US Pat. No. 10,218,708

SYSTEMS FOR PROVIDING ELECTRONIC ITEMS HAVING CUSTOMIZABLE LOCKING MECHANISM

CAPITAL ONE SERVICES, LLC...

1. A method for providing a locked electronic item, comprising:receiving, from a first computing device associated with a sender via a software application, a selection of an electronic lock and the electronic item, wherein the electronic lock comprises a lock clue and a lock solution;
determining, based on the lock solution, an answer input field configuration, wherein the answer input field configuration comprises a number of input boxes and spaces that are arranged to correspond to the lock solution;
transmitting, to a second computing device associated with a recipient, the lock clue and the input field configuration;
causing the second computing device to display the lock clue and the input field configuration;
receiving, from the second computing device, an attempted lock solution comprising a set of alphanumeric characters equal to the number of input boxes, wherein the set of alphanumeric characters are configured in a spatial arrangement that corresponds to the input field configuration;
determining whether the attempted lock solution matches the lock solution;
responsive to determining that the attempted lock solution does not match the lock solution:
transmitting, to the first computing device, an unlock attempt notification comprising a failed unlock attempt indication;
receiving, from the first computing device, a remote unlock instruction;
unlocking and transmitting, responsive to the remote unlock instruction, the electronic item to the second computing device;
causing the second computing device to display the electronic item; and
responsive to determining that the attempted lock solution matches the lock solution,
transmitting the electronic item to the second computing device for display or use by the second computing device.

US Pat. No. 10,218,707

CONTROLLING ACCESS TO COMPUTER ACCOUNTS MANAGED BY A COMPUTER ACCOUNT SERVER TO PROVIDE HANDOFF TO A NOMINEE COMPUTER TERMINAL

CA, Inc., New York, NY (...

1. A method comprising:performing operations as follows on a processor of a computer account server:
receiving a nominee identity from an account owner associated with owner access credentials;
storing the nominee identity in a data structure of a computer account that is selected based on the owner access credentials from among a plurality of computer accounts managed by the computer account server;
restricting electronic access to information stored in the data structure of the computer account, to access requests from computer terminals that provide the owner access credentials;
responsive to determining that an account handoff event has become satisfied for the computer account, sending a nominee handoff message using the nominee identity retrieved from the data structure of the computer account;
receiving a nominee access request message, responsive to the nominee handoff message, from a nominee computer terminal contacted through the nominee handoff message;
responsive to validating content of the nominee access request message, modifying the restricting of electronic access to grant the nominee computer terminal electronic access to the information stored in the data structure of the computer account;
receiving a set of nominee identities which includes the nominee identity;
obtaining security key fragments; and
distributing different ones of the security key fragments to different computer terminals identified by associated ones of the nominee identities in the set, one of the computer terminals including the nominee computer terminal,
wherein responsive to determining that the account handoff event has become satisfied for the computer account, nominee handoff messages are sent to the computer terminals;
wherein receiving the nominee access request message, comprises receiving the security key fragments from the computer terminals identified by the nominee identities in the set responsive to the nominee handoff messages, and receiving the nominee access request message from the nominee computer terminal;
wherein the validation of content of the nominee access request message from the nominee computer terminal, comprises generating a reconstructed security key based on the key fragments received from the computer terminals and validating the reconstructed security key.

US Pat. No. 10,218,706

SYSTEM AND METHOD OF SUPERVISORY CONTROL

Sony Interactive Entertai...

1. A method of supervisory control, comprising the steps of:setting, at a remote device, a first usage control parameter for a first account associated with access to content on a class of entertainment devices;
monitoring, at an entertainment device of belonging to the class of entertainment devices, which one or more account or accounts that are active on the entertainment device;
detecting in a first instance, by one or more processors, one or both of a number of input peripherals that are coupled to the entertainment device and a type of the input peripherals coupled to the entertainment device;
detecting in a second instance, by one or more processors, a type of the input peripherals that are coupled to the entertainment device;
obtaining, at the entertainment device, the first usage control parameter set for the first account; and
restricting, by one or more processors, usage of content on the entertainment device responsive to the first usage control parameter;
wherein, in the first instance, the first usage control parameter for the first account restricts usage of content based on one or both of the detected number of the input peripherals or the detected type of the input peripherals coupled to the entertainment device, and
wherein, in the second instance, the first usage control parameter for the first account restricts usage of content based on the detected type of the input peripherals that are coupled to the entertainment device.

US Pat. No. 10,218,705

MULTI-TENANT IDENTITY AND DATA SECURITY MANAGEMENT CLOUD SERVICE

ORACLE INTERNATIONAL CORP...

1. A system for providing cloud-based identity and access management, comprising:a first data partition of a data source storing data for a first tenancy and a second data partition of the data source storing data for a second tenancy, wherein the first data partition is isolated from the second data partition;
one or more processors coupled to a storage device comprising instructions that, when executed by the one or more processors, are configured to:
receive a request from a client for an identity management service;
authenticate the request;
access a microservice based on the request;
determine, at the microservice based on the request, that a user related to the request comprises the first tenancy and a resource related to the request comprises the second tenancy, wherein the first tenancy and the second tenancy are determined from among a plurality of tenancies;
retrieve, by the microservice, data from at least one the first data partition based on the first tenancy or the second data partition based on the second tenancy, wherein a runtime binding with the first data partition is established when data is retrieved in a context of the first tenancy and a runtime binding with the second data partition is established when data is retrieved in a context of the second tenancy; and
perform the identity management service using the retrieved data at the microservice.

US Pat. No. 10,218,704

RESOURCE ACCESS CONTROL USING NAMED CAPABILITIES

CISCO TECHNOLOGY, INC., ...

1. A method performed at a server managing a resource for providing access to a resource in a distributed network, the method comprising: receiving from a client for request for access to a resource, the request for access comprising a name of the resource, a requested operation of the resource, and a distinct named capability, the named capability including the name of the resource, the requested operation, a signature and a server managing the resource;first determining, whether the client is authorized to access the resource identified by the named capability;
second determining that the name of the resource in the named capability matches the name of the resource in the request for access;
third determining that the requested operation of the request for access is listed in the named capability;
fourth determining that the signature is correct and represents a trusted signer;
granting access to the resource named by the named capability in response to at least positive results of the first, second, third and fourth determining; and
preventing the server managing the resource from receiving the request for access to the resource in response to a negative result of any of the first, second, third and fourth determining wherein the first, second, third and fourth determining are performed by a chaperone service function residing within a communication path between the client and the server managing the resource.

US Pat. No. 10,218,703

DETERMINING A PERMISSION OF A FIRST TENANT WITH RESPECT TO A SECOND TENANT

Hewlett-Packard Developme...

1. A method comprising:storing, by a system including a processor, a first representation of privileges among a plurality of tenants of the system, the plurality of tenants having relationships according to a hierarchy that includes a plurality of hierarchical levels of the tenants, wherein at least one of the privileges specifies an access permission of a first of the tenants at a first of the hierarchical levels to a resource of a second of the tenants at one of the hierarchical levels, and wherein the first representation is independent of a representation of the relationships among the plurality of tenants;
in response to a request from the first tenant for the resource of the second tenant, determining, by the system based on the first representation, whether the first tenant is permitted to access the resource of the second tenant; and
dynamically modifying the first representation to change the privileges among the plurality of tenants, without changing the representation of the relationships among the plurality of tenants.

US Pat. No. 10,218,702

VEHICLE ACCESS SYSTEMS AND METHODS

SILVERCAR, INC., Austin,...

1. A system comprising:a mobile computing device comprising a processor, memory, a transceiver configured for local point-to-point communication, and an application stored in the memory and comprising instructions configured to be executed by the processor to:
receive from a server of a reservation management (RM) system reservation information associated with a reservation for a user with which the mobile computing device is associated;
receive signals from a local transceiver of each of one or more of a plurality of vehicles that are within a communications range of the local transceiver of the mobile computing device, the received signals including an indication of the state record of the corresponding vehicle;
validate the reservation information; and
if the reservation information is validated,
display to the user an indication of each of one or more vehicles that are available;
receive from a user a selection of one of the available vehicle(s); and
transmit the user's selection of one of the available vehicle(s) to the server.

US Pat. No. 10,218,701

SYSTEM AND METHOD FOR SECURING ACCOUNT ACCESS BY VERIFYING ACCOUNT WITH EMAIL PROVIDER

Avaya Inc., Santa Clara,...

1. A communication system, comprising:a server, comprising:
a microprocessor; and
a computer readable medium coupled to the microprocessor and comprising instructions stored thereon that cause the microprocessor to:
determine, based on login credentials presented to the server, an email address of a user associated with the login credentials;
establish an electronic mail transfer protocol connection across a communication network between the server and an email server of an email provider of the email address of the user;
send, across the communication network via the electronic mail transfer protocol connection, an electronic mail transfer protocol command to the email server, wherein the electronic mail transfer protocol command to generates a validation response message by the email server, and wherein the validation response message identifies whether the email address of the user is present and active at the email server of the email provider;
automatically generate an access token associated with the user when the validation response message received by the server identifies that the email address of the user is present and active at the email server of the email provider, wherein the access token enables access to a protected resource by a communication device of the user during a lifetime of the access token, and wherein the protected resource is unavailable to the communication device of the user without the access token; and
prevent access to the protected resource by the communication device of the user when the validation response message identifies that the email address of the user is neither present nor active at the email server of the email provider.

US Pat. No. 10,218,700

AUTHORIZATIONS FOR COMPUTING DEVICES TO ACCESS A PROTECTED RESOURCE

CA, Inc., Austin, TX (US...

1. A method comprising:creating, by a first computing device, a mutual trust relationship with at least an agent on a second computing device, and an agent on a third computing device, the creating further comprising registering the trust relationship with the second computing device and the third computing device using tokens stored on the second computing device and the third computing device, respectively, the second computing device associated with a first user and the third computing device associated with a second user;
after the mutual trust relationship is created, receiving, by the first computing device, an access permission request responsive to input from the first user from the second computing device to access a protected resource usable on the second computing device and that is accessible by the third computing device, the protected resource provided by a fourth computing device;
preparing, by the first computing device, an authorization request to the third computing device to allow the second computing device to permission access the protected resource;
outputting, by the first computing device, the authorization request to the third computing device;
receiving, by the first computing device, an indication from the third computing device in response to an input to the third computing device from the second user that the second computing device has permission to access the protected resource; and
outputting, by the first computing device, authorization information to the second computing device so that the second computing device uses the authorization information to access the protected resource on the fourth computing device.

US Pat. No. 10,218,699

SYSTEMS AND METHODS FOR ADDING A NON-INHERENT COMPONENT TO A DEVICE KEY OF A NETWORKED DEVICE

ROCKWELL AUTOMATION TECHN...

1. A method of adding a non-inherent component to a device key of a networked device, the method comprising:receiving a device key of the networked device, wherein the networked device is a network node in a nodal geographic network having multiple network nodes and wherein the multiple network nodes are connected with each other, and the device key comprises one or more device identifying attributes of the networked device in the nodal geographic network;
identifying location information of the networked device in the nodal geographic network, wherein the location information represents a geographic relationship between the networked device and other network nodes of the nodal geographic network;
assigning a position attribute to the networked device according to the identified location information of the networked device in the nodal geographic network;
adding the position attribute to the device key as the non-inherent component for the networked device;
storing the device key; and
triggering an error when the networked device is detached from the network and placed in a new network position in the nodal geographic network, or when the networked device is detached from the network and replaced with a new compatible device at a different network position in the nodal geographic network.

US Pat. No. 10,218,698

USING A MOBILE DEVICE NUMBER (MDN) SERVICE IN MULTIFACTOR AUTHENTICATION

Verizon Patent and Licens...

1. A method comprising:identifying, by a processor of a verification data generation system, an encryption key associated with a verification device, wherein the verification device is different from the verification data generation system;
determining, by the processor, attributes of a session between a source device and the verification device, wherein the source device is different from the verification data generation system, wherein first verification data is sent from the source device to the verification device via the session, wherein the first verification data identifies an account, wherein the account is associated with a user device, wherein the verification device generates user device data associated with a first identifier of the user device, and wherein the verification device sends the source device a request for additional verification data;
receiving, by the processor and from the source device, the request for additional verification data;
determining, by the processor and in response to receiving the request for additional verification data, a second identifier associated with the source device based on information in the request for additional verification data and information regarding sessions established between the source device and the verification device stored in a storage associated with the verification data generation system;
generating, by the processor, second verification data based on the second identifier associated with the source device;
encrypting, by the processor and based on the encryption key associated with the verification device, the second verification data; and
forwarding, by the processor, the encrypted second verification data toward the verification device, wherein the verification device decrypts the encrypted second verification data to recover the second verification data, wherein the verification device compares the second verification data to the user device data associated with the first identifier of the user device, and wherein the verification device determines that the source device corresponds to the user device when the user device data corresponds to the second verification data.

US Pat. No. 10,218,697

USE OF DEVICE RISK EVALUATION TO MANAGE ACCESS TO SERVICES

LOOKOUT, INC., San Franc...

1. A method, comprising:receiving data in a communication from a computing device of an identity provider;
subsequent to receiving the data, receiving, by a second computing device, a request from a first computing device, the request for access by the first computing device to a service, wherein the access requires authorization by the computing device of the identity provider, and access to the service requires that a software component is installed on the first computing device;
in response to the request, performing, by the second computing device, an evaluation of a configuration of the first computing device, wherein the evaluation comprises determining a risk level, and wherein the evaluation is based at least in part on the received data from the identity provider;
performing, by the second computing device, an action based on the evaluation, wherein the action comprises sending a first communication to the computing device of the identity provider, the first communication indicating the risk level, wherein the identity provider is of record with the second computing device to use for authorizing requests for access to the service, and wherein the identity provider is configured to authorize access to the service in response to receiving the first communication;
determining whether the software component is installed on the first computing device; and
in response to determining that the software component is not installed on the first computing device:
creating a fingerprint of the first computing device, the fingerprint including data extracted from at least one communication from the first computing device; and
determining whether the fingerprint matches a fingerprint of another computing device that has previously communicated with the second computing device.

US Pat. No. 10,218,696

TARGETED SECURE SOFTWARE DEPLOYMENT

Microsoft Technology Lice...

1. A system comprising:one or more processors; and
memory storing modules that, when executed by the one or more processors, cause the system to perform operations comprising:
determining that a remote device is to receive a software update;
identifying a public storage root key (SRK) associated with the remote device;
determining a first set of platform configuration registers (PCRs) associated with a trusted operation of firmware operating on the remote device;
determining a second set of PCRs associated with an expected operation of at least a portion of the software update on the remote device;
determining a random symmetric key (RSK);
encrypting, as an encrypted software package, the software update using the RSK;
encrypting, as encrypted configuration settings, the first set of PCRs and the second set of PCRs using the RSK;
encrypting, as an encrypted RSK, the RSK with the public SRK of the remote device; and
transferring the encrypted software package, the encrypted configuration settings, and the encrypted RSK to the remote device, wherein at least a portion of the encrypted software package is imported by the remote device based at least in part on a private SRK of the remote device and after a determination that the first set of PCRs of the encrypted configurations settings correspond to firmware PCRs of the remote device and the second set of PCRs of the encrypted configurations settings correspond to boot manager PCRs of the remote device.

US Pat. No. 10,218,695

SYSTEMS AND METHODS FOR PROVIDING CREDENTIALLESS LOGIN USING A RANDOM ONE-TIME PASSCODE

CAPITAL ONE SERVICES, LLC...

1. A system for providing a credentialless login, comprising:one or more processors of an authentication device; and
a memory in communication with the one or more processors and storing instructions that, when executed by the one or more processors, are configured to cause the system to:
receive, from a software application running on a first user-device, a request for credentialless login;
responsive to receiving an authentication of a user accessing the software application running on the first user-device, generate an access code for a credentialless login for an account of the user;
transmit, to the software application running on the first user-device, data representing the generated access code;
receive, from a second user-device, data representing a credentialless login attempt, the data representing the credentialless login attempt comprising an attempted access code; and
authorize, based on a determination that the attempted access code matches the generated access code, the second user device to access the account of the user.

US Pat. No. 10,218,694

SECURELY ORCHESTRATING EVENTS INITIATED AT REMOTE SERVERS USING A CERTIFICATE SERVER

Bank of America Corporati...

1. A computing platform, comprising:at least one processor;
a communication interface communicatively coupled to the at least one processor; and
memory storing computer-readable instructions that, when executed by the at least one processor, cause the computing platform to:
receive, via the communication interface, from a first server computer system, a first event request comprising first entity information and first event details information;
identify a first entity associated with the first event request based on the first entity information;
based on identifying the first entity associated with the first event request based on the first entity information, generate a first entity verification request;
send, via the communication interface, to a certificate server, the first entity verification request;
receive, via the communication interface, from the certificate server, first certificate information associated with the first entity;
validate the first certificate information associated with the first entity received from the certificate server;
based on validating the first certificate information associated with the first entity received from the certificate server, generate, based on the first entity information and the first event details information, one or more event orchestration commands directing a second server computer system to execute one or more actions associated with the first event request; and
send, via the communication interface, to the second server computer system, the one or more event orchestration commands directing the second server computer system to execute the one or more actions associated with the first event request.

US Pat. No. 10,218,693

MANAGEMENT OF DIGITAL CERTIFICATES

International Business Ma...

1. A computer-implemented method for displaying an interactive graphical map of certificate relationships for one or more cells, each cell including one or more compute nodes, each node including one or more servers, comprising:retrieving certificate information for a plurality of servers within the one or more cells, and storing the retrieved certificate information in a memory;
receiving an organization specification describing an organization structure for the plurality of servers;
receiving a user input command to generate the interactive graphical map of certificate relationships, the interactive graphical map including visual elements, wherein the visual elements include interactive icons, and the command including a command scope that identifies a certificate expiration date criteria;
identifying at least two servers having certificates satisfying the certificate expiration date criteria;
generating the interactive graphical map from the retrieved certificate information;
rendering the interactive graphical map on a display device, the interactive graphical map simultaneously indicating:
the at least two servers having certificates satisfying the certificate expiration date criteria, wherein interactive icons that represent each of the at least two servers are highlighted and arranged on the interactive graphical map according to the organization specification; and
one or more devices, each device having a certificate relationship with a server from the at least two servers, wherein interactive icons that represent the one or more devices are highlighted in response to a user selection of a highlighted interactive icon that represents the server; and
receiving, on the interactive graphical map, an input command for certificate replacement for the at least two servers; and
causing, in response to input command, a replacement certificate to be generated and issued to said at least two servers to satisfy the certification expiration date criteria.

US Pat. No. 10,218,692

MANAGEMENT OF DIGITAL CERTIFICATES

International Business Ma...

1. A computer system for displaying an interactive graphical map of certificate relationships for one or more cells, each cell including one or more compute nodes, each node including one or more servers, comprising:a processor; and
a memory communicatively coupled with the processor, wherein the memory includes a certificate visibility agent to perform operations comprising:
retrieving certificate information for a plurality of servers within the one or more cells and storing the retrieved certificate information in the memory;
receiving an organization specification describing an organization structure for the plurality of servers;
receiving a command to generate the interactive graphical map of certificate relationships, the interactive graphical map including visual elements, wherein the visual elements include interactive icons, and the command including a command scope that identifies a certificate expiration date criteria;
identifying at least two servers having certificates satisfying the certificate expiration date criteria;
generating the interactive graphical map from the retrieved certificate information and rendering the interactive graphical map on a display device, the interactive graphical map simultaneously indicating:
the at least two servers having certificates satisfying the certificate expiration date criteria, wherein interactive icons that represent each of the at least two servers are highlighted, and arranged on the interactive graphical map according to the organization specification; and
one or more devices, each device having a certificate relationship with a first server from the at least two servers, wherein interactive icons that represent the one or more devices are highlighted in response to a user selection of a highlighted interactive icon that represents the first server; and
receiving, on the interactive graphical map, an input command for certificate replacement for the at least two servers; and
causing, in response to input command, a replacement certificate to be generated and issued to said at least two servers to satisfy the certification expiration date criteria.

US Pat. No. 10,218,691

SINGLE SIGN-ON FRAMEWORK FOR BROWSER-BASED APPLICATIONS AND NATIVE APPLICATIONS

AirWatch LLC, Atlanta, G...

1. A system for providing a single sign-on capability to at least one application installed on a client device, comprising:the client device; and
an identity provider application executable by the client device, the identity provider application causing the client device to at least:
register the identity provider application as a local identity provider on the client device using an application programming interface (API) associated with an operating system of the client device, wherein the identity provider application specifies a particular identity provider server address for an identity provider service for which the identity provider application is the local identity provider;
obtain a user credential associated with a user account;
authenticate the user credential for the user account with the identity provider service;
obtain a request to validate an installation of an application installed on the client device based upon the user account;
validate the installation of the application based upon at least one parameter embedded within the request, the installation of the application being validated by extracting a package family name from the request to authenticate the installation of the application, generating a session identifier associated with the request to authenticate the installation of the application and providing the session identifier and an encryption key to the installation of the application;
request an authentication key from the identity provider service; and
provide the authentication key to the application, wherein the application authenticates the user account with the identity provider service using the authentication key.

US Pat. No. 10,218,690

ABSTRACTING AN AUTHENTICATION SEQUENCE USING HTTP

International Business Ma...

1. A computer-implemented method of abstracting an authentication sequence between a client, a server and zero or more authentication servers, the computer-implemented method comprising:provisioning an enterprise server with an authentication response language, wherein the authentication response language allows the enterprise server to issue instructions for authentication steps to an enterprise client, wherein the authentication response language enables the enterprise client to execute a set of instructions for navigating an authentication sequence;
navigating, by one or more hardware processors, the authentication sequence depending on a protocol inherently used by the authentication topology;
receiving, by the enterprise client, a set of authentication instructions from the enterprise server formulated in the authentication response language, wherein the enterprise client is accessing a protected resource, and wherein the enterprise client is not already authenticated;
interpreting, by the enterprise client, the provided authentication instructions;
following, by the enterprise client, a sequence by sending requests and receiving responses from one or more servers in the authentication topology until the sequence is complete;
determining, by the one or more hardware processors, an authentication resolution of the enterprise client based on a success or fail caused by user interactions at the enterprise client; and
providing, by the one or more hardware processors, access to the protected resource in response to the authentication resolution of the enterprise client succeeding.

US Pat. No. 10,218,689

EXTENDING SHROUDING CAPABILITY OF HOSTING SYSTEM

INTERNATIONAL BUSINESS MA...

1. A computer implemented method for extending shrouding capability of a virtual server hosting system, the method comprising:receiving, by a host manager, a request to deploy a shrouded virtual server using a predetermined set of hardware components and using a shrouded mode, the shrouded mode preventing an administrator of a hosting system from accessing data or applications of the virtual server, the request being sent by a client device;
adding, by the host manager, a guest server to the hosting system, the guest server comprising the predetermined set of hardware components;
deploying, by the host manager, a preconfigured hypervisor on the guest server, wherein the preconfigured hypervisor is deployed in an immutable mode that disables changes to security settings of the preconfigured hypervisor;
deploying, by the preconfigured hypervisor, a preconfigured boot image as an instance of the virtual server on the preconfigured hypervisor; and
sending, by the host manager, an identifier of the virtual server for receipt by the client device.

US Pat. No. 10,218,688

CREATING AWARENESS OF ACCESSED TO PRIVACY-SENSITIVE DEVICES

MICROSOFT TECHNOLOGY LICE...

1. A method comprising:under control of one or more processors of a computing device:
detecting when an application displaying content within a window on a display of the computing device begins receiving a data stream captured by a camera, a microphone, a location sensor or an accelerometer of the computing device;
determining if a request submitted by the application to access the data stream captured by the camera, the microphone, the location sensor or the accelerometer of the computing device has been granted by determining whether a module of the computing device is in one of a default-on mode and a default-off mode, wherein the application is determined to have granted the request in response to determining that the module is in the default-on mode, and wherein the application is determined to have granted the request in response to determining that the module is in the default-off mode and when authorization is received to allow the application to access the data stream; and
in response to detecting that the application has begun receiving the data stream and in response to the determining that the application request has been granted, causing display of a graphical icon on or adjacent to the window of the application on the display, the displayed graphical icon dynamically altering in appearance based on data of the data stream to visually represent the data stream being received by the application, and the displayed graphical icon includes dynamic animations that visually dynamically alter in unison with the data of the data stream.

US Pat. No. 10,218,687

DIFFERENTIAL CLIENT-SIDE ENCRYPTION OF INFORMATION ORIGINATING FROM A CLIENT

PayPal, Inc., San Jose, ...

1. A method comprising:receiving, from an entity server over a network by a computer system comprising one or more hardware processors, a processing request comprising an encrypted data package encrypted by a client device, wherein the encrypted data package comprises an encrypted symmetric key encrypted using a first public key allocated to the entity server and encrypted data encrypted using a symmetric key corresponding to the encrypted symmetric key;
determining, by the computer system, a first private key corresponding to the first public key allocated to the entity server by accessing a plurality of private keys stored in a memory;
decrypting, by the computer system, the encrypted symmetric key using the private key to obtain the symmetric key;
decrypting, by the computer system, the encrypted data using the symmetric key to obtain first data; and
providing, by the computer system, a processing result based on at least a portion of the first data.

US Pat. No. 10,218,686

DYNAMICALLY MANAGING, FROM A CENTRALIZED SERVICE, VALID CIPHER SUITES ALLOWED FOR SECURED SESSIONS

INTERNATIONAL BUSINESS MA...

1. A method, comprising:establishing, at a centralized service available in a hosted network, a permission list of at least one cipher suite valid for secure connections;
responsive to receiving, at the centralized service, a request from a socket indicating the socket is negotiating a secure connection with another socket, sending the permission list to the socket, wherein the socket negotiates with the another socket for a mutual cipher suite from among the at least one cipher suite specified in the permission list;
receiving, at the centralized service, from the socket, a session identifier specifying the socket and the mutual cipher suite for a new session established between the socket and the another socket;
adding, by the centralized service, the session identifier specifying the socket and the mutual cipher suite to a current session log;
in response to identifying a particular cipher suite is vulnerable, searching, by the centralized service, the current session log to determine if the particular cipher suite matches one or more previously stored mutual cipher suites;
in response to the particular cipher suite matching one or more previously stored mutual cipher suites, generating, by the centralized service, an alert to send to each socket specified in each entry for the matching one or more previously stored cipher suites; and
responsive to identifying that the particular cipher suite matching the mutual cipher suite used in an ongoing secure session for the socket is revoked, notifying, by the centralized service, the socket that the mutual cipher suite is revoked.

US Pat. No. 10,218,685

KEYCHAIN SYNCING

APPLE INC., Cupertino, C...

1. A non-transitory machine-readable medium storing a program which when executed by at least one processing unit of a first peer device synchronizes a set of keychain items stored in a keychain on the first peer device with sets of keychain items stored in keychains on a plurality of other peer devices, each keychain item comprising a keychain item identifier and a plurality of attributes, the first peer device and the plurality of other peer devices communicatively coupled to one another through a network, the first peer device locally storing, for each other peer device in the plurality of other peer devices, an encryption key corresponding to the other peer device and a list of all keychain identifiers on the other peer device, and the program comprising sets of instructions for:receiving a modification to at least one of the plurality of attributes of each keychain item of a subset of the set of keychain items of the keychain stored on the first peer device;
for each other peer device in the plurality of other peer devices, determining whether a list of all keychain item identifiers for the first peer device matches the list of all keychain item identifiers on the other peer device;
generating a respective update request for each respective other peer device in the plurality of other peer devices for which the list of all keychain item identifiers does not match the list of all keychain item identifiers for the first peer device, in order to synchronize the keychain stored on the first peer device with the keychains of the plurality of other peer devices, wherein the respective update request for each respective other peer device comprises (i) a list of keychain item identifiers indicating each of the keychain items in the keychain of the respective other peer device to be modified and (ii) the modification to be made to the at least one of the plurality of attributes of each of the keychain items to be modified, wherein the respective update request for a first respective other peer device comprises a different set of modifications than the respective update request for a second respective other peer device;
encrypting, for each respective other peer device for which the respective update request was generated and using the encryption key corresponding to the respective other peer device, the keychain items corresponding to the list of keychain item identifiers indicating each of the keychain items in the keychain of the respective other peer device to be modified; and
transmitting, to each particular peer device through the network, the update request for the particular peer device and the encrypted keychain items of the particular peer device to be modified over a secure communication channel between the first peer device and the particular peer device.

US Pat. No. 10,218,684

SECURE DATA TRANSMISSION

NCR Corporation, Atlanta...

1. A method, comprising:receiving, on a device, a device identifier for a portable device responsive to a request from the portable device for a file located on the device, wherein receiving further includes receiving the device identifier from a server;
obtaining, by the device, a public key associated with the portable device from a list of public keys maintained on the device based on the device identifier;
encrypting, by the device, the file using the public key, encoding the file, and producing encrypted and encoded data for the file;
dividing, by the device, the encrypted and encoded data into portions; and
broadcasting, by the device, the portions from the device as a graphical animation rendered on a screen of a display of the device, wherein the graphical animation is detectable to a camera of the portable device for receiving all portions of the encrypted and encoded data from the device, wherein broadcasting further includes broadcasting the portions out of order.

US Pat. No. 10,218,683

RELATING PRIVATE DATA OF DIFFERENT ENTITIES

Microsoft Technology Lice...

1. A method comprising:determining, at a server, a representation of an intersection of a member list of first entity and a member list of a second entity, without accessing the member list of the first entity or the member list of the second entity;
causing, at the server, computation, using information associated with the intersection of the member list of the first entity and the member list of the second entity, of coefficients of a numeric relationship between features of members stored by the first entity and numeric data of members stored by the second entity, without accessing the features or the numeric data at the server;
adding noise to the coefficients to prevent use of the coefficients to exactly compute the numeric data from the features of a specific member; and
providing a digital transmission representing the coefficients of the numeric relationship.

US Pat. No. 10,218,682

SECURE NETWORK PROTOCOL CRYPTOGRAPHIC PROCESSING

Amazon Technologies, Inc....

1. A computer-implemented method comprising:obtaining a request to establish a cryptographically protected communication session from a client computer system;
providing a digital certificate to the client computer system, the digital certificate associated with a service provided by a server computer system;
obtaining an encrypted premaster secret from the client computer system, the encrypted premaster secret encrypted using a public cryptographic key included with the digital certificate;
providing, to a cryptographic service that has access to a private cryptographic key associated with the digital certificate, the encrypted premaster secret;
establishing the cryptographically protected communication session with the client computer system, the cryptographically protected communication session operating in accordance with parameters that are based at least in part on the encrypted premaster secret;
obtaining a data token from the server computer system, the data token associated with data to be transmitted to the client computer system;
obtaining encrypted server data from the cryptographic service using the data token, the encrypted server data corresponding to the data to be transmitted to the client computer system, and the encrypted server data encrypted using a cryptoprocessor with a key that is based on the encrypted premaster secret; and
providing the encrypted server data to the client computer system.

US Pat. No. 10,218,681

HOME NETWORK CONTROLLING APPARATUS AND METHOD TO OBTAIN ENCRYPTED CONTROL INFORMATION

SAMSUNG ELECTRONICS CO., ...

1. A method of controlling, by a control device, at least one device by using control information, the method comprising:receiving, from a server, information used to configure a user interface or process an event related to controlling the at least one device by the control device, which has not been encrypted;
receiving, from the server, control information used to control at least one device, which has been encrypted using an encryption process;
transmitting a control command for controlling the at least one device according to the control information.

US Pat. No. 10,218,680

MECHANISM FOR EFFICIENT PRIVATE BULK MESSAGING

Axway Inc., Phoenix, AZ ...

1. A document management system comprising:a server coupled into a transmission path between a sender and target recipients to receive from the sender and to provide to at least some of the target recipients a message, wherein the provided message is encrypted at least for storage at the server using a sender key and is decryptable using a corresponding message decryption key that is, in turn, separately encrypted for each of the target recipients using respective encryption keys associated with the target recipients themselves, thereby resulting in a plurality of recipient-associated encrypted decryption keys;
the sender providing a digital signature and a list of recipient-associated encrypted decryption keys to the server, wherein the sender digests at least a portion of the list, but not the message itself, to form a digest and encrypts the digest with the sender's private key of a public-private pair to create the digital signature;
the server providing each of the target recipients with at least a respective one of the recipient-associated encrypted decryption keys for decryption by the respective target recipient to recover the underlying message decryption key and to thereby provide the respective target recipient with access to the encrypted message.

US Pat. No. 10,218,679

SECURE SINGLE SIGN ON AND CONDITIONAL ACCESS FOR CLIENT APPLICATIONS

Citrix Systems, Inc., Fo...

1. A method comprising:receiving, by a gateway device, from an application on a client device, and via a secure communication tunnel between the client device and the gateway device, an authentication request comprising a certificate;
accessing, by the gateway device, and from the certificate, a device identifier associated with the client device;
transmitting, by the gateway device, and to a server, a request to determine whether the client device is compliant with one or more security policies, wherein the request to determine whether the client device is compliant with one or more security policies indicates the device identifier associated with the client device;
in response to transmitting the request to determine whether the client device is compliant with one or more security policies, receiving, by the gateway device, and from the server, an indication of whether the client device is compliant with one or more security policies; and
determining, by the gateway device, and based on the indication of whether the client device is compliant with one or more security policies, whether to grant the application on the client device access to a service associated with the application.

US Pat. No. 10,218,678

METHOD AND APPARATUS FOR ACCESSING THIRD-PARTY RESOURCES

CITRIX SYSTEMS, INC., Fo...

1. A method comprising:(a) receiving, by a device intermediary to a plurality of clients and a plurality of resource providers accessible via the device, a selection of a resource provider of the plurality of resource providers from an identity associated with a client of the plurality of clients, the identity authenticated by the device and the device establishing a first token for the identity to access the device;
(b) establishing, by the device, a second token for the identity to access via the device the resource provider of the plurality of resource providers;
(c) providing, by the device to the client, the first token comprising the second token encrypted;
(d) decrypting, by the device, the second token from the first token received from the client in association with a request from the client to access the resource provider, the first token to identify the identity instead of identifying information accessed from the client; and
(e) granting, by the device, the client access to the resource provider.

US Pat. No. 10,218,677

DYNAMIC PROVISIONING OF A FIREWALL ROLE TO USER DEVICES

T-Mobile USA, Inc., Bell...

1. A computing device configured to provide a security service to a mobile traffic network, the computing device comprising:a processor;
a network interface communicatively coupled to the processor and configured to enable communications with the mobile traffic network;
a storage device for content and programming;
a security application stored in the storage device, wherein execution of the security application by the processor configures the computing device to perform acts comprising:
creating a local network group comprising a plurality of user devices that are subscribed to the security service;
receiving a plurality of status reports, each status report of the plurality of status reports corresponding to at least one of the user devices of the local network group;
determining a plurality of competence scores, wherein each competence score of the plurality of competence scores corresponds to at least one of the user devices of the local network group and is based on a respective status report;
selecting one of the plurality of the user devices to act as a firewall for the plurality of user devices of the local network group based on the plurality of competence scores;
provisioning the selected user device to act as a firewall for the local network group; and
sending a message to the plurality of user devices of the local network group to route communication through the selected user device via a short range wireless communication technology.

US Pat. No. 10,218,676

FLEXIBLE NETWORK SECURITY SYSTEM AND METHOD FOR PERMITTING TRUSTED PROCESS

CAP CO., LTD., Ahsung-si...

1. A computer executing a firewall controlling inbound traffic, the firewall protecting the computer against a network connection attempt by setting restrictions on information communicated between networks, the computer comprising:an internal permitted program storage configured to store a list of programs permitted by the firewall;
an input interface configured to accept an indication that one or more permitted network communication programs are permitted by the firewall, thereby resulting in said one or more permitted network communication programs being added to the list of programs permitted by the firewall in the internal permitted program storage;
a port monitoring unit configured to automatically extract, outside of the firewall, information about a protocol using a server port, wherein the server port is designated as a port of a network communication program providing one or more packets of inbound traffic for a destination port; and
a flexible firewall device making the firewall flexible, the flexible firewall device configured to populate a list of server ports permitted by the firewall in an internal permitted port storage as follows:
detect that said network communication program tries to listen to said server port;
in response to detecting that said network communication program tries to listen to said server port, extract, outside of the firewall, using the port monitoring unit, information about the server port requesting communication with the destination port of the packets of inbound traffic; and
automatically store the extracted information about the server port in the internal permitted port storage if said network communication program matches a program on said list of programs permitted by the firewall in the internal permitted program storage;
wherein the flexible firewall device is further configured to thereafter selectively block or allow one or more packets of inbound traffic to the computer as follows:
make a determination whether a destination port of the one or more packets of inbound traffic matches one of the server ports included in the list of server ports permitted by the firewall in the internal permitted port storage;
either allow or block the one or more packets of inbound traffic based on the determination whether the destination port of the one or more packets of inbound traffic matches one of the server ports included in the list of server ports permitted by the firewall in the internal permitted port storage, and using the information about the server port and the protocol to determine whether registration exists in the internal permitted port storage; and
in the case of a determination that the registration does not exist, transmitting the corresponding packet to the firewall, and in the case of a determination that the registration exists, bypassing the firewall, as a transmission to a permitted port as a hooked original function.

US Pat. No. 10,218,675

LEGACY DEVICE SECURITIZATION USING BUMP-IN-THE-WIRE SECURITY DEVICES WITHIN A MICROGRID SYSTEM

Honeywell International I...

1. A system for legacy device securitization within a microgrid, comprising:a microgrid network having at least one remote network connection to a non-local network device and the microgrid network having at least one local legacy device in communication with the non-local network device, wherein the at least one local legacy device cannot perform cryptographic operations;
a first bump-in-the-wire (BITW) security device between the at least one local legacy device and the at least one remote connection, wherein the first bump-in-the-wire (BITW) security device performs asymmetric and symmetric operations on data passed between the at least one local legacy device and the non-local network device, wherein the first bump-in-the-wire (BITW) security device includes a first user interface to allow a user to access privileges to be given to the first bump-in-the-wire (BITW) security device, instructions to be sent to the first bump-in-the-wire (BITW) security device, and data available on the first bump-in-the-wire (BITW) security device to restrict access to the microgrid network, wherein the privileges to be given to the first bump-in-the-wire (BITW) security device include installing software and firmware on one or more devices of the microgrid network, wherein access attempts, successful logins, messages, or a combination thereof are logged into the microgrid network to enable auditing and forensic analysis, and wherein one or more authentication technologies are compared and selected for the microgrid network based on real time requirements of the microgrid network; and
a second bump-in-the-wire (BITW) security device between the non-local network device and the at least one remote connection, wherein the second bump-in-the-wire (BITW) security device performs asymmetric and symmetric operations on data passed between the non-local network device and the at least one remote connection, wherein the first and second bump-in-the-wire (BITW) security devices are positioned within the microgrid network to secure the at least one local legacy device, and wherein the bump-in-the-wire (BITW) security devices communicate with each other to cross check security settings and verify access requests on a secured network that is separate from the network accessed by the remote network connection, wherein the second bump-in-the-wire (BITW) security device includes a second user interface to allow the user to access privileges to be given to the second bump-in-the-wire (BITW) security device, instructions to be sent to the second bump-in-the-wire (BITW) security device, and data available on the second bump-in-the-wire (BITW) security device to restrict access to the microgrid network, and wherein the privileges to be given to the second bump-in-the-wire (BITW) security device include installing the software and the firmware on the one or more devices of the microgrid network.

US Pat. No. 10,218,674

MAC ADDRESS ALLOCATION FOR VIRTUAL MACHINES

Red Hat Israel, Ltd., Ra...

1. A method comprising:determining, by a processing device via a virtual machine, that a first network identifier has not been assigned to the virtual machine;
transmitting, by the processing device via the virtual machine, a network identifier request to a server, wherein the network identifier request comprises a universal identifier associated with the virtual machine;
determining that a data packet is directed to the virtual machine when the data packet comprises the universal identifier associated with the virtual machine, the data packet comprising a second network identifier assigned to the virtual machine by the server in response to the network identifier request; and
assigning the second network identifier to the virtual machine based on the data packet being directed to the virtual machine.

US Pat. No. 10,218,673

WEB CONTENT DISPLAY SYSTEM AND METHOD

Institute For Information...

1. A web content display system, comprising:a provided interface, for receiving a web address with an authorization data corresponding thereto inputted by a web content provider;
a processor, coupled to said provided interface and acquiring and analyzing at least one web content corresponding to said web address according to said web address and said authorization data corresponding thereto to obtain a title corresponding to said web content, an article content with a display format corresponding thereto and an original marketing content with a display format corresponding thereto;
a storage unit, coupled to the said processor and storing respectively, said title, said article content with said display format corresponding thereto, said original marketing content with said display format corresponding thereto and at least one third party marketing content; and
an operation interface, coupled to the said processor and receiving a request for said title from a user device;
wherein said processor generates an embedded code and a reprinted web address corresponding to the embedded code according to said request, wherein when executing to display the reprinted address, said embedded code is executed by a web browser and is linked to said processor to display a reorganized web content on said web browser according to said article content with said display format corresponding thereto, said original marketing content with said display format corresponding thereto and said at least one third party marketing content, wherein said article content of said reorganized web content and said article content of said web content have a same display format, wherein a marketing content of said reorganized web content is said original marketing content of said web content or said at least one third party marketing content.

US Pat. No. 10,218,672

MEASURING MACHINE COMMUNICATION WITH AUTOMATIC ADDRESS ALLOCATION

HEXAGON TECHNOLOGY CENTER...

1. A method for address allocation of participant-specific communication addresses for participants in a measuring system, the method comprising:performing a communication between the participants, which communication takes place via a bus system by means of messages with at least one communication address and a message content, wherein in the bus system the messages that are communicated by any of the participants are received by all other participants;
carrying out an automatic address iteration for at least one of the participants during a calibration or referencing of the measuring system, wherein the automatic address iteration comprises:
monitoring of the messages on the bus system; and
detecting of a collision by a communication address of a received message, which is identical to a participant-dedicated communication address of the at least one of the participants;
providing a collision-related allocation of a changed participant-dedicated communication address of the at least one of the participants to the at least one of the participants, which changed participant-dedicated communication address does not collide with the communication address of the received message; and
performing a defined stimulation of at least one sensor of the at least one of the participants to obtain one or more sensor values, which defined simulation is carried out within the calibration or referencing of the measuring system; and
performing a determination of an address-device allocation of the participants in the measuring system, which determination takes place using the one or more sensor values obtained by the defined stimulation.

US Pat. No. 10,218,671

DYNAMIC MEDIA ACCESS CONTROL ADDRESS ALLOCATION AND LEASING FOR WIRELESS NETWORK

Cisco Technology, Inc., ...

1. A method of operating a network, the method comprising:in the network, broadcasting, via an access point (AP), on a periodic basis, a packet comprising i) a MAC Pool identifier associated with the network and ii) one or more dynamic MAC addresses associated with the network, wherein each dynamic MAC address of the one or more dynamic MAC addresses is potentially assignable to a computing device that receives the packet;
in response to receipt of a packet response from a given computing device, wherein the packet response includes a broadcasted dynamic MAC address of the one or more broadcasted dynamic MAC addresses, determining whether the broadcasted dynamic MAC address has been associated with and/or assigned to a network device in the network; and
in response to the determination, (i) associating the broadcasted dynamic MAC address with the given computing device and (ii) adding the broadcasted dynamic MAC address to a list of plurality of assigned dynamic MAC addresses as an allocated dynamic MAC address assigned to the given computing device, wherein subsequent packets communicated to given computing device are based on the allocated dynamic MAC address.

US Pat. No. 10,218,670

PRESENTING TASKS IN EMAIL APPLICATION AND CALENDAR APPLICATION

Google LLC, Mountain Vie...

1. A non-transitory computer-readable storage medium comprising instructions stored thereon for presenting tasks in an email application and a calendar application, the instructions, when executed by at least one processor, being configured to cause a computing system to at least:generate an email application, the email application performing:
retrieving at least one task from a task database;
retrieving at least one email from an email database;
sorting the tasks and emails within a combined list based on:
at least one task done state of the at least one task and at least one email read state of the at least one email; and
for tasks and emails that have a same task done state or email read state, based on task due dates of the tasks and email received dates of the emails; and
concurrently presenting the at least one retrieved task and the at least one retrieved email in an email user interface in an order based on the sorting and presenting at least one task that should be performed on a current day at a top of the email user interface, the at least one retrieved task and the at least one retrieved email being adjacent and non-overlapping within the email user interface; and
generate a calendar application, the calendar application performing:
retrieving the at least one task from the task database;
retrieving at least one appointment from an appointment database; and
concurrently presenting the at least one retrieved task and the at least one retrieved appointment in a calendar user interface, the at least one retrieved task and the at least one retrieved appointment being adjacent and non-overlapping within the calendar user interface.

US Pat. No. 10,218,669

SYSTEM AND METHOD FOR VERIFYING DELIVERY AND INTEGRITY OF ELECTRONIC MESSAGES

RPost Communication, LTD,...

1. A system for transmitting an electronic message from a sender to a recipient through a network and determining, without compliance or co-operation of the recipient, whether the transmitted electronic message has been received by the recipient, comprising:a first server in electronic communication with a sender and at least one recipient, the first server utilizing a processor programmed using software operating commands to:
receive an original message from the sender,
store the original message in a memory associated with the first server,
create a new message from the original message by adding a link to the original message, the link programmed to
automatically extract when the new message has been opened at the recipient's mail agent,
call to the first server or a second server different from the first server to send a first information associated with the link from a database at the first or second server to the recipient,
the first or second server storing an indication that the first or second server was requested to send the first information associated with the link to the recipient,
the first or second server creating a second information from the stored indication, the second information including third information related to the original message and that the transmitted new message was opened at the recipient, and
transmit the new message and the link to the at least one recipient.

US Pat. No. 10,218,668

DETECTION AND MODIFICATION OF OBSOLETE MESSAGES

AMAZON TECHNOLOGIES, INC....

1. A system, comprising:at least one computing device;
an email updater service executable in the at least one computing device, wherein, when executed, the email updater service causes the at least one computing device to at least:
receive an email message from an email server, a content of the email message including displayable information about an occurrence of an event that is active during a first predefined period of time, the displayable information configured to be presented on a rendered version of the email message on a display of the at least one computing device;
send a first instruction to a client email application to alter an appearance of the email message prior to a start of the first predefined period of time as displayed on a user interface associated with an email folder including the email message; and
send a second instruction to the client email application to alter the appearance of the email message following an end of the first predefined period of time; and
the client email application executable in the at least one computing device, wherein when, executed, the client email application causes the at least one computing device to at least:
render the user interface such that the email message is displayed in an original form prior to the first predefined period of time;
modify the user interface in response to receiving the first instruction, the user interface being modified such that the email message is displayed in at least one of: a different color, a different shade, or a different pattern;
determine that the first predefined period of time has lapsed in response to receiving the second instruction; and
modify, after a second predefined period of time following an ending of the first predefined period of time, the user interface such that the email message is displayed in the original form.

US Pat. No. 10,218,667

SOCIAL NETWORK COMMUNITIES

salesforce.com, inc., Sa...

1. A system for providing, in an enterprise social networking service, internal groups for collaboration with users inside of an organization and external groups for collaboration with users outside of an organization, the system comprising:a database system implemented using a server system comprising one or more hardware processors, the database system configurable to cause:
identifying a user identity (ID) received from a computing device as one of a set of first user identities (IDs) of first users belonging to an internal group maintained using one or more internal group data objects in a database, the internal group maintained on behalf of a first organization in association with an enterprise social networking service, the first users being inside of the first organization, each first user having one or more of a set of first roles, the first roles comprising an employee of the first organization;
providing, to the computing device, access to the internal group responsive to identifying the user ID as one of the first user IDs, the access to the internal group defined at least in part by a first set of permissions for the computing device to access a first set of files stored in a database in association with the one or more internal group data objects and for the computing device to access a first set of social networking conversations associated with the one or more internal group data objects, the first set of social networking conversations comprising one or more posts and one or more comments shared in an internal group feed maintained for the internal group using one or more feed objects in a database;
processing a request received from the computing device to access an external group maintained using one or more external group data objects in a database, the external group maintained on behalf of the first organization in association with the enterprise social networking service, the processing of the request comprising identifying the user ID as one of a set of second user IDs of second users belonging to the external group, the second users comprising:
an internal subset of the second users comprising at least a portion of the first users, and
an external subset of the second users who are outside of the first organization, each second user in the external subset having one or more of a set of second roles, the second roles comprising a customer of the first organization and a partner of the first organization; and
providing, responsive to identifying the user ID as one of the second user IDs, the computing device with access to the external group, the access to the external group defined at least in part by a second set of permissions for the computing device to access a second set of files stored in a database in association with the one or more external group data objects and for the computing device to access a second set of social networking conversations associated with the one or more external group data objects, the second set of social networking conversations comprising one or more posts and one or more comments shared in an external group feed maintained for the external group using one or more feed objects in a database, the second set of permissions being restricted with respect to the first set of permissions to limit:
access by the external subset of second users to the first set of files associated with the one or more internal group data objects,
submission by the external subset of second users of a further file for inclusion in the first set of files,
access by the external subset of second users to the first set of social networking conversations associated with the one or more internal group data objects, and
sharing by the external subset of second users of a further post and a further comment in the internal group feed for inclusion in the first set of social networking conversations.

US Pat. No. 10,218,666

INTEGRATING OFFSITE ACTIVITIES WITH ONLINE DATA RECORDS

1. A method comprising steps of:generating an identifier in a first computer system, wherein the identifier is generated in at least one of anticipation of an electronically provided communication by a user and in response to the electronically provided communication by a user accessing network-based content associated with an entity, wherein the identifier associates the electronically provided communication by the user to an agent of an entity;
storing the identifier and the association of the identifier with the electronically provided communication in a memory that is in communication with the first computer system;
conveying the identifier from the first computer system to an external computer system;
receiving the identifier conveyed from the first computer system by the external computer system;
identifying and storing at least one information record associated with an activity of the user, wherein the information record is at least one of an electronically provided communication record and a data record,
wherein the at least one electronically provided communication record is associated with the electronically provided communication by the user by tagging at least one electronically provided communication record with the identifier, wherein each electronically provided communication record of at least one electronically provided communication record relates to the electronically provided communication by the user,
wherein the at least one data record is associated with the activity of the user by tagging each data record with the identifier, wherein each data record of at least one data record relates to the activity of the user, each of the at least one data record is stored on the external computer;
conveying the at least one information record from the external computer system to the first computer system;
receiving, at the first computer system from the external computer system, the at least one information record from the external computer system, wherein each information record of the at least one information record includes the identifier; and
using the identifier stored in the first computer system to associate the received at least one information record, related to the activity of the user, with the electronically provided communication.

US Pat. No. 10,218,665

SYSTEM RELATING TO 3D, 360 DEGREE OR SPHERICAL FOR REFERING TO AND/OR EMBEDDING POSTS, VIDEOS OR DIGITAL MEDIA WITHIN OTHER POSTS, VIDEOS, DIGITAL DATA OR DIGITAL MEDIA AND POSTS WITHIN ANYPART OF ANOTHER POSTS, VIDEOS, DIGITAL DATA OR DIGITAL MEDIA

Pixured, Inc., Zephyr Co...

1. A computer implemented method of managing posts for interacting with digital media items, digital media items comprising 3d, 360 degrees, geocoded or spherical digital images and video, comprising:providing a user application operating on one or more user devices which are operative to view web based digital media items, each of the digital media items comprising a sequence of frames having one or more objects that selectively change position in successive frames in the sequence of frames, the user application for creating posts that refer to one of the one or more objects in select ones of digital media items, the user application defining a select location of the post in each frame of the sequence of frames corresponding to position of the one object, comprising the user and/or the user application identifying the object location in select ones of successive frames in the sequence of frames, and the select location of the post in each frame comprises a select coordinate position;
providing a database system for storing user created posts; and
creating and managing embedded data in user created posts and links to the select location of the post in each frame of the sequence of frames for the one object in select one of digital media items, wherein users interacting with the user application can access user created posts, while viewing the digital media items.

US Pat. No. 10,218,664

RECURRENT INVITATION LOOP

Microsoft Technology Lice...

1. A method, comprising:sending, by computer, a first invitation organically generated by a first member of a user community, to an invitee who is not a member of the user community;
queuing all invitations organically generated by members of the user community and addressed to the invitee within a first time period after the invitee receives the first invitation;
when the invitee is not a member of the user community when the first time period expires:
if the queue is not empty, dequeuing and sending at least one queued invitation to the invitee; and
if the queue is empty, resending the first invitation to the invitee; and for one or more subsequent time periods after the first time period:
queuing all invitations organically generated by members of the user community and addressed to the invitee within the subsequent time period.

US Pat. No. 10,218,663

SPLITTING MESSAGE CHANNELS

Facebook, Inc., Menlo Pa...

1. A computer-implemented method, comprising:extracting a user identifier from a browser cookie of a web browser running on a requesting device, wherein:
a social network member associated with the user identifier is also associated with a plurality of social networking accounts within a social networking system, the plurality of social networking accounts comprising a personal account and a domain-specific account;
the social network member is logged into the personal account via a first browser tab of the web browser and is logged into the domain-specific account via a second browser tab of the web browser; and
the web browser maintains a single browser cache that stores a same set of browser cookies to share with all of the web browser's browser tabs such that both the first browser tab and the second browser tab share a same browser cookie;
receiving, at the social networking system, a first web-based client request, sent from the second browser tab, to establish a message channel between the social networking system and the second browser tab, wherein the first web-based client request identifies a uniform resource locator (URL) entered in the web browser via the second browser tab;
in response to receiving the first web-based client request:
identifying a URL subdomain in the URL entered via the second browser tab that is associated with the domain-specific account and not with the personal account;
selecting a domain-specific account identifier that is associated with the domain-specific account and not with the personal account; and
configuring the message channel as a domain-specific channel, wherein said configuring includes selecting, based on the domain-specific account identifier, a content item, intended for the domain-specific account, to send over the message channel to the second browser tab;
receiving, at the social networking system, a second web-based client request, sent from the first browser tab, to establish an additional message channel between the social networking system and the first browser tab, wherein the second web-based client request identifies a uniform resource locator (URL) entered in the web browser via the first browser tab; and
in response to receiving the second web-based client request:
identifying a URL subdomain in the URL entered via the first browser tab that is associated with the personal account and not with the domain-specific account;
selecting a personal account identifier that is associated with the personal account and not with the domain-specific account; and
configuring the additional message channel as a personal channel, wherein said configuring includes selecting, based on the personal account identifier, an additional content item, intended for the personal account, to send over the additional message channel to the first browser tab.

US Pat. No. 10,218,662

METHOD AND A SYSTEM FOR EMAIL ADDRESS VALIDATION

International Business Ma...

1. A computer program product for an email address validation, the computer program product comprising:one or more computer-readable tangible storage medium and program instructions stored on at least one of the one or more tangible storage medium, the program instructions executable by a processor, the program instructions comprising:
program instructions to identify an email address of a recipient listed in an email;
program instructions to determine whether the email address is erroneous, wherein program instructions to determine whether the email address is erroneous comprises program instructions to determine a position of the recipient has changed, program instructions to determine an email address is erroneous, and program instructions to determine a confidentiality mismatch;
wherein program instructions to determine the position of the recipient has changed comprises:
program instructions to determine a current position of the recipient;
program instructions to determine a previous position of the recipient, wherein the previous position comprises one or more of: a position of the recipient at a date of a previous email transmission, and a position of the recipient at a predetermined date;
program instructions to determine whether the current position is the same as the previous position;
based on determining that the current position is not the same as the previous position, program instructions to determine a new email address of a new recipient based on the previous position;
program instructions to determine that the email includes one or more predefined specific words, wherein the predefined specific words are associated with a new position that is not a current position of the recipient;
program instructions to determine a new email address based on the new position;
wherein program instructions to determine the confidentiality mismatch comprises:
program instructions to determine that the email includes one or more predefined specific words, wherein the predefined specific words are associated with confidentiality;
based on determining that the email address has not been previously sent by a user, program instructions to display a recommendation to a user;
wherein program instructions to determine the email address is erroneous comprises:
program instructions to determine the email address is not in a database;
program instructions to determine a similar email address in the database comprising one or more of:
program instructions to determine the similar email address by string matching the email address to the database;
program instructions to determine the similar email address by pattern matching the email address to the database;
program instructions to determine the similar email address by approximate string matching the email address to the database; and
based on determining that the email address is erroneous, program instructions to display a recommended email address to a user, wherein the recommended email address is one or more of: the new email address of the new recipient, the similar email address, the email address of the recipient.

US Pat. No. 10,218,661

DYNAMIC GRANULAR MESSAGING PERSISTENCE

International Business Ma...

1. A method for dynamic, granular messaging persistence in a messaging system, the method comprising:monitoring operational performance of a message broker executing in a memory of a host server;
receiving a message for queuing in a message queue of the message broker;
parsing the message to extract different fields;
obtaining, from a schema separate from the message, corresponding priorities for the extracted different fields at least one of the priorities providing that under periods of high resource utilization in the host server, data in a corresponding one of the different fields is not persisted to a message data store, but under periods of low resource utilization in the host server, data in a corresponding one of the different fields is to be persisted to the message data store in fixed storage;
selectively storing, in the fixed storage, data for corresponding ones of the different fields based upon consideration of corresponding ones of the priorities obtained from the schema and also the monitored operational performance; and,
queuing the message in the message queue.

US Pat. No. 10,218,660

DETECTING USER GESTURES FOR DISMISSING ELECTRONIC NOTIFICATIONS

Google LLC, Mountain Vie...

1. A computer-implemented method comprising:accessing, by a client device, content from a specific source;
responsive to accessing the content, identifying a status of access rights of a user of the client device for the content, wherein the access rights indicate a number of pieces of content that the user of the client device is allowed to access from the specific source;
displaying, by a touch-sensitive display screen of the client device, the content in a content area of the touch-sensitive display screen;
displaying, by the touch-sensitive display screen, a notification, wherein the notification obscures at least a portion of the content, and wherein the notification includes information about the status of the access right of the user for the content;
detecting, by the touch-sensitive display screen, a dismissal gesture at a portion of the touch-sensitive display screen at which the content is displayed; and
responsive to detecting the dismissal gesture:
dismissing the notification by at least ceasing to display the notification; and
visually scrolling the content displayed in the content area of the touch-sensitive display screen.

US Pat. No. 10,218,659

PERSISTENT CONNECTIONS FOR EMAIL WEB APPLICATIONS

Amazon Technologies, Inc....

8. A method comprising:diverting communications to a second server, the communications directed from a webclient to a first server associated with an email system;
querying a database for a token based on identification information for the webclient;
determining that the token is valid by providing the token to the email system and receiving a response from the email system indicating that the token is valid; and
responsive to determining that the token is valid, establishing communication between the webclient and the second server associated with the email system.

US Pat. No. 10,218,658

SYSTEM AND METHOD FOR REGULATING ELECTRONIC MESSAGE TRANSMISSIONS

Intercontinental Exchange...

1. A system for control of electronic message transmissions, the system comprising:one or more first entities communicatively coupled to one or more second entities via at least one network, at least one of said one or more first entities exchanging electronic messages with at least one of said one or more second entities, each of said one or more first entities and said one or more second entities comprising at least one computing device including a non-transitory memory and at least one processor executing computer-readable instructions stored in said non-transitory memory; and
a message delay system disposed between said one or more first entities and said one or more second entities within said at least one network, the message delay system comprising one or more computing devices including a non-transitory memory and at least one processor executing computer-readable instructions stored in said non-transitory memory, the message delay system including:
an input interface receiving the electronic messages from among the one or more first entities and the one or more second entities at one or more message arrival times, via the at least one network,
a message delay component applying:
a common predefined delay time, generated by the message delay system, to all of said electronic messages,
a first delay offset, generated by the message delay system, to at least one message of said electronic messages, and
a second delay offset that is different from the first delay offset, generated by the message delay system, to at least one other message of said electronic messages,
such that the message delay system delays transmission of the electronic messages in accordance with the applied common predefined delay time, the first delay offset and second delay offset,
the common predefined delay, the first delay offset and the second delay offset being a function of at least one of entity geographical location, communication medium, network propagation characteristics and messaging attributes; and
an output interface transmitting all of the electronic messages to their designated recipients via the at least one network,
wherein each of the input interface and the output interface comprises an application stored in the non-transitory memory of the one or more computing devices, and the message delay component comprises at least one of a software delay line element (SDLE) and a hardware delay line element (HDLE), and
wherein the at least one message having the first delay offset and the at least one other message having the second delay offset arrive at their respective designated recipients at a same or similar time.

US Pat. No. 10,218,657

METHOD AND SYSTEM FOR PROVIDING PRIVATE CHAT WITHIN A GROUP CHAT

Alibaba Group Holding Lim...

1. A computer-implemented method for private chat within a group chat performed by a server, comprising:receiving, by the server from a user of a computing device, a first message that includes a first private chat identifier, private chat counterpart information, and first private chat content data;
determining a private chat counterpart client based on the first private chat identifier and the private chat counterpart information, wherein the private chat counterpart client and the computing device are both participating in the group chat;
generating a first private chat message based on the first message including the first private chat content data;
sending the private chat message to the private chat counterpart client without sending the private chat message to all members participating in the group chat;
receiving, by the server from the user of the computing device, a second message that includes a private chat counterpart exclusion identifier, private chat counterpart exclusion information, and second private chat content data;
removing from a client list a client based on the private chat counterpart exclusion identifier and the private chat counterpart exclusion information included in the second message, wherein the client list includes all members of the group chat or one or more private chat counterpart clients associated with a previously sent private chat message;
generating a second private chat message based on the second message including the second private chat content data; and
sending the second private chat message to remaining clients on the client list.

US Pat. No. 10,218,656

SMART MESSAGE DELIVERY BASED ON TRANSACTION PROCESSING STATUS

International Business Ma...

1. A method for message delivery to a transaction processor, the method comprising:receiving a message having transaction information;
determining if the received message is prohibited from delivery based on comparing the transaction information with a blacklist, wherein the blacklist is used to block messages;
in response to determining that received message is prohibited from delivery, refusing message delivery or delaying message delivery;
in response to determining that the received message is not prohibited from delivery, enqueuing the message in a request queue;
receiving a reply message with a transaction status update from the transaction processor;
updating the blacklist based on the received reply message with the transaction status update;
detecting an enqueued message in the request queue;
in response to detecting the enqueued message in the request queue, determining if an expire time associated with the detected message exceeds an estimated delivery time;
in response to determining that the expire time associated with the detected message does not exceed the estimated delivery time, discarding the detected message from the request queue;
in response to determining that the expire time associated with the detected message exceeds the estimated delivery time, waiting until a transaction allowed event occurs;
in response to the transaction allowed event occurring, determining if the detected message has not expired; and
in response to determining that the detected message has not expired, sending the detected message to the transaction processor.

US Pat. No. 10,218,655

STREAMLINED COLLABORATION ON DOCUMENT

MICROSOFT TECHNOLOGY LICE...

1. A method performed on a client computing device that is associated with an on-line document system, the method comprising:automatically importing, via the client computing device into the on-line document system from an received email that includes an attached document, a copy of the attached document resulting in an on-line version of the attached document, where the received email is addressed to a plurality of collaborators;
opening and presenting, by the client computing device, the on-line version of the attached document;
displaying, by the computing device in response to the on-line version of the attached document being dosed, a user interface that provides an option to send a reply to the received email with at least one change made during the presenting of the on-line version of the attached document; and
sending, by the client computing device in response to the option being selected, the reply to the received email, where the reply includes a link to the on-line version of the attached document with the at least one change.

US Pat. No. 10,218,654

CONFIDENCE SCORE-BASED SMART EMAIL ATTACHMENT SAVER

International Business Ma...

1. A computer-implemented method for selecting a save-to location based on confidence scores, the method comprising:accessing, by one or more processors, a metadata file comprising a data table;
checking, by one or more processors, the data table for entries that match one or more predefined features of a file to be saved, wherein each match is associated with a save-to location;
computing, by one or more processors, confidence scores for each save-to location based on a weight associated with each of the predefined features;
producing, by one or more processors, a list of recommended save-to locations based on the confidence scores wherein the list comprises at least a location of previously saved files associated with the metadata file;
receiving, by one or more processors, a user selection based on the list; and
updating, by one or more processors, the data table based on each of the one or more predefined features of the file and the user selection.

US Pat. No. 10,218,653

COGNITIVE ANALYSIS OF MESSAGE CONTENT SUITABILITY FOR RECIPIENTS

INTERNATIONAL BUSINESS MA...

1. A method comprising:modifying a message interface of a messaging system, the modifying comprising:
computing, using a processor and a memory, a set of characteristics corresponding to a content of a message;
computing, for a characteristic in the set of characteristics, a skill factor that is needed to achieve a degree of comprehension of the content having the characteristic;
computing, using a processor and a memory, a gap between the skill factor corresponding to the characteristic and a skill factor associated with a recipient of the message;
selecting an annotation responsive to evaluating that the gap exceeds a first tolerance value; and
applying, in the message, the annotation to an identifier of the recipient.

US Pat. No. 10,218,652

SYSTEMS AND METHODS FOR INTEGRATING A CHAT FUNCTION INTO AN E-READER APPLICATION

Mastercard International ...

1. A method for integrating a chat function and person-to-person (P2P) payments into an e-reader application using an e-reader communication platform including at least one processor in communication with at least one memory, said method comprising:facilitating downloading, on a first client device, the e-reader application, wherein the first client device is associated with a first user;
facilitating downloading, to the first client device, an e-book, wherein the e-book is accessed using the e-reader application;
facilitating downloading, on the first client device, an Internet Protocol (IP) communication service;
receiving a user selection of a command from within a user interface of the e-reader application stored on the first client device to transmit a first IP chat message, initiated on the first client device, to at least one other client device including a second client device associated with a second user to form a chat group including the first user and at least the second user using the IP communication service;
transmitting a link, within the first IP chat message, to the second client device to download the e-book onto the second client device from within the user interface of the e-reader application stored on the second client device;
receiving a second IP chat message initiated at one of the first client device and the second client device from within the user interface of the e-reader application stored on the one of the first client device and the second client device using the IP communication service;
embedding the second IP chat message into the e-book to produce an embedded IP chat message, wherein the embedded IP chat message is overlaid on the user interface of the e-reader application stored on the first client device;
facilitating display of the embedded IP chat message to each user in the chat group within a respective e-book on a respective client device within the user interface of the e-reader application stored on the respective client device;
transmitting a third IP chat message, initiated on one client device associated with a respective user in the chat group, to at least another client device associated with another user in the chat group;
receiving, in association with the third IP chat message, a request for a transfer of funds from a sender client device, the request identifying an amount of funds to be transferred and a recipient of the funds;
transmitting the request to a secure payment service (SPS), wherein the SPS is associated with a P2P payment system to facilitate the transfer of funds from a sender account associated with the respective user of the sender client device to a recipient account associated with the recipient; and
receiving, upon completion of the transfer of funds, a payment notification from the SPS for display on the sender client device.

US Pat. No. 10,218,651

VIRTUAL ASSISTANCE FOR CHAT AGENTS

ORACLE INTERNATIONAL CORP...

1. A method for providing virtual assistance on a contact agent interaction during a live chat session, the method comprising:selecting a mode of operation from a plurality of modes of operation for a virtual assistant, wherein the plurality of modes of operation comprise a live mode, a training mode, a hidden live mode, and a hidden training mode;
launching the virtual assistant in the selected mode of operation;
operating the virtual assistant in the selected mode of operation, the operating comprising:
displaying a graphical user interface on a device of a live agent;
receiving a request in a chat session displayed in the graphical user interface;
receiving, from the virtual assistant, a suggested response to the request;
when the selected mode of operation is the training mode or the live mode:
updating a first portion of the graphical user interface with the suggested response and a promote button; and
updating a second portion of the graphical user interface with a given response from the live agent in the chat session;
wherein:
the graphical user interface comprises the first portion for display of information from the virtual assistant and the second portion for display of the chat session;
the first portion and the second portion are displayed simultaneously; and
selection of the promote button provides the suggested response via the chat session displayed in the graphical user interface and updates the second portion of the graphical user interface with the suggested response;
when the selected mode of operation is the hidden live mode or the hidden training mode:
updating the second portion of the graphical user interface with the given response from the live agent in the chat session; and
tracking a difference between the given response and the suggested response;
wherein:
the graphical user interface comprises the second portion for display of the chat session; and
the suggested response is not provided to the live agent or displayed in the first portion; and
tracking performance of the virtual assistant and the live agent during the chat session.

US Pat. No. 10,218,650

INFORMATION PROCESSING SYSTEM

Ricoh Company, Ltd., Tok...

1. An information processing system comprising:a plurality of information terminals;
an information processing apparatus; and
an information storage apparatus,
wherein the information processing apparatus is connected to a first network and the information storage apparatus is connected to a second network, said first and second networks being connected each other via a firewall,
wherein the information processing apparatus includes
a receiving unit configured to receive information that is transmitted from one of the plurality of information terminals, and
a transmission unit configured to transmit the information, which is received by the receiving unit, to one or more other information terminals and the information storage apparatus,
wherein each of the plurality of information terminals includes
a transmission unit configured to transmit the information to the information processing apparatus, and
a receiving unit configured to receive information which is transmitted from the information processing apparatus,
wherein the information storage apparatus includes
a storage unit configured to store the information which is transmitted from the information processing apparatus,
wherein a first information terminal and a second information terminal of the plurality of information terminals are configured to participate in a group in which chat messages are transmitted,
wherein, after the chat messages are transmitted in the group in which the first information terminal and the second information terminal participate, a third information terminal of the plurality of information terminals is configured to participate in the group, and
wherein the first information terminal is configured to select whether the chat messages transmitted before the third information terminal participates in the group are to be displayed on a screen of the third information terminal.

US Pat. No. 10,218,649

METHOD AND SYSTEM FOR PROVIDING MULTI-USER MESSENGER SERVICE

Naver Corporation, Seong...

1. A messenger service method, comprising:determining, by a processor, that a user has created information for activating a search communication which provides the user with a search result for at least a part of a message input by the user in a chat room in which the user is a participant with at least one other participant, the search communication being between the user and a search conversational program, the at least one other participant being separate from the search conversational program;
transmitting, by the processor to a server associated with the search conversational program, the information and said at least part of the message;
receiving, by the processor, the search result created by the server associated with the search conversational program, the received search result being generated based on the message and the information, the search result including information associated with a document, the document being retrieved using a keyword, the keyword including at least a portion of a text included in the message;
sharing the received search result with the at least one other participant in response to receiving a first selection from the user;
outputting the search result together with a user interface to a display, the user interface being is configured to enable the user to acquire an additional information on the information associated with the document, the search result and the user interface presented to the user and not presented to the at least one other participant; and
deleting the output search result from the display in response to receiving a second selection from the user, wherein the output search result is deleted from the display only when the output search result is not shared with the at least one other participant.

US Pat. No. 10,218,648

OUT OF OFFICE MESSAGE IMPROVEMENTS

Microsoft Technology Lice...

1. A computer system, comprising:at least one processing unit; and
at least one memory storing computer-readable instructions that when executed by the at least one processing unit cause the computer system to:
receive input to activate an out of office messaging function via a setup window; and
upon exiting the setup window, display an indication that the out of office messaging function is active.

US Pat. No. 10,218,647

MECHANISM TO SUPPORT MULTIPLE-WRITER/MULTIPLE-READER CONCURRENCY FOR SOFTWARE FLOW/PACKET CLASSIFICATION ON GENERAL PURPOSE MULTI-CORE SYSTEMS

Intel Corporation, Santa...

1. A method for supporting multiple-writer and multiple-reader concurrency for packet flow data, comprising:implementing a flow table in memory of a host platform including multiple processor cores, the flow table including multiple rows, each row mapped to a respective hash bucket, each hash bucket containing one or more entry slots in which key data are stored;
enabling concurrent read access to the flow table from multiple readers; and
enabling concurrent write access to the flow table from multiple writers by,
associating each bucket with a version counter, wherein a given version counter is associated with one or more buckets;
employing a plurality of threads, executing on the plurality of cores, to concurrently update data in the flow table, each thread comprising a writer;
inserting new key data into the flow table, the insertion of the new key data requiring updates to key data in multiple buckets; and
implementing an access mechanism that guarantees that only one writer can update any of the multiple buckets while the new key data is being inserted into the flow table,
wherein while the single writer is updating the multiple buckets required for a given insertion of new key data one or more other writers are enabled to concurrently insert new key data in the flow table by updating one or more buckets that are not among the multiple buckets being updated by the single writer.

US Pat. No. 10,218,645

LOW-LATENCY PROCESSING IN A NETWORK NODE

Mellanox Technologies, Lt...

1. A network node, comprising:a host processor and a host memory coupled to the host processor;
an acceleration processor and an accelerator memory coupled to the acceleration processor; and
a network adapter network interface controller (NIC), which is configured to connect the network node to a network, to receive from the network inbound messages for processing by the accelerator, and responsively to one or more received inbound messages to query a control index, over a PCI-E bus, to determine whether the accelerator memory has sufficient resources to handle the one or more inbound messages, to store a notification of the received one or more inbound messages in an inbound notifications queue in the accelerator memory if determined that there are sufficient resources, and to update the control index of the inbound notifications queue to indicate the storing of the notification in the inbound notifications queue, wherein the control index is stored in the host memory,
wherein the acceleration processor is configured to read the stored notification in the accelerator memory, to handle the one or more inbound messages responsively to the read notification and to update the control index of the inbound notifications queue to indicate removal of the notification from the inbound notifications queue.

US Pat. No. 10,218,644

REDUNDANT COMMUNICATION PATH TRANSMISSION

Apple Inc., Cupertino, C...

1. An apparatus, comprising:one or more sensors that generate respective data, wherein the sensors are connected to an interface;
a plurality of redundant communication paths from the interface to a control system interface; and
the interface, configured to:
send portions of the respective data via different ones of the plurality of redundant communication paths to the control system according to a redundant path transmission scheme, wherein the redundant path transmission scheme divides transmission of the portions of the respective data generated by the data producers among more than one of the redundant communication paths;
upon a failure of at least one of the redundant communication paths, continue to send those portions of the respective data identified for a remaining one or more of the redundant communication paths according to the redundant path transmission scheme, wherein other portions of the respective data identified for the failed at least one redundant communication path according to the redundant path transmission scheme are not sent to the control system.

US Pat. No. 10,218,643

APPARATUS AND METHOD FOR SCALABLE AND FLEXIBLE ACCESS CONTROL LIST LOOKUP IN A NETWORK SWITCH

Cavium, LLC, Santa Clara...

1. A network switch to support scalable and flexible access control list (ACL) lookup, comprising:a packet processing pipeline including a plurality of packet processing units configured to process a received packet through multiple packet processing stages, wherein each of the packet processing units is configured to
generate and provide a master key for an ACL lookup request to a memory pool;
process the received packet based on ACL search results of the ACL lookup request returned from the memory pool;
said memory pool including a plurality of memory groups to be searched by the packet processing pipeline, wherein each of the memory groups is configured to
maintain a plurality of ACL tables to be searched in one or more static random-access memory (SRAM) tiles of the memory group;
accept and format the master key generated by the packet processing unit into a compact key based on a bitmap per user configuration, wherein the compact key is shorted in size than the master key;
hash the formatted compact key and search the ACL tables stored in the one or more SRAM tiles of the memory group using the formatted compact key;
retrieve, check, and correct row of data from the SRAM tiles for single or double bit errors in the retrieved row of data;
process and provide the row of data as the ACL search results to the requesting packet processing unit.

US Pat. No. 10,218,642

SWITCH ARBITRATION BASED ON DISTINCT-FLOW COUNTS

Mellanox Technologies TLV...

1. A network switch, comprising:multiple ports, including multiple input ports and at least one output port, configured to connect to a communication network; and
circuitry comprising multiple hardware-implemented distinct-flow counters, wherein each distinct-flow counter is associated with a respective input port and with the output port, and is configured to estimate, based on packets received via the respective input port, a respective distinct-flow count, comprising a number of different data flows received via the respective input port and destined to the output port;
wherein the circuitry is configured to:
store packets that are destined to the output port and were received via the multiple input ports in multiple queues;
read count values from the distinct-flow counters that are associated with the respective input ports and with the output port;
determine for the packets stored in the queues a transmission schedule that distributes a bandwidth available at the output port among the queues, by allocating a portion of the bandwidth available at the output port, for a given queue that queues packets received via one or more input ports, based on the read count values that are associated respectively with the one or more input ports, such that each input port is allocated a bandwidth-portion that grows with the number of distinct flows received via that input port; and
transmit the packets via the output port in accordance with the determined transmission schedule.

US Pat. No. 10,218,641

HANDLING DYNAMIC CASCADE PORT/LAG CHANGES IN A NON-BLOCKING MANNER

ARRIS Enterprises LLC, S...

1. A method comprising:maintaining, by a first network device in a system of network devices, a shadow table that stores information regarding one or more ports and one or more link aggregation groups (LAGs) used to interconnect the network devices in the system;
receiving, by the first network device from a user via a device user interface (UI), a first command relating to a change to at least a first port or a first link aggregation group (LAG) in the one or more ports or the one or more LAGs;
updating, by the first network device, the shadow table based on the change;
transmitting, by the first network device, a first message to one or more other network devices in the system that are affected by the change, the first message comprising information about the change; and
starting, by the first network device, a timer associated with the one or more other network devices,
wherein the updating and the transmitting are performed without blocking the user from entering further commands via the device UI,
wherein the first message is received by a second network device in the system that is affected by the change,
wherein, upon receipt of the first message, the second network device is configured to start a local timer, and
wherein, upon expiration of the local timer, the second network device is configured to program the change into its hardware.

US Pat. No. 10,218,640

METHOD AND APPARATUS FOR CONTROLLING DATA TRANSMISSION

Huawei Technologies Co., ...

10. A method for controlling data transmission, the method comprising:receiving a first beacon frame that is sent by an access point, wherein the first beacon frame comprises a first indication information and a traffic indication map (TIM);
acquiring, by a first station, the first indication information for indicating at least one first backoff duration;
determining the first backoff duration according to the first indication information;
determining, according to the TIM comprised in the first beacon frame, that data needs to be transmitted within a sending period of the first beacon frame; and
performing a data transmission operation by using the first backoff duration.

US Pat. No. 10,218,639

COMPUTING LONG-TERM SCHEDULES FOR DATA TRANSFERS OVER A WIDE AREA NETWORK

MICROSOFT TECHNOLOGY LICE...

1. A method comprising:receiving a request to transfer data from a first computing device in a network to a second computing device in the network, the request comprises:
an identity of the second computing device;
an identity of a volume of data to be transferred from the first computing device to the second computing device in accordance with the request; and
a deadline, the deadline identifies a time, wherein the transfer of the data from the first computing device to the second computing device is to be completed prior to the time identified in the deadline;
responsive to receiving the request and based upon the request, computing a long-term schedule that covers a first window of time that includes a plurality of time units, the long-term schedule generated to facilitate completion of the transfer of the data from the first computing device to the second computing device prior to the time identified in the deadline, the long-term schedule identifies, for a time unit in the plurality of time units, at least one path in the network over which the data is to be transferred from the first computing device to the second computing device;
based upon the long-term schedule, computing a short-term schedule that covers a second window of time that occurs prior to the first window of time, the short-term schedule comprises fewer time units than the long-term schedule, the short-term schedule computed to facilitate completion of the transfer of the volume of the data from the first computing device to the second computing device prior to the time identified in the deadline, the short-term schedule comprising a routing table for a network infrastructure device in the network, the routing table identifies at least one device to which data received by the network infrastructure device is to be transferred; and
transmitting the routing table to the network infrastructure device, wherein the network infrastructure device transfers the data to the at least one device in accordance with the routing table.

US Pat. No. 10,218,638

ADAPTIVE MECHANISM FOR EFFICIENT USER CREDENTIALS IDENTIFICATION IN A DYNAMIC HARDWARE ENVIRONMENT

International Business Ma...

1. A computer-implemented method, comprising: obtaining an identifier of a target device based on state information of a plurality of ports in the target device, wherein the obtaining the identifier of the target device comprises: detecting an enabled port in the target device by scanning the plurality of ports in the target device; and generating the identifier of the target device based on the detected enabled port; identifying a type of the target device based on the obtained identifier, wherein the identifying the type of the target device comprises: retrieving, from type-to-port mapping, the type-to-port mapping being stored in mapping tables, a reference type matching the identifier as the type of the target device, the type-to-port mapping indicating associations between reference types and identifiers of devices, the identifiers of the devices being generated based on state information of a plurality of ports in the respective devices; communicating a plurality of user selection options to access the target device to a user based on the retrieved reference type, reducing redundancy in communicating the plurality of user selection options: in response to receiving a user selection input, determining an access type of the target device: and accessing the target device based on the identified type of the target device and user selection input.

US Pat. No. 10,218,637

SYSTEM AND METHOD FOR FORECASTING AND EXPANDING SOFTWARE WORKLOAD BOUNDARIES

International Business Ma...

1. A computer processing system comprising:a computer processor having a non-transitory memory containing program code for:
receiving a resource tree data set that includes machine readable data identifying a plurality of resources in a resource tree;
for each request type of the plurality of request types, receiving a sequence information set that includes machine readable data indicative of an order of resources of the resource tree used for the respectively corresponding request type;
for each request type of a plurality of request types including a first request type, receiving a historical usage information set that includes machine readable data indicative of actual resource usage for the respectively corresponding request type with respect to the plurality of resources in the resource tree;
for each request type of the plurality of request types, receiving a current throughput value for the respectively corresponding request type; and
determining, based at least in part upon the resource data tree set, the sequence information set and the current throughput values, a first additional potential throughput value corresponding to additional throughput with respect to requests of the first request type that can be performed by the resource tree in addition to its current throughput.

US Pat. No. 10,218,636

BI-DIRECTIONAL CO-SHARED SESSIONS

Valens Semiconductor Ltd....

1. A resource reservation network configured to support bi-directional co-shared sessions, comprising:a computer, a network controller, and first, second and third network hops;
the computer is configured to create a bi-directional parent session (Sp), between first and second session partners, by: allocating co-shared network resources over the first network hop connected to the first session partner, and allocating network resources over the second network hop connected to the second session partner; wherein all data packets traveling in either direction of the Sp are guaranteed to travel over the first and second network hops;
the computer is further configured to create a bi-directional derivative session (Sd) between the first session partner and a third session partner, by: allocating network resources to the Sd over the third network hop that is connected to the third session partner, and not allocating specifically for the Sd all the network resources required for the Sd over the first network hop; wherein all data packets traveling in either direction of the Sd are guaranteed to travel over the first and third network hops; and
the network controller is configured to cause a switch between transmitting over the Sp to transmitting over the Sd in less than half the time required to create a new bi-directional session over the first and third network hops.

US Pat. No. 10,218,635

NETWORK CONTROLLER-SIDEBAND INTERFACE PORT CONTROLLER

International Business Ma...

1. A network interface controller for providing a connection for a device to a network, the network interface controller comprising a sideband port controller, the sideband port controller for providing a sideband connection between the network and a sideband endpoint circuit that is operative to communicate information with the network via a sideband, the sideband port controller comprising:a receive data route having an input for receiving packets from the network via a receive backbone unit and an output for passing the packets received from the network to the sideband endpoint circuit, the receive data route comprising a receive buffer to receive the packets from the network and to pass the packets received from the network to the sideband endpoint circuit, wherein the receive buffer includes an overrun mechanism configured to drop received packets when the receive buffer has no available bandwidth;
a receive arbiter and one or more other data sources of the sideband port controller, the receive arbiter configured to determine whether the received packets from the receive buffer or data from a data source of the one or more other data sources of the sideband port controller is to be forwarded via the output of the sideband port controller to the sideband endpoint circuit;
a packet injection register (PIR) that is configured to accept sideband packets when the PIR has available bandwidth to store the sideband packets, wherein the sideband packets are packets received from the sideband endpoint circuit;
a latch configured to be set when an end-of-packet (EOP) marker signals that the PIR has no available bandwidth;
a packet injection arbiter (PIA) configured to select the sideband packets to be forwarded to an output XS1 buffer, and to prioritize forwarding the sideband packets to an XS2 buffer over forwarding the sideband packets to the output XS1 buffer, wherein both the output XS1 buffer and the XS2 buffer are connected to the receive data route, wherein the PIA is connected to a leak mechanism that forwards the sideband packets to the network, wherein the output XS1 buffer transmits received sideband packets to a main media access controller (MAC);
a counter configured to increment when an in-band packet is advanced, along the receive data route, from the output XS1 buffer to the XS2 buffer and to reset when any sideband packet is advanced from the network interface controller, wherein the PIA is arranged to allow the sideband packet to advance when the counter has reached a certain value;
a packet engage latch that is set when either the output XS1 buffer or the XS2 buffer is selected to receive either the in-band packet or the sideband packet, wherein the packet engage latch is in the PIA; and
a transfer logic block configured to stop data packets from being transferred by the XS2 buffer and the PIR in response to receiving a signal indicating that the XS1 buffer is full.

US Pat. No. 10,218,634

NETWORK CONTROLLER-SIDEBAND INTERFACE PORT CONTROLLER

International Business Ma...

1. A network interface controller for providing a connection for a device to a network, the network interface controller comprising a sideband port controller, the sideband port controller for providing a sideband connection between the network and a sideband endpoint circuit that is operative to communicate information with the network via a sideband, the sideband port controller comprising:a transmit data route having an input for receiving sideband packets from the sideband endpoint circuit and an output for passing the sideband packets received from the sideband endpoint circuit to the network;
a packet parser connected to the transmit data route, the packet parser operative to read data from the sideband packets received from the sideband endpoint circuit and further operative to analyze the read data;
a packet injection register (PIR) that is configured to accept the sideband packets when the PIR has available bandwidth to store the sideband packets;
a latch configured to be set when an end-of-packet (EOP) marker signals that the PIR has no available bandwidth;
a packet injection arbiter (PIA) configured to select the sideband packets to be forwarded to an output XS1 buffer, and to prioritize forwarding the sideband packets to an XS2 buffer over forwarding the sideband packets to the output XS1 buffer, wherein both the output XS1 buffer and the XS2 buffer are connected to the transmit data route, wherein the PIA is connected to a leak mechanism that forwards the sideband packets to the network, wherein the output XS1 buffer transmits received sideband packets to a main media access controller (MAC);
a counter configured to increment when an in-band packet is advanced, along the transmit data route, from the output XS1 buffer to the XS2 buffer and to reset when any sideband packet is advanced from the network interface controller, wherein the PIA is arranged to allow the sideband packet to advance when the counter has reached a certain value;
a packet engage latch that is set when either the output XS1 buffer or the XS2 buffer is selected to receive either the in-band packet or the sideband packet, wherein the packet engage latch is in the PIA; and
a transfer logic block configured to stop data packets from being transferred by the XS2 buffer and the PIR in response to receiving a signal indicating that the XS1 buffer is full.

US Pat. No. 10,218,633

IMPLEMENTATION OF A SERVICE THAT COORDINATES THE PLACEMENT AND EXECUTION OF CONTAINERS

Amazon Technologies, Inc....

1. A computer-implemented method comprising:receiving, from a Domain Name System (DNS) service, a message indicating a DNS request, made by a client device, to resolve a uniform resource locator (URL) to an Internet Protocol (IP) address;
as a result of receiving the message, instantiating the container thereby enabling the instantiated container to process a request transmitted to the IP address, the container being an operating system-level virtualization of an environment of a computing resource;
receiving, from the client device, the request directed to the IP address; and
sending the received request to the instantiated container.

US Pat. No. 10,218,632

INTELLIGENT CONTROL AND MANAGEMENT MATRIX, APPARATUS, SYSTEM, AND A METHOD THEREOF

International Communicati...

1. A method for controlling data packet transmission in a data network of a communication system comprising:defining a first level of packet transmission rate, which first level establishes a queue system for lower priority data packets based on one of at least one first criteria calculations, and at least one second criteria calculations;
defining a second level of packet transmission rate, which second level diverts lower priority data packets into said queue system based on type of data packet;
defining a third level of packet transmission rate, which third level diverts lower priority data packets into said queue system based on protocol precedence of data packet;
transmitting data packets over a data network;
determining rate of data packet transmission over said data network;
determining type of data packet transmitted over said data network;
responsive to a packet transmission rate exceeding said first level, establishing a queue system for lower priority data packets based on said one of at least one first criteria calculations, and at least one second criteria calculations;
responsive to a packet transmission rate exceeding said second level, diverting lower priority data packets into said queue system based on type of data packet; and
responsive to a packet transmission rate exceeding said third level, diverting lower priority data packets into said queue system based on protocol precedence of data packet.

US Pat. No. 10,218,631

METHOD FOR TRAFFIC SHAPING OF DATA FRAMES IN NETWORK AND DEVICE AND COMPUTER PROGRAM PRODUCT THEREFOR

Mitsubishi Electric Corpo...

1. A method for traffic shaping of data frames to transmit in a telecommunication network, the frames to transmit being distinguished between:express frames, needing to be sent within predetermined time windows,
and normal frames, intended to be sent at times outside said time windows,
wherein, for a current normal frame, the method comprises the steps of:
determining whether said normal frame can be fragmented, and if yes:
determining whether a remaining time to a next time window opening is enough to transmit one or several fragments of said normal frame, and if yes:
transmitting said one or several fragments,
and wherein:
several flows are being processed and each flow comprises successive normal frames and, if any, one or several fragments remaining from a previous normal frame processing,
said normal frames and/or fragments of each flow are queued in a memory and are assigned with respective processing instants,
a current time is compared with a least processing instant among all the queues of the respective flows so as to implement said steps if the current time is greater than said least processing instant,
said processing instants are updated at each scheduled transmission of a frame or a fragment, by the duration of said scheduled transmission estimated on the basis of a transmission flow bitrate, by dividing the length of the frame or fragment of a flow, to transmit, by the current bitrate of that flow.

US Pat. No. 10,218,630

SYSTEM AND METHOD FOR INCREASING DATA TRANSMISSION RATES THROUGH A CONTENT DISTRIBUTION NETWORK

Pearson Education, Inc., ...

1. A system for generating an updated assignment, the system comprising:a memory comprising:
a content library database comprising a plurality of data packets, wherein the plurality of data packets comprise a plurality of delivery data packets and a plurality of assessment data packets, the assessment data packets including one or more questions; and
a user profile database, wherein the user profile database includes information identifying a cohort of users, and wherein the user profile database includes information identifying plurality of at least one attribute of each of the users in the cohort of users;
a server configured to:
receive aggregation information identifying a plurality of delivery data packets and one or more of the plurality of assessment data packets including the one or more questions;
receive data of the plurality of data packets from the content library database;
identify a recipient cohort, wherein the recipient cohort comprises a group of users of the cohort of users designated to receive the assignment via a plurality of user devices;
generate a plurality of sub-cohorts by dividing the recipient cohort into smaller groups of users, wherein the users in each of the sub-cohorts share a common attribute;
generate sub-cohort data identifying a first data acceptance rate, wherein the sub-cohort data can be generated for each of the sub-cohorts from data of users in that sub-cohort;
generate combined aggregation data characterizing the aggregation as a whole;
generate the updated assignment by removing at least one question from the assignment to match a difficulty of the assignment to a skill level of the recipient cohort; and
provide the updated assignment to the users in one or more of the sub-cohorts.

US Pat. No. 10,218,629

MOVING PACKET FLOWS BETWEEN NETWORK PATHS

Juniper Networks, Inc., ...

1. A method comprising:forwarding, by a network device comprising a first leaf node of an interconnected topology having a plurality of network paths from the network device to each of a plurality of other leaf nodes of the interconnected topology, a first packet of a packet flow along a first network path of the plurality of network paths to a second leaf node of the plurality of other leaf nodes of the interconnected topology, wherein the interconnected topology comprises a plurality of non-leaf nodes, the first leaf node, the other leaf nodes, and network paths between each of the first leaf node and the other leaf nodes via each of the non-leaf nodes;
in response to receiving a second packet of the packet flow, determining, by the network device, an inactivity interval for the packet flow that represents an amount of time between receipt of the first packet and receipt of the second packet by the network device during which no other packets were received for the packet flow;
calculating, by the network device, a threshold as a latency difference between a latency for the first network path and a latency for a second, different network path of the plurality of network paths to the second leaf node;
comparing, by the network device, the inactivity interval to the threshold; and
when the inactivity interval is greater than the threshold, forwarding, by the network device, the second packet along the second network path of the plurality of network paths to the second leaf node.

US Pat. No. 10,218,628

TIME SENSITIVE NETWORK (TSN) SCHEDULER WITH VERIFICATION

General Electric Company,...

1. A method comprising:receiving, at a verification module, a schedule for transmission of one or more data frames to one or more destination nodes via a Time Sensitive Network (TSN);
receiving, at the verification module, a destination for each data frame;
receiving, at the verification module, a maximum tolerable latency for each data frame;
determining, via the verification module, the received schedule is correct;
transmitting one or more data frames according to the schedule;
accessing, via the verification module, the one or more destination nodes;
verifying, via the verification module, the one or more data frames were transmitted to the one or more destination nodes within a maximum tolerable latency, based on accessing the one or more destination nodes; and
controlling one or more operations of an installed product based on the transmitted one or more data frames.

US Pat. No. 10,218,627

DISAGGREGATED BROADBAND NETWORK GATEWAY FUNCTIONALITY FOR EFFICIENT CONTENT DELIVERY NETWORK PEERING

Juniper Networks, Inc., ...

1. A first device, comprising:one or more processors to:
receive, from a broadband network gateway, information that assigns a function related to network traffic associated with a content delivery network and a subscriber device,
the function, assigned by the information received from the broadband network gateway, including providing information associated with the network traffic to the broadband network gateway,
the first device being associated with a metropolitan area network,
the first device being associated with an Ethernet virtual private network configuration, and
the broadband network gateway being associated with an Internet service provider network;
execute the function with regard to the network traffic based on the information that assigns the function,
the first device to receive the network traffic from the content delivery network, and
the first device to provide the network traffic to the subscriber device in a manner that bypasses the broadband network gateway; and
provide, to the broadband network gateway, the information associated with the network traffic based on executing the function,
the broadband network gateway to manage a subscriber session of the subscriber device based on the information associated with the network traffic that was provided to the subscriber device in the manner that bypasses the broadband network gateway.

US Pat. No. 10,218,626

DATA PROCESSING DEVICE, RECEIVING DEVICE, DATA PROCESSING METHOD, AND PROGRAM WITH DYNAMIC PRIORITY ORDER

Sony Corporation, Tokyo ...

1. A data processing device comprising:a classifying unit that classifies packets configuring a multiplexed stream in accordance with priority order based on data including the packets; and
a selection unit that preferentially selects and outputs the packet of the highest priority order from among the packets that have been classified by the classifying unit,
a control unit that sets the priority order for the classifying unit,
wherein the control unit dynamically changes the priority order on the basis of a decoding error at a time of decoding data included in a corresponding packet.

US Pat. No. 10,218,625

METHODS AND APPARATUS FOR ALLEVIATING CONGESTION AT A SWITCH, SUCH AS A SHALLOW BUFFERED SWITCH

New York University, New...

1. A computer-implemented method for handling network traffic surges at a shallow-buffered switch, the computer-implemented method comprising:a) receiving by the switch, a packet;
b) extracting destination information from the packet;
c) looking up, using the extracted destination information, an output port for the packet;
d) determining whether or not to redirect the packet based on a congestion level of a buffer associated with the output port;
f) responsive to a determination to redirect the packet,
1) dispatching the packet to a dedicated reservoir port of the switch, wherein the reservoir port enforces a queue discipline,
2) receiving, by a reservoir, the redirected packet,
3) temporarily buffering, in an internal queue of the reservoir, the received, redirected packet, and
4) sending the temporarily buffered, received, redirected packet back to the switch, andotherwise, responsive to a determination to not redirect the packet, dispatching the packet to the output port of the switch.

US Pat. No. 10,218,624

SERVICE INSTANCE MAPPING METHOD, APPARATUS AND SYSTEM

Huawei Technologies Co., ...

1. A method, comprising:receiving, by a Transparent Interconnection of Lots of Links (TRILL) switch, an Ethernet user packet comprising a virtual local area network (VLAN) ID;
generating, by the TRILL switch, a TRILL packet, wherein the TRILL packet has a 2-byte outer tag and a 2-byte inner tag, the 2-byte outer tag and a 2-byte inner tag both following an inner MAC header that follows a TRILL header of the TRILL packet, wherein a service label of 24 bits is carried by the outer tag and the inner tag, wherein 12 bits in the outer tag store higher 12 bits of the service label, and 12 bits in the inner tag store lower 12 bits of the service label, wherein the service label is mapped from the VLAN ID, and wherein the service label of 24 bits is an extended service label identifying a service instance, and wherein different service instances are isolated by layer-2 isolation in a TRILL network in which the TRILL switch is located; and
sending, by the TRILL switch, the TRILL packet to another TRILL switch in the TRILL network.

US Pat. No. 10,218,623

LEARNING OR EMULATION APPROACH TO TRAFFIC ENGINEERING IN INFORMATION-CENTRIC NETWORKS

Futurewei Technologies, I...

1. A method implemented in a network element (NE) configured to operate in an information centric network (ICN), comprising:receiving a test traffic flow as a copy of a traffic flow in a forwarding plane of the ICN during a defined interval;
emulating the ICN at a state determined at an arrival time of the test traffic flow based on an active traffic flow in the ICN;
measuring a first impact of a first candidate path for the test traffic flow in the emulated ICN to the active traffic flow;
selecting the first candidate path based on the first impact measurement; and
constructing a forwarding rule based on the state and the selection of the first candidate path.

US Pat. No. 10,218,622

PLACING A NETWORK DEVICE INTO A MAINTENANCE MODE IN A VIRTUALIZED COMPUTING ENVIRONMENT

VMWARE, INC., Palo Alto,...

1. An automated method of placing a first physical network switch into a maintenance mode in a virtualized computing environment comprising:identifying a first host computing system coupled to the first physical network switch by a processor of a remote server upon receiving a request to place the first physical network switch into the maintenance mode, the first host computing system executing a workload that transmits and receives network traffic via the first physical network switch, which routes/carries the network traffic;
determining whether the first host computing system is coupled to a second physical network switch by the processor,
if the first host computing system is not coupled to the second physical network switch, quiescing, by the processor, the network traffic to the first physical network switch by initiating migration of the workload to a second host computing system coupled to any other physical network switch;
if the first host computing system is coupled to the second physical network switch, quiescing, by the processor, the network traffic to the first physical network switch by instructing a virtual switch residing in the first host computing system to route the network traffic between the workload and the second physical network switch, and cease routing the network traffic between the workload and the first physical network switch; and
placing the first physical network switch into the maintenance mode by the processor upon quiescing the network traffic to the first physical network switch.

US Pat. No. 10,218,621

METHODS AND APPARATUS FOR MULTIPLE USER UPLINK

QUALCOMM Incorporated, S...

1. An apparatus for wireless communication comprising:a receiver configured to receive a trigger frame from an access point, the trigger frame being transmitted to two or more stations and indicating an uplink transmission opportunity, the trigger frame comprising a physical layer convergence protocol (PLCP) protocol data unit (PPDU) duration field and a request for the two or more stations to concurrently transmit uplink data at a specific time, wherein the PPDU duration field indicates only a duration of the PPDU; and
a transmitter configured to transmit uplink data at the specific time to the access point concurrently with another of the two or more stations transmitting uplink data to the access point.

US Pat. No. 10,218,620

METHODS AND NODES FOR CONGESTION CONTROL

Telefonaktiebolaget LM Er...

1. A method for handling congestion performed in a source node of a communication network, the communication network providing a communication path for traffic streams between the source node and a destination node, wherein the source node multiplexes two or more different types of traffic streams onto a single connection, the method comprising:detecting congestion in the communication network along the communication path;
determining whether there is a traffic differentiation in a network node along the communication path; and
applying a connection-level congestion control for a case of determining that there is no network node performing traffic differentiation, wherein applying the connection-level congestion control comprises determining a respective aggressiveness parameter for the connection-level congestion control and for a per-stream group congestion control in order to provide higher throughput for the connection-level congestion control than for the per-stream group congestion control in case of no traffic differentiation, wherein the aggressiveness parameter for the per-stream group congestion control comprises an aggregate aggressiveness of all per-stream group congestion controls, and applying the congestion control giving the highest throughput and the connection-level congestion control is applied if

wherein W comprises an overall window size calculated based on an overall packet losses experienced, RTTavg comprises an average round-trip time for packets of the two or more different types of traffic streams, Wi, comprises window sizes for different stream aggregates i, wherein a stream aggregate i comprises one or more traffic type streams grouped together, and RTTi,avg comprises an average round-trip time for packets of the different aggregates i.

US Pat. No. 10,218,619

PROACTIVE BROADCAST CAPACITY ADJUSTMENT FOR FAST NETWORK JOINS

Cisco Technology, Inc., ...

1. A method, comprising:identifying, by a device in a network, an upcoming network formation event;
in response to identifying an upcoming formation event and prior to the upcoming network formation event occurring:
instructing, by the device, one or more nodes in the network to use a network formation broadcast schedule during the upcoming network formation event, wherein in the network formation broadcast schedule increases slot periods within the network formation broadcast schedule to accommodate upcoming network join operations for the upcoming network formation event;
determining, by the device, that a degree of functionality in the network during the upcoming network formation event exceeds a threshold amount, wherein the degree of functionality of the network corresponds to a rate of nodes joining the network during the upcoming network formation event or to a number of critical nodes that have joined the network during the upcoming network formation event; and
in response to determining that the degree of functionality in the network during the upcoming network formation event exceeds the threshold amount, causing, by the device, the one or more nodes to use a normal broadcast schedule, wherein channels of the network formation broadcast schedule are active more frequently than channels of the normal broadcast schedule when in use.

US Pat. No. 10,218,618

METHOD AND APPARATUS FOR PROCESSING OPERATION REQUEST IN STORAGE SYSTEM

HUAWEI TECHNOLOGIES CO., ...

1. A method implemented by a switch, the method comprising:receiving a write request comprising a request identification, wherein the request identification comprises storage strategy information indicating a number of copies of an object;
querying, according to the request identification, a flow table of the switch to obtain a flow table entry matching the write request, wherein
the forwarding rule of the matching flow table entry is formulated according to remaining storage capacity of storage devices; and
forwarding the write request to a plurality of target storage devices of the storage devices according to the forwarding rule of the matching flow table entry.

US Pat. No. 10,218,617

METHOD AND NETWORK DEVICE FOR HANDLING PACKETS IN A NETWORK BY MEANS OF FORWARDING TABLES

NEC CORPORATION, Tokyo (...

1. A method for handling packets in a network by means of forwarding tables, said method comprising:providing a software switching layer for implementing a software forwarding table;
providing a hardware switching layer for implementing at least one of exact matching forwarding tables and wildcard matching forwarding tables; and
redistributing, by using a switch management component for controlling the software switching layer and the hardware switching layer, installed forwarding table entries (FTEs), a particular flow between the software switching layer and the hardware switching layer being matched based on traffic characteristics of the flow.

US Pat. No. 10,218,616

LINK SELECTION FOR COMMUNICATION WITH A SERVICE FUNCTION CLUSTER

Cisco Technology, Inc., ...

1. A method, comprising:receiving, at a service function forwarder (SFF), a first packet comprising a first service function (SF) label;
referencing a label forwarding table to identify a first link for the first SF label;
popping the first SF label from the first packet;
in response to the popping, inserting into the first packet a physical address associated with the first link; and
forwarding the packet to a service function cluster (SFC) via the first link, the SFC being at remote location from the SFF.

US Pat. No. 10,218,615

NETWORK SYSTEM, NETWORK CONTROL METHOD AND CONTROL APPARATUS

NEC Corporation, Tokyo (...

1. An apparatus for controlling a network that includes a plurality of nodes and servers, comprising:a database that stores first information related to links and nodes on the network, and second information related to computing resources of the servers on which virtual network functions can be deployed;
at least one processor; and
a storage medium storing instructions that, when executed, configure the at least one processor to perform operations comprising:
when at least one virtual network function including a first virtual network function is requested, determining possible paths from a first node on the network to servers on which the first virtual network function can be deployed, based on the first information and a network requirement of the first virtual network function, wherein each of the possible paths fulfills the network requirement;
determining a first server from the servers based on the second information and a resource requirement related to computing resources for the first virtual network function, wherein the first server fulfills the resource requirement; and
determining a path between the first node and the first server from the possible paths and deployment of the first virtual network function on the first server.

US Pat. No. 10,218,614

ETHERNET TO SPACEWIRE BRIDGE

Honeywell International I...

13. A bridge device for connecting Ethernet to SpaceWire, the bridge device comprising:a SpaceWire physical interface operative to receive SpaceWire data from a SpaceWire network and to transmit SpaceWire data to the SpaceWire network;
a receiver in operative communication with the SpaceWire physical interface and configured to receive packets of SpaceWire data from the SpaceWire physical interface;
one or more configuration and status registers in operative communication with the receiver;
a descriptor first in first out (FIFO) buffer in operative communication with the receiver and configured to receive descriptor information from the receiver;
a receive FIFO buffer in operative communication with the receiver and configured to receive information from the receiver;
an Ethernet media access controller (MAC) packet builder in operative communication with the descriptor FIFO buffer and the receive FIFO buffer, the Ethernet MAC packet builder operative to receive the SpaceWire data packets from the receive FIFO buffer, the Ethernet MAC packet builder including digital logic for segmentation of each of the SpaceWire data packets into Ethernet compatible packet segments;
an Ethernet media independent interface in operative communication with the Ethernet MAC packet builder and the one or more configuration and status registers, the Ethernet media independent interface configured to output Ethernet data corresponding to the received SpaceWire data, and to receive Ethernet data for transmission to the SpaceWire network;
an Ethernet MAC packet extractor in operative communication with the Ethernet media independent interface and the one or more configuration and status registers, the Ethernet MAC packet extractor configured to receive the Ethernet data from the Ethernet media independent interface and to output error signals to the one or more configuration and status registers, the Ethernet MAC packet extractor including digital logic for performing reassembly of the Ethernet data packets into SpaceWire compatible data packets; and
a transmit data FIFO buffer in operative communication with the Ethernet MAC packet extractor, the transmit data FIFO buffer configured to send data packets to the SpaceWire physical interface for transmission to the SpaceWire network;
wherein the bridge device is configured for communication with an Ethernet MAC, hosted by a processor, without the use of an Ethernet physical interface layer.

US Pat. No. 10,218,613

AUTHORIZING COMMUNICATIONS BETWEEN COMPUTING NODES

Amazon Technologies, Inc....

1. A system comprising:a hardware processor of a first server computing system that hosts a first virtual machine associated with a first virtual network address of a virtual network; and
at least one memory of the first server computing system having stored instructions that, upon execution by the hardware processor, cause the first server computing system to:
receive a first communication from the first virtual machine that is addressed to a second virtual network address for a destination of the first communication;
determine that the first virtual machine is authorized to send at least the first communication to the second virtual network address based at least in part on mapping information for the virtual network that maps the second virtual network address to an associated substrate network address of a second server computing system managing communications for the destination; and
send, based at least in part on determining that the first virtual machine is authorized, a modified communication to the associated substrate network address of the second server computing system, wherein the modified communication includes at least a portion of the first communication and is addressed to the associated substrate network address of the second server computing system.

US Pat. No. 10,218,612

METHOD AND A DEVICE FOR DEFINING IMPLEMENTATION OF A LOOK-UP TABLE FOR A NETWORK ELEMENT OF A SOFTWARE-DEFINED NETWORK

CORIANT OY, Espoo (FI)

1. A device for defining implementation of a first look-up table and a second look-up table for a network element of a software-defined network, the network element comprising hardware for implementing each of the first look-up table and the second look-up table in two or more mutually alternative ways, the device comprising a processing system configured to:receive one or more first data items providing information about one or more look-up keys of the first look-up table,
receive one or more second data items indicating at least one of the following: the maximum number of entries of the first look- up table, an average time between successive look-ups from the first look-up table, an average time between successive modifications of the first look-up table,
select one of the two or more mutually alternative ways to implement the first look-up table on the basis of the hardware available for implementing the first look-up table, the one or more first data items, and the one or more second data items, and
determine the hardware remaining free for implementing the second look-up table after implementation of the first look-up table and to select one of the two or more mutually alternative ways to implement the second look-up table to exist simultaneously with the first look-up table on the basis of the hardware available for implementing the second look-up table and data related to the second look-up table and indicating corresponding information as the one or more first data items and the one or more second data items indicate relating to the first look-up table; and
wherein one or more actions associated with a matching entry of the first look-up table in conjunction with managing a data frame specifying the second look-up table to be used in conjunction with the managing the data frame.

US Pat. No. 10,218,611

LABEL DISTRIBUTION PROTOCOL (LDP) SIGNALED MULTI-PROTOCOL LABEL SWITCHING RINGS

Juniper Networks, Inc., ...

1. A method comprising:outputting, with a plurality of routers connected to form a ring network, a plurality of Label Distribution Protocol messages in accordance with the Label Distribution Protocol (LDP) to establish a multi-protocol label switching (MPLS) ring having a plurality of ring label switched paths (LSPs), each of the ring LSPs configured to transport MPLS packets around the ring network to a different one of the routers operating as an egress router for the respective ring LSP, wherein each of the ring LSPs comprises a multipoint-to-point (MP2P) LSP for which any of the routers within the ring network can operate as an ingress to source packet traffic into the ring LSP for transport to the respective egress router for the ring LSP, and wherein, for each of the ring LSPs, each of the LDP messages output by each of the routers comprises an LDP label mapping message that includes a label binding specifying one or more labels associated with the ring LSP, an identifier of the MPLS ring and an identifier for the respective one of the plurality of routers that operates as the egress for the ring LSP; and
forwarding network traffic as MPLS packets around the ring network in accordance with the ring LSPs.

US Pat. No. 10,218,610

MPLS SEGMENT ROUTING

Cisco Technology, Inc., ...

1. A method comprising:generating, at a first router within a network, a first link-state packet comprising a first data structure, wherein
the first data structure maps a first portcode to
a link connecting the first router within the network, or
a first neighbor router reachable from the first router;
receiving an incoming data packet, wherein
the incoming data packet is encapsulated with a header comprising an incoming portcode stack, and
the incoming portcode stack comprises the first portcode as its uppermost portcode;
removing the first portcode from the incoming portcode stack to create an outgoing portcode stack for an outgoing data packet; and
forwarding the outgoing data packet via a port, of the first router, identified by the first portcode, wherein
an uppermost portcode in the outgoing portcode stack identifies a port of the first neighbor router.

US Pat. No. 10,218,609

METHOD AND DEVICE FOR SYNCHRONIZING INTERFACE PARAMETER

ZTE CORPORATION, Shenzhe...

1. A method for synchronizing an interface parameter, comprising:receiving and recording related information, sent by a remote Terminating Provider Edge (TPE) of a first Pseudo-Wire (PW) in a first PW segment of a Switching Provider Edge (SPE), of the first PW, wherein the related information of the first PW carries an interface parameter of the remote TPE of the first PW, and the interface parameter is used for establishing a Label Switch Path (LSP); and
sending the related information of the first PW to a remote TPE of a second PW segment of the SPE;
receiving and recording related information, sent by a remote TPE of a second PW in the first PW segment of the SPE, of the second PW, wherein the related information of the second PW carries an interface parameter of the remote TPE of the second PW, and the interface parameter is used for establishing an LSP;
sending a signalling withdraw message to the remote TPE of the second PW segment, wherein the signalling withdraw message is used for indicating the remote TPE of the second PW segment to remove an interface parameter received by the remote TPE of the second PW segment;
sending the related information of the second PW to the remote TPE of the second PW segment of the SPE;
wherein before sending the signalling withdraw message to the remote TPE of the second PW segment, the method further comprises:
judging whether the interface parameter of the remote TPE of the first PW carried in the recorded related information is consistent with the interface parameter of the remote TPE of the second PW carried in the recorded related information, wherein the signalling withdraw message is sent to the remote TPE of the second PW segment when it is judged that the interface parameter of the remote TPE of the first PW is inconsistent with the interface parameter of the remote TPE of the second PW.

US Pat. No. 10,218,608

TREE STRUCTURED SPREADING CODES

QUALCOMM Incorporated, S...

1. A method of communication by an apparatus, the method comprising:selecting one or more resources for transmitting data of a first data stream based on an acyclic graph, wherein the selected one or more resources conform to the acyclic graph comprising data streams at odd levels of the acyclic graph and resources at even levels of the acyclic graph, wherein the acyclic graph comprises edges between each level of the acyclic graph, wherein the edges connect the resources allocated to each data stream; and
transmitting the data of the first data stream on the selected one or more resources by spreading the data over the selected one or more resources according to the acyclic graph, thereby utilizing less computational complexity when decoding the first data stream.

US Pat. No. 10,218,607

FLOW DISTRIBUTION USING FABRIC ACCESS TUNNELS

1. A network switch comprising:a processor; and
a memory coupled with the processor, the memory comprising executable instructions that when executed by the processor cause the processor to effectuate operations comprising:
receiving first data from a layer two switch, wherein the first data is from a port on a first virtual local area network (VLAN);
relating the first data to a tunnel context identifier of a virtual private network (VPN) tunnel, wherein the VPN tunnel remotely terminates on at least a first virtual machine and a second virtual machine; and
forwarding the first data through the VPN tunnel based on the tunnel context, wherein the VPN tunnel has a multiple leg connection that comprise:
a first leg of the VPN tunnel between the network switch and the first virtual machine; and
a second leg of the VPN tunnel between the network switch and the second virtual machine, wherein the first virtual machine and the second virtual machine are a virtual anti-spoofing edge.

US Pat. No. 10,218,605

ON-DEMAND CONTROL PLANE REDUNDANCY

Cisco Technology, Inc., ...

1. A computer-implemented method comprising:requesting, by a router to a cloud service, instantiation of a virtual instance of a control plane of the router;
receiving, by the router, confirmation of instantiation of the virtual instance of the control plane;
transferring, to the virtual instance of the control plane, an active state of the control plane;
performing, at the router, offline services; and
in response to completion of the offline services, receiving at the control plane, the active state.

US Pat. No. 10,218,604

ENGINES TO PRUNE OVERLAY NETWORK TRAFFIC

Hewlett Packard Enterpris...

1. A network device to prune overlay network traffic, comprising:a mapping table, to contain a mapping between an underlay network multicast group address and at least one virtual network identifier (VNI) corresponding to an overlay network;
an inspection engine to identify whether a tunneled network packet received at the network device is associated with the multicast group address and a VNI that is contained in the mapping table; and
a forwarding engine to forward the packet according to the multicast group address in response to the VNI being contained in the mapping table, and to discard the packet in response to the VNI not being contained in the mapping table, wherein the network device is an internet protocol (IP) multicast router to extract VNI information from an internet group management protocol (IGMP) message sent from a VxLAN termination endpoint (VTEP) multicast client and embed the VNI information into a protocol-independent multicast (PIM) protocol message to be passed between routers.

US Pat. No. 10,218,603

MULTICAST MESSAGE TRANSLATION IN A NETWORK DEVICE

ABL IP Holding LLC, Atla...

1. A network switch, comprising:a plurality of network interfaces, wherein one of the network interfaces is configured to receive multicast messages from a control console;
a processor;
a memory accessible to the processor; and
a message translator service executed by the processor, the message translator service causing the network switch to:
obtain a configuration for translating a specified destination address of a specified type of multicast message to a different destination address;
receive a message from the control console that includes an instruction for a group of network nodes, wherein the message includes a destination address;
determine that the destination address matches the specified destination address and identifies the message as a multicast message and that the message matches the specified type of multicast message;
generate a broadcast message based upon the multicast message and the configuration, wherein the broadcast message includes a broadcast address used as a destination address for the broadcast message and the broadcast address corresponds to the group of network nodes specified by the configuration; and
transmit the broadcast message from one or more network interfaces specified by the configuration, wherein the broadcast message includes the instruction for the group of network nodes.

US Pat. No. 10,218,602

ESTABLISHING DETERMINISTIC MULTICAST PATHS IN A NETWORK

Cisco Technology, Inc., ...

1. A method comprising:identifying, by an apparatus in a deterministic network, a multicast forwarding tree comprising a single multicast source as a root of the multicast forwarding tree, a plurality of terminal destination devices as respective leaves of the multicast forwarding tree, and forwarding network devices configured for forwarding a message, transmitted by the root, to the terminal destination devices, the multicast forwarding tree including a first multicast path for the message reaching a first of the terminal destination devices and a second multicast path for the message reaching a second of the terminal destination devices, wherein the first multicast path has a first distance from the root to the first terminal destination device and the second multicast path has a second different distance from the root to the second terminal destination device; and
causing, by the apparatus, the forwarding network devices to deliver the message to each of the terminal destination devices, including the first terminal destination device and the second terminal destination device, simultaneously at a same arrival time, guaranteeing both the first terminal destination device and the second terminal destination device receive the message simultaneously at the same arrival time, the causing including scheduling for each forwarding network device a corresponding departure time for transmitting the message to a next-hop device in the multicast forwarding tree.

US Pat. No. 10,218,601

METHOD, SYSTEM, AND COMPUTER PROGRAM PRODUCT FOR CONFIGURING AN ATTRIBUTE FOR PROPAGATING MANAGEMENT DATAGRAMS IN A SWITCHLESS NETWORK

International Business Ma...

1. A method, comprising:maintaining a plurality of nodes in a switchless network, wherein each of the plurality of nodes has at least one host channel adapter for communication;
providing a management datagram that indicates source to destination routes for communication in the plurality of nodes; and
providing an attribute in the management datagram to allow the management datagram to be propagated among the plurality of nodes of the switchless network without being terminated at host channel adapters, wherein the method further comprises:
configuring, by a network driver of a first node, the attribute to indicate that transmission of the management datagram is not to be terminated by a host channel adapter of another node;
transmitting by the network driver of the first node, the management datagram from the first node to a second node via a host channel adapter of the first node;
determining, by a host channel adapter of the second node whether the attribute of the management datagram is configured to indicate that transmission of the management datagram is not to be terminated by the host channel adapter of the second node; and
in response to determining by the host channel adapter of the second node that the attribute of the management datagram is configured to indicate that transmission of the management datagram is not to be terminated by the host channel adapter of the second node, transmitting the management datagram to a network driver of the second node.

US Pat. No. 10,218,600

PATH COMPUTATION ELEMENT HIERARCHICAL SOFTWARE DEFINED NETWORK CONTROL

Futurewei Technologies, I...

1. A parent path computation element (PCE) controller comprising:a memory comprising instructions executable by a processor; and
a processor coupled to the memory and configured to execute the instructions, wherein executing the instructions causes the processor to:
establish a parent-child relationship with at least a first child PCE controller controlling a first domain and a second child PCE controller controlling a second domain by transmitting an Open message to the first child PCE controller and the second child PCE controller, the Open message including a hierarchical software defined network (SDN) control system (HSCS) type-length-value (TLV), the HSCS TLV including a plurality of capability flags configured to convey HSCS capabilities of the parent PCE controller to the first child PCE controller and the second child PCE controller, the capability flags including a Parent Controller flag configured to indicate functionality as a parent PCE controller, a Child Controller flag configured to indicate functionality as a child PCE controller, a Path Segmentsflag configured to indicate support for computing path segments for HSCS, a Tunnel Segment flag configured to indicate support for creating tunnel segments for HSCS, and an E2E flag configured to indicate support for creating and maintaining an E2E label switched path (LSP) tunnel;
receive a request to create an end-to-end (E2E) tunnel crossing the first domain and the second domain, a source of the E2E tunnel located in the first domain, and a destination of the E2E tunnel located in the second domain;
compute a shortest path from the source to the destination through the first domain and the second domain;
transmit a request message to the first child PCE controller for creating a first tunnel segment of the E2E tunnel through the first domain; and
transmit a request message to the second child PCE controller for creating a second tunnel segment of the E2E tunnel through the second domain, the first tunnel segment and the second tunnel segment together forming the E2E tunnel.

US Pat. No. 10,218,599

IDENTIFYING REFERRAL PAGES BASED ON RECORDED URL REQUESTS

Google LLC, Mountain Vie...

1. A method, comprising:receiving, by a computing system, a request from a client device for a first item of content corresponding to a first node of a referral tree, the request having a referrer field identifying a second item of content corresponding to a second node of the referral tree;
determining, by the computing system, that the first node is not connected with the second node;
identifying, by the computing system, a synthetic node of the referral tree connected to the first node;
determining, by the computing system, that the synthetic node is also connected to the second node;
determining, by the computing system, based on the identification, that the client device has retrieved a locally-cached copy of a third item of content associated with the synthetic node of the referral tree without the request for the third item of content transmitted via the computing system, responsive to determining that the first node is not connected to the second node and to determining that the synthetic node is connected to the first node and the second node; and
recording, by the computing system, a request for the third item of content by the client device.

US Pat. No. 10,218,598

AUTOMATIC PARSING OF BINARY-BASED APPLICATION PROTOCOLS USING NETWORK TRAFFIC

Narus, Inc., Sunnyvale, ...

1. A method for analyzing a protocol of a network, comprising:obtaining a plurality of conversations from the network, wherein each of the plurality of conversations comprises a sequence of messages exchanged between a server and a client of the network using the protocol, wherein each message of the sequence of messages comprises a plurality of fields, wherein a field of the plurality field is located, within a corresponding message, at an offset and having a length that are defined by the protocol;
extracting, by a computer processor, content of a candidate field from a message of the sequence of messages in each of the plurality of conversations, wherein the candidate field is located, within the message, at a candidate offset and having a candidate length; and
selecting, by the computer processor, using a pre-determined field selection criterion, the candidate offset from a plurality of candidate offsets as the offset defined by the protocol,
wherein the candidate field comprises a request message candidate field within a request message and a response message candidate field within a response message,
wherein the attribute comprises a difference in contents of the request message candidate field and the response message candidate field, wherein the correlation measure comprises a per-conversation constancy measure of the attribute independent of the content of the candidate field,
wherein selecting the candidate offset as the offset defined by the protocol comprises comparing the randomness measure and the correlation measure to a pre-determined randomness threshold and a pre-determined correlation threshold, respectively, and
wherein the candidate offset is selected as the offset defined by the protocol in response to the randomness measure exceeding the pre-determined randomness threshold and the correlation measure exceeding the pre-determined correlation threshold.

US Pat. No. 10,218,597

PROVIDER NETWORK ADDRESS RANGE-BASED MODELS

Amazon Technologies, Inc....

1. A system, comprising:a provider network comprising a plurality of host devices implementing a plurality of resources, wherein the provider network is configured to provide addresses from a provider network address range to the resources on the provider network;
one or more devices on the provider network, wherein each device comprises one or more hardware processors and memory, configured to:
assign one of the addresses from the provider network address range to one of the plurality of resources;
monitor network traffic to and from the address from the provider network address range assigned to the resource;
apply a first rating model to network traffic between addresses in an address range of a first network external to the provider network and the address from the provider network address range assigned to the resource, to generate provider network usage data specific to the network traffic between the addresses in the address range of the first network external to the provider network and the address from the provider network address range assigned to the resource;
apply a second rating model to network traffic between one or more other networks external to the provider network and the address from the provider network address range assigned to the resource; and
provide an indication of one or more addresses from the provider network address range to the first network external to the provider network.

US Pat. No. 10,218,596

PASSIVE MONITORING AND MEASUREMENT OF NETWORK ROUND TRIP TIME DELAY

Cisco Technology, Inc., ...

1. A method comprising:at a first network element of a communications network:
receiving a first packet corresponding to a first traffic flow from a first end user device to a second end user device at a time T1;
receiving a second packet corresponding to a second traffic flow from the second end user device to the first end user device at a time T2;
calculating by the first network element a difference ?1 between the time T1 and the time T2;
creating a first record including the calculated difference ?1; and
providing the first record to a network collector device,
at a second network element of the communications network different from the first network element:
receiving the first packet at a time T3;
receiving the second packet at a time T4;
calculating by the second network element a difference ?2 between the time T3 and the time T4;
creating a second record including the calculated difference ?2; and
providing the second record to the network collector device,
wherein the network collector device compares the first record with the second record to determine a round trip time delay for the communications network, wherein the round trip time delay is utilized to improve network performance of the communications network.

US Pat. No. 10,218,595

MEASURING NETWORK TRANSIT TIME

Amazon Technologies, Inc....

1. A non-transitory computer-readable medium storing program instructions that when executed on one or more processors of a first computing device cause the one or more processors to:obtain an Internet Protocol (IP) address for individual ones of a plurality of computing devices residing in a computing environment and configured as service endpoints to process service requests;
send a first packet to the individual ones of the plurality of computing devices, wherein the first packet comprises the respective IP address of the individual ones of the plurality of computing devices residing in the computing environment, and the first packet is configured to determine a plurality of network transit times from the first computing device to the individual ones of the plurality of computing devices residing in the computing environment;
receive a second packet from a second computing device of the plurality of computing devices, wherein the second packet includes a processing time indicating a time taken by the second computing device to process the first packet;
in response to receiving the second packet, determine an elapsed time between sending of the first packet and receiving the second packet;
calculate, for the second computing device, a network transit time between the first computing device and the second computing device by subtracting the processing time from the elapsed time; and
send one or more service requests to the second computing device as a selected service endpoint, wherein the selection is based at least in part on calculated network transit times for the second computing device and other ones of the plurality of computing devices.

US Pat. No. 10,218,594

INTERMEDIATE-RANGE MULTI-CHANNEL WIRELESS DEVICE FOR VARIABLE INTERFERENCE ENVIRONMENTS WITH ADAPTIVE REDUNDANCY AND PATIENCE INDICATORS

Hall Labs LLC, Provo, UT...

1. A system of devices operable at intermediate ranges utilizing a set of discrete radio-frequency channels organized into a plurality of base channels and sub-channels assigned to the base channels, the sub-channels providing a range of redundancy options under a base channel, said system providing adaptation for changing conditions of interference in a wireless environment, said system further providing an indication of latency due to an application of higher levels of redundancy, said system comprising:a first and a second wireless devices, each of said devices comprising (i) a radio-frequency transceiver functional for wireless communication over the set of discrete radio-frequency channels, (ii) a non-volatile memory wherein is stored a set of channel parameters corresponding to the set of discrete radio-frequency channels, and (iii) an electronic circuit implementing a state machine immutable to power-transient events;
wherein the state machine of each of said devices is configured to perform the functions of:
(a) initializing electronic circuit and radio-frequency transceiver of the device into a power-on state, the power-on state configuring said radio-frequency transceiver to operate on an initial sub-channel,
(b) setting a base channel, and
(c) configuring the transceiver of the device to operate on a selected sub-channel, where a sub-channel has been selected following the making of an indication of increased redundancy;
further wherein the state machine of at least one of said devices is further configured to perform the functions of:
(d) retaining a badness value for the sub-channel presently configured,
(e) detecting errors in packet communication,
(f) applying accumulation to the badness value where errors are detected,
(g) decaying the badness value where packet transmissions occur without an error detected,
(h) applying an R+ threshold to the badness value, such that where the badness meets or exceeds the R+ threshold an increase in redundancy is indicated, and
(i) where an increase in redundancy is indicated, selecting a sub-channel having increased redundancy than the sub-channel for which said transceiver is presently configured;
wherein the first of said devices has incorporated thereto an indicator viewable from the exterior of said first device; and
further wherein the state machine of said first device is configured to perform the functions of:
(j) determining the output state of said indicator, said determination using as a basis present channel parameters being used in communication with said second device, said determination being correlated to the latency experienced in communication with said second device, and
(k) controlling the state of said indicator using determinations made, such that a person viewing said indicator can discriminate conditions of latency in the communication between said first and second devices.

US Pat. No. 10,218,593

IDENTIFYING SOURCES OF PACKET DROPS IN A SERVICE FUNCTION CHAIN ENVIRONMENT

CISCO TECHNOLOGY, INC., ...

15. A service function forwarder network element of a service function chain, the service function forwarder comprising:at least one memory element having instructions stored thereon;
at least one processors coupled to the at least one memory element and configured to execute the instructions to cause the service function forwarder network element to:
receive a data packet from a service function in response to the data packet comprising a first bit set to indicate that a packet is to be monitored and a second bit set to indicate that a packet is to be dropped;
generate, in response to receipt of the data packet, an Internet Control Message Protocol (ICMP) message, the ICMP message comprising a destination address for the ICMP message identified from the data packet;
transmit the ICMP message to the destination address; and
drop the data packet from the service function chain;
wherein the ICMP message represents a communication to the destination address that the drop of the data packet was intentional.

US Pat. No. 10,218,592

METHOD, DEVICE AND SYSTEM FOR PERFORMING BIDIRECTIONAL FORWARDING DETECTION ON AGGREGATED LINK

HUAWEI TECHNOLOGIES CO., ...

1. A method for performing bidirectional forwarding detection (BFD) on an aggregated link between a first network device and a second network device, wherein the aggregated link exists between a first aggregated port of the first network device and a second aggregated port of the second network device, wherein the first aggregated port comprises a first port and a second port, wherein the second aggregated port comprises a third port and a fourth port, and wherein the method comprises:sending, by the first network device to the second network device, information used to establish at least two BFD sessions, wherein the information comprises information about the first aggregated port, information about the second aggregated port, an identifier of the first port, a session identifier associated with the identifier of the first port, an identifier of the second port, and a session identifier associated with the identifier of the second port, wherein the session identifier associated with the identifier of the first port is used to identify a BFD session that is to be established on the first port, and wherein the session identifier associated with the identifier of the second port is used to identify a BFD session that is to be established on the second port;
storing, by the first network device, the information that is used to establish the at least two BFD sessions and that is sent to the second network device;
receiving, by the first network device, information that is used to establish at least two BFD sessions and sent by the second network device, wherein the information sent by the second network device comprises the information about the second aggregated port, the information about the first aggregated port, an identifier of the third port, a session identifier associated with the identifier of the third port, an identifier of the fourth port, and a session identifier associated with the identifier of the fourth port, wherein the session identifier associated with the identifier of the third port is the same as the session identifier associated with the identifier of the first port, wherein the session identifier associated with the identifier of the fourth port is the same as the session identifier associated with the identifier of the second port, wherein the session identifier associated with the identifier of the third port is used to identify a BFD session that is to be established on the third port, and wherein the session identifier associated with the identifier of the fourth port is used to identify a BFD session that is to be established on the fourth port;
establishing, by the first network device, a BFD session between the first port and the third port and a BFD session between the second port and the fourth port according to the stored information and the information sent by the second network device; and
determining, by the first network device, that the aggregated link is available when at least one BFD session in the established BFD sessions is up.

US Pat. No. 10,218,591

EMBEDDED PERFORMANCE MONITORING OF A DBMS

Oracle International Corp...

1. A computer-implemented method, comprising steps of:a DBMS receiving an HTTP request from a monitoring client for performance monitoring data related to the DBMS; and
in response to receiving said HTTP request:
retrieving performance metrics of the DBMS through a shared database session from a shared pool of sessions of the DBMS;
based at least in part on the performance metrics, said DBMS generating said performance monitoring data that includes: performance information regarding one or more database statements executed by said DBMS, performance information regarding overall system performance of said DBMS, or performance information regarding one or more database sessions of said DBMS; and
said DBMS transmitting said performance monitoring data to said monitoring client.

US Pat. No. 10,218,590

SUBSCRIBER-AWARE TWAMP DATA MONITORING IN COMPUTER NETWORKS

Juniper Networks, Inc., ...

1. A method comprising:establishing a control connection between a two-way active measurement protocol (TWAMP) control client and a TWAMP server;
negotiating, by the TWAMP control client and the TWAMP server over the control connection, a data session between a TWAMP session sender executed on a first network device and a TWAMP session reflector executed on a second network device, wherein negotiating the data session includes specifying a subscriber identifier to an individual subscriber of a service provider network; and
exchanging one or more TWAMP test packets for the data session between the TWAMP session sender and the TWAMP session reflector, each of the one or more TWAMP test packets including the subscriber identifier of the subscriber.

US Pat. No. 10,218,589

EFFICIENT RESOURCE STATUS REPORTING APPARATUSES

Innovium, Inc., San Jose...

1. A networking apparatus comprising:communication hardware interfaces coupled to one or more networks, the communication hardware interfaces configured to receive and send messages;
a switching subsystem configured to process routable messages received over the communication hardware interfaces;
a tracking subsystem configured to track resources used by the apparatus while processing the routable messages, at least by tracking an aggregate count of resources assigned for each object in a first set of objects, each object in the first set corresponding to one of: an ingress port, egress port, processing queue, or group of ports;
a status update system configured to update resource status information for each object in the first set by comparing a current aggregate count of resource assignments for the object to one or more thresholds for the object, the resource status information including a priority indicator indicating whether the object has a priority status;
a reporting subsystem configured to send, to a receiver, granular measures of resource assignments for priority objects within the first set, the priority objects being objects that currently have the priority status, each of the granular measures for a particular object reflecting how many resources have been assigned to a different combination of the particular object with another object in a second set of objects;
wherein the reporting subsystem is further configured to send the granular measures of resource assignments for the priority objects more frequently than granular measures of resource assignments for other objects in the first set that do not have the priority status.

US Pat. No. 10,218,588

SYSTEMS AND METHODS FOR MULTI-STREAM PERFORMANCE PATTERNIZATION AND OPTIMIZATION OF VIRTUAL MEETINGS

Quest Software Inc., Ali...

1. A method comprising, by a computer system:receiving a virtual meeting request in relation to a set of input parameters, the input parameters identifying at least one user and one or more communications platforms;
identifying virtual meetings previously mediated by the one or more communications platforms;
determining attributes of the virtual meetings;
collecting time-indexed performance data of individual media streams of the virtual meetings;
individually correlating the time-indexed performance data to at least a portion of the attributes of the virtual meetings on a per virtual-meeting basis;
selecting one or more virtual-meeting attributes in correspondence to at least a portion of the set of input parameters;
extracting, from the collected time-indexed performance data, multi-stream performance data of those of the individual media streams that have the one or more virtual-meeting attributes;
correlating the multi-stream performance data to a time map comprising a plurality of recurring time intervals;
determining aggregate multi-stream performance, in relation to the time map, of those of the individual media streams that have the one or more virtual-meeting attributes;
generating a time-based performance pattern of those of the individual media streams that have the selected one or more virtual-meeting attributes based, at least in part, on the aggregate multi-stream performance;
identifying based, at least in part, on the time-based performance pattern, a suggested meeting time interval, wherein the suggested meeting time interval corresponds to a recurring time interval of the time map that has a comparatively high stream quality;
facilitating scheduling of a virtual meeting on the one or more communications platforms at the suggested meeting time interval; and
executing a virtual meeting on the one or more communications platforms during the suggested meeting time interval.

US Pat. No. 10,218,587

TRANSPARENTLY TRACKING PROVENANCE INFORMATION IN DISTRIBUTED DATA SYSTEMS

International Business Ma...

1. A method for tracking provenance information, comprising:configuring one or more provenance reporting settings of an instrumented application during runtime of the instrumented application, wherein overwritten library call instructions in the instrumented application provide library calls to one or more instrumented libraries that invoke a provenance layer to track data operations of the instrumented application, and wherein the overwritten library call instructions replace original library call instructions to an original library;
catching and logging data events performed by the instrumented application at the provenance layer with a processor in accordance with the one or more provenance reporting settings; and
creating a provenance log that includes the logged data events.

US Pat. No. 10,218,586

SYSTEM AND METHOD FOR ENABLING THE CAPTURE AND SECURING OF DYNAMICALLY SELECTED DIGITAL INFORMATION

Owl Cyber Defense Solutio...

1. A system for monitoring a channel passing information, the information including an identifying designation, comprising:a channel monitor having an input coupled to an information channel and an output, the channel monitor configured to provide on the output all information passing on the information channel, the information including an identifying designation;
a manifest engine having a first input coupled to the output of the channel monitor to receive the information passing on the information channel, a second input configured to receive an information manifest table and an output, the information manifest table having at least one identifying designation, the manifest engine configured to compare information received on the first input with the at least one identifying designation in the information manifest table and to provide on the output only that information having an identifying designation that matches an identifying designation included within the information manifest table; and
a storage server coupled to the output of the manifest engine and configured to receive and store information provided on the output of the manifest engine.

US Pat. No. 10,218,585

CONTAINER HOST DISCOVERY

Red Hat, Inc., Raleigh, ...

1. A method, comprising:translating a host definition parameter into a host definition rule, wherein the host definition rule comprises an identifier of the host definition parameter and a threshold value of the host definition parameter;
transmitting, to a host management service employed to manage at least one of: a plurality of host computer systems or a plurality of virtual machines running on one or more host computer systems, a host discovery request comprising the host definition rule, wherein transmitting the host discovery request is performed periodically until the request is fulfilled by the host management service;
receiving, from the host management service, an identifier of a host that satisfies the host definition rule; and
providing the identifier of the host to a container orchestration service employed to instantiate and run, on one or more hosts, a plurality of containerized applications.

US Pat. No. 10,218,584

FORWARD-BASED RESOURCE DELIVERY NETWORK MANAGEMENT TECHNIQUES

Amazon Technologies, Inc....

1. A computer-implemented method for managing a resource delivery network including a plurality of partitions, the computer-implemented method comprising:determining a connection failure between a first partition and a second partition of the resource delivery network;
electing one server of a plurality of servers of the first partition as a master for the first partition;
reconfiguring one or more other servers of the plurality of servers to route write requests to the master, wherein the master uses a different machine identifier to identify a log of the write requests after election of the master;
tracking the write requests to a data store associated with the master;
propagating the write requests to the one or more other servers;
determining that a connection between the first partition and the second partition has been restored;
determining that one or more resources written to the data store since the connection failure are newer than corresponding resources in the second partition; and
propagating the one or more resources to the second partition.

US Pat. No. 10,218,583

COMPUTING SYSTEM WITH OFF-LOAD PROCESSING FOR NETWORKING RELATED TASKS

Intel Corporation, Santa...

1. A method comprising:executing a service selection method on an off-load processor of a computing system, the executing of the service selection method being performed while a main central processing unit (CPU) of the computing system is in a low power state, the service selection method including:
selecting an available network service to handle traffic sent to and from a handheld device; and
maintaining a table within a memory in communication with the off-load processor, the memory having an entry that correlates the available network service with an identity of the handheld device, the identity to be used to communicate with the handheld device.

US Pat. No. 10,218,582

NOTIFICATIONS WITH INPUT-BASED COMPLETION

Apple Inc., Cupertino, C...

1. A method for presenting notifications, the method comprising, at a first application on a computing device:for each application of a plurality of applications installed on the computing device:
querying the application for an indication of one or more types of input data that the application is capable of providing to the first application, and
adding the one or more types of input data to a collection of types of input data managed by the first application;
receiving a request to establish a reminder associated with notification criteria wherein the request indicates a selection of a type of input data from the collection of types of input data; and
in conjunction with determining that the notification criteria are satisfied:
displaying a notification that includes a user interface (UI) input object that corresponds to the type of input data indicated by the selection, wherein the type of input data is provided to the first application by a second application that provides the type of input data, sending an inter-process communication to the second application, wherein the inter-process communication causes the second application to carry out an initialization procedure for providing the type of input data, and
in conjunction with receiving the selection of the UI input object:
receiving input data from the second application,
associating the input data with the notification, and
hiding the notification.

US Pat. No. 10,218,581

GENERATION OF NETWORK-ON-CHIP LAYOUT BASED ON USER SPECIFIED TOPOLOGICAL CONSTRAINTS

NETSPEED SYSTEMS, San Jo...

1. A method, comprising:projecting Network on Chip (NoC) elements of a NoC to a grid layout based on specified topological information; and
automatically generating the NoC from the projection of the NoC elements to the grid layout;
wherein the projecting NoC elements of the NoC to the grid layout based on the specified topological information comprises:
projecting a plurality of routers and a plurality of links, and a plurality of NoC agents onto a heterogeneous grid layout based on one or more constraints for one or more layers of the NoC and the specified topological information, wherein grid sizes of the heterogeneous grid layout are derived from the specified topological information;
converting the heterogenous grid layout to a grid layout having equal widths through projecting an auto-determined grid on the plurality of routers, the plurality of links, and the plurality of NoC agents according to the specified topological information;
providing traffic between the plurality of NoC agents; and
mapping the traffic to the NoC.

US Pat. No. 10,218,580

GENERATING PHYSICALLY AWARE NETWORK-ON-CHIP DESIGN FROM A PHYSICAL SYSTEM-ON-CHIP SPECIFICATION

NETSPEED SYSTEMS, San Jo...

1. A method, comprising:automatically generating a physically aware Network on Chip (NoC) design, based on a System on Chip (SoC) architecture, physical information of the SoC and SoC traffic specification;
automatically generating physical information associated with one or more elements of the NoC design;
updating the physical information of the SoC based on the physical information associated with the one or more elements of the NoC design; and
generating a SoC from the updated physical information of the SoC;wherein the automatically generating the physically aware NoC design comprises:using the physical SoC information and the SoC traffic specification to automatically generate one or more NoC bridges, one or more NoC routers and one or more NoC channels at allowable SoC physical positions,
configuring orientations and interface signals for the one or more NoC routers based on placement of the one or more NoC routers at the allowable SoC physical positions, and
interconnecting SoC agents, the one or more NoC routers, and the one or more NoC bridges with the one or more NoC channels such that performance requirements from the SoC traffic specification are satisfied.

US Pat. No. 10,218,579

TENSOR-BASED FRAMEWORK FOR ANALYZING HIGH VELOCITY LARGE-SCALE NETWORK ACTIVITIES TO INFER LATENT MESOSTRUCTURES AND IMPORTANT NODES

HRL Laboratories, LLC, M...

1. A system for analyzing network activities in a network comprising interacting nodes, the system comprising:one or more processors and a non-transitory computer-readable medium having executable instructions encoded thereon such that when executed, the one or more processors perform operations of:
representing each pair of node interactions between nodes in the network with a tensor, wherein the nodes represent users in the network;
for each pair of node interactions, inferring a mesostructure using tensor decomposition of the tensor, resulting in a plurality of inferred mesostructures;
determining a temporal network structure representing each pair of node interactions using a set of parameters generated from the tensor decomposition, resulting in a plurality of temporal network structures;
predicting at least one future data cascade in the network using the plurality of temporal network structures;
identifying at least one too node in the network; and
influencing the user associated with the at least one top node to advocate a commercial product to the other users in the network.

US Pat. No. 10,218,578

METHOD FOR CONTROLLING A MANAGEMENT DEVICE AND RELATED DEVICE

HUAWEI TECHNOLOGIES CO., ...

1. A method for controlling a management device, comprising:receiving, by a virtual master device deployed in a cloud terminal device, a data processing instruction;
selecting, by the virtual master device, N2 entity subdevices from N1 entity subdevices according to a set policy; and
instructing the selected N2 entity subdevices to perform data processing based on the data processing instruction,
wherein N1 and N2 are positive integers, N2 is less than or equal to N1, the virtual master device and the N2 entity subdevices are of a same device type, and the N1 entity subdevices are one of deployed in the cloud terminal device and connected to the cloud terminal device,
wherein the data processing instruction comes from an application program, and
wherein selecting the N2 entity subdevices from the N1 entity subdevices according to the set policy comprises one of:
selecting, from the N1 entity subdevices, N2 entity subdevices that a usage priority of the application program is highest; or
selecting, from the N1 entity subdevices, N2 currently unused entity subdevices that the usage priority of the application program is highest.

US Pat. No. 10,218,577

SYSTEMS AND METHODS FOR MAPPING AND VISUALIZING A WIRELESS MESH NETWORK

SCHNEIDER ELECTRIC IT COR...

1. A system for mapping a mesh network, the system comprising:a memory; and
at least one processor coupled to the memory and configured to:
receive at least one network data packet from at least one network device in the mesh network, the at least one network data packet including information descriptive of a connection strength that includes a measured signal strength of a wireless received signal between the at least one network device and one or more other network devices in the mesh network;
build a map of the mesh network including a representation of the at least one network device using the signal strength information contained in the at least one network data packet;
display the map on a user interface, including a representation of the signal strength between the at least one network device and the one or more other network devices in the mesh network;
log the at least one network data packet;
detect, by analyzing information contained in the at least one network data packet, a change in the mesh network; and
issue an alert in response to the change.

US Pat. No. 10,218,576

CONTROLLED BANDWIDTH EXPANSION IN COMPRESSED DISAGGREGATED STORAGE SYSTEMS

Amazon Technologies, Inc....

1. A method comprising:receiving, from a client, a read request for reading compressed data;
obtaining the compressed data from a storage device, wherein the compressed data is stored in multiple storage units, wherein the storage units are block storage units or object storage units;
obtaining, for each of the storage units of the compressed data:
a compressed size for the storage unit; and
an uncompressed size for the storage unit;
generating network packet content for network packets, the network packet content comprising, for each of the storage units of the compressed data:
the storage unit having the compressed size; and
padding for the storage unit, the padding having a padding size equal to a difference between the compressed and uncompressed sizes of the storage unit; and
providing the network packet content for sending in network packets to the client, wherein the network packet content is stored in payload areas of the network packets.

US Pat. No. 10,218,575

PROVISION, CONFIGURATION AND USE OF A TELECOMMUNICATIONS NETWORK

BAE SYSTEMS plc, London ...

1. A method of configuring a telecommunications network, the method comprising:receiving, by a computing device from a first data store, a set of time dependent network data, a network related parameter varying with time;
identifying, by the computing device, abnormal data within the set of time dependent network data that is outside a predetermined variation in the set of data;
receiving, by the computing device from a second data store, a set of external event data indicative of events external to the telecommunications network;
associating, by the computing device, respective abnormal data with the corresponding external event data;
generating, by the computing device, a model representing an impact of a class of event represented by the external event data on the telecommunications network;
using the model in combination with extrapolated data to predict, by the computing device, a future variation in the network related parameter; and
causing the computing device to reconfigure the network using the future variation in the network related parameter corresponding to the respective set of time dependent network data, the set of external event data, or both.

US Pat. No. 10,218,574

DETECTING SOFTWARE MISCONFIGURATION AT A REMOTE MACHINE

Palantir Technologies Inc...

1. A system comprising:one or more processors; and
a memory comprising instructions which, when executed by the one or more processors, cause the one or more processors to perform operations comprising:
accessing, from a data repository, a plurality of antipatterns, each antipattern relating to a possible misconfiguration of a remote computer system, each antipattern including software that searches the remote compute system for a misconfiguration, a performance problem or a security issue and returns an output representing the misconfiguration, the performance problem or the security issue discovered at the remote computer system;
accessing data of the remote computer system;
running the plurality of antipatterns on the data of the remote computer system to determine one or more misconfigurations of the remote computer system; and
providing, as a digital transmission to at least a second data repository and an administrator client device, an additional output representing the determined one or more misconfigurations of the remote computer system, wherein the additional output representing the determined one or more misconfigurations of the remote computer system is stored in the second data repository, and wherein the additional output causes display, at the administrator client device, of an antipattern summary interface, the antipattern summary interface indicating a first number of hosts, including the remote computer system, to which a given antipattern from the plurality of antipatterns is applicable and a second number of hosts impacted by the determined one or more misconfigurations.

US Pat. No. 10,218,573

SYSTEM AND METHOD FOR DISCOVERING CONFIGURATIONS OF LEGACY CONTROL SYSTEMS

Honeywell International I...

1. A system comprising:at least one processor configured to:
identify multiple nodes coupled to at least one network of an industrial plant,
wherein each node includes one or more checkpoint files that represent a collection of configuration data;
generating a memory layout from the configuration data for the node;
obtain configuration data from each of the nodes;
generate header information by identifying a node number of the node and an internal entity identification;
access the checkpoint file of the node and identifying the offset in said checkpoint file to generate a node specific configuration;
parse the configuration data to extract specified information from the configuration data; and
store the extracted specified information in a specified format.

US Pat. No. 10,218,572

MULTIPROTOCOL BORDER GATEWAY PROTOCOL ROUTING VALIDATION

CISCO TECHNOLOGY, INC., ...

1. A system comprising:one or more processors; and
at least one computer-readable storage medium having stored therein instructions which, when executed by the one or more processors, cause the system to:
retrieve implemented Multiprotocol Border Gateway Protocol (MP-BGP) configuration data from at least one node in a network fabric, wherein the at least one node includes a spine node that is a route reflector, and wherein the implemented MP-BGP configuration data comprises an assignment of which nodes in the network fabric the route reflector is to disseminate new external routes with an L3OUT prefix;
retrieve reference MP-BGP configuration data generated from a logical model;
compare the implemented MP-BGP configuration data with the reference MP-BGP configuration data;
determine that there is a misconfiguration of the implemented MP-BGP configuration data based on comparing the implemented MP-BGP configuration data with the reference MP-BGP configuration data;
generate an event specifying the misconfiguration, wherein the event is associated with an event type;
calculate, based on the event, a health score for one or more endpoints; and
perform an assurance operation based on the event.

US Pat. No. 10,218,571

FLEXIBLE CHANNEL COORDINATION FOR MULTIPLE OPTICAL CARRIER OPTICAL NETWORKS

Verizon Patent and Licens...

1. A method, comprisingcoordinating, by one or more management systems, a first wavelength configuration pattern of a plurality of multi-wavelength optical transport nodes in an optical network for a first transport period, wherein the first wavelength configuration pattern comprises multiple optical wavelengths having first switched paths through a first reconfigurable optical add/drop multiplexer (ROADM) of the plurality of multi-wavelength optical transport nodes;
determining, by the one or more management systems, data traffic demand changes in the optical network; and
coordinating, by the one or more management systems, a second wavelength configuration pattern of the plurality of multi-wavelength optical transport nodes in the optical network for a second transport period that is subsequent to the first transport period, based on the determined data traffic demand changes.

US Pat. No. 10,218,570

CLIENT APPLICATION ADAPTATION METHOD, TERMINAL DEVICE, AND SYSTEM

Tencent Technology (Shenz...

1. A client application adaptation method, comprising:at a terminal device having one or more processors and memory storing programs executed by the one or more processors:
obtaining model identifier information of the terminal device;
sending the model identifier information to an adaptation server for the adaptation server searching a preset model adaptation database for corresponding model adaptation information according to the model identifier information;
receiving the model adaptation information returned by the adaptation server, wherein the model adaptation information comprises multiple pieces of device information of the terminal device in which a client application is located;
obtaining, according to a target logic function of the client application which includes at least one of a video chat function, an image and video function, or a game voice function, at least one piece of device information corresponding to the target logic function from the model adaptation information; and
executing the target logic function on the client application according to the at least one piece of device information corresponding to the target logic function.

US Pat. No. 10,218,569

DISTRIBUTED STORAGE QUOTA ENFORCEMENT

Microsoft Technology Lice...

1. A distributed computing system for controlling access to an external storage, comprising:a quota database for storing usage information for the external storage;
an activation service for configuring an application to run on a machine in the distributed computing system, the activation service configured to retrieve the usage information related to the application's access to the external storage; and
a remote storage driver on the machine, the remote storage driver configured to provide access to the external storage and to receive the usage information from the activation service, wherein the remote storage driver enforces external storage quotas by restricting access if the application's usage exceeds a preset quota.

US Pat. No. 10,218,568

METHOD AND A DEVICE FOR PROVISIONING CONTROL PLANE IN MULTI-TECHNOLOGY NETWORK

TELEFONAKTIEBOLAGET LM ER...

1. A method of provisioning a control plane in a multi-technology network in response to a first connection request from a client, the method comprising:receiving the first connection request at a control plane dispatcher;
analysing said first connection request;
selecting a control plane from a plurality of control planes at the disposal of the dispatcher based on results of the analysis and characteristics of the plurality of control planes at the disposal of the dispatcher in the multi-technology network,
wherein the step of analysis comprises assessing whether there are service-related requirements associated with said first connection request and if so, taking the service-related requirements into consideration when performing the step of selecting.

US Pat. No. 10,218,567

GENERATING AN IDENTIFIER FOR A DEVICE USING APPLICATION INFORMATION

Google LLC, Mountain Vie...

1. A method for identifying a mobile device, the method comprising:identifying, by a first mobile device, a first plurality of applications installed on the first mobile device;
identifying a name and an installation date of each of the first plurality of applications;
calculating a first clock skew of the first mobile device relative to a reference clock;
generating a first identifier for the mobile device based on hashing the name and the installation date of each of the first plurality of applications installed on the first mobile device and based on hashing the calculated first clock skew;
transmitting, by the mobile device to a server, a data request and the generated first identifier for the first mobile device; and
receiving, by the mobile device, data, the data determined by the server based on the server determining a second identifier generated by a second mobile device with a second plurality of applications installed on the second mobile device does not match the first identifier because the second mobile calculated a second clock skew and the second identifier was generated based on the name and the installation date of each of the second plurality of applications installed on the second mobile device and based on the calculated second clock skew, wherein names of the second plurality of applications are the same as the identified names of the first plurality of applications.

US Pat. No. 10,218,566

PROACTIVE INPUT METHOD ENGINE MANAGEMENT FOR EDGE SERVICES BASED ON CROWDSOURCING DATA

International Business Ma...

1. A method for preemptively deploying input method engines (IMEs) within a data communication network to computing devices in proximate relation to users of the IMEs, the method comprising:receiving software logic data indicating rules for deploying IMEs to a first computing device in a data communication network, the rules indicating a set of threshold conditions for deploying IMEs to the first computing device;
receiving a software data structure identifying configuration preferences of a user of IMEs, the configuration preferences associating the user with a configuration of one or more IMEs;
identifying, based on the configuration preferences, a first IME deployed to execute on the first computing device, wherein the first IME was deployed to execute on the first computing device in response to the user's access to the first IME through the first computing device satisfying at least one of the set of threshold conditions;
determining, based on the configuration preferences, that the user will access the first IME through a second computing device in the future;
deploying the first IME to second computing device before the future access;
determining that the user is a first member of a group of users, wherein the configuration preferences associate the group of users with a configuration of the first IME;
determining, based on the configuration preferences, that a second member of the group of users will access the first IME through a third computing device in the future; and
deploying the first IME to the third computing device before the future access.

US Pat. No. 10,218,565

UNCONDITIONAL AND IMMEDIATE SERVICE CAPABILITIES FOR RULE BASED SERVICES

Telefonaktiebolaget LM Er...

1. A method of controlling user changeable IP Multimedia Subsystem, IMS, service rules associated with a user of a user equipment, UE, wherein the service rules are defined within an Extensible Markup Language, XML, document and maintained within the IMS network, the method comprising:requesting the service rules associated with the user from an XML Data Management Server, XDMS, over a Ut interface of the IMS network;
receiving over the Ut interface, the XML document or a fragment thereof comprising a plurality of informational elements identifying whether a corresponding service rule is changeable by the user of the UE, wherein at least one of the informational elements corresponds to a first unconditional or immediate based service rule to which user changes are allowed and a second unconditional or immediate based service rule to which user changes are not allowed, the informational element(s) for each of said first and second unconditional or immediate based service rules including an indication that specifies the conditions for whether changes to said unconditional or immediate based service rule is allowed and/or disallowed, and wherein the indication comprises either a first value indicating the corresponding service rule is changeable by the user of the UE or a second value indicating the corresponding service rule is not changeable by the user of the UE;
interpreting said informational elements and said indication(s) for said first and second unconditional or immediate based service rules, and displaying said first and second unconditional immediate based service rules to the user on the UE together with an indication of whether the corresponding service rules are changeable by the user of the UE;
receiving user defined service rule information, wherein the user defined service rule information include changes to the first unconditional or immediate based service rules rule associated with the user of the UE; and
validating the user defined service rule information to determine the allowable changes to the associated service rules; and
transmitting to the XDMS, over the Ut interface, the allowable user defined service rule information for use by the IMS network in updating the first unconditional or immediate based service rules rule associated with the user of the UE.

US Pat. No. 10,218,564

UNIFIED REPLICATION MECHANISM FOR FAULT-TOLERANCE OF STATE

NICIRA, INC., Palo Alto,...

1. A network control system for managing a plurality of forwarding elements that forward data messages in a network, the system comprising:a first controller instance executing on a first computing device and maintaining forwarding state data that represents a forwarding state of a set of forwarding elements of the plurality of forwarding elements, the first controller instance for (1) managing the set of forwarding elements, and (2) modifying the forwarding state data when the first controller instance receives configuration data that modifies the forwarding state of at least one forwarding element in the set of forwarding elements; and
a second controller instance executing on a second computing device, said second controller instance for (1) receiving from the first controller instance, when the modification of the forwarding state data at the first controller instance reaches a fixed point, backup data comprising only a first portion of the modified forwarding state data, (2) computing a second portion of the modified forwarding state data from the received first portion, and (3) storing the second portion of the modified forwarding state data in order to serve as a backup controller instance to the first controller instance for managing the set of forwarding elements.

US Pat. No. 10,218,563

MONITORING CONNECTIONS FOR DATA COMMUNICATIONS

INTERNATIONAL BUSINESS MA...

1. A computer-implemented method comprising:monitoring a communication of data from a device over a connection;
obtaining a data sample having at least a minimum sample size that is statistically representative of a typical operation of the connection and responsively determine a statistical value as an historical connection performance parameter for the connection;
determining a current connection performance parameter for the connection, based on the monitoring;
comparing the current connection performance parameter with a predetermined threshold, and
determining that the connection is degraded if the current connection performance parameter is less than or equal to the predetermined threshold, wherein a degraded condition indicates that the connection has a reduced average data communication rate and that the connection is still active;
in response to determining that the connection is degraded:
determining whether a predefined alert condition is satisfied;
based on a determination that the predefined alert condition is satisfied, providing the alert to a user, and
based on a determination that the predefined alert condition is not satisfied, performing additional monitoring of the communication of data from the device over the connection to determine an updated current connection performance parameter,
wherein the predetermined threshold is a fixed percentage of the historical connection performance parameter for the connection and wherein the fixed percentage is in a range of five to thirty percent.

US Pat. No. 10,218,562

PARSING AND OPTIMIZING RUNTIME INFRASTRUCTURE ALERTS

Bank of America Corporati...

1. A computing platform, comprising:at least one processor;
a communication interface communicatively coupled to the at least one processor; and
memory storing computer-readable instructions that, when executed by the at least one processor, cause the computing platform to:
receive, via the communication interface, from a server controller device associated with server infrastructure, first alert information identifying a first set of alerts associated with the server infrastructure;
apply a pre-analyzer filter to the first alert information identifying the first set of alerts associated with the server infrastructure to obtain a first filtered set of alerts associated with the server infrastructure;
identify first alert trends associated with the server infrastructure based on the first filtered set of alerts associated with the server infrastructure;
identify first alert drifts associated with a first set of applications hosted by the server infrastructure based on the first filtered set of alerts associated with the server infrastructure;
generate a first set of new alert rules based on the first alert trends associated with the server infrastructure and the first alert drifts associated with the first set of applications hosted by the server infrastructure;
store first updated configuration settings incorporating the first set of new alert rules generated based on the first alert trends associated with the server infrastructure and the first alert drifts associated with the first set of applications hosted by the server infrastructure; and
send, via the communication interface, to an administrative computing device, a first set of verified alerts based on the first updated configuration settings incorporating the first set of new alert rules.

US Pat. No. 10,218,561

COMMUNICATIONS SYSTEM, CONTROL APPARATUS, AND NETWORK MANAGEMENT SERVER

HUAWEI TECHNOLOGIES CO., ...

1. A communications system, comprising:a control apparatus;
multiple remote apparatuses; and
a network management server;
wherein the control apparatus communicates with the multiple remote apparatuses, and wherein the control apparatus controls data aggregation of outgoing data from the multiple remote apparatuses and further controls distribution of incoming data to the multiple remote apparatuses;
wherein the control apparatus is configured to communicate with the network management server; and
wherein the network management server and the control apparatus are configured to transmit management data and feedback data according to a preset solution and using a unified interface, so that the control apparatus and the multiple remote apparatuses are presented as only one network element to the network management server.

US Pat. No. 10,218,560

CENTRALIZED TROUBLESHOOTING TOOL IN DISTRIBUTED VIRTUAL NETWORK

NICIRA, INC., Palo Alto,...

1. A method for dynamically defining a response time to a debug command and reporting errors when no response is received within the dynamically defined response time, the method comprising:periodically transmitting heartbeat commands to a plurality of physical endpoints (PEs) in a network and receiving heartbeat responses from the plurality of PEs;
after receiving a response to the heartbeat command from each PE of the plurality of PEs, recording a heartbeat response time for the PE;
transmitting a debugging command to a particular PE in the plurality of PEs, defining a command timeout timer that has a duration that is dynamically determined based on the recorded heartbeat response time of the said particular PE, and starting the command timeout timer; and
reporting an error when said particular PE fails to respond to the debugging command before the command timeout timer times out.

US Pat. No. 10,218,559

DATA TRANSMISSION METHOD AND APPARATUS

Huawei Technologies Co., ...

1. A data sending method, comprising:encapsulating, by a terminal device, media access control (MAC) payloads, each corresponding to a different one of a plurality of receiving devices, in a MAC packet data unit (PDU), wherein the MAC PDU comprises a MAC header followed by the MAC payloads, the MAC header comprises a plurality of contiguous subheaders, each subheader in the plurality of subheaders corresponds to a different MAC payload in the MAC payloads, each subheader comprises a plurality of fields, a specific field of the plurality of fields carries identification information of a corresponding receiving device in the plurality of receiving devices, the MAC payloads comprise at least one kind of a MAC control element (CE) and a MAC service data unit (SDU) and do not comprise another MAC header, subheaders corresponding to a MAC CE have a different format than subheaders corresponding to a MAC SDU, the MAC payloads are contiguous without any intervening MAC header between adjacent MAC payloads, and the identification information of each receiving device is for identifying the corresponding receiving device; and
sending, by the terminal device, the MAC PDU to the plurality of receiving devices to be parsed by the plurality of receiving devices according to the identification information of each receiving device and the MAC header.

US Pat. No. 10,218,558

MEDIA ACCESS CONTROL MECHANISM IN A WIRELESS DEVICE

Ofinno Technologies, LLC,...

1. A method comprising:receiving, by a wireless device, one or more messages comprising configuration parameters for a first logical channel in a plurality of logical channels, wherein the configuration parameters indicate a first mapping restriction of the first logical channel to at least one first radio resource type of a plurality of radio resource types, the at least one first radio resource type indicating one of a licensed radio resource type or an unlicensed radio resource type;
receiving, by the wireless device, an uplink grant indicating radio resources of a radio resource type in the plurality of radio resource types;
restarting a first buffer status report (BSR) retransmission timer in response to the uplink grant meeting first criteria, wherein:
the first BSR retransmission timer is employed for triggering a BSR indicating an amount of data comprising data of a buffer of the first logical channel; and
the first criteria comprises the radio resource type being of one of the at least one first radio resource type; and
triggering a BSR transmission in response to the first BSR retransmission timer expiring.

US Pat. No. 10,218,557

PHASE AMBIGUITY PROCESSING METHOD AND DEVICE FOR QUADRATURE AMPLITUDE MODULATION SIGNAL

ZTE Corporation, Guangdo...

1. A phase ambiguity processing method for a quadrature amplitude modulation signal, comprising:deciding symbols on a Y polarization state and an X polarization state of a received signal, and mapping to obtain first bit information, wherein the received signal comprises a plurality of first signals;
checking and analyzing the first bit information to generate a first check result;
judging the first check result to obtain a judgment result as to whether the received signal includes phase ambiguity;
acquiring at least one of the plurality of first signals in the received signal in response to determining that the received signal includes phase ambiguity;
performing phase rotation on the first signal to obtain a second signal; and
checking and analyzing the second signal and storing the second signal such that the first signal is replaced with the second signal for decoding processing in response to determining that a check result is normal.

US Pat. No. 10,218,556

TRANSMISSION METHOD, TRANSMITTER APPARATUS, RECEPTION METHOD AND RECEIVER APPARATUS

SUN PATENT TRUST, New Yo...

1. A transmission method comprising:applying insertion of a plurality of pilot symbols to a first mapped symbol sequence and a second mapped symbol sequence in accordance with a determined timing, the first mapped symbol sequence and the second mapped symbol sequence each including a video signal or an audio signal, the video signal being to be displayed on a monitor of a reception device, and the audio signal being to be output from a speaker of the reception device;
applying phase shift to the first mapped symbol sequence and the second mapped symbol sequence, using a phase shift coefficient that is regularly switched between ? plurality of phase shift coefficients;
applying Orthogonal Frequency-Division Multiplexing (OFDM) signal generation process to the first mapped symbol sequence and the second mapped symbol sequence to generate a first OFDM signal, a second OFDM signal, a third OFDM signal and a fourth OFDM signal; and
applying transmission from a first transmission branch to the first OFDM signal at a first frequency and at a first time, and to the third OFDM signal at the first frequency and at a second time,
applying transmission from a second transmission branch to the second OFDM signal at the first frequency and at the first time, and to the fourth OFDM signal at the first frequency and at the second time, wherein
the plurality of phase shift coefficients regularly vary for each first phase amount,
the first OFDM signal, the second OFDM signal, the third OFDM signal and the fourth OFDM signal include a plurality of pilot subcarriers arranged the plurality of pilot symbols, respectively,
the first OFDM signal includes a first subcarrier signal, a second subcarrier signal, and a third subcarrier signal that are consecutive in a frequency domain,
the second OFDM signal includes a fourth subcarrier signal, a fifth subcarrier signal, and a sixth subcarrier signal that are consecutive in the frequency domain,
the second subcarrier signal and the fifth subcarrier signal are part of the plurality of pilot subcarriers at the same frequency and at the first time, respectively,
a difference in terms of phase amount included in a phase shift coefficient between ? first symbol arranged in the first subcarrier signal and a second symbol arranged in the third subcarrier signal is twice the first phase amount, and
the plurality of pilot subcarriers of the first OFDM signal and the plurality of pilot subcarriers of the third OFDM signal are arranged on different subcarriers, respectively.

US Pat. No. 10,218,555

USAGE OF EARLY BITS IN WIRELESS COMMUNICATIONS

Intel IP Corporation, Sa...

1. A device, comprising:at least one memory that stores computer-executable instructions; and
at least one processor of one or more processors configured to access the at least one memory, wherein the at least one processor of the one or more processors is configured to execute the computer-executable instructions to:
identify a high efficiency frame in accordance with a high efficiency communication standard, received from a first device, the high efficiency frame including at least in part a legacy signal field and a high efficiency signal field;
determine a length field included in the legacy signal field;
determine one or more bits included in the length field;
determine that the high efficiency signal field has been repeated based at least in part on the one or more bits;
combine the high efficiency signal field and the repeated high efficiency signal field into a combined high efficiency signal field; and
decode the combined high efficiency signal field based at least in part on the one or more bits.

US Pat. No. 10,218,554

OFDM TRANSMITTER DEVICE HAVING A SYMBOL GENERATOR FOR GENERATING NON-ZERO CONTROL SYMBOLS, AND OFDM TRANSMISSION METHOD INCLUDING GENERATING NON-ZERO CONTROL SYMBOLS

SUN PATENT TRUST, New Yo...

1. An OFDM receiver for receiving a signal transmitted from an OFDM transmitter, the OFDM receiver comprising:a receiver that, in operation, receives the signal, the signal carrying a frame including a plurality of control symbols transmitted successively and a plurality of other symbols following the plurality of control symbols, the plurality of control symbols including a first control symbol allocated at the beginning of the frame and a second control symbol allocated immediately after the first control symbol, a time-domain signal of the first control symbol including a first useful symbol part and a first guard interval part, the first guard interval part being identical to at least a portion of the first useful symbol part which has been frequency-shifted by a first non-zero frequency-shift amount and a time-domain signal of the second control symbol including a second useful symbol part and a second guard interval part, the second guard interval part being identical to at least a portion of the second useful symbol part which has been frequency-shifted by a second non-zero frequency-shift amount, the first non-zero frequency-shift amount being different from the second non-zero frequency-shift amount;
a first demodulator that, in operation, (i) performs a first frequency shift procedure on the received signal using a third non-zero frequency-shift amount, the third non-zero frequency-shift amount having an identical absolute value as the first non-zero frequency-shift amount, and the third non-zero frequency-shift amount having a different sign from the first non-zero frequency-shift amount, (ii) detects the first control symbol as the head of the frame by using the received signal and the received signal on which the first frequency shift procedure has been performed, and (iii) decodes the first control symbol to obtain first control information;
a second demodulator that, in operation, (i) performs a second frequency shift procedure on the received signal using a fourth non-zero frequency-shift amount, the fourth non-zero frequency-shift amount having an identical absolute value as the second non-zero frequency-shift amount, the fourth non-zero frequency-shift amount having a different sign from the second non-zero frequency-shift amount, and the fourth non-zero frequency-shift amount being different from the third non-zero frequency-shift amount, (ii) detects the second control symbol using the received signal and the received signal on which the second frequency shift procedure has been performed, and (iii) decodes the second control symbol to obtain second control information, the second control information being different from the first control information; and
a third demodulator that, in operation, demodulates the plurality of other symbols by using the obtained first control information and the obtained second control information.

US Pat. No. 10,218,553

METHOD AND DEVICE FOR TRANSMITTING DATA UNIT IN WLAN

LG ELECTRONICS INC., Seo...

1. A station (STA) transmitting a data unit in a wireless local area network (WLAN), the STA comprising:a radio frequency (RF) unit configured to transmit or receive a radio signal; and
a processor selectively connected to the RF unit,
wherein the processor is configured to generate a physical layer protocol data unit (PPDU) and to transmit the PPDU to an access point (AP),
wherein the PPDU comprises a first field and a second field,
wherein the first field includes first type symbols generated based on first inverse fast Fourier transforms (IFFTs), the first type symbols being 4 ?s in length,
wherein the second field includes second type symbols generated based on second IFFTs, the second type symbols being different in length from the first type symbols,
wherein when a length of the second type symbols is not a multiple of 4 ?s, the PPDU further comprises duration extension data having a first length, and
wherein a sum of a length of the first field and the second field and a first length is a multiple of 4 ?s.

US Pat. No. 10,218,552

RADIO COMMUNICATION DEVICE AND CONSTELLATION CONTROL METHOD

Optis Wireless Technology...

1. A radio communication apparatus comprising:a processor configured to:
perform first spreading of a transmission signal using one of a plurality of first sequences that can be separated from each other because of different cyclic shift values;
in a case where a Physical Uplink Control Channel (PUCCH) index used by the mobile station is in a first PUCCH index group, allocating an ACK/NACK signal to a same signal point with reference to a constellation of the ACK/NACK signal for both transmitting in a first slot of a subframe and transmitting in a second slot of the subframe,
in a case where the PUCCH index used by the mobile station is in a second PUCCH index group, allocating the ACK/NACK signal to two different signal points of the ACK/NACK signal with reference to the constellation of the ACK/NACK signal for transmitting in the first slot and transmitting in the second slot, respectively; and
a transmitter configured to transmit the transmission signal to a base station.

US Pat. No. 10,218,551

SOFT INFORMATION MEASUREMENT IN BLUETOOTH LONG RANGE

Marvell International Ltd...

1. A device comprising:a frequency offset (FO) compensation circuit configured to generate a frequency offset compensation value;
a decoder coupled with the FO compensation circuit; and
a soft information measurement circuit coupled with the decoder;
wherein the frequency offset compensation circuit is configured to (i) receive a continuous phase modulation (CPM) signal, (ii) adjust the CPM signal in a sampling window based on the frequency offset compensation value, and (iii) provide the adjusted CPM signal to the decoder;
wherein the decoder is configured to (i) receive the adjusted CPM signal generated by the FO compensation circuit, (ii) decode the adjusted CPM signal to obtain one or more information symbols associated with the CPM signal, (iii) provide the one or more information symbols for soft information generation; and (iv) receive soft information provided by the soft information measurement circuit.

US Pat. No. 10,218,549

WIRELESS RADIO RECEIVER THAT PERFORMS ADAPTIVE PHASE TRACKING

National Instruments Corp...

1. A wireless radio receiver that estimates and compensates for phase drift in a series of signal blocks received from a wireless channel, comprising:a post-equalization phase tracking unit configured to, for each signal block of the series of signal blocks:
compute an absolute phase rotation at the beginning of the signal block using an equalized version of pilot symbols preceding the signal block;
subdivide the signal block into a time sequence of groups of equalized modulated data symbols;
initialize an accumulated phase associated with the first-in-time group of the time sequence of groups with the computed absolute phase rotation; and
for each group of the time sequence of groups in time sequential order, wherein the group has an associated previous group in the time sequence of groups:
compute a de-rotated version of each equalized modulated data symbol within the group using the accumulated phase associated with the previous group;
blindly estimate a residual phase within the group using the de-rotated version of the equalized modulated data symbols within the group;
assign the accumulated phase associated with the group with a sum of the blindly estimated residual phase within the group and the accumulated phase associated with the previous group;
estimate phase drift within the group by using at least the accumulated phase associated with the group; and
compute a phase compensation signal for the group using the estimated phase drift within the group and compensate for phase drift on each equalized modulated data symbol within the group using the computed phase compensation signal.

US Pat. No. 10,218,548

WIRELESS RADIO RECEIVER THAT PERFORMS ADAPTIVE PHASE TRACKING

National Instruments Corp...

1. A wireless radio receiver that estimates and compensates for phase drift in a series of signal blocks received from a wireless channel, wherein each signal block of the series of signal blocks comprises a collection of data symbols, wherein an initial signal sequence and a terminal signal sequence are associated with each signal block of the series of signal blocks, wherein the initial and terminal signal sequences of each signal block are identical as transmitted by a transmitter, wherein the initial signal sequence either immediately precedes the signal block or comprises an initial portion of the data symbols of the signal block, wherein the terminal signal sequence either immediately follows the signal block or comprises a terminal portion of the data symbols of the signal block, the receiver comprising:a pre-equalization phase tracking unit configured to, for each signal block of the series of signal blocks:
compute an autocorrelation between a portion of the initial and terminal sequences associated with the signal block and compute a phase of the autocorrelation;
estimate a start phase of a first symbol within a block processing window associated with the signal block using the computed phase of the autocorrelation and the start phase of the first symbol within the block processing window associated with the previous signal block in the series of signal blocks;
estimate a phase drift within the block processing window by interpolating using the estimated start phases of the first symbol within the block processing windows associated with at least the signal block and the next signal block in the series of signal blocks; and
compute a phase compensation signal using the estimated phase drift within the block processing window and compensate for the estimated phase drift using the computed phase compensation signal.

US Pat. No. 10,218,547

FILTERED ORTHOGONAL BINARY PHASE SHIFT KEYING MODULATION WITH LOW PEAK-TO-AVERAGE-POWER RATIO

QUALCOMM Incorporated, S...

1. A method for wireless communication, comprising:modulating a first binary sequence using binary phase shift keying (BPSK) on a first axis of a complex plane;
modulating a second binary sequence using BPSK on a second axis of the complex plane, wherein the first axis and the second axis are substantially orthogonal;
determining whether to omit or insert a cyclic prefix from the first and second binary sequences based at least in part on whether a capability of a receiving device supports receiving the first and second binary sequences without the cyclic prefix;
omitting or inserting the cyclic prefix according to the capability of the receiving device; and
transmitting the first binary sequence and the second binary sequence based at least in part on the modulation of the first binary sequence and the second binary sequence.

US Pat. No. 10,218,546

SYSTEMS AND METHODS FOR NONLINEAR DISTORTION DISCOVERY IN ACTIVE CARRIERS

Cable Television Laborato...

1. A method of determining a presence of nonlinear distortion in a transmitted signal, comprising the steps of:capturing at least one frame of the transmitted signal and extracting symbols therefrom, wherein the transmitted signal comprises an orthogonal frequency division multiplexing (OFDM) signal in the frequency domain;
demodulating the captured signal to create an ideal signal, further comprising a substep of performing an inverse Fourier transform on the OFDM signal;
calculating an error vector for each of the extracted transmission symbols;
cross-correlating the created ideal signal with an error vector sequence of the calculated error vectors; and
determining the presence of nonlinear distortion in the transmitted signal according to at least one peak value resulting from the step of cross-correlating.

US Pat. No. 10,218,545

POWER LINE COMMUNICATION DEVICE AND METHOD

Vangochip Technologies, I...

1. A power line communication (PLC) device for communicating with another PLC device via a PLC signal transmitted over a wire in a broadband, comprising:a PLC engine configured to encode or decode the PLC signal,wherein,the PLC signal comprises at least one frame,
the at least one frame comprises a preamble, a frame control header and a payload, and
the preamble comprises:
a plurality of synchronization symbols used for the PLC engine to synchronize;
a plurality of preamble code symbols used for specifying at least one of a plurality of modulation mechanisms and a plurality of sub-channels in the broadband; and
a plurality of channel estimation symbols used for the PLC engine to do channel estimation, andwhereinthe modulation mechanisms include a first modulation mechanism and a second modulation mechanism,
the preamble code symbols of the preamble specify the first modulation mechanism,
the PLC engine receives the PLC signal from the another PLC device and demodulates the at least one frame of the PLC signal, wherein the PLC engine selects the first modulation mechanism according to the preamble code symbols and uses the first modulation mechanism to demodulate the frame control header and the payload,
the sub-channels of the broadband include a first sub-channel and a second sub-channel,
the preamble code symbols of the preamble further specify the first sub-channel,
the PLC engine selects the first sub-channel according to the preamble code symbols and uses the first sub-channel to demodulate the frame control header and the payload.

US Pat. No. 10,218,544

ADJUSTABLE ELECTRIC CONTROL EQUALIZATION CIRCUIT OF CABLE TELEVISION NETWORKS

Global Technology Inc., ...

1. An adjustable electric control equalization circuit comprising one or more electric control equalization modules associated with adjustable slopes, wherein the adjustable electric control equalization circuit further comprises a control module and one or more compensation modules, the control module and the one or more electric control equalization modules are electrically connected to control slope change of the one or more electric control equalization modules, the control module and the one or more compensation modules are electrically connected to generate compensation signals based on the slope change of the one or more electric control equalization modules, and an output of the one or more electric control equalization modules is electrically connected to an input of the one or more compensation module to output a combined signal of a sum of signals outputted from the one or more electric control equalization module and the one or more compensation module.

US Pat. No. 10,218,543

SUBSCRIBER STATION FOR A BUS SYSTEM AND METHOD FOR REDUCING WIRE-BOUND EMISSIONS IN A BUS SYSTEM

ROBERT BOSCH GMBH, Stutt...

1. A subscriber station for a bus system, comprising:a terminal connection to a first bus line of the bus system;
a terminal connection to a second bus line of the bus system;
a digital-analog converter for converting a digital signal into an analog signal; and
an analog-digital converter connected to the digital-analog converter, wherein the subscriber station is configured to:
output data onto the bus system by controlling the first and second bus lines to be at different electrical levels in a dominant bus state of the bus system; and
control the connected analog-digital converter and digital-analog converter to balance the different electrical levels to which the first and second bus lines are set in the dominant bus state of the bus system to be symmetrical about a predefined electrical level.

US Pat. No. 10,218,542

CHANNEL ESTIMATE IMPROVEMENT WITH L-LTF AND HT-LTF AVERAGING

Marvell International Ltd...

1. An apparatus comprising:a receiver to receive over a channel a signal comprising a first training symbol, a second training symbol, and one or more data symbols, wherein the first training symbol and the second training symbol each comprise subcarriers;
a channel estimator to determine first channel estimates for the subcarriers respectively based on the first training symbol and to determine second channel estimates for the subcarriers respectively based on the second training symbol;
a timing estimator to determine a dynamic timing advance estimate based on the first training symbol to adjust a sampling time for a remaining portion of the signal that includes the second training symbol;
a compensator to (i) determine one or more phase differences between the first training symbol and the second training symbol for the subcarriers respectively based on angular versions of the first channel estimates and angular versions of the second channel estimates, (ii) rotate the first channel estimates based on the dynamic timing advance estimate and the one or more phase differences to produce rotated first channel estimates, and (iii) produce combined channel estimates based on the second channel estimates and the rotated first channel estimates; and
circuitry to process the one or more data symbols based on the combined channel estimates.

US Pat. No. 10,218,541

OFDM TRANSMISSION/RECEPTION DEVICE FOR TRANSMITTING AND RECEIVING OFDM SYMBOLS HAVING A VARIABLE DATA TRANSMISSION RATE AND METHOD THEREOF

SAMSUNG ELECTRONICS CO., ...

1. A transmission method of a transmission device, the method comprising:identifying a first pilot insertion pattern from among a plurality of pilot insertion patterns;
inserting information on a first pilot insertion pattern into at least one of a plurality of OFDM symbols; and
transmitting a signal which is generated based on the plurality of OFDM symbols,
wherein pilot tones are inserted into at least one of the plurality of OFDM symbols based on the first pilot insertion pattern,
wherein a distance between a first insertion position of a first pilot in a first OFDM symbol and a second insertion position of the first pilot in a second OFDM symbol is six tones in the first pilot insertion pattern,
wherein a distance between the first insertion position of the first pilot and a third insertion position of the first pilot is twelve tones in the first OFDM symbol, and
wherein the first pilot is not inserted in at least one OFDM symbol between the first OFDM symbol and the second OFDM symbol in the first pilot insertion pattern.

US Pat. No. 10,218,540

TRANSMITTER FOR TRANSMITTING A HIGH-RATE DATA TRANSMISSION THROUGH DIRECT EXCITATION

Virginia Tech Intellectua...

1. A circuit for tuning a resonance frequency of an electrically small antenna and directly exciting the electrically small antenna, the circuit comprising:a first source configured for providing a constant voltage;
an antenna; and
a switched capacitor configured for being alternately coupled to the first source to be charged thereby and to the antenna for exciting the antenna.

US Pat. No. 10,218,539

FORWARDING DATA BETWEEN AN ARRAY OF BASEBAND UNITS AND AN ARRAY OF RADIO HEADS IN DISTRIBUTED WIRELESS SYSTEM USING TDM SWITCHES

Cisco Technology, Inc., ...

7. An integrated circuit, comprising:a baseband unit (BBU);
an uplink time-division multiplexing (TDM) switch coupled to (i) at least a first radio head, (ii) the BBU in the integrated circuit, and (iii) at least one uplink TDM switch in a first different integrated circuit, and wherein the uplink TDM switch is configured to:
receive a first TDM cell based on signals received from the first radio head, wherein the first TDM cell comprises a first plurality of TDM data slots, and wherein a destination of each of the first plurality of TDM data slots is predetermined;
generate a second TDM cell based on the first TDM cell, wherein the second TDM cell comprises a second plurality of TDM data slots, and wherein a destination of each of the second plurality of TDM data slots is predetermined;
forward data bits in a first slot of the first plurality of TDM data slots to the BBU in the integrated circuit; and
forward data bits in a second slot of the first plurality of TDM data slots in the second TDM cell to the at least one uplink TDM switch in the first different integrated circuit; and
a downlink TDM switch coupled to (i) the first radio head, (ii) the BBU in the integrated circuit, and (iii) at least one downlink TDM switch in a second different integrated circuit, and wherein the downlink TDM switch is configured to:
generate a third TDM cell based on digital signals received from the BBU in the integrated circuit, wherein the third TDM cell comprises a third plurality of TDM data slots; and
for each TDM data slot in the third TDM cell, forward data bits in the TDM data slot to either the first radio head or to the at least one downlink TDM switch in the second different integrated circuit.

US Pat. No. 10,218,538

HYBRID CLOS-MULTIDIMENSIONAL TOPOLOGY FOR DATA CENTER NETWORKS

Google LLC, Mountain Vie...

1. A data center network comprising:an aggregation layer including a plurality of aggregation nodes, each of the plurality of aggregation nodes including a plurality of switches interconnected in a flattened butterfly topology network configuration, wherein:
each of the plurality of switches in each of the plurality of aggregation layer nodes are only connected to the switches in the aggregation layer node that are its nearest neighbor in each dimension of the flattened butterfly topology network configuration;
a plurality of nodes in an access layer; and
a plurality of uplinks connecting each of the plurality of nodes in the access layer to one of the plurality of switches in substantially all of the plurality of aggregation layer nodes in a folded Clos network configuration, wherein:
assignment of uplinks between the plurality of switches in the aggregation layer and the plurality of nodes in the access layer is substantially random, and wherein the data center network is configured to:
receive data at a first of the access layer nodes to be transferred to a second of the access layer nodes;
transfer the data to a first switch in a selected aggregation layer node;
transfer the data to a second switch in the selected aggregation layer node; and
transfer the data from the second switch in the selected aggregation node to the second access layer node.

US Pat. No. 10,218,537

METHOD, APPARATUS AND COMPUTER PROGRAM TO PROVIDE ACCESS TO CLIENT RECORDS AND DATA RESOURCES

West Corporation, Omaha,...

1. A method, comprising:receiving a data file at a server, the file being sent from at least one client and including client requirements that specify those files of a file cluster that are desired to be accessed by the at least one client;
scanning the server to determine if any new data files have been received since a prior scanning operation;
copying the data file;
storing the copied data file in a data folder stored in the file cluster;
deleting the received data file from the server; and
moving files specified by the client requirements from an export folder of the file cluster to the server so that the at least one client may access the exported files.

US Pat. No. 10,218,536

CONFIGURING AND MANAGING VIRTUAL GRIDS

Open Invention Network LL...

1. A system for deploying servers in a network, comprising:a memory; and
one or more processors coupled to the memory, wherein the one or more processors are configured to:
receive a configuration for a first set of servers from an entity to be deployed on a grid-independent node, the grid-independent node configured to associate with two or more grids;
identify a grid identity and a first Virtual Local Area Network (VLAN) identity associated with the entity and a second set of servers on a grid-dependent node;
identify a local second VLAN identity associated with the entity and the grid-independent node;
map a combination of the grid identity and the first VLAN identity to the identified local second VLAN identity; and
based on the mapping, deploy the configuration for the first set of servers on the grid-independent node, wherein the local second VLAN identity is associated with a top-of-rack (TOR) switch that routes a packet to or from the grid-independent node;
wherein the local second VLAN identity is translated with the grid identity and the first VLAN identity in a header of the packet.

US Pat. No. 10,218,535

LOW POWER BIDIRECTIONAL BUS

Cirrus Logic, Inc., Aust...

1. An audio system, comprising:a host device;
an accessory product, wherein the accessory product comprises two components, wherein each component is configured for bidirectional data transfer between the component and the host device; and
a signal bus, comprising first and second signal lines, wherein the signal bus connects the host device and the accessory product;
wherein the host device is configured to generate a clock signal, and impose the clock signal on the first line of the signal bus;
wherein each component of the accessory product is configured to transmit a first pattern of bit values to the host device on the second line of the signal bus, during a respective subset of first half-periods of each period of said clock signal;
wherein the host device is configured to transmit a second pattern of bit values to the accessory product on the second line of the signal bus, during second half-periods of each period of said clock signal, wherein the second half-periods of each period of said clock signal are different from the first half-periods of each period of said clock signal;
wherein, in order to transmit information from the host device to the accessory product, the host device is configured to transmit an altered second pattern of bit values; and
wherein, in order to transmit information to the host device, each component of the accessory product is configured to transmit an altered first pattern of bit values.

US Pat. No. 10,218,534

DETERMINATION OF A NETWORK CLOUD CONTAINING AN UNCONTROLLED NETWORK DEVICE BASED ON LINK DATA OF CONTROLLED NETWORK DEVICES

HEWLETT PACKARD ENTERPRIS...

1. A system comprising:a processor; and
a non-transitory storage medium storing instructions executable on the processor to:
determine whether a network contains a fully-connected cloud containing an uncontrolled network device based on topological link data of controlled network devices in the network, the controlled network devices controlled by a network controller of the network, and the uncontrolled network device not controlled by the network controller,
wherein the topological link data indicates: (1) which controlled network devices are linked together, (2) whether links between the controlled network devices are single-hop or multi-hop, and (3) whether the links between the controlled network devices are bi-directional or uni-directional;
generate a topology map of network devices that includes the fully-connected cloud; and
present the topology map in a graphical user interface for troubleshooting a connectivity issue in the network.

US Pat. No. 10,218,533

WIRELESS DEVICE AND INTERFACE MODULE

Yokogawa Electric Corpora...

1. A wireless device, comprising:an interface module; and
a wireless module,
wherein the interface module is connected to a field device and includes:
first circuitry configured to at least:
accept a first signal output from the field device; and
transmit the first signal to the wireless module by first local communications; and
a first connector, the interface module being attachable to and detachable from the wireless module via the first connector,
wherein the wireless module includes:
second circuitry configured to at least:
set the interface module out of a sleep state, wherein, when the interface module is set out of the sleep state, the interface module performs supplying of power to the field device to conduct communications with the field device;
receive the first signal from the interface module by the first local communications; and
wirelessly transmit the first signal to a first external device; and
a second connector, the wireless module being attachable to and detachable from the interface module via the second connector,
wherein the second circuitry is configured to further:
wirelessly receive a second signal destined for the field device from a second external device; and
transmit the second signal to the interface module by second local communications;
wherein the first circuitry is configured to further output the second signal to the field device;
wherein the first circuitry is configured to further transmit, to the wireless module, a sleep request for bringing the wireless module into the sleep state when the second circuitry transmits a command response to the first external devices, and
wherein when the second circuitry receives the sleep request, the second circuitry is configured to further cause a wireless communication device of the second circuitry into the sleep state, then the second circuitry is configured to further causes the wireless module into a sleep state,
wherein the first circuitry is configured to further set the wireless module out of a sleep state,
wherein, when the wireless module is set out of the sleep state of the wireless module, the second circuitry wirelessly transmits the first signal to the first external device, and
wherein the first circuitry sets the wireless module out of the sleep state prior to the second external device transmitting the second signal using schedule information indicating a timing at which the second external device transmits the second signal.

US Pat. No. 10,218,532

DETERMINATION OF A STATE OF OPERATION OF A DOMESTIC APPLIANCE

British Gas Trading Limit...

1. A method for determining a state of operation of a domestic fluid heating system in a plurality of domestic fluid heating systems, comprising:receiving, at a device from a controller of the domestic fluid heating system, a time series of data relating to the operation of the domestic fluid heating system over a cycle of operation, wherein
the domestic fluid heating system comprises one or more sensors,
the one or more sensors are selected from the group consisting of control state sensor, temperature sensor and power sensor, and
the device is configured to receive data from at least one of the one or more sensors of the domestic fluid heating system; and
determining, at the device, the state of operation of the domestic fluid heating system based on comparing the received time series with a model of time series of data corresponding to the operation of the plurality of domestic fluid heating systems over a cycle of operation, wherein
the data comprising a plurality of parameters,
for each parameter of the data, the determining of the state of operation is not performed instantaneously but performed after at least one or more cycles of operation of the domestic fluid heating system, and
the cycle of operation comprises at least one of a period of transient mode of operation and a period of steady mode of operation.

US Pat. No. 10,218,531

AUTOMATION SYSTEM FOR DEPLOYMENT IN A BUILDING

1. An automation system for deployment in a building with rooms, the automation system comprising:a server; and
an electronic device cluster in each room, each electronic device cluster comprising electronic devices of which at least one is configured to sense a condition within the room and at least one of which is configured to report sensing results to the server,
wherein room locations of the electronic device clusters are undefined for the server at an initial time and the server is receptive of the sensing results from the at least one electronic device in each electronic device cluster in each room and external information and is configured to:
compare the received sensing results with the external information,
iteratively determine the room locations of one or more of the electronic device clusters from comparison results based on a correlation between the sensing results and the external information, and
communicate with at least one of the electronic devices of the one or more of the electronic device clusters based on iteratively determined room locations.