, and
generate a corrected color image by removing a background coloring from the color image by correcting each pixel for which all the color components are determined to be light.

US Pat. No. 11,032,441

WATERMARK PRINTED ON MATCHING COLOR MEDIA FORMING METAMERIC PAIR

Xerox Corporation, Norwa...

7. A system comprising:a printing device comprising:
a storage component specifically configured to maintain a marking material; and
a media supply, wherein the printing device is adapted to print differently colored calibration patches of the marking material combined with different colorants on a test sheet of the print media;
an optical scanner in communication with the printing device, wherein the optical scanner is configured to scan the differently colored calibration patches on the test sheet; and
a processor in communication with the optical scanner and the printing device,
wherein the processor is configured to identify a marking color of the marking material within a storage compartment,
wherein the marking material has a marking spectral reflectance property,
wherein the processor is configured to identify a print media in the media supply having a media color matching the marking color and having a media spectral reflectance property that has a different amount of spectral reflectance from the marking spectral reflectance property,
wherein the processor is configured to identify from the scan performed by the optical scanner, as a matching calibration patch, one of the calibration patches printed on the test sheet in which a printed color of the marking material most closely visually matches the media color,
wherein the processor is configured to identify a revised marking color used to print the matching calibration patch, and
wherein the printing device is configured to print a watermark on the print media using the revised marking color.

US Pat. No. 11,032,440

IMAGE READING APPARATUS

Seiko Epson Corporation, ...

1. An image reading apparatus comprising:a medium mounting portion configured to mount a bundle of media, the medium mounting portion disposed on the image reading apparatus rear side;
feeding means configured to feed a medium of the most bottom side among the media from the medium mounting portion;
at least one edge guide each configured to regulate a corresponding one of at least one medium width direction edge of the medium having been mounted on the medium mounting portion, the medium width direction being a direction intersecting with a medium feeding direction;
reading means configured to read the medium and disposed on a further downstream side than the at least one edge guide in the medium feeding direction;
an ejection means configured to eject a medium from an ejection outlet to an ejection tray, the ejection outlet disposed on at the apparatus front side opposite to the medium mounting portion;
at least one medium detection means configured to detect the medium, the medium detection means disposed outside in the medium width direction than at least one edge regulation position for edge regulation by the at least one edge guide such that the at least one medium detection means is outside of a transport region of the medium, the medium detection means disposed between the feeding means and the reading means in the media feeding detection; and
a control means configured to stop feeding of the medium by the feeding means in response to a detection of the medium by one of the at least one medium detection means.

US Pat. No. 11,032,439

IMAGE PROCESSING APPARATUS

KABUSHIKI KAISHA TOSHIBA,...

1. An image processing apparatus, comprising:a memory;
an internal memory to store a scanned image of a document placement area; and
a processor configured to:
detect original documents in the scanned image,
identify an orientation and position of each original document detected in the scanned image, and
select between saving each detected original document individually in separate files or together in one file according to the identified orientation and position of the original documents, wherein
the memory stores relationships between a data format for saving the original documents and the orientations and placements of original documents in the document placement area, and
the processor selects between saving each detected original document in separate files or together in a single file based on the stored relationships in the memory.

US Pat. No. 11,032,438

READING CONTROL APPARATUS AND CONTROL METHOD

Canon Kabushiki Kaisha, ...

1. A reading control apparatus which includes a document platen, a reading unit that performs reading processing for reading a document placed on the document platen, and a display unit, the display unit being at least partially covered by a document having at least a predetermined size in a case where the document having at least the predetermined size is placed on the document platen, the reading control apparatus comprising at least one processor,the at least one processor executes:
displaying, on the display unit, a screen for receiving an execution instruction for first reading processing for reading a first area of the document;
executing the first reading processing based on reception of the execution instruction for the first reading processing;
receiving an execution instruction for second reading processing for reading a second area of the document, the second area including an area of the document different from the first area, and the first area and the second area being included in a same surface of the document;
executing the second reading processing based on reception of the execution instruction for the second reading processing;
in a case that the reading processing is completed, controlling whether or not to perform predetermined notification using a sound generated by a loudspeaker based on whether the reading processing that has completed is the first reading processing or the second reading processing, wherein the controlling is performed such that the predetermined notification is performed based on a fact that the reading processing that has completed is the first reading processing and such that the predetermined notification is not performed based on a fact that the reading processing that has completed is the second reading processing; and
executing output processing for outputting an image including an image based on image data obtained by the first reading processing and an image based on image data obtained by the second reading processing, based on completion of the second reading processing.

US Pat. No. 11,032,437

METHOD TO CREATE A SECURE DISTRIBUTED DATA VALIDATION SYSTEM USING A DISTRIBUTED STORAGE SYSTEM AND ARTIFICIAL INTELLIGENCE

KYOCERA Document Solution...

1. A system, comprising:a node that
receives paper-form data scanned from a paper form having a plurality of data items including a first data item and a second data item,
selects a first distributed storage system of a plurality of distributed storage systems, wherein the first distributed storage system is associated with the first data item,
determines first item metadata for the first data item and second item metadata for the second data item,
provides a first user interface comprising a display of the first data item, and
generates an output related to the paper-form data based on the first distributed storage system;
a first validation entity to validate a value of the first data item based on the first item metadata by providing to the first user interface a first input for a first validation status of the value of the first data item; and
a second validation entity to validate a value of the second data item based on the second item metadata, wherein the second validation entity differs from the first validation entity, and wherein the first and second validation entities are determined by the node;
wherein the node records the value of the first data item and the first validation status of the value of the first data item in the first distributed storage system.

US Pat. No. 11,032,436

INFORMATION PROCESSING APPARATUS, INFORMATION PROCESSING SYSTEM, AND NON-TRANSITORY COMPUTER READABLE MEDIUM STORING PROGRAM FOR WORKFLOW GENERATION

FUJIFILM Business Innovat...

1. An information processing apparatus comprising:a processor that executes a first job and a second job in response to reception of the first job and the second job; and
controls state of the first job and the second job: wherein in a case where the first job includes transferring first data as a processing target to an external apparatus and receiving second data as a processing result from the external apparatus, the processor sets the first job to a stoppage state in response to completion of the transfer of the first data and sets the second job which uses a transfer protocol used in the first job to an execution available state.

US Pat. No. 11,032,435

SUPERPOSITION DETECTION AND CORRECTION

INTERNATIONAL BUSINESS MA...

1. A processor-implemented method for document superposition detection and correction, the method comprising:receiving a plurality of scanned documents;
analyzing the plurality of the scanned documents;
determining if there is a superposition scanning defect within the scanned documents based on the analysis;
in response to the plurality of the scanned documents containing the superposition scanning defect, identifying a subset of documents within the plurality of scanned documents containing the determined superposition scanning defect, wherein a subset of the documents that have all texts and borders of the document that are not obscured by other documents within the plurality of scanned documents containing the determined superposition scanning defect is separated and kept as intact documents, wherein the subset of the documents that do not have their texts and borders obscured by the other documents have smaller areas than areas of the documents that have the scanning defect; and
transmitting a notification to a user, wherein the notification identifies the subset and that the subset requires a rescan.

US Pat. No. 11,032,434

DEVICES, SYSTEMS, AND RELATED METHODS FOR VISUAL INDICATION OF AN OCCURRENCE OF AN EVENT

1. A visual indicator device for connection to a video communication device, the visual indicator device comprising:a transparent housing;
a printed circuit board having a plurality of light sources mounted thereon; and
a light pipe positioned within the transparent housing between a back surface of the transparent housing and the printed circuit board, the light pipe having a flat surface and an angled surface having a range between 30° to 45° relative to the flat surface and wherein the light pipe includes posts on a bottom surface configured to provide a standoff from the translucent housing.

US Pat. No. 11,032,433

CHARGING METHOD, APPARATUS, AND SYSTEM

HUAWEI TECHNOLOGIES CO., ...

1. A charging method, comprising:requesting, by a control plane (CP) entity, a required quota from an online charging system according to a charging rule that is installed or activated by a policy and charging rules function entity;
receiving, by the CP entity, a quota delivered by the online charging system;
generating, by the CP entity, user plane (UP) quota information according to the quota delivered by the online charging system;
generating, by the CP entity, a UP reporting policy according to the charging rule; and
delivering, by the CP entity, the UP reporting policy and/or the UP quota information to a UP entity, wherein the UP reporting policy has a parameter that indicates an association relationship between the UP reporting policy and the UP quota information.

US Pat. No. 11,032,432

CORE NETWORKS CONTROLLED TRAFFIC TRANSMISSION IN DUAL/MULTIPLE-CONNECTIVITY SYSTEM

NOKIA SOLUTIONS AND NETWO...

1. A method for core network controlled traffic transmission in a dual/multiple-connectivity system, said method comprising:receiving, by a mobility management function, a request containing information about a status of dual/multiple connectivity from a radio access network node;
determining, by the mobility management function, a policy on a usage of dual/multiple connectivity; and
providing, by the mobility management function, the policy on the usage of dual/multiple connectivity to the radio access network node, wherein the policy is configured to enable the radio access network node to enforce dual/multiple connectivity by separate charging of a plurality of bearers.

US Pat. No. 11,032,431

GATEWAY DEVICE, RADIO COMMUNICATION DEVICE, CHARGING CONTROL METHOD, DATA TRANSMISSION METHOD, AND NON-TRANSITORY COMPUTER READABLE MEDIUM

NEC CORPORATION, Tokyo (...

15. A communication terminal comprising:a transceiver configured to communicate with a first base station by using a first radio access technology (RAT) and to communicate with a second base station by using a second RAT which is different from the first RAT,
wherein the first base station configured to initiate procedure for adding the second base station for dual connectivity; and
wherein the first base station is further configured to send, to a first communication apparatus in a core network, an Indication including a RAT type that indicates the second RAT and an identifier that identifies a traffic flow between the communication terminal and a second communication apparatus in the core network.

US Pat. No. 11,032,430

TRANSMISSION DETECTION, INTERRUPTION, AND NOTIFICATION SYSTEM

Roybuck Enterprises LLC, ...

1. A computerized method of transmission detection, interruption, and notification, the computerized method comprising the steps of:receiving emitted radiation or a radio frequency (RF) signal from a cellular device at a detector, wherein the emitted radiation or the RF signal correspond to a cellular transmission from the cellular device;
determining a distance of the cellular device from the detector using the emitted radiation or the RF signal;
isolating and targeting a frequency of the RF of the cellular transmission, allowing for a user to perform hands-free voice communication using a bluetooth frequency;
determining a pattern of a set of interferences in the emitted radiation or the RF signal, wherein each interference in the set of interferences is created by the user entry into the cellular device;
correlating the pattern with a category of activity to determine a type of cellular transmission; and
interrupting transmission of the cellular transmission using the distance,
wherein the receiving emitted radiation or a radio frequency (RF) signal, determining a distance, isolating and targeting a frequency, determining a pattern, correlating the pattern, and interrupting the transmission are performed using at least one processor coupled to a memory.

US Pat. No. 11,032,429

DEVICE CONTROLLER, COMMUNICATION TERMINAL, DEVICE CONTROL METHOD, COMPENSATION CALCULATION METHOD, AND DEVICE CONTROL SYSTEM

KDDI CORPORATION, Tokyo ...

1. A device controller comprising:an acquisition unit configured to acquires a type of service indicating a type of device to be controlled in a service that enable a user of a communication terminal to use the device via the network using the communication terminal;
an extraction unit configured to extract one or more pieces of application software usable in a service of the acquired type of service by the acquisition unit and one or more devices usable in the service that can be provided using each of the one or more pieces of application software, from a database including each combination of the one or more pieces of application software and the one or more devices;
a presentation unit configured to cause the communication terminal to present the one or more pieces of application software and the one or more devices that are extracted by the extraction unit;
a setting unit configured to set application software selected by the user from the one or more pieces of application software presented to the communication terminal by the presentation unit to be useable in the communication terminal; and
a transmission unit configured to transmit second control information, which is different from first control information, for controlling a control target device identified based on the first control information, based on the first control information for controlling the device corresponding to the type of service acquired by the acquisition unit, the first control information being acquired from the communication terminal that executes the application software set by the setting unit.

US Pat. No. 11,032,428

LOCATION UPDATES FOR CALL ROUTING DECISIONS

8x8, Inc., Campbell, CA ...

1. A method for use with a data-communications server that is configured to provide data-communications services to a plurality of endpoint devices including respective communications circuits, the method comprising:receiving, at the data-communications server and from an application running on a particular endpoint device of the plurality of endpoint devices, geolocation information identifying a first geographic location of the particular endpoint device;
assessing the first geographic location relative to a second geographic location indicated by an IP address used by the particular endpoint device, and providing a probabilistic determination of the second geographic location's relevance;
modifying, in response to a mismatch between the assessed geographic locations and to the probabilistic determination, a location database to include an entry specifying that the particular endpoint device is located at the first geographic location;
receiving, at the data-communications server, an outgoing telephone call from the particular endpoint device;
selecting, based upon the entry that specifies that the particular endpoint device is located at the first geographic location, a media server; androuting, based upon the selecting of the media server, the outgoing telephone call using the selected media server.

US Pat. No. 11,032,427

VOICE ENABLED IOT USING SECOND LINE SERVICE

MOVIUS INTERACTIVE CORPOR...

1. A system to provide a voice communications channel between an internet of things (IOT) device that is not equipped with voice capabilities and a third party device, the system comprising:one or more IoT devices, each IoT device comprising an application defining the operation of the IoT device, a unique user ID (UUID), a network interface, a trigger interface, and an IoT enabler;
a server communicatively coupled to the IoT devices through a network and providing a voice-line service;
the IoT enabler in each IoT device comprising a module that enables the IoT application to send a communication request in response to the IoT application detecting an event at the trigger interface, the communication request including the UUID;
the server comprising a processing unit and memory housing instructions that when executed by the processing unit cause the voice-line service to operate by:
receiving the communication request from the IoT device;
identifying a destination address based at least in part on the UUID;
selecting a voice-line service number associated with the UUID and destination address;
initiating a network call to the destination address and including the assigned voice-line service number in the caller ID field, wherein a voice channel is established between the IoT device and a device associated with the destination address.

US Pat. No. 11,032,426

METHOD AND APPARATUS FOR ENABLING A MOBILE ENDPOINT DEVICE TO BE A HUB FOR A CONFERENCE CALL

1. A method for handling a conference call, the method comprising:connecting, by a processor of a master mobile endpoint device, to the conference call;
broadcasting, by the processor, a signal to at least one slave mobile endpoint device to join the conference call over a personal area network;
receiving, by the processor, a pairing request from the at least one slave mobile endpoint device over the personal area network;
accepting, by the processor, the pairing request; and
connecting, by the processor, the at least one slave mobile endpoint device to the conference call via the master mobile endpoint device over the personal area network, wherein both the master mobile endpoint device and the at least one slave mobile endpoint device have two-way communications with the conference call and conference call controls, wherein a first master mobile endpoint device conference call control of the conference call controls comprises a first user control on the master mobile endpoint device for adjusting a volume of a speaker of the at least one slave mobile endpoint device for the conference call, wherein the two-way communications include communications from a microphone of the master mobile endpoint device and communications to a speaker of the master mobile endpoint device.

US Pat. No. 11,032,425

METHOD AND APPARATUS FOR CONTROLLING VISITOR CALL IN HOME NETWORK SYSTEM

SAMSUNG ELECTRONICS CO., ...

1. A method of controlling a visitor's call by a second terminal in a home network system, the method comprising:receiving, from a smart home server, a call message based on home information, when a first terminal requesting a visit to a home is located within a predetermined distance in which communication with a communication module storing home information is possible;
obtaining a call response message including information indicating whether to accept communication with the first terminal of a visitor; and
performing communication with the first terminal, in response to the information indicating to accept communication with the first terminal of the visitor,
wherein the home information includes home identification information for identifying the home network corresponding to the home network system where the second terminal is registered.

US Pat. No. 11,032,424

SYSTEM AND METHOD FOR HYBRID CALLBACK MANAGEMENT AND FAILURE RECOVERY

VIRTUAL HOLD TECHNOLOGY S...

1. A system for hybrid callback management and failure recovery, comprising:a callback cloud service comprising at least a processor, a memory, and a first plurality of programming instructions stored in the memory and operating on the processor, wherein the first programming instructions, when operating on the processor, cause the processor to:
store and maintain global user profiles;
communicate with an on-premise callback system;
maintain relevant agent and brand data from an on-premise callback system;
execute callback requests;
calculate estimated wait times for callbacks; and
an on-premise callback system comprising at least a processor, a memory, and a second plurality of programming instructions stored in the memory and operating on the processor, wherein the second programming instructions, when operating on the processor, cause the processor to:
communicate with a callback cloud service;
send data related to callback objects and agents to a callback cloud service;
receive consumer calls to a brand;
create a callback object upon a consumer requesting a call back from a brand;
schedule a callback with consumers based on consumer availability and agent scheduling;
execute callbacks between consumers and agents at a specified time; and
connect the two parties, when the two first and second called parties are online, and delete the callback object.

US Pat. No. 11,032,423

SIMULTANEOUS VOICE AND DATA CONTENT DRIVEN COMMERCIAL DATA PLATFORM

1. A system comprising:a receiver device with a receiver identifier;
a dialer device with a dialer identifier, wherein the dialer device is configured to initiate a call over a first voice channel with the receiver device using the receiver identifier;
a database, wherein the database stores interaction data, collected during the call, in association with both the receiver identifier and the dialer identifier; and
a server, wherein the server is programmed to:
collect, based on the receiver identifier, a collection of interaction data or derivatives thereof from the database; and
surface the collection of interaction data or derivatives thereof to an external agent (i) using an external data channel; and (ii) without using any voice channel.

US Pat. No. 11,032,422

HEURISTIC SALES AGENT TRAINING ASSISTANT

State Farm Mutual Automob...

1. A computer-implemented method, executed with a processor, comprising:identifying, with the processor and from a first memory,
an un-structured website transaction data record from a plurality of stored un-structured website transaction data records, the identified un-structured website transaction data record indicating questions presented by a customer, and
an un-structured agent transaction record from a plurality of stored un-structured agent transaction records, the identified un-structured agent transaction record indicating interactions of an agent with a training interface or a customer service interface;
receiving, with the processor, a natural language input from the agent using a human machine interface;
accessing, with the processor, a heuristic algorithm stored in a second memory;
executing the heuristic algorithm, with the processor, to determine:
a current context classifying the customer into a particular category based upon a product type, the heuristic algorithm determining the current context based at least in part on the identified unstructured website transaction data record, and
a training resource for providing additional training to the agent, the heuristic algorithm determining the training resource based at least in part on the identified un-structured agent transaction record, the natural language input, and the current context;
determining, with the processor and based on the agent being trained with the training resource, an indication of modified agent behavior; and
training, with the processor, the heuristic algorithm in the second memory using a determined correlation between the training resource and the indication of modified agent behavior.

US Pat. No. 11,032,421

SYSTEMS FOR TRANSITIONING TELEPHONY-BASED AND IN-PERSON SERVICING INTERACTIONS TO AND FROM AN ARTIFICIAL INTELLIGENCE (AI) CHAT SESSION

CAPITAL ONE SERVICES, LLC...

20. A system for transitioning a telephony-based call to an artificial intelligence (AI) chat session, the system comprising:one or more processors; and
a memory in communication with the one or more processors and storing instructions that, when executed by the one or more processors, are configured to cause the system to:
receive, by an interactive voice response (IVR) model and from a user device associated with a user and a phone number, a first phone call;
receive, from the user device via the first phone call, a touch tone phone input or a user utterance;
determine that the touch tone phone input or the user utterance corresponds to a first servicing intent;
generate, via an application programming interface (API), a call to an AI chatbot model;
transmit, to the AI chatbot model, the first servicing intent;
transmit a short message service (SMS) message, a mobile application notification, an email message, or combinations thereof to the user device via the AI chat session;
transmit, to the user device via the AI chat session, a first answer responding to the first servicing intent;
receive, from the user device via the AI chat session, a first user message comprising a second servicing intent;
receive, from the user device via the AI chat session, a second user message comprising a request to be transferred to the IVR model;
transmit, to the IVR model, the first user message;
when the first phone call is active, transmit, to the user device via the AI chat session, a system message that the IVR model is available;
when the first phone call is not active, initiate, via the IVR model, a second phone call with the user device by calling the phone number; and
transmit, via the first phone call or the second phone call, a second answer responding to the second servicing intent.

US Pat. No. 11,032,420

TELEPHONE CALL MANAGEMENT SYSTEM

1. A call management system for connecting a caller to one of a plurality of agents via a customer relationship management (CRM) system without a contact center provider automated call distribution (ACD) or integrated voice recognition (IVR), the system comprising:a microprocessor; and
a computer-readable memory encoding instructions that, when executed by the microprocessor, create:
a voice engine for receiving an audio call from the caller;
a chat engine capable of providing an automated chat bot for interacting with the caller to collect information and execute predefined tasks;
an orchestrator capable of:
converting text messages from the chat bot to audio messages for the caller;
converting audio messages from the caller into text messages for the chat bot; and
converting an HTML form in the text messages from the chat bot to an audio message by:
detecting embedded HTML in the text messages;
parsing the embedded HTML to identify one or more objects by finding key words;
parsing the name of each of the one or more identified objects;
parsing each of the one or more identified objects to obtain one or more nouns;
translating the name of each of the one or more identified objects into one or more verbs;
formulating a text to speech phrase by combining the one or more verbs and the one or more nouns into a sentence; and
converting the phrase to an audio message using text to speech; and
a work engine for connecting the audio call to a selected one of the agents; and
wherein the orchestrator is capable of transferring the caller to the selected agent via the work engine.

US Pat. No. 11,032,419

INTELLIGENT CUSTOMER SERVICE SYSTEMS, CUSTOMER SERVICE ROBOTS, AND METHODS FOR PROVIDING CUSTOMER SERVICE

Shanghai Xiaoi Robot Tech...

1. A customer service robot, comprising:a machine training unit to perform machine training for big data to the customer service robot, so that the customer service robot is capable of identifying a type of scenarios to which session messages belong,
wherein the identified type of scenarios is one of a plurality of types of scenarios, which are obtained by classifying the session messages between a customer service provider and at least one customer-end device according to scenarios;
a message interactor to:
establish a session between the customer service robot and a customer-end device, receive a session message from the customer-end device,
transmit an answer message matching content of the session message to the customer-end device, the answer message comprising a comforting answer message when the customer service robot in a session service with the customer-end device is in a session suspended state, and
upon determining that the customer service robot is in the session suspended state, establish a session between a human customer-service device and the customer-end device, forward the received session message to the human customer-service device, and transmit an answer message received from the human customer-service device to the customer-end device;
a session message processor, coupled to the machine training unit and the message interactor, to:
identify the content of the session message received by the message interactor based on determining that the customer service robot is not in the session suspended state,
ascertain whether the customer service robot is capable of processing the session message based on the identified content of the session message,
upon ascertaining that the customer service robot is capable of processing the session message by itself, extract the answer message matching the identified content of the session message from a first type of data included in a pre-stored service resource and instruct the message interactor to transmit the answer message to the customer-end device, and
upon ascertaining that the customer service robot is not capable of processing the session message by itself or cannot identify the content of the session message, obtain a comforting answer message matching the session message from a second type of data included in the pre-stored service resource, and transmit the comforting answer message to the customer-end device, wherein the comforting answer message includes at least a portion of the content of the session message and is obtained according to the content of the session message, and the first type of data is different from the second type of data; and
a state controller, coupled to the session message processor,
if a predetermined condition for session suspension is met during the processing of the session message by the session message processor, the state controller is configured to set a state of the customer service robot to be a session suspended state when the customer service robot is in a session service with the customer-end device, and the customer service robot is configured to remain in another session service with another customer-end device when the customer-end device is in the session service with the customer service robot in the session suspended state.

US Pat. No. 11,032,418

GENERATING AND/OR PRIORITIZING PRE-CALL CONTENT FOR RENDERING WHEN AWAITING ACCEPTANCE OF AN INCOMING CALL

GOOGLE LLC, Mountain Vie...

1. A method implemented by one or more processors, the method comprising:generating first pre-call content for provisioning at an interface of a computing device when a user is receiving, via the computing device, an incoming call from another user, wherein the first pre-call content is based on data that resulted from the user engaging in an activity that is associated with the other user;
determining, subsequent to generating the first pre-call content, that the user has engaged in another activity, wherein the other activity is also associated with the other user and resulted in other data being generated;
generating, based at least on the other data that resulted from the user engaging in the activity, second pre-call content in furtherance of provisioning of content at the interface of the computing device when the user is receiving, via the computing device, the incoming call from the other user;
determining, subsequent to the generating the second pre-call content, that the other user has initialized the call to the user via a wireless communication protocol;
when the computing device is waiting for the user to indicate acceptance of the call:
causing, in response to determining that the other user has initialized the call to the user, the computing device to present the first pre-call content and/or the second pre-call content at the interface of the computing device.

US Pat. No. 11,032,417

COLLABORATIVE PHONE REPUTATION SYSTEM

Intel Corporation, Santa...

6. A method implemented, at least in part, via a mobile computing device, the mobile computing device being configured for wirelessly communicating, when the mobile computing device is in operation, with a server system via an Internet network, the server system being for maintaining data related to a communication to be received by the mobile computing device, the mobile computing device comprising a touch screen display, at least one camera, at least one accelerometer, at least one central processing unit that includes multiple cores, a wireless network interface circuit, and semiconductor memory that includes flash memory, the method comprising:executing, by the at least one central processing unit, client application instructions stored in the semiconductor memory, the semiconductor memory also to store, when the mobile computing device is in the operation, contact data, the executing of the client application instructions by the at least one central processing unit resulting in the mobile computing device being configured for performance of operations comprising:
display, via the display, a touch screen-based user interface for displaying at least one visual notification to a user of the mobile computing device of the communication received by the mobile computing device;
analyze the communication, at least in part, to determine at least one feature of the communication;
determine, based at least in part upon the at least one feature, to display, via the display, at least one other visual notification to the user, the at least one other visual notification being to notify the user that the communication is suspected to be undesirable to the user;
receive, via the touch screen-based user interface, user input associated, at least in part, with at least one indication of user desirability of the communication; and
generate and send other data, based at least in part upon the user input, to the server system for use in determination of desirability of the communication to be received by the mobile computing device;
wherein:
the contact data comprises an identification and a telephone number of originator of the communication.

US Pat. No. 11,032,416

INTELLIGENT SPEECH-ENABLED SCRIPTING

American TEL-A Systems, I...

1. A system, comprising:an applications server configured to communicatively couple to a softswitch, a resource server comprising a speech-recognition engine, and a database, the applications server configured to:
receive, from the softswitch, an indication that a call from a calling party directed to a called number was received;
determine, in response to the indication that the call was received, whether an agent is available to answer the call;
prior to routing the call, determine, based at least in part on the determination of whether an agent is available to answer the call, whether to route the call to an available agent determined from a plurality of agents associated with a call center or to a speech-enabled intelligent script associated with one of the called number or the calling party;
instruct the softswitch to route the call to the speech-enabled intelligent script in response to a determination that no agent is available to answer the call, the speech-enabled intelligent script configured to guide a user on the call through the speech-enabled intelligent script using one or more of pre-recorded prompts, voice menus, and text-to-speech prompts;
instruct the softswitch to route the call to the available agent in response to a determination that an agent is available to answer the call;
obtain, using the speech recognition engine of the resource server, one or more of selections and data inputs from the user in response to the one or more of pre-recorded prompts, voice menus, and text-to-speech prompts of the speech-enabled intelligent script;
monitor an availability of one or more agents while the user is interacting with the speech-enabled intelligent script;
determine that an agent is now available to answer the call;
instruct the softswitch to transfer the call to the agent that is now available to answer the call; and
send the one or more of selections and data inputs obtained from the user and an indication of the progress of the user through the speech-enabled intelligent script to the agent that is now available to answer the call.

US Pat. No. 11,032,415

SYSTEM AND METHOD FOR AUDIO CONTENT VERIFICATION

Mitel Networks Corporatio...

1. A system for verifying audio information, the system comprising:a telephony switch system;
an audio signature generator; and
an audio signal mixer,
wherein the audio signature generator generates an identifier,
wherein the telephony switch system connects the audio signature generator to a communication, and
wherein the audio mixer receives audio information from at least one communication device and information from the audio signature generator to form a mixed signal.

US Pat. No. 11,032,414

COMMUNICATION APPARATUS AND COMMUNICATION METHOD

NEC CORPORATION, Tokyo (...

1. A radio communication apparatus comprising:a memory; and
a processor configured to execute instructions stored on the memory to:
communicate a radio signal with another radio communication apparatus through a radio transmission path according to license information, the license information including a license type and a license period,
generate an alarm according to a state of the radio transmission path when a level of the radio signal is lower than a predetermined threshold,
receive the license information,
control the alarm to be outputted while the license is valid, and
control the alarm to be blocked while communicating the radio signal based on the license period.

US Pat. No. 11,032,413

ROBOCALL DETECTION

Soleo Communications, Inc...

1. A method comprising:receiving a first plurality of disconnected numbers associated with a first communication network;
receiving a second plurality of disconnected numbers associated with a second communication network;
storing the first plurality of disconnected numbers and the second plurality of disconnected numbers in a robocall detection data store;
receiving a plurality of originating phone numbers that have placed calls to at least one of (i) one or more disconnected numbers of the first plurality of disconnected numbers or (ii) one or more disconnected numbers of the second plurality of disconnected numbers;
storing the plurality of originating phone numbers in the robocall detection data store;
for individual originating phone numbers in the robocall detection data store, calculating a robocall score that represents a likelihood that a phone call initiated from a particular one of the plurality of originating phone numbers is a robocall; and
for individual disconnected numbers in the robocall detection data store, calculating a robocall score that represents a likelihood that a phone call initiated from a particular one of the disconnected numbers is a robocall.

US Pat. No. 11,032,412

ELECTRONIC GLASSES THAT DISPLAY A VIRTUAL IMAGE FOR A TELEPHONE CALL

1. A method comprising:receiving, at a smartphone of a first user located in an environment and from a second user, an incoming telephone call; and
displaying, on a display of electronic glasses worn on a head of the first user and before the first user answers the incoming telephone call, a virtual image at a location in the environment where a voice of the second user will externally localize in empty space outside the head of the first user in the environment when the first user answers the incoming telephone call.

US Pat. No. 11,032,411

CONTROL METHOD FOR ELECTRONIC DEVICE, ELECTRONIC DEVICE, COMPUTER READABLE STORAGE MEDIUM

GUANGDONG OPPO MOBILE TEL...

4. An electronic device, comprising:a transparent display screen, comprising a display area;
an infrared sensor stacked below' the display area, wherein the infrared sensor is configured to emit infrared light and receive infrared light reflected by an object, to detect a distance from the object to the electronic device; and
a processor, configured to determine whether the electronic device is in an outgoing call stats, perform control to reduce brightness of the transparent display screen in a case that the electronic device is in the outgoing call state, and perform control to turn on the infrared sensor to detect the distance between the object and the electronic device,
wherein the processor is configured to determine whether the electronic device is approaching a user, and perform control to reduce the brightness of the transparent display screen in a ease that the electronic device is approaching the user,
the electronic device further comprises an acceleration sensor configured to detect a motion state of the electronic device, wherein the processor is configured to acquire the motion state of the electronic device detected by the acceleration sensor, determine whether the motion state conforms to a predetermined motion state, and determine that the electronic device is approaching the user in a case that the motion state conforms to the predetermined motion state;
wherein the display area comprises a window area, the infrared sensor is stacked below the window area, and wherein the processor is further configured to: perform control to reduce brightness of the window area.

US Pat. No. 11,032,410

MOBILE DATA INSIGHT PLATFORMS FOR DATA ANALYSIS

Microsoft Technology Lice...

1. A method of operating a data insight system, the method comprising:determining derived data analysis preferences based at least on usage modalities for past data analysis activities of a user or organization associated with the user;
determining a data insight object for a target dataset based on the derived data analysis preferences, wherein the data insight object comprises:
an object portion representing first content as a data insight,
one or more metadata portions indicating a processing lineage that provides data indicating an active record of data processing steps applied to generate the first content including one or more of: processing operations, functions and formulae, and
a graphical user interface (GUI) element posing a question about the first content of the data insight;
generating the data insight object at different presentation levels based at least on an evaluation of device properties identified for a user computing device that is to display the representation of the data insight object, wherein the different presentation levels comprise:
a first presentation level that includes the object portion and the GUI element, and
a second presentation level that includes a metadata portion, of the one or more metadata portions, as second content indicating the processing lineage that is displayable, upon selection of the GUI element posing the question about the first content of the data insight;
transferring, to the user computing device, data for rendering of the data insight object at the first presentation level;
receiving, from the user computing device, an indication of a selection of the GUI element posing the question about the content of the data insight; and
in response to receiving the indication of the selection of the GUI element, transferring, to the user computing device, data for rendering of the data insight object at the second presentation level.

US Pat. No. 11,032,409

METHODS FOR GEOGRAPHIC GESTURING USING A MOBILE DEVICE FOR INTERACTIONS WITH NEARBY OTHER MOBILE DEVICES

YELLCAST, INC, San Carlo...

1. A method of interacting between users of mobile devices, comprising:initiating a desired interaction at a first user device using a gesture sensed by the first user device;
determining a geographic location for the desired interaction based on a location of the first user device;
determining, from the gesture, a gesture area;
submitting, from the first user device to a remote server, a desired interaction request wherein the desired interaction request comprises an indication of the gesture or the gesture area;
searching, at the remote server, for a membership record associated with a first user of the first user device;
searching, at the remote server, for relationship records associated with a set of one or more associated users associated with the first user;
determining locations for user devices associated with users of the set of one or more associated users;
determining membership of a local subset of the set of one or more associated users, wherein the local subset comprises associated users associated with the first user having user devices with present locations within the gesture area;
determining remote server identifiers for the first user and for the users of the local subset; and
sending a notification to user devices of the local subset, the notification indicating the desired interaction of the first user with one or more users of the local subset, wherein the notification identifies the first user with an identifier independent of identifiers used by the first user outside of interactions with the remote server.

US Pat. No. 11,032,408

METHOD AND SYSTEM FOR AUTOMATICALLY CONNECTING CALLS OF VOICE OVER INTERNET PROTOCOL (VOIP) SERVICE

LINE Corporation, Tokyo ...

1. A method of automatically connecting a Voice over Internet Protocol (VoIP) call in an electronic device implemented by a computer, the method comprising:setting a specific counterpart among counterparts capable of making the VoIP call over a network as an automatic connection target;
executing a program including a function of providing the VoIP call;
determining that a corresponding program is being executed on an electronic device of the automatic connection target;
automatically connecting the VoIP call with the automatic connection target in response to determining that the corresponding program is being executed on the electronic device of the automatic connection target without performing a calling operation and an acceptance operation for a call between a user of the electronic device and the automatic connection target;
providing state information associated with the automatic connection target through a screen display on the electronic device; and
maintaining the call between the user and the automatic connection target by automatically connecting the VoIP call without a separate calling operation while the program and the corresponding program are being executed,
wherein the providing comprises displaying a call connection state with the automatic connection target at all times during the maintaining of the call,
wherein the setting the specific counterpart among counterparts is independent from the providing the VoIP call, and
wherein the setting the specific counterpart comprises setting the automatic connection target based on a call history accumulated for each of the counterparts.

US Pat. No. 11,032,407

BACK COVER FOR MOBILE DEVICES WITH ADJUSTABLE APPEARANCE

Furcifer Inc., Fremont, ...

1. A back cover for a mobile device, the back cover comprising an electrochromic film device attached to a back of the mobile device, wherein the electrochromic film device includes:an electrochromic layer, wherein a thickness of the electrochromic layer is based on an extinction coefficient;
a charge storage layer comprising a metal oxide; and
a suspension encapsulated between two films, the suspension comprising a mixture having a crystalline phase below a transition temperature of the mixture and an isotropic liquid phase above the transition temperature, the mixture being adjusted in tint in response to a temperature increasing to above the transition temperature, wherein:
the electrochromic device and an appearance of the back of the mobile device is controlled either by a user of the mobile device via a software setting or automatically by the mobile device itself.

US Pat. No. 11,032,406

SMARTPHONE CASE WITH SEPARATE COMPUTER HARDWARE FOR RECORDING PRIVATE HEALTH-RELATED DATA

MyMee Inc., New York, NY...

1. A smartphone case peripheral device comprising:a first surface comprising a smartphone-receiving section sized to receive a smartphone therein;
a second surface connected to the first surface, the second surface comprising a compressible member extending away therefrom,
wherein the compressible member is configured to travel inwards when compressed; and
an interior compartment defined by the first surface and the second surface, the interior compartment comprising:
a compression sensor in communication with the compressible member,
wherein the compression sensor is configured to monitor the amount and/or rate of compression of the compressible member;
a shock absorber in communication with the compressible member,
wherein the shock absorber is configured to be engaged via said compression of the compressible member;
a communications connection device configured to provide a communications connection between the smartphone case peripheral device and a smartphone seated within the smartphone-receiving section; and
specialized computer hardware and software in communication with the compression sensor, the shock absorber, and the communications connection device,
wherein the specialized computer hardware and software is configured to monitor behavior of a user of a smartphone seated within the smartphone-receiving section.

US Pat. No. 11,032,405

FLEXIBLE SCREEN MOBILE TERMINAL

GUANGDONG OPPO MOBILE TEL...

1. A flexible screen mobile terminal, comprising:a first body, having a first surface for mounting a flexible screen;
a second body, disposed at one end of the first body, and having a second surface for mounting the flexible screen;
the flexible screen, lapped jointly on the first surface and the second surface; and
a screen support, configured to fix the flexible screen, and enable the flexible screen to be movably connected to at least one of the first body and the second body;
wherein the first body and the second body are detachably connected in a plug-connection mode;
wherein the second body is provided with a chute, enabling the screen support to slide in the chute, and the screen support is slidably connected to the second body via the chute;
wherein the screen support is provided with a second body limit block for limiting a relative sliding distance between the screen support and the second body, and the second body limit block is disposed at one end of the screen support near the second body; the chute is provided with a rack structure matched with the second body limit block, and a relative position of the second body and the screen support is controlled by cooperation of a gear and a rack.

US Pat. No. 11,032,404

METHOD AND APPARATUS FOR PROVIDING EVENT OF PORTABLE DEVICE HAVING FLEXIBLE DISPLAY UNIT

SAMSUNG ELECTRONICS CO., ...

1. An electronic apparatus, comprising:a main body;
a single display which is mounted on the main body, the single display comprising:
a main display area, and
an auxiliary display area which is extended from the main display area to a rear surface of the electronic apparatus and is smaller than the main display area,
wherein the auxiliary display area comprises a curvature extending from the main display area,
wherein the main body comprises:
a front portion which is coupled with the main display area, the front portion and the main display area form a front surface of the electronic apparatus,
a rear portion which forms the rear surface of the electronic apparatus, and
a side portion which is coupled with the auxiliary display area, the side portion and the auxiliary display area form at least one side surface of the electronic apparatus, and
wherein the side portion comprises a curved area corresponding the curvature.

US Pat. No. 11,032,403

METHOD TO AID THE WALKING-WHILE-TEXTING SMART PHONE USER NAVIGATE AROUND OBSTACLES IN THE FORWARD PATH

1. A method that provides a continuous, self-adjusted, wide-angle view of a frontal horizon to a user of a smart mobile communication device who is walking while texting with head down, such that obstacles and dangers in a forward path of the user are displayed on a screen, utilizing following mechanisms and designs, comprising the steps of:a) providing a design of a moveable camera assembly in which a digital camera with a wide angular field of view lens is mounted on a casing, and said moveable camera assembly hinged to an upper part of the smart mobile communication device, with an appropriate range of movement;
b) providing a first mechanism with ability for said moveable camera assembly to be rotated or swung about a hinge on a main body of the smart mobile communication device, so as to point towards the frontal horizon of an intended path of travel of the user, and with ability to retract into the main body when desired, preserving continuity and a smooth contour with surrounding surfaces of the main body;
c) providing said digital camera with the wide angular field of view lens, or a provision for a second mechanism wherein a refractive element can be moved in front of the wide angular field of view lens of the digital camera to increase an angular field of view (FOV) when the digital camera is deployed, and can be moved away from the wide angular field of view lens in stowage, either manually or under control of software and actuation by a central processing unit (CPU) and necessary mechanical system;
d) providing flexible electric connectors or rotary electrical interfaces between the digital camera in said moveable camera assembly and a main circuitry board, allowing appropriate movements of the moveable camera assembly while maintaining necessary data transfer;
e) providing a camera positioning system which is able to rotate, extend or swing said moveable camera assembly outwards, or to retract said moveable camera assembly for stowage flushed with surrounding surfaces of the main body, comprises (1) mechanical connections between the main body of the smart mobile communication device and the casing permitting the appropriate movements; (2) a driving system, using either mechanical or electro-magnetic forces; and (3) control by the CPU or a dedicated microprocessor;
f) providing a catch to keep the moveable camera assembly locked in stowage, with engaging and releasing mechanisms under control of the CPU or said dedicated microprocessor;
g) providing capability of sampling an accelerometer in the smart mobile communication device for continuous information of attitudes of the smart mobile communication device, forwarding information of attitudes to the CPU, and calculating an appropriate amount of action needed for the camera positioning system, for such motions as rotation, extension and retraction, ensuring the digital camera in the moveable camera assembly is always pointing forward horizontally;
h) providing software to capture views by said digital camera, and display the views on the screen of the smart mobile communication device as a background of a messaging application program, or on a split screen;
i) provision of an image analysis software whereby flashing lights and fast moving objects in said captured views trigger audio and visual alarms;
j) providing capabilities to select and deselect said digital camera, said camera positioning system, image acquisition by said digital camera, and corresponding displays on the screen.

US Pat. No. 11,032,402

HINGE OF A MOBILE TERMINAL HAVING AN INWARD-FOLDABLE FLEXIBLE SCREEN AND A MOBILE TERMINAL HAVING AN INWARD-FOLDABLE FLEXIBLE SCREEN

HANGZHOU AMPHENOL PHOENIX...

1. A hinge of a mobile terminal having an inward-foldable flexible screen, wherein it comprises a left support plate, a middle support plate, a right support plate, a left support frame, a right support frame, and a middle U-shaped cover;The inner ends of the left support frame and the right support frame are connected with a synchronous mechanism, so that the left support frame and the right support frame can rotate synchronously and reversely;
The middle support plate is a liftable plate with the position corresponding to the middle U-shaped cover, and the middle support plate descends to the bottom of the middle U-shaped cover; the middle support plate is not connected with the left support plate or the right support plate, and a left guide drive mechanism and a right guide drive mechanism are respectively arranged between the left support frame and the middle support plate, and between the right support frame and the middle support plate; the rotation of the left support frame and the right support frame forces the middle support plate to make corresponding ascending or descending movement through the left guide drive mechanism and the right guide drive mechanism, and the descent distance of the middle support plate in the first half of the hinge being folded from the unfolded state is greater than that of the second half of the hinge being folded from the unfolded state;
The left support plate is movably connected between the left support frame and the middle U-shaped cover, and the right support plate is movably connected between the right support frame and the middle U-shaped cover;
The left support plate, the middle support plate and the right support plate form the middle support plane of the flexible screen when the hinge opens to the flattened state, and form a bent configuration after the hinge is folded to provide space for the flexible screen to bend.

US Pat. No. 11,032,401

IDENTIFICATION OF PACKET TRAFFIC TRANSMITTED BY VARIOUS DEVICES OPERATED IN MULTIPLE OVERLAPPED FREQUENCY BANDS IN PACKET-BASED OFDM SYSTEMS

APPLIED TRANSFORM, LLC, ...

1. A wireless receiver capable of header decoding comprising:a header decoder operable to receive a plurality of encoded bits comprising at least two concatenated copies of an FEC (Forward Error Correction) codeword; and
an FEC decoder operable to decode a first copy of the FEC codeword to generate a first plurality of decoded bits, and operable to decode a second copy of the FEC codeword to generate a second plurality of decoded bits, wherein the decoding comprises cyclically shifting by two bits the second copy of the FEC codeword relative to the first copy of the FEC codeword.

US Pat. No. 11,032,400

METHOD AND DEVICE FOR TRANSMITTING/RECEIVING BROADCAST SIGNAL

LG ELECTRONICS INC., Seo...

1. A digital broadcast receiver for processing a broadcast signal, the digital broadcast receiver comprising:a tuner configured to receive the broadcast signal including Physical Layer Pipes (PLPs),
wherein the PLPs carry link layer packets; and
a controller coupled to the tuner,
wherein the controller is configured to:
detect and acquire first signaling information for supporting a channel scan and second signaling information for a robust header compression,
wherein the second signaling information for the robust header compression includes a PLP identifier, profile information for representing a range of protocols used to compress at least one stream, and a maximum value of a context identifier,
decode a PLP to receive the at least one stream based on the second signaling information for the robust header compression, and
decompress the at least one stream.

US Pat. No. 11,032,399

DYNAMIC CERTIFICATION FOR CONFIGURATION CHANGES TO SOFTWARE DEFINED RADIO IMPLEMENTED DEVICES

EMC IP Holding Company LL...

1. A method comprising:obtaining, at a compute node currently operating within a given computing environment and currently enabled to support at least a first communication protocol, one or more instructions for enabling the compute node to support a second communication protocol;
automatically reconfiguring, in response to the one or more instructions, one or more configuration parameters associated with the compute node to support the second communication protocol; and
obtaining, by the compute node, a certification of the second communication protocol from one or more other compute nodes in the given computing environment within which the compute node currently operates;
wherein the steps are performed by at least one processing device comprising a processor and a memory.

US Pat. No. 11,032,398

KERNEL MULTIPLEXING SYSTEM OF COMMUNICATIONS

Facebook, Inc., Menlo Pa...

1. A method performed by a device for communicating with a remote device, the method comprising:creating at least one stream-based socket to transmit and receive data streams via a transport laver protocol;
using the transport laver protocol to establish, for the stream-based socket, an open connection between the device and the remote device;
creating at least one message-based socket to transmit and receive discrete messages via an application laver protocol, the application laver protocol being a higher layer protocol than the transport laver protocol;
receiving, by a multiplexing system from an application program via the message-based socket, a request to send a discrete message to the remote device;
determining, by the multiplexing system, whether the open connection of the stream-based socket is being used to send a prior discrete message to the remote device;
when the open connection of the stream-based socket is not being used, binding the message-based socket to the stream-based socket and sending, by the multiplexing system, the discrete message to the remote device over the open connection via one or more of the data streams; and
when the open connection of the stream-based socket is being used, queuing, by the multiplexing system, the discrete message for later sending over the open connection.

US Pat. No. 11,032,397

METHOD AND SYSTEM FOR HIGH SPEED DATA LINKS

Hewlett Packard Enterpris...

1. A method of transmitting data as a packet in a burst mode, from a transmitter in a high-performance computer to a receiver over a communications channel on a single fabric within the high-performance computer, the method comprising:generating a packet comprising a plurality of flits having different formats, the formats configured to implement different communication protocols, including at least one low-latency flit configured for low latency transmission over the communications channel, and a plurality of bandwidth flits, each bandwidth flit configured for high bandwidth throughput over the same communications channel;
transmitting the plurality of flits over the communications channel from the transmitter to the receiver in a contiguous stream, the contiguous stream running two communication protocols simultaneously over one physical fabric, the first protocol being a link-level protocol configured for low-latency messaging, and the second protocol being an end-to-end protocol configured for high bandwidth; and
at the receiver, reassembling the data from the flits.

US Pat. No. 11,032,396

SYSTEMS AND METHODS FOR MANAGING CLIENT REQUESTS TO ACCESS SERVICES PROVIDED BY A DATA CENTER

Citrix Systems, Inc., Fo...

1. A method comprising:(a) identifying, by a first device, first metrics for a service, the first metrics generated from client requests to the service communicated from a plurality of clients via one or more Internet service providers (ISPs) to a data center comprising a plurality of servers providing the service, the first metrics used to identify issues with the one or more ISPs;
(b) identifying, by the first device, second metrics for the service, the second metrics generated from application programming interface (API) requests communicated between a plurality of microservices of the service responsive to the client requests being forwarded to the plurality of servers, the second metrics used to identify issues with the plurality of microservices;
(c) identifying, by the first device, third metrics for the service, the third metrics generated from responses to the client requests, the responses generated by the plurality of microservices and communicated between a second device and the plurality of clients via one or more wide area network (WAN) links, the second device intermediary between the plurality of servers and the plurality of clients and configured to select the one or more WAN links via which to communicate the responses to the client requests, the third metrics used to identify issues with the one or more WAN links;
(d) generating, by the first device, a service graph to identify issues with at least one of the one or more ISPs, the plurality of microservices, or the one or more WAN links, the issues identified using the first, second, and third metrics; and
(e) displaying, by the first device, on the service graph, one or more graphical indicators, the one or more graphical indicators generated using the first metrics, the second metrics, or the third metrics, and used to identify an issue with at least one of the one or more ISPs, the plurality of microservices, or the one or more WAN links.

US Pat. No. 11,032,395

SYSTEMS AND METHODS FOR DISTRIBUTED UPDATE OF SOFTWARE IN A NETWORK OF MOVING THINGS

VENIAM, INC., Mountain V...

1. A system for remote update and distribution of software information in a communication network comprising a plurality of node devices, the system comprising:at least one storage and at least one server communicatively coupled to the at least one storage, wherein:
the at least one storage is configured to store a plurality of software updates; and
the at least one server configured to communicate with the plurality of node devices and to perform at least the following actions:
receive from a particular node device of the plurality of node devices, a request message requesting availability of software updates, wherein the request message comprises a plurality of parameters that characterize the particular node device;
determine whether one or more software updates for the particular node device are available in the communication network, based on the plurality of parameters and conditions affecting the particular node device; and
when the one or more software updates for the particular node device are available, send to the particular node device a response message that comprises for each software update, corresponding properties information that comprise at least:
information identifying a respective location in the communication network from which the software update provided by the at least one server is accessible by the particular node device; and
information for controlling receiving or use of the software update, the information defining at least a dissemination mode, from a plurality of modes of dissemination, for downloading the software update, wherein:
the plurality of modes of dissemination comprises direct dissemination, epidemic dissemination, opportunistic dissemination and mix dissemination,
the direct dissemination requires obtaining the software update only from the respective location,
the epidemic dissemination requires obtaining the software update from a neighboring node device of the plurality of node devices,
the opportunistic dissemination requires obtaining the software update only when one specific communication technology is available and
the mix dissemination allows for adaptively obtaining at least a portion of the software update from the respective location or a neighboring node device of the plurality of node devices or only when one specific communication technology is available.

US Pat. No. 11,032,394

CACHING TECHNIQUES

Perfect Sense, Inc., Res...

1. A computer-implemented method comprising:obtaining data indicating a list of candidates predetermined to be eligible for caching;
receiving a first request for an information associated with a web resource;
receiving a second request for the information associated with the web resource;
determining that a duration of time from receiving the first request to receiving the second request satisfies a first threshold amount of time;
determining that the information associated with the web source is not included in the list of candidates predetermined to be eligible for caching;
determining that an amount of time for retrieving the information associated with the web resource from one or more databases satisfies a second threshold amount of time; and
updating the list of candidates to include a candidate representing the information associated with the web source based on (i) determining that the duration of time from receiving the first request to receiving the second request satisfies the first threshold amount of time, and (ii) determining that the amount of time for retrieving the information associated with the web resource from the one or more databases satisfies the second threshold amount of time;
retrieving, from the one or more databases, the information associated with the web resource based on updating the list of candidates to include the candidate representing the information associated with the web source; and
caching the retrieved information at a server system.

US Pat. No. 11,032,393

NETWORK NODE AND METHOD PERFORMED THEREBY PROVIDING A RECOMMENDATION ASSOCIATED WITH A SERVICE TO A WIRELESS DEVICE

Telefonaktiebolaget LM Er...

1. A method performed by a network node for providing a recommendation associated with a service provided to a wireless device, the network node being operable in a wireless communication network, the wireless communication network providing the service to the wireless device, the method comprising:obtaining bandwidth information associated with a radio interface between a radio access node of a Radio Access Network, RAN, of the wireless communication network and the wireless device;
obtaining bandwidth information associated with a transport network, the transport network comprising a part of the wireless communication network between the radio access node and one of an application server within the wireless communication network providing the service and a gateway of the wireless communication network towards a second communication network; and
determining available bandwidth for providing the service to the wireless device based on the obtained bandwidth information associated with the radio interface and the obtained bandwidth information associated with the transport network.

US Pat. No. 11,032,392

INCLUDING PRIOR REQUEST PERFORMANCE INFORMATION IN REQUESTS TO SCHEDULE SUBSEQUENT REQUEST PERFORMANCE

Amazon Technologies, Inc....

1. A system, comprising:at least one processor and a memory, configured to implement a front-end for processing requests to a network-based service;
the front-end, configured to:
receive a first request to perform a first operation at the network-based service from a client;
dispatch the first request to be performed at the network-based service;
send a response to the first request that includes a data token comprising information regarding prior requests, including the first request, associated with the client at the network-based service, the information comprising at least one of a processor or storage utilization metric for performance of the prior operations or a frequency of operations associated with the client of the network-based service;
receive a second request to perform a second operation at the network-based service from the client, wherein the second request includes the data token;
determine a priority value for the second request at the network-based service according to an evaluation of the information regarding prior requests included in the data token; and
order performance of the second operation at the network-based service with respect to one or more other requests received at the front-end according to the priority value of the second request.

US Pat. No. 11,032,391

SOCIAL NETWORK GROUPING METHOD AND SYSTEM, AND COMPUTER STORAGE MEDIUM

TENCENT TECHNOLOGY (SHENZ...

1. A method for grouping friends of a first user of an online social network application implemented in a server having one or more processors and memory storing a plurality of programs, the method comprising:acquiring friend relation data corresponding to a plurality of friends of the first user of the social networking application, wherein each of the plurality of friends is an existing contact of the first user on the social networking application, the friend relation data represents connections in-between the plurality of friends on the social networking application, and each of the plurality of friends corresponds to a respective friend node of a plurality of friend nodes on the social network application;
generating and storing a plurality of friend circles using the friend relation data, wherein each of the friend circles is a respective subset of the plurality of friends of the first user and includes a respective subset of the plurality of friend nodes;
determining a weight of each of the plurality of friend nodes based on the friend relation data;
selecting, among the plurality of friend circles, a first friend circle with a first friend node having a highest weight among the plurality of friend nodes;
traversing the plurality of friend nodes to add an optimum friend to the first friend circle, wherein the optimum friend corresponds to a friend node of the plurality of friend nodes; and
repeating the traversing until a first predefined number of optimum friends are added into the first friend circle.

US Pat. No. 11,032,390

DIGITAL CARD MANAGEMENT

Altair Engineering, Inc.,...

1. A computer-implemented method for locating a plurality of portable computing devices in an indoor environment, the method performed by at least one processor, and comprising:receiving, by the at least one processor, signal information describing a plurality of signals received by at least one receiver in the indoor environment, wherein each of the plurality of signals is emitted from a respective one of the plurality of portable computing devices in the indoor environment;
analyzing, by the at least one processor, the signal information to determine location information that indicates a respective location of each of the plurality of portable computing devices relative to a reference object in the indoor environment;
causing, by the at least one processor, the location information to be presented through a user interface (UI) on a first portable computing device of the plurality of portable computing devices to a first user, wherein the UI comprises:
a graphical representation of the indoor environment,
a graphical representation of a location of the reference object within the indoor environment,
a graphical representation of a location of the first portable computing device relative to the location of the reference object within the indoor environment,
a graphical representation of a location of a second portable computing device of the plurality of portable computing devices relative to the location of the reference object within the indoor environment, and
a first digital contact card for a second user associated with the second portable computing device,
wherein the first digital contact card is generated by:
retrieving, by the at least one processor, contact information for the second user,
retrieving, by the at least one processor, group style information that specifies at least one style characteristic to be used to generate the first digital contact card, wherein the group style information is associated with an organization that includes the second user, wherein the group style information has been specified for the organization by a third user through a style management UI, wherein the group style information indicates a first portion of the contact information to be included in the first digital contact card and a second portion of the contact information to be omitted from the first digital contact card, and
generating, by the at least one processor, the first digital contact card including the at least one style characteristic specified in the group style information, wherein the first digital contact card includes the first portion of the contact information for the second user;
receiving, by the at least one processor through the UI on the first portable computing device, a concurrent selection of two or more of the plurality of portable computing devices by the first user, and a command to transmit a second digital contact card for the first user to each of the selected portable computing devices; and
causing, by the least one processor, the second digital contact card to be transmitted to each of the selected portable computing devices.

US Pat. No. 11,032,389

APPLYING APPLICATION-BASED POLICY RULES USING A PROGRAMMABLE APPLICATION CACHE

Juniper Networks, Inc., ...

1. A method, comprising:synchronizing, by a first network device associated with a first local network, information in a first application cache associated with the first local network with information in a second application cache associated with a second local network,
wherein the first local network is different from the second local network;
receiving, at the first network device and after synchronizing the information in the first application cache with the information in the second application cache, a packet from a client device;
identifying, by the first network device and based on receiving the packet, a destination of the packet;
determining, by the first network device and based on the information in the first application cache, that an application is associated with the destination,
wherein the first network device and the client device are included in the first local network;
determining, by the first network device, based on the application and based on the information in the first application cache, whether to transmit the packet to a second network device or to transmit the packet to an application server without transmitting the packet to the second network device,
wherein the application server is associated with the application, and
wherein the second network device is included in the second local network; and
transmitting, by the first network device and based on determining to transmit the packet to the application server without transmitting the packet to the second network device, the packet to the application server without transmitting the packet to the second network device, or
transmitting, by the first network device and based on determining to transmit the packet to the second network device, the packet to the second network device.

US Pat. No. 11,032,388

METHODS FOR PRERENDERING AND METHODS FOR MANAGING AND CONFIGURING PRERENDERING OPERATIONS

Google LLC, Mountain Vie...

10. A computing device comprising:one or more processors; and
a memory configured to store instructions and data that are accessible to the one or more processors;
wherein the one or more processors are configured to:
determine a navigation event within a web browser based at least in part on a prerender tag embedded within a web page, the prerender tag including a ranking value used to rank links to prerender and a time parameter; request content associated with the navigation event;
prerender the content associated with the navigation event in an alternate instance of the web browser that is hidden from a user of the web browser;
determine whether the user has selected the navigation event within a time period based on the time parameter associated with the prerender tag;
display the alternate instance of the web browser containing the prerendered content in a current user instance of the web browser when the user has selected the navigation event within the time period based on the time parameter associated with the prerender tag; and
discard the prerendered content associated with the navigation event when the user has not selected the navigation event within the time period based on the time parameter associated with the prerender tag.

US Pat. No. 11,032,387

HANDLING OF CONTENT IN A CONTENT DELIVERY NETWORK

Level 3 Communications, L...

1. A method of content delivery in a content delivery network comprising:receiving, at a first server of a first tier of servers of the content delivery network, a request from a requesting device for a portion of a resource available from the content delivery network;
determining whether the portion of the resource is an initial portion of the resource;
accessing a popularity service associated with the content delivery network to determine a popularity designation associated with the resource, wherein the popularity designation associated with the resource indicates that the resource is not popular;
requesting, by the first server, the portion of the resource from a second server of the content delivery network;
receiving, based on the popularity designation indicating that the requested resource is not popular, a redirect instruction to redirect the requesting device to obtain the portion of the resource from a content server of the content delivery network and an instruction to not cache the portion of the resource at the first server when the portion of the resource is obtained from the content server of the content delivery network;
processing, at the first server of the first tier of servers, the redirect instruction from the second server of the content delivery network to obtain, at the first server, the portion of the resource from the content server of the content delivery network; and
providing, from the first server of the first tier of servers, the obtained portion of the resource to the requesting device.

US Pat. No. 11,032,386

MATRIX DATA SYSTEM FOR COMPUTATION OF EXACT AND PROXIMATE SOLUTIONS

Nimbella Corp., Santa Cl...

1. A matrix data system, comprising:a set of matrix servers, each matrix server in the set of matrix servers is configured to calculate and store one or more descriptive vectors associated with one or more numerical source data sets, the one or more descriptive vectors calculated from mathematical functions across different ranges of the associated one or more numerical source data sets, each matrix server stores the one or more descriptive vectors in a hierarchy that covers different ranges of the associated numerical data sets;
wherein upon a particular matrix server, in the set of matrix servers, receiving a request from a client device for calculating a function result on a range of values in a numerical source data set, the particular matrix server utilizing the stored one or more descriptive vectors to calculate a function result and returning the function result to the client device.

US Pat. No. 11,032,385

RECIPIENT-BASED FILTERING IN A PUBLISH-SUBSCRIBE MESSAGING SYSTEM

salesforce.com, inc., Sa...

1. A method in a server of a publish-subscribe messaging system for recipient-based filtering of a message that relates to a topic to which consumers are subscribed, the method comprising:adding the message to an event bus, wherein the message includes at least a body and an attribute that includes a set of one or more consumer identifiers for intended recipients for the message;
retrieving the message from the event bus;
responsive to determining that the attribute of the message includes the set of consumer identifiers, wherein the set of consumer identifiers includes fewer identifiers than for all of the consumers, performing:
responsive to determining that the set of consumer identifiers includes the identifier for a consumer from the consumers, adding the message to a queue associated with the consumer, wherein the queue is one of a plurality of queues each associated with a respective one of the consumers; and
delivering the message to only a subset of all of the consumers that corresponds to the intended recipients based on a subset of the plurality of queues to which the message was added.

US Pat. No. 11,032,384

SYSTEM AND METHOD FOR PROVIDING USAGE OF AND/OR ACCESS TO SECURED DATA VIA USING PUSH NOTIFICATION INFRASTRUCTURE

LENOVO Enterprise Solutio...

1. A method comprising:providing a push notification from a system management appliance (SMA) to a user device, the push notification including a one-time password for access to the SMA on a temporary alternate route to a normal route between the SMA and the user device to permit the user device to obtain additional information pertaining to the push notification,
wherein the one-time password provides limited access to the SMA different than normal access to the SMA via a different password and/or account.

US Pat. No. 11,032,383

EVENT DELIVERY

MICROSOFT TECHNOLOGY LICE...

1. A system comprising:a receiver to receive an event from a publisher;
a director in communication with a router to forward a targeted event notification for the event to a subscriber; and
a re-director in communication with the director to:
determine a delivery of the targeted event notification to the subscriber has failed;
determine whether to place a subscription associated with the failed delivery of the targeted event notification on probation based on a failure rate of the subscription and a rate of events available to deliver for the subscription, wherein the rate of events available to deliver for the subscription is a count of the events available to deliver for the subscription measured over a predetermined period of time,
wherein the re-director determines to place the subscription on probation responsive to the failure rate being greater than a first threshold, and responsive to the rate of events available to deliver for the subscription being greater than a second threshold different than the first threshold; and
place the targeted event notification for the subscription in a delayed queue for the subscriber based at least on a determination to place the subscription on probation, wherein re-transmission of the targeted event notification is delayed responsive to placing the targeted event notification in the delayed queue.

US Pat. No. 11,032,382

DATA LOGGING FROM A WEARABLE COMPUTING DEVICE

Google LLC, Mountain Vie...

1. A method of gathering logging data from a wearable computing device, the method comprising:generating one or more log messages by a processor of the wearable computing device;
storing the one or more log messages by the processor; and
upon determining by the processor that a consolidated log of the one or more messages is to be generated, generating the consolidated log and transmitting the consolidated log to a storage device by the processor, wherein the generating of the consolidated log is selectively deferred based on a power status or a connectivity status of the wearable computing device.

US Pat. No. 11,032,381

DISCOVERY AND STORAGE OF RESOURCE TAGS

ServiceNow, Inc., Santa ...

1. A system comprising:a computational instance including persistent storage that maintains a discovery pattern and credentials for a cloud-based service, wherein the cloud-based service provides a remote computing infrastructure; and
one or more processors configured to:
remotely access, using the credentials, the cloud-based service;
execute the discovery pattern to obtain copies of one or more tags configured in the cloud-based service, wherein the one or more tags each include a key field, a value field, and a resource identifier field, and wherein each resource identifier field uniquely specifies a respective computational resource of one or more computational resources of the cloud-based service;
associate the one or more tags that were discovered to one or more configuration item representations of the one or more computational resources stored in a configuration management database (CMDB) by:
matching the resource identifier field of each respective tag to an additional resource identifier field of a respective configuration item representation of the one or more configuration item representations; and
generating an association between the respective tag and the respective configuration item representation based on the resource identifier field matching the additional resource identifier field; and
store, in the CMDB, the one or more tags and their respective associations to the one or more configuration item representations.

US Pat. No. 11,032,380

SYSTEM AND METHOD FOR INTENT-BASED SERVICE DEPLOYMENT

Nutanix, Inc., San Jose,...

1. A service deployment system associated with a virtual computing system having a plurality of software functionality services installed thereon, the service deployment system comprising:a distributed cluster of virtual machines for running the plurality of software functionality services;
a memory that stores user indicators and a configuration state of the distributed cluster; and
a processing unit that deploys the plurality of software functionality services based on the user indicators and the configuration state of the distributed cluster, wherein the processing unit:
receives the user indicators and stores the user indicators within the memory;
maps the user indicators to the plurality of software functionality services;
determines an order of deployment associated with the plurality of software functionality services;
determines deployment locations associated with the plurality of software functionality services;
generates a plurality of actions responsive to the plurality of software functionality services, the order of deployment, and the deployment locations;
detects a change in the configuration state including upgrading a version of a software managing the distributed cluster of virtual machines; and
generates an updated plurality of actions responsive to the change in the configuration state.

US Pat. No. 11,032,379

SECURE IN-BAND SERVICE DETECTION

CITRIX SYSTEMS, INC., Fo...

1. An appliance, comprising:a memory storing a set of instructions; and
one or more processors configured to execute the set of instructions to cause the appliance to:
acquire a first handshake message from a client device, wherein the first handshake message is intended for a service;
provide a second handshake message for the client device, wherein the second handshake message includes a first certificate referring to the appliance;
acquire, from the client device, a second certificate indicating a first function of a connection and a second function of the connection subsequent to when the client device determines that the appliance is authorized to assist with providing a secure connection between the client device and the service based on results of the client device's examination of the first certificate; and
determine, based on the second function, an action associated with providing the service with the second certificate indicating the first function.

US Pat. No. 11,032,378

DECOUPLED CONTROL AND DATA PLANE SYNCHRONIZATION FOR IPSEC GEOGRAPHIC REDUNDANCY

Microsoft Technology Lice...

1. A method for separately managing control and data context for a secure connection comprising:receiving, by a second node, information regarding an active secure connection, wherein the active secure connection is routed through a first node and comprises a secure control plane connection based on control plane parameters associated with the active secure connection and a secure data plane connection based on data plane parameters associated with the active secure connection, wherein the information includes at least the data plane parameters, wherein the secure control plane connection and the secure data plane connection are decoupled in accordance with a split architecture;
programming, by the second node, a standby secure data plane connection using the data plane parameters such that a data plane of the second node is in an active state while the first node is active, wherein a control plane of the second node is in a standby state while the first node is active; and
in response to a determination that the first node is inactive:
routing, by the second node, data plane traffic associated with the active secure connection through the standby secure data plane connection;
transitioning the control plane of the second node to a state recovery state;
retrieving, by the second node, the control plane parameters from an external database that is accessible to the first node and the second node, the control plane parameters being stored in the external database by the first node;
programming, by the second node, a new control plane connection based on the retrieved control plane parameters; and
routing, by the second node, control plane traffic associated with the active secure connection through the new control plane connection after the control plane of the second node has transitioned from the state recovery state to the active state.

US Pat. No. 11,032,377

METHOD, COMMUNICATION TERMINAL, AND COMMUNICATION NODE DEVICE FOR ASSOCIATING RESOURCES

BOE TECHNOLOGY GROUP CO.,...

1. A method for associating at least two resources, the method comprising:detecting a connection state for entities respectively corresponding to the at least two resources; and
sending a first request to a common service entity to establish an association between the at least two resources after it is detected that the connection state is established by the entities,
wherein the first request is a request for creating or updating a resource, such that attributes of the resource are set on the common service entity to establish the association between the at least two resources;
wherein the attributes of the resource comprise an associated member list and an association start time,
wherein the association start time is used to set a time for establishing the association, and the associated member list is used to set the associated resources.

US Pat. No. 11,032,376

ELECTRONIC DEVICE FOR CONTROLLING REGISTRATION SESSION, AND OPERATION METHOD THEREFOR; AND SERVER, AND OPERATION METHOD THEREFOR

Samsung Electronics Co., ...

11. A method of operating an electronic device, the method comprising:negotiating activation of a second session for registration of the electronic device with a server during a first session for registration of the electronic device;
deactivating the first session;
activating the second session, based on a result of the negotiation;
receiving a message indicating a result of registration of the electronic device from the server during the second session; and
outputting a notification indicating the result of the registration of the electronic device.

US Pat. No. 11,032,375

AUTOMATIC SCALING FOR COMMUNICATIONS EVENT ACCESS THROUGH A STATEFUL INTERFACE

INFERENCE COMMUNICATIONS ...

1. A system for automatic scaling for communications event access through a stateful interface, comprising:a channel manager comprising a memory, a processor, and a plurality of programming instructions stored in the memory thereof and operable on the processor thereof, wherein the programmable instructions, when operating on the processor, cause the processor to:
create a backup connection to a first stateful interface event provider;
determine a plurality of second stateful interface event providers to which to establish a connection, the determination being based at least in part by a present load of each of the second stateful interface event providers;
create a primary connection to each of the second stateful interface event providers determined to have a present load within acceptable parameters;
process a plurality of user-generated events using each of the primary connections while monitoring user demand to each of the primary connections, the user demand for a particular primary connection being based on the quantity of user events being processed through the particular primary connection and the present load of the respective second stateful interface event provider to which the particular primary connection is connected;
when user demand is above a first predetermined threshold, determine an additional stateful interface event provider to which to establish an additional primary connection, the determination being based at least in part on a present load of the additional stateful interface event provider;
create an additional primary connection to the additional stateful interface event provider;
when user demand is below a second predetermined threshold for a primary connection, disconnect the respective connection; and
a subscription manager comprising a memory, a processor, and a plurality of programming instructions stored in the memory thereof and operable on the processor thereof, wherein the programmable instructions, when operating on the processor, cause the processor to:
monitor the primary and backup connections for connection problems based at least in part by subscription access of the primary and backup connections.

US Pat. No. 11,032,374

ELECTRONIC DEVICE, SERVER AND RECORDING MEDIUM SUPPORTING TASK EXECUTION USING EXTERNAL DEVICE

Samsung Electronics Co., ...

1. An electronic device comprising:a housing;
a touch screen display, which is accommodated in the housing and at least part of which is exposed visually;
a microphone accommodated in the housing;
a wireless communication circuit;
a processor operatively connected to the touch screen display, the microphone, and the wireless communication circuit; and
a memory operatively connected to the processor,
wherein the memory is configured to store a software program including a user interface supporting control of at least one external device based on a user account, and store at least one instruction that, when executed, causes the processor to:
control the wireless communication circuit to receive a first user input for connecting the electronic device to a first external device, via the user interface,
control the wireless communication circuit to transmit first information corresponding to the user account and second information corresponding to the first external device, to a second external device,
control the wireless communication circuit to receive a second user input corresponding to a request for performing at least part of a task by using the first external device, via the touch screen display or the microphone,
control the wireless communication circuit to transmit data corresponding to the second user input to the second external device,
control the wireless communication circuit to receive, from the second external device, a first response including a path rule determined by the second external device among a plurality of updated path rules based on a determined user intent of the second user input and a parameter of the second user input, wherein the plurality of updated path rules are updated, by the second external device, by masking or flagging path rules operable by the electronic device, among path rules stored in the second external device and associated with a plurality of external devices, wherein the determined path rule comprises a sequence of states in which at least one of the electronic device and the first external device is to perform the requested task, and
after receiving the first response, control the first external device to perform, the at least part of the task depending on the determined path rule.

US Pat. No. 11,032,373

HOST-BASED BANDWIDTH CONTROL FOR VIRTUAL INITIATORS

EMC IP Holding Company LL...

1. An apparatus comprising:at least one processing device comprising a processor coupled to a memory;
wherein the at least one processing device is configured:
to control delivery of input-output operations from a host device to a storage system over selected ones of a plurality of paths through a network, wherein the paths are associated with respective initiator-target pairs, the initiators being implemented on the host device and the targets being implemented on the storage system;
to identify a particular one of the initiators that comprises multiple virtual initiators having respective virtual identifiers;
to determine a negotiated rate of the particular initiator;
to determine a negotiated rate of a corresponding one of the targets; and
to limit amounts of bandwidth utilized by the multiple virtual initiators in communicating with the corresponding target based at least in part on the negotiated rate of the particular initiator and the negotiated rate of the corresponding target;
wherein limiting amounts of bandwidth utilized by the multiple virtual initiators in communicating with the corresponding target based at least in part on the negotiated rate of the particular initiator and the negotiated rate of the corresponding target comprises restricting a total amount of bandwidth utilized across the multiple initiators as a function of the negotiated rate of the particular initiator or the negotiated rate of the corresponding target, whichever is smaller.

US Pat. No. 11,032,372

EFFICIENT DATA STREAMING USING A GLOBAL INDEX

Lytx. Inc., San Diego, C...

1. A system for data access, comprising:a server storage system, wherein the server storage system stores data associated with a plurality of vehicle event recorders;
a global index, wherein the global index includes indications of server-stored data stored on the server storage system and corresponding client information, wherein the client information includes an associated indication that the server-stored data is associated with a client of a plurality of clients;
a client index comprising a plurality of client indices with an index associated with each client, wherein a first client index includes a subset of the indications of the global index corresponding to data associated with the first client;
an interface configured to:
receive an access indication to access desired data associated with a vehicle event recorder of the plurality of vehicle event recorders, wherein the vehicle event recorder is associated with a specific client; and
a processor configured to:
determine a server stored portion of the desired data associated with the vehicle event recorder that has been previously stored on the server storage system using information stored in the global index;
retrieve the server stored portion of the data from the server storage system; and
determine a non-server stored portion of the desired data associated with the vehicle event recorder that has not been previously stored on the server storage system, comprising to:
look up the desired data using information in the client index to determine the non-server stored portion of the desired data;
determine whether all of the desired data was found in the client index; and
in response to a determination that all of the desired data was not found in the client index:
look up the desired data using information in the global index to determine the non-server stored portion of the desired data;
determine whether all of the desired data was found in the global index; and
in response to a determination that all of the desired data was not found in the global index, indicate to retrieve the non-server stored portion of the data from the vehicle event recorder.

US Pat. No. 11,032,371

DATA MIGRATION USING READ FUNCTION TRIGGERS

Red Hat, Inc., Raleigh, ...

1. A method, comprising:monitoring reads of data stored at a first location of a bucket of a cloud storage system that is accessed by an application;
determining, by a processing device of the cloud storage system, whether to migrate the data stored at the first location of the bucket to a second location of the bucket in view of the monitoring of the reads of the data by the application;
in response to determining that the data stored at the first location is to be migrated, adding a function trigger to the data, wherein the function trigger causes a particular piece of the data to be migrated from the first location of the bucket to the second location of the bucket upon a subsequent read of the data by the application;
receiving a read request for the particular piece of the data from the application;
transmitting the particular piece of the data to the application from the first location; and
migrating the particular piece of the data from the first location to the second location.

US Pat. No. 11,032,370

WIRELESS COMMUNICATIONS IN A VEHICULAR MACRO CLOUD

1. A method for a first control plane (CP) node in a first vehicular micro cloud of a vehicular macro cloud, comprising:analyzing a data request using a CP to select a target content provider for providing popular data content, wherein the target content provider is a second CP node in a second vehicular micro cloud of the vehicular macro cloud and wherein the popular data content is defined as popular based on a number of requests for the popular data content exceeding a threshold number;
modifying an operation of a communication unit of the first CP node based on feedback data so that the communication unit prefetches and stores the popular data content on the first CP node to achieve a reduction including one or more of a latency of data delivery or a data packet loss for data requests processed by the first CP node is achieved;
generating a prediction that an amount of data storage resources available will drop below a pre-defined threshold within a pre-determined period of time; and
responsive to generating the prediction, replicating data of the first vehicular micro cloud to another vehicular micro cloud in the vehicular macro cloud.

US Pat. No. 11,032,369

SYSTEM AND METHOD FOR NON-DISRUPTIVE MIGRATION OF SOFTWARE COMPONENTS TO A PUBLIC CLOUD SYSTEM

Aviatrix Systems, Inc., ...

1. A system supporting migration of an instance of a software component from an on-premises network to a public cloud network, comprising:a processor;
a first gateway deployed as part of the on-premises network, the first gateway including a network address translation (NAT) logic configured to translate an Internet Protocol (IP) address associated with the instance of the software component from an on-premises host residing within a first subnetwork of the on-premises network to a temporary IP address associated with a second subnetwork being a phantom subnetwork; and
a second gateway deployed as part of the public cloud network and communicatively coupled to the first gateway, the second gateway including NAT logic to translate the temporary IP address to the IP address, wherein
address control logic within the second gateway is configured to resolve a media access control (MAC) address for the on-premises host connected to the on-premises network by at least configuring a subnetwork of the public cloud network including the second gateway to share a subnet IP address range with the first subnetwork of the on-premises network, and
migration of the instance of the software component from the on-premises network to the public cloud network is conducted by installing the instance of the software component on the public cloud network with an IP address that is identical to the IP address previously assigned to the instance of the software component.

US Pat. No. 11,032,368

DATA PROCESSING METHOD, APPARATUS, AND SYSTEM

Huawei Technologies Co., ...

1. A data processing method, wherein the method comprises:receiving, by an object storage device (OSD), a strip write request sent by a client server, wherein the strip write request carries a to-be-written strip, a version number of the to-be-written strip, an offset of the to-be-written strip, and an object ID of the to-be-written strip, the version number of the to-be-written strip is corresponding to a snapshot ID of a latest snapshot of a file or a volume to which the to-be-written strip belongs, the offset of the to-be-written strip describes a location of the to-be-written strip in an object to which the to-be-written strip belongs, and the object ID of the to-be-written strip is an ID of the object to which the to-be-written strip belongs;
determining, by the OSD, whether a strip determined by using the version number of the to-be-written strip, the object ID of the to-be-written strip, and the offset of the to-be-written strip is backed up; and
if the strip is backed up, writing the to-be-written strip into a storage location determined by using the version number of the to-be-written strip, the object ID of the to-be-written strip, and the offset of the to-be-written strip; or
if the strip is not backed up, backing up data that is in an object of a base version in the OSD and whose offset is the offset of the to-be-written strip and size is a size of the to-be-written strip to the storage location determined by using the version number of the to-be-written strip, the offset of the to-be-written strip, and the object ID of the to-be-written strip, wherein an object ID of the object of the base version is the same as the object ID of the to-be-written strip, and a version number of the object of the base version is a base version number; and writing the to-be-written strip into a storage location determined by using the object ID of the to-be-written strip, the base version number, and the offset of the to-be-written strip.

US Pat. No. 11,032,367

LONG UPLOAD TIME DETECTION AND MANAGEMENT

Microsoft Technology Lice...

1. A content management system comprising:one or more processors; and
one or more computer readable media including instructions which, when executed by the one or more processors, cause the one or more processors to:
receive, from a client device over a communication network, at least a first synchronization content message configured to convey progress of a synchronization of a first synchronization content set that includes at least a first electronic content item, where the first synchronization content message includes information about an amount of data remaining to be synchronized;
determine that a synchronization of the first synchronization content set has a likelihood of being prolonged compared to a reference duration based on previous synchronization events with the client device, the determination based at least in part on detection of an atypical synchronization condition being associated with the information of the first synchronization content message; and
transmit, over the communication network to the client device, a first message indicating that the synchronization of the first synchronization content set has a likelihood of being prolonged.

US Pat. No. 11,032,366

NODE DEVICE ON BLOCKCHAIN NETWORK FOR PROCESSING TRANSACTION

AJOU UNIVERSITY INDUSTRY-...

1. A node device on a blockchain network, the node device comprising:a blockchain state monitor that calculates an estimated time of transaction processing completion according to a transaction cost by using state information about the blockchain network;
a transaction cost determiner that calculates a minimum transaction cost that satisfies a user's requirements for transaction processing by using the calculated estimated time of transaction processing completion; and
a transaction processor that processes a transaction of the user in response to a first transaction processing request when the first transaction processing request, which pays a transaction cost equal to or greater than the minimum transaction cost, is generated by the user,
wherein the user's requirements include a transaction processing completion deadline on the blockchain network, and
wherein the transaction cost determiner calculates the minimum transaction cost such that the estimated time of transaction processing completion falls within the transaction processing completion deadline.

US Pat. No. 11,032,365

AD HOC DECENTRALIZED CLOUD INFRASTRUCTURE

Intel Corporation, Santa...

1. One or more non-transitory, machine-readable storage media comprising a plurality of instructions stored thereon that, when executed, cause a compute device to:form a decentralized cloud infrastructure with a plurality of mobile computing devices;
receive, from each mobile computing device of the mobile computing devices, offers of a local resource located on each corresponding mobile computing device, wherein each local resource is capable of capturing an aspect of an event occurring in a vicinity of and external to the plurality of mobile computing devices;
aggregate the offers of the local resources of the plurality of mobile computing devices to establish a virtual local resource on the compute device capable of capturing the aspects of the event; and
receive, from each mobile computing device and based on the formation of the decentralized cloud infrastructure, data generated by the local resource of each corresponding mobile computing device, wherein the data is indicative of aspects of the event.

US Pat. No. 11,032,364

METHOD AND APPARATUS FOR INTERWORKING BETWEEN HETEROGENEOUS SYSTEMS

Samsung Electronics Co., ...

1. A method for supporting interworking between heterogeneous systems by an Interworking Proxy Entity (IPE), the method comprising:subscribing to a resource of Common Services Entity (CSE);
identifying that a one Machine-to-Machine (oneM2M) device requests a creation of a resource of an Open Internet Consortium (OIC) device;
transmitting a request message to the OIC device regarding a request for the creation of the resource of the OIC device;
receiving a response message regarding the creation of the resource of the OIC device from the OIC device in response to transmitting the request message; and
transmitting a converted response message to the CSE by converting the response message,
wherein an event type indicating “create a direct child resource for a resource to be subscribed to” is used for the creation of the resource of the OIC device.

US Pat. No. 11,032,363

PEER-TO-PEER DATA COMMUNICATION BETWEEN DIFFERENT APPLICATIONS

VMware, Inc., Palo Alto,...

1. A method for synchronizing between applications that target different software development kits (“SDK”) of an operating system (“OS”), comprising:registering with the OS, by a bridge application, a peer-to-peer (“P2P”) provider that facilitates communications on a P2P channel;
registering with the OS, by the bridge application, a receiver that receives implicit broadcasts;
receiving, at the P2P provider of the bridge application, a request from a first application, wherein the first application targets a first SDK that disallows registration for receiving implicit broadcasts;
verifying a signature of the request; and
synchronizing the request by broadcasting to a second application that targets a second SDK that allows registration for implicit broadcasts.

US Pat. No. 11,032,362

SYSTEM OPERATING USING OPC UA, COMMUNICATION METHOD USING OPC UA, AND LOAD BALANCER

YOKOGAWA ELECTRIC CORPORA...

1. A system that operates using Open Platform Communications(OPC) Unified Architecture (UA), the system comprising:
a redundant server set comprising a first OPC UA server and a second OPC UA server;
OPC UA client that designates an endpoint Uniform Resource Locator (URL) to communicate with the redundant server set; and
a load balancer (LB) connected between the redundant server set and the OPC UA wherein
the OPC UA client sends a request for connection to the endpoint URL,
the first OPC UA server is an active server,
the second OPC UA server is a standby server,
the LB proxies a connection to the first OPC UA server and sends or receives messages,
the endpoint URL is different from a URL of each of the first OPC UA server and the second OPC UA server,
the system applies a PublisherSubscriber (PubSub) communication model where a Publisher comprises a Dataset and provides the DataSet to at least one Subscriber,
in the PubSub communication model, the first OPC UA server is the Publisher and the second OPC UA server is the at least one Subscriber,
the first OPC UA server comprises a first DataSet,
the second OPC UA server comprises a second DataSet,
when the first DataSet is updated, the first OPC UA server provides the updated first DataSet to the at least one Subscriber,
the second OPC UA server updates the second DataSet when the second OPC UA server receives the updated first DataSet, and
the LB comprises a firewall table that prevents the second OPC UA server from providing the second DataSet to other existing Subscribers.

US Pat. No. 11,032,361

SYSTEMS AND METHODS OF BALANCING NETWORK LOAD FOR ULTRA HIGH SERVER AVAILABILITY

COUPANG CORP., Seoul (KR...

1. A computer-implemented system for routing network traffic, the system comprising:a memory storing instructions; and
at least one processor configured to execute the instructions for:
monitoring utilization rates of a plurality of network-connected databases;
receiving a first data read request from a first user device for a data element stored in the plurality of network-connected databases;
determining load sharing ratios based on at least one predetermined ratio associated with at least one of the plurality of network-connected databases, a user input, or statuses of the plurality of network-connected databases;
selecting a first target database among the plurality of network-connected databases based on the utilization rates and a load sharing ratios;
generating a first data query for a copy of the data element stored in the first target database; and
forwarding the copy of the data element from the first target database to the first user device in response to the first data read request.

US Pat. No. 11,032,360

OPTIMIZATION OF INTEGRATION FLOWS IN CLOUD ENVIRONMENTS

International Business Ma...

1. A method for efficiently determining computer resource allocation, the method comprising:monitoring an integration flow, the integration flow including a route, one or more nodes, and one or more secure connectors, wherein the one or more nodes and the one or more secure connectors are computing resources in a shared pool of configurable computing resources;
receiving a first message;
receiving a central processing unit (CPU) serialization load, the CPU serialization load comprising a set of processing data, the set of processing data reflecting the amount of a CPU processing load required to serialize and deserialize the first message on-premise;
receiving a first threshold of the CPU processing load of the first message, wherein the first threshold is selected from one of the group consisting of: a CPU serialization load of the first message and a ratio of CPU serialization load to CPU processing load of the first message;
determining that the set of processing data is below the first threshold;
identifying, based on the determining, a processing location of the integration flow at a second node of the one or more nodes, wherein the second node is hosted on a public cloud;
transmitting, for processing, the first message to the second node;
receiving a message property of the first message;
querying a database of historical data for a plurality of previous messages having the same message property;
determining that the plurality of previous messages was processed on a third node of the one or more nodes; and
altering, based on the message property, the processing location of the integration flow such that the first message is processed on the third node.

US Pat. No. 11,032,359

MULTI-PRIORITY SERVICE INSTANCE ALLOCATION WITHIN CLOUD COMPUTING PLATFORMS

1. A system for allocation of service instances, the system comprising:an allocator component configured for:
identifying a first subset of nodes of candidate nodes based on a first quality metric associated with candidate nodes;identifying a second subset of nodes of the candidate nodes based on a second quality metric, wherein the second quality metric comprises at least one of an eviction cost metric associated with at least a first portion of the candidate nodes, each of the eviction cost metrics indicating cost to evict an existing service instance from a node such that another service instance can be allocated to that node and a survival metric that indicates an extent that the first service instance will not be evicted or will survive if deployed to a corresponding node; andallocating the first service instance to one node within the first subset of nodes and the second subset of nodes based on the first quality metric and the second quality metric.

US Pat. No. 11,032,358

MONITORING WEB APPLICATIONS INCLUDING MICROSERVICES

Hewlett-Packard Developme...

1. A web application monitor comprising:an ingest agent to receive access log data entries from each load balancer of a plurality of load balancers, the access log of each load balancer including a data entry for each HTTP Request received by the load balancer for a web application comprising microservices deployed on a corresponding group of servers, each data entry including a Timestamp, an HTTP URL, and an HTTP Method of the HTTP Request, and a Status Code of a corresponding HTTP Response, each microservice having a corresponding HTTP URL/HTTP Method pair; and
an availability monitor to determine an availability of each microservice based on the status codes of data entries having corresponding HTTP URL/HTTP Method pairs.

US Pat. No. 11,032,357

DATA PROCESSING OFFLOAD

Intel Corporation, Santa...

1. A system comprising:a client device to be powered by a battery including a processor and software modules including
a task determiner module to determine whether a task is to be processed locally at the client device or remotely off the client device, and
a controller module to issue the task to one of a wireless network or a wired network when the task is to be processed remotely off the client device, and
a server device to be powered by an alternating power source and located within distance of a short-range wireless network to the client device, the server device including a processor and software modules including:
a task identifier module to identify the task from one of the wireless network or the wired network when the task is to be processed locally at the server device, and
a task distributer module to,
distribute the task to a server resource at the server device when the task is to be processed locally at the server device,
provide a result of the task to the wireless network or the wired network when the result is to be consumed remotely at the client device; and
a first wireless universal serial bus interface at the client device, and
a second wireless universal serial bus interface at the server device, wherein the result is to include media data that is to be exchanged over the short-range wireless network.

US Pat. No. 11,032,356

GROUPWARE MANAGEMENT

International Business Ma...

1. A method for using a graphical user interface (GUI) to add new members to groups associated with events, said method comprising:displaying on the GUI, by one or more processors of a computer system, a calendar record window comprising an updated list of members of a first group of members invited to a first event, said updated list consisting of a list of initial members of the first group invited to the first event and a new member of the first group;
said one or more processors updating a first record including the initial members to add the new member to the initial members on the first record;
in response to said updating the first record, said one or more processors displaying on the GUI, simultaneous with said displaying the updated calendar record window on the GUI, a change control window which provides a user with a capability to add the new member to a plurality of other groups of members invited to respective other events, wherein each group of the plurality of other groups comprise a respective list of members that include the initial members of the first group, wherein the members of the first group, the members of the plurality of other groups, and the new member are people, wherein the capability to add the new member includes a first option to add the new member selectively to each group of the plurality of groups for events having a same membership (Yes option), a second option to add the new member to all groups of the plurality of groups (Yes to All option), and a third option to not add the new member to any group of the plurality of groups (No option), and wherein a totality of different selectable options in the change control window displayed on the GUI consists of the first option, the second option, and the third option, said updated calendar record window and said change control window being displayed simultaneously in non-overlapping portions of the GUI, wherein the YES option, the YES to ALL option, and the NO option are individually selectable by the user in respective different areas within the change control window, and wherein the change control window displays text communicating that a membership of the first group of members has changed and displays a query as to whether the new member is to be added to other events; and
receiving from the user, by the one or more processors, a selection of the first option, a selection of the second option, or a selection of the third option.

US Pat. No. 11,032,355

TRUSTLESS NOTIFICATION SERVICE

International Business Ma...

1. A system, comprising:a processor of a notifier node;
a memory on which are stored machine readable instructions that when executed by the processor, cause the processor to:
connect to a notifier service node configured to designate the notifier node;
receive a notification from the notifier service node to read a block from a ledger of a blockchain;
apply a hash function on the block to determine if the notifier node is a designated notifier for at least one submitted transaction in the block; and
in response to a determination that the notifier node is the designated notifier, send a push notification to user nodes involved in a transaction associated with the block.

US Pat. No. 11,032,354

SYSTEMS, METHODS, AND MEDIA FOR CAUSING AN ACTION TO BE PERFORMED ON A USER DEVICE

Google LLC, Mountain Vie...

1. A system for causing actions to be performed on user devices, the system comprising:a user device comprising at least one hardware processor that is configured to:
detect a plurality of devices within a particular proximity of the user device;
automatically establish connections with each of the plurality of devices;
receive a user input indicative of a call action to a phone number to be performed;
determine a plurality of candidate devices that are capable of performing the call action from the plurality of detected devices based on a device type of each of the plurality of detected devices;
determine a priority associated with each of the plurality of candidate devices based on the particular proximity to the user device and based on the device type indicating capability of performing the call action;
select a target device from the plurality of candidate devices based at least in part on the determined priority of each of the plurality of candidate devices;
transmit the phone number to the target device selected from the plurality of candidate devices; and
cause the call action to be performed by the target device using the phone number.

US Pat. No. 11,032,353

INFORMATION DEVICE

May Patents Ltd., Hod-Ha...

1. A device for displaying digital data, for use with a cable connected for concurrently carrying high-definition digital data and a power signal, the device comprising in a single enclosure:a digital connector for connecting to the cable;
a high-definition video display for presenting images, the video display being coupled to said digital connector for displaying the high-definition digital data carried over the cable;
software and a processor for executing said software, said processor being coupled to control the device operation; and
a non-volatile memory storing digital data identifying said device;
wherein said non-volatile memory is coupled to said digital connector for being powered from said power signal carried over said cable,
said device further being part of a television set for receiving and displaying a television signal on said video display, said television set further comprising a first analog video connector coupled to said video display for receiving an analog video signal and for displaying the analog video signal on said video display.

US Pat. No. 11,032,352

CONVEYING ENCRYPTED ELECTRONIC DATA FROM A DEVICE OUTSIDE A MULTITENANT SYSTEM VIA THE MULTITENANT SYSTEM TO A RECIPIENT DEVICE THAT IS A TENANT DEVICE ASSOCIATED WITH THE MULTITENANT SYSTEM

salesforce.com, inc., Sa...

1. A method for transmitting electronic data from a device outside a multitenant database to a tenant recipient device configured to receive files from the multi tenant database, the method comprising:receiving, by a processor of the device outside the multitenant database, a first key from the tenant recipient device;
encrypting, by the processor with the first key, the electronic data to produce a first encrypted file;
producing, by the processor a second file, the second file including the first encrypted file and a first identification, the first identification associated with the tenant recipient device;
receiving, by the processor of the device outside the multitenant database, a second key from the multitenant database;
encrypting, by the processor with the second key, the second file to produce a third encrypted file; and
transmitting, by the processor and to the multitenant database, the third encrypted file;
decrypting, by a processor at the multitenant database, the third encrypted file with the second key to produce the second file including the first encrypted file and the first identification;
transmitting, by the processor at the multitenant database, the first encrypted file to the tenant recipient device based on the first identification; and
decrypting, by a processor at the tenant recipient device, the first encrypted file with the first key to produce the electronic data.

US Pat. No. 11,032,351

UPDATES AND SUPPORT CHANNEL THROUGH MOBILE

NCR Corporation, Atlanta...

1. A method, comprising:establishing, by a mobile device, connections with an enterprise services device and a network portal device;
providing, by the mobile device, a support and maintenance interface on a display of the mobile device to manage enterprise services hosted on the enterprise services device with updates to the enterprise services provided to the enterprise services device from the network portal device;
identifying, by the mobile device through the support and maintenance interface, at least one support operation that is needed by the enterprise services device and that is available and provided by the network portal device, wherein identifying further includes rendering a split screen on the display of the mobile device comprising a first screen on one side of the display that comprises available patches and fixes for each enterprise service and a second screen on another side of the display that comprises touchscreen interface options for granting a remote technician access to the enterprise services device and receiving the at least one support operation and the corresponding enterprise service as a selection made by a user who operates the mobile device and who is interacting with the support and maintenance interface;
processing, by the mobile device, operations selected through the support and maintenance interface with a management agent of the enterprise services device and the network portal device;
presenting, by the mobile device, real-time viewing of activities associated with the operations as the operations are processed on the enterprise services device;
controlling, by the mobile device through the support and maintenance interface, the processing of the support operation on the enterprise services device as provided by the network portal to the enterprise services device, wherein controlling further includes dynamically authorizing support personnel associated with the network portal device with remote access to the enterprise services device in a remote support session with the enterprise services device based on an authorization provided by the user through the second screen of the split screen for the support and maintenance interface.

US Pat. No. 11,032,350

REMOTE COMMANDS FRAMEWORK TO CONTROL CLIENTS

Commvault Systems, Inc., ...

1. A non-transitory, computer-readable medium having computer-executable instructions stored thereon that, when executed by one or more processors, causes a client computing device to perform a method comprising:attempting to connect to a proxy server communicatively coupled to the client computing device to obtain a plurality of commands to be executed by the client computing device;
determining whether the connection with the proxy server was successful;
in response to a determination that the connection with the proxy server was not successful:
determining a status code received from the proxy server based on the unsuccessful connection with the proxy server;
establishing a reconnection interval based on the determined status code; and
re-trying the unsuccessful connection with the proxy server at an expiration of the reconnection interval; and,
in response to a determination the connection with the proxy server was successful:
downloading, from the proxy server, the plurality of commands to be executed by the client computing device, wherein:
at least one command of the plurality of commands is associated with a subset of users having been selected from a plurality of users, and
the client computing device that is to execute the at least one command is associated with a user selected from the subset of users;
determining, by the client computing device, that the at least one command comprises an update command to execute from the plurality of commands using a plurality of priority rules associated with the plurality of commands, wherein the plurality of priority rules indicate an order in which commands of the plurality of commands are to be executed;
executing, by the client computing device, the update command to obtain an update to an application executable by the client computing device;
determining whether the obtained update is a forced update based on a property associated with the obtained update;
in response to determining that the obtained update is a forced update, generating a prompt to a user at the client computing device, wherein the prompt indicates that an application associated with the client computing device will be restarted;
in response to determining that the obtained update is not a forced update, adding the update command to a commands script at the client computing device, wherein the commands script comprises a list of commands to be executed at the client computing device; and
executing the update command at the client computing device, which causes the application associated with the client computing device to restart.

US Pat. No. 11,032,349

COMMERCE APPLICATIONS BETWEEN AN ON-LINE SERVICE AND A THIRD-PARTY

eBay Inc., San Jose, CA ...

1. A computer-implemented method, comprising:sending, by a first network, a product listing link, the product listing link configured to cause a browser client to:
interactively display the product listing link for an interactive selection in a web page, wherein the web page includes a first area and a second area without overlapping each other;
upon receiving the interactive selection of the product listing link, transmit, from the browser client, an initial request to the first network, the initial request for a first content in the first area within the web page, the first content including user account information of the first network; and
upon receiving the interactive selection of the product listing link, transmit, from the browser client, a second request to a second network, the second request for a second content in the second area, the second content at least relating to information of a product of the second network specified by the product listing;
receiving, by the first network, the initial request;
in response to the received initial request, transmitting, by the first network to the first client device, the first content; and establishing a data handshake between the first network and the second network, wherein the data handshake is established by an API call, wherein the data handshake causes the second network to provide the second content in the form of an HTML element, wherein the HTML element is an IFrame which is displayed to an end user by a chrome graphical interface feature, where the end user need not know the information displayed in the chrome graphical feature has flowed from the second network.

US Pat. No. 11,032,348

LIVE STREAM TESTING

WOWZA MEDIA SYSTEMS, LLC,...

1. A method comprising:prior to streaming of a first live stream, providing, to a media device, an indication of a test of the first live stream, wherein the indication initiates streaming of a second live stream to a test audience, and wherein the test audience is based on one or more of an estimated number of viewers of the first live stream, an estimated plurality of locations of the viewers, or an estimated join rate associated with the viewers;
receiving quality of service (QoS) data associated with the second live stream; and
based on the QoS data, providing, to the media device, a message indicating one or more live stream parameters to use during streaming of the first live stream.

US Pat. No. 11,032,347

BANDWIDTH USAGE REDUCTION EMPLOYING MEDIA TREADING WITH REDUCTIVE EDGING

SONY INTERACTIVE ENTERTAI...

1. A method for bandwidth usage reduction in media streaming, comprising:receiving user streaming information from a client device, wherein the user streaming information reflects a user's media consumption habits including viewing habits depending on media title genre;
refining a user model with the user streaming information wherein the user model includes at least one threshold for an amount of media segments to be downloaded and held in the cache at a time point during streaming based on the user streaming information including viewing habits depending on media title genre wherein each threshold is different depending on the genre of the media title;
receiving a request for a media playlist from the client device;
prospectively requesting a media segment based on the user model before receiving a request for the media segments;
sending the requested media playlist to the client device; and
sending the prospectively requested media segments upon receiving a request for a media segment from the client device.

US Pat. No. 11,032,346

CLIENT, LIVE-STREAMING SERVER AND DATA STREAM USING AN INFORMATION ON A CURRENT SEGMENT OF A SEQUENCE OF SEGMENTS

bitmovin GmbH, Klagenfur...

1. Client configured to retrieve a live-stream media content,wherein the client is configured to receive from a live-streaming server a media presentation description (MPD) describing live-stream media content composed of a sequence of segments and an information on a current segment of the sequence of segments, wherein the client is further configured to commence retrieving the live-stream media content from the live-streaming server from a predetermined segment of the sequence of segments onwards which the client determined based on the information
wherein the client is configured to retrieve the live-stream media content using MPEG-DASH,
wherein the client is configured to derive from the MPD a segment template signaling a computation rule for computing unique indices of the segments of the representation,
wherein the segment template indicates a live streaming start-time of the sequence of segments and a mean temporal length of the segments of the sequence of segments.

US Pat. No. 11,032,345

CLIENT SIDE DATA STREAM PROCESSING

Microsoft Technology Lice...

20. A non-transitory computer readable storage medium comprising instructions that when executed configure hardware processing circuitry to perform operations for encoding data at a client device for transmission to a server, the operations comprising:obtaining, by the client device, a first multimedia data stream, the first multimedia data stream captured by a camera of the client device;
receiving, by the client device, a message from the server indicating a filter;
selecting, by the client device, a low motion blur filter in response to the indication,
obtaining, by the client device, and based on the low motion blur filter, a second multimedia data stream, the second multimedia data stream being a lower fidelity version of the first multimedia data stream;
generating, by the client device, a third multimedia data stream based on differences between the first and second multimedia data streams;
compressing, by the client device, the second multimedia data stream to generate a first compressed multimedia data stream;
compressing, by the client device, the third multimedia data stream to generate a second compressed multimedia data stream; and
transmitting, by the client device, the first and second compressed multimedia data steams to the server.

US Pat. No. 11,032,344

CONTENT DELIVERY

BRITISH BROADCASTING CORP...

20. A method for delivering content at varying qualities from a server to multiple clients across a network, the content being arranged in representations of differing qualities, each representation comprising segments addressable by client requests, comprising:receiving requests for content by the multiple, clients;
determining a representation of the content requested by multiple clients based on monitoring conditions of the network;
subscribing to a multicast datagram stream that comprises the determined representation of the content;
converting the subscribed to multicast datagram stream to segments available, to the multiple clients, wherein the segments available to the multiple clients are of the determined representation of the content; and
switching between different representations of the content when the need for changing from one representation to another is detected based on the conditions of the network, wherein the client side converter switches between different representations of the content by switching between multicast datagram streams.

US Pat. No. 11,032,343

METHODS AND DEVICES FOR EFFICIENT ADAPTIVE BITRATE STREAMING

Google Technology Holding...

1. A method for transmitting media streams for media programs, the method comprising:calculating, using a hardware processor, a first bandwidth capacity for a first network connecting the hardware processor and a first media device;
calculating, using the hardware processor, a second bandwidth capacity for a second network connecting the hardware processor and a second media device;
selecting, using the hardware processor, first encoding parameters for a first set of media streams for a media program to be presented on the first media device based on the first bandwidth capacity and the second bandwidth capacity; and
transmitting the first set of media streams as a plurality of media streams based on the first encoding parameters to the first media device.

US Pat. No. 11,032,342

SYSTEM AND METHOD FOR DEVICE AUDIO

Samsung Electronics Co., ...

1. An electronic device, comprising:a memory; and
at least one processor coupled to the memory, wherein the at least one processor is configured to:
execute a daemon process in one of a host operating system or a container executing a guest operating system, wherein the daemon process is configured to manage data transfer between the container and the host operating system;
create, via the daemon process, an inter-process communication (IPC) channel between the container and the host operating system;
receive incoming audio data; and
buffer the incoming audio data to the IPC channel.

US Pat. No. 11,032,341

VIDEO STREAM PREVIEW

Verily Life Sciences LLC,...

1. A computer-implemented method comprising:receiving, by a session system, a request from a user device requesting a video stream preview representing a quality of video data provided by a session host for guiding a user to select a target session host;
estimating, by the session system, an aggregated network transmission quality for data transmitted from the session host to the user device based on (1) a first measure of network transmission quality for data transmitted over a network from the session system to the user device, and (2) a second measure of network transmission quality for data transmitted over the network from the session host to the session system;
generating, by the session system, the video stream preview according to the aggregated network transmission quality; and
providing, by the session system to the user device, the video stream preview.

US Pat. No. 11,032,340

USING CAMERA ON COMPUTER SIMULATION CONTROLLER

Sony Interactive Entertai...

1. A system comprising: at least one processor configured with instructions to: receive at least one image from a camera of a simulation controller, the image being of a display of a display device (DD) and indicating an identification (ID) of the DD with display; send the image to a simulation server on a communication path that does not include the DD, the communication path being at least in part wireless; send user credentials stored in the controller to the simulation server; in response to the sending of the image and the credentials being valid, the server streaming a simulation to the DD, for presentation thereof on the display under control of the simulation controller.

US Pat. No. 11,032,339

MULTIPATH DATA STREAMING OVER MULTIPLE NETWORKS

DEJERO LABS INC., Waterl...

1. A system for transmitting data over a plurality of communication links comprising:a computer processor operating in conjunction with computer memory, the computer processor configured to divide a data stream into a plurality of data packets for buffering into one or more transport buffers; and
a plurality of communication interfaces configured to transmit the plurality of data packets to the plurality of communication links to aggregate throughput across the plurality of communication links, wherein the plurality of communication interfaces are configured to provide one or more connectivity conditions to the computer processor regarding the plurality of communication links;
wherein the computer processor is configured to process the one or more connectivity conditions to: for a data packet of the plurality of data packets and prior to a transmission of the data packet, withdraw the data packet from a transport buffer of the one or more transport buffers and select a communication interface of the plurality of communication interfaces for the transmission of the data packet over at least one of the plurality of communication links.

US Pat. No. 11,032,338

DETERMINING TIME AT WHICH TRANSMISSION FRAMES WERE TRANSMITTED

Saturn Licensing LLC, Ne...

1. A method of a reception apparatus for receiving transmission frames, the method comprising:receiving, by a processor of the reception apparatus, the transmission frames, each of the transmission frames including a bootstrap, a preamble, and a payload; and
determining, by the processor, a point of time at which a portion of one of the transmission frames was transmitted based on time information included in the preamble of the one of the transmission frames, wherein
the one of the transmission frames is included in a plurality of transmission frames, and
the one of the transmission frames is the only transmission frame of the plurality of transmission frames that includes the time information.

US Pat. No. 11,032,337

CONTEXTUAL AND COLLABORATIVE MEDIA

1. A method comprising:receiving, from a user at a first device, a request to create a new project;
sending the request to a server, the request configured to cause the server to create a database entry of the new project and associate the user with the project, wherein associating the user with the project comprises associating a contribute attribute and view attribute with the user and the project;
determining, as new text, all text in a text area entered by the user at a current time, the text area associated with previously entered text in the text area at a previous time;
comparing the new text with the previously entered text to determine a difference between the new text and the previously entered text;
sending, based at least in part on determining the difference, at least a portion of the new text to the server, the server configured to associate a plurality of first current timestamps of the server with each character of the at least a portion of the new text;
receiving media from the user, the media created substantially simultaneously with the new text and comprising one or more of a video recording, an image, an audio recording, or a file;
sending the media to the server, the server further configured to associate a second current time stamp of the server with the media and to associate the media with the project;
displaying a final text to the user;
receiving an indication from the user to retrieve at least a portion of related media from the server, the indication comprising one or more of:
highlighting a portion of the final text,
clicking on an image displayed to the user,
clicking on a video displayed to the user, or
clicking on an audio recording displayed to the user;
sending the indication to the server;
receiving, from the server and based at least in part on a range of times associated with the indication, a plurality of related media, each of the plurality of related media having timestamps within a threshold amount of time of the range of times associated with the indication; and
displaying the plurality of related media to the user.

US Pat. No. 11,032,336

METHODS AND SYSTEMS FOR PROVIDING SUPPLEMENTARY INFORMATION ON A VIRTUAL WHITEBOARD

MOTOROLA SOLUTIONS, INC.,...

1. An electronic computing device comprising:a display; and
an electronic processor communicatively coupled to the display, the electronic processor configured to
generate a virtual whiteboard on the display,
receive an input via the display, the input illustrating a site of an incident,
identify the site of the incident,
generate supplementary information about the site of the incident as a function of context information associated with the incident, and
display, on the virtual whiteboard on the display, the supplementary information;
wherein the display is included on a first communication device of a first officer, and the supplementary information is first supplementary information generated as a function of context information of the first officer; and
wherein the electronic computing device is further configured to
generate second supplementary information about the site of the incident as a function of context information of a second officer associated with the incident and associated with a second communication device, wherein at least some of the second supplementary information is different than the first supplementary information, and
display, on the virtual whiteboard on a second display of the second communication device, the second supplementary information.

US Pat. No. 11,032,335

CONCURRENT SECONDARY ELECTRONIC COMMUNICATION SESSION

Massachusetts Mutual Life...

1. A method comprising:identifying, by a server, a set of electronic devices associated with a first electronic communication session;
upon receiving an instruction from a first electronic device within the set of electronic devices during the first electronic communication session to establish a second electronic communication session:
automatically selecting, by the server, a subset of the set of electronic devices based on an attribute of a network used by each electronic device to communicate with the server to establish the first electronic communication session;
establishing, by the server, the second electronic communication session between the subset of the set of electronic devices;
reducing, by the server, a volume of the first electronic communication session outputted on each electronic device within the subset of the set of electronic devices to a predetermined volume level, whereby each electronic device within the subset of the set of electronic devices allows users to listen to audio of the second electronic communication session rather than the first electronic communication session; and
disabling, by the server for the first electronic communication session, a microphone of each electronic device within the subset of electronic devices until a termination of the second electronic communication session.

US Pat. No. 11,032,334

ENHANCED CALL DOWNGRADE REASON INDICATOR

T-Mobile USA, Inc., Bell...

1. A method of signaling a reason for a downgrade of an enhanced call to an audio-only call, comprising:engaging, by user equipment (UE) via a telecommunication network, in an enhanced call comprising audio content and additional content;
generating, by the UE, a downgrade message that requests a downgrade of the enhanced call to an audio-only call comprising the audio content without the additional content;
determining, by the UE, a reason for the downgrade of the enhanced call;
adjusting, by the UE, a downgrade reason indicator included in the downgrade message to indicate the reason for the downgrade, the downgrade reason indicator identifying whether the UE is automatically downgrading the enhanced call or whether the UE is instead downgrading the enhanced call due to user instructions; and
sending, by the UE to the telecommunication network, the downgrade message.

US Pat. No. 11,032,333

SYSTEMS AND METHODS FOR PROVIDING ONE-WAY VIDEO CALLS

T-Mobile USA, Inc., Bell...

1. A method comprising:receiving, at a transceiver of a recipient user equipment (UE), a first signal from a sender UE requesting to establish a two-way video call, the first signal comprising a first set of parameters;
displaying, on a display of the recipient UE, a multi-way video graphical user interface (GUI) including at least a one-way video-in button, a one-way video-out button, or an audio-only button;
determining, with a processor of the recipient UE, that the two-way video call is to be downgraded; and
sending, with the transceiver, a second signal with a second set of parameters to the sender UE, the second set of parameters indicating the two-way video call is to be downgraded to one of a one-way video-in call or a one-way video-out call.

US Pat. No. 11,032,332

ON DEMAND ADJUSTMENT OF GROUP COMMUNICATIONS

1. A network device comprising:a processor; and
a memory coupled with the processor, the memory comprising executable instructions stored thereon that when executed by the processor cause the processor to effectuate operations comprising:
receiving a plurality of performance indicators associated with a plurality of communication sessions between a plurality of devices, wherein the plurality of communication sessions is with a virtual machine on the network device, wherein the plurality of performance indicators comprise a first plurality of performance indicators of a first communication session and a second plurality of performance indicators of a second communication session, wherein the plurality of communication sessions comprise the first communication session and the second communication session,
wherein the plurality of performance indicators is calculated using one or more performance tests for communication sessions or the plurality of devices, and
wherein the plurality of performance indicators comprises processor speed of the plurality of devices, battery performance of the plurality of devices, or reliability of the plurality of devices;
based on a performance indicator of the plurality of performance indicators being outside of a threshold, determining performance indicators for each of a plurality of alternate network devices connected with the network device,
wherein the threshold is a predetermined difference between at least a first performance indicator of the first communication session of the plurality of communication sessions and a second performance indicator of the second communication session of the plurality of communication sessions,
wherein the performance indicators for each of the plurality of alternate network devices are calculated using one or more performance tests for the plurality of alternate network devices or communication sessions between the plurality of alternate network devices and the plurality of devices, and
wherein the performance indicators for each of the plurality of alternate network devices comprise processor speed of each of the plurality of alternate network devices, battery performance of each of the plurality of alternate network devices, or reliability of each of the plurality of alternate network devices;
based on the performance indicators for each of the plurality of alternate network devices connected with the network device, determining an alternate network device from the plurality of alternate network devices to which to relocate the virtual machine such that at least the first plurality of performance indicators of the first communication session of the plurality of communication sessions and the second plurality of performance indicators of the second communication session of the plurality of communication sessions are substantially equalized; and
transferring the virtual machine to the alternate network device.

US Pat. No. 11,032,331

BATCHED IMS SIP REGISTRATION PROXY

T-Mobile USA, Inc., Bell...

1. A Session Initiation Protocol (SIP) proxy server of an Internet Protocol Multimedia Subsystem (IMS) infrastructure, the SIP proxy server comprising:at least one memory adapted to store program code; and
at least one processor coupled to the at least one memory to access and execute instructions included in the program code to direct the SIP proxy server to:
receive a single SIP registration request that includes a plurality of IMS Public User Identities (IMPUs), a Mobile Station Identity Subscriber Directory Number (MSISDN) and a Uniform Resource Identifier (URI) for an originator of the single SIP registration request;
authenticate the plurality of IMPUs that are included in the SIP registration request to determine that multiple IMPUs of the plurality of IMPUs are authorized IMPUs;
perform a plurality of SIP registrations for the authorized IMPUs, by, for each individual IMPU in the subset of the IMPUs:
generating a separate registration request for the individual IMPU; and
forwarding each of the separate registration requests to a home SIP registrar;
extract the MSISDN and the URI for the originator from the single SIP registration request; and
perform an initiation or re-initiation on a Public Mobile Land Network (PMLN) based on the MSISDN.

US Pat. No. 11,032,330

METHOD FOR PROCESSING TELEPHONY SESSIONS OF A NETWORK

Twilio Inc., San Francis...

1. A method comprising:identifying, by a communication platform, a first Uniform Resource Identifier (URI) assigned to a first communication address, the first URI identifying a first application server system that is external to the communication platform;
providing communication services in relation to the first communication address based on communications with the first application server identified by the first URI;
in response to detecting occurrence of an event associated with the communication services provided in relation to the first communication address, identifying a second URI assigned to the first communication address, the second URI identifying a second application server system that is external to the communication platform; and
providing communication services in relation to the first communication address based on communications with the second application server identified by the second URI.

US Pat. No. 11,032,329

MANAGING ENGAGEMENTS IN INTERACTIVE MULTIMEDIA SESSIONS

Fanmio, Inc., Fort Laude...

1. A computer-implemented method comprising:receiving a first input indicative of a request from a first user to participate in a multimedia session;
placing the first user in a first position in a priority queue based on a first timestamp indicative of a time at which the first input is received,
wherein the priority queue represents an order of users to be used to select a given user for participation in the multimedia session, and
wherein the users are (i) not assigned dedicated intervals of time prior to the multimedia session and (ii) not allocated predetermined amounts of time for participation in the multimedia session;
receiving a second input indicative of a request from a second user to participate in the multimedia session;
placing the second user in a second position in the priority queue based on a second timestamp indicative of a time at which the second input is received,
wherein the second position is lower in the priority queue than the first position, thereby indicating that the second user has a lower priority than the first user;
receiving a third input indicative of a request from a host to initiate the multimedia session;
determining that the first user has a highest priority in the priority queue by examining the order of users;
identifying the first user as a participating user in the multimedia session;
initializing the multimedia session by enabling multimedia communication between the first user and the host by
causing display of a first stream of multimedia content that is captured by a first electronic device associated with the first user in a first portion of a network-accessible interface, and
causing display of a second stream of multimedia content that is captured by a second electronic device associated with the host in a second portion of the network-accessible interface,
wherein the network-accessible interface further includes—
a third portion in which video streams associated with a first set of non-participating users having lower priority than the first user are displayed, and
a fourth portion in which a list of identifiers associated with a second set of non-participating users having lower priority than the first set of non-participating users is displayed;
receiving an instruction to terminate an interaction session between the host and the first user as the participating user;
disabling multimedia communication from the first user;
updating the order of users in the priority queue by removing the first user from the first position in the priority queue;
determining that the second user has the highest priority in the priority queue by examining the updated order of users;
identifying the second user as the participating user in the multimedia session;
enabling multimedia communication between the second user and the host;
receiving a fourth input indicative of a request from a third user to participate in the multimedia session;
inspecting a media capture capability of a third electronic device to be used by the third user to capture multimedia;
determining that the media capture capability fails to meet a threshold quality metric; and
preventing the third user from participating in the multimedia session by preventing inclusion in the priority queue until it is determined that the media capture capability meets the threshold quality metric.

US Pat. No. 11,032,328

ASYMMETRIC COLLABORATIVE VIRTUAL ENVIRONMENTS

State Farm Mutual Automob...

1. A computer-implemented method for virtual collaboration between a plurality of users via an asymmetric virtual collaboration session, comprising:establishing, via a communication network, a first communication connection with a high-capability virtual environment interface device associated with a trainer;
establishing, via the communication network, a second communication connection with a low-capability virtual environment interface device associated with a trainee;
establishing, by one or more processors, a communication channel between the trainer and the trainee via the first communication connection and the second communication connection for bidirectional communication;
providing, by the first communication connection, a high-fidelity virtual environment representing a physical location including a building to the high-capability virtual environment interface device for presentation to the trainer, wherein the high-fidelity virtual environment includes a plurality of data tools for data capture or presentation;
providing, by the second communication connection, a low-fidelity virtual environment representing the physical location including the building to the low-capability virtual environment interface device for presentation to the trainee;
routing, via the communication channel, real-time communication data between the trainer and the trainee during the asymmetric virtual collaboration session;
receiving, at the one or more processors, user interaction data from the trainer associated with one of the plurality of data tools, wherein the user interaction data indicates one or more of the following: a portion of the building or a viewing perspective relative to the building;
generating, by the one or more processors, a high-fidelity response for the high-fidelity virtual environment based upon the user interaction data, wherein the high-fidelity response includes displaying a high-fidelity virtual overlay for presentation within the high-fidelity virtual environment;
generating, by the one or more processors, a low-fidelity response for the low-fidelity virtual environment based upon the user interaction data, wherein the low-fidelity response corresponds to and is distinct from the high-fidelity response, wherein
the low-fidelity response includes displaying a low-fidelity virtual overlay for presentation within the low-fidelity virtual environment, and
the low-fidelity virtual overlay is a modified version of the high-fidelity virtual overlay having lower image resolution; and
synchronizing, by the one or more processors, the high-fidelity virtual environment and the low-fidelity virtual environment by (i) providing the high-fidelity response to the high-capability virtual environment interface device to cause the high-fidelity response to be implemented and (ii) providing the low-fidelity response to the low-capability virtual environment interface device to cause the low-fidelity response to be implemented.

US Pat. No. 11,032,327

METHOD AND APPARATUS FOR FACILITATING ESTABLISHING AND MAINTAINING COMMUNICATION SERVICES

11. A device comprising:a processing system for an application server of an internet protocol multimedia subsystem (IMS) network, the processing system including a processor; and
a memory that stores executable instructions that, when executed by the processing system, facilitate performance of operations comprising:
obtaining a session initiation protocol (SIP) message from a mobile communication device via a packet core of a wireless network, wherein the SIP message includes radio access information;
forwarding the radio access information toward an access network discovery and selection function (ANDSF) of the packet core, via an interface between the IMS network and the ANDSF, wherein forwarding the radio access information enables the packet core to discover an access network in proximity to the mobile communication device; and
sending policy information over the interface between the IMS network and the ANDSF to provision a policy for prioritization of services at the mobile communication device.

US Pat. No. 11,032,326

SYSTEMS AND METHODS FOR ACCESSING A PRIVATE NETWORK

Verizon Patent and Licens...

1. A device, comprising;one or more memories; and
one or more processors, communicatively coupled to the one or more memories, to:
determine that a mobile device is associated with a first identifier that is associated with a first mobile network based on receiving a request of the mobile device to access a private network associated with the first mobile network using a second identifier associated with a second mobile network and determining that the second identifier does not provide authorization to access the private network,
wherein the first identifier provides authorization for the mobile device to access the private network,
wherein the mobile device is communicatively coupled to the second mobile network using the second identifier;
transmit, based on determining that the mobile device is associated with the first identifier, a security challenge to the mobile device;
determine, based on receiving a response to the security challenge from the mobile device, whether the response to the security challenge satisfies the security challenge; and
provide, based on determining that the response to the security challenge satisfies the security challenge, the mobile device with access to the private network.

US Pat. No. 11,032,325

SYSTEM AND METHOD FOR INTEGRATING SESSION INITIATION PROTOCOL COMMUNICATION IN A TELECOMMUNICATIONS PLATFORM

Twilio Inc., San Francis...

1. A method comprising:establishing, by a multi-tenant communication platform system, a Session Initiation Protocol (SIP) communication session between a first endpoint and a second endpoint;
detecting occurrence of a first signaling event in the SIP communication session, the first signaling event being associated with a callback resource identifier that is registered to a first account of the multi-tenant communication platform system; and
in response to detecting the occurrence of the first signaling event, transmitting a message to an external system identified by the callback resource identifier registered to the first account, the message including data associated with the SIP communication session.

US Pat. No. 11,032,324

SECURING METHOD FOR LAWFUL INTERCEPTION

BlackBerry Limited, Wate...

1. A method, by an electronic device, for secure communication, comprising:generating, by a processor of the electronic device, a Message Authentication Code (MAC) tag using a MAC key, a nonce, and at least one of an identifier and a key component generated by the processor based on private key information associated with the electronic device and a publicly known elliptic curve point, wherein the identifier is one of an International Mobile Station Equipment Identity (IMEI), a Globally Routable User Agent URI (GURU), an International Mobile Subscriber Identity (IMSI), and a Temporary International Mobile Subscriber Identity (TIMSI); and
establishing, by the processor, a secure communication session with at least one other electronic device based on generating the MAC tag and at least session security data associated with the at least one other electronic device.

US Pat. No. 11,032,323

PARAMETRIC ANALYSIS OF INTEGRATED OPERATIONAL TECHNOLOGY SYSTEMS AND INFORMATION TECHNOLOGY SYSTEMS

QOMPLX, INC., Tysons, VA...

1. A system for parametric analysis of integrated operational technology systems and information technology systems, comprising:a cyber-physical graph module comprising a first plurality of programming instructions stored in a memory of, and operating on a processor of, a computing device, wherein the first plurality of programming instructions, when operating on the processor, cause the computing device to:
receive information about a combined system, the combined system comprising information technology elements and operational technology elements, and the information comprising entities associated with the combined system and relationships between entities associated with the combined system;
create a model of the combined system using the information, the model comprising a cyber-physical graph which comprises nodes representing the entities associated with the combined system and edges representing the relationships between entities associated with the combined system;
a model analyzer comprising a second plurality of programming instructions stored in the memory of, and operating on the processor of, the computing device, wherein the second plurality of programming instructions, when operating on the processor, cause the computing device to:
perform one or more iterative parameter analyses of one or more parameters of the model of the combined system;
determine a response of the model of the combined system to each of the iterative parameter analyses performed;
identify one or more key parameters based on the responses of the model of the combined system;
send the one or more key parameters to a scaling optimizer; and
a scaling optimizer comprising a third plurality of programming instructions stored in the memory of, and operating on the processor of, the computing device, wherein the third plurality of programming instructions, when operating on the processor, cause the computing device to:
receive the one or more key parameters from the model analyzer;
determine an amount of computing resources available;
calculate scaling parameters based on the key parameters and the amount of computing resources available by:
determining a dimensionality in which to run the model of the combined system;
determining a set of perturbations and iterative cycles to use when running a simulation on the model of the combined system; and
determining a threshold degree in change of state of the model of the combined system at or above which a new simulation should be triggered.

US Pat. No. 11,032,322

SYSTEMS AND METHODS FOR SECURELY PAIRING A TRANSMITTING DEVICE WITH A RECEIVING DEVICE

Capital One Services, LLC...

1. A system for secure communication between a transmitting device and a receiving device comprising:a pairing server storing a plurality of security keys;
one or more memory devices storing instructions; and
one or more processors configured to execute the instructions to perform operations comprising:
determining that a pairing configuration has changed;
in response to determining that the pairing configuration has changed, transmitting a key request and receiving a sensory pattern via a second communication method;
after receiving the sensory pattern, determining decryption key, the decryption key being encoded based on a ciphering scheme specified by the sensory pattern;
acquiring, from the pairing server, at least one of the security keys and determining whether the decryption key matches the at least one of the security keys;
after determining the decryption key matches at least one of the plurality of security keys, receiving encrypted messages via a first communication method, the first communication method being different from the second communication method; and
decrypting the encrypted messages using the decryption key.

US Pat. No. 11,032,321

SECURE PERFORMANCE MONITORING OF REMOTE APPLICATION SERVERS

Red Hat, Inc., Raleigh, ...

1. A method for obtaining performance metric information securely, comprising:iteratively sending, by a first application server on a computing device comprising a processor device, each respective remote application server of a plurality of remote application servers an encrypted message requesting performance metric information of the respective remote application server using an encrypted communication protocol;
receiving encrypted requested performance metric information from at least some of the plurality of remote application servers; and
effecting storage of the requested performance metric information in a storage device;
wherein:
the plurality of remote application servers is a subset of a larger plurality of remote application servers from which the first application server requests performance metric information;
the first application server comprises a first security realm established for incoming messages and a second security realm established for outgoing messages;
the first security realm comprises first security realm configuration data that binds incoming communications to a first digital certificate; and
the second security realm comprises second security realm configuration data that binds outgoing communications to a second digital certificate.

US Pat. No. 11,032,320

SYSTEMS AND METHODS FOR DYNAMIC APPLICATION LEVEL ENCRYPTION

JPMorgan Chase Bank, N.A....

1. A method for dynamic application level encryption, comprising:in an information processing apparatus comprising at least one computer processor:
receiving a plurality of data classification rules;
classifying each of a first and second set of data using the data classification rules;
identifying at least one protection option of a plurality of protection options for protecting each of the first and second sets of the data in at least a rest state, an in-transit state, and an in-memory state based on the classification of the data;
applying the identified protection options to the first and second sets of data at rest at a data store; wherein the protection option applied to the first set of data is different than the protection option applied to the second set of data; and
utilizing the first set and second sets of data simultaneously in accordance with the protection options applied to each of the first and second sets of data by an application in an application server;
wherein one of the plurality of protection options includes the application server decrypting data that is encrypted with a store-specific key at the data store, and encrypting the data with a session key, and a web browser decrypting the data encrypted with the session key.

US Pat. No. 11,032,319

SYSTEMS AND METHODS FOR PREPARING HONEYPOT COMPUTER FILES

NortonLifeLock Inc., Tem...

1. A computer-implemented method for preparing honeypot computer files to help prevent successful cyberattacks, at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising:identifying, at the computing device, a search term used by a cyber attacker in an electronic search request;
anticipating, using a machine learning classifier, one or more candidate search terms from the search term;
extracting, using natural language processing, topics from document corpuses of sensitive documents;
mapping, based on the extracted topics, the search term and the one or more candidate search terms to one or more candidate search results stemming from the electronic search request;
identifying, without regard to a search access restriction, a sensitive computer document from the one or more candidate search results;
creating, as a security action in response to the electronic search request, a honeypot computer file based on the sensitive computer document and comprising the identified search term; and
placing the honeypot computer file in the search results.

US Pat. No. 11,032,318

NETWORK MONITORING BASED ON DISTRIBUTION OF FALSE ACCOUNT CREDENTIALS

Juniper Networks, Inc., ...

1. A device, comprising:one or more memories; and
one or more processors to:
receive end user device information for end user devices associated with a network;
create a data structure that includes the end user device information;
create a data structure that includes false account credentials;
map the end user device information and the false account credentials to create a mapped data structure;
provide the false account credentials to memory locations of corresponding ones of the end user devices;
provide information from the mapped data structure to a plurality of network devices associated with the network,
the information from the mapped data structure enabling the plurality of network devices to detect an unauthorized access attempt of the network using one or more of the false account credentials; and
receive, from a network device of the plurality of network devices, information identifying an end user device, of the end user devices, from which the one or more of the false account credentials were stolen.

US Pat. No. 11,032,317

PHISHING SCHEME DETECTION AND TERMINATION

United Services Automobil...

1. A method for detecting and halting a malicious use of an email of a company comprising:providing a company email server implementing a company email service with a plurality of email addresses with a common domain name of the company;
assigning an electronic identification (EID) number to each email sent by the company server to uniquely identify each email to define a unique email;
embedding in each email sent from the email server, a first code when executed sends a request to download a GIF image at an absolute source link;
providing a GIF request counter module;
embedding in each of the emails sent, a second code when executed, transmits the EID number of the email from which the GIF request emanated to the host server;
counting with the GIF request counter module the number of requests for download associated with each EID number; and,
returning an indicum of a fraudulent email if the number of requests for download or the download rate of the GIF image is aberrant, wherein the indicum is displayed in the security region of the email.

US Pat. No. 11,032,316

USING MACHINE LEARNING TECHNIQUES TO DETECT IMPOSTER PAGES IN AN ONLINE SYSTEM

Facebook, Inc., Menlo Pa...

1. A method comprising:retrieving, by an online system, authenticated pages that have been determined not to be imposter pages, each authenticated page associated with a name and an image;
retrieving, by the online system, unauthenticated pages as possible imposter pages, each unauthenticated page associated with a name and an image;
identifying one or more of the unauthenticated pages to be legitimate pages relating to one of the authenticated pages;
filtering the identified unauthenticated pages out from the retrieved unauthenticated pages such that the unauthenticated pages remaining are candidate pages for analysis as possible imposter pages;
pairing up each of the candidate pages with an authenticated page by:
determining a similarity score indicating similarity of the candidate page to each of the authenticated pages based on names and images of the candidate page and the authenticated page, and
selecting one of the authenticated pages to pair up with the candidate page based on the similarity scores;
providing each pair to a trained model configured to provide an imposter score indicating likelihood that the candidate page is an imposter page, the model trained to determine imposter scores based on a set of training data;
responsive to the imposter score of a candidate page being above an imposter score threshold, preventing the candidate page from being provided for display to users of the online system;
training the model by inputting the candidate page having the imposter score above the imposter score threshold and the authenticated page paired with the candidate page back into the model as new training data, the model trained over time by inputting additional pairs of candidate pages and authenticated pages; and
responsive to the imposter score of the candidate page being above a secondary imposter score threshold, transmitting the candidate page to a client device associated with a privileged user of the online system for determining whether the candidate page is an imposter page.

US Pat. No. 11,032,315

DISTRIBUTED DENIAL-OF-SERVICE ATTACK MITIGATION WITH REDUCED LATENCY

CHARTER COMMUNICATIONS OP...

1. An apparatus for mitigating a distributed denial-of-service (DDoS) attack in a networked computing system, the apparatus comprising:at least one detector in operative communication with a corresponding router in the networked computing system, the at least one detector being configured: to obtain network traffic flow information from the router regarding current data traffic to at least one host; to employ a machine learning mechanism to inspect one or more traffic patterns prior to the DDoS attack and develop a prediction model to estimate a likelihood of a future DDoS attack; to compare the current data traffic to at least one of the one or more traffic patterns associated with at least one prior DDoS attack stored in the at least one host in response to a prediction of the DDoS attack, each traffic pattern characterizing network traffic flow over a predefined period of time; and to generate an output indicative of a match between the current data traffic and at least one of the stored traffic patterns; and
at least one mitigation unit in operative communication with the at least one detector, the at least one mitigation unit being configured: to receive the output indicative of the match between the current data traffic and at least one of the stored traffic patterns; and to initiate at least one DDoS attack mitigation action in response to the received output prior to detection of an actual DDoS attack to the at least one host.

US Pat. No. 11,032,314

TRIGGERING TARGETED SCANNING TO DETECT RATS AND OTHER MALWARE

Cisco Technology, Inc., ...

1. A method, comprising:classifying, by a security service, traffic telemetry data for traffic between an endpoint device and a server as potentially associated with a particular type of remote access Trojan (RAT);
constructing, by the security service and according to a parallel scanning strategy or a disruptive scanning strategy, a scan message to elicit a type of server response associated with the particular type of RAT, wherein the parallel scanning strategy or the disruptive scanning strategy is selected based on a measure of confidence associated with the classifying of the traffic telemetry data;
obtaining, by the security service, a server response from the server, by sending the constructed scan message to the server; and
determining, by the security service, whether the endpoint device is infected with the particular type of RAT, by validating whether the server response from the server matches the type of server response associated with the particular type of RAT.

US Pat. No. 11,032,313

DYNAMIC REMOTE MALWARE SCANNING

F-Secure Corporation, He...

1. A method of scanning an electronic file for malware in a network, the method comprising:at a first node, generating at least one scanning object of the electronic file on the basis of a dynamic configuration provided to the first node of the network by a second node of the network, the dynamic configuration including a definition of malware-susceptible data of the electronic file, and the at least one scanning object being generated by using the malware-susceptible data of the electronic file and neglecting malware-insusceptible data of the electronic file identified by said definition, and generating at least one signature of the at least one scanning object;
if the at least one signature matches a previously identified signature, determining whether or not the electronic file is malware based on an indication associated with the matching previously identified signature; and
if the at least one signature does not match a previously identified signature, sending the at least one scanning object from the first node to the second node for scanning and receiving at the first node a scanning result from the second node.

US Pat. No. 11,032,312

PROGRAMMATIC DISCOVERY, RETRIEVAL, AND ANALYSIS OF COMMUNICATIONS TO IDENTIFY ABNORMAL COMMUNICATION ACTIVITY

Abnormal Security Corpora...

1. A non-transitory computer-readable medium with instructions stored thereon that, when executed by a processor, cause the processor to perform operations comprising:acquiring an incoming email addressed to an employee of an enterprise;
applying multiple machine learning (ML) models to the incoming email to identify linguistic features from which a determination of risk can be made,
wherein each linguistic feature is representative of one or more words that are indicative of content, sentiment, or tone of the incoming email,
wherein each ML model is designed to detect linguistic features of a different type, such that the multiple ML models are able to collectively surface information regarding a goal of the incoming email, and
wherein the multiple ML models include (i) a first ML model designed to identify financial terminology and (ii) a second ML model designed to identify request terminology;
determining whether the incoming email poses a risk to the enterprise based on the linguistic features identified by the multiple ML models; and
causing display of a visualization component that indicates how a determination regarding the risk was made on an interface.

US Pat. No. 11,032,311

METHODS FOR DETECTING AND MITIGATING MALICIOUS NETWORK ACTIVITY BASED ON DYNAMIC APPLICATION CONTEXT AND DEVICES THEREOF

F5 NETWORKS, INC., Seatt...

1. A method for network attack mitigation implemented by a network security system comprising, network infrastructure devices, attack mitigation apparatuses, or client devices, the method comprising:maintaining an application context model for a protected application based on an ingested historical log, the application context model comprising an estimated communication path across network infrastructure associated with the protected application, wherein the ingested historical log is indexed and results are collected from the indexed historical log responsive to a query;
applying the maintained application context model or a threat model to application logic execution data in an ingested current log to identify a potential attack against the protected application based on a deviation from the estimated communication path;
generating a score for a mitigation action to take in response to the identified potential attack, wherein the generating further comprises generating an integrated result by correlating the collected results using the maintained application context model or the threat model; and
initiating the mitigation action based on the generated score and providing the generated integrated result in response to the query.

US Pat. No. 11,032,310

SECURED SYSTEM FOR TESTING AND MAINTENANCE OF BULK ELECTRICAL SYSTEMS (BES) ASSETS

Doble Engineering Company...

1. A method for protecting a mobile terminal device from cyber security threats, comprising:executing, by at least a processor in the mobile terminal device, test routines program codes stored in a non-transitory memory to configure the mobile terminal device to perform testing on at least one electric utility device;
disabling an internal firewall of the mobile terminal device, disabling communication to one or more network interfaces, and disabling connection to one or more physical interfaces for plug-in device ports, such that all existing communications or connections with the mobile terminal device are terminated and new communications and connections with the mobile terminal device are prevented;
enabling communication to only one or both of a selected physical interface and a selected network interface from among the one or more network interfaces and the one or more physical interfaces that are disabled;
performing the testing on the at least one electric utility device via one or both of the selected physical interface and the selected network interface according to the executed test routines under control of the mobile terminal device;
enabling, in response to completion of the testing, the internal firewall of the mobile terminal device; and
controlling the internal firewall to only permit a new communication connection to a network interface disabled during the testing in response to receipt of a user permission signal identifying the network interface disabled during the testing as being permitted to communicate.

US Pat. No. 11,032,309

SECURE APPLICATION FOR ACCESSING WEB RESOURCES

Authentic8, Inc., Redwoo...

1. A computing device at a first location through which Internet content is accessed during a remote cloud browsing session, the computing device comprising:at least one memory comprising instructions; and
at least one processing device configured for executing the instructions, wherein the instructions cause the at least one processing device to perform operations of:
receiving a request for the Internet content from a user device located in a second location different from the first location, wherein the user device executes an Internet application associated with the remote cloud browsing session, and wherein the Internet content is associated with the remote cloud browsing session and is derived from an Internet content source;
determining at least one of the second location and an enterprise network associated with the user device;
communicating with the Internet content source to access the Internet content, such that the user device is insulated from communicating directly with the Internet content source;
transmitting second Internet content associated with the remote cloud browsing session to the user device, wherein the transmitted second Internet content comprises an image representation of at least a portion of the Internet content accessed from the Internet content source, and wherein the user device initiates display of, using a graphical processing unit (GPU) comprised in the user device, the second Internet content to a user of the user device;
encrypting data associated with at least one of the request for the Internet content from the user device located in the second location, the second location associated with the user device, and the enterprise network associated with the user device;
logging the encrypted data associated with the at least one of the request for the Internet content from the user device located in the second location, the second location associated with the user device, and the enterprise network associated with the user device;
initiating storage of the logged data in a repository; and
enabling a remote device application, associated with a remote device located in a remote location different from the first location and the second location, to access the logged data from the repository,
wherein access to the logged data enables inspection of Internet traffic associated with at least one of the remote cloud browsing session, the user device, and the Internet application, without breaking the Internet traffic associated with the at least one of the remote cloud browsing session, the user device, and the Internet application.

US Pat. No. 11,032,308

SOURCE VERIFICATION DEVICE

INTERNATIONAL BUSINESS MA...

1. A computer-implemented method, comprising:receiving, by a computing device, a report from a first source;
determining, by the computing device, the first source is listed in an untrusted source repository;
selecting, by the computing device, an area around a location of the first source;
selecting, by the computing device, a second source from a plurality of second sources within the area around the location of the first source, wherein the selected second source is one of the plurality of second sources that is farthest away from the first source;
confirming, by the computing device, the report from the first source based on information received from the second source; and
repeating, by the computing device, the selecting the second source from the plurality of second sources within the area around the location of the first source, and the confirming the report from the first source, until a value of information in the report from the second source exceeds an information trust level value for the report.

US Pat. No. 11,032,307

USER INTERFACE FOR DEFINING CUSTOM THREAT RULES IN A NETWORK SECURITY SYSTEM

SPLUNK INC., San Francis...

1. A method, comprising:causing display of a plurality of graphical controls on each of a plurality of displays that enable a user to define a plurality of attributes of a customizable threat rule, the plurality of attributes including an attribute specifying a type of a computer network entity of a computer network, an anomaly pattern, and a time period for processing anomalies, wherein the user can navigate between respective displays of the plurality of displays;
customizing the attribute specifying the type of computer network entity in response to selection of a type of computer network entity from among a plurality of types of computer network entities that are selectable by the user on a first display of the plurality of displays;
customizing the anomaly pattern in response to an interaction by the user with graphical controls on a second display of the plurality of displays that is displayed at a different time than the first display, the graphical controls being selected for the second display based on the selection of the type of computer network entity on the first display, and the interaction including input that forms an association for the threat rule between the anomaly pattern and the selected type of computer network entity, wherein customizing the anomaly pattern includes:
defining a combination of anomaly definitions based on selections from a plurality of anomaly definitions displayed on the second display, each anomaly definition in the combination of anomaly definitions defining a detectable variation from an expected pattern of behavior associated with the type of computer network entity, and
defining a condition associated with the combination of anomaly definitions in response to a user interaction with a graphical control of the graphical controls on the second display, the condition defining a relationship between the selected combination of anomaly definitions;
customizing the time period for processing anomalies in response to an interaction by the user with graphical controls on a third display; and
generating the threat rule based on the selection of the type of computer network entity and the interaction by the user with the graphical controls on the second display and the third display, wherein the threat rule is customized to identify a security threat to the computer network that satisfies the plurality of attributes of the threat rule based on one or more detected anomalies on the computer network.

US Pat. No. 11,032,306

SYSTEM, METHOD AND APPARATUS FOR FULLY PRECISE HYBRID SECURITY VERIFICATION OF MOBILE APPLICATIONS

INTERNATIONAL BUSINESS MA...

1. A security verification method stored in a computer readable medium, comprising:applying a static analysis to a subject program to uncover potential dataflow vulnerabilities;
outputting a list of the potential dataflow vulnerabilities as a first output from inputting the subject program and security specification for the static analysis;
mapping candidate vulnerabilities via string analysis and user interface instrumentation to a user interface (UI) entry point and payload from the output of the list of potential dataflow vulnerabilities to provide a second output via UI-level and code-level events; and
performing directed dynamic testing of the subject program according to the second output and in accordance with constraints computed during the static analysis to confirm or refute a presence of a vulnerability,
wherein the mapping further comprises traversing a control flow path defined by a reported dataflow vulnerability backwards and gathers constraints on a string flowing into a sink operation.

US Pat. No. 11,032,305

MALWARE DETECTION SYSTEM ATTACK PREVENTION

Intel Corporation, Santa...

1. A malware detection system, the malware detection system comprising:a processor; and
memory, the memory including instructions, which when executed by the processor, cause the processor to:
construct a time series of directed graphs using incoming files, during training of a machine learning system used to detect malware attacks, wherein a structure of the time series of directed graphs is based on relationships between entities recorded in the incoming files;
detect, during a time window of the time series, an anomaly based on the time series of directed graphs; and
provide an indication that the anomaly was detected.

US Pat. No. 11,032,304

ONTOLOGY BASED PERSISTENT ATTACK CAMPAIGN DETECTION

International Business Ma...

1. A method, in a data processing system, comprising at least one processor and at least one memory, the at least one memory comprising instructions executed by the at least one processor to cause the at least one processor to implement an ontology based persistent attack campaign detection engine, the method comprising:in response to a security incident, sending the security incident to an incident model microservice executing within the persistent attack campaign detection engine;
extracting, by the incident model microservice, artifacts from the incident;
mapping, by the incident model microservice, the artifacts to a graph topology data structure, wherein the graph topology data structure comprises a two-layer graph topology, wherein a first layer contains incidents and linkages between the incidents by type and wherein the second layer contains mappings between incident artifacts and probabilities that the incident artifacts are correlated together;
storing, by the incident model microservice, the graph topology data structure in a graph data storage;
collecting, by an ontology modeling suite executing within the persistent attack campaign detection engine, security data from a document data storage;
building, by the ontology modeling suite, a security ontology data structure and storing the security ontology data structure in an ontology data storage;
mapping, by the ontology modeling suite, concepts from the security ontology data structure to the graph topology data structure;
performing, by a custom insight engine executing within the persistent attack campaign detection engine, insights based on the graph topology data structure; and
outputting, by the custom insight engine, results of the insights to a user in human readable form.

US Pat. No. 11,032,303

CLASSIFICATION USING PROJECTION OF GRAPHS INTO SUMMARIZED SPACES

NortonLifeLock Inc., Tem...

1. A computer-implemented method for anomaly detection using grouping-based graph summarization, the method being performed by one or more computing devices, each comprising one or more processors, the method comprising:identifying a first graph from a stream of incoming graphs;
generating a first summary of the first graph;
classifying the first summary in a first category of a plurality of graph categories;
identifying a second graph from the stream of incoming graphs;
generating a second summary of the second graph;
comparing the first summary with the second summary;
mapping the first summary and the second summary to the first category upon determining that the comparing indicates a similarity between the first summary and the second summary satisfies a graph similarity threshold;
analyzing a frequency of graphs being mapped to the plurality of graph categories, the plurality of graph categories comprising at least the first category; and
detecting an anomaly in one of the graph categories based at least in part on the analysis.

US Pat. No. 11,032,302

TRAFFIC ANOMALY DETECTION FOR IOT DEVICES IN FIELD AREA NETWORK

PERSPECTA LABS INC., Bas...

1. A computer implemented method comprising:generating, by one or more processor, a whitelist for a subject device from two or more devices in a field area network (FAN) listing one or more peer devices in the same FAN communicating with the subject device as respective whitelist entries, wherein the one or more peer devices indicate all other devices than the subject device from the two or more devices in the FAN, wherein the FAN is for an infrastructure without a controlled perimeter, and wherein a whitelist entry in the whitelist for the subject device corresponds to a peer device of the one or more peer devices in the FAN and comprises one or more attribute values expected in traffic between the subject device and the peer device as represented by the whitelist entry; and
monitoring the traffic at one or more points of the FAN by use of the whitelist for one or more anomaly.

US Pat. No. 11,032,301

FORENSIC ANALYSIS

Fortinet, Inc., Sunnyval...

1. A forensic analysis method performed in respect of an endpoint device connected to a computer network, the method comprising:collecting file system call data from the endpoint device, the file system call data corresponding to a plurality of system calls relating to file system operations arising from activity performed on the endpoint device, wherein the file system call data is collected by a software wrapper that intercepts or receives notifications about system calls made by any program running in a kernel or a user space of the endpoint device;
collecting network communication metadata from the endpoint device, the network communication metadata being based on a plurality of system calls relating to communication operations over the computer network arising from activity performed on the endpoint device, wherein the network communication metadata is collected by an operating system network activity monitor; detecting first candidate data comprised in the collected network communication metadata by determining a number of communication system calls to a particular network node in the computer network within a predetermined time window and determining whether the number of communication system calls to the particular network node is greater than a predetermined number;
identifying second candidate data in the collected file system call data, the second candidate data corresponding to the first candidate data by:
when each file system call data comprises a time element and each network communication metadata comprises a timestamp, identifying the second candidate data based on the time element and the timestamp being within a predetermined time of each other; and
when each file system call data comprises a first process identifier and the network communication metadata comprises a second process identifier,
identifying the second candidate data based on the first process identifier and the second process identifier being the same; and
analyzing the second candidate data to determine whether or not the first and second candidate data correspond to suspect activity performed on the endpoint device.

US Pat. No. 11,032,300

INTRUSION DETECTION SYSTEM BASED ON ELECTRICAL CAN SIGNAL FOR IN-VEHICLE CAN NETWORK

KOREA UNIVERSITY RESEARCH...

1. An ECU identifying apparatus, comprising:a communication interface configured to transmit and receive CAN data to and from a plurality of ECUs; and
a hardware processor configured to measure a power signal of the received CAN data,
wherein the hardware processor is configured to generate a multi-class classifier that learns a predetermined attribute value with respect to each of the plurality of ECUs and a one-class classifier that learns the predetermined attribute value with respect to all ECUs, wherein the multi-class classifier is a classifier for determining whether an internal attack is made and the one-class classifier is a classifier for determining whether an external attack is made; acquire identification information of the received CAN data; acquire a signal of a predetermined area from the measured power signal; calculate the predetermined attribute value based on the signal of the predetermined area which is acquired, in response to an ECU transmitting the CAN data being an internal ECU; identify an ECU based on identification information included in the multi-class classifier, identification information of the CAN data which is acquired and the calculated predetermined attribute value, in response to an ECU transmitting the CAN data being an external ECU; identify an ECU based on identification information included in the one-class classifier, the identification information of the CAN data which is acquired and the calculated predetermined attribute value; and determine whether an attack is made based on the identified ECU,
wherein the signal of the predetermined area is a signal of a dominant area, a signal of a recessive area, a signal of a positive-slope area, a signal of a negative-slope area, a signal of a dominant-recessive-dominant (DRD) area, and a signal of a recessive-dominant-recessive (RDR) area,
wherein the one-class classifier comprises identification information relating to an external ECU and corresponding to the predetermined attribute value of the external ECU,
wherein the multi-class classifier comprises identification information of the each of the plurality of ECUs in the ECU identifying apparatus and corresponding to the predetermined attribute value of the each of the plurality of ECUs, and
wherein the hardware processor, in response to the predetermined attribute value being changed, updates the multi-class classifier or the one-class classifier based on a predetermined standard.

US Pat. No. 11,032,299

LOG ANALYSIS SYSTEM, ANALYSIS DEVICE, ANALYSIS METHOD, AND STORAGE MEDIUM ON WHICH ANALYSIS PROGRAM IS STORED

NEC CORPORATION, Tokyo (...

1. A log analysis system, comprising:a client terminal configured to communicate with external communication apparatuses;
a relay apparatus configured to relay communication between the external communication apparatuses and the client terminal, in response to a request from the client terminal; and
an analysis device configured to analyze content of communication performed by the client terminal,
wherein:
the client terminal records a terminal log including program information that represents programs operative in the client terminal that have handled communication with the relay apparatus and includes names of executable files and paths of executable files, connection time information, and connection identifiers each including an internet protocol (IP) address and a port number of the client terminal, for each connection between the client terminal and the relay apparatus;
the relay apparatus records a relay log including request time information, the connection identifiers, and connection destination servers that are partners of the client terminal and are indicated by using fully qualified domain names (FQDNs) of the connection destination servers, for each request from the client terminal for communication with the external communication apparatuses; and
the analysis device estimates a connection destination server and a program handling communication with the connection destination server, by comparing the connection time information and the connection identifiers in the terminal log with the request time information and the connection identifiers in the relay log, and identifies whether an unauthorized access was performed by comparing the estimated connection destination server and the program handling communication with the connection destination server.

US Pat. No. 11,032,298

SYSTEM AND METHOD FOR CONTINUOUS COLLECTION, ANALYSIS AND REPORTING OF ATTACK PATHS IN A DIRECTORY SERVICES ENVIRONMENT

Specter Ops, Inc., Alexa...

1. An apparatus for analyzing attack paths in a directory services system that manages a permission to each asset of one or more assets in an enterprise infrastructure, the apparatus comprising:a computer based data collector being connected to one or more assets in a data center of an infrastructure of an enterprise that continuously collects data about one or more assets;
a graph database coupled to the computer based data collector that stores the continuously collected data for the one or more assets;
a computer based analyzer coupled to the graph database that has a set of rules wherein each rule has a condition that is continuously tested against the continuously collected data of the one or more assets to identify an attack path and retrieves data from the graph database to identify a plurality of attack paths for the one or more assets and the directory services system in the enterprise infrastructure, wherein the set of rules further comprises a plurality of rules that identify attack path to Tier 0 assets of the one or more assets, a plurality of rules that identify Kerberos configurations that are abuseable and a plurality of rules that identify least privilege enforcement; and
wherein the computer based data collector is in the enterprise infrastructure data center and the graph database and the computer based analyzer are in cloud separate from the enterprise infrastructure data center coupled to the computer based data collector.

US Pat. No. 11,032,297

DGA BEHAVIOR DETECTION

Palo Alto Networks, Inc.,...

1. A system for Domain Generation Algorithm (DGA) behavior detection, comprising:a processor of a security device configured to:
receive passive Domain Name System (DNS) data that comprises a plurality of DNS responses; and
apply a signature to the passive DNS data to detect DGA behavior, wherein apply the signature to the passive DNS data to detect DGA behavior further comprises:
parse each of the plurality of DNS responses to determine whether one or more of the plurality of DNS responses correspond to a non-existent domain (NXDOMAIN) response; and
determine whether a threshold number of NXDOMAIN responses is received at the security device within a predetermined period of time, comprising to:
perform one or more of the following:
A) in response to a determination that a DNS response corresponds to a NXDOMAIN response:
 determine whether a domain name that was queried relating to the DNS response is on a list of known or approved dynamic DNS; and
 in response to a determination that the domain name that was queried relating to the DNS response is on the list of known or approved dynamic DNS, omit adding the DNS response to the NXDOMAIN responses;
B) in response to a determination that a DNS response corresponds to a NXDOMAIN response:
 determine whether a host name portion of a domain name that was queried relating to the DNS response can be broken into a plurality of known dictionary words; and
 in response to a determination that the host name portion of the domain name that was queried relating to the DNS response can be broken into the plurality of known dictionary words, adding the DNS response to the NXDOMAIN responses; and/or
C) in response to a determination that a DNS response corresponds to a NXDOMAIN response:
 determine whether a domain name associated with the DNS response only includes two segments, the two segments including a hostname and a top level domain; and
 in response to a determination that the domain name associated with the DNS response does not only include two segments, omit adding the DNS response to the NXDOMAIN responses; and
a memory coupled to the processor and configured to provide the processor with instructions.

US Pat. No. 11,032,296

ROGUE ENDPOINT DETECTION

Wells Fargo Bank, N.A., ...

1. A method comprising:determining, by a computing system connected to an enterprise network, and based on information about hostnames associated with endpoint devices known to be available on a subnet included within the enterprise network, a set of network activity that uses a hostname chosen so that the network activity will not invoke a response by any of a plurality of endpoint devices that are operating normally on the subnet;
sending, over the enterprise network and by the computing system, a set of instructions to an endpoint device connected to the subnet, wherein the set of instructions cause the endpoint device to generate the network activity on the subnet;
receiving, over the enterprise network and by the computing system, information identifying a rogue device that responded to the network activity on the subnet; and
performing a security response operation to remediate the rogue device, wherein performing the security response operation includes causing one or more of the plurality of endpoint devices on the subnet to be instructed to avoid interaction with the rogue device.

US Pat. No. 11,032,295

SECURITY MONITORING INFORMATION-BASED PROVISIONING OF DIGITAL CERTIFICATES IN SOFTWARE DEFINED DATA CENTERS

VMWARE, INC., Palo Alto,...

1. A method comprising:assigning a set of digital certificates to a group of computing resources of a software defined data center (SDDC), wherein each digital certificate in the set of digital certificates comprises a different security level, and wherein the group of computing resources comprises a plurality of applications that use a first digital certificate with a first security level from the set of digital certificates for data communication;
receiving security monitoring information associated with the group of computing resources;
determining a second security level to be used for the group of computing resources based on the received security monitoring information; and
managing the group of computing resources by communicating the second security level to an agent associated with the group of computing resources, wherein the agent is to implement a second digital certificate with the second security level for the plurality of applications.

US Pat. No. 11,032,294

DYNAMIC DECRYPTION OF SUSPICIOUS NETWORK TRAFFIC BASED ON CERTIFICATE VALIDATION

Gigamon Inc., Santa Clar...

1. A method comprising:intercepting, by a network device of a computer network, a plurality of cryptographic certificates of a plurality of host servers received in response to a plurality of requests for a plurality of encrypted connections between the plurality of host servers and a plurality of user devices;
determining, by the network device, whether each encrypted connection is a suspicious connection or a normal connection based on an application of a certificate validation policy to each cryptographic certificate;
responsive to determining that a first encrypted connection of the plurality of encrypted connections is a suspicious connection, causing decryption of the first encrypted connection or analysis of metadata associated with the first encrypted connection;
responsive to determining that a second encrypted connection of the plurality of encrypted connections is a normal connection, causing bypass of decryption of the second encrypted connection or of analysis of metadata associated with the second encrypted connection;
and overriding a certificate exception created by a user device of the plurality of user devices, in a transparent proxy mode without interfering with experiences of the plurality of user devices.

US Pat. No. 11,032,293

SYSTEM AND METHOD FOR MANAGING AND SECURING A DISTRIBUTED LEDGER FOR A DECENTRALIZED PEER-TO-PEER NETWORK

SmartAxiom, Inc., Fuller...

1. A method of managing a distributed ledger for a decentralized peer-to-peer (p2p) network, comprising:receiving, by a processor of a controller of an IOT system, at least one encrypted block and a group key generated by at least one IOT device on the p2p network, wherein the at least one encrypted block comprises a unique device identification (ID) of the at least one IOT device, a previous token, a current token, time stamp, and event data generated by the at least one IOT device;
determining, by the processor, a virtual device block in a device chain on verifying the unique device ID, and address of a corresponding event chain associated with the virtual device block;
generating, by the processor, a transaction ID for a new transaction, received as the event data, using the unique ID of the virtual device block and a received group key;
determining, by the processor, a valid event block in an event chain associated with the virtual device block for storing the new transaction and an associated transaction ID; and
updating, by the processor, the distributed ledger with the valid event block upon a verification of the transaction ID by one or more peer IOT devices of the p2p network.

US Pat. No. 11,032,292

SYSTEMS AND METHODS FOR HYBRID BLOCKCHAIN CONTROL

1. A method comprising:receiving an update to a distributed blockchain from a blockchain system, wherein the blockchain system includes multiple computer nodes individually storing copies of the distributed blockchain and individually updating the copies by a consensus process;
determining whether the distributed blockchain has been fraudulently modified based on the received update;
in response to determining the distributed blockchain has been fraudulently modified:
disseminating a corrective block to the blockchain system to trigger the consensus process on the computer nodes; and
invoking an override in the consensus process to update the copies of the distributed blockchain in a manner that bypasses an illegitimate block in the distributed blockchain, wherein the override is invoked while the consensus process processes the corrective block.

US Pat. No. 11,032,291

AUGMENTED REALITY LOCATION VALIDATION THROUGH DYNAMIC LOCATION SIGNATURE OF AN AUGMENT MARKER

Truly Social Games LLC, ...

1. A method for validating authenticity of an augment request, the method comprising:receiving the augment request to display on a display of a computing device of a user an augment image associated with the augment marker,
wherein the augment marker having a marker ID and associated with a geospatial coordinate of the physical environment;
generating a location signature;
associating the location signature with at least one of the marker ID and the physical environment;
receiving a location signature data generated by the computing device through capture of the location signature;
validating that the location signature data is associated with at least one of the marker ID of the augment marker and the physical environment of the augment marker to verify a location of the computing device was within the physical environment of the augment marker; and
authorizing display of the augment image on the display of the computing device of the user.

US Pat. No. 11,032,290

CONTEXT-BASED ANALYTICS AND INTELLIGENCE

Core Mobile Networks, Inc...

1. A method comprising:establishing a first context for a user to start a process of correlation of information from multiple sources of information;
revising the first context to generate a second context, based on first information, wherein the second context does not comprise data from the first context, and wherein the first information comprises a workflow that is generated based at least in part on information received from the multiple sources of information according to the first context;
correlating the multiple sources of information based on the second context to generate second information;
receiving an indication of a pertinent subset of information of the second context from the user;
filtering the second information generated for the user from correlation of the multiple sources of information based on the second context to determine a subset of information based on an identification of the user and the indication of the pertinent subset of information identified by the user;
sending the subset of information to a client device associated with the user.

US Pat. No. 11,032,289

CLONING MANAGEMENT SYSTEM FOR TOUCHLESS DEVICE LEVEL OR GROUP FLEET MANAGEMENT

Xerox Corporation, Norwa...

1. A method of processing location and level changes for managed devices, the method comprising:at least one child device sensing a move to a new location and level in a tree structure, wherein the tree structure comprises a group of managed devices and includes a root device and a plurality of child devices on a plurality of levels and wherein the levels have different permissions and policies;
the at least one child device receiving permissions and policies for the new location and level via a master clone file.

US Pat. No. 11,032,288

METHOD, APPARATUS, AND COMPUTER PROGRAM PRODUCT FOR MANAGING ACCESS PERMISSIONS FOR A SEARCHABLE ENTERPRISE PLATFORM

ATLASSIAN PTY LTD., Sydn...

1. An apparatus for managing access permissions for a searchable enterprise platform comprising a plurality of software applications, the apparatus comprising at least one processor and at least one memory including computer program code, the at least one memory and the computer program code configured to, with the at least one processor, cause the apparatus to:retrieve a user global permissions profile associated with a user profile, the user global permissions profile comprising application access permissions assigned to the user profile for the plurality of software applications;
retrieve a global content permissions profile, the global content permissions profile comprising content access permissions assigned to digital content items that are retrievable by one or more of the plurality of software applications;
apply permissions conflict rules to resolve permissions conflicts between the user global permissions profile and the global content permissions profile to produce a resolved permissions profile;
store the resolved permissions profile to a storage for future use.

US Pat. No. 11,032,287

DELEGATED ADMINISTRATOR WITH DEFINED PERMISSION BOUNDARIES IN A PERMISSION BOUNDARY POLICY ATTACHMENT FOR WEB SERVICES AND RESOURCES

AMAZON TECHNOLOGIES, INC....

1. A method comprising:receiving, by an identity and access management (IAM) service executed by one or more computing devices and manages access to web services and resources, a first request from a central administrator to create a delegated administrator, the first request specifying a permission boundary policy with one or more access permissions to allow and deny access to the web services and resources;
in response to the first request:
generating a permission boundary policy attachment that specifies the permission boundary policy;
generating a permissions policy attachment that grants permissions to the delegated administrator to create a new IAM user with the permission boundary policy attachment and that grants permissions to the delegated administrator to attach a permissions policy to the new IAM user, wherein an effective permission on the new IAM user is an intersection of access permissions specified in the permissions policy attachment and the one or more access permissions in the permission boundary policy attachment; and
attaching the permissions policy attachment and the permission boundary policy attachment to the delegated administrator;
receiving, by the IAM service, a second request from a IAM user created by the delegated administrator, the second request specifying at least one of an action or access to a web service or a resource;
determining, by the IAM service, that the action or access for the IAM user is within the intersection of access permissions specified in the permissions policy attachment and the one or more access permissions in the permission boundary policy attachment; and
allowing or denying the action or access in view of the determining.

US Pat. No. 11,032,286

BLOCK CHAIN AUTHENTICATION SYSTEMS AND METHODS

United Services Automobil...

1. An authentication system for electronic data, comprising:a client system;
a secondary device paired to a client device;
at least one blockchain node, comprising:
a blockchain node processor; and
non-volatile storage, configured to store a block chain comprising secondary authentication information identifying the secondary device,
wherein the client system, the secondary device, or both is configured to:
identify that the secondary device is paired to the client device; and
based upon the secondary device being paired to the client device, automatically register the secondary device with the at least one blockchain node by submitting secondary device identifying data as the secondary authentication information to be stored and associated with a primary authentication information in the blockchain node; and
a backend authentication system, comprising a memory device with instructions that cause a backend authentication system processor to:
receive one or more electronic data action requests and the primary authentication information from the client system;
authenticate the client system using the primary authentication information received from the client system;
receive, at the backend authentication system, from the client system, device authentication information supplied to the client system from the secondary device, based on authentication of the client system, wherein the device authentication information is generated by the secondary device independent from input from the client system;
authenticate the secondary device by comparing the secondary authentication information stored in the block chain with the device authentication information received from the secondary device; and
execute the one or more electronic data action requests based on authenticating the secondary device;
wherein the client system and the secondary device are both different than the backend authentication system used to authenticate the client system.

US Pat. No. 11,032,285

REMOTE PROFILE SECURITY SYSTEM

Bradley A Handler, Palo ...

1. A method comprising:storing, at a server, first user profile information for a remote user, the first user profile information comprising user-provided information that identifies the user;
encrypting the first user profile information to restrict the server from accessing the first user profile information stored at the server, wherein an encryption key for decrypting the first user profile information is not locally stored on the server after encrypting the first user profile information;
after the first user profile information is stored at the server and in response to determining that access to the first user profile information is needed:
requesting authorization information comprising the encryption key from a client device of the remote user; and
receiving, by the server from the client device of the remote user, the authorization information comprising the encryption key temporarily provided by the remote user, via the client device, in order to control the server access to the first user profile information stored at the server, wherein the authorization information is used to restrict the server from accessing the first user profile information that is stored at the server;
in response to receiving the authorization information temporarily provided by the remote user, decrypting the first user profile information to enable access to the first user profile information, by the server, using the encryption key received from the client device; and
automatically re-encrypting the first user profile information to restrict the server from accessing the first user profile information stored at the server subsequent to the first user profile information being accessed by the server, wherein subsequent to re-encrypting the first user profile information, the encryption key for decrypting the first user profile information is not locally stored on the server.

US Pat. No. 11,032,284

CLOUD-BASED COORDINATION OF REMOTE SERVICE APPLIANCES

DOCUSIGN, INC., San Fran...

1. A method for protecting data within a cloud-based service platform, the method comprising:establishing a service session between a cloud computing system and a first client associated with an electronic document, the service session established in response to a service request received from the first client and in response to determining that the electronic document does not include sensitive information, the first client associated with an account on the cloud-based service platform;
detecting an addition of sensitive information to the electronic document;
in response to detecting the addition of sensitive information to the electronic document, switching from the cloud computing system to a local server system for use during a remainder of the service session; and
upon switching to the local server system, controlling a sequence of operations performed by the local server system to satisfy the service request received from the first client, wherein the sequence of operations includes requesting and receiving a digital or electronic signature on the electronic document from a signor identified within the service request.

US Pat. No. 11,032,283

MANAGING USE OF NETWORK RESOURCES

BlackBerry Limited, Wate...

1. A method of managing use of network resources on a device, the method comprising:receiving, at the device, outbound data from an application associated with a first group of logically separate resources, while the device is connected to both a first network and a second network, wherein the device includes the first group of logically separate resources and a second group of logically separate resources, the first group of logically separate resources includes a first network resource for accessing the first network, the second group of logically separate resources includes a second network resource for accessing the second network, and the first network is different than the second network;
in response to receiving the outbound data from the application associated with the first group of logically separate resources, outputting, on the device, a graphic user interface that requests a user input indicating whether to allow the application associated with the first group of logically separate resources to access the second network resource associated with the second group of logically separate resources; and
in response to receiving the user input indicating whether to allow the application associated with the first group of logically separate resources to access the second network resource associated with the second group of logically separate resources, determining, according to the user input, whether to route the outbound data received from the application associated with the first group of logically separate resources to the second network using the second network resource associated with the second group of logically separate resources while the device is connected to both the first and the second networks.

US Pat. No. 11,032,282

INTERLINKING CROSS PLATFORM AUTHORIZATION AND PROCESSING

NCR Corporation, Atlanta...

1. A method, comprising:authenticating, by executable instructions that execute on a hardware processor from a non-transitory computer-readable storage medium as a cross platform interlink manager, a user;
registering, by the cross platform interlink manager, the user;
acquiring, by the cross platform interlink manager during the registering, multiple accounts of the user, each account associated with transaction processing of the user and with only a particular one of multiple platforms, wherein each of the multiple platforms is distinct from one another and each is exclusively associated with a specific respective distinct online business system, and linking each of the multiple accounts and the corresponding specific online business system to the user;
establishing, by the cross platform interlink manager, a global identity that links the user to each of the multiple accounts and the cross platform interlink manager;
obtaining, by the cross platform interlink manager, an authorization for linking first platform data of a first platform selected from one of the multiple platforms with second platform data of a second platform selected from another of the multiple platforms;
linking, by the cross platform interlink manager, the first platform data with the second platform data in response to the authorization based on a first account from the multiple accounts associated with the user in the first platform and based on a second account from the multiple accounts associated with the user in the second platform by appending to a table, within the first platform, that includes the first platform data, a token linked to the global identity of the user and by appending the token to another table, within the second platform, that includes the second platform data;
aggregating, by the cross platform interlink manager, the first platform data and the second platform data based on the token and creating a federated repository of user transaction data having the first platform data and the second platform data, wherein the creating of the federated repository of the user transaction data occurs for each request associated with accessing the user's transaction data;
providing, by the cross platform interlink manager, an interface with operations within the interface for interacting and custom viewing of the user transaction data from the federated repository;
processing, by the cross platform interlink manager, customized queries provided through the interface by the user using the operations against the federated repository; and
presenting, by the by the cross platform interlink manager, results from the processing of the customized queries within the interface.

US Pat. No. 11,032,281

METHOD AND SYSTEM FOR DIGITAL RIGHTS ENFORCEMENT

D2L Corporation, Kitchen...

1. A method for digital rights enforcement over multiple devices, the method comprising:receiving, by a server, a request for digital content from a user via a selected user device over a network;
determining the digital content requested by the user;
determining digital rights associated with the digital content;
determining access rights relating to authorized devices for the user based at least in part on the digital rights associated with the digital content;
determining whether the user has exhausted the access rights; and
in response to determining the access rights are exhausted:
determining at least one content use factor for each of previously authorized user devices of the user, wherein the at least one content use factor includes one or more of a time since the digital content was downloaded on the previously authorized user devices, a time since content corresponding to the digital content was last reviewed on the previously authorized user devices, and a time spent reviewing the digital content on the previously authorized user devices;
determining a previously authorized user device of the previously authorized user devices on which to revoke access to the digital content based on the at least one content use factor; and
revoking the access rights to the previously authorized user device determined based on the at least one content use factor;
in response to determining the access rights are not exhausted, downloading the digital content on the selected user device.

US Pat. No. 11,032,280

PROXY FOR CONTROLLING ACCESS TO SERVICES

Amazon Technologies, Inc....

1. A system, comprising:one or more computing devices of a provider network comprising respective processors and memory to implement a proxy to:
receive network traffic requests at the proxy, wherein each network traffic request originates from a same client site for a client of the provider network and is for a respective target resource within the provider network;
authenticate, by the proxy, respective credentials for each network traffic request with an authentication service of the provider network, wherein the credentials comprise security data associated with the respective target resource used to determine whether access for the network traffic request to the respective target resource is authorized by the respective target resource;
apply, by the proxy, one or more access control rules to each network traffic request, wherein the one or more access control rules indicate whether access to the respective target resource is allowed for the network traffic request and are specified by the client prior to the network traffic requests; and
block, at the proxy, each network traffic request from its respective target resource within the provider network unless the network traffic request passes both the authentication of the security data associated with the respective target resource and the one or more client-defined access control rules.

US Pat. No. 11,032,279

ESTABLISHING TRUST BETWEEN TWO DEVICES

Microsoft Technology Lice...

1. A system comprising:one or more processors; and
memory coupled to the one or more processors, the system configured to:
issue, to a first device, a hash function and a hash seed which are together configured to generate a hash chain that includes multiple computed results corresponding to multiple version numbers;
determine a first version number, of the multiple version numbers, configured to determine a first media access control (MAC) address for the first device, wherein the first MAC address is configured to enable a connection between the first device and a second device to be established;
send, to the second device, the hash function, the hash seed, and the first version number;
receive, from the first device, an indication that the first device is changing from using the first MAC address to using a second MAC address associated with a second version number of the multiple version numbers, wherein the second MAC address is configured to enable the connection between the first device and a second device to be maintained; and
provide the indication to the second device.

US Pat. No. 11,032,278

SYSTEM, METHOD AND APPARATUS FOR GENERATING DEVICE IDENTIFIER

BANMA ZHIXING NETWORK (HO...

1. A method for generating device identifiers, comprising:receiving an identifier assignment request;
in response to the received identifier assignment request, assigning a device identifier to a device, the device identifier being a unique identifier, wherein the device is to be assigned with the device identifier;
transmitting the device identifier to an identifier recording apparatus, wherein the identifier recording apparatus records the device identifier into the device;
assigning an authorization token corresponding to the device;
transmitting the authorization token so that the identifier recording apparatus receives the authorization token;
receiving the authorization token from the identifier recording apparatus;
determining that received authorization token matches with the assigned authorization token; and
transmitting the device identifier to the device, wherein the identifier assignment request includes encryption key information, and wherein the transmitted authorization token is encrypted with the encryption key information.

US Pat. No. 11,032,277

NETWORK ACCESS CONTROL

LENOVO (BEIJING) CO., LTD...

1. A network access control method comprising:obtaining network information of an electronic device, the network information including whether an account associated with the electronic device is overdue;
determining whether a first network resource address to be accessed is on a white list;
in response to the account associated with the electronic device being overdue and the first network resource address being on the white list, generating a first network channel switching instruction, wherein the first network channel switching instruction instructs to switch the electronic device from a second access point name (APN) network channel to a first APN network channel, accessing the network through the first APN network channel does not incur data usage counting, and accessing the network through the second APN network channel incurs data usage counting;
after the electronic device has been switched from the second APN network channel to the first APN network channel, obtaining further network information of the electronic device, the further network information including whether the account associated with the electronic device has been recharged;
determining whether a second network resource address to be accessed is on the white list; and
in response to the account associated with the electronic device having been recharged and the second network resource address not being on the white list, generating a second network channel switching instruction, wherein the second network channel switching instruction instructs to switch the electronic device from the first APN network channel to the second APN network channel.

US Pat. No. 11,032,276

MOUNT, AUTHENTICATION DEVICE, AUTHENTICATION METHOD, AND PROGRAM

NEC CORPORATION, Tokyo (...

1. A wearable article comprising:an annular casing that surrounds a space into which a body part of a user is to be inserted;
an imaging element that is provided in the annular casing, the imaging element configured to capture a first image of the space;
an authentication circuit configured to authenticate the user based on a second image of biometric information previously stored in a storage and the first image of the space, in a case where there is a change from a first state in which the body part is not present in the space to a second state in which the body part is present in the space;
a sensor that is provided in the annular casing and configured to output a sensor value in accordance with a positional relationship between the annular casing and the body part;
a wearing determination circuit configured to determine whether the body part is present in the space, based on the sensor value; and
a light source configured to emit light based on an authentication result of the authentication circuit to notify the user of the authentication result.

US Pat. No. 11,032,275

SYSTEM FOR IMPROVED IDENTIFICATION AND AUTHENTICATION

Mimecast Services Ltd., ...

1. A system for authenticating a user, the system comprising:a processor coupled to a non-transitory memory containing instructions executable by the processor to cause the system to:
receive a request from an entity in response to attempted access to entity resources by a user via a primary user computing device;
determine whether the user is registered with the system; and
initiate one of a registration process and an authentication process with the user based on the determination;
wherein a registration process comprises:
establishing a peer-to-peer exchange of data between at least the system and the primary user computing device and a secondary user computing device;
generating, via the system, an initial candidate secret and transmitting the initial candidate secret to one of the primary and secondary user computing devices via the peer-to-peer exchange;
receiving a reciprocal secret from the secondary user computing device based on interaction between the secondary user computing device and the initial candidate secret, wherein the initial candidate secret is specific to the user and the secondary user computing device, and wherein the reciprocal secret is based on the initial candidate secret;
generating, via the system, a canonical secret including a token and a random confirmation code and transmitting the canonical secret to the secondary user computing device via the peer-to-peer exchange ensuring a bonded device metaphor such that the canonical secret is a definitive secret only known and stored by the system and the secondary user computing device, wherein the token is associated with an expiry date and is stored on the secondary user computing device to be used for authenticating the user during a future authentication session in lieu of the user entering user login credentials for authentication; and
registering the user with the system in response to receipt of the confirmation code from the secondary user computing device.

US Pat. No. 11,032,274

CARD-PERSONALIZATION SYSTEM

Truist Bank, Charlotte, ...

1. A system comprising:a processing device; and
a memory device that includes instructions that are executable by the processing device to cause the processing device to:
generate a graphical user interface for a process for personalizing a physical card, wherein the process is formed from a plurality of steps that includes at least (a) receiving a selection of an image from a user via a user device and (b) associating the image with a personalization plan for the physical card;
in response to the receiving the selection of the image from the user, transmit a notification to the user indicating that the user is required to create an account to continue the process;
associate a code with the user in response to the account being created;
receive the code from the user via the user device, wherein the code is a unique set of characters that was previously generated by the processing device and provided to the user;
in response to the receiving of the code:
authenticate the user device based on the code;
determine a current step of the user in the process based on the code, wherein the current step of the user in the process is determined by accessing a database that includes a relationship between (i) the code and (ii) a status identifier indicating the current step of the user in the process, and wherein the status identifier is associated with the image; and
update the graphical user interface to reflect the current step of the user in the process;
determine that the image is in an approval stage in which the image is being reviewed for compliance with predefined image criteria;
update the status identifier to indicate that the image is in the approval stage;
based on the updated status identifier, update the graphical user interface to include a message indicating the image is in the approval stage;
determine that the image is approved in the approval stage based on comparing a resolution of the image to a resolution threshold and comparing a size of the image to a size threshold; and
in response to the determining the image is approved in the approval stage, electronically transmit the image and the personalization plan for the physical card to a printing subsystem for generating a personalized card for the user using the personalization plan.

US Pat. No. 11,032,273

METHOD FOR AUTHENTICATING SECRET INFORMATION WHICH PROTECTS SECRET INFORMATION

Crypto Lab Inc., Seoul (...

1. A computer-implemented method for authenticating secret information, the method comprising:receiving, by an authentication server, QX from a terminal for registering secret information;
storing, by the authentication server, the received QX;
receiving, by the authentication server, a vector Z from a terminal for requesting authentication of secret information;
calculating, by the authentication server, the inner product of QX and Z;
calculating, by the authentication server, ½(n?the inner product); and
determining, by the authentication server, that the authentication is successful if ½(n?the inner product) is within a predetermined value and that the authentication fails otherwise,
wherein X is a vector, having a length of n, of secret information to be registered, the elements of which consists of {?1,1}n; Q is a matrix having m rows and n columns where m>n, the elements of which is randomly selected from qm×n; Y is a vector of secret information to be requested for authentication, the elements of which consists of {?1, 1}n; and Z is a vector which satisfies QTZ=Y where QT is a transpose matrix of the matrix Q, and
wherein qm×n is defined by {0, 1, 2, . . . q?1}; and q, m, and n are positive integers.