US Pat. No. 10,972,463

BLOCKCHAIN-BASED NB-IOT DEVICES

CISCO TECHNOLOGY, INC., ...

1. A method comprising:maintaining, by a controller of a blockchain network, a blockchain in the blockchain network, wherein the blockchain maintains at least one series of blocks and is connected to a machine-to-machine network, wherein the machine-to-machine network is a narrowband internet of things (NB-IoT) network;
receiving, by the controller of the blockchain network, a request over a blockchain interface from a device for a first set of data stored in the blockchain of the blockchain network;
receiving, by the controller of the blockchain network, a registration request to set a flag indicating the device is blockchain capable;
determining, by the controller of the blockchain network, based on the request, the first set of data from the blockchain of the blockchain network by traversing the at least one series of blocks in the blockchain of the blockchain network;
packaging, by the controller of the blockchain network, the first set of data from the blockchain of the blockchain network according to a protocol associated with the blockchain interface into a packaged data unit; and
transmitting, by the controller of the blockchain network, the packaged data unit to the device.

US Pat. No. 10,972,462

ELECTRONIC ACCOUNT RECOVERY THROUGH ACCOUNT CONNECTIONS

MICROSOFT TECHNOLOGY LICE...

1. A method comprising:receiving, from a first computing device, over a computer network, identification data that indicates one or more electronic accounts associated with one or more users, in an online network, related to a first electronic account associated with a first user, the identification data including a classification of each of the one or more electronic accounts related to the first electronic account as a trusted contact for the first electronic account;
storing the identification data in association with the first electronic account;
after storing the identification data, receiving a first request from a second computing device to recover the first electronic account;
in response to receiving the first request, causing a first plurality of items to be displayed by the second computing device based at least in part on the identification data;
receiving, from the second computing device, a selection of a particular item of the first plurality of items;
after determining that the particular item corresponds to a particular electronic account of the one or more electronic accounts that is associated with a particular user of the one or more users, the particular electronic account different from the first electronic account and the particular user different from the first user, causing first verification data to be transmitted to a third computing device of the particular electronic account;
after causing the first verification data to be transmitted to the third computing device of the particular electronic account, receiving second verification data from the second computing device;
in response to determining that the second verification data matches the first verification data, allowing the second computing device to access the first electronic account,
wherein the method is performed by one or more computing devices.

US Pat. No. 10,972,461

DEVICE AWARE NETWORK COMMUNICATION MANAGEMENT

International Business Ma...

1. A method for managing network communications, the method comprising:receiving, by a data processing system, an indication that a network device has been added to a local network connected to the data processing system;
responsive to the data processing system receiving the indication that the network device been added to the local network, detecting, by the data processing system, metrics corresponding to the network device added to the local network;
generating, by the data processing system, a device fingerprint corresponding to the network device added to the local network based on the detected metrics;
comparing, by the data processing system, the device fingerprint to device fingerprints stored in a global policy database;
determining, by the data processing system, whether a device fingerprint match was found in the global policy database between the device fingerprint corresponding to the network device and one of a plurality of device fingerprints stored in the global policy database;
responsive to the data processing system determining that a device fingerprint match was found in the global policy database between the device fingerprint corresponding to the network device and one of the plurality of device fingerprints stored in the global policy database, identifying, by the data processing system, a model type corresponding to the network device based on the match;
retrieving, by the data processing system, a device access policy corresponding to the identified model type from the global policy database; and
applying, by the data processing system, the device access policy corresponding to the identified model type to the network device.

US Pat. No. 10,972,460

SECURE SEMICONDUCTOR CHIP AND OPERATING METHOD THEREOF

INDUSTRY-UNIVERSITY COOPE...

1. A semiconductor chip comprising:a processor configured to process data;
a shield arranged over an upper portion of the processor, the shield comprising a metal line;
a ring oscillator block configured to pass an output of a first ring oscillator through a first area of the shield to return the output of the first ring oscillator to an input of the first ring oscillator and configured to pass an output of a second ring oscillator through a second area of the shield to return the output of the second ring oscillator to an input of the second ring oscillator, the second ring oscillator synchronized with the first ring oscillator; and
a detection unit configured to detect whether or not there is an electrical probing of the shield by comparing oscillation phases of the first ring oscillator and the second ring oscillator, wherein a difference in the oscillation phases of the first ring oscillator and the second ring oscillator indicates the electrical probing of the shield.

US Pat. No. 10,972,459

IDENTITY CREDENTIAL VERIFICATION TECHNIQUES

Apple Inc., Cupertino, C...

1. A method, comprising:obtaining, by a first device, an identity credential associated with a user, the identity credential being provisioned using biometric information associated with the user, the biometric information being obtained using a first biometric input method of a plurality of biometric input methods;
storing, by the first device, the identity credential and the biometric information;
obtaining, by the first device, an association between a first credential identifier and the identity credential;
receiving, by the first device from a second device, a communications request including a second credential identifier;
determining, by the first device, that the second credential identifier matches the first credential identifier;
prompting, by the first device, user selection of a second biometric input method from one or more biometric input methods by the user;
obtaining, by the first device, biometric input from the user for approving the communications request, the biometric input being obtained utilizing the second biometric input method of the plurality of biometric input methods;
authenticating the user by the first device based at least in part on determining that the biometric input matches the biometric information stored by the first device and that the second biometric input method used to obtain the biometric input matches the first biometric input method used to secure the biometric information associated with the user; and
in response to authenticating the user:
establishing a secure communications channel between the first device and the second device; and
transmitting, by the first device to the second device, at least a portion of the identity credential over the secure communications channel.

US Pat. No. 10,972,458

METHODS AND SYSTEMS FOR AUTHENTICATION ASSISTANT

United Services Automobil...

1. A computer-implemented method comprising:receiving, by a first server from an electronic client device, a first auditory request inputted by a user, the electronic client device being configured to receive auditory instructions and output auditory responses;
identifying, by the first server, a first command corresponding to the first auditory request by at least one of parsing, natural language identification, and semantic analysis of the first auditory request;
determining, by the first server, a first authentication level associated with the first auditory request based on the first command;
retrieving, by the first server from a database associated with the user, a first security challenge corresponding to the first authentication level;
in response to transmitting the first security challenge to the electronic client device, receiving, by the first server, an auditory input from the electronic client device;
in response to determining that the auditory input matches a first record in the database corresponding to the first authentication level, routing, by the first server, the first auditory request to a second server, the second server being configured to transmit, to the first server, a first response corresponding to the first auditory request received from the electronic client device;
receiving, by the first server, a second auditory request from the electronic client device;
identifying, by the first server, a second command corresponding to the second auditory request by at least one of parsing, natural language identification, and semantic analysis of the second auditory request;
determining, by the first server, a second authentication level associated with the second auditory request based on the second command;
comparing a restrictedness between the first authentication level and the second authentication level; and
in response to determining that the second authentication level is more restricted than the first authentication level:
retrieving, by the first server from the database, a second security challenge corresponding to the second authentication level;
in response to transmitting the second security challenge to the electronic client device, receiving, by the first server, a non-auditory input from the electronic client device; and
in response to determining that the non-auditory input matches a second record in the database corresponding to the second authentication level, routing, by the first server, the second auditory request to a third server, wherein the third server is configured to transmit a second response corresponding to the second auditory request received via the electronic client device.

US Pat. No. 10,972,457

LINKING A PHYSICAL ITEM TO A VIRTUAL ITEM

NCR Corporation, Atlanta...

1. A method comprising:receiving, at a backend system, unidentified customer data including information about an unidentified customer;
receiving, from the customer, customer identity data, the customer identity data including identifying information about the customer; and
generating an authentication token that links the unidentified customer data to the customer identity data,
wherein receiving unidentified customer data includes receiving a plurality of images of the customer from multiple cameras.

US Pat. No. 10,972,456

IOT DEVICE AUTHENTICATION

Microsoft Technology Lice...

1. An apparatus for Internet of Things (IoT) authentication, comprising:an IoT hub including one or more devices, the devices including at least one memory adapted to store run-time data for the devices, and at least one processor that is adapted to execute processor-executable code that, in response to execution, enables the IoT hub to perform actions, including:
storing a plurality of data field targets for a first IoT device, wherein the plurality of data field targets includes at least one device identity data field target and at least one telemetry data field target;
receiving a first plurality of data field entries from the first IoT device at a first time, wherein the first plurality of data field entries includes at least one device identity data field entry and at least one telemetry data field entry, wherein the at least one telemetry data field entries include aggregated telemetry data that includes a plurality of telemetry data field entries from the first IoT device, and wherein the aggregated telemetry data includes at least two telemetry data field entries associated with at least two different types of telemetry data;
making a first determination, wherein the first determination is a determination as to whether the at least one device identity data field entry matches a corresponding at least one device identity data field target for the first IoT device and whether the at least two telemetry data field entries of the aggregated telemetry data each match at least one of a corresponding range of values or discrete value of a telemetry data field target for the corresponding telemetry data field entry for the first IoT device; and
selectively allowing the first IoT device to connect to the IoT hub based on the first determination such that the selective allowance is based, in part, on the aggregated telemetry data.

US Pat. No. 10,972,455

SECURE AUTHENTICATION IN TLS SESSIONS

International Business Ma...

1. A computer implemented method for secure authentication within a communication protocol session, comprising:in response to receiving authentication information of a user of a client computer of a transport layer security (TLS) session, retrieving, by the client computer, a challenge string associated with the TLS session, wherein the challenge string is based, at least, on a selected TLS session record;
communicating, by the client computer, the selected TLS session to a server of the TLS session;
generating, by the client computer, a first digest based on the challenge string and the authentication information; and
sending, by the client computer, the first digest to the server of the TLS session, wherein the retrieving, communicating, generating, and sending, by the client computer, are carried out after the TLS session has been established between the client computer and the server.

US Pat. No. 10,972,454

CONVERSATION MERGING FOR ELECTRONIC DEVICES

Apple Inc., Cupertino, C...

1. A method comprising:receiving a registration event message for a user account, the registration event message comprising an identifier of the user account and a first account alias of the user account;
generating a merge identifier for the user account responsive to receipt of the registration event message;
storing the merge identifier in association with the identifier of the user account and the first account alias of the user account;
receiving a query corresponding to a message that was transmitted using the first account alias of the user account, the query indicating the first account alias and including a request for information associated with the message; and
providing, responsive to the query, the information and the merge identifier associated with the first account alias.

US Pat. No. 10,972,453

METHODS FOR TOKEN REFRESHMENT BASED ON SINGLE SIGN-ON (SSO) FOR FEDERATED IDENTITY ENVIRONMENTS AND DEVICES THEREOF

F5 NETWORKS, INC., Seatt...

1. A method for authentication in federated identity environments implemented by a network traffic management system comprising one or more access management apparatuses, identity provider devices, server devices, or client devices, the method comprising:sending an application request received from a client to an application server along with an access token, wherein the access token is obtained from an identity provider device based on user credentials provided to the identity provider device;
determining when a received response to the application request with the access token comprises an unauthorized HyperText Transfer Protocol (HTTP) response status code;
refreshing the access token using a stored refresh token obtained from the identity provider, when the determination indicates that the response to the application request comprises an unauthorized HTTP response status code; and
resending the application request to the application server along with the refreshed access token to facilitate access for the client to a resource hosted by the application server.

US Pat. No. 10,972,452

SECURE ACCESS TO VIRTUAL MACHINES IN HETEROGENEOUS CLOUD ENVIRONMENTS

CISCO TECHNOLOGY, INC., ...

1. A method comprising:generating a first public-private key pair including a first public key and a first private key;
generating a virtual server template including the first public key;
instantiating a virtual server within a remote network using the virtual server template;
establishing a first secure communication session with the virtual server based on the first public-private: key pair;
generating a second public-private key pair including a second public key and a second private key;
replacing the first public key in the virtual server with the second public key; and
establishing a second secure communication session with the virtual server based on the second public-private key pair.

US Pat. No. 10,972,451

BAND STEERING OF CLIENT DEVICES TO DUAL-BAND LEGACY ACCESS POINTS

Harman Becker Automotive ...

1. A band steering method for a wireless network comprising at least a first and second radio bands, at least one wireless access point, and at least one client device, the method comprising the steps of:receiving, by the wireless access point, a first open authentication request from the client device on one or more of the radio bands;
if the first open authentication request is received on the second radio band, generating an authentication response on the second radio band; and
if the first open authentication request is received only on the first radio band, a delaying open authentication response for a first time period;
receiving, by the wireless access point, a second authentication request from the client device on the second radio band; and
if the client device is unable to connect to the second radio band within a second time period after the second authentication request from the client device to join the second radio band, generating another authentication response to join the first radio band.

US Pat. No. 10,972,450

SYSTEMS AND METHODS FOR SECURELY MIGRATING DATA BETWEEN DEVICES

Wells Fargo Bank, N.A., ...

1. A method for securely migrating data between devices, the method comprising:receiving a request at a first time for data migration between a first user device and a second user device each associated with a first user;
retrieving, by session authentication circuitry, a baseline attribute dataset associated with the first user generated before the first time;
generating, by the session authentication circuitry, a first attribute dataset associated with the first user;
authenticating, by the session authentication circuitry, a session between the first user device and the second user device at the first time based on the baseline attribute dataset and the first attribute dataset;
causing, by data migration circuitry, data transfer between the first user device and the second user device;
generating, by continuous authentication circuitry, a second attribute dataset associated with the first user at a second time after the first time; and
authenticating, by the continuous authentication circuitry, the session at the second time based on the first attribute dataset and the second attribute dataset.

US Pat. No. 10,972,449

COMMUNICATION WITH COMPONENTS OF SECURE ENVIRONMENT

Amazon Technologies, Inc....

19. A method, comprising:receiving, by a first hardware device, a request to access a second hardware device;
storing, by the first hardware device and based on the request, a notification in a storage accessible by the second hardware device to set the second hardware device to an operation mode;
performing, by the first hardware device, a verification process with the second hardware device based on providing security information to the second hardware device using the storage; and
based on a result of the verification process, storing configuration data of the second hardware device in the storage to enable the second hardware device to acquire the configuration data from the storage and to update a configuration of the second hardware device based on the configuration data.

US Pat. No. 10,972,448

TECHNOLOGIES FOR DATA BROKER ASSISTED TRANSFER OF DEVICE OWNERSHIP

INTEL CORPORATION, Santa...

1. A data broker device for transferring ownership of a compute device, the data broker device comprising:verification circuitry to (i) receive a provenance verification key of the compute device from a manufacturer device, (ii) receive attestation data of the compute device, wherein the attestation data is indicative of one or more security attributes of the compute device, wherein receive the attestation data comprises negotiate a long-term session key with the compute device, and (iii) verify a provenance of the compute device based on the attestation data; and
block chain circuitry to update a block chain with an acknowledgment of an assignment of the compute device to the data broker device and an indication of present ownership of the compute device, wherein the present ownership is different from the data broker device and wherein the block chain identifies each transaction associated with ownership of the compute device.

US Pat. No. 10,972,447

SHORT MESSAGE SERVICE GATEWAY FOR MEDIA STREAMING SECURITY

1. An endpoint device comprising:a processor; and
a computer-readable medium storing instructions which, when executed by the processor, cause the processor to perform operations, the operations comprising:
sending a request to a server of a communication network to authenticate the endpoint device associated with a media streaming session, wherein the media streaming session is via a cellular access network, wherein the media streaming session is between a media server of a media provider and the endpoint device, wherein the request to authenticate the endpoint device is sent to the server via a device of the media provider;
receiving an authentication key via a short message service message; and
sending a calculated response, the calculated response based upon the authentication key and a seed key stored at the endpoint device, wherein a notification is received by the device of the media provider indicating whether the calculated response matches an expected response.

US Pat. No. 10,972,446

DEVICE PAIRING

SIGNIFY HOLDING B.V., Ei...

12. A device to be controlled, being operable to establish a wireless communication connection with another, controlling device for exchanging of control messages using both of a locking mechanism and a pairing protocol, the controlled device comprising:a control logic for applying the locking mechanism to set whether access to the pairing protocol is locked or unlocked; and
a transmitter and receiver configured to: perform a pairing between the controlled device and the controlling device using the first pairing protocol, on condition of being activated by said locking mechanism, wherein upon completion of the pairing protocol activating the wireless communication connection for receiving of control messages; and further switching the controlled device from a state in which the controlled device reports that it does not have a display to a mode in which the controlled device reports that it does have a display, thereby triggering a switching of mode wherein the controlled device switches from a mode which requires the controlling device to use a first pairing protocol to a mode which requires the controlling device to use a second pairing protocol.

US Pat. No. 10,972,445

DYNAMIC CRYPTO KEY MANAGEMENT FOR MOBILITY IN A CLOUD ENVIRONMENT

Citrix Systems, Inc., Fo...

1. A method comprising:at a computing platform comprising at least one processor, memory, and a communication interface:
receiving, by the at least one processor, via a key upgrade service provided by the computing platform, from an administrator console device, a request to generate one or more new keys;
in response to receiving the request to generate the one or more new keys, generating, by the at least one processor, a new tenant master key and a new server recovery key;
sending, by the at least one processor, via the communication interface, to a cloud-based key vault server, the new tenant master key and the new server recovery key, wherein the cloud-based key vault server is configured to store the new tenant master key and is further configured to encrypt the new server recovery key with the new tenant master key to produce an encrypted server recovery key, wherein the encrypted server recovery key enables a plurality of policy-managed devices associated with a tenant to authenticate with the key update service;
receiving, by the at least one processor, via the communication interface, from the cloud-based key vault server, the encrypted server recovery key;
sending, by the at least one processor, via the communication interface, to a tenant database server associated with one or more enrollment servers, the encrypted server recovery key, wherein the tenant database server is separate from the cloud-based key vault server and wherein the tenant database server stores the encrypted server recover key; and
provisioning, by the at least one processor, the one or more enrollment servers with the encrypted server recovery key by sending the encrypted server recovery key to the one or more enrollment servers via the communication interface,
wherein the one or more enrollment servers are configured to manage enrollment of the plurality of policy-managed devices in a policy enforcement scheme and to authenticate with the key update service based on the encrypted server recovery key.

US Pat. No. 10,972,444

MAPPING ACCOUNT INFORMATION

Amazon Technologies, Inc....

1. A computer-implemented method, comprising:receiving, at a user pool within a resource provider environment, a request from a user of a client device to access a Web service, the request including a login credential;
receiving, from the user pool that received the request from the user, the login credential at an authentication service, the authentication service hosted within the resource provider environment, wherein the user pool is separate from the authentication service;
using a nested authentication process of the authentication service to obtain an account credential associated with the login credential from the user pool by providing the login credential along with a request for the account credential to the user pool;
receiving the account credential from the user pool after the user pool authenticates the login credential in an authentication instance independent of the user request, the account credential associated with the login credential;
using the nested authentication process to access an identity pool separate from the authentication service, hosted within the resource provider environment, the identity pool receiving the account credential from the authentication service, the account credential remaining within the resource provider environment;
obtaining, by the nested authentication process using the account credential, an account identifier associated with the account credential, the account identifier associating the user with the Web service;
associating, in a database, the login credential in the user pool with the account identifier maintained in the identity pool, the identity pool being separate from the user pool, the user pool including account information for the user; and
issuing, to the client device, access to the Web service.

US Pat. No. 10,972,443

SYSTEM AND METHOD FOR ENCRYPTED DOCUMENT CO-EDITING

International Business Ma...

1. A computer-implemented method comprising:receiving during a collaborative editing session, at a first computing device, a first encrypted change set for a co-editable data object from a client, the first encrypted change set being encrypted by a first key, wherein the collaborative session comprises two or more participants simultaneously accessing the co-editable data object during an electronic meeting or other communication session type;
requesting a second key for re-encrypting the first encrypted change set, wherein the second key is stored and managed by a key manager external to the first computing device;
re-encrypting the first encrypted change set to generate a second encrypted change set using the second key;
using an index listing to mark byte indexes of a plurality of elements associated with the co-editable data object, the plurality of elements including, at least in part, pages and sections of the co-editable data object; and
responsive to determining that a connection quality between the first computing device and the client meets a predetermined threshold or that the collaborative editing session is ending, revising a version identifier of the co-editable data object.

US Pat. No. 10,972,442

DISTRIBUTED PREDICTIVE PACKET QUANTITY THRESHOLD REPORTING

Juniper Networks, Inc., ...

1. A method, comprising:receiving, by a first line card of a first network device, packets to be transmitted to a second line card of a second network device,
wherein the packets are to be transmitted from a first interface port of the first line card and via a communications link between the first interface port and a second interface port of the second line card,
wherein the communications link is to be secured using a security key;
determining, by the first line card, one or more packet quantity thresholds for transmission of the packets,
wherein satisfaction of a first packet quantity threshold, of the one or more packet quantity thresholds, causes the first line card to perform one or more actions related to modifying the security key;
predicting, by the first line card and after determining the one or more packet quantity thresholds, an earliest satisfaction time for satisfaction of the first packet quantity threshold;
transmitting, by the first line card and in association with predicting the earliest satisfaction time, the packets to the second line card;
determining, by the first line card in association with transmitting the packets to the second line card and after satisfaction of the earliest satisfaction time, whether a quantity of transmitted packets transmitted by the first line card satisfies one or more of the one or more packet quantity thresholds; and
based on whether the quantity of transmitted packets satisfies the one or more of the one or more packet quantity thresholds:
performing the one or more actions, or
performing one or more other actions related to monitoring transmission of the packets.

US Pat. No. 10,972,441

IN-PLACE AUTHENTICATION SCHEME FOR SECURING INTRA-VEHICLE COMMUNICATION

KARAMBA SECURITY LTD, Ho...

1. A method to authenticate communication over an in-vehicle communications network using in-place cryptography and authentication to more effectively and efficiently obfuscate network traffic from unintended recipients, the method comprising:listening, at a first electronic control unit (ECU), for a ciphertext having a particular identifier; and
based on receiving a ciphertext from a second ECU having the particular identifier:
identifying a predetermined model corresponding to a particular type of message associated with the ciphertext,
applying one or more block ciphers to the ciphertext to generate a combined value based on the predetermined model,
accessing a counter maintained on the first ECU for the particular type of message,
generating a local reproducible value from the counter, and
performing a logical operation on the local reproducible value and the combined value to generate a cleartext.

US Pat. No. 10,972,440

PROCESS AND SYSTEM FOR SELECTABLE DATA TRANSMISSION

SWISSCOM AG, Bern (CH)

1. A system, comprising:a storage device configured to maintain a user profile associated with a user, wherein:
the user profile comprises a list of authorized remote mobile computing devices of the user and respective connection information for video communication,
the plurality of authorized remote mobile computing devices of the user are authorized for video communication, and
other remote mobile computing devices of the user are not authorized for video communication; and
one or more processors operable to:
receive a request to initiate video communication with a particular remote mobile computing device;
in response to receipt of the request to initiate the video communication:
determine that the particular remote mobile computing device is authorized based on the list of authorized remote mobile computing devices in the user profile;
in response to said determination:
access the respective connection information for the particular remote mobile computing device; and
transmit captured video communication data for the requested video communication according to the user profile such that the captured video communication data may be displayed at the particular remote mobile computing device as it is received.

US Pat. No. 10,972,439

SYSTEM AND METHOD FOR OBFUSCATING INITIATION VALUES OF A CRYPTOGRAPHY PROTOCOL

NETFLIX, INC., Los Gatos...

1. A method, comprising:receiving an application update for an application installed on a computing system, wherein the application update includes initial setup values for a key exchange protocol to be performed with a server machine, and the initial setup values are associated only with a current version of the application;
storing the initial setup values in a secret module included in a secure communication module associated with the computing system, wherein the secret module is obfuscated;
applying the application update to the application;
performing, based on the initial setup values, the key exchange protocol with the server machine to generate a key uniquely associated with the current version of the application; and
storing the key in the secure communication module.

US Pat. No. 10,972,438

METHOD FOR ENCRYPTED CALL AND TERMINAL

HUAWEI TECHNOLOGIES CO., ...

1. A method for an encrypted call, comprising:establishing, by a first terminal using a cellular network, a call with a second terminal using the cellular network;
establishing, by the first terminal, a circuit switched call with the second terminal;
generating, by the first terminal, a first synchronization frame according to a synchronization sequence preset by the first terminal and a current encoding rate of the first terminal;
sending the first synchronization frame as a pseudo speech frame to the second terminal using the circuit switched call;
receiving a key negotiation frame, wherein the key negotiation frame comprises a predetermined indication sequence;
determining, by the first terminal using the circuit switched call, a key for performing the encrypted call with the second terminal; and
performing, by the first terminal, the encrypted call with the second terminal using the key.

US Pat. No. 10,972,437

APPLICATIONS AND INTEGRATED FIREWALL DESIGN IN AN ADAPTIVE PRIVATE NETWORK (APN)

TALARI NETWORKS INCORPORA...

1. A method for integrated firewall packet filtering based on global security zones of a communication network, the method comprising:dividing the communication network into security zones in which plural of the security zones exist at at least one network site and at least one of the security zones exists at different network sites connected via conduits across an adaptive private network (APN);
defining an integrated firewall security zone configuration to be implemented by a firewall integrated within an input stage a conduit processing stage of a packet processing pipeline of an APN appliance, the integrated firewall security configuration including rules that specify whether to allow or deny traffic between the same and different security zones, each rule including at least one security zone identifier that applies to traffic to or from plural different IP addresses in the security zone and an action;
receiving a packet in the input stage of the conduit processing stage of the packet processing pipeline of the APN appliance;
inserting a network destination security zone identifier in a conduit flow header of the received packet by the firewall integrated in the input stage of the conduit processing stage of the packet processing pipeline of the APN appliance;
determining, using the destination security zone identifier in the conduit flow header and the rules in the integrated firewall security zone configuration that specify whether to allow or deny traffic between the same and different security zones and at a site ingressing packets to a conduit across the APN, which comprises a wide area network (WAN) leading to a destination site in the network destination security zone, that receiving the packet at the destination site would violate a security policy implemented by one of the rules specified in the integrated firewall configuration for the network destination security zone; and
stopping, at the site ingressing the packets to the conduit, the received packet from transmitting through the conduit to the destination site in the network destination security zone.

US Pat. No. 10,972,436

SYSTEM AND METHOD FOR SESSION AFFINITY IN PROXY MEDIA ROUTING

360 IT, UAB, Vilnius (LT...

1. A method for transferring media over a VPN connection, the method comprising:receiving, at a VPN server from a user device, a first request for connection to a first target;
generating, at the VPN server, a session identification (ID) string for the first request;
sending, from the VPN server to a proxy service provider (PSP), the first request and the session ID string;
receiving, at the VPN server, a response to the first request from the PSP, fetched by a first exit node assigned to the first request;
receiving, at the VPN server from the user device, a second request for connection to the first target or to a second target, different from the first target;
assigning, at the VPN server, the session ID string to the second request; and
sending, from the VPN server to the PSP, the second request and the session ID string, wherein the PSP assigns the first exit node to the session ID string for the second request.

US Pat. No. 10,972,435

DYNAMIC DISCOVERY OF EXECUTING APPLICATIONS

ServiceNow, Inc., Santa ...

1. A computing system comprising:a configuration management database (CMDB) disposed within a remote network management platform; and
a server application disposed within a managed network, wherein the managed network is managed by the remote network management platform and the server application is controlled by the remote network management platform, and wherein the server application is configured to:
provide, to a computing device disposed within the managed network, instructions to identify one or more processes executing on the computing device, wherein the one or more processes correspond to one or more software products;
determine, for a process of the one or more processes that were identified, a file system path of a directory associated with the process;
based on the file system path, select one or more directories to scan for files associated with the process;
instruct the computing device to: (i) scan the one or more directories for one or more files associated with the one or more software products and (ii) determine a plurality of attributes associated with the one or more files discovered in the one or more directories;
receive, from the computing device, a representation of the plurality of attributes associated with each file; and
store, in the (CMDB), the plurality of attributes associated with each file as one or more configuration items of the managed network, wherein the CMDB comprises a plurality of records corresponding to the one or more software products.

US Pat. No. 10,972,434

PROXY-BASED CLIENTLESS VPN WITH WEB BROWSER PROXY AUTO-CONFIGURATION (PAC) FILE AND EXTENSION

CISCO TECHNOLOGY, INC., ...

1. A method comprising:at a security gateway configured to communicate with a public network and a private network:
provisioning, over the public network, a web browser hosted on a user device with a proxy auto-configuration file configured to automatically redirect the web browser to the security gateway as a proxy server for clientless virtual private network (VPN) operation when the web browser browses any uniform resource locator including a particular domain name that encompasses the private network;
upon receiving from the web browser over the public network a request to access a private resource on the private network:
establishing a secure public connection to the web browser over the public network;
establishing a private connection to the private resource over the private network; and
associating the private connection with the secure public connection to form a clientless VPN connection between the web browser and the private resource; and
forwarding content between the private resource and the web browser over the clientless VPN connection without performing any content rewrite operations.

US Pat. No. 10,972,433

METHOD FOR THE MANAGEMENT AND MAINTENANCE OF AN AIRCRAFT COMPRISING A ZONE WITH A HIGH DEGREE OF SECURITY

1. A method for the management and maintenance of an aircraft comprising a zone with a high degree of security, a man-machine interface of the aircraft being included in the zone with a high degree of security and necessary for a maintenance operation to be performed by a maintenance operator on a device of the aircraft to be maintained placed outside the zone with a high degree of security, wherein the method comprises the steps of:connection of a first device to the high-security zone for accessing the man-machine interface of the aircraft,
connection of a second device to a third device able to display the man-machine interface of the aircraft and by means of which the maintenance operator can interact with the man-machine interface of the aircraft, the second and third device being located outside the zone with a high degree of security,
authentication of the maintenance operator with the second device,
creation of a secure communication connection between the first and second devices, the secure connection being created in a communication network by means of an encrypted tunnel, providing a trusted area that includes the aircraft, the first device, the second device and excluding the third device,
reception from the first device by the second device of the man-machine interface of the aircraft and transfer of information for display of the man-machine interface of the aircraft on the third device,
connection of the second device to a server by means of the telecommunication network in order to obtain information from the server intended for the third device by means of the second device, the connection of the second device to the server not being made by means of the secure connection created.

US Pat. No. 10,972,432

FLEXIBLE NETWORK SECURITY SYSTEM AND METHOD FOR PERMITTING TRUSTED PROCESS

1. A computer executing a firewall controlling inbound traffic, the firewall protecting the computer against a network connection attempt by setting restrictions on information communicated between networks, the computer comprising:an internal permitted program storage configured to store a list of programs permitted by the firewall;
an input interface configured to accept an indication that one or more permitted network communication programs are permitted by the firewall, thereby resulting in said one or more permitted network communication programs being added to the list of programs permitted by the firewall in the internal permitted program storage;
a port monitoring unit configured to automatically extract, outside of the firewall, information about a protocol using a server port without intervention by a use of the computer, wherein the server port is designated as a port of a network communication program providing one or more packets of inbound traffic for a destination port; and
a flexible firewall device making the firewall flexible, the flexible firewall device configured to populate a list of server ports permitted by the firewall in an internal permitted port storage as follows:
detect that said network communication program tries to listen to said server port;
using the port monitoring unit, information about the server port requesting communication with the destination port for the packets of inbound traffic, and determining whether a current program, which opened the server port, has registered in the internal permitted program storage; and
automatically store the extracted information about the server port in the internal permitted port storage, without intervention by a user of the computer, if said network communication program matches a program on said list of programs permitted by the firewall in the internal permitted program storage;
wherein the firewall is further configured to thereafter selectively block or allow one or more packets of inbound traffic to the computer as follows:
make a determination whether a destination port of the one or more packets of inbound traffic matches one of the server ports included in the list of server ports permitted by the firewall in the internal permitted port storage;
either allow or block the one or more packets of inbound traffic based on the determination whether the destination port of the one or more packets of inbound traffic matches one of the server ports included in the list of server ports permitted by the firewall in the internal permitted port storage, and using the information about the server port and the protocol to determine whether registration exists in the internal permitted port storage; and
in the case of a determination that the registration does not exist, blocking the corresponding packet, and in the case of a determination that the registration exists, transmitting the corresponding packet to a hooked original function.

US Pat. No. 10,972,431

DEVICE MANAGEMENT BASED ON GROUPS OF NETWORK ADAPTERS

Sophos Limited, Abingdon...

1. A computer program product for managing endpoints comprising non-transitory computer executable code embodied on a non-transitory computer readable medium that, when executing one or more computing devices, performs the steps of:registering an endpoint to an enterprise network, wherein registering includes ensuring that the endpoint is compliant with a security policy for the enterprise network;
determining a network adapter profile for the endpoint, the network adapter profile including a plurality of media access control identifiers for a plurality of network adapters used by the endpoint for network communications;
detecting a compromised state of the endpoint at a threat management facility of an enterprise network, wherein the compromised state brings the endpoint out of compliance with the security policy; and
blocking network communications from all of the network adapters in the network adapter profile for the endpoint at one or more firewalls remote from the endpoint in the enterprise network.

US Pat. No. 10,972,430

ALLOCATION OF LOCAL MAC ADDRESSES TO CLIENT DEVICES

CISCO TECHNOLOGY, INC., ...

1. A method comprising:at a network device connected with a network:
obtaining from a client device an authentication request including identity credentials and a temporary media access control (MAC) address of the client device; and
in response to successfully authenticating the client device based on the identity credentials:
selecting a new MAC address of the client device from among a plurality of available MAC addresses stored in a MAC address server in the network;
providing the new MAC address to the client device in an address allocation frame;
obtaining a data frame;
determining whether the client device is using the new MAC address based on the data frame; and
if it is determined that the client device is using the new MAC address:
granting the client device access to the network; and
generating a record including the new MAC address, a time at which the new MAC address was selected, and a time at which the new MAC address became available for reselection.

US Pat. No. 10,972,429

ELECTRONIC MESSAGE IDENTIFIER ALIASING

Reflexion Networks, Inc.,...

1. A method for managing communications, the method comprising:receiving an outbound instant message from an infrastructure hosting a true identifier for a user, the outbound instant message directed from the true identifier to one or more recipient identifiers;generating an alias identifier for each one of the recipient identifiers of the outbound instant message to communicate with the true identifier;
assigning a first assigned discrete security state from one of a plurality of discrete security states as a security attribute to each alias identifier;
forwarding the outbound instant message to the one or more recipient identifiers through the infrastructure;
with the outbound instant message forwarded, changing the first assigned discrete security state for one of the one or more recipient identifiers to a second assigned discrete security state for the one of the one or more recipient identifiers;
receiving, from a sender using the one of the one or more recipient identifiers, an inbound instant message addressed to one of the alias identifiers for the true identifier;
selecting one or more rules for processing the inbound instant message based on at least a combination of the one of the one or more recipient identifiers of the sender of the inbound instant message and the second assigned discrete security state; and
processing the inbound instant message based on the one or more rules.

US Pat. No. 10,972,428

ASSIGNMENT OF TENANCY TO DEVICES

ARM LIMITED, Cambridge (...

1. A method of assigning tenancy to a device during bootstrapping between the device and a bootstrap server in a network to enable the device to register with a device server, the method comprising:transmitting a device identifier from the device to the bootstrap server;
receiving, from the bootstrap server at the device, a device server address stored in the bootstrap server and data identifying tenancy assigned to the device to enable the device to register with the device server, wherein the tenancy assigned to the device is identified by the bootstrap server based on the device identifier; and
transmitting, from the device to the device server at the device server address, a request to register the device using the assigned tenancy, the request including data identifying the assigned tenancy and the device identifier.

US Pat. No. 10,972,427

METHODS, SYSTEMS, AND DEVICES FOR IDENTIFYING AN IP ADDRESS FROM A MIXED DATA POOL USING ARTIFICIAL INTELLIGENCE

1. A device, comprising:a processing system including a processor; and
a memory that stores executable instructions that, when executed by the processing system, facilitate performance of operations, the operations comprising:
obtaining a first data pool of different types of data, wherein the first data pool comprises a first group of IPv4 addresses and a second group of non-IP address data;
identifying a first portion of the first group of IPv4 addresses from a second portion of the second group of non-IP address data from within the first data pool using artificial intelligence techniques;
selecting the first portion of the first group of IPv4 addresses using the artificial intelligence techniques;
storing the first portion of the first group of IPv4 addresses in a first table of IPv4 addresses; and
assigning a first IPv4 address in the first table to a first computing device in response to determining the first IPv4 address in the first table is not currently being used.

US Pat. No. 10,972,426

ENHANCED DOMAIN NAME SYSTEM (DNS) SERVER

Charter Communications Op...

1. A method for resolving a network address, comprising:receiving a request for a resource from a client device;
determining a source IP address of the client device based on the information included in the received request;
determining whether the source IP address is included in a source client list, wherein the source client list is associated with a view datastore;
determining whether a default view datastore includes a record for requested resource in response to determine that the source IP address is not included in the source client list; and
determining whether the requested resource is included in the view datastore in response to determining that the default view datastore does not include a record for requested resource and that the source IP address is not included in the source client list.

US Pat. No. 10,972,425

METHOD, DEVICE AND SYSTEM FOR SERVICE PLATFORM ADDRESS RESOLUTION

TENCENT TECHNOLOGY (SHENZ...

1. A method for parsing an address of a service platform performed at a server having one or more processors and memory storing a plurality of programs to be executed by the one or more processors, the method comprising:receiving, by the server, a domain name system DNS parsing request sent by a terminal, the DNS parsing request comprising a to-be-parsed domain name;
obtaining, by the server, target Internet protocol (IP) information of the terminal based on the DNS parsing request;
determining, by the server, an IP address range including the target Internet protocol (IP) information of the terminal;
identifying, by the server, a target user-defined line corresponding to the IP address range within a background database, wherein the target user-defined line is preset to be associated with target servers via parsing records for providing predefined services to users of the service platform;
obtaining, by the server, a preset first parsing record based on the target user-defined line, the first parsing record being used to instruct the terminal to establish a communications connection to a first target server of the to-be-parsed domain name; and
sending, by the server to the terminal, a first IP address corresponding to the first target server of the to-be-parsed domain name based on the preset first parsing record.

US Pat. No. 10,972,424

INFERRING PREFERENCES FROM MESSAGE METADATA AND CONVERSATIONS

Hipmunk, Inc., San Franc...

1. A method comprising:receiving, by one or more processors of a networked system, a communication that expands a conversation whose participants include the networked system and one or more users to add an additional user into the participants of the conversation;
by the one or more processors of the networked system, analyzing the communication, the analyzing including inferring a travel companionship preference of a first user among the one or more users based on a last name being shared between the first user and the additional user, the shared last name being indicated by metadata of the communication;
triggering, by the one or more processors of the networked system, a search based on the inferred travel companionship preference of the first user;
generating, by the one or more processors of the networked system, a response that includes results of the search; and
transmitting, by the one or more processors of the networked system, the response to a device of the first user.

US Pat. No. 10,972,423

LOCATION-BASED CONVERSATION ENGINE FOR ENTITIES IN A SOCIAL NETWORKING SYSTEM

FACEBOOK, INC., Menlo Pa...

1. A computer-implemented method, comprising:identifying a list of wireless source identifiers from a profile of a social networking entity that is associated with a social networking system, wherein the list of wireless source identifiers correspond to one or more wireless sources within one or more physical establishments associated with the social networking entity;
determining a location of a computing device associated with a social networking account within a physical establishment associated with the social networking entity based on a combination of:
an interaction between the computing device and a wireless source corresponding to a wireless source identifier from the list of wireless source identifiers from the profile of the social networking entity, and
information associated with the social networking entity;
generating a message based on the determined location of the computing device within the physical establishment associated with the social networking entity and information associated with the social networking account associated with the computing device; and
sending the message in a messaging thread between the social networking entity and the social networking account associated with the computing device.

US Pat. No. 10,972,422

PRESENTING AN ELECTRONIC MESSAGE

INTERNATIONAL BUSINESS MA...

1. A system for presenting an electronic message, the system comprising:a processor;
memory communicatively connected to the processor; and
a presenting system, the presenting system comprising:
a receiving engine, comprising the processer and the memory, to receive an encrypted electronic message, the electronic message comprising a message originator, a message recipient, and a digital stamp wherein the digital stamp is associated with a social network, wherein each digital stamp comprises an identification value based on the message originator and a contents of the electronic message;
a validating engine, comprising the processer and the memory, to validate the digital stamp by contacting the social network associated with each digital stamp wherein the digital stamp limits a number of times the digital stamp is referenced and to transform the digital stamp into a token and to use the token to decrypt the encrypted message;
a retrieving engine, comprising the processer and the memory, to retrieve from the social network, based on the digital stamp, additional data associated with the electronic message, the additional data comprising a remaining portion of the electronic message not originally included in the electronic message;
an identifying engine, comprising the processer and the memory, to identify, when the digital stamp is validated, a social relationship between the message recipient and the message originator using the social network corresponding to that digital stamp; and
a displaying engine, comprising the processer and the memory, to display, with the electronic message, an indication of a closest degree of the social relationship in multiple social networks, the degree of the social relationship comprising an identification as to whether the message originator and the message recipient are directly socially connected or indirectly socially connected based on the social network, the digital stamp defining the degree of social relationship and wherein the social relationship is displayed with the electronic message; and
filtering the electronic messages based on the social relationship in response to a determination that the social relationship exceeds a threshold as defined by the digital stamp, the threshold indicating that the social relationship is too distant to allow access to the additional data associated with the electronic message.

US Pat. No. 10,972,421

METHOD FOR DETECTING AND REPRODUCING RADIOTELEPHONY MESSAGES EMITTED BY A PLURALITY OF TRANSMITTERS VIA RADIO AND DEVICE THEREFOR

Frequentis AG, Vienna (A...

1. A method for detecting and reproducing radiotelephony messages emitted by a plurality of transmitters via radio at an air traffic controller workplace, which comprises the steps of:analyzing whether the radiotelephony messages arriving at the air traffic controller workplace overlap one another chronologically, and if the radiotelephony messages overlap, perform the sub-steps of:
prioritizing one of the radiotelephony messages and immediately emitting a prioritized radiotelephony message to the air traffic controller workplace;
buffering at least one other of the radiotelephony messages resulting in at least one buffered radiotelephony message; and
emitting the at least one buffered radiotelephony message to the air traffic controller workplace after an end of the prioritized radiotelephony message.

US Pat. No. 10,972,420

AUTOMATIC NOTIFICATION GENERATION FOR ELECTRONIC PROCESSING SYSTEMS

International Business Ma...

1. A computer implemented method of processing delivered electronic messages, the method comprising:receiving, by a processor, a delivered message;
identifying, using natural language processing, content of the delivered message;
generating, based on the content of the delivered message, a first importance score for the delivered message, respectively, for each of two or more recipients of the delivered message, wherein the first importance score is based on a temporal relevance respectively associated with each of the two or more recipients;
sending, in response to the first importance score fulfilling a predefined delivery condition, a notification to at least one recipient of the delivered message, wherein a form of the notification is generated based on the first importance score as it relates to the temporal relevance;
receiving a second delivered message, where the second delivered message is submitted to the at least one recipient;
determining that the second delivered message is related to the delivered message, wherein determining that the second delivered message is related to the delivered message is based on identifying content of the second delivered message; and
updating, in response to determining the relation between the delivered message and the second delivered message, the first importance score of the delivered message, wherein the updating of the first importance score changes the temporal relevance and the form of the notification.

US Pat. No. 10,972,419

ARCHIVING MESSAGES WITHOUT MESSAGE COPYING

Telefonaktiebolaget LM Er...

1. A method of operation of a client device for archiving messages in a message store managed by a server, the method comprising:making a determination at the client device to archive a message that is stored in a first mailbox of the message store; and
upon making the determination, sending an instruction to the server to set an Archived flag for the message without sending an instruction to the server to copy or move the message from the first mailbox of the message store to a second mailbox of the message store,
wherein the Archived flag is a flag which indicates that the message is to be archived, and
wherein the message stored in the first mailbox of the message store is expunged from the first mailbox of the message store after an expiry period, when the Archived flag is not set for the message.

US Pat. No. 10,972,418

SYSTEMS AND METHODS FOR DYNAMICALLY ASSOCIATING THREAD LABELS WITH MESSAGES IN A MOBILE ENVIRONMENT

THREADY, INC., Santa Mon...

1. A system, comprising:one or more processors;
a memory storing instructions that, when executed by the one or more processors, cause the system to:
provide, responsive to a first selection on a first device, a first messaging interface for electronic messaging, the first messaging interface comprising a message composition zone and a conversation pane configured to present a conversation feed;
wherein the conversation feed of the first messaging interface includes each of the one or more electronic messages that have not been associated with any thread label by a user or a recipient; and
wherein the conversation feed of the first messaging interface excludes each of the one or more electronic messages that have been associated with any thread label by the user or the recipient;
provide, from within the first messaging interface, an option to associate a thread label with one or more electronic messages displayed within the first messaging interface;
associate, responsive to a selection of the option by the user from within the first messaging interface, the thread label with one or more electronic messages of the plurality of electronic messages displayed within the first messaging interface;
provide, responsive to a second selection on the first device, a second messaging interface for electronic messaging, the second messaging interface comprising: a message composition zone, and a conversation pane configured to present a conversation feed;
wherein the conversation feed of the second messaging interface includes each of the one or more electronic messages associated with the thread label by either the user or the recipient; and
wherein the conversation feed of the second messaging interface excludes electronic messages of the plurality of messages not associated with the thread label;
associate, responsive to an electronic message being provided for transmission by the user or the recipient from within the second messaging interface, the thread label corresponding to the second messaging interface with the electronic message;
provide, from within the second messaging interface, an option to disassociate the thread label from one or more electronic messages of the plurality of electronic messages previously associated with the thread label;
disassociate, responsive to a selection of the option by the user from within the second messaging interface, the thread label from one or more electronic messages of the plurality of electronic messages previously associated with the thread label;
monitor the plurality of electronic messages to detect post-transmission thread label association changes and thread label disassociation changes made by one or more of the user and the recipient; and
propagate, responsive to detecting a thread label association or disassociation change to an electronic message made by one of the user and the recipient, the thread label association or disassociation change to the other of the user and the recipient such that the thread label association or disassociation change is reflected in the first and second messaging interfaces of the first device and in a messaging interface provided on a second device used by the recipient.

US Pat. No. 10,972,417

DETECTING MESSAGES WITH OFFENSIVE CONTENT

1. A method comprising:receiving, by one or more computers, first data that represents message content and is derived from input data input to a first user device by a user;
determining, by one or more computers and prior to communication of second data to a second user device that, when processed by the second user device, causes the second user device to display the message content on a display of the second user device, whether the first data represents message content that is likely offensive content, wherein determining whether the received first data represents message content that is likely offensive content comprises:
providing, by one or more computers, at least a portion of the received first data to a machine learning model that has been trained to detect a likelihood that a message includes offensive content; and
obtaining, by one or more computers, output data that was generated by the machine learning model based on the machine learning model processing the provided first data;
in response to determining, by one or more computers and based on the obtained output data, that the first data represents message content that is likely offensive content, generating alert data that, when processed by the first user device, causes the first user device to display (i) an indication that the message content includes offensive content and (ii) a prompt that asks the user to confirm that the second data is to be communicated to the second user device; and
providing, by one or more computers, the generated alert data to the first user device.

US Pat. No. 10,972,416

NETWORK BASED PERSONAL NUMBER BLOCKING

T-Mobile USA, Inc., Bell...

1. A system comprising:a processor;
memory; and
a component stored in the memory and executable by the processor to perform operations comprising:
receiving, from a first user equipment (UE) and at a network device, a personal number to be blocked, the first UE having a first user profile associated with the first UE and stored in the network device remote from the first UE, the personal number associated with a second UE and an alias number, the alias phone number being one of a plurality of alias phone numbers associated with a second user profile associated with the second UE;
updating one or more personal number blocking preferences with the personal number in the first user profile;
receiving, from the second UE and via a network, a communication request directed to the first UE;
determining, by the network device, that the communication request is associated with the personal number;
refraining, based at least on the communication request being associated with the personal number, from notifying the first UE of the communication request;
determining that the one or more personal number blocking preferences are associated with a native number associated with the first UE and at least one alias phone number, the at least one alias phone number associated with the first UE and a computing appliance.

US Pat. No. 10,972,415

TEMPORARY SUSPENSION OF ELECTRONIC COMMUNICATIONS

Acoustic, L.P., New York...

1. A non-transitory computer-readable medium embodying a program executable in a computing device, comprising:code configured to receive a first request to suspend transmission of electronic communications to a recipient during a suspension period, wherein the first request is associated with a recipient identifier (ID) and is received in response to a determination to suspend transmission, wherein the determination to suspend transmission is based at least in part on a magnitude of sales to the recipient that is associated with a previous transmission of electronic communications to the recipient, and wherein the sales include transactions initiated from the previous transmission of electronic communications to the recipient;
code configured to associate the recipient ID with a suspension state in response to receiving the first request to suspend transmission of the electronic communications;
code configured to receive a second request to transmit an electronic communication to the recipient; and
code configured to prevent transmitting the electronic communication to the recipient during the suspension period based on the association of the recipient ID with the suspension state.

US Pat. No. 10,972,414

ELECTRONIC DEVICE AND METHOD FOR IMAGE CONTROL THEREOF

Samsung Electronics Co., ...

1. An electronic device comprising:a display;
a communication interface comprising interface circuitry; and
a processor,
wherein the processor is configured to:
receive, via a messaging service, a plurality of multimedia data from an external electronic device via the communication interface, the plurality of multimedia data comprising first and second multimedia data;
arrange images corresponding to the plurality of multimedia data via a messenger application in an application layer, and display the images on a messenger user interface (UI) corresponding to the messenger application in an order in an overlapping manner so that a portion of a first image corresponding to the first multimedia data is covered by at least part of a second image corresponding to the second multimedia data; and
in response to a touch and drag input on the second image on the messenger UI, move the second image in a manner so as to uncover at least part of the portion of the first image that was previously covered by the at least part of the second image;
wherein the plurality of multimedia data further comprises third multimedia data, and a portion of the second image is covered by at least part of a third image corresponding to the third multimedia data, and
wherein the processor is further configured to, in response to the touch and drag input on the second image, move the second image and the third image together.

US Pat. No. 10,972,413

SYSTEM AND METHOD FOR MONITORING, BLOCKING ACCORDING TO SELECTION CRITERIA, CONVERTING, AND COPYING MULTIMEDIA MESSAGES INTO STORAGE LOCATIONS IN A COMPLIANCE FILE FORMAT

Commvault Systems, Inc., ...

1. A computer system comprising:a plurality of first computing devices comprising computer hardware and one or more first storage devices that communicate, wherein the plurality of first computing devices electronically send a plurality of messages to a plurality of destinations via a network, wherein at least a portion of the plurality of messages comprise multimedia messages in different file formats; and
a plurality of compliance monitoring agents within the network that monitor the plurality of messages, the plurality of compliance monitoring agents comprising at least a second computing device comprising computer hardware that is in communication with the plurality of first computing devices, the plurality of compliance monitoring agents configured to:
block a first multimedia message that meets a selection criteria from being sent to an intended destination; and
direct storage of a copy of the first multimedia message that meets the selection criteria by automatically directing a conversion of the copy of the first multimedia message into a compliance file having a compliance file format, and store the compliance file in a storage device specified in a compliance policy.

US Pat. No. 10,972,412

SYSTEMS AND METHODS FOR DISTRIBUTED ELECTRONIC COMMUNICATION AND CONFIGURATION

CORDIAL EXPERIENCE, INC.,...

1. A communications platform, comprising:at least one hardware processor;
a database configured to store profile data for a plurality of contacts, a plurality of audience filters, and a plurality of triggered messaging processes;
at least one executable software module that, when executed by the hardware processor, performs operations comprising:
presenting a user interface to a user, the user interface configured to allow the user to define a plurality of supplemental events associated with the user's interaction with the platform or communications generated by the platform;
detecting one of the plurality of supplemental events associated with the plurality of contacts, which are remote from the platform;
for each of the plurality of events, when an event is detected:
collecting environment data associated with the event;
correlating the environment data and detected supplemental data;
collecting profile event data;
correlating the profile event data with the environmental data, detected supplemental data, or both, wherein the profile event data includes one or more events altering the profile data of a contact of the plurality of contacts;
configuring one of the stored triggered messaging process that defines a plurality of actions based on the detected supplemental data and based on the correlation between such data and the environment data, and wherein the plurality of actions are further based on the profile event data, the correlation between the profile event data with the environmental data, detected supplemental data, or both, or both the profile event date or such correlation; and
performing the plurality of actions defined by the configured triggered message process.

US Pat. No. 10,972,411

CONDITIONAL AUTOMATIC SOCIAL POSTS

Oracle International Corp...

1. One or more non-transitory computer-readable media storing instructions which, when executed by one or more hardware processors, cause:receiving, through a user interface by a social media management system executing on one or more computing devices, user input that identifies a set of one or more conditions for triggering an automated action with respect to a candidate post on at least one social media channel, wherein at least one condition in the set of one or more conditions defines at least one threshold that a metric is relevant to at least one of the candidate post or a target of the candidate post;
monitoring, by the social media management system executing on one or more computing devices, one or more social media channels for target content that has been posted on at least one social media channel of the one or more social media channels;
in response to detecting, by the social media management system executing on one or more computing devices, that the target content has been posted on at least one social media channel of the one or more social media channels:
determining, by the social media management system, at least one probabilistic characteristic associated with the target content;
determining a relevance score for the at least one probabilistic characteristic as a function of at least (a) a probability that the probabilistic characteristic applies to at least one of the candidate post or the target of the candidate post, or (b) a confidence that the metric is accurate and (c) a temporal weight based on recency for which the probabilistic characteristic was measured;
determining, by the social media management system based on at least the relevance score for the at least one probabilistic characteristic, whether the set of one or more conditions are satisfied including whether the relevance score satisfies the at least one threshold that the metric is relevant to at least one of the candidate post or the target of the candidate post;
in response to determining that the set of one or more conditions are satisfied, triggering, by the social media management system, the automated action with respect to the candidate post on at least one social media channel responsive to the target content, wherein determining that the set of one or more conditions are satisfied includes determining that the relevance score satisfies the at least one threshold that the metric is relevant to at least one of the candidate post or the target of the candidate post.

US Pat. No. 10,972,410

MANAGING CONTEXT INFORMATION BETWEEN CHATBOT AND USER DEVICE

KAKAO CORP, Jeju-si (KR)...

1. A chatbot server that manages context information between a chatbot and a user device, comprising:a receiving unit that receives, from a messenger server, a question message input for a service selected from multiple services by the user device and service account information corresponding to the selected service;
a derivation unit that derives an answer to the question message by using the chatbot corresponding to the service account information; and
a context information management unit that manages context information of a chat between the user device and the chatbot based on the question message and/or the answer by:
selecting at least one from multiple data structure forms,
mapping key values to respective ones of the selected data structure forms, and
activating a specific detailed function, set for the selected data structure form, corresponding to the mapped key values to manage the respective context information.

US Pat. No. 10,972,409

VNFM ASSISTED FAULT HANDLING IN VIRTUAL NETWORK FUNCTION COMPONENTS

OPEN INVENTION NETWORK LL...

1. A system, comprising:an operational state machine that sends a next state request message to a Virtual Network Function Manager (VNFM);
determines an operational state of a peer Virtual Network Function Component Instance (VNFCI) when the peer VNFCI is online;
sends a first next state response message with a standby state to the VNFCI when the peer VNFCI operational state is active;
sends a second next state response with an active state to the VNFCI when the peer VNFCI operational state is not active;
examines, in the VNFCI, a next state attribute in a received next state response message;
stays in a standby state when the next state attribute is standby; and
transitions to active state when the next state attribute is active.

US Pat. No. 10,972,408

CONFIGURABLE PACKET ARBITRATION WITH MINIMUM PROGRESS GUARANTEES

Apple Inc., Cupertino, C...

15. A method comprising:assigning, by an arbiter, a minimum progress guarantee number of arbitration wins to two or more sources of a plurality of sources;
prioritizing selecting sources which have not reached their minimum progress guarantee number when packets from multiple sources are concurrently eligible for arbitration; and
in response to determining the two or more sources have received a number of arbitration wins at least equal to their corresponding assigned minimum progress guarantee number of arbitration wins for a current interval, determining, for a remainder of the current interval, which source wins arbitration in a given cycle based on which source has a lowest grant counter, wherein each grant counter tracks how often a corresponding source has won arbitration.

US Pat. No. 10,972,407

SYSTEMS AND METHODS FOR NETWORK STACK

Facebook Technologies, LL...

1. A method comprising:starting a network-coordination service, a network-interface component, and an application as separate processes within a user space of an operating system of a device, wherein the application has permission to open inter-process communication (IPC) channels directly with the network-coordination service and lacks permission to open IPC channels directly with the network-interface component, and the network-coordination service has permission to open IPC channels directly with the network-interface component;
receiving, by the network-coordination service, a request from the application to connect with a host;
selecting, by the network-coordination service and in response to the request, the network-interface component to service the request to connect with the host, wherein the network-interface component is associated with a network interface of the device;
allocating, by the network-coordination service, a shared memory region for the application and the network-interface component, wherein the shared memory region is associated with a reference; and
sending, by the network-coordination service, the reference to the application, wherein the reference is configured to be used by the application to access the shared memory region; wherein the shared memory region is configured to be used by the application and the network-interface component to communicate packet data.

US Pat. No. 10,972,406

INDICATING WHETHER A USER DEVICE CAN ACCESS A COMPUTING RESOURCE BASED ON WHETHER A CURRENT TIME FALLS WITHIN ONE OR MORE TIME SLOTS ASSOCIATED WITH THE COMPUTING RESOURCE

Citrix Systems, Inc., Fo...

1. A computer-implemented method, comprising:determining first data, stored in at least one storage medium, that associates a first computing resource with at least one time slot;
determining that a current time is within the at least one time slot;
based at least in part on the first data and the current time being within the at least one time slot, causing a first device to display a first indication that the first computing resource can be accessed using the first device;
determining that the current time is outside the at least one time slot; and
based at least in part on the first data and the current time being outside the at least one time slot, causing the first device to cease displaying the first indication.

US Pat. No. 10,972,405

SCALING NETWORK FUNCTIONS

Metaswitch Networks Ltd.,...

1. A method of determining trigger conditions for scaling a scalable unit of network function, the method comprising:receiving metrics data corresponding to a plurality of different metrics associated with usage of an instance of a scalable unit of network function, the plurality of different metrics each being indicative of one or more usage characteristics associated with the instance;
identifying a primary set of one or more of said metrics as a primary indicator of occurrence of a load state of the instance;
determining, based on the received metrics data, usage points when the primary indicator indicates that the load state occurs;
deriving, from the received metrics data:
a secondary set of one or more of said metrics, different to the primary set, as a secondary indicator of occurrence of the load state of the instance, at each of a group of one or more of the usage points when the primary indicator indicates that the load state occurs;
a group of one or more headroom-adjusted usage points by adding a headroom to each of the group of one or more of the usage points when the primary indicator indicates that the load state occurs; and
measured data corresponding to one or more values of the one or more metrics in the secondary set of one or more metrics at each of the group of one or more headroom-adjusted usage points;
determining at least one criterion for predicting future values of each of the secondary set of one or more metrics, based on a current value of each of the secondary set of one or more metrics and historical data relating to a pattern of usage of the unit of network function;
determining a traffic profile associated with the instance, the traffic profile comprising data indicative of one or more types of network traffic being directed to the instance; and
storing a secondary trigger condition for scaling said unit of network function based on the determined traffic profile and said predicted values of said secondary set and said measured data.

US Pat. No. 10,972,404

GENERATE DEPLOY AND PROVISION A CUSTOMIZED CLOUD DEVICE APPLICATION USING A SOFTWARE SERVICE AND DEVICE STORE

RAPYUTA ROBOTICS CO., LTD...

1. A computer implemented method to generate and deploy a customized cloud device application, the method comprising:analyzing a deployment information of a software service included in the customized cloud device application;
based on the analysis, determining whether the software service is to be deployed at a cloud resource or one or more devices selected from a device store based on one or more device features;
based on the determination and a composition pattern of the customized cloud device application, sending a software service deployment request;
based on the software service deployment request, generating an instance of the software service;
deploying the generated instance of the software service to one of the cloud resource or the one or more devices;
based on a deployment information of the customized cloud device application, sending an application deployment request;
based on the application deployment request, generating an instance of the customized cloud device application;
binding the generated instance of the customized cloud device application and the deployed instance of the software service; and
deploying the generated instance of the customized cloud device application bound to the deployed instance of the software service to the one or more cloud resources or the one or more devices,
wherein the computer implemented method further comprises:
receiving a device registration information corresponding to plurality of cloud resources and plurality of devices; and
based on the received device registration information, registering the plurality of cloud resources and the plurality of devices.

US Pat. No. 10,972,403

STORAGE FAST PATH

Telefonaktiebolaget LM Er...

1. A method for controlling a first resource and a second resource in a system including a first component, a second component, and at least one host in a cloud environment; the at least one host hosting the second resource; the first resource being managed by the first component; the second resource being managed by the second component; wherein amongst the first component and the second component one comprises a compute component and the other comprises a storage component; and wherein amongst the first resource and the second resource one is a compute resource and the other is a storage resource; the method comprising:causing the first component to send an inquiry request to the second component, the inquiry request including an inquiry relating to the second resource;
causing the second component to send an inquiry response to the first component, the inquiry response including a host address for identifying the at least one host; and
causing a co-location of the first resource and the second resource on a single host based on the inquiry response, the single host being one amongst the at least one host and a further host hosting the first resource.

US Pat. No. 10,972,402

DYNAMIC MANAGEMENT OF INLINE ENTRIES IN HARDWARE ACROSS PROTOCOLS IN A SCALED ENVIRONMENT

Juniper Networks, Inc., ...

1. A method comprising:detecting, by a network device, an event, wherein the event triggers management of one or more periodic packet entries handled by the network device;
in response to detecting the event, determining whether an inline hardware table has space available;
in response to determining that there is no space available in the inline hardware table, comparing, by the network device, a first periodic interval of a head node of a first priority queue to a second periodic interval of a head node of a second priority queue:
wherein the first priority queue comprises first nodes associated with a first set of entries operating under a distributed mode of periodic packet management,
wherein in the distributed mode, periodic packet management is handled by processing circuitry at a software level of the network device,
wherein a head node of the first priority queue is associated with a distributed entry with the first periodic interval, wherein the first periodic interval is the shortest periodic interval relative to the first nodes in the first priority queue,
wherein the second priority queue comprises second nodes associated with a second set of entries operating under an inline mode of periodic packet management,
wherein in the inline mode, periodic packet management is handled by processing circuitry at a hardware level of the network device;
wherein the head node of the second priority queue is associated with an inline entry with the second periodic interval, wherein the second periodic interval is the longest periodic interval relative to the second nodes in the second priority queue; and
in response to determining based on the comparing that the first periodic interval is shorter than the second periodic interval, swapping, by the network device, the inline entry associated with the head node of the second priority queue to the first set of entries and the distributed entry associated with the head node of the first priority queue to the second set of entries.

US Pat. No. 10,972,401

MARINE PROPULSION CONTROL SYSTEM AND METHOD WITH CONFIGURATION FUNCTIONALITY VIA CAN BUS

Brunswick Corporation, M...

1. A marine propulsion control system comprising:a first controller area network (CAN) bus communicatively connecting two or more devices to facilitate communication of CAN messages therebetween;
a helm controller (HCM) associated with at least one propulsion device and having an HCM CAN transceiver to facilitate receipt and transmission of CAN messages by the HCM on the first CAN bus;
wherein the HCM is configured to:
receive a silence CAN message via the first CAN bus;
determine that the silence CAN message is directed to itself; and
in response to the silence CAN message, cease transmitting any CAN message on the first CAN bus and/or cease CAN-related diagnostics so as to reduce traffic on the first CAN bus.

US Pat. No. 10,972,400

MAINTENANCE OF DOWNLINK THROUGHPUT

AltioStar Networks, Inc.,...

1. A computer-implemented method for transmission of data packets, the method comprising:establishing a communication link between a first device and a second device in accordance with a transmission control protocol for transmission of a data packet between the first device and the second device, the first device maintaining a fixed size receive window for transmission of data packets to the second device;
monitoring the communication link during transmission of the data packet from the second device to the first device; and
approximating, based on the monitoring, at least a portion of a bandwidth available for transmission of an acknowledgement from the second device to the first device, the acknowledgement indicating receipt of the data packet performing by the second device.

US Pat. No. 10,972,399

METHOD OF DETERMINING PASSIVE ROUND TRIP TIME, RTT, DELAY IN A TELECOMMUNICATIONS SYSTEM

Telefonaktiebolaget LM Er...

1. A method of determining a passive Round Trip Time (RTT) delay in a telecommunications system for exchanging data packets in accordance with a data transmission protocol between a first device and a second device operatively connected to the telecommunications system, wherein the first device is identified by a first device identification, wherein the second device is identified by a second device identification, wherein the data packets comprise an address part including a source address and a destination address, the method comprising:receiving, by a node in the telecommunications system, a data packet originating from the first device and directed to the second device, the address part of the data packet comprising the first device identification as source address and the second device identification as destination address; and
when the data transmission protocol refers to a Quick User Datagram Protocol (UDP) Internet Connections (QUIC) protocol;
modifying, by the node, the first device identification of the source address of the received data packet;
modifying, by the node, the received data packet having an address part comprising the modified first device identification as source address and the second device identification as destination address to provide a modified data packet;
linking, by the node and in an address translation table, the address part of the received data packet with the address part of the modified data packet;
transmitting, by the node and at a first point in time, the modified data packet to the second device;
receiving, by the node and at a second point in time and from the second device, a further data packet, the further data packet having an address part comprising the modified first device identification as destination address and the second device identification as source address;
modifying, by the node, the received further data packet having an address part comprising the first device identification as destination address and the second device identification as source address, using the address translation table, to provide a modified further data packet;
transmitting, by the node, the modified further data packet to the first device; and
determining, by the node, the RTT delay from the first and second points in time.

US Pat. No. 10,972,398

METHOD AND APPARATUS FOR PROCESSING LOW-LATENCY SERVICE FLOW

HUAWEI TECHNOLOGIES CO., ...

1. A method for processing a low-latency service flow, wherein the method comprises:obtaining, by a first forwarding device, a low latency identifier after determining that a received first data packet belongs to a first service flow, wherein the first forwarding device serves as a network ingress, and wherein the first service flow is a low-latency service flow;
obtaining, by the first forwarding device, a second data packet based on the first data packet and the low latency identifier, wherein the second data packet comprises the first data packet and the low latency identifier, wherein the low latency identifier instructs a forwarding device receiving the first service flow to forward the first service flow in a low-latency forwarding mode comprising a mode in which fast forwarding of the first service flow is implemented under dynamic control;
sending, by the first forwarding device, control information to the second forwarding device, the control information controlling a status of the low-latency forwarding mode, wherein the control information comprises a start moment and an end moment of the low-latency forwarding mode; and
sending, by the first forwarding device, the second data packet to a second forwarding device in the low-latency forwarding mode.

US Pat. No. 10,972,397

SELF-DRIVING PACKETS WITH CONDITIONAL COMMANDS

Futurewei Technologies, I...

10. A method comprising:receiving, at a receiver in a network device, a data flow including a data packet, the data packet including a conditional command;
obtaining, by a processor in the network device, a command from the conditional command;
obtaining, by the processor, a condition set from the conditional command, the condition set including a plurality of conditions to be satisfied before the command is executed such that the command is ignored when the condition set is not satisfied, and the plurality of conditions comprising a state of the network device processing the data packet;
obtaining a value from an and/or field from the conditional command, the value being a first value when the plurality of conditions must all be met to satisfy the condition set and execute the command, the value being a second value different from the first value when any of the plurality of conditions can be met to satisfy the condition set and execute the command;
determining, by the processor, that the condition set is satisfied; and
based on the determination that the condition set is satisfied, executing, by the processor, the command to alter handling of the data flow, alter handling of the data packet, or alter a flow context for the data flow.

US Pat. No. 10,972,396

MAPPING NETWORK FRAME FLOWS TO CLASSES OF SERVICE TO MINIMIZE NETWORK FRAME FLOW DISRUPTION

Hewlett Packard Enterpris...

1. A network edge routing device for a network, comprising:an inside network interface to receive network frames from inside the network; an outside network interface to transmit the network frames to outside the network; and hardware logic to:determine a mapping between network frame flows and classes of service that minimizes network frame flow disruption during class-based network frame flow control initiated outside the network; andtransmit the mapping to a network interior device within the network that generates the network frame flows and transmits the network frame flows to the network edge routing device, the network edge routing device receiving the network frame flows at the inside network interface and routing the network frame flows at the outside network interface;
wherein determining the mapping comprises:
grouping a plurality of network destinations into a plurality of destination groups equal in number to the classes of service; and
assigning each destination group of the network destinations to a different one of the classes of service, thereby allowing the network interior device to assign a plurality of network frames for routing by the network edge routing device with the classes of service in accordance with the network destinations of a plurality of flows of the network frame;
wherein the outside network interface comprises a plurality of outside network ports, and wherein determining the mapping comprises:
grouping the plurality of outside network ports into a number of port groups; and
mapping each port group to a different class of service, thereby facilitating the network interior device to generate a class-of-service tag for each network frame based on the mapping.

US Pat. No. 10,972,395

METHOD AND DEVICE FOR GRANTING AND ACQUIRING QUALIFICATION

Xiaomi Inc., Beijing (CN...

1. A method for granting a qualification, comprising:receiving, at a server, a qualification sharing request sent by a granting account for granting a granted account a prioritized application qualification for a target service provided by the server via a wireless or wired network, the qualification sharing request carrying a service identification of the target service and communication information of the granted account, the prioritized application qualification being a qualification to apply for using the target service with a higher priority than an account without the prioritized application qualification, the target service provided by the server being a service with a supplied quantity less than a demanded quantity;
determining, by the server, whether the granting account has previously used the target service and whether a number of received qualification sharing requests for the target service has reached a maximum value; and
in response to a determination that the granting account has previously used the target service and the number of received qualification sharing requests for the target service has not reached a maximum value, granting, by the server, the granted account the prioritized application qualification.

US Pat. No. 10,972,394

NETWORK CONGESTION MANAGEMENT

Hewlett Packard Enterpris...

1. A method comprising:setting an uncongested sequence length threshold to a first value;
setting a completed transaction received (CTR) count to an initial value;
incrementing the CTR count in response to completion of a transaction request;
in response to a detected congestion event,
decreasing an injection rate such that the decreased injection rate corresponds to a proportion of traffic transmitted by a source node to a congested destination node relative to other destination nodes;
determining a second value for the uncongested sequence length threshold from the CTR count; and
setting the uncongested sequence length threshold to the second value; and
in response to the CTR count being greater than or equal to the uncongested sequence length threshold, increasing the injection rate.

US Pat. No. 10,972,393

REPEATER

DENSO CORPORATION, Kariy...

1. A communication system comprising:a first repeater;
a first electronic control unit (ECU) in direct communication with the first repeater and having a first ECU identifier set in accordance with a vehicle type, wherein the vehicle type is one of a plurality of different vehicle types;
a second ECU in direct communication with the first repeater and having a second ECU identifier set in accordance with the vehicle type;
a second repeater;
a third ECU in direct communication with the second repeater and having a third ECU identifier set in accordance with the vehicle type;
a fourth ECU in direct communication with the second repeater and having a fourth ECU identifier set in accordance with the vehicle type;
wherein the first repeater includes:
a retransmission unit;
a determiner;
a generator;
a non-transitory computer-readable memory including: a routing map, a node reception map, a node connection map, and a channel identification (ID) map; and
a communication unit including: a first channel in direct communication with the first ECU, a second channel in direct communication with the second ECU, and a third channel in direct communication with the second repeater, and
wherein the third channel is in indirect communication with the third ECU and the fourth ECU through the second repeater.

US Pat. No. 10,972,392

PATH SWITCHING

NEW H3C TECHNOLOGIES CO.,...

1. A path switching method, applicable to a routing device in a Software Defined Network (SDN) and comprising:receiving a forwarding entry that is issued by an SDN controller and is used for forwarding a first flow, and storing the forwarding entry locally; wherein when the routing device is determined as a key forwarding device of the first flow by the SDN controller, the locally stored forwarding entry for forwarding the first flow comprises a first forwarding entry and a second forwarding entry; a priority of the first forwarding entry is higher than a priority of the second forwarding entry and the priorities of the first forwarding entry and the second forwarding entry are larger than a predefined minimum value; the first forwarding entry is generated by the SDN controller according to a primary forwarding path determined for the first flow, and the second forwarding entry is generated by the SDN controller according to a secondary forwarding path determined for the first flow; when the routing device is located in the primary forwarding path but is not determined as the key forwarding device of the first flow by the SDN controller, the locally stored forwarding entry for forwarding the first flow comprises one forwarding entry having a priority higher than the predefined minimum value; and
receiving the first flow; when determining that the locally stored forwarding entry for forwarding the first flow comprises the one forwarding entry having the priority higher than the predefined minimum value and detecting that a link connected to an egress port in the locally stored forwarding entry has failed, setting the priority of the locally stored forwarding entry as the predefined minimum value; and returning the first flow to the key forwarding device to trigger the key forwarding device to forward the first flow according to the second forwarding entry,
wherein returning the first flow to the key forwarding device comprises:
determining, in the locally stored forwarding entry for forwarding the first flow, an ingress port via which the first flow enters the routing device;
encapsulating the first flow with a special flow identity, wherein the special flow identity is used for matching with a special flow entry, and the special flow entry is used for returning the first flow to the key forwarding device, is issued by the SDN controller to the routing device in the primary forwarding path of the flow, wherein the special flow entry is only matched with the special flow identity; and
forwarding the first flow with the special flow identity via the ingress port.

US Pat. No. 10,972,391

FULL-PATH VALIDATION IN SEGMENT ROUTING

Cisco Technology, Inc., ...

1. An apparatus, comprising:one or more network interfaces to communicate with a network;
a processor coupled to the network interfaces and configured to execute one or more processes; and
a memory configured to store a process executable by the processor, the process when executed configured to:
receive a packet that includes a segment routing header that comprises a set of segment identifiers and a list of one or more unique identifiers for one or more nodes along a path from a sender of the packet to a destination in the network;
identify the list of one or more unique identifiers from the segment routing header of the packet;
determine that the packet was not sent via the path based in part on the identified list of one or more unique identifiers from the segment routing header of the packet by comparing a particular identifier from the list of unique identifiers in the segment routing header to a local identifier maintained by the particular node; and
notify the sender of the packet in the network that the packet was not sent via the path.

US Pat. No. 10,972,390

TCP SEGMENTATION OFFLOAD IN A SERVER ON A CHIP

Ampere Computing LLC, Sa...

1. A server on a chip, comprising:a plurality of coprocessors that segment batches of data in parallel;
a system processor configured for storing a batch of data in a memory and generating header information specifying an IP address for the batch of data and a size of the batch of data;
wherein a coprocessor of the plurality of coprocessors is configured for receiving the header information and splitting the batch of data into a plurality of segments, wherein a size of a segment is based on a maximum transmission unit size of a network interface, and wherein the coprocessor of the plurality of coprocessors is further configured for attaching the header information to the segments and adjusting a sequential number field of the header information based on the plurality of segments;
a queue manager configured for sending the segments to the address specified in the header information and further configured for facilitating communication between the plurality of coprocessors;
a device driver configured for forwarding header information associated with the batch of data from the memory to the coprocessor in response to receiving a device driver call from the system processor, wherein the device driver forwards the header information to the coprocessor via the queue manager;
wherein the system processor, the plurality of coprocessors, the queue manager, and the device driver reside on a single chip.

US Pat. No. 10,972,389

NEXT-HOP COMPONENT SELECTION ALONG A SERVICE FUNCTION PATH

International Business Ma...

1. A computer-implemented method, comprising:receiving, by one or more processors, a request for selecting a next-hop component for a packet from a group in a service function chain enabled domain, wherein the group comprises a plurality of components and each of the plurality of components has a substantially similar function in the service function chain enabled domain;
collecting, by the one or more processors, a delay measurement for packets of each of the plurality of components from a measurement agent in the service function chain enabled domain which monitors the delay measurement for the packets of each of the plurality of components;
selecting, by the one or more processors, at least one component from the plurality of components based on the delay measurement for the packets of each of the plurality of components; and
returning, by the one or more processors, an indicator indicating the selected at least one component as a response to the request;
wherein any component of the plurality of components comprises one of following: a service function forwarder and a service function instance.

US Pat. No. 10,972,388

FEDERATED MICROBURST DETECTION

CISCO TECHNOLOGY, INC., ...

1. A computer-implemented method comprising:receiving, by a network device, within a specified total time period, a first set of packets associated with a first flow and a second set of packets associated with a second flow, the specified total time period including a plurality of incremental time periods of different durations based at least in part on a type of sensor, a type of node, or a type of flow bandwidth, the plurality of incremental time periods including a first incremental time period and a second incremental time period;
analyzing, by a sensor associated with the network device, the first set of packets to determine an amount of network utilization for each of the plurality of incremental time periods;
analyzing, by the sensor, the second set of packets to determine another amount of network utilization for each of the plurality of incremental time periods;
determining, by the sensor, the first incremental time period is associated with a threshold amount of the network utilization among the plurality of incremental time periods;
determining, by the sensor, the second incremental time period is associated with the threshold amount of the network utilization;
generating first flow summary data including an indication that the first incremental time period is associated with the threshold amount of the network utilization;
generating second flow summary data including another indication that the second incremental time period is associated with the threshold amount of the network utilization and a second amount of the network utilization associated with the second incremental time period; and
determining one of the first flow or the second flow contributed to a microburst based on the first flow summary data and the second flow summary data.

US Pat. No. 10,972,387

APPLICATION PERFORMANCE BASED PATH-SELECTION USING DYNAMIC METRICS

Versa Networks, Inc., Sa...

1. A method for selecting a path to an application through a Software-Defined Wide Area Network (SD-WAN), the method comprising:monitoring available paths through the SD-WAN to reach a hosted application to obtain performance metrics associated with the available paths through the SD-WAN on a per-application and per-path basis;
generating an application link score for a combination of the hosted application and an available path through the SD-WAN for the available paths through the SD-WAN, wherein the application link score is generated as a function of packet delay and packet loss; and
selecting a path for traffic to travel through the SD-WAN to access the hosted application based on application link scores corresponding to the available paths through the SD-WAN;
wherein the application link scores are calculated using a logistic function; andwherein the application link scores are generated as:
where Linear Predictor,
lp=A+B*Delay+C*RTX+D*Delay*RTX,V is a measurement constant that corresponds to an upper time limit, Delay corresponds to a time for a packet to travel across the available path, RTX corresponds to a retransmission ratio, and A, B, C, and D are constants.

US Pat. No. 10,972,386

SCALABLE MULTI-TENANT UNDERLAY NETWORK SUPPORTING MULTI-TENANT OVERLAY NETWORK

Juniper Networks, Inc., ...

1. A method comprising:configuring, by a first controller for a virtualized computing infrastructure, a plurality of underlay network segments in the virtualized computing infrastructure by configuring respective Virtual Extensible Local Area Network (VXLAN) segments of a plurality of VXLAN segments of a VXLAN in a switch fabric comprising network switches for the virtualized computing infrastructure, thereby enabling orchestration of multiple tenants in the VXLAN,
wherein each VXLAN segment of the plurality of VXLAN segments provides underlay network connectivity among a different subset of host computing devices of the virtualized computing infrastructure; and
configuring, by a second controller for a first subset of the host computing devices having underlay network connectivity by operation of a first VXLAN segment of the plurality of VXLAN segments, a plurality of overlay networks in the first subset of the host computing devices, thereby enabling orchestration of multiple subtenants of a tenant of the multiple tenants in the first subset of the host computing devices, the second controller different from the first controller.

US Pat. No. 10,972,385

METHODS AND APPARATUS TO PROVIDE A CONSUMER SERVICES CLOUD IN A COMMUNICATIONS NETWORK

1. Network cloud equipment, comprising:a processor; and
a memory that stores executable instructions that, when executed by the processor, facilitate performance of operations, comprising:
analyzing authentication information in a request for access to a communications network to identify which of multiple possible user identities associated with a communications network customer identity is a current user identity associated with a user equipment;
analyzing a first network communication based on a security rule to identify a security risk of the first network communication, the first network communication destined for the user equipment and diverted by a software-defined network switch;
accessing a profile corresponding to the current user identity to determine a rule to be used to handle further network communications transferred within the communications network from the user equipment of the communications network customer that are diverted via a software-defined network switch;
configuring the software-defined network switch to:
identify subsequent network communications, subsequent to the accessing, that correspond to the current user identity of the user equipment,
handle the subsequent network communications in accordance with the rule, and
route a second network communication between the user equipment and network equipment of the communications network in response to the authentication information indicating that the user equipment is authorized to access the communications network; and
configuring a forwarding table of the software-defined network switch to comply with information obtained from the user equipment by selectively blocking at least one of the subsequent network communications to comply with user network access control information.

US Pat. No. 10,972,384

PROCESSING OF DATA STREAM

New H3C Technologies Co.,...

1. A method of processing a data stream, the method comprising: detecting, by a gateway device, whether a node corresponding to each node identifier in a node identifier chain gets on-line, wherein the node identifier chain comprises a node identifier of a head node, node identifiers of one or more sequent service nodes via which the head node accesses a tail node, and a node identifier of the tail node; and in case that the node corresponding to each of the node identifiers gets on-line, distributing, by the gateway device, a first stream classifying strategy associated with the node identifier chain to hardware of the gateway device when the gateway device is a gateway device accessed by the head node, and forwarding, by the gateway device, the data stream which is from the head node to the tail node according to the node identifier chain based on the first stream classifying strategy when the data stream is received; and distributing, by the gateway device, a second stream classifying strategy associated with the node identifier chain to the hardware of the gateway device when the gateway device is a gateway device accessed by the service node, and forwarding, by the gateway device, the data stream which is from the head node to the tail node according to the node identifier chain based on the second stream classifying strategy when the data stream is received.

US Pat. No. 10,972,383

METHOD AND SYSTEM FOR PROCESSING NETWORK TRAFFIC USING EXPANDED LABELS

Arista Networks, Inc., S...

10. The non-transitory CRM of claim 8, further comprising additional computer readable program code, which when executed by the processor, further enables the processor to:make a second determination that the overlay network table includes a second entry for the first label portion; and
based on the first and second determinations, make a third determination to process the overlay frame using the entry based on a permutation priority,
wherein the processing of the overlay frame using the entry is further based on the second determination and the third determination.

US Pat. No. 10,972,382

DYNAMIC SHARED PROTECTION USING REDUNDANT NETWORK PATHS

Nokia Solutions and Netwo...

10. A method, comprising:selectively delaying first packets prior to insertion in a mesh network by a first time interval based on whether a failure has been detected in the mesh network, the first time interval corresponding to a maximum failure detection time interval for the mesh network; and
selectively delaying second packets received from the mesh network by a second time interval depending on whether the failure has been detected.

US Pat. No. 10,972,381

NETWORK OPERATIONS REACTIVE TO OPERATIONS DATA INCLUDED IN SEAMLESS BIDIRECTIONAL FORWARDING DETECTION (S-BFD) PACKETS

Cisco Technology, Inc., ...

1. A method comprising:receiving a particular Seamless Bidirectional Forwarding Detection (S-BFD) packet by a particular network node from another network node in a network, wherein the S-BFD packet includes a particular discriminator and particular operations data, with said received S-BFD packet including said particular operations data in an operations data field in a header of said received S-BFD packet; and
in response to identifying a particular reactive action of a plurality of different reactive actions based on the particular discriminator, the particular network node processing said particular S-BFD packet according to the particular reactive action;
wherein each of the plurality of different reactive actions is identifiable based on a different discriminator value; and
wherein the particular reactive action includes: determining a result based on processing of said particular operations data, and the particular network node sending into the network a response packet including the result.

US Pat. No. 10,972,380

METHOD FOR CONFIGURING A CONNECTION USING REDUNDANT SERVICE NODES

Versa Networks, Inc., Sa...

1. A method using redundant service nodes to redirect traffic from a second path between a first switch and a second switch to a first path between the first switch and the second switch, the method comprising:directing traffic along the second path by setting a link aggregation control protocol (LACP) link state of a first plurality of ports to STANDBY and the LACP link state of a second plurality of ports to SELECTED,
wherein a first service node comprises the first plurality of ports,
wherein a second service node comprises the second plurality of ports,
wherein the first path comprises a first link aggregation group (LAG), a second LAG, and the first service node,
wherein the first lag is a full duplex link,
wherein the second LAG is a half-duplex link,
wherein the second path comprises a third LAG, a fourth LAG, and the second service node,
wherein the first LAG connects the first switch to the first service node,
wherein the second LAG connects the first service node to the second switch,
wherein the third LAG connects the first switch to the second service node,
wherein the fourth LAG connects the second service node to the second switch,
wherein setting the LACP link state the first plurality of ports to STANDBY disables frame collection by the first service node on the first LAG and on the second LAG, and
wherein setting the LACP link state of the second plurality of ports to SELECTED enables frame collection by the second service node on the third LAG and on the fourth LAG; and
after directing traffic along the second path, redirecting traffic along the first path by setting the LACP link state of the first plurality of ports from STANDBY to SELECTED and the LACP link state of the second plurality of ports from SELECTED to STANDBY,
wherein setting the LACP link state of the first plurality of ports to SELECTED enables frame collection by the first service node on the first LAG and on the second LAG, and
wherein setting the second plurality of ports to STANDBY disables frame collection by second service node on the third LAG and on the fourth LAG.

US Pat. No. 10,972,379

APPLICATION PERFORMANCE BASED PATH-SELECTION

Versa Networks, Inc., Sa...

1. A method for selecting a path to an application through a Software-Defined Wide Area Network (SD-WAN), the method comprising:monitoring available paths through an SD-WAN to reach a hosted application to obtain performance metrics associated with the available paths through the SD-WAN on a per-application and per-path basis;
generating an application link score for a combination of the hosted application and an available path through the SD-WAN for the available paths through the SD-WAN; and
selecting a path for traffic to travel through the SD-WAN to access the hosted application based on application link scores corresponding to the available paths through the SD-WAN;
wherein monitoring available paths through the SD-WAN to reach a hosted application includes active monitoring at a hub node of the SD-WAN and passive monitoring at a branch node of the SD-WAN, and further comprising combining performance metrics from the active monitoring at the hub node with performance metrics from the passive monitoring at the branch node, and using the combined performance metrics to generate the application link score.

US Pat. No. 10,972,378

GEO-SEPARATION OF CONTROL AND BEARER NODES FOR A TELECOMMUNICATION SYSTEM

Ribbon Communications Ope...

1. A method comprising:with a distributed Session Border Controller (SBC), providing a plurality of first type nodes, each first type node configured to perform a control function to establish a connection between a first endpoint and a second endpoint or a bearer function to bear media traffic between the first endpoint and the second endpoint;
with the distributed SBC, providing a plurality of second type nodes, each second type node configured to perform the other of the control function or the bearer function, at least one of the plurality of first type nodes being geographically separate by a predetermined distance from at least one of the plurality of second type nodes; and
with the distributed SBC, changing a total number of at least one of the first type nodes and the second type nodes, in response to a predetermined event.

US Pat. No. 10,972,377

COORDINATED OFFLOADED RECORDING OF IN-SITU OPERATIONS, ADMINISTRATION, AND MAINTENANCE (IOAM) DATA TO PACKETS TRAVERSING NETWORK NODES

Cisco Technology, Inc., ...

1. A method, comprising:maintaining, by a first network node in one or more data structures, an operations processing offloading state of a second network node in a network, with the operations processing offloading state identifying whether the first network node is to offload particular operations processing from the second network node;
receiving a particular packet, by the first network node;
adding, by the first network node, first In-Situ Operations, Administration, and Maintenance (IOAM) data and second IOAM data to the particular packet, with the first IOAM data related to the first network node and the second IOAM data related to a second network node;
sending the particular packet, including said added first and second IOAM data, from the first network node;
wherein said second IOAM data is added to the particular packet in response to the operations processing offloading state identifying to perform said particular operations processing on behalf of the second network node, and wherein the first IOAM data includes proof of transit (PoT) information identifying the first network node, and the second IOAM includes PoT information identifying the second network node.

US Pat. No. 10,972,376

DISTRIBUTED STORAGE PATH CONFIGURATION

International Business Ma...

1. A method comprising:receiving, from a device, a storage target path discovery request;
collecting, in response to the storage target path discovery request, metrics associated with a storage target;
identifying, based on the collected metrics, available paths to the storage target;
determining a set of topology rules;
selecting, based on the topology rules and the collected metrics, a subset of the available paths;
prioritizing, based on the topology rules and the collected metrics, the subset of the available paths into a prioritized path data, wherein prioritizing includes ordering the subset of available paths according to the topology rules, wherein the subset of available paths is prioritized such that paths containing a same network node do not sequentially repeat in the prioritized path data;
storing the prioritized path data; and
transmitting the prioritized path data to the device.

US Pat. No. 10,972,375

SYSTEM AND METHOD OF RESERVING A SPECIFIC QUEUE PAIR NUMBER FOR PROPRIETARY MANAGEMENT TRAFFIC IN A HIGH-PERFORMANCE COMPUTING ENVIRONMENT

ORACLE INTERNATIONAL CORP...

1. A method of reserving a specific queue pair (QP) number for proprietary management traffic in a subnet of a network fabric, comprising:providing a host channel adapter, wherein the host channel adapter comprises a control circuit including a processor and a memory, and at least one port operative to connect the HCA to the network fabric;
providing a subnet management agent that executes on the host channel adapter;
storing a configurable attribute in the memory of the host channel adapter;
receiving, by the subnet management agent on a queue pair numbered 0 (QP0), from a subnet manager of the subnet, a communication including a number value and a command to configure the configurable attribute in the memory of the host channel adapter;
setting the value of the configurable attribute to the received number value;
in response to setting the value of the configurable attribute to the received number value, reserving a QP number for proprietary management traffic, wherein the QP number corresponds to the set number value of the configurable attribute, wherein the reserved QP number is other than QP0;
sending and receiving proprietary network management traffic on the reserved QP number.

US Pat. No. 10,972,374

MANAGED TIME SERVICE FOR COMPUTE RESOURCES

Amazon Technologies, Inc....

1. A computer-implemented method comprising:monitoring, by a control plane of a managed time service, a plurality of network time protocol (NTP) hosts to obtain performance data for the plurality of NTP hosts, each synchronizing time on the at least one host computer with a grandmaster clock;
storing the performance data for the plurality of NTP hosts in at least one database, the performance data including at least one of offset, network delay, dispersion, disk usage, or packet loss for each of the plurality of NTP hosts;
determining a first NTP host is underperforming by comparing the performance data for the first NTP host to a plurality of performance rules, the performance rules defined using an average of the performance data for the plurality of NTP hosts;
updating a zonal domain name system (DNS) to remove the first NTP host, wherein at least one host computer accesses the first NTP host using the zonal DNS;
determining a location associated with the at least one host computer;
identifying a second NTP host associated with the location in the zonal DNS; and
providing address data for the second NTP host to the at least one host computer.

US Pat. No. 10,972,373

VERTICAL HANDOVER

KONINKLIJKE KPN N.V., Ro...

1. A system for making a vertical handover decision between a first network and a second network, comprising:a first network,
a second network being a Wi-Fi network to which a terminal can attach through an Access Point,
a terminal configured to attach to both the first and second networks,
a fixed point in either the first or second network or in the Internet; and
wherein both the first and second networks allow information flow between the terminal and the fixed point, and wherein the terminal is configured to, when attached to the first network:
detect the second network;
perform a first bandwidth measurement representing available bandwidth along a first path length between the terminal and the fixed point, which first path length includes access to the fixed point through the first network;
obtain, while not being attached to the second network, a second bandwidth measurement representing available bandwidth along a second path length between the terminal and the fixed point, which second path length includes access to the fixed point through the second network, by requesting data for the second bandwidth measurement from the Access Point of the second network or from the fixed point through the first network;
compare the first bandwidth measurement to the second bandwidth measurement;
maintain attachment to the first network if the first bandwidth measurement is higher than the second bandwidth measurement;
make a decision to handover to the second network if the second bandwidth measurement is higher than the first bandwidth measurement.

US Pat. No. 10,972,372

SCHEDULING PROCESSING TASKS BASED ON PREDICTED CONTEXT

Apple Inc., Cupertino, C...

1. A method comprising:receiving, by a computing device, an activity request for determining when to perform an activity on the computing device, the activity request including one or more context parameters, the one or more context parameters indicating a future state of the computing device, wherein the future state of the computing device is selected from a group comprising: a future user context and a future device context, wherein the future user context is related to a user of the computing device and is predicted based on historical context data associated with the one or more context parameters, and wherein the future device context is related to a future operational state of the computing device;
determining, by the computing device, a threshold value for determining whether to perform the activity, the threshold value being determined based on the one or more context parameters and the historical context data;
determining, by the computing device, a current context score based on current context data associated with the one or more context parameters;
determining, by the computing device, that the current context score is greater than the threshold value; and
performing, by the computing device, the activity corresponding to the activity request in response to determining that the current context score is greater than the threshold value.

US Pat. No. 10,972,371

TECHNOLOGIES FOR GPU ASSISTED NETWORK TRAFFIC MONITORING AND ANALYSIS

Intel Corporation, Santa...

1. A computing device to monitor network traffic, the computing device comprising:a graphics processing unit;
a hardware accelerator;
one or more processors; and
a memory including a plurality of instructions stored thereon that, when executed by the one or more processors, cause the computing device to:
manage computing resources of the computing device, wherein the computing resources include one or more virtual machines to process the network traffic;
monitor, by the graphics processing unit of the computing device, the network traffic processed by the one or more virtual machines located on the computing device, wherein to monitor the network traffic comprises to monitor the network traffic by the graphics processing unit in parallel with processing of the network traffic by the one or more virtual machines;
determine one or more network resource optimization recommendations based on results of the network traffic monitoring;
adjust an allocation of the computing resources based on the one or more network resource optimization recommendations, wherein to adjust the allocation of the computing resources comprises to redirect at least a portion of the network traffic to the hardware accelerator;
detect, by the graphics processing unit, network traffic that does not comply with a network policy in response to the monitoring of the network traffic; and
take a corrective action on the network traffic to enforce compliance with the network policy in response to a determination that at least a portion of the network traffic does not comply with a network policy, wherein to take the corrective action comprises to manage switching policies of a virtual switch of the computing device.

US Pat. No. 10,972,370

MONITORING AND ANALYSIS OF CLOUD-BASED APPLICATIONS

Zscaler, Inc., San Jose,...

1. A system comprising:a plurality of nodes communicatively coupled to one another forming a cloud-based system configured to implement cloud-based services, each node of the cloud-based system including one or more processors and memory comprising instructions that, when executed, cause the one or more processors to
periodically send a probe from the respective node a cloud application of the cloud-based services where the probe simulates user activity in the cloud application,
receive a response to the probe and determine one or more statistics of the cloud application based on the response,
incorporate the one or more statistics in historical statistics, and
provide a notification when any of the one or more statistics exceeds a defined threshold.

US Pat. No. 10,972,369

CLOUD-BASED DEVICE DISCOVERY

Amazon Technologies, Inc....

1. A device comprising:one or more communication interfaces to communicate with a system that is remote from the device;
one or more processors; and
non-transitory computer-readable storage media storing computer-executable instructions, which when executed by the one or more processors cause the one or more processors to:
send, to the system, request data for information associated with one or more devices that satisfy a criterion, the system configured to access the information;
receive reply data from the system, the reply data including a device identifier of an audio-output device and endpoint information related to an endpoint for connecting to the audio-output device, the audio-output device including at least one speaker; and
use the endpoint information to connect to the audio-output device.

US Pat. No. 10,972,368

METHODS, SYSTEMS, AND COMPUTER READABLE MEDIA FOR PROVIDING REDUCED SIGNALING INTERNET OF THINGS (IOT) DEVICE MONITORING

ORACLE INTERNATIONAL CORP...

1. A method for providing reduced signaling Internet of things (IoT) device monitoring, the method comprising:in a combined service capability exposure function (SCEF) and Diameter signaling router (DSR) including at least one message processor that implements a Diameter routing layer that routes Diameter messages based on Diameter layer information in the messages:
receiving Diameter signaling containing IoT device information;
using the IoT device information to automatically provision an IoT device information database;
receiving a monitoring subscription request from a service capability server (SCS) or an application server (AS);
extracting the IoT device information from the IoT device information database; and
using the IoT device information to respond to the monitoring subscription request, wherein using the IoT device information to respond to the monitoring subscription request includes responding directly from the combined SCEF and DSR to the SCS or AS without requesting the IoT device information from a mobility management entity/serving general packet radio service support node (MME/SGSN) or a home subscriber server (HSS).

US Pat. No. 10,972,367

PROVISIONING FRAMEWORK FOR BINDING RELATED CLOUD SERVICES

Oracle International Corp...

1. One or more non-transitory computer-readable media storing instructions which, when executed by one or more hardware processors, cause:receiving, by a compiler, a service schematic for a cloud service;
responsive to receiving the service schematic for the cloud service, translating, by the compiler, the service schematic for the cloud service into a plurality of configuration files to perform different types of provisioning operations including at least a first configuration file storing a first set of instructions for performing a first type of provisioning operation to allocate resources for new instances of the cloud service and a second configuration file storing a second set of instructions for performing a second type of provisioning operation to upgrade existing instances of the cloud service by updating components associated with the existing instances of the cloud service, wherein the second set of instructions modify at least one configuration defined by the first set of instructions;
receiving a request to perform a particular provisioning operation for the cloud service;
responsive to receiving the request, determining that the particular provisioning operation is the second type of provisioning operation; and
responsive to determining that the particular provisioning operation is the second type of provisioning operation, executing the second set of instructions, stored in the second configuration file, for performing the second type of provisioning operation, wherein executing the second set of instructions includes modifying at least one previous configuration caused by executing the first set of instructions.

US Pat. No. 10,972,366

ORCHESTRATION ENGINE BLUEPRINT ASPECTS FOR HYBRID CLOUD COMPOSITION

INTERNATIONAL BUSINESS MA...

1. A system, comprising:a memory that stores computer executable components; and
a processor that executes computer executable components stored in the memory, wherein the computer executable components comprise:
a blueprint component that determines one or more blueprint-level aspects for a blueprint associated with a cloud-based computing platform, wherein the one or more blueprint-level aspects are indicative of encoded information for one or more features associated with one or more computing resources for the cloud-based computing platform;
a hybrid cloud composition component that determines a set of resource definitions for the cloud-based computing platform based on the one or more blueprint-level aspects;
a learning component that monitors the cloud-based computing platform based on the one or more blueprint-level aspects to learn one or more features associated with the cloud-based computing platform; and
an inference component that enhances one or more automated aspects of the learning component utilizing inference based schemes to learn one or more features related to one or more computing resources, wherein the learning component alters a first resource within the blueprint to a second resource distinct from the first resource and wherein the altering the first resource is based on an estimated risk level associated with the first resource, wherein the estimated risk level is a multidimensional vector and includes a confidence value.

US Pat. No. 10,972,365

METHOD AND ENTITIES FOR SERVICE AVAILABILITY MANAGEMENT

HUAWEI TECHNOLOGIES CO., ...

1. A resource orchestration entity for service flow differential deployment of a network service (NS) chain in a network, comprising:a memory comprising instructions, wherein the NS chain comprises a first service flow and a second service flow, wherein the first service flow comprises a first set of virtual network functions (VNFs) and virtual links interconnecting the first set of VNFs, and wherein the second service flow comprises a second set of VNFs and virtual links interconnecting the second set of VNFs; and
a processor coupled to the memory, wherein the instructions cause the processor to be configured to:
obtain, from an NS management entity, a first information element of service availability level in a descriptor, wherein the first information element of service availability level defines service availability level requirements of the first service flow and an identification reference of the first service flow;
obtain, from the NS management entity, a second information element of service availability level in the descriptor, wherein the second information element of service availability defines service availability requirements of the second service flow and an identification reference of the second service flow; and
provide the first information element and the second information element to a resource management entity when instantiating the NS,
wherein the first information element enables the resource management entity to assign a first set of resources for the first service flow of the NS chain,
wherein the second information element enables the resource management entity to assign a second set of resources for the second service flow of the NS chain, and
wherein the first set of resources and the second set of resources comprise one or more network function nodes and inter-connections of the one or more network function nodes in a virtual network corresponding to network hardware of the network.

US Pat. No. 10,972,364

USING TIERED STORAGE AND ISTIO TO SATISFY SLA IN MODEL SERVING AND UPDATES

CISCO TECHNOLOGY, INC., ...

1. A method comprising:defining service level agreements for a plurality of models, the service level agreements indicating pre-defined access times for each model of the plurality of models for a model serving network, wherein the pre-defined access times for each model specify how fast one or more applications can retrieve and use each model;
evaluating network conditions to determine whether the pre-defined access times for each model, as indicated by the service level agreements for the plurality of models, can be met;
storing each of the plurality of models into a respective storage tier, wherein the respective storage tier is chosen based on the service level agreement of each respective model of the plurality of models and the evaluated network conditions allowing satisfaction of the service level agreement for the model; and
facilitating access to each respective model of the plurality of models in the respective storage tier in which each respective model of the plurality of models is stored.

US Pat. No. 10,972,363

SYSTEMS AND METHODS FOR REAL-TIME SERVICE ASSURANCE

1. A method, comprising:determining, by a device comprising a processor, a first load of a first application on first resources of network equipment;
determining, by the device, a second load of the first application on second resources of the device;
analyzing, by the device, usage information indicative of a use of the first application;
balancing, by the device, resource usage of the first application between the network equipment and the device based on the usage information, wherein the balancing increases a level of performance of the first application according to a defined metric and reduces the first load on the network equipment;
analyzing, by the device, data regarding the usage information as a function of a first usage of the network equipment and a second usage of the device; and
determining, by the device, whether the first application is able to be redesigned in a more efficient implementation with respect to the first resources of the network equipment and the second resources of the device based on the analyzing the data regarding the usage information as a function of the first usage of the network equipment and the second usage of the device.

US Pat. No. 10,972,362

NETWORK SERVICE CONFIGURATION METHOD AND NETWORK MANAGEMENT DEVICE

HUAWEI TECHNOLOGIES CO., ...

1. A network service configuration method, comprising:obtaining, by a network management device, a terminal access port and an access parameter of a network service, wherein the access parameter is configured for the terminal access port, wherein the terminal access port is a port of a network device in a network, and wherein the terminal access port is configured to couple to a terminal device;
determining, by the network management device, to-be-configured ports according to the access parameter, wherein the to-be-configured ports comprise ports coupled to a path between the terminal access port and a core switch that is associated with the access parameter;
generating, by the network management device, to-be-configured port configuration instructions according to the to-be-configured ports and the access parameter, wherein the network management device automatically generates the to-be-configured port configuration instructions without manual intervention by an administrator, wherein one of the to-be-configured ports comprises a port on the path other than the terminal access port, and wherein generating the to-be-configured port configuration instructions comprises:
generating the to-be-configured port configuration instructions to instruct at least one of the network devices to create a virtual local area network (VLAN) identifier (ID) and add one of the to-be-configured ports to the VLAN ID when the VLAN ID does not exist in the network device in which the one of the to-be-configured ports is located; and
generating the to-be-configured port configuration instructions to instruct the at least one of the network devices to add the one of the to-be-configured ports to the VLAN ID when the VLAN ID exists in the network device in which the one of the to-be-configured ports is located;
sending, by the network management device, the to-be-configured port configuration instructions to to-be-configured network devices, wherein the to-be-configured network devices comprise all network devices in the path between the terminal access port and the core switch, and wherein all network devices comprise the core switch, an edge switch, and at least one relay switch between the core switch and the edge switch; and
associating, by the network management device, the core switch, the edge switch, and the at least one relay switch with the access parameter, wherein the access parameter comprises the VLAN ID.

US Pat. No. 10,972,361

SYSTEM AND METHOD FOR REMOTE HARDWARE SUPPORT USING AUGMENTED REALITY AND AVAILABLE SENSOR DATA

Dell Products L.P., Roun...

1. An information handling system for managing equipment in a datacenter, the information handling system comprising:a display;
a first wireless communication interface;
a second wireless communication interface; and
an imaging system configured to capture image data from within a field of view of the imaging system;
wherein the information handling system is configured to:
establish a first wireless communication link with a remote service system via the first wireless communication interface;
show the image data on the display;
provide an augmented reality overlay on the display over the image data, wherein the augmented reality overlay locates an element of datacenter equipment that needs to be serviced;
determine that the element is within the field of view;
establish a second wireless communication link with the element via the second wireless communication interface in response to determining that the element is within the field of view;
provide the image data and the augmented reality overlay to the remote service system via the first wireless communication link;
receive first configuration information from the element via the first wireless communication link, wherein the first configuration information includes health information for the element, environmental information for the element, and configuration settings for the element;
receive an instruction to service the element based upon the first configuration information from the remote service system in response to providing the augmented reality overlay to the remote service system;
determine that the image data indicates that a service technician has attempted to implement the instruction; and
receive a correction to the instruction from the remote service system in response to determining that the service technician has attempted to implement the instruction.

US Pat. No. 10,972,360

DYNAMIC DESIGN OF A LIGHTING CONFIGURATION

Lexi Devices, Inc., Berk...

1. An electronic device, comprising:a network node; and
an interface circuit, coupled to the network node, configured to communicate with a second electronic device;
memory configured to store program instructions;
a processor, coupled to the memory, configured to execute the program instructions, wherein, when executed by the processor, the program instructions cause the electronic device to perform operations comprising:
receiving an image of an environment comprising a room associated with a user, wherein the image is associated with an image sensor and provides a physical perspective of the environment, and wherein the program instructions allow a lighting design to be designed for the environment;
providing, from the network node, the image addressed to the second electronic device;
receiving, at the network node, one or more packets or frames associated with the second electronic device, wherein the one or more packets or frames convey a digital representation of the environment corresponding to the image;
receiving input information that specifies a number of lighting devices, types of lighting devices or both;
providing, from the network node, the input information addressed to the second electronic device;
receiving, at the network node, one or more second packets or frames associated with the second electronic device, wherein the one or more second packets or frames convey design information specifying one or more predefined lighting configurations suitable for use in the environment and that are compatible with the input information;
presenting the design information specifying the one or more predefined lighting configurations;
receiving a user selection of a given predefined lighting configuration in the one or more predefined lighting configurations; and
in response to the user selection, presenting the one or more second images having associated perspectives that illustrate the given predefined lighting configuration in a context of the digital representation, wherein the one or more second images comprise augmented or virtual reality with the perspectives on lighting devices, associated with the given predefined lighting configuration, in the digital representation of the environment.

US Pat. No. 10,972,359

DATA STRUCTURES REPRESENTING MODELS OF NETWORKING EQUIPMENT AND METHODS OF NETWORK MANAGEMENT EMPLOYING THEREOF

Ciena Corporation, Hanov...

1. A processor-implemented method implemented to model devices in a network utilizing an assembly providing a dynamic model, the processor-implemented method comprising:utilizing one or more first models to represent parent/child relationships between devices in the network for control and management thereof, wherein each of the one or more first models is implemented in an associated database of one or more databases and has an associated schema defining at least a level in a hierarchy, and wherein the devices in the network include at least one of a group of components assembled on a board, a group of boards inserted into a circuit pack, a group of circuit packs inserted into a chassis, and a group of chassis of a network element;
defining an assembly to implement the dynamic model, wherein the assembly is a rearrangement of the associated schema of the one or more first models and does not modify the one or more first models, and wherein the assembly comprises pointers pointing to data instances in the one or more databases without pointing to data instances in the assembly; and
utilizing the dynamic model for control and management of the devices in the network, wherein the control and management via the dynamic model updates the data instances in the one or more databases representing the one or more first models.

US Pat. No. 10,972,358

INFERRING CONGESTION AND SIGNAL QUALITY

Citrix Systems, Inc., Fo...

1. A method for determining network congestion and signal quality for a transport layer connection, the method comprising:(a) establishing, by a network classifier executing on one or more processors, a classification model for a plurality of types of networks based on one or more metrics of network traffic traversing one or more devices for a plurality of transport layer connections providing communications with a plurality of types of networks, the classification model trained using a training dataset which includes a plurality of labels indicative of the plurality of network types corresponding to the one or more metrics of network traffic;
(b) receiving, by the network classifier, metrics of a plurality of packets for a transport layer connection;
(c) classifying, by the network classifier, a type of network for the transport layer connection based at least on the metrics and the plurality of labels included in the training dataset used to train the classification model;
(d) determining, by the one or more processors, a level of congestion and a signal quality for the transport layer connection based on the metrics and the classification of the type of network, wherein determining the level of congestion and the signal quality for the transport layer comprises:
determining a delay in a relative average load and a relative average noise with respect to a delay in an average connection of the transport layer connection, or
determining a throughput for the transport layer connection based at least on a number of bytes transferred via the transport layer connection without network congestion and noise; and
(e) providing, by the one or more processors, for display via a user interface, the level of congestion and the signal quality for the transport layer connection.

US Pat. No. 10,972,357

SDN NETWORK SYSTEM, CONTROLLER, AND CONTROLLING METHOD

HUAWEI TECHNOLOGIES CO., ...

1. A software defined network (SDN) system, comprising:a second (N+1)th level controller, wherein N is a positive integer greater than or equal to 1;
a first (N+1)th level controller, wherein the first (N+1)th level controller is configured to:
receive a first message from a first node belonging to the first (N+1)th level controller, wherein the first message comprises an identifier of the first node;
send a second message to a first Nth level controller to which the first (N+1)th level controller belongs in response to determining that the first message is a cross-domain message comprising an identifier of a second node belonging to the second (N+1)th level controller;
and
the first Nth level controller configured to:
receive the second message from the first (N+1)th level controller; and
perform decision processing according to first status information of the first (N+1)th level controller and second status information of boundary nodes of the first (N+1)th level controller, wherein a boundary node of the first (N+1)th level controller connects to a node that belongs to the second (N+1)th level controller.

US Pat. No. 10,972,356

METHOD FOR SELECTING NEGOTIATION COUNTERPART, METHOD FOR RESPONDING TO DISCOVERY MESSAGE, AND RELATED APPARATUS

Huawei Technologies Co., ...

1. A method for selecting a negotiation counterpart, comprising:sending, by a first device, a discovery message to at least two devices in a network, wherein the discovery message comprises a technical objective, and the discovery message is for finding a device supporting the technical objective, wherein the technical objective indicates a purpose of the first device sending the discovery message;
receiving, by the first device, a first response message from a second device in response to the discovery message, wherein the first response message comprises information about one or more characteristics of the second device supporting implementation of the technical objective, wherein each of the one or more characteristics of the second device is associated with a priority, and wherein the information about the one or more characteristics of the second device reflects a degree to which the second device supports the technical objective;
receiving, by the first device, a second response message from a third device in response to the discovery message, wherein the second response message comprises information about one or more characteristics of the third device supporting implementation of the technical objective, wherein each of the one or more characteristics of the third device is associated with a priority, and wherein the information about the one or more characteristics of the third device reflects a degree to which the third device supports the technical objective; and
selecting, by the first device, the second device or the third device as a negotiation counterpart based on the one or more characteristics of the second device, one or more priorities associated with the one or more characteristics of the second device, the degree to which the second device supports the technical objective, the one or more characteristics of the third device, one or more priorities associated with the one or more characteristics of the third device, and the degree to which the third device supports the technical objective.

US Pat. No. 10,972,355

MANAGING LOCAL STORAGE DEVICES AS A SERVICE

Amazon Technologies, Inc....

1. A computer-implemented method, the method comprising:receiving, at an application programming interface (API) endpoint of a service provider network, a request to detach a local storage device associated with a compute instance executing on a computer system located in the service provider network, wherein the request includes an indication that a user associated with the compute instance desires to attach an at least equivalent local storage device to the compute instance; and
sending a detach command to detach the local storage device from the compute instance of the computer system, the detach command causing the computer system to:
detach the local storage device from the compute instance, wherein the local storage device is unavailable to the compute instance of the computer system for use as a block storage device when detached, and
attach an at least equivalent local storage device to the compute instance.

US Pat. No. 10,972,354

WIRELESS COMMUNICATION BETWEEN A WIDE BANDWIDTH NETWORK NODE AND A NARROW BANDWIDTH WIRELESS DEVICE

Sprint Spectrum L.P., Ov...

1. A method for wireless communication between a wide bandwidth network node and a narrow bandwidth wireless device, the method comprising:determining a maximum channel bandwidth of the narrow bandwidth wireless device, wherein the maximum channel bandwidth is smaller than a default channel bandwidth of the wide bandwidth network node;
configuring at least two bandwidth parts (BWPs) within the default channel bandwidth, wherein a total bandwidth of the at least two BWPs is less than or equal to the maximum channel bandwidth of the narrow bandwidth wireless device;
and
scheduling a data transmission between the wide bandwidth network node and the narrow bandwidth wireless device within the at least two BWPs,
wherein the narrow bandwidth wireless device is configured to aggregate the at least two BWPs to receive the data transmission.

US Pat. No. 10,972,353

IDENTIFYING CHANGE WINDOWS FOR PERFORMING MAINTENANCE ON A SERVICE

BMC Software, Inc., Hous...

1. A computer-implemented method for identifying a common change window for one or more services implemented on one or more hosts, the computer-implemented method comprising:querying time series performance data for each host of a service to identify time slots of low resource consumption on the host;
annotating the time slots with service tags, wherein the service tags identify host information and service information;
creating groups of time slots using the service tags;
using dynamic clustering to create clusters of hosts using the groups of time slots; and
generating at least one common change window by eliminating duplicate hosts from the clusters of the hosts.

US Pat. No. 10,972,352

VALIDATION OF ROUTING INFORMATION BASE-FORWARDING INFORMATION BASE EQUIVALENCE IN A NETWORK

CISCO TECHNOLOGY, INC., ...

1. A system to perform a network assurance check of proper deployment of a configuration, the system comprising:at least one memory configured to store data; and
at least one processor operable to execute instructions associated with the data, which when executed by the at least one processor, causes the at least one processor to:
determine whether a routing information base (RIB) entry in an RIB matches a forwarding information base (FIB) entry in an FIB,
when a match is identified and a next entry exists, determine whether another RIB entry in the RIB matches another FIB entry in the FIB,
when the match is identified and the next entry does not exist, end the network assurance check, and
when the match is not identified and the FIB entry is not covered by another entry, generate an event.

US Pat. No. 10,972,351

DYNAMIC MANAGEMENT OF NETWORK ENVIRONMENTS

ALLIED TELESIS HOLDINGS K...

1. A method comprising:collecting information on one or more network devices, wherein each of the one or more network devices have one or more attributes;
storing the collected information in a database;
mapping the stored information to abstracted values, wherein the abstracted values comprise one or more abstracted device types and one or more abstracted device attributes corresponding to the abstracted device types;
presenting the mapped information to a user for selection and inclusion into a template, wherein the presented mapped information is independent of a location of the one or more network devices and a detailed resource characteristic of the one or more attributes;
creating, responsive to the user input at a graphical user interface, one or more topology templates by selecting on screen objects that represent device categories and one or more abstracted values to be arranged graphically on a web canvas and provisioned for activation based on a order of selection by the user of the on screen objects that represent device categories and the one or more abstracted values, wherein the order of selection by the user comprises: connecting a traffic generator to a switch;
activating, responsive to the user input, one or more created templates; and
accessing one or more network devices based on the activated one or more templates.

US Pat. No. 10,972,350

ASYNCHRONOUS IMAGING OF COMPUTING NODES

Nutanix, Inc., San Jose,...

1. A non-transitory computer readable medium encoded with executable instructions which, when executed by the processor, causes a server to perform a method comprising:expose an API for imaging requests;
responsive to a first imaging request, received through the API, to provision at least one computing node including to install a first operating system, a first distributed storage services stack, or both on the at least one computing node, initiating installation of the first operating system, the first distributed storage stack, or both by initiating imaging of the at least one computing node and initiating a first log of progress;
responsive to a second imaging request, received through the API, to provision at least one other computing node including to install a second operating system, a second distributed storage services stack, or both on the at least one other computing node during at least a portion of time that the at least one computing node is being provisioned, initiating installation of the second operating system, the second distributed services stack, or both by imaging of the at least one other computing node and initiating a second log of progress.

US Pat. No. 10,972,349

CRYPTOGRAPHIC VERIFICATION OF DATA INPUTS FOR EXECUTABLES ON A NETWORK

1. A system, comprising:memory storing computer program instructions; and
one or more processors that, when executing the computer program instructions, effectuate operations comprising:
obtaining update data represented in a first format and a digital signature related to the update data, wherein the update data comprises (i) a source identifier associated with a data source designated with respect to an executable stored on a decentralized network, and (ii) parameter values associated with one or more parameters for the executable stored on the decentralized network;
transforming the update data into a canonicalized data structure having a canonicalized format different from the first format, the canonicalized data structure representing the parameter values of the update data in the canonicalized format;
transforming the canonicalized data structure into a network-specific data structure having a network-specific format associated with the decentralized network, the network-specific format being different from the canonicalized format and the first format, the network-specific data structure representing the parameter values of the update data in the network-specific format;
hashing the network-specific data structure to generate a hash value of the network-specific data structure;
generating a reference value based on the digital signature and a public key associated with the data source;
performing a verification of the parameter values based on the hash value and the reference value; and
providing the network-specific data structure to the executable based on the verification indicating a match between the hash value and the reference value, wherein the executable (i) extracts the parameter values from the network-specific data structure to obtain extracted parameter values, and (ii) initiates an update to the decentralized network based on the extracted parameter values.

US Pat. No. 10,972,348

METHODS AND SYSTEMS FOR SELECTING COMPATIBLE RESOURCES IN NETWORKED STORAGE ENVIRONMENTS

NetApp Inc., Sunnyvale, ...

1. A method comprising:determining that a first configuration is unable to be upgraded to a target configuration based upon an evaluation of relationships between components of resources used for storing and retrieving data in a storage system in the first configuration of a first storage solution, wherein a data structure defines the relationships as being between the first storage solution and a second storage solution having an overlapping compatible component;
in response to the first configuration being non-upgradeable to the target configuration, evaluating the data structure to identify a second configuration of the second storage solution that is upgradeable to the target configuration; and
providing an indication of incompatibility of the second configuration based upon a target component of the target configuration being incompatible with a component of the second configuration.

US Pat. No. 10,972,347

CONVERTING A FIRST CLOUD NETWORK TO SECOND CLOUD NETWORK IN A MULTI-CLOUD ENVIRONMENT

Hewlett Packard Enterpris...

1. A non-transitory computer readable medium having executable instructions stored thereon, that, when executed by a processor, performs operations of:receiving a user request to convert a source cloud network to a destination cloud network;
in response to receiving the request, invoking a driver based on the destination cloud network specified in the user request;
using at least the invoked driver to retrieve cloud configuration data of the source cloud network and an operating system (OS) image of the destination cloud network, the retrieved cloud configuration data comprising configuration data of a controller of the source cloud network and a compute node of the source cloud network;
using at least the retrieved cloud configuration data of the source cloud network and the retrieved OS image of the destination cloud network, converting the source cloud network to the destination cloud network, wherein converting comprises:
using at least the retrieved OS image of the destination cloud network to install the OS of the destination cloud network on a machine that is not the controller of the source cloud network;
after installing the OS of the destination cloud network on the machine, configuring services of the destination cloud network on the machine;
after configuring services of the destination cloud network on the machine:
installing the OS of the destination cloud network on the controller; and
registering the controller as a new controller in the destination cloud network; and
sending a notification to the user that the conversion was completed.

US Pat. No. 10,972,346

CUSTOMIZABLE EVENT PROCESSING FOR THIRD PARTY INFRASTRUCTURE EVENTS

Red Hat, Inc., Raleigh, ...

1. A method comprising:receiving, by a processing device of an infrastructure management platform, a request to include a custom action in a processing definition, the custom action to be performed in response to an occurrence of an infrastructure event in an infrastructure platform;
selecting the processing definition that specifies a default action to be performed in response to the occurrence of the infrastructure event, the default action being defined by the infrastructure management platform;
receiving, by the infrastructure management platform, user input defining the custom action relative to the default action in the processing definition; and
changing the processing definition to comprise the custom action relative to the default action, wherein changing the processing definition comprises adding the custom action to the processing definition and modifying an order of actions of the processing definition.

US Pat. No. 10,972,345

SYSTEM, METHOD, AND COMPUTER PROGRAM FOR EVALUATING CONFIDENCE LEVEL OF PREDICTING A NETWORK SITUATION IN A COMMUNICATION NETWORK MANAGED USING ARTIFICIAL INTELLIGENCE

AMDOCS DEVELOPMENT LIMITE...

1. A computer program product comprising computer executable instructions stored on a non-transitory computer readable medium that when executed by a processor instruct the processor to:determine, for a configuration of a communication network, a network situation requiring a change of the configuration of the communication network that prevents an occurrence of the network situation;
determine a minimal configuration time period required to implement the change of the configuration of the communication network;
determine a detection entity including a first classifier that predicts the occurrence of the network situation an amount of time before the occurrence of the network situation that equals or is greater than the minimal configuration time period, the prediction being based on event log data associated with the configuration of the communication network;
determine a first confidence level of the detection entity, the first confidence level representing, at least in part, a probability that the network situation will develop;
use the detection entity to predict the occurrence of the network situation the amount of time before the occurrence of the network situation; and
responsive to the prediction of the occurrence of the network situation, make the change of the configuration of the communication network that prevents the occurrence of the network situation, based on the first confidence level of the detection entity.

US Pat. No. 10,972,344

AUTOMATED ADJUSTMENT OF SUBSCRIBER POLICIES

A10 Networks, Inc., San ...

1. A system for automated adjusting of subscriber policies, the system comprising:a servicing node comprising a hardware processor and a memory, the hardware processor being configured to:
apply traffic enforcement rules to a data traffic associated with a subscriber;
determine network conditions associated with the data traffic;
based on one or more modified attributes, determine that at least one adjustment action needs to be applied to a processing of the data traffic, the at least one adjustment action including changing a frequency of collecting records related to a network activity of the subscriber;
apply the at least one adjustment action to the processing of the data traffic; and
modify the traffic enforcement rules based on the one or more modified attributes by replacing one or more attributes of a plurality of attributes with the one or more modified attributes to obtain modified traffic enforcement rules; and
a policy management unit configured to:
send the one or more modified attributes to the servicing node; and
based on the determination of the network conditions, modify the one or more attributes of the plurality of attributes according to attribute adjustment rules to obtain the one or more modified attributes.

US Pat. No. 10,972,343

SYSTEM AND METHOD FOR DEVICE CONFIGURATION UPDATE

Dell Products L.P., Hopk...

8. A method for managing computing resources of a configurable device for use in a solution architecture, comprising:obtaining, by a computing resources state manager of the configurable device, an out-of-band modification to the computing resources;
in response to obtaining the out-of-band modification:
generating, by the computing resources state manager of the configurable device, an out-of-band configuration based on the out-of-band modification;
updating, by the computing resources state manager of the configurable device, restoration information for the computing resources based on the out-of-band configuration;
prior to obtaining the out-of-band modification and by the computing resources state manager:
obtaining a computing resources update request for the computing resources;
in response to obtaining the computing resources update request:
obtaining a computing resources configuration associated with the configurable device;
making a determination that no out-of-band configuration for the configurable device exists; and
updating, based on the determination, the computing resources based on the computing resources configuration.

US Pat. No. 10,972,342

NETWORK DEVICE CONFIGURATION USING A MESSAGE BUS

Juniper Networks, Inc., ...

1. A controller comprising:processing circuitry coupled to memory, wherein the processing circuitry is configured to:
generate data for implementing a configuration change for a network device;
store, to a configuration database of the controller, the data for implementing the configuration change for the network device; and
add, to a message queue of a message bus executed by one or more computing devices separate from the controller, an indication of the configuration change for the network device to cause the network device to obtain, from the configuration database of the controller, the data for implementing the configuration change for the network device.

US Pat. No. 10,972,341

SUBNET STRETCHING VIA LAYER THREE COMMUNICATIONS

Microsoft Technology Lice...

1. A method for enabling subnet stretching between a first networking environment at a second networking environment via Layer 3 (L3) communications, comprising:configuring a first machine in a first network assigned a first IP address as a first gateway to communicate with a second machine in a second network assigned a second IP address configured to act in the second network as a second gateway, wherein the first IP address and the second IP address share a common network address prefix;
configuring the first network as a part of a single subnet with the second network using a subnet mask shared by networks comprising the single subnet;
receiving, within the first network at the first gateway, an L3 packet having a destination field designating at least one IP address associated with the second gateway;
encapsulating, at the first gateway, the L3 packet as a payload of a tunneled L3 packet, wherein a destination field of the tunneled L3 packet designates the second IP address;
transmitting the tunneled L3 packet from the first gateway to the second gateway;
decapsulating, at the second gateway, the tunneled L3 packet to restore the L3 packet; and
forwarding, from the second gateway, the L3 packet to the at least one IP address in the second network designated in the destination field.

US Pat. No. 10,972,340

PROVISIONING HIGH PERFORMANCE COMPUTING CLUSTERS

MICROSOFT TECHNOLOGY LICE...

1. A computer system comprising:one or more processors; and
one or more computer-readable hardware storage devices having stored thereon computer-executable instructions that are executable by the one or more processors to cause the computer system to operate a cloud-based provisioning service within a cloud environment by causing the cloud-based provisioning service to:
provide a portal user interface that is configured to receive input for provisioning a service in a cloud-based computing cluster that is operating in the cloud environment, wherein the portal user interface includes:
a viewing option configured to display adjustable configuration settings for one or more previously deployed computing clusters operating within the cloud environment and configured to receive input for initiating changes to those adjustable configuration settings, said viewing option being further configured to display information corresponding to an already existing storage key associated with the one or more previously deployed computing clusters; and
a new cluster configuration option configured to provide new configuration setting options for provisioning a new computing cluster in the cloud environment;
receive user input at the portal user interface, the user input specifying first configuration settings for initiating changes to the one or more previously deployed computing clusters or, alternatively, for provisioning the new computing cluster in the cloud environment; and
based on the first configuration settings, either initiate the changes to the one or more previously deployed computing clusters or provision the new computing cluster in the cloud environmental,
wherein the cloud-based provisioning service is configured as a multi-tiered web service that includes a first tier comprising the portal user interface and at least one additional tier comprising a scheduler that provisions the service in the cloud-based computing cluster, said first tier being stateless such that the portal user interface is also stateless.

US Pat. No. 10,972,339

SYSTEMS AND METHODS FOR MODULAR IN-PREMISES EQUIPMENT

Verizon Patent and Licens...

1. A customer premises equipment (CPE) device, comprising:a plurality of CPE modules implemented in hardware,
the plurality of CPE modules including:
a first module; and
a second module,
the first module including:
 a first set of underside keying features on an underside of the first module, and
 a first set of topside keying features on a topside of the first module,
the second module including:
 a second set of underside keying features, on an underside of the second module, being arrangeable to align with the first set of topside keying features of the first module when the second module is arranged in a stacked configuration over the first module,
the first module including a first interconnection interface component disposed on a top surface of the first module,
the second module including a second interconnection interface component disposed on a bottom surface of the second module,
 the second interconnection interface component being configured to complementarily couple to the first interconnection interface component when the first module and the second module are arranged in the stacked configuration.

US Pat. No. 10,972,338

PRE-POPULATING MEDIA ACCESS CONTROL (MAC) ADDRESS TABLES IN NETWORKS WHERE FLOODING OF MAC ADDRESSES IS BLOCKED

Ciena Corporation, Hanov...

1. A method comprising:in a node having a plurality of Media Access Control (MAC) addresses with one MAC address for application designated as a source MAC address and with the node in communication with Network Termination Equipment (NTE) via a User-Network Interface (UNI) of the NTE, configuring the node for transmission of a packet with the source MAC address to the NTE via the UNI to enable the NTE to learn the source MAC address and pre-populate the source MAC address in a forwarding database in the NTE when unicast flooding of unknown MAC addresses is disabled in the NTE in a direction from a Network-Network Interface of the NTE to the UNI; and
transmitting the packet with the source MAC address to the NTE at periodic time intervals while the NTE has unicast flooding of unknown MAC addresses disabled in the NNI-to-UNI direction such that the NTE receives the packet to learn the source MAC address and pre-populates the source MAC address in its forwarding database to enable reachability to the node via the NTE while the NTE has unicast flooding of unknown MAC addresses disabled in the NNI-to-UNI direction, wherein the periodic time intervals are less than a timeout value associated with the forwarding database.

US Pat. No. 10,972,337

METHOD AND APPARATUS FOR SPLIT-BRAIN AVOIDANCE IN SUB-SECONDARY HIGH AVAILABILITY SYSTEMS

Versa Networks, Inc., Sa...

1. A method for avoiding a split-brain state for a primary high availability (HA) network node and a secondary HA network node, the method comprising:the primary HA network node and the secondary HA network node forming a plurality of health check packets, the primary HA network node and the secondary HA network node providing redundant connectivity between a wide area network (WAN) and a local area network (LAN) and cooperatively running a redundancy protocol such that the secondary HA network node takes over mastership when the primary HA network node fails; and
sending the health check packets on each of a plurality of routes, the routes comprising a route from the primary HA network node to the secondary HA network node that traverses the WAN, a route from the secondary HA network node to the primary HA network node that traverses the WAN, a route from the primary HA network node to the secondary HA network node that traverses the LAN, and a route from the secondary HA network node to the primary HA network node that traverses the LAN,
wherein
the health check packets include a health check overload data field and a frame check sequence section,
the health check packets are Internet Control Message Protocol (ICMP) packets or are Bi-Directional Forwarding Detection (BFD) protocol packets,
the ICMP packets include the health check overload data field between an ICMP data section and the frame check sequence section, and
the BFD protocol packets include the health check overload data field between a BFD data section and the frame check sequence section, and
based on which of health check packets are successfully received, the primary HA network node and the secondary HA network node do not enter the split-brain state.

US Pat. No. 10,972,336

TECHNIQUE FOR RESOLVING A LINK FAILURE

Telefonaktiebolaget LM Er...

1. A method for resolving a link failure occurring on a link between a first virtualized network function (VNF) and a second VNF provided in a cloud computing environment, the method being performed by the first VNF and comprising:detecting the link failure prior to receiving a link failure notification;
responsive to detecting the link failure prior to receiving the link failure notification, starting a failover timer that triggers performing a failover substituting the second VNF by a third VNF at a time that allows completing the failover within a maximum allowed link failure time;
receiving, from a VNF manager (VNFM) of the cloud computing environment that controls the first VNF, a link failure notification comprising link recovery status information indicating a current recovery status of the link, wherein the link recovery status information comprises an estimated recovery time, the estimated recovery time indicating an estimated time within which recovery of the link can be expected based on a type of the link failure between the first VNF and the second VNF; and
triggering an action to substitute the second VNF by a third VNF to resolve the link failure based on the estimated time within which recovery of the link can be expected.

US Pat. No. 10,972,335

DESIGNATION OF A STANDBY NODE

Hewlett Packard Enterpris...

1. A method comprising:determining a loss of service between a master node and a first standby node in a cluster comprising a plurality of nodes, wherein the master node is to manage the cluster and to store a node transaction data log, and the first standby node is to store a synchronously replicated copy of the node transaction data log;
determining a state of a cluster data transaction log when the loss of service occurs;
determining whether an amount of new transactions logged at the master node during the loss of service exceeds a transaction threshold;
comparing a duration of the loss of service to a timeout threshold before a service of the first standby node is resumed; and
in response to the amount of the new transactions logged at the master node during the loss of service exceeding the transaction threshold or the duration of the loss of service exceeding the timeout threshold before the service of the first standby node is resumed, designating, by the master node, a second standby node as a new standby node.

US Pat. No. 10,972,334

AUTOMATED ELECTRONIC COMPUTING AND COMMUNICATION SYSTEM EVENT ANALYSIS AND MANAGEMENT

ServiceNow, Inc., Santa ...

1. A method comprising:receiving, via one or more processors, an indication of an event in a computing system, wherein the computing system comprises a plurality of elements;
identifying, via the one or more processors, an element of the plurality of elements corresponding to the event;
determining, via the one or more processors, a value for a metric for the element; and
in response to determining that the value is outside a range associated with the metric, generating, via the one or more processors, a remediation priority for the element based at least in part on a metric weight associated with the metric.

US Pat. No. 10,972,333

METHOD AND DEVICE FOR REAL-TIME NETWORK EVENT PROCESSING

Telefonaktiebolaget LM Er...

1. A method of real-time processing of events received from a network, the network comprises a plurality of network elements connected by a plurality of links, whereas an event comprises a plurality of attributes, the method performed by a processor, the method comprising:maintaining a plurality of counters, including counters indicating numbers of occurrences of instances of specific attributes of received events as well as counters indicating numbers of co-occurrences, within a defined measurement window, of instances of specific attributes of the received events;
maintaining a record of instances of specific attributes of recent events received in a time period equal to the measurement window;
receiving a first event;
increasing respective counters indicating occurrences and co-occurrences of instances of attributes of received events, based on the instances of attributes of the first event;
for a first attribute, calculating relation measure scores between a first instance of the first attribute of the first event and instances of the first attribute of events recently received in the measurement window, wherein one of the relation measure scores indicates a likelihood that the first event is related to the events recently received in the measurement window according to a calculation that depends on a number of co-occurrences in which the first instance of the first attribute and a second instance of the first attribute were received within the measurement window, the total number of occurrences of the first instance, and the total number of occurrences of the second instance;
identifying a group of events as related based on their relation measure scores;
creating incident information based on the information about the identified group of events.

US Pat. No. 10,972,332

IDENTIFYING FACTORS THAT CONTRIBUTE TO A METRIC ANOMALY

ADOBE INC., San Jose, CA...

1. In a digital medium environment for performing a statistical analysis of web traffic data, a method for determining statistically significant contributors to a metric anomaly comprising:analyzing user action-based metric values indicating a particular type of user action performed by users in connection with a website;
generating a display of a trend of the analyzed user action-based metric values, wherein the trend comprises an indication of at least one metric value anomaly due to the particular type of user action performed by the users in connection with the website;
receiving a user selection of the at least one metric value anomaly from the display of the trend;
identifying a plurality of contributing factors that statistically contributed to the at least one metric value anomaly, the plurality of contributing factors comprising actions leading to the particular type of user action;
determining, by at least one processor, a statistical significance for each of the plurality of contributing factors that contributed to the at least one metric value anomaly in order to identify correlations between the plurality of contributing factors and the at least one metric value anomaly; and
presenting, within a second portion of the display, a subset of the plurality of contributing factors that have a highest statistical contribution to the at least one metric value anomaly.

US Pat. No. 10,972,331

METHOD FOR GENERATING AN OUTPUT SIGNAL HAVING PREDETERMINED JITTER CHARACTERISTICS

1. A method for generating an output signal having predetermined jitter characteristics, comprising the following steps:generating a first signal via a first signal generator;
generating a second signal via a second signal generator;
pulse-position modulating the first signal by the second signal, thereby generating a modulated signal having predetermined jitter characteristics; and
generating an output signal having predetermined jitter characteristics based on the modulated signal.

US Pat. No. 10,972,330

DATA TRANSMISSION METHOD AND DEVICE

GUANGDONG OPPO MOBILE TEL...

1. A data transmission method, comprising:determining a time domain structure, the time domain structure chronologically and sequentially comprising a first downlink part, a second downlink part, a first uplink part, and a second uplink part, wherein a guard period GP is further comprised between the second downlink part and the first uplink part; and
transmitting data according to the time domain structure;
wherein, information transmitted by the first uplink part corresponds to information transmitted by the first downlink part, and information transmitted by the second uplink part corresponds to information transmitted by the second downlink part;
wherein the time domain structure comprises a first time domain unit and a second time domain unit, and
wherein the first time domain unit comprises the first downlink part and the first uplink part, and the second time domain unit comprises the second downlink part and the second uplink part.

US Pat. No. 10,972,329

METHOD AND DEVICE FOR TRANSMITTING AND RECEIVING PRIMARY SYNCHRONIZATION SIGNAL IN WIRELESS ACCESS SYSTEM SUPPORTING NARROWBAND INTERNET OF THINGS

LG ELECTRONICS INC., Seo...

1. A method performed by a User Equipment (UE) for receiving a primary synchronization signal (PSS) in a wireless access system supporting narrowband Internet of things (NB-IoT), the method comprising:receiving, by the UE from a base station, the PSS through a plurality of orthogonal frequency division multiplexing (OFDM) symbols; and
performing a cell search based on the PSS,
wherein the PSS is received based on applying elements of a cover code of length 11 to a Zadoff-Chu (ZC) sequence of length 11 with a root index equal to 5 in respective OFDM symbols of the plurality of OFDM symbols.

US Pat. No. 10,972,328

DEMODULATION REFERENCE SIGNAL AND PHASE ROTATION FOR SUB-PHYSICAL RESOURCE BLOCK ALLOCATION WITH TWO TONE MODULATION

QUALCOMM Incorporated, S...

1. A method of wireless communication, comprising:receiving, by a base station, a symbol in an uplink communication, wherein the uplink communication uses a two-tone modulation scheme and is in accordance with a resource allocation at sub physical resource block granularity,
wherein the resource allocation includes resource allocations of three adjacent subcarriers where only two subcarriers of the three adjacent subcarriers are used for transmitting the uplink communication;
determining, by the base station, a phase rotation for the symbol in the uplink communication, wherein the phase rotation is determined based at least in part on a reference tone index associated with the resource allocation,
wherein the reference tone index is the same for each symbol of the uplink communication; and
applying, by the base station, the phase rotation to the symbol.

US Pat. No. 10,972,327

APPARATUS FOR TRANSMITTING BROADCAST SIGNALS, APPARATUS FOR RECEIVING BROADCAST SIGNALS, METHOD FOR TRANSMITTING BROADCAST SIGNALS AND METHOD FOR RECEIVING BROADCAST SIGNALS

LG ELECTRONICS INC., Seo...

1. A method of transmitting broadcast signals in a transmitting system, the method comprising:encoding service data;
bit interleaving the encoded service data;
Multiple-Input and Multiple-Output (MIMO) processing first service data and second service data of the bit-interleaved service data;
time interleaving the MIMO processed first service data and the MIMO processed second service data;
building a first signal frame including the time-interleaved first service data and a second signal frame including the time-interleaved second service data; wherein the first signal frame further includes first signaling data and the second signal frame further includes second signaling data;
modulating data in the first signal frame and data in the second signal frame by an Orthogonal Frequency Division Multiplex (OFDM) scheme; and
transmitting the broadcast signals having the modulated data in the first signal frame and the modulated data in the second signal frame,
wherein the MIMO processing comprises:
in-phase/quadrature-phase (IQ) polarization interleaving the first service data and the second service data by switching quadrature-phase components of the first service data and the second service data, and
phase hopping the first service data and the second service data by performing a phase rotation on one of the first service data or the second service data,
wherein each of the IQ polarization interleaving and the phase hopping is optional,
wherein each of the first and second signaling data includes information related to the MIMO processing, and
wherein the information related to the MIMO processing identifies whether the IQ polarization interleaving is applied to the MIMO processing and whether the phase hopping is applied to the MIMO processing.

US Pat. No. 10,972,326

SPECTRUM SHAPING CREST FACTOR REDUCTION

NanoSemi, Inc., Waltham,...

1. A method comprising:receiving a signal for radio transmission;
configuring crest factor reduction (CFR) processing characteristics, at a wireless device, to apply to the received signal to modify one or more portions of the received signal based on an asymmetrical spectral mask, representative of an asymmetric frequency envelope limiting allowed magnitudes for frequency components bounded by the asymmetrical spectral mask, the asymmetrical spectral mask being defined based on spectral characteristics requirements specified by multiple regulatory radio frequency (RF) power requirements at frequencies affecting a frequency range of the asymmetrical spectral mask; and
applying CFR processing to the received signal according to the configured CFR processing characteristics to produce a resultant output signal with a resultant spectral representation bound by the asymmetrical spectral mask.

US Pat. No. 10,972,325

METHOD AND APPARATUS FOR GENERATING/TRANSMITTING A FRAME FOR WIRELESS COMMUNICATION, AND SYNCHRONIZATION ESTIMATION METHOD FOR WIRELESS COMMUNICATION

ELECTRONICS AND TELECOMMU...

1. A method of generating a frame for communication, the method comprising:generating, by a processor, a modified sequence using a base sequence, the modified sequence being derived from one of
(i) a result of applying complex conjugate to the base sequence,
(ii) a result of applying complex conjugate to the base sequence, and changing a sign of an imaginary portion of the complex conjugated base sequence, or
(iii) a result of changing a sign of the base sequence,each of the base sequence and the modified sequence including a plurality of elements; andallocating, by the processor, the plurality of elements of the base sequence and the plurality of elements of the modified sequence into a first time period of the frame; and
allocating, by the processor, information for automatic gain control or signal detection into a second time period of the frame,
wherein the plurality of elements of the base sequence and the plurality of elements of the modified sequence are allocated into a frequency domain of the first time period, and
wherein the second time period is located before the first time period in the frame.

US Pat. No. 10,972,324

DUAL RECEIVER FOR MILLIMETER WAVE COMMUNICATIONS

QUALCOMM Incorporated, S...

1. An apparatus for wireless communications, comprising:an interface configured to obtain, in parallel:
a preamble of one or more frames of a first type via an omnidirectional antenna; and
one or more frames of a second type via a beamforming antenna array; and
a processing system configured to switch an input path of a receive processing chain of the apparatus from the beamforming antenna array to the omnidirectional antenna to obtain the one or more frames of the first type in response to a detection of the preamble of the one or more frames of the first type being a different length than a preamble of the one or more frames of the second type, wherein the one or more frames of a first type are non-beamformed control physical layer (PHY) frames and the one or more frames of a second type are beamformed data PHY frames.

US Pat. No. 10,972,323

CIRCUITS AND METHODS FOR BI-DIRECTIONAL DATA COMMUNICATION OVER ISOLATION CHANNELS

SEMICONDUCTOR COMPONENTS ...

1. A data communication circuit comprising:a differential transmitter configured to be coupled with a differential input of a first unidirectional differential isolation channel; and
a differential receiver configured to be coupled with a differential output of a second unidirectional differential isolation channel,
the differential receiver including a comparator having a threshold adjustable based on a signal received via the second unidirectional differential isolation channel.

US Pat. No. 10,972,322

SPIRAL POLYNOMIAL DIVISION MULTIPLEXING

Astrapi Corporation, Dal...

1. A non-transitory computer readable medium storing instructions, the instructions comprising:one or more instructions which, when executed by one or more processors, cause the one or more processors to:
convolve a message polynomial representing data with a reference polynomial in order to produce a transmission polynomial;
generate a sequence of amplitude values from the transmission polynomials; and
transmit, via a transmitter, the data as a signal based on the sequence of amplitude values.

US Pat. No. 10,972,321

SYSTEMS AND METHODS FOR DELTA-SIGMA DIGITIZATION

Cable Television Laborato...

18. A method of optimizing a delta-sigma analog-to-digital converter (ADC) architecture for a field programmable gate array (FPGA), comprising the steps of: simulating a performance of the delta-sigma ADC according to a first floating-point calculation using floating-point coefficients of the delta-sigma ADC; approximating key fixed-point coefficients from the floating-point coefficients; performing a second floating-point calculation of the delta-sigma ADC performance using the approximated key fixed-point coefficients; performing a first fixed-point calculation of the delta-sigma ADC performance for a continuous input data stream using transformed fixed-point coefficients obtained from performance of the second floating-point calculation; performing a second fixed-point calculation of the delta-sigma ADC performance, wherein the continuous input data stream is segmented into a plurality of separate data blocks, and wherein the second fixed-point calculation is individually performed on each separate segmented data block; and evaluating performance of the FPGA having a logical structure based on the performance of the second fixed-point calculation individually performed on each of the plurality of separate data blocks.

US Pat. No. 10,972,320

REFERENCE SIGNAL TRANSMISSION METHOD AND TRANSMISSION APPARATUS

Huawei Technologies Co., ...

1. A reference signal communication method, comprising:determining a resource block offset of a frequency domain position of a phase tracking reference signal (PTRS) based on a frequency domain density of the PTRS, an identifier of a terminal device, and a first bandwidth, in accordance with a ratio of the first bandwidth to the frequency domain density of the PTRS being a non-integer; wherein the first bandwidth is a bandwidth scheduled by a network device for the terminal device; and
sending or receiving the PTRS based on the resource block offset of the frequency domain position of the PTRS.

US Pat. No. 10,972,319

CLOCKLESS DECISION FEEDBACK EQUALIZATION (DFE) FOR MULTI-LEVEL SIGNALS

TEXAS INSTRUMENTS INCORPO...

1. A receiver comprising:a decision feedback equalization (DFE) loop, wherein the DFE loop includes:
a summation circuit having a first input coupled to a multi-level input, a second input, and an output;
a multi-bit quantizer including a digital-to-analog converter (DAC) having an input coupled to the output of the summation circuit and having an output, and an analog-to-digital converter (ADC) having an input coupled to the output of the DAC, and having an output;
a delay circuit having an input coupled to the output of the DAC and an output providing a multi-level feedback signal; and
a DFE tap circuit having an input coupled to the output of the delay circuit and an output coupled to the second input of the summation circuit, wherein the DFE tap circuit is configured to apply signed DFE tap weights to the multi-level feedback signal;
wherein the multi-bit quantizer comprises quantizer paths, each quantizer path having a respective slicer set to a different threshold, and wherein the multi-level feedback signal is a combination of outputs from the quantizer paths.

US Pat. No. 10,972,318

DATA STREAM PROCESSING DEVICE WITH RECONFIGURABLE DATA STREAM PROCESSING RESOURCES AND DATA STREAM PROCESSING METHOD

HUGHES NETWORK SYSTEMS, L...

1. A data stream processing device comprising:a plurality of data providing units configured to output data values received via a plurality of data inputs, respectively;
a plurality of processing units configured to generate output data based on the data values, respectively; and
control circuitry including a mode selection input and configured to
simultaneously provide data values of different data streams to the data inputs of the data providing units, respectively, in response to the mode selection input receiving a signal indicating a first mode, and
simultaneously provide a plurality of successive groups of data values of one of the data streams to the data inputs of the data providing units, respectively, in response to the mode selection input not receiving the signal indicating the first mode.

US Pat. No. 10,972,317

DEVICE AND METHOD FOR DATA RECEPTION

Synaptics Incorporated, ...

1. A receiver device, comprising:a first differential receiver configured to output a first single ended signal based on a voltage between a first wire and a second wire of three or more wires;
first delay compensation circuitry configured to generate a first compensated single ended signal by delaying the first single ended signal;
clock recovery circuitry configured to generate a recovered clock signal at least partially based on the first compensated single ended signal; and
first latch circuitry configured to latch the first compensated single ended signal in synchronization with the recovered clock signal,
wherein a delay time of the first delay compensation circuitry used in reception of a first symbol is at least partially based on a voltage between the first wire and the second wire in reception of a second symbol transmitted before the first symbol.

US Pat. No. 10,972,316

CHANNEL ESTIMATION USING A CHIRP SIGNAL AND THE FRACTIONAL FOURIER TRANSFORM

The Aerospace Corporation...

1. A system, comprising:a transmitting computing system; and
a receiving computing system, wherein
the transmitting computing system is configured to:
generate a chirp for a signal, and
transmit the signal comprising the chirp as a preamble to the receiving computing system, and
the receiving computing system is configured to:
receive a plurality of multipath signal components from the transmitted signal,
estimate coefficients of a channel of the transmitted signal using a Fractional Fourier Transform (FrFT) and the chirp preamble, and
correct for the channel using the estimated coefficients, wherein the estimation of the coefficients of the channel comprises:
calculating an optimal rotational parameter aopt for the chirp such that each chirp component of the multipath signal components becomes a tone, and
calculating delay values between the chirp components given by differences between the chirp components on a rotated time axis topt.

US Pat. No. 10,972,315

OFDM SIGNAL AND NOISE ESTIMATION

Nordic Semiconductor ASA,...

1. A method of generating a noise power estimate for a particular reference signal received on a particular subcarrier, from among a plurality of OFDM subcarriers, the method comprising generating the noise power estimate as an absolute square of a difference divided by a constant factor, wherein:the difference is between i) an unfiltered channel estimate for the particular reference signal and ii) a filtered channel estimate for the particular reference signal;
the filtered channel estimate for the particular reference signal is a sum of the products of i) unfiltered reference-signal channel estimates for a filter set of reference signals with ii) respective reference-signal coefficients from a filter set of reference-signal coefficients;
the filter set includes the particular reference signal;
the respective reference-signal coefficients sum to one; and
the constant factor is equal to one minus the respective reference-signal coefficient for the particular reference signal.

US Pat. No. 10,972,314

GATEWAY DEVICE FOR A FIRE CONTROL SYSTEM

Honeywell International I...

1. A gateway device for a fire control system, comprising:a processor; and
a memory having instructions stored thereon which, when executed by the processor, cause the processor to:
detect that a network interface of the gateway device is connected to a network;
receive data associated with the fire control system; and
determine a data management scheme for the gateway device based on a type of detected network interface and the received data.

US Pat. No. 10,972,313

RELAY DEVICE

YOKOGAWA ELECTRIC CORPORA...

1. A relay device comprising:a memory; and
a hardware processor coupled to the memory, wherein
the hardware processor:
receives, from a sensor, a plurality of data to be transmitted to a server on a network;
among the plurality of data, backs up, in the memory, untransmitted data that has failed to be transmitted to the server;
determines a transmission priority among the backed-up data and new data received from the sensor that also has not yet been transmitted to the server;
transmits, to the server, data determined to have a highest transmission priority among the new data and the backed-up data; and
determines a server communication status based on whether communication with the server fails.

US Pat. No. 10,972,312

PROGRAMMABLE INFRASTRUCTURE GATEWAY FOR ENABLING HYBRID CLOUD SERVICES IN A NETWORK ENVIRONMENT

CISCO TECHNOLOGY, INC., ...

1. A method comprising:generating, using a cloud adapter software development kit (SDK) with cloud orchestration code associated with a platform of a first cloud in a hybrid cloud, a specific cloud adapter tailored to work with the platform of the first cloud;
receiving a hybrid cloud instruction from a hybrid cloud application executing in a second cloud in the hybrid cloud;
interpreting, using the specific cloud adapter generated via the cloud adapter SDK, the hybrid cloud instruction according to a hybrid cloud application programming interface (API) to yield an interpreted hybrid cloud instruction;
interpreting a management instruction according to a cloud management API to yield an interpreted management instruction; and
executing the interpreted hybrid cloud instruction and the interpreted management instruction in the first cloud using the specific cloud adapter.

US Pat. No. 10,972,311

UPDATES TO SUPPORT NETWORK BASED INTERNET PROTOCOL FLOW MOBILITY

INTEL IP CORPORATION, Sa...

1. User equipment (UE), comprising:radio frequency (RF) circuitry; and
baseband circuitry coupled to the RF circuitry, the baseband circuitry to:
generate a wireless local area network (WLAN) control protocol (WLCP) packet data network (PDN) connectivity request message;
indicate, via the WLCP PDN connectivity request message, that an existing PDN connection is to be provisioned as a multiple access PDN connection by adding one of a WLAN or a 3rd generation partnership project (3GPP) network as an additional access connection;
generate a WLCP network-based IP flow mobility (NBIFOM) request message to include an indication of an updated routing rule;
include a new routing filter description for the updated routing rule in the WLCP NBIFOM message flow; and
transmit the WLCP PDN connectivity request message via the RF circuitry.

US Pat. No. 10,972,310

LINK STATE PACKET TRANSMISSION METHOD AND ROUTING NODE

Huawei Technologies Co., ...

1. A link state packet transmission method, wherein the method is applied to a tree topology, and the tree topology comprises a leaf routing node, an intermediate routing node, and a root routing node, and the method comprises:receiving, by the intermediate routing node, a link state packet sent by a child routing node of the intermediate routing node;
sending, by the intermediate routing node, the link state packet to the root routing node, wherein the root routing node is configured to aggregate received link state packets to obtain a link state packet set;
receiving, by the intermediate routing node, the link state packet set sent by the root routing node; and
sending, by the intermediate routing node, the link state packet set to the child routing node of the intermediate routing node,
wherein the sending, by the intermediate routing node, the link state packet to the root routing node comprises:
sending, by the intermediate routing node based on first distance vector information, the link state packet to a first neighboring routing node that has a shortest distance to all root routing nodes less than a shortest distance from the intermediate routing node to all the root routing nodes.

US Pat. No. 10,972,309

METHOD AND DEVICE FOR AUTOMATICALLY DISCOVERING CROSS-NODE SERVICE TOPOLOGY ON TRANSOCEANIC MULTIPLE SECTION SHARED PROTECTION RING

SINO-TELECOM TECHNOLOGY C...

5. A device for automatically discovering a cross-node service topology on a transoceanic multiplex section shared protection ring, characterized in that the device comprises:an optical transmitting and receiving module supporting optical synchronous digital hierarchy transmission network protocols, connected with a plurality of network element devices to form a transoceanic multiplex section shared protection ring and receive and transmit a service flow;
a configuration module supporting simple network management protocols or command-line interfaces, used for receiving a service and protection configuration made by a user to a current network node;
a cross-node service topology automatic discovery module, connected with the optical transmitting and receiving module and the configuration module and used for packaging the configuration made by the user to the current network element node into a broadcast message containing service identification information of the current node, broadcasting the broadcast message to other network element nodes in the transoceanic multiplex section shared protection ring through a data communication channel in the optical transmitting and receiving module or Ethernet interfaces between network element nodes, unpackaging messages containing service identification information of other nodes received from the data communication channel or the Ethernet interfaces and calculating a cross-node service crossing topology through a topology discovery method, the cross-node service crossing topology containing topological identification information which is capable of uniquely identifying a cross-node service flow; and
wherein the optical transmitting and receiving module is located on a line board and comprises an SDH transmission module, a service processing module, a protection protocol processing module, a service crossing matrix, an APS hardware channel and a general-purpose processor;
and an optical synchronous digital hierarchy transmission network service enters the optical transmitting and receiving module through an optical fiber, photoelectric conversion is performed by the SDH transmission module to convert an optical signal into an electrical signal, the service processing unit separates service data and overhead bytes from the electrical signal, the overhead bytes which are needed by the protection protocols are transmitted into the protection protocol processing module for protection calculation through the APS hardware channel, and the service data enter the service crossing matrix for switching.

US Pat. No. 10,972,308

COMMUNICATION DEVICE AND AUTOMOBILE INCLUDING THE SAME

HITACHI AUTOMOTIVE SYSTEM...

1. A communication device comprising:a master station;
a ring-type transmission line whose start point and end point are connected to the master station; and
a plurality of slave stations connected to the ring-type transmission line in parallel,
wherein the master station transmits a signal and feeds electric power from both of the start point and the endpoint of the ring-type transmission line, and
wherein each of the plurality of slave stations includes an impedance variable element, and the impedance variable elements are connected to the ring-type transmission line in parallel.

US Pat. No. 10,972,307

COMMUNICATION SYSTEM

YAZAKI CORPORATION, Toky...

1. A communication system comprising:a plurality of slave devices each comprising ones of slave device ID storages;
a master device communicating with the plurality of slave devices and comprising a master device ID storage;
a writing device for writing slave device IDs into the slave devices and a master device ID into the master device;
wherein the writing device transmits the master device ID to the master device, and then sequentially transmits the slave device IDs of the plurality of slave devices to the master device,
wherein the master device is provided for each of the plurality of slave devices,
wherein the master device includes a plurality of output switches for supplying power to the corresponding ones of the slave devices, a first setting unit for receiving the master device ID from the writing device and setting the master device ID to the master device ID storage of the master device, and a switch control unit, after setting of the master device ID to the master device ID storage, sequentially switching on ones of the output switches and receiving corresponding ones of the slave device IDs of the plurality of slave devices from the writing device, and
wherein each of the plurality of slave devices includes a second setting unit setting the ones of the slave device IDs, received from the writing device after a power is supplied, to respective ones of the slave device ID storages.

US Pat. No. 10,972,306

BUILDING MANAGEMENT SYSTEM HAVING EVENT REPORTING

CARRIER CORPORATION, Pal...

1. A building management system comprising:a building system interface configured to access a building system;
an event service module configured to access event data in the building system through the building system interface;
a knowledge base providing a model of the building system, the model including semantic descriptions of the event data, the semantic descriptions of the event data being arranged in an ontology;
a semantic service module in communication with the knowledge base; and
a user interface in communication with the semantic service module and the event service module, the user interface generating a user request to create an event filter having a filter criterion and report the event data matching the filter criterion;
wherein creating the event filter comprises:
issuing, to the semantic service module by the user interface, the user request to create the event filter;
the semantic service module accessing the knowledge base to retrieve the event data matching the user request,
the knowledge base providing metadata from the event data matching the filter criterion to the user interface;
the user interface sending the user request to create the event filter to the event service module based on the metadata retrieved from the knowledge base; and
the event service module creating the event filter.

US Pat. No. 10,972,305

POWER LINE COMMUNICATIONS NETWORK SYSTEM FOR A SPA

Bullfrog International, L...

1. A power line communications system for controlling a temperature of a spa, the spa power line communications system comprising:a spa comprising a spa tub and a spa heating element, the spa heating element in communication with a spa temperature controller;
a spa network interface comprised of a control unit electrically connected to the spa temperature controller;
a spa power line communication module electronically connected to the spa network interface;
a spa electrical panel electrically connected to a residential circuit breaker panel;
a first 120-volt conductor, a second 120-volt conductor, a third neutral conductor, and a ground conductor electrically connecting the spa electrical panel to the spa power line communication module;
a user interface connected to the spa network interface, wherein the user interface is configured to display real-time spa temperature settings and manipulate current spa temperature settings;
a signal bridge configured to conduct frequencies between the first 120-volt conductor, the second 120-volt conductor, a ground conductor, and the third neutral conductor;
a controller electrically connected to an electronic relay and the signal bridge, the controller programmed to automatically periodically:
test the connectivity of an in-home power line communication module and the spa network interface via the first 120-volt conductor and determine a first conductor throughput;
test the connectivity of the in-home power line communication module and the spa network interface via the second 120-volt conductor and determine a second conductor throughput;
test the connectivity of the in-home power line communication module and the spa network interface via the ground conductor and determine a ground conductor throughput;
test the connectivity of the in-home power line communication module and the spa network interface via the third neutral conductor and determine a neutral conductor throughput; and
compare the first conductor throughput, the second conductor throughput, the ground conductor throughput, and the neutral conductor throughput to determine a superior conductor and automatically conduct the frequency to the superior conductor;
the in-home power line communication module electronically connected to the residential circuit breaker panel and an in-home network; and
a remote computing device in communication with the in-home network, the remote computing device configured to display the real-time spa temperature settings of the user interface and manipulate current spa temperature settings.

US Pat. No. 10,972,304

HOME-AUTOMATION SYSTEM AND METHOD FOR CONSTITUTING THE TOPOLOGY OF A HOME-AUTOMATION SYSTEM

SOMFY SAS, Cluses (FR)

1. A method for constituting a topology of a home automation installation comprising a first central control unit and a second central control unit, the method being executed by a user terminal connected to the home automation installation and comprising the following steps:i. a first step of receiving from the first central control unit at least a first message comprising a first list comprising at least one home automation device with which the first central control unit is able to communicate and a second step of receiving from the second central control unit at least a second message comprising a second list comprising at least one home automation device with which the second central control unit is able to communicate;
ii. selecting at least one combination of at least one device from the first list in connection with the first central control unit and at least one device from the second list in connection with the second central control unit,
iii. for the at least one combination selected in step ii sending an attachment message to the first central control unit and the second central control unit, the attachment message sent to the first central control unit instructing the first central control unit to trigger an attachment of the at least one device from the first list to the first central control unit, and the attachment message sent to the second central control unit instructing the second central control unit to trigger an attachment of the at least one device from the second list to the second central control unit.

US Pat. No. 10,972,303

METHOD AND PROGRAM FOR CONTROLLING PORTABLE INFORMATION TERMINAL

PANASONIC INTELLECTUAL PR...

1. A method for controlling a portable information terminal connectable to a network, to which a target device in a house, or a server for controlling the target device is connected, the portable information terminal being provided with a message transmitting function, the control method causing a computer of the portable information terminal to:extract, from a message to be transmitted by the message transmitting function, address information of the message to be transmitted when it is detected that the message transmitting function is activated;
extract, as a transmission time of the message to be transmitted from the portable information terminal, a time measured by the portable information terminal;
judge whether the address information matches predetermined address information, with use of a first database in which the predetermined address information is registered;
extract the target device with use of a second database in which the target device to be controlled by a user of the portable information terminal and information on a time period of the control are associated with each other;
determine an activation time at which the target device is to be activated on the basis of the time measured by the portable information terminal and the information on the time period of the control; and
when it is judged that the address information matches the predetermined address information, transmit a control command at the determined activation time to the network, the control command being for activating the target device,
wherein the determined activation time is calculated on the basis of a time after lapse of (i) a recorded time at which the target device is turned on recorded in the second database from (ii) the time measured by the portable information terminal.

US Pat. No. 10,972,302

SCALABLE COMPUTING SYSTEMS FOR GENERATING NOTIFICATIONS, AND METHODS OF OPERATING THEREOF

Wealthsimple Technologies...

1. A scalable computing system for generating one or more notifications, the scalable computing system comprising:a first processor;
a second processor in communication with the first processor, the first processor being operable to:
execute a plurality of independent management processes, wherein a first management process of the plurality of independent management processes corresponds to a first action definition of a plurality of action definitions, and the first management process is configured to:
monitor a state of at least one operation defined in the first action definition;
for a first operation of the at least one operation, identify a first worker process to perform the first operation, based on a state of the first operation, and assign the first worker process to perform the first operation; and
upon detecting a predefined condition in at least one of the plurality of independent management processes, transmit, to the second processor, the one or more notifications.

US Pat. No. 10,972,301

DISPLAYING NOTIFICATIONS FOR STARTING A SESSION AT A TIME THAT IS DIFFERENT THAN A SCHEDULED START TIME

Microsoft Technology Lice...

1. A system comprising:one or more processing units; and
a computer-readable medium having encoded thereon computer-executable instructions to cause the one or more processing units to:
access calendar data that defines a scheduled start time for a communication session and an invitee list for the communication session, wherein the invitee list includes at least a first user and a second user;
determine that an account associated with the first user defines a notification parameter configured to cause a transmission of a notification to a first device associated with the first user in response to determining that an invitee on the invitee list is a first person to join the communication session;
receive, from a second device associated with the second user and at a time that is different than the scheduled start time, an indication that the second user is the first person to join the communication session;
transmit, in response to receiving the indication and based at least in part on the notification parameter, the notification to the first device associated with the first user, wherein the notification causes the first device to display (i) information indicating that the second user is the first person to join the communication session and (ii) a user interface element that is selectable to generate a join request on behalf of the first user;
receive the join request from the first device based on a selection of the user interface element; and
communicate, based on reception of the join request, data to the first device and to the second device to facilitate the communication session between the first user and the second user.

US Pat. No. 10,972,300

TRANSMISSIONS OF UNICAST FRAMES TO CLIENT DEVICES

Hewlett Packard Enterpris...

12. A device, comprising:one or more processors configured to:
receive data rates of respective client devices;
determine a multicast data rate based on the data rates of the respective client devices;
determine a refresh interval, the refresh interval corresponding to a time period during which a client device of the respective client devices needs to receive a unicast frame in order to prevent a data rate of the client device from being decreased;
calculate a predetermined time based on a difference between the refresh interval and an average inter-packet arrival time;
determine that the predetermined time has passed since a last unicast transmission was sent to one of the client devices; and
set an indication that the one of the client devices is to receive a unicast frame.

US Pat. No. 10,972,299

ORGANIZING AND AGGREGATING MEETINGS INTO THREADED REPRESENTATIONS

CISCO TECHNOLOGY, INC., ...

1. A method for organizing meeting content, comprising:generating, from a set of available meetings, a thread comprising a collection of related meetings that share one or more attributes;
aggregating data for the related meetings, wherein the data comprises metadata for the related meetings and terms included in recordings of the related meetings, wherein aggregating the data for the related meetings under the collection further comprises merging adjacent snippets in a recording when a temporal separation between the adjacent snippets falls below a threshold;
analyzing the aggregated data for insights associated with the related meetings; and
outputting at least a portion of the aggregated data within a summary of the thread, wherein outputting the at least a portion of the aggregated data within the summary of the thread comprises:
generating scores for snippets of voice activity in the recordings based on content of the snippets and contexts associated with the snippets,
ranking the snippets based on the scores,
selecting, based on the ranking, a subset of the snippets for inclusion in the summary, and
outputting the selected subset of the snippets.

US Pat. No. 10,972,298

PROACTIVELY MANAGING COLLISIONS OF MULTIPLE CLUSTERING GROUPS FOR COLLABORATIVE MESSAGING PLATFORMS

INTERNATIONAL BUSINESS MA...

1. A computer-implemented method for merging two or more user groups for collaboration, the method comprising:constructing a social graph of each user of a plurality of users within the two or more user groups based upon a user profile and a workflow associated with each user;
calculating a weighted adjacency matrix based on a set of user interactions between two or more users indicated by the social graph, the weighted adjacency matrix comprising a data structure representing a weighted directed graph, the weighted directed graph representing the set of user interactions, a vertex of the weighted directed graph representing a user, an edge of the weighted directed graph representing an interaction between two users, wherein one or more weighted values of edges of the weighted directed graph are increased corresponding to a degree of positivity of the interaction, and wherein one or more weighted values of edges of the weighted directed graph are decreased corresponding to a degree of negativity of the interaction;
generating a model inferring leading edge contributions and least significant edge contributions among the users based upon the social graph and the weighted adjacency matrix, wherein an edge contribution between a pair of users comprises a degree of positivity of a distant interaction between the pair of users, the distant interaction comprising a set of edges of the weighted directed graph in a path in the weighted directed graph between the pair of users, the path including at least one vertex other than vertices representing the pair of users, the edge contribution calculated by summing a set of weighted values in the weighted directed graph, each weighted value in the set of weighted values corresponding to an edge in the path, a leading edge contribution comprising a highest value of a set of edge contributions, a least significant edge contribution comprising a lowest value of a set of edge contributions;
identifying, within the plurality of users, using the edge contributions, an edge graph collision between users within a group expected to be involved in a future collaboration, the edge graph collision representing a pair of users within the group having a distant interaction with an edge contribution having a zero weight; and
determining an action to remediate the edge graph collision, the action comprising adding a user with a leading edge contribution to the future collaboration.

US Pat. No. 10,972,297

DATA PROCESSING SYSTEM WITH MACHINE LEARNING ENGINE TO PROVIDE AUTOMATED COLLABORATION ASSISTANCE FUNCTIONS

Bank of America Corporati...

1. A computing platform, comprising:at least one processor;
a communication interface communicatively coupled to the at least one processor; and
memory storing computer-readable instructions that, when executed by the at least one processor, cause the computing platform to:
receive, via the communication interface, from a teleconference hosting computer system, a first content stream associated with a first teleconference;
responsive to receiving the first content stream associated with the first teleconference from the teleconference hosting computer system, generate, based on a machine learning dataset, first real-time transcript data comprising a real-time textual transcript of the first teleconference;
receive a request for a summary of the first teleconference;
responsive to receiving the request for the summary of the first teleconference, generate, based on the first real-time transcript data comprising the real-time textual transcript of the first teleconference, a summary report of the first teleconference;
based on generating the summary report of the first teleconference, send, via the communication interface, the summary report of the first teleconference to one or more recipient devices;
generate one or more reminders associated with one or more action items being tracked by a selectable tracking service executed on the computing platform;
send, via the communication interface, the one or more reminders associated with the one or more action items being tracked by the selectable tracking service executed on the computing platform to at least one recipient device;
identify a completion status of at least one item being tracked by the selectable tracking service executed on the computing platform based on item status information received by the computing platform from one or more user devices;
responsive to identifying the completion status of the at least one item being tracked by the selectable tracking service executed on the computing platform, provide a status report to at least one user device;
detect, during the first teleconference, based on the first real-time transcript data comprising the real-time textual transcript of the first teleconference, a first action item associated with the first teleconference;
responsive to detecting the first action item associated with the first teleconference, identify, based on the machine learning dataset, one or more automated tasks associated with the first action item associated with the first teleconference; and
responsive to identifying the one or more automated tasks associated with the first action item associated with the first teleconference, execute the one or more automated tasks associated with the first action item associated with the first teleconference.

US Pat. No. 10,972,296

MESSAGING TO ENFORCE OPERATION SERIALIZATION FOR CONSISTENCY OF A DISTRIBUTED DATA STRUCTURE

Microsoft Technology Lice...

1. A non-transitory computer readable storage medium comprising instructions that when executed by hardware processing circuitry of a first device, configure the first device to perform operations comprising:joining a collaboration session providing access to a distributed data structure;
receiving a first message identifying contiguously ordered operations on the distributed data structure; each of the identified operations included in a collaboration window of operations that each have a pending acknowledgment;
representing a first version of the distributed data structure; the first version represented to include each of the contiguously ordered operations;
representing a second version of the distributed data structure to include a first operation, the first operation ordered subsequent to a last operation in the contiguously ordered operations; and
transmitting a second message indicating the first operation and further indicating an association between the first operation and the first version;
receiving a third message indicating an updated collaboration window that excludes the identified operations; and
garbage collecting based on the excluded operations.

US Pat. No. 10,972,295

SYSTEM AND METHOD FOR DETECTING THE END OF AN ELECTRONIC CONFERENCE SESSION

RingCentral, Inc., Belmo...

1. A method comprising:receiving data from an electronic conferencing system, wherein the electronic conferencing system is configured to facilitate an electronic conference session between a plurality of users, and wherein the received data is data collected during the electronic conference session;
determining that the electronic conference session is about to end or has ended based on the received data absent an affirmative action by a user to terminate the electronic conference session; and
in response to determining that the electronic conference session is about to end or has ended, automatically triggering an electronic conference session ending event, wherein the electronic conference session ending event suspends an audio functionality or video functionality of the electronic conference session.

US Pat. No. 10,972,294

ONLINE CHARGING FOR MULTI-USER AGENT INSTANCES SERVED BY DIFFERENT TELEPHONY APPLICATION SERVERS

T-Mobile USA, Inc., Bell...

1. A method comprising:receiving, from one or more computing devices, first session information of a communication session for a user equipment, wherein the first session information includes charging information and a served number;
determining a rating function for the communication session based at least in part on the first session information;
generating an online charging session using the rating function;
receiving, from the one or more computing devices, second session information of the communication session for the user equipment;
determining that the second session information includes a change in the charging information;
determining to update the rating function for the communication session based at least in part on the change in the charging information;
determining to update the online charging session using the rating function;
receiving an incoming communication session request for the served number from a new caller; and
determining one or more user equipment associated with the served number to transmit call-forking information associated with the incoming communication session request.

US Pat. No. 10,972,293

ADAPTIVE ENERGY EFFICIENT ETHERNET

Marvell Asia Pte., LTD., ...

1. An Ethernet transceiver, comprising:transceiver circuitry including:
receiver circuitry to receive refresh signals from a link partner during a low-power idle mode of operation, each refresh signal having a refresh period and a quiet period, wherein the quiet period is interposed between successive refresh signals,
signal quality detection circuitry to, during the low-power idle mode, determine a measure of signal quality associated with the received refresh signals, and
circuitry to communicate to the link partner a signal based on the measure of signal quality of the received refresh signals for adjusting at least one of the refresh period or the quiet period.

US Pat. No. 10,972,292

I/O CIRCUIT DESIGN FOR SRAM-BASED PUF GENERATORS

Taiwan Semiconductor Manu...

1. A physical unclonable function (PUF) generator comprising:a PUF cell array comprising a plurality of bit cells configured in a plurality of columns and at least one row, and
at least one input/output (I/O) circuit each coupled to at least two neighboring columns of the PUF cell array,
wherein the at least one I/O circuit each comprises a sense amplifier (SA) with no cross-coupled pair of transistors, wherein the SA comprises two cross-coupled inverters with no access transistor and a SA enable transistor, and wherein the at least one I/O circuit each is configured to access and determine logical states of at least two bit cells in the at least two neighboring columns; and based on the determined logical states of the plurality of bit cells, to generate a PUF signature.

US Pat. No. 10,972,291

SECURING COMMUNICATIONS

Intel Corporation, Santa...

1. A method for securing communications between a publisher and a subscriber, comprising:receiving a challenge vector from the subscriber;
determining a response vector using a physically unclonable function (PUF) for each challenge value in the challenge vector to generate a response value;
sending the response vector to the subscriber;
generating a random number;
using the random number to generate a false PUF value;
interspersing the false PUF value with a collected data value; and
obscuring the collected data value by sending false data and authentic data in a data stream sent to the subscriber.

US Pat. No. 10,972,290

USER AUTHENTICATION WITH SELF-SIGNED CERTIFICATE AND IDENTITY VERIFICATION

BEYOND IDENTITY INC., We...

1. A method for authenticating a user to a verifying party computer over a network, comprising:generating a self-signed root user certificate signed by a root private key on a user device, wherein the signing of the self-signed root user certificate by the root private key occurs on the user device;
generating an intermediate private key in a secure enclave on the user device;
signing an intermediate certificate with the root private key;
linking the intermediate certificate to the self-signed user root certificate by way of signature to form a certificate chain, the certificate chain including a public key corresponding to the intermediate private key;
transmitting the certificate chain to the verifying party computer over the network;
transmitting user identification data to the verifying party computer for linking with the certificate chain; and
transmitting the certificate chain to the verifying party computer in a subsequent communication to identify the user without the user identification data.

US Pat. No. 10,972,289

SOFTWARE RELEASE VERIFICATION

JFrog, Ltd., Netanya (IL...

1. A method for sharing digital signature information of a software release, the method comprising:receiving, by one or more processors, file information corresponding to one or more files of a software release from an entity device;
receiving, by the one or more processors, multiple digital signatures from the entity device, each digital signature related to a corresponding development stage of multiple development stages of the software release;
receiving, by the one or more processors, node information corresponding to one or more node devices from the entity device;
generating, by the one or more processors, software release information comprising the multiple digital signatures and an indication of the one or more files; and
initiating, by the one or more processors, transmission of the software release information to the one or more node devices.