US Pat. No. 10,659,474

END TO END ENCRYPTION

Snap Inc., Santa Monica,...

1. A method comprising:determining a public signing key (B) of a communication partner device by decoding data encoded within the image;
receiving a message at a computing device;
verifying, based on the public signing key of the communication partner device, whether the message is from the communication partner device;
providing an output including the message and an indication of the communication partner device if the message is verified to be from the communication partner device;
providing an output indicating an error if the message is not verified to be from the communication partner device;
generating, at the computing device, a private key (a) of the computing device;
computing a public signing key (A) of the computing device, the public signing key of the computing device being computed according to an equation: A=g a mod p, wherein p is a prime number that exceeds a threshold, and g is a primitive root modulo p;
computing a shared secret (s) of the computing device and the communication partner device according to an equation: s=B a mod p;
decrypting the received message using the shared secret;
encrypting a second message using the shared secret; and
transmitting the second message to the communication partner device.

US Pat. No. 10,659,473

METHOD AND APPARATUS FOR BLOCKCHAIN POWERED INTEGRITY PROTECTION SYSTEM

Nokia Solutions And Netwo...

1. A method for using blockchains as an integrity tracking tool for network elements, the method comprising:receiving, by a blockchain network, a patch request from a patch initiator, the patch request including first hashed information indicative of an expected result of a patch;
validating, by the blockchain network, the patch request and writing the patch request on a blockchain;
transmitting, by the blockchain network, the patch request to a network element;
receiving, by the blockchain network, a patch report from the network element, the patch report including second hashed information indicative of the expected result of the patch applied to the network element;
validating, by the blockchain network, the patch report in accordance with one or more operations, the one or more operations including confirming a match between the first hashed information and the second hashed information; and
writing, by the blockchain network, the patch report on the blockchain.

US Pat. No. 10,659,472

METHOD, SYSTEM, AND COMPUTER PROGRAM PRODUCT FOR PROVIDING SECURITY AND RESPONSIVENESS IN CLOUD BASED DATA STORAGE AND APPLICATION EXECUTION

International Business Ma...

1. A method, comprising:maintaining a storage controller that controls a plurality of storage clouds;
determining a minimum level of security certification required for performing a selected operation in the plurality of storage clouds;
determining a subset of storage clouds of the plurality of storage clouds that are able to satisfy the minimum level of security certification;
determining which storage cloud of the subset of storage clouds has a fastest responsiveness among the subset of storage clouds; and
performing the selected operation in the determined storage cloud that has the fastest responsiveness among the subset of storage clouds.

US Pat. No. 10,659,468

ACCESS CONTROL VALUES

MICRO FOCUS LLC, Santa C...

1. A non-transitory machine-readable storage medium storing instructions that upon execution cause a system to:receive, from a sender, an access control value generated based on information of a plurality of recipients;
send, to the sender, a signed version of the access control value for sending by the sender to the plurality of recipients with an encrypted message;
receive, from a first recipient in association with a request for a key to decrypt the encrypted message, a signed access control value and recipient information for deriving the access control value, wherein the recipient information comprises an identity of the first recipient, and an intermediate value computed from information of another of the plurality of recipients; and
determine whether the first recipient is one of the plurality of recipients using the signed access control value and the recipient information.

US Pat. No. 10,659,466

SECURE RESOURCE-BASED POLICY

Microsoft Technology Lice...

1. A system comprising:one or more processors;
memory;
an authority service stored in the memory and executable by the one or more processors to:
receive a request for an application to access a resource over a network;
send, based at least in part on the request, a first query to collect proxy information useable to establish a network connection with the resource;
send, based at least in part on the request, a second query to collect hostname information useable to establish the network connection with the resource;
receive, based at least in part on the first and the second queries, the proxy information and the hostname information useable to establish the network connection with the resource;
create a ticket that includes the proxy information and the hostname information;
securely store the ticket in an operating system component thereby preventing the application from altering the proxy information or the hostname information included in the ticket; and
use the proxy information and the hostname information included in the ticket to determine that the application is allowed to access the resource over the network connection.

US Pat. No. 10,659,464

SECURELY AUTHENTICATING A BOT USER

Microsoft Technology Lice...

1. A processor-implemented method of authenticating a user of an application, comprising:transmitting, by a first client application, a user identifier to a first web application;
receiving, by the first client application, a request to access a second web application that uses different access credentials than the first web application;
receiving, by the first client application, a second identifier from a web service, the second identifier identifying authenticated access to the second web application based on access credentials provided by a second client application;
sending, by the first client application, the second identifier to the first web application, the first web application configured to associate the user identifier with the second identifier and the authenticated access to the second web application;
receiving, by the first client application, an indication from the first web application that the user identifier is authenticated for accessing the second web application; and
accessing, by the first client application, the second web application, via the first web application in response to the received indication.

US Pat. No. 10,659,463

DELIVERING ANONYMOUS COMMUNICATION BETWEEN CUSTOMERS AT CUSTOMER CARE SITE

T-Mobile USA, Inc., Bell...

1. A computer-implemented method comprising:as implemented by one or more computing devices configured with specific computer-executable instructions:
providing, over a network, a first web page from a customer care web site, the first web page comprising a first content item posted by a first user and a first contact link for requesting communication with the first user, wherein the first content item posted by the first user comprises a question or a comment posted by the first user in a discussion forum on the first web page of the customer care web site;
providing a data store maintaining first contact information of the first user in association with the first contact link and the first content item, wherein the first contact information corresponds to identification of a first user device of the first user;
receiving a contact request, from a second user, to initiate a communication with the first user by selecting the first contact link on the first web page at a second user device of the second user, wherein the second user device is associated with second contact information; and
in response to the contact request, (a) identifying the first contact information of the first user and the first content item from the data store using information included in the contact request; and (b) causing a communication session to be established between the first user device and the second user device using the first contact information and the second contact information, wherein causing the communication session to be established includes causing display of a contact request notification at the first user device, wherein the contact request notification includes information about the contact request including an option to deny the contact request, wherein the contact request notification includes an identification of the first content item associated with the first contact link, and wherein the contact request notification excludes identification of the second contact information.

US Pat. No. 10,659,462

SECURE DATA TRANSMISSION USING A CONTROLLED NODE FLOW

Pribit Technology, Inc., ...

1. A method performed by a system to securely transfer data between a source node and a destination node in a network, the method comprising:establishing a control flow between a gateway and a controller, the control flow including a tunnel forwarding management information between the gateway and the controller;
obtaining node flow initialization information from the controller to initialize a node flow between a source node and the gateway connecting the source node to a destination node, the node flow initialization information providing instructions creating a node flow tunnel between the gateway and the source node;
establishing the node flow between the source node and the gateway, the node flow identified in a node flow routing table providing packet processing information for forwarding data packets through the network;
establishing an application flow between the source node and the destination node, the application flow facilitating application-specific data packet transmission between the source node and destination node via the node flow tunnel;
receiving, by the gateway from the source node via the node flow tunnel, a data packet that includes an application flow identifier;
querying, by the gateway, an application flow routing table to identify routing instructions for the application flow between the source node and the destination node using the application flow identifier; and
responsive to identifying the application flow between the source node and the destination node, forwarding, by the gateway, the data packet including the application flow identifier to the destination node via the application flow according to the identified routing instructions for the application flow.

US Pat. No. 10,659,459

CALLER AND RECIPIENT ALTERNATE CHANNEL IDENTITY CONFIRMATION

Capital One Services, LLC...

1. A computer-implemented method comprising:receiving, over a voice communication channel by a client device, a first service provider communication from a service provider system related to an account of a client associated with the client;
receiving, over an application communication channel by the client device:
a first authentication of an origin of the first service provider communication indicating that the first service provider communication is from the service provider system related to the account of the client; and
a request seeking an authentication response including a biometric input or an ownership input from the client;
receiving, at a client interface of the client device, at least one of the biometric input, the ownership input, or combination therefor for the authentication response;
determining a keyword for the authentication response; and
forwarding the authentication response to the service provider system over the application communication channel, wherein the authentication response comprises the keyword and at least one of the biometric input, the ownership input or combination thereof; and
receiving, from the service provider system, the keyword over the voice communication channel to utilize as a second authentication of the first service provider communication.

US Pat. No. 10,659,458

SYSTEMS AND METHODS FOR PERFORMING BIOMETRIC REGISTRATION AND AUTHENTICATION OF A USER TO PROVIDE ACCESS TO A SECURE NETWORK

Mastercard International ...

1. A method of performing biometric registration and authentication of a user, via a user device, to provide access to a secure network, the method comprising:transmitting, by a user device running a client application via a communication network to a provider server, a biometric registration request for authentication processing;
receiving, by the user device via the communication network from an access control server (ACS), a request for non-biometric authentication credentials;
transmitting, by the user device via the communication network to the provider server, non-biometric authentication credentials of the user to initiate a determination of validity of the non-biometric authentication credentials;
receiving, by the user device via the communication network from the provider server an authentication token, wherein the authentication token is generated by the ACS and is based upon a determination of validity of the non-biometric authentication credentials;
obtaining, by the user device, biometric information from the user via a user interface and at least one biometric sensor;
sending, by the user device via the communication network, biometric data, produced from the biometric information obtained from the user, to an identification (ID) server configured to store the biometric data in association with the user; and
configuring, by the user device, the client application to perform a biometric authentication to provide access to the secure network based on the biometric data stored by the ID server.

US Pat. No. 10,659,457

INFORMATION PROCESSING DEVICE, INFORMATION PROCESSING SYSTEM, AND INFORMATION PROCESSING METHOD

FUJITSU LIMITED, Kawasak...

1. A non-transitory, computer-readable recording medium having stored therein a program for causing a computer to execute a process, the process comprising:transmitting a first random value by proximity radio communication to a device coupled via a server and a network;
receiving first data in which the first random value is encoded, from the device by the proximity radio communication;
determining whether the first random value matches a value obtained by decoding the first data with a server key obtained in advance from the server;
when the value obtained by decoding the first data matches the first random value, authenticating the device;
connecting with the device;
receiving, from the device through the connection, a second random value generated by the server;
authenticating a user corresponding to the device based on the received second random value;
generating information on the connection established for the authentication; and
transmitting, to the server via the device over the connection, second data in which the authenticated result together with the information are encoded with a secret key of the user.

US Pat. No. 10,659,456

METHOD, DEVICE AND COMPUTER PROGRAM FOR AUTHENTICATING A USER

Biowatch SA, Martigny (C...

1. A method for authenticating a user of a wearable device, comprising:an initial biometric authentication of the user, based on biometric features extracted from one or a plurality of image frames corresponding to a first portion of the user's hand or wrist or to a first portion of the user's hand and wrist, captured with a camera of the wearable device;
a subsequent step of confirming said biometric authentication of the user based on one or a plurality of image frames captured with a camera of the wearable device and corresponding to a second portion of the user's hand or wrist taken when said wearable device is worn in contact with the user's hand or wrist;
wherein the initial biometric authentication is performed by temporarily moving the camera away from said first portion of the user's hand or wrist.

US Pat. No. 10,659,455

SELF-AUTHENTICATING CHIPS

CARDEX SYSTEMS INC., Tor...

1. A self-authenticating integrated circuit chip comprising:a first memory region storing a first authentication code, in encrypted form;
a second memory region storing a second authentication code;
a comparator circuit on the integrated circuit chip interconnected to at least said second memory region for providing an indicator of whether a given input to said comparator circuit matches said second authentication code stored in said second memory region;
wherein said second authentication code within said second memory region cannot be extracted or modified by said integrated circuit chip or a chip reader and may only be accessed by said comparator to compare the given input to said comparator circuit to said second authentication code; and
an authentication circuit on the integrated circuit chip interconnected to said comparator circuit and at least one of said memory regions wherein said authentication circuit is operable to:
read said first authentication code in encrypted form from said first memory region;
decrypt said first authentication code;
present said first authentication code as decrypted to said comparator circuit; and
in response to receiving an indicator from said comparator indicating that said first authentication code as decrypted matches said second authentication code
unlock a communication interface of said integrated circuit chip to allow data to be transmitted therethrough to a chip reader or unlock a third memory region of the integrated circuit chip.

US Pat. No. 10,659,454

SERVICE AUTHORIZATION USING AUXILIARY DEVICE

Alibaba Group Holding Lim...

1. A method for service authorization, the method comprising:receiving, by one or more processors of a server terminal device, user authentication information that is stored on an auxiliary device for user authentication associated with a user terminal device, the user authentication information comprising an authentication token, wherein the authentication token includes encrypted information generated from a first system local time when the auxiliary device receives an auxiliary authentication request from the user terminal device and a random number seed;
determining that an auxiliary authentication function is enabled for the auxiliary device in response to determining that the authentication token is bound to the identifier of the user terminal device; and
determining whether the user terminal device meets an authorization condition based on the user authentication information, determining whether the user terminal device meets the authorization condition comprising determining whether the authentication token included in the user authentication information matches any one of a plurality of verification authentication tokens generated by the server terminal device, the plurality of verification authentication tokens being generated by encrypting the random number seed and a plurality of timing points associated with a second system local time when the server terminal device receives the user authentication token.

US Pat. No. 10,659,453

DUAL CHANNEL IDENTITY AUTHENTICATION

Alibaba Group Holding Lim...

1. A method, comprising:determining, in response to a request from a first device operated by a source user, that an identity authentication is to be performed for the source user, wherein the identity authentication is determined to be performed based at least in part on an Internet Protocol (IP) address of the first device;
identifying, by one or more servers, a target user who is deemed to satisfy at least a preset condition, the target user being a user other than the source user, wherein the identifying the target user comprises:
determining a set of one or more associated users of the source user based at least in part on historical user information of the source user and location-based services (LBS) information of the source user, the LBS information being included in the user information, and the historical user information being included in user information that is obtained by the one or more servers from the first device according to one or more preset reporting cycles, and the historical user information including communication information between the source user and respective ones of the one or more associated users;
computing a set of one or more trust levels between the source user and the respective ones of the set of one or more associated users based at least in part on the historical user information of the source user and corresponding LBS information of the respective ones of the set of one or more associated users in relation to the LBS information of the source user during a first preset period of time, wherein the historical user information of the source user based on which the set of one or more trust levels are computed comprises the communication information associated with one or more communications between the source user and the respective ones of the set of one or more associated user during a second preset period of time; and
selecting the target user from the set of one or more associated users, wherein the target user is selected based at least in part on determining that a corresponding trust level between the source user and the target user exceeds a threshold trust level;
generating validation information to authenticate identity of the source user;
sending the validation information to a second device operated by the target user;
receiving a validation response from the first device operated by the source user, wherein the validation response is based at least in part on an interaction between the source user and the target user; and
performing identity authentication, including verifying whether the validation response received from the first device operated by the source user matches the validation information sent to the second device.

US Pat. No. 10,659,452

DYNAMIC GRAPHICAL PASSWORD-BASED NETWORK REGISTRATION METHOD AND SYSTEM

Dalian Magic Image Techno...

1. A dynamic graphical password-based network registration method, comprising:obtaining, by a client, a structure of a full-element dynamic factor table;
selecting, by the client, positioning factors from a positioning factor library based on the structure of the full-element dynamic factor table, and generating, by the client, two first positioning factor strings;
inputting, to the client by a user, two dynamic graphical passwords based on two first full-element dynamic factor tables generated, by the client, based on the two first positioning factor strings, and transmitting, by the client, registration information comprising the two dynamic graphical passwords to a server;
receiving, by the server, the registration information transmitted by the client;
generating, by the server, two second full-element dynamic factor tables that are the same as the two first full-element dynamic factor tables; and
parsing, by the server, the two dynamic graphical passwords based on the two second full-element dynamic factor tables, and if positioning rules obtained through parsing the two dynamic graphical passwords are consistent, using, by the server, the one or more obtained positioning rules in the registration information as a password of the user, and storing the password to complete a user registration.

US Pat. No. 10,659,450

CLOUD PROXY FOR FEDERATED SINGLE SIGN-ON (SSO) FOR CLOUD SERVICES

Netskope, Inc., Santa Cl...

1. A computer-implemented method of non-intrusively enforcing security during federated single sign-on (SSO) authentication without modifying an established trust relationship between a service provider (SP) and an identity provider (IDP), the trust relationship having been established by configuring a SSO-unified resource locator (URL) and a public key of the IDP at the SP and configuring an assertion consumer service (ACS)-URL of the SP at the IDP, the method including:configuring the IDP to encrypt a digitally signed assertion having been digitally signed using an IDP-certificate and having been generated at the IDP when a user logs into the SP, the digitally signed assertion being encrypted using a proxy-public key of an assertion proxy and to forward the encrypted assertion to a proxy-URL of the assertion proxy instead of an SP's ACS-URL identified from the assertion;
decrypting the encrypted assertion at the assertion proxy with a complementary proxy-private key and forwarding the decrypted assertion to an ACS of the SP using the SP's ACS-URL identified in the decrypted assertion; and
preserving, without modifying, the trust relationship between the SP and the IDP by validating the decrypted assertion at the SP using the IDP's public key to establish a federated SSO authenticated session through the assertion proxy.

US Pat. No. 10,659,449

APPLICATION MANAGED SERVICE INSTANCES

SAP SE, Walldorf (DE)

1. A computer-implemented method, comprising:receiving a request from a deployer associated with an application of a multi-tenancy computing environment to create an instance broker service instance;
receiving a request from the deployer to bind the instance broker service instance to the application;
delegating the binding request to a service broker; and
creating, using the service broker, instance broker service credentials;
receiving instance broker credentials associated with the instance broker service instance;
providing the instance broker credentials to the application, wherein the application uses the instance broker credentials to access the instance broker service instance; and
determining, using the application, whether to create a new service instance using the instance broker service instance.

US Pat. No. 10,659,447

COMMUNICATION BETWEEN A COMMUNICATION DEVICE AND A NETWORK DEVICE

TELEFONAKTIEBOLAGET LM ER...

1. A communication device for communicating with a network device of a communication network, the communication device comprising:at least one processor circuit; and
at least one memory connected to the at least one processor circuit and storing program instructions that are executed by the at least one processor to perform operations comprising:
receiving, via a network, an authentication request from the network device, the authentication request comprising a challenge, a challenge verification code, a first Diffie-Hellman (DH) parameter, and a first verification code for the first DH parameter;
forwarding said challenge and said challenge verification code to an identity module used by the communication device to provide authentication request challenge responses for the communication device to connect to the communication network, wherein the identity module is hardware based and is physically connected to the communication device;
receiving at least one result parameter as a response from the identity module, the at least one result parameter having been generated by the identity module and being one of a ciphering key (CK), an integrity key (1K) and a response parameter (RES);
determining, based on said result parameter and said first verification code, whether said first DH parameter is authentic; and
responsive to determining that the first DH parameter is authentic, generating a second DH parameter and a second verification code that is based on the second DH parameter and sending, through the network, the second DH parameter, the second verification code, and the response parameter in an authentication response message to the network device for the network device to generate a session key for communication with the communication device.

US Pat. No. 10,659,446

CONVERSATIONAL AUTHENTICATION

salesforce.com, inc., Sa...

1. A system, comprising:one or more processors;
one or more memories having program instructions stored thereon that are executable by the one or more processors to perform operations comprising:
receiving, from a preauthorization module, a request for information indicative of communications between a first user of the system and a second user via a first application, wherein the first application is a real-time communication platform;
determining, based on the request, communications characteristics based on text data included in content of the communications; and
sending the communications characteristics to the preauthorization module, wherein the preauthorization module uses the communications characteristics to preauthenticate the first user, to at least a portion of an authentication procedure to perform an operation via a second application, wherein the pre-authentication is performed prior to receiving a request to perform the operation via the second application;
wherein the determining and sending are performed multiple times to include additional characteristics of communications via the first application.

US Pat. No. 10,659,445

ELECTRONIC APPARATUS, GATEWAY AND METHOD FOR CONTROLLING THE SAME

SAMSUNG ELECTRONICS CO., ...

1. A method for controlling a controlled electronic device by using an electronic device, the method comprising:receiving, by the electronic device and from at least one first controlled electronic device being included in a first network, first attribute information of the at least one first controlled electronic device, the first attribute information representing a category that is classified according to a function of the at least one first controlled electronic device;
displaying, via a user interface, the first attribute information received from the at least one first controlled electronic device and operation information corresponding to the at least one first controlled electronic device;
receiving, via the user interface, a user input to generate a group operation command with respect to the first network, the group operation command comprising the first attribute information and the operation information corresponding to the at least one first controlled electronic device in association with each other;
generating and storing in advance, in the electronic device, the group operation command with respect to the first network based on the user input;
entering a second network different from the first network, and obtaining second attribute information of two or more second controlled electronic devices that are included in the second network from the two or more second controlled electronic devices;
comparing the second attribute information of the two or more second controlled electronic devices with the first attribute information included in the group operation command, and selecting at least one second controlled electronic device having the same attribute information as the first attribute information included in the group operation command based on a result of comparison, among the two or more second controlled electronic devices, the at least one second controlled electronic device being different from the at least one first controlled electronic device; and
transmitting the group operation command that is generated and stored in advance in the electronic device with respect to the first network to at least one of a gateway, included in the second network and configured to manage the second network, or the at least one second controlled electronic device that is selected based on the result of comparison, the group operation command controlling the at least one second controlled electronic device to perform an operation based on the operation information included in the group operation command.

US Pat. No. 10,659,443

METHODS AND APPARATUS FOR OBTAINING A SCOPED TOKEN

TELEFONAKTIEBOLAGET LM ER...

1. A method for providing a cloud service, the method comprising:a first server sending toward a second server a request for data related to the cloud service;
the first server receiving the requested data;
the first server receiving a request for token scope information for a desired operation of the cloud service, wherein the request for the token scope information was transmitted by a client;
after receiving the request for the token scope information, the first server deriving the token scope information based on the received requested data and the desired operation of the cloud service; and
the first server sending the derived token scope information toward the client, wherein the derived token scope information enables the client to generate a request for a scoped token.

US Pat. No. 10,659,442

SECURITY IN SMART CONFIGURATION FOR WLAN BASED IOT DEVICE

Marvell International Ltd...

1. A method in a device under configuration (DUC) for communicating with a remote device over a wireless local area network, the method comprising:providing a first security key to a remote device using a first out of band (OOB) communication of the wireless network, wherein the first OOB communication comprises light emitting diode signals emitted in a visible light spectrum and modulated in a binary pattern;
authenticating the remote device using a probe request frame, wherein the probe request frame is transmitted over the wireless local area network in a radio spectrum;
receiving encrypted secrets from the remote device; and
obtaining network access using the encrypted secrets.

US Pat. No. 10,659,438

POLICY BASED MESSAGE CRYPTOGRAPHIC EXPIRY

International Business Ma...

1. A method of managing messages in a messaging system, messages being produced by a message producing resource for delivery to a message consuming resource, the method comprising:identifying, by one or more processors of one or more computing resources configured to obtain messages from one or more message producing resources and to provide messages to one or more message consuming resources, a policy associated with the message producing resource, wherein the message producing resource comprises a resource of the one or more message producing resources, the policy comprising configuration data indicating when each message produced by the message producing resource should be expired and that each message encrypted by the message producing resource can be decrypted with a pre-shared symmetric key, wherein an expired message is invalid and is not delivered by the one or more processors;
sharing, by the message producing resource, with the one or more message consuming resources, the pre-shared symmetric key;
obtaining, by the one or more processors, from the message producing resource, an encrypted message destined for delivery to the message consuming resource, wherein the message consuming resource comprises a resource of the one or more message consuming resources, in the messaging system, wherein the encrypted message comprises data encrypted with the pre-shared symmetric key by the message producing resource, and wherein the pre-shared symmetric key is accessible to the message producing resource;
determining, by the one or more processors, the expiry of the encrypted message by applying the policy to the encrypted message without decrypting data in the encrypted message, wherein the policy comprises a directive to calculate the expiry date of the encrypted message based on a first use of the pre-shared symmetric key, wherein the directive comprises the first use of the pre-shared symmetric key and the time period from the first use at which the expiry date of the encrypted message is reached, wherein applying the policy comprises:
accessing the identified configuration data to obtain the directive; and
based on obtaining the directive, calculating a time period from a first use of the pre-shared symmetric key;
determining, by the one or more processors, based on whether the calculated time period from a first use of the pre-shared symmetric key is greater than or equal to the time period from the first use at which the expiry date of the encrypted message is reached, based on the directive, whether the expiry of the encrypted message has been reached;
responsive to determining that the expiry of the encrypted message was reached:
sending, by the one or more processors, a report message to the message producing resource;
sending, by the one or more processors, an error message, instead of the encrypted message, to the message consuming resource; and
deleting, by the one or more processors, the data encrypted with the pre-shared symmetric key; and
responsive to determining that the expiry of the encrypted message has not been reached:
transmitting, by the one or more processors, the encrypted message to the message consuming resource, wherein the consumer decrypts the message utilizing the pre-shared symmetric key.

US Pat. No. 10,659,437

CRYPTOGRAPHIC SYSTEM

Xilinx, Inc., San Jose, ...

1. A circuit arrangement comprising:an encryption circuit;
a decryption circuit; and
a cryptographic shell circuit having a transmit channel and a receive channel in parallel with the transmit channel, wherein:
the transmit channel includes an encryption interface circuit coupled to the encryption circuit and the encryption interface circuit is configured to determine first cryptographic parameters based on data in a plaintext input packet and input the first cryptographic parameters and plaintext input packet to the encryption circuit, wherein the first cryptographic parameters and the data in the plaintext input packet are provided to the encryption circuit on physically separate signal lines;
the receive channel includes a decryption interface circuit coupled to the decryption circuit, and the decryption interface circuit is configured to determine second cryptographic parameters based on data in a ciphertext input packet and input the second cryptographic parameters and ciphertext input packet to the decryption circuit, wherein the second cryptographic parameters and the data in the ciphertext input packet are provided to the decryption circuit on physically separate signal lines;
the encryption circuit is configured to encrypt the plaintext input packet based on the first cryptographic parameters; and
the decryption circuit is configured to decrypt the ciphertext input packet based on the second cryptographic parameters.

US Pat. No. 10,659,436

METHOD AND SYSTEM FOR DATA PROCESSING

HUIZHOU UNIVERSITY, Huiz...

1. A method for data processing comprises steps of:if a to-be-sent email needs to be saved cryptographically or sent cryptographically, automatically converting a main body of the mail into an html file, the html file including an attachment link for linking a mail attachment of the to-be-sent email;
performing a first compression to compress a filename of the html file and a filename of the mail attachment into a new html filename and a new mail attachment name using a first open source algorithm based on a first password preset between a sender and a recipient, thereby obtaining a renamed html file and a renamed mail attachment;
performing a second compression to compress the renamed html file and the renamed mail attachment using a second open source algorithm based on a second password preset between the sender and the recipient, thereby obtaining a compressed file; and
releasing a memory space and/or a hard disk space occupied by the to-be-sent mail, sending the compressed file in a manner in which a mail has a null mail body and the compressed file is used as the mail attachment, wherein when the first password and the second password are same, the first open source algorithm and the second open source algorithm are different; and when the first password and the second password are different, the first open source algorithm and the second open source algorithm are same or different.

US Pat. No. 10,659,435

MULTI PARTY MESSAGING

Wickr Inc., Pleasanton, ...

1. A system, comprising:a processor configured to:
receive a first communication addressed to one or more recipients from a first device, wherein the first communication comprises a first encryption key encrypted by a first public key of at least one of the one or more recipients;
store the first communication in a message table;
determine one or more recipients of the first communication by comparing a hashed representation of one or more recipient identifiers received in the first communication to hashed representations of user identifiers stored in a database;
notify the one or more recipients of the first communication based on the determination of the one or more recipients;
receive a request to access the first communication from a second device that derived the first public key and a first private key, wherein the first private key corresponds to the first public key;
track which of the one or more recipients obtained the first communication; and
delete the first communication when all of the one or more recipients have obtained the first communication; and
a memory coupled to the processor and configured to provide the processor with instructions.

US Pat. No. 10,659,433

ENCRYPTING AND SECURING DATA WITH REVERSE PROXIES ACROSS FRAMES IN AN ON-DEMAND SERVICES ENVIRONMENT

salesforce.com, inc., Sa...

1. A method comprising:detecting, by a server computing device in the database environment, sensitive data capable of being communicated between multiple client computing devices, wherein the server computing device serves as a local proxy server within a geographic residency and is coupled to a token database located within the geographic residency, wherein the token database is associated with a client computing device of the multiple computing devices;
performing, by the server computing device, secured communication of the sensitive data between two or more of the multiple client computing devices across one or more application frames within the geographic residency, wherein the secured communication is performed based on localizing one or more communication paths associated with the two or more multiple computing devices and the one or more application frames as facilitated by the local proxy server within the graphics residency without having to access a centralized server computing device or engage one or more remotely-located security computing entities, wherein the local proxy server serves as a reverse proxy server within the geographic residency to associate the client computing device with the token database and one or more client computing devices of the multiple client computing devices; and
wherein the secured communication is performed based on tokenization of the sensitive data and encryption of the sensitive data.

US Pat. No. 10,659,432

NETWORK CONTAINMENT OF COMPROMISED MACHINES

CrowdStrike, Inc., Irvin...

1. A method comprising:installing a kernel-level security agent on a computing device with a firewall policy, but refraining from implementing the firewall policy until an instruction to contain the computing device is received;
observing events associated with activity on the computing device;
sending the events, over a computer network, to a remote security system;
receiving, over the computer network and from the remote security system, the instruction to contain the computing device;
executing instructions to load a user-mode component in user mode of the computing device;
providing the firewall policy to the user-mode component;
using the user-mode component to invoke an application programming interface (API) to implement the firewall policy; and
implementing the firewall policy in kernel mode of the computing device based at least in part on the API invoked using the user-mode component, wherein the firewall policy, upon enforcement, denies outgoing data packets from, and incoming data packets to, the computing device that would have been allowed prior to the implementing of the firewall policy.

US Pat. No. 10,659,431

IMPLEMENTING LOGICAL NETWORK SECURITY ON A HARDWARE SWITCH

NICIRA, INC., Palo Alto,...

1. A method for configuring a managed hardware forwarding element (MHFE) to implement a security policy associated with a logical switch of a logical network, the method comprising:receiving a security policy comprising at least one security rule for a physical machine connected to a physical port of the MHFE; and
populating (i) a physical port table stored on the MHFE with physical port data that maps the physical port of the MHFE to the logical switch of the logical network, (ii) an access control list (ACL) table stored on the MHFE with ACL rules data generated based on the at least one security rule, and (iii) a linking table stored on the MHFE with linking data that links the ACL rules data in the ACL table to the physical port data in the physical port table,
wherein the MHFE uses the physical port table, access control list table, and linking table to apply the at least one security rule to logical network traffic processed by the MHFE.

US Pat. No. 10,659,430

SYSTEMS AND METHODS FOR DYNAMIC NETWORK ADDRESS MODIFICATION RELATED APPLICATIONS

IP Technology Labs, LLC, ...

1. A method for unidirectional transfer of information within a fully qualified domain name (FQDN) over non-native network infrastructures without a predefined network connectivity protocol preconfigured network connection, the method comprising:presenting information from a network-enabled device to a module configured to receive information from the network-enabled device, wherein the module comprises instructions tangibly stored on a non-transitory computer-readable medium which when executed by a processor cause the processor to code discreet information elements as host names within an FQDN based on the information received and issue a standard domain name system (DNS) record request comprising the FQDN to an end point selected from the group consisting of all available DNS resolvers for a coded host name fully qualified domain, wherein the FQDN comprises:
a predefined information field corresponding to the network-enabled device; and
a host name coded from the discreet information elements;
wherein the FQDN is not resolved in response to the DNS record request; and
wherein the network-enabled device automatically discovers capabilities for communications directly between end points across network infrastructures even if both end points are behind a network address translator (NAT) or firewall.

US Pat. No. 10,659,429

INFORMATION PROCESSING APPARATUS INCLUDING A DHCP SERVER FUNCTION, CONTROL METHOD FOR INFORMATION PROCESSING APPARATUS, AND STORAGE MEDIUM

CANON KABUSHIKI KAISHA, ...

16. A control method for an information processing apparatus that is configured to connect to at least one of a plurality of external devices in a wireless link layer level and in an Internet Protocol (IP) layer level and that includes a Dynamic Host Configuration Protocol (DHCP) server function configured to distribute different IP addresses to the plurality of external devices respectively, the method comprising:setting a first connection number that represents a number of external devices connectable in the IP layer level based on a setting accepted via a setting screen, wherein as a result of the setting, one numeric value, from among a plurality of numeric values including at least a first numeric value and a second numeric value larger than the first numeric value, is set as the first connection number;
determining whether or not the number of external devices connected to the information processing apparatus in the IP layer level has reached the first connection number; and
not distributing an IP address to a first external device which is connected to the information processing apparatus in the wireless link layer level and has transmitted an IP address distribution request when it is determined that the first connection number has been reached, and distributing the IP address to the first external device so that a connection to the first external device in the IP layer level becomes available when it is determined that the first connection number has not been reached,
wherein the first numeric value is a numeric value of 1 or more.

US Pat. No. 10,659,428

NAME RESOLVING IN SEGMENTED NETWORKS

Cryptzone North America, ...

1. A method, comprising:connecting a client computing device with a plurality of segments of a private network, wherein network access is restricted from one segment to another of the plurality of segments, the private network comprises a plurality of name resolving servers, and each name resolving server is configured to resolve name requests for networking devices in a respective segment of the plurality of segments;
receiving a first name request from a first application on the client computing device;
in response to receiving the first name request, forwarding the first name request simultaneously to the plurality of name resolving servers; and
selecting a name resolution that is first received from the plurality of name resolving servers in response to the first name request.

US Pat. No. 10,659,426

SYSTEM AND METHOD FOR DOMAIN NAME SYSTEM USING A POOL MANAGEMENT SERVICE

VERISIGN, INC., Reston, ...

1. A method for providing domain registry services comprising:receiving, at a domain registry comprising at least one electronic server computer, a first domain request from a registrar, wherein the first domain request comprises a first extensible provisioning protocol (“EPP”) command to perform a first action on a first domain name associated with a first pool of network resources;
determining that an electronically stored first policy from a set of policies corresponds to the first pool of network resources;
accessing, by at least one electronic processor, the first policy, wherein the first policy comprises connection and throughput parameters for the registrar to access the first pool of network resources, wherein the connection and throughput parameters comprise at least two or more of: a maximum connection , a maximum transaction, a maximum bandwidth, a connection per account, a connection per slot, a transaction per slot, a bandwidth per slot, a bandwidth per account, a number of connections, a bandwidth allocation, or a transaction throughput allocation;
applying, by at least one electronic processor, the first policy to the first domain name request; and
providing, by at least one electronic processor, a first response to the first domain request.

US Pat. No. 10,659,425

NETWORK MONITORING AND CONTROL SYSTEM AND METHOD

Cisco Technology, Inc., ...

1. A method of controlling the distribution of content in a network, the method comprising:receiving a request for content comprising a plurality of chunks, wherein the content traverses the network in packets comprising a packet header including an address associated with the content, and a packet payload including the content;
obtaining the address associated with the content, wherein the address comprises an Information Centric Networking (ICN) name and an Internet Protocol address;
locating the plurality of chunks of the content based on at one of the ICN name and the Internet Protocol address;
retrieving the located plurality of chunks;
selecting a transport layer for delivering the retrieved plurality of chunks;
packaging the retrieved plurality of chunks with transport layer headers for the selected transport layer; and
providing the packaged plurality of chunks through the selected transport layer to a user device associated with the request.

US Pat. No. 10,659,424

DETERMINING STATUS OF DOMAIN NAME REGISTRATION

Go Daddy Operating Compan...

1. A system, comprising:a registrar comprising a plurality of hardware servers, a plurality of hardware databases, a plurality of dedicated Internet connections to a registry and general Internet connections configured to register a plurality of domain names to a plurality of domain name registrants and to:
rank a plurality of data sources based on a definitiveness of each data source of the plurality of data sources, so as to obtain a ranking hierarchy,
wherein the plurality of data sources of the ranking hierarchy comprises:
a zone file downloaded by the registrar from a registry;
a domain name system (DNS) zone file created by the registrar; and
at least one result of an Extensible Provisioning Protocol (EPP) command of the registry;
 wherein the at least one result of the Extensible (EPP) command of the registry comprises a first EPP element comprising an error indicating the domain name is available or a value indicating the domain name is not available;
receive a request to determine whether a domain name has been registered,
concurrently generate a plurality of inquiries to the plurality of data sources, the plurality of inquiries comprising:
a determination of whether or not a domain name is in a zone file,
wherein the zone file is downloaded by the registrar from the registry;
a determination of whether or not the domain name is in a domain name system (DNS) zone file created by the registrar, and
a transmission of the Extensible Provisioning Protocol (EPP) command for the domain name to the registry,
receive results of the plurality of inquiries from the plurality of data sources;
order the results of the plurality of inquires, based on the ranking hierarchy, so as to provide ordered results;
upon receiving the ordered results
transmit an EPP command for the domain name to the registry, and
receive from the registry a second EPP element comprising an expiration date and a state of the domain name.

US Pat. No. 10,659,422

CONTENT MANAGEMENT SYSTEMS

BRIGHTEDGE TECHNOLOGIES, ...

1. A method comprising:obtaining a keyword paired with a public web page, the public web page configured to be published at a public address;
determining a mapping between the public address of the public web page and an internal address of an internal web page that corresponds to the public web page, the internal address pointing to the internal web page used in a content management system configured to generate the internal web page and the public web page;
creating a keyword page pairing entry that includes the keyword and the mapping between the public address and the internal address, the keyword page pairing entry indicating the keyword is paired with the internal web page;
sending the keyword page pairing entry to the content management system;
in response to creating the keyword page pairing entry, automatically triggering a search engine optimization (SEO) system to perform an analysis of SEO data of one or both of the internal web page and the public web page in the content management system, wherein the analysis includes determining whether the SEO data complies with SEO rules or SEO policies;
based on the analysis, generating one or more first recommendations to turn non-compliant SEO data of the SEO data into compliant SEO data, the compliance with respect to one or both of the SEO rues and the SEO policies;
obtaining one or more second recommendations related to a second web page, the second web page being related to the public web page;
comparing the one or more first recommendations with the one or more second recommendations;
based on the comparison between the one or more first recommendations and the one or more second recommendations, identifying a pattern in the one or more first recommendations and the one or more second recommendations;
generating one or more third recommendations based on the pattern; and
pushing the one or more third recommendations from the SEO system to the content management system.

US Pat. No. 10,659,420

METHOD AND SYSTEM FOR AUTOMATIC CONTENT BASED E-MAIL RECIPIENT DETERMINATION

MASTERCARD INTERNATIONAL ...

1. A computer implemented method for automatic, content based potential e-mail recipient determination, the method comprising:comparing, by a sender application plugin, the content of an e-mail being written by a user with keywords listed in a database, wherein the keywords are identified to at least one e-mail address of at least one other user based on prior communications involving the at least one email address of the at least one other user;
identifying multiple of the keywords listed in the database within the content of the e-mail;
determining, by the sender application plugin, a probability value for the at least one e-mail address based on a frequency of the identified keywords within the content of the e-mail; and
presenting, by the sender application plugin, the at least one e-mail address to the user for selection by the user as a potential e-mail recipient when the probability value satisfies a threshold.

US Pat. No. 10,659,418

MANAGING NOTIFICATIONS ACROSS SERVICES

GOOGLE LLC, Mountain Vie...

1. A method comprising:sending first notification data to a first client service and second notification data to a second client service, wherein the first notification data and the second notification data notify a user of a message about an activity that is of interest to the user, wherein the first client service is hosted by a first client device of the user and the second client service is hosted by a second client device of the user;
receiving a read notification indicating that the first notification data sent to the first client service has been interacted with by the user;
determining, by a processing device, that the second notification data sent to the second client service has not been interacted with by the user; and
responsive to determining that the second notification data sent to the second client service has not been interacted with by the user, sending a modify instruction to the second client device that hosts the second client service, wherein the modify instruction to cause a modification of the second notification data that has not been interacted with to reflect that the first notification data has been interacted with by the user.

US Pat. No. 10,659,417

SYSTEM AND METHOD OF A RELAY SERVER FOR MANAGING COMMUNICATIONS AND NOTIFICATION BETWEEN A MOBILE DEVICE AND APPLICATION SERVER

Seven Networks, LLC, Mar...

1. A method of providing a mobile device with access to email data, the method comprising:hosting the email data on a data storage server;
providing, by a web access server that is communicatively coupled to the data storage server, remote access to the email data;
providing, by a relay server, identifying information of a user of the mobile device to the web access server for authenticating the user and establishing a connection between the mobile device and the data storage server;
passing, by the relay server, the email data between the mobile device and the data storage server, such that the relay server does not store the email data; and
enabling, by an email access application executable on the mobile device, access to the email data on the data storage server, the email data being accessed through the relay server.

US Pat. No. 10,659,416

REMINDER VIEWS IN EMAIL APPLICATIONS

Microsoft Technology Lice...

1. One or more non-transitory computer readable storage media having program instructions stored thereon for facilitating draft reminders that, when executed by a processing system, direct the processing system to at least:render a navigation panel in a user interface to an email application that includes a list of folders, including an inbox folder and a drafts folder;
render an application bar having a plurality of options selectable to navigate to a plurality of different modules;
render in the application bar a graphic drafts reminder option, wherein the graphic drafts reminder option is selectable for viewing a subset of draft emails selected from the draft emails in the drafts folder,
in response to a selection of the graphic drafts reminder option, identify the subset of the draft emails based on a reminder criteria, wherein the reminder criteria comprises a measure of urgency, a measure of recentness, and a measure of conversation activity associated with each of the draft emails;
when the inbox folder is selected, render a view of an inbox in the user interface that includes a list of emails in the inbox; and
in response to the graphic drafts reminder option being selected, surface a drafts reminder view, overlaid with respect to the view of the inbox, that includes only the subset of the draft emails, wherein the view of the inbox is maintained while the subset of the draft emails is rendered on top of the view of the inbox.

US Pat. No. 10,659,415

SYSTEM PROCESSED EMOJIS

OPEN INVENTION NETWORK LL...

1. A method for utilizing clickable emojis for directing a system to perform certain actions, the method comprising:determining appropriate emojis on at least one user's originating device by interfacing with the application and data of the user's originating device;
performing a search of the at least one user's data to obtain actions relevant to the at least one user of the system;
determining an action associated with the emoji;
setting at least one of the determined emojis as a system emoji; and
transmitting the determined emojis from the user's originating device to a system network as an emoji stream, wherein an add icon placed at the end of the emoji stream allows additional emojis to be added to the current stream and further wherein the system network may modify such emoji stream before routing it to at least one recipient device.

US Pat. No. 10,659,414

METHODS, SYSTEMS, AND DEVICES FOR GENERATING A UNIQUE ELECTRONIC COMMUNICATIONS ACCOUNT BASED ON A PHYSICAL ADDRESS AND APPLICATIONS THEREOF

Alphabet Communications, ...

1. A computer-implemented method for retrieving data related to one or more electronic communications accounts associated with one or more locations within a selected area of interest, wherein the method comprises:receiving, by a computer system, a selection of an area of interest and a request to retrieve data related to one or more unique electronic communications accounts associated with one or more locations within the selected area of interest;
determining, by the computer system, one or more latitudes and one or more longitudes of a boundary of the selected area of interest;
querying, by the computer system, a geolocation database to determine the one or more unique electronic communications accounts associated with the one or more locations within the selected area of interest based at least in part on the determined one or more latitudes and one or more longitudes of the boundary of the selected area of interest,
wherein each of the one or more unique electronic communications accounts is uniquely associated with each of the one or more locations within the selected area of interest, wherein each of the one or more unique electronic communications accounts is generated based at least in part on a fraud verification procedure, wherein the fraud verification procedure is configured to determine whether a request to generate each of the one or more unique electronic communications account for each of the one or more locations is a fraudulent request; and
retrieving, by the computer system, the data related to the one or more unique electronic communications accounts associated with the one or more locations within the selected area of interest,
wherein the computer system comprises a computer processor and an electronic storage medium.

US Pat. No. 10,659,413

METHODS AND SYSTEMS FOR PROVIDING AND ELECTRONIC ACCOUNT TO A CUSTOMER

United States Postal Serv...

1. A method for delivering a message to a user with an electronic account, the electronic account including a preferred physical delivery address, comprising the steps of:receiving a temporary delivery address for the user and a time period corresponding to the temporary delivery address;
linking the temporary address with the preferred physical delivery address via the electronic account;
receiving a message addressed to the preferred physical delivery address during the time period corresponding to the temporary delivery address, wherein the preferred physical delivery address corresponds to an address applicable to the user outside the time period;
sending the message to the temporary delivery address;
receiving a second message directed to the preferred physical delivery address outside of the time period; and
sending the second message to the preferred physical delivery address.

US Pat. No. 10,659,412

METHOD AND DEVICE FOR SAVING CHAT RECORD OF INSTANT MESSAGING

Alibaba Group Holding Lim...

1. A method for saving IM chat records comprising:when an instant message transmitted or received by an IM chat window comprises non-text information, acquiring a content summary of the non-text information;
determining whether the non-text information comprises a hyperlink;
in response to determining that the non-text information comprises a hyperlink:
activating a browser to access a webpage corresponding to the hyperlink;
extracting at least one phrase with a frequency of occurrence greater than that of other phrases from the webpage corresponding to the hyperlink;
using the at least one phrase as the content summary of the webpage corresponding to the hyperlink;
acquiring, in response to determining that the non-text information does not comprise a hyperlink, the content summary based on typed text information;
saving the non-text information as a data object comprising the non-text information, a display attribute of the non-text information, the content summary of the non-text information, and a display attribute of the content summary of the non-text information; and
setting, in the data object, the display attribute of the non-text information to visible, and the display attribute of the content summary of the non-text information to invisible.

US Pat. No. 10,659,411

NOTIFICATION FORWARDING

GOOGLE LLC, Mountain Vie...

1. A method comprising:sending a new notification to a first application on a first client device of a plurality of client devices registered with a user account of an online system;
receiving, by a processing device, a forward request to forward the new notification;
responsive to receiving the forward request:
identifying one or more applications that are able to handle the new notification, wherein the one or more applications are on one or more of the client devices registered with the user account of the online system;
selecting, from the one or more applications that are able to handle the new notification, a second application;
generating a forward notification for the second application based on the new notification; and
transmitting the forward notification to the second application.

US Pat. No. 10,659,410

SMART MESSAGE DELIVERY BASED ON TRANSACTION PROCESSING STATUS

International Business Ma...

1. A method for message delivery to a transaction processor, the method comprising:receiving a message having transaction information;
determining if the received message is prohibited from delivery based on comparing the transaction information with a blacklist, wherein the blacklist is used to block messages;
in response to determining that the received message is not prohibited from delivery, enqueueing the message in a request queue;
detecting an enqueued message in the request queue;
in response to detecting the enqueued message in the request queue, determining if an expire time associated with the detected message exceeds an estimated delivery time;
in response to determining that the expire time associated with the detected message does not exceed the estimated delivery time, discarding the detected message from the request queue;
in response to determining that the expire time associated with the detected message exceeds the estimated delivery time, waiting until a transaction allowed event occurs;
in response to the transaction allowed event occurring, determining if the detected message has not expired; and
in response to determining that the detected message has not expired, sending the detected message to the transaction processor.

US Pat. No. 10,659,409

MEDIA ACCESS SYSTEM

Snap Inc., Santa Monica,...

1. A method comprising:receiving, at a messaging server, a notification indicating dispensing of an image capture device by a dispersal machine, the notification comprising an identifier associated with the image capture device;
in response to receiving the notification of dispensing the image capture device, generating a media distribution session associated with the identifier;
publishing, by the messaging server, one or more media instances to the media distribution session by associating the media distribution session and the identifier with the one or more media instances;
receiving, by the messaging server, one or more access requests for the media distribution session, the one or more access requests including the identifier and an indication of a requesting device; and
responsive to the one or more access requests, transmitting, by the messaging server, at least a portion of the one or more media instances to the requesting device.

US Pat. No. 10,659,408

MEDIA INFORMATION RELEASE METHOD, SYSTEM, AND COMPUTER STORAGE MEDIUM

Tencent Technology (Shenz...

1. A gift releasing method performed at a mobile terminal having a display, one or more processors and memory storing a plurality of programs to be executed by the one or more processors, the method comprising:receiving an electronic gift releasing message while running a first application at the mobile terminal, wherein the electronic gift releasing message is associated with a second application, distinct from the first application;
determining whether the first application enables rendering the electronic gift releasing message concurrently with the running of the first application;
in accordance with a determination that the first application enables rendering the electronic gift releasing message concurrently with the running of the first application:
generating a first interface corresponding to the electronic gift releasing message via the first application, the electronic gift releasing message comprising at least a gift sharing configuration;
displaying the first interface as a first floating window on a current display interface on top of the first application;
obtaining a first user operation performed on the first interface; and
in response to the first user operation:
obtaining a user identifier for logging in to the second application and an identifier corresponding to the electronic gift releasing message; and
sending a gift obtaining request including the user identifier and the identifier corresponding to the electronic gift releasing message to a remote server, wherein the remote server (i) obtains a corresponding gift sharing configuration according to the identifier and (ii) transfers a corresponding electronic gift to the user identifier at the second application according to the gift sharing configuration;
replacing the first interface with a second interface, the second interface indicating that the gift obtaining request was successful; and
displaying the second interface as a second floating window at a different location from the first floating window on the current display interface on top of the first application, including displaying a name of the electronic gift, an amount of the electronic gift, a receiving status of the electronic gift and a link to access a user account corresponding to the user identifier at the second application.

US Pat. No. 10,659,407

WORKLOAD MANAGEMENT

International Business Ma...

1. A method of operating a messaging system, the messaging system comprising a plurality of connected components, the method comprising:collecting one or more performance metrics for one or more components of the messaging system, wherein the messaging system comprises a schema defining fields for messages including at least one field defined as non-essential;
responsive to determining that at least one performance metric has crossed a predetermined threshold, informing the one or more components of the messaging system that a surge in workload has occurred; and
responsive to being informed, the informed components processing only essential fields in received messages such that non-essential fields are not processed in the received messages, wherein at least one non-essential field that is not processed includes data values.

US Pat. No. 10,659,406

SYSTEM AND METHOD FOR SUGGESTING A PHRASE BASED ON A CONTEXT

eBay Inc., San Jose, CA ...

8. A method comprising:determining a context of a message that a user is composing via a composition interface based on one or more properties of the message and based on previous messages composed by the user, the context further based on a proficiency of the user in a human-readable language, as determined by whether the majority of the previous messages composed by the user were predominantly written in the human-readable language;
identifying one or more inputs to the composition interface, the context of the message being determined further based on the one or more inputs;
retrieving one or more suggested content items in the human-readable language; and
causing display of one or more suggested content items for inclusion in the message based on the context of the message.

US Pat. No. 10,659,405

AVATAR INTEGRATION WITH MULTIPLE APPLICATIONS

Apple Inc., Cupertino, C...

1. An electronic device, comprising:one or more communication devices;
one or more processors; and
memory storing one or more programs configured to be executed by the one or more processors, wherein a user is associated with the electronic device and the one or more programs include instructions for:
receiving a set of one or more inputs that includes input selecting a graphical object to select a graphical representation of a user associated with the electronic device;
in response to receiving the input to select the graphical representation:
updating contact information of the user associated with the electronic device to include the selected graphical representation without transmitting the contact information of the user associated with the electronic device to a set of contactable users;
after updating the contact information of the user associated with the electronic device to include the selected graphical representation, receiving a request to transmit a first message to a set of contactable users, the set of contactable users including a first contactable user; and
in response to receiving the request to transmit the first message:
in accordance with a determination that a set of sharing criteria is satisfied for the first contactable user, the set of sharing criteria including a first sharing criterion that is satisfied when the first contactable user corresponds to an approved recipient:
transmitting, via the one or more communication devices, to the first contactable user:
the first message, and
the contact information of the user associated with the electronic device; and
in accordance with a determination that the set of sharing criteria is not satisfied for the first contactable user:
transmitting, to the first contactable user, via the one or more communication devices, the first message without transmitting the contact information of the user associated with the electronic device.

US Pat. No. 10,659,404

INFORMATION PROCESSING METHOD, INFORMATION PROCESSING DEVICE, AND RECORDING MEDIUM STORING INFORMATION PROCESSING PROGRAM

PANASONIC INTELLECTUAL PR...

1. An information processing method comprising:acquiring, by a processor of a transmitting information processing device used by a first user, biological information of the first user;
accepting, by the processor, an input to the transmitting information processing device by the first user of a message to be transmitted from the transmitting information processing device to a receiving information processing device that is used by a second user and is different from the transmitting information processing device used by the first user;
determining, by the processor, based on the biological information of the first user using the transmitting information processing device, whether the first user is in a bad mood; and
in response to determining that the first user using the transmitting information processing device is in a bad mood, stopping, by the processor, transmission of the accepted message from the transmitting information processing device to the receiving information processing device, and storing, by the processor, the accepted message in a memory, that has not been transmitted.

US Pat. No. 10,659,403

SYSTEMS AND METHODS FOR NAVIGATING NODES IN CHANNEL BASED CHATBOTS USING NATURAL LANGUAGE UNDERSTANDING

Pypestream, Inc., New Yo...

18. A server system, comprising:one or more processors;
memory; and
one or more programs, wherein the one or more programs are stored in the memory and are configured to be executed by the one or more processors, the one or more programs including instructions for:
A) receiving a first message that is posted by the first user, wherein the first message comprises a first text communication;
B) responsive to receiving the first message, sending the first text communication to a decision module associated with a plurality of classifiers, the decision module configured to identify a first node within the plurality of nodes, wherein the first node is a node that best matches with the first text communication in accordance with the plurality of classifiers;
C) processing, with each respective classifier of the plurality of classifiers, the first text communication thereby producing a respective classifier result for each respective classifier of the plurality of classifiers, and thereby producing a plurality of classifier results, wherein each respective classifier result of the plurality of classifier results identifies a respective node of the plurality of nodes that best matches with the first text communication in accordance with a corresponding classifier in the plurality of classifiers;
D) collectively considering, with the decision module, the plurality of classifier results thereby identifying the first node within the plurality of nodes; and
E) sending the first message comprising the first text communication to the first node of the plurality of nodes.

US Pat. No. 10,659,402

SYSTEM AND METHOD FOR AUTOMATED END-TO-END WEB INTERACTION TESTING

CYARA SOLUTIONS PTY LTD, ...

1. A system for automated end-to-end web interaction testing, comprising:a system for managing automated testing of a production communication environment during operation with a plurality of test interactions, including an interaction server configured to simultaneously manage interactions with both live customers and test cases, comprising at least a memory, a processor, and a plurality of programming instructions stored in the memory and operating on the processor, wherein the processor, upon operating the programming instructions, cause the processor to:
receive, from a user device, a campaign-based test configuration comprising at least a plurality of stored test cases configured to test a particular aspect of the production communication environment;
create a plurality of headless browsers for executing the plurality of test interactions, the test interactions based on the test cases in the campaign-based test configuration;
create a plurality of virtual agents to manage a plurality of web requests from the web interface;
execute the plurality of test interactions, the test interactions directed, by the headless browsers, towards the web interface;
classify the plurality of test interactions as corresponding either to a live customer interaction or to a test case, using the interaction server, to ensure boundary enforcement, the boundary enforcement preventing overlap between the test interactions and a plurality of production interactions, the plurality of production interactions associated with the operation of the production communication environment;
route live customer interactions to real agents and route test case interactions to virtual agents using the integration server;
generate a response for each web request received by one of the plurality of virtual agents; and
log a plurality of test results, the test results based on the response to each web request.

US Pat. No. 10,659,401

HANDHELD ELECTRONIC DEVICE AND ASSOCIATED METHOD PROVIDING TIME DATA IN A MESSAGING ENVIRONMENT

BlackBerry Limited, Wate...

1. A method of displaying an instant message conversation on a display of a handheld electronic device, the instant message conversation comprising a plurality of instant messages sequentially exchanged between the handheld electronic device and a second electronic device, the method comprising:communicating a first instant message at a first time between the handheld electronic device and the second electronic device;
displaying at least a portion of the first instant message on the display of the handheld electronic device within a context of a conversation screen;
communicating a second instant message at a second time between the handheld electronic device and the second electronic device, the second instant message being a sequential next message after the first message;
displaying at least a portion of the second instant message on the display of the handheld electronic device within the context of the conversation screen;
determining an amount of time that has elapsed between the first time of the first instant message and the second time of the second instant message;
when the determined amount of time that has elapsed between the first time and the second time is more than a predetermined duration of time, displaying a time stamp representative of the second time of the second instant message within the context of the conversation screen in association with and adjacent to the at least a portion of the second instant message; and
when the determined amount of time that has elapsed between the first time and the second time is less than the predetermined duration of time, not displaying the time stamp representative of the second time of the second instant message.

US Pat. No. 10,659,400

AUTOMATED POPULATION OF DEEP-LINKED INTERFACES DURING PROGRAMMATICALLY ESTABLISHED CHATBOT SESSIONS

The Toronto-Dominion Bank...

14. A computer-implemented method, comprising:receiving, using at least one processor, a first signal from a device that includes messaging information;
determining, using the at least one processor, a candidate parameter value for a first parameter of an exchange of data based on the messaging information and information characterizing prior exchanges of data between the device and a computing system;
using the at least one processor, generating interface data based on the first candidate parameter value and storing the interface data within a storage unit, the generated interface data associating the first candidate parameter value with a corresponding interface element of a first digital interface; and
generating and transmitting, using the at least one processor, a second signal to the device, the second signal comprising linking data associated with the stored interface data, and the second signal comprising information that causes an application program executed by the device to present a representation of the linking data within a second digital interface.

US Pat. No. 10,659,399

MESSAGE ANALYSIS USING A MACHINE LEARNING MODEL

Google LLC, Mountain Vie...

1. A method comprising:receiving, by at least one processor, a subject received message including a received message component, the received message component representing one or more of a question, a request, and a subject included in content of the subject received message;
receiving, by the at least one processor, an indication of user input composing a subject draft reply message to the subject received message;
parsing, by the at least one processor, the content of the subject received message to identify the received message component;
parsing, by the at least one processor, the subject draft reply message into one or more reply message components;
identifying, by the at least one processor, one or more informational components associated with the received message component and the one or more reply message components by at least applying one or more machine learning models to the received message component and each reply message component of the one or more reply message components;
identifying, by the at least one processor, one or more deficient components from the one or more informational components in the subject draft reply message, wherein each of the one or more deficient components is a respective one of the one or more informational components that is missing or incomplete in the draft reply message; and
outputting, for display, information about the one or more deficient components.

US Pat. No. 10,659,398

INTERACTIVE VIRTUAL CONVERSATION INTERFACE SYSTEMS AND METHODS

noHold, Inc., Milpitas, ...

1. A method for generating a virtual conversation interface, the method comprising:receiving a digital document that comprises plain textual information;
utilizing natural language processing of the digital document to:
ascertain a hierarchical structure of the plain textual information; and
determine topics within the plain textual information;
generating a tree structure based on relationships between topics of the plain textual information, the topics being arranged into the tree structure according to the hierarchical structure, the topics being placed as leaves under branches representing headings determined from the digital document;
generating a virtual conversation interface that receives queries and presents responses to the queries using the tree structure, the virtual conversation interface comprising an avatar that responds to natural language queries with natural language responses;
generating a response to a query by the avatar by traversing the hierarchical structure and identifying query topics that match a portion of the hierarchical structure;
displaying the virtual conversation interface comprising the avatar as a graphical user interface;
providing the response through the virtual conversation interface, the response comprising the avatar and the plain textual information associated with the portion of the hierarchical structure that matched the query; and
tracking accuracy metrics of the virtual conversation interface comprising the avatar, the tracking accuracy metrics of the virtual conversation interface being indicative of how accurate the response is relative to the query based on user feedback.

US Pat. No. 10,659,397

METHOD FOR TRANSMITTING DOWNLINK PACKET IN FUNCTION-SEPARATED CORE NETWORK

SK TELECOM CO., LTD., Se...

1. A method for transmitting a downlink packet to a user equipment (UE) in an idle mode in a mobile communication system in which a gateway is separated into a user plane node and a control plane node, the method comprising:informing, by the control plane node, information for receiving the downlink packet for the UE to the user plane node;
receiving and buffering, by the user plane node, the downlink packet for the UE;
transmitting, by the user plane node, a notification message of reception of the downlink packet to the control plane node; and
transmitting, by the user plane node, the buffered downlink packet to the UE through a base station,
wherein the user plane node delays the transmitting of the notification message to the control plane node until a preset buffering time elapses, and
wherein the information includes the preset buffering time.

US Pat. No. 10,659,396

JOINING DATA WITHIN A RECONFIGURABLE FABRIC

Wave Computing, Inc., Sa...

1. A processor-implemented method for data manipulation comprising:coupling a plurality of control agents, executing on a plurality of processing elements, wherein the plurality of processing elements comprises a reconfigurable fabric and wherein the plurality of processing elements is controlled by circular buffers;
linking a first control agent and a second control agent, from the plurality of control agents, with a third control agent, from the plurality of control agents; and
receiving data from the first control agent and the second control agent by the third control agent, wherein a first FIFO memory is employed by the first control agent to facilitate the receiving of the data by the third control agent, a second FIFO memory is employed by the second control agent to facilitate the receiving of the data by the third control agent, and the receiving the data from the first control agent and the data from the second control agent comprises joining data.

US Pat. No. 10,659,395

AUTOMATIC ZONING OF VIRTUAL LOCAL AREA NETWORKS IN A FIBRE CHANNEL FABRIC

Avago Technologies Intern...

1. A switch comprising:circuitry configured to
store a zoning database identifying at least a first zone type specifying devices by Fibre Channel parameters and a second zone type specifying devices by an Ethernet parameter and Fibre Channel parameters;
determine a virtual local area network (VLAN) and a port identifier (PID) from a port login (PLOGI) frame from a Fibre Channel over Ethernet (FCoE) device; and
restrict communication between the FCoE device and other devices based on accessing the zoning database.

US Pat. No. 10,659,394

METHOD AND APPARATUS FOR EXTRACTING DATA STREAM INFORMATION IN LOW-LATENCY MODE BY ETHERNET CHIP

Centec Networks (Suzhou) ...

1. A method for extracting data stream information by an Ethernet switch chip in a low-latency mode, comprising:parsing out, by a data feature extraction module, feature information corresponding to a packet, setting one piece of starting information comprising the feature information and one piece of ending information comprising a packet length, and sending the starting information and the ending information to a data stream feature comparison module;
after receiving the starting information, comparing, by the data stream feature comparison module, the feature information with preset feature information, and if matching succeeds, sending the starting information to a module for collecting statistics on data stream information, and setting a sending flag bit to effective;
after receiving the ending information, determining, by the data stream feature comparison module, whether the sending flag bit is effective, and if the sending flag bit is effective, sending the ending information to the module for collecting statistics on data stream information, and resetting the sending flag bit, or otherwise, skipping sending but discarding the ending information; and
receiving and storing, by the module for collecting statistics on data stream information, the starting information, reading the starting information after receiving the ending information, combining the feature information in the starting information and the packet length in the ending information into one piece of data stream information, and sending the data stream information to a CPU.

US Pat. No. 10,659,393

METHOD AND DEVICE FOR MONITORING TRAFFIC IN A NETWORK

INDUSTRIAL TECHNOLOGY RES...

1. A method for monitoring traffic in a network, applied to a communication device, wherein the network is formed by switches and hosts, and the method comprises:collecting link layer discovery protocol (LLDP) information, virtual local area network (VLAN) information, host network interface card (NIC) information and host-tenant mapping information to obtain a physical network topology and a plurality of virtual network topologies;
detecting a plurality of physical link loads of the physical network topology;
obtaining a target path between two of the hosts or between the switches by analyzing the virtual network topologies;
selecting one of the switches on the target path to serve as a mirror switch according to the physical link load corresponding to the target path or a hop count; and
receiving mirror traffic transmitted from the mirror switch and performing packet payload analysis on the mirror traffic.

US Pat. No. 10,659,392

REDUNDANT INLINE-BYPASS SWITCH

Gigamon Inc., Santa Clar...

1. A method comprising:receiving, at a network appliance, a plurality of packets and a state signal from another network node that is external to the network appliance and that is coupled to a source node, the state signal being indicative of a state of the other network node;
forwarding the plurality of packets by the network appliance based on the state signal, wherein the forwarding includes:
in response to the state signal being indicative of a first state, forwarding a first packet within the first network switch appliance to a communication component in the network appliance without sending the first packet to an inline tool that is external to the network appliance, the communication component being configured to transmit the packets onto a network connection for communication to a destination node, and
in response to the state signal being indicative of a second state, forwarding a second packet by the network appliance to the inline tool and subsequently receiving the second packet at the communication component of the network switch appliance from the inline tool; and
transmitting the plurality of packets, including the first packet and the second packet, by the communication component of the network appliance, onto the network connection for communication to the destination node.

US Pat. No. 10,659,390

NETWORK INTERFACE DEVICE

XILINX, INC., San Jose, ...

1. A network interface device in a first device, said network interface device comprising:an interface configured to receive a first input from a network; and
at least one processor configured to provide:
an output in dependence on contents of said first input; and
provenance information which uniquely identifies the network interface device, said output being output via said interface to said network,
wherein said output comprises a digest of a plurality of packets with the provenance information, the at least one processor being configured to forward said digest with the provenance information to an analytics function.

US Pat. No. 10,659,389

EFFICIENT CASCADING OF FLOW TABLES IN SOFTWARE DEFINED NETWORKS (SDN)

NEC CORPORATION, Tokyo (...

1. A method of providing access control using a software defined network (SDN) controller at a control plane of the SDN, the SDN controller comprising an interface for interacting with one or more applications that are installed to run at the control plane of the SDN atop the SDN controller, and wherein the SDN controller is configured to program flow tables of network resources at a data plane of the SDN in accordance with configuration requests from the one or more applications, the method comprising:establishing a cascaded flow of flow table entries by storing, at the SDN controller, linking information that links together flow table entries of flow tables that are installed at the network resources and that apply to the same packets or network flows, wherein the linking information includes installed flow table entries with pointer fields that specify predecessors and successors of a flow table entry, wherein a pointer field of at least one flow table entry specifies multiple predecessor flow table entries and/or multiple successor flow table entries,
analyzing an impact of a configuration request from one of the one or more applications regarding the installation and/or removal of a flow table entry on existing cascaded flows, and
rejecting the configuration request if the installation and/or removal of the flow table entry would destroy an existing cascaded flow.

US Pat. No. 10,659,388

TRANSACTION PROCESSING THROTTLE WITH DYNAMIC TRANSACTION LOAD BALANCING AND TRANSACTION STARVATION PREVENTION

Bank of America Corporati...

1. A method for throttling an allocation of resources for processing digital transmissions, the method comprising:receiving initial digital transmissions from a plurality of client systems;
analyzing the initial digital transmissions received from each of the client systems to determine:
a cluster of digital transmissions, the cluster comprising a sufficient number as to necessitate periodic processing;
an amount of resources for processing the cluster;
a time-window for processing the cluster;
allocating the determined amount of resources to each of the clusters for processing of the clusters during the determined time-window;
processing recurrently, for each of the client systems, digital transmissions received after the initial digital transmissions;
concurrently with the periodic processing:
monitoring recurrently, digital transmissions received from the client systems, the monitoring including:
recording a transmission log for each client system including recording:
a time of receipt of the digital transmissions; and
a volume of digital transmissions received;
identifying a change in the volume of digital transmissions received and a change in the time of receipt of the digital transmissions over a first pre-determined time interval;
assigning a credibility score to each client system based on a total volume of digital transmissions and a total dollar value of the digital transmissions received during a second pre-determined time interval;
throttling, dynamically, the amount of resources allocated, for each of the client systems, based on the credibility score and the identified changes.

US Pat. No. 10,659,387

CLOUD RESOURCE PLACEMENT OPTIMIZATION AND MIGRATION EXECUTION IN FEDERATED CLOUDS

CISCO TECHNOLOGY, INC., ...

1. A method for cloud resource placement and migration optimization for a federated cloud, the method comprising:determining, by a constraints-driven optimization cloud resource placement solver an optimized placement of cloud resources on physical hosts across a plurality of clouds in the federated cloud, comprising:
defining M×N number of assignment variables indicating whether a particular cloud resource is to be placed on a particular physical host, wherein M is the number of cloud resources and N is the number of available physical hosts in the federated cloud;
defining N×M number of cost variables indicating cost of migrating a particular cloud resource from a current physical host to another physical host in the federated cloud and/or cost of placing the particular cloud resource on a particular physical host; and
solving for the optimized placement of cloud resources based on the assignment variables and the cost variables;
determining an ordered migration plan for the optimized placement of cloud resources based on the optimized placement of cloud resources and state information of the cloud resources; and
migrating cloud resources in the plurality of clouds in the federated cloud according to the ordered migration plan.

US Pat. No. 10,659,386

CLOUD COMPUTE SCHEDULING USING A HEURISTIC CONTENTION MODEL

Intel Corporation, Santa...

1. A cloud controller of a cloud computing cluster, the cloud controller comprising:one or more processors;
a memory coupled to the one or more processors, the memory having stored thereon a plurality of instructions that, when executed by the one or more processors, causes the one or more processors to:
acquire performance data comprising an indication of a rate of cache misses per number of instructions for each of a plurality of virtual machines of each of a plurality of processors when each plurality of virtual machines is executed contemporaneously on the corresponding processor of the plurality of processors;
determine, for each of the plurality of processors, a contention score based on the indication of the rate of cache misses per number of instructions for each of the plurality of virtual machines of the corresponding processor;
select, based on the contention score of each of the plurality of processors and in response to receipt of a request for a new virtual machine, a processor of the plurality of processors for the new virtual machine; and
schedule the new virtual machine on the selected processor.

US Pat. No. 10,659,385

PROVISIONING INSIGHT SERVICES IN A DATA PROVIDER LANDSCAPE

1. A computer-implemented method, the method comprising:receiving, from a data provider user and at a user interface of a search service provided by an algorithm marketplace, a request to browse algorithms to execute in an environment of the data provider using data provided by the data provider, wherein the algorithms are provided by algorithm providers that are separate entities than the data provider;
presenting, to the data provider user, in the user interface, in response to the request to browse algorithms, multiple algorithm descriptions of software algorithms, each software algorithm provided by an associated algorithm provider, wherein each algorithm description includes, for an associated algorithm, a description of resources required by the data provider to execute the associated algorithm in the environment of the data provider, and a description of data to be used by the associated algorithm;
receiving, at the user interface, selection of a first algorithm description, from among the multiple algorithm descriptions, from the data provider user; and
providing, in response to the selection of the first algorithm description, a first algorithm associated with the selected algorithm description to a software agent at the data provider, wherein the software agent is configured to:
provision first resources in the environment of the data provider, according to a first description of resources included in the first algorithm description, to enable execution of the first algorithm in the environment of the data provider;
execute the first algorithm in the environment of the data provider, using data included in the environment of the data provider and the first resources provisioned in the environment of the data provider, producing one or more outputs; and
provide the one or more outputs to the data provider.

US Pat. No. 10,659,384

BANDWIDTH MANAGEMENT METHOD FOR NETWORK SWITCH AND NETWORK SYSTEM THEREOF

ESTINET TECHNOLOGIES INC....

1. A bandwidth management method for a network switch, comprising:metering a total bandwidth usage of packets;
determining if the total bandwidth usage reaches a threshold for triggering a flow-limit process, which is a bandwidth-usage threshold that is equal to a total bandwidth multiplied by a meter-triggering threshold;
if the total bandwidth usage reaches the threshold, triggering the flow-limit process including:
identifying a user class with respect to a utilized bandwidth;
if the user class is a prioritized user, providing a guaranteed bandwidth; if the user class is a normal user, performing a normal user flow-limit that restricts the normal user to use the bandwidth aside from the guaranteed bandwidth for one or more prioritized users, wherein the normal user flow-limit is to restrict a flow provided for the normal user within an excess available bandwidth, and the excess available bandwidth is equal to the normal user's total available bandwidth multiplied by a Bandwidth Flexibility Ratio; and
not intervening in usage of bandwidth if the total bandwidth usage does not reach the threshold.

US Pat. No. 10,659,383

SYSTEM AND METHOD FOR LATENCY-BASED QUEUING

Visa International Servic...

1. A server computer system comprising:a processor; and
a memory coupled to the processor, the memory storing instructions, which when executed by the processor, cause the server computer system to perform operations including:
receiving a plurality of messages including network addresses of recipient computers, each message including a network address of a recipient computer;
sending, over a network, the messages to the recipient computers;
determining a latency time for a confirmation response to be received by the server computer system for each of the plurality of messages;
receiving a first message including a first network address of a first recipient computer;
determining whether other messages have previously been sent to the first network address of the first recipient computer;
after determining that other messages have previously been sent to the first network address:
determining a latency value for response to the other messages associated with the first network address;
comparing the latency value to a first threshold; and
determining whether to place the first message in a first latency queue or in a second latency queue based on the comparing of the latency value to the first threshold, wherein the first latency queue corresponds to one or more network addresses having lower latency values for responses than one or more network addresses corresponding to the second latency queue.

US Pat. No. 10,659,382

VEHICLE SECURITY SYSTEM

UATC, LLC, San Francisco...

1. A computer-implemented method of addressing a vehicle condition, comprising:receiving, by a computing system that comprises one or more computing devices, data indicative of a condition associated with an autonomous vehicle, wherein the autonomous vehicle is configured to provide a vehicle service through a service provider that coordinates a provision of the vehicle service to a plurality of users of the service provider;
determining, by the computing system, a user of the plurality of users to address the condition associated with the autonomous vehicle based at least in part on one or more parameters, wherein the user is outside of the autonomous vehicle and the user is associated with a user device that stores a software application that is configured to communicate with the service provider; and
providing, by the computing system to the user device associated with the user, a communication comprising a request that the user address the condition associated with the autonomous vehicle;
receiving, by the computing system, data indicative of a confirmation that the user will address the condition; and
pairing the autonomous vehicle with one or more users of the plurality of users of the service provider for a vehicle service based, at least in part, on the confirmation.

US Pat. No. 10,659,381

METHOD AND APPARATUS FOR HANDLING DATA DUPLICATION IN MOBILE COMMUNICATIONS

MEDIATEK SINGAPORE PTE. L...

1. A method, comprising:establishing, by a processor of an apparatus, a first link and a second link with a network;
generating, by the processor, a first protocol data unit (PDU) to transmit on the first link;
generating, by the processor, a second PDU to transmit on the second link;
transmitting, by the processor, the first PDU on the first link; and
determining, by the processor, whether to discard the second PDU according to a condition,
wherein the second PDU is duplicated from the first PDU, and
wherein, in an event that a sliding window is utilized in determining whether to discard the second PDU, the determining comprises:
determining a length of the sliding window based on an expected rate of data arrival or a low-latency criterion of data transmission;
advancing the sliding window as a result of PDU transmission or generation; and
determining to discard the second PDU responsive to the second PDU falling out of the sliding window as the sliding window is advanced.

US Pat. No. 10,659,380

MEDIA BUFFERING

Microsoft Technology Lice...

1. A computing device comprising:a transmit buffer for buffering a plurality of network packets representing a live media stream, the packets having an order in the media stream from oldest to most recent;
a transmitter for transmitting the packets from the buffer live over a network; and
a controller arranged to measure an amount of data buffered for transmission in the transmit buffer, and to drop or compress a predetermined number of the oldest packets on condition that said amount of data buffered for transmission exceeds a predetermined threshold;
wherein the controller is configured to drop or compress one or more further packets based on an indication of a type of content that the further packets contain, wherein the indication of the type of content that the further packets contain is an indication of whether the further packets contain visually blank portions of the live media stream.

US Pat. No. 10,659,379

ENFORCEMENT OF LATENCY DETERMINISM ACROSS A COMPUTER NETWORK

Chicago Mercantile Exchan...

1. A computer implemented method of processing a data transaction message, of a plurality of data transaction messages, by a transaction processing system which receives the data transaction message via one of a plurality of message receivers coupled with a transaction processor of the transaction processing system, each of the plurality message receivers being characterized by a transmission latency from the message receiver to the transaction processor, the method comprising:receiving, by a processor of a first message receiver of the plurality of messages receivers, a first data transaction message of the plurality of data transaction messages;
augmenting, by the processor of the first message receiver, the first data transaction message with data indicative of a time of receipt by the first message receiver;
transmitting, by the processor of the first message receiver, the augmented first data transaction message to the transaction processor;
receiving, by a message receiver associated with the transaction processor, the augmented first data transaction message;
computing, by the receiver associated with the transaction processor based on the data indicative of the time of receipt by the processor of the first message receiver of the first data transaction message, a first amount of time elapsed between when the processor of the first message receiver received the first data transaction message and when the message receiver associated with the transaction processor received the augmented first data transaction message from the first message receiver;
determining, by the receiver of the transaction processor, a first difference between the first amount of time and a defined amount of time; and
deferring, by the message receiver associated with transaction processor, processing of the augmented first data transaction message by the transaction processor for an amount of time equal to the first difference when the first amount of time is less than the defined amount of time.

US Pat. No. 10,659,378

MULTI-PATH NETWORK COMMUNICATION

STRONG FORCE IOT PORTFOLI...

1. A method for transmitting messages between a first node and a second node over a plurality of data paths coupling the first node and the second node, the method comprising:selecting, at the first node and for each particular message, a particular data path of the plurality of data paths based on one or more message characteristics of the particular message, wherein messages having first message characteristics are assigned to a first data path and messages having second message characteristics different from the first message characteristics are assigned to a second data path;
transmitting, from the first node and to the second node, messages having the first message characteristics over the first data path;
transmitting, from the first node and to the second node, messages having the second message characteristics over the second data path;
maintaining, at the first node, an aggregate indication of whether a number of messages received at the second node over the plurality of data paths is sufficient to decode data associated with the messages; and
transmitting, from the first node and to the second node, supplemental messages based on the aggregate indication, wherein the aggregate indication is based on a feedback from the second node received at the first node over the plurality of data paths,
wherein the supplemental messages include data messages including redundancy data and wherein messages that include original data of the messages are transmitted over the second data path, and
wherein the first data path has a first latency and the second data path has a second latency larger than the first latency.

US Pat. No. 10,659,377

METHODS AND APPARATUS TO NEGOTIATE FLOW CONTROL FOR A COMMUNICATION SESSION

1. A first peer device comprising:memory including computer readable instructions; and
a processor to execute the computer readable instructions to perform operations including:
sending a request message to a second peer device via an existing communication session that is subject to a first type of flow control, the request message to initiate a request for a second type of flow control for the existing communication session, the second type of flow control different from the first type of flow control; and
changing to the second type of flow control for the existing communication session in response to a reply message from the second peer device via the existing communication session, the reply message indicating acceptance of the request for the second type of flow control for the existing communication session.

US Pat. No. 10,659,376

THROTTLING BACKBONE COMPUTING REGARDING COMPLETION OPERATIONS

INTERNATIONAL BUSINESS MA...

1. A computer-implemented method for message handling between a receiver and a sender of a throttling system, the computer-implemented method comprising:receiving, by the receiver from the sender, a first message including a completion queue element, a completion queue initiative configured to perform a wakeup operation to cause the receiver to handle the first message, and a fixed memory location initiative configured for storing a data value for the first message;
detecting, by the receiver, that a number of outstanding completion queue elements in a completion queue meets or exceeds a high mark, the high mark a user configurable setting;
instructing the sender, by the receiver, to enter a throttle mode in response to the number meeting or exceeding the high mark;
receiving, by the receiver from the sender, a second message without a completion queue element;
detecting, by the receiver, that the number of the outstanding completion queue elements in the completion queue meets or is below a low mark; and
instructing the sender, by the receiver, to exit the throttle mode in response to the number meeting or being below the low mark.

US Pat. No. 10,659,375

CONTROLLING DATA RATE BASED ON DOMAIN AND RADIO USAGE HISTORY

1. A system for managing data streams associated with multiple mobile devices in communication with a radio access node, the system comprising:a gateway device in communication with a first radio access node and a second radio access node, the gateway device being capable of transmitting data streams between the mobile devices and domain devices via the first radio access node and the second radio access node; and
a control device operable for:
collecting information regarding the data streams and information regarding a load on the first radio access node;
based on the collected data stream information, identifying a first domain having a history of high-bandwidth data transactions, the first domain comprising a website having a high-bandwidth service and a low-bandwidth service;
based on the collected load information, determining that a first current load level of the first radio access node exceeds a first threshold load level of the first radio access node, wherein the first current load level is a rolling average based on a series of historical load levels for the first radio access node, wherein the series of historical load levels are measured during periods of time wherein data rates for data streams between the mobile devices and the domain devices are not managed by the control device;
in response to determining that the first current load level of the first radio access node exceeds the first threshold load level, identifying a first packet and a second packet that are awaiting transmission between the first domain and a first one of the mobile devices, wherein the first packet has a first attribute correlated with the high-bandwidth service, and the second packet has a second attribute correlated with the low-bandwidth service;
determining whether the first mobile device has a history of high-bandwidth transactions with the first domain;
in response to determining that the first current load level of the first radio access node exceeds the first threshold load level and that the first mobile device has the history of high-bandwidth transactions with the first domain, controlling the gateway device to (i) apply a data rate control for a first data rate of the first packet when transmitting the first packet, and (ii) omit the data rate control for a second data rate of the second packet when transmitting the second packet;
determining that the first mobile device is in communication with the second radio access node;
determining that a second current load level of the second radio access node is within a second threshold load level for the second radio access node; and
in response to determining that the second current load level of the second radio access node is within the second threshold load level, controlling the gateway device to transmit additional packets between the first mobile device and the first domain via the second radio access node without managing a data rate of the additional packets.

US Pat. No. 10,659,374

METHOD AND APPARATUS FOR CONTROLLING FRAME TRANSMISSION

ELECTRONICS AND TELECOMMU...

1. An apparatus for controlling frame transmission, the apparatus comprising:one or more processors; and
a memory having instructions stored thereon executed by the one or more processors to perform:
a list configuration unit managing a parameter related to a gate control;
a cycle timer unit managing a start timing of a cycle; and
a list executing unit performing the gate control based on the parameter provided form the list configuration unit and the cycle timer unit,
wherein the list executing unit includes:
a cycle executing state machine setting an expiration time of at least one section included in the cycle, checking gate operation information in association with a list pointer indicating the at least one section, and performing a control in association with the gate operation information;
a delaying state machine deducting the expiration time by a predetermined unit and updating the same;
a cycle holding state machine generating a control signal indicating stopping transmission in MAC; and
a cycle releasing state machine generating a control signal indicating resuming the transmission in MAC.

US Pat. No. 10,659,373

PROCESSING PACKETS ACCORDING TO HIERARCHY OF FLOW ENTRY STORAGES

NICIRA, INC, Palo Alto, ...

1. A non-transitory machine readable medium storing a program for execution by at least one hardware processing unit, the program for implementing a managed forwarding element, the program comprising sets of instructions for:storing, in a flow-entry first storage, a first set of flow entries provided by a network controller;
based on processing a first packet by reference to a first flow entry in the first set of flow entries stored in the flow-entry first storage, generating a second flow entry for processing packets sharing a first set of attributes with the first packet and storing the second flow entry with a second set of flow entries in an aggregate-cache second storage;
processing a subsequent, second packet that shares the first set of attributes with the first packet by reference to the second flow entry stored in the aggregate-cache second storage without examining the flow-entry first storage; and
based on processing the second packet by reference to the second flow entry, generating a third flow entry for processing packets that share a second set of attributes with the second packet and storing the generated third flow entry with a third set of flow entries in an exact-match cache third storage.

US Pat. No. 10,659,372

MULTI-CORE LOCK-FREE RATE LIMITING APPARATUS AND METHOD

Futurewei Technologies, I...

1. An apparatus comprising:a receiver configured to receive a plurality of packets;
a memory configured to store instructions and form a first and second set of virtual queues to store the plurality of packets, first virtual queues in the first set of virtual queues comprising a first subclass queue that form a first class queue and second virtual queues in the second set of virtual queues comprising a second subclass queue that form a second class queue; and
a processor having one or more cores, a first core of the one or more cores accessing the first set of virtual queues and a second core of the one or more cores accessing the second set of virtual queues such that the first set of virtual queues is inaccessible to the second core of the one or more cores and the second set of virtual queues is inaccessible to the first core of the one or more cores, with one or more packet classifiers configured to provide a classification of a packet in the plurality of packets, the processor in communication with the memory executes the instructions to:
transfer the packet from the receiver to one or more of the virtual queues in the first set of virtual queues based on the classification; and
transfer the packet from the one or more virtual queues to a transmitter based on a demand rate value and supply rate value associated with each of the one or more virtual queues in the first set of virtual queues forming the first class queue.

US Pat. No. 10,659,371

MANAGING THROTTLING LIMITS IN A DISTRIBUTED SYSTEM

Amazon Technologies, Inc....

1. A system, comprising:a plurality of server nodes to perform a service;
one or more processors; and
a memory storing instructions that, when executed by the one or more processors, cause the one or more processors to:
receive a request for the service;
calculate whether accepting the request would exceed a service throttling limit for the plurality of server nodes for the service and whether accepting the request would exceed a node throttling limit for a server node of the plurality of server nodes; and
accept the request for processing at the server node responsive to calculating that the service throttling limit and the node throttling limit would not be exceeded.

US Pat. No. 10,659,370

WIRELESS LOCAL AREA NETWORK (WLAN) NODE, A WIRELESS DEVICE, AND METHODS THEREIN

Telefonaktiebolaget LM Er...

1. A Wireless Local Area Network Access Point (WLAN AP) configured for operation in an integrated wireless communications network comprising a WLAN and a cellular communications network, the WLAN AP comprising:communication circuitry configured to receive traffic data from a wireless device, the traffic data incoming to the WLAN AP via a WLAN air interface; and
processing circuitry operatively associated with the communication circuitry and configured to:
determine whether the traffic data is a first traffic type to be routed locally within the WLAN or a second traffic type to be routed to the cellular communication network; and
control how the traffic data is handled according to the determination of whether the traffic data is the first traffic type or the second traffic type,
wherein the processing circuitry is configured to determine the type of the traffic data using an extension provided in a logical link control (LLC) layer, wherein the extension indicates whether the traffic data is the first traffic type or the second traffic type.

US Pat. No. 10,659,369

DECREMENTAL AUTOCORRELATION CALCULATION FOR BIG DATA USING COMPONENTS

1. A computing-system-implemented method for reducing redundant data access or retrieval from storage media when generating an autocorrelation at a specified lag for an adjusted computation window, the method comprising:initializing, by a computing-device-based computing system, a lag l (l>0), a computation window size counter n (n>2*l+1), and two or more components of an autocorrelation at lag l for a pre-adjusted computation window, wherein the pre-adjusted computation window contains n data elements of a data set which is stored in at least one of one or more storage media in the computing-device-based computing system;
accessing or receiving, by the computing-device-based computing system, a data element to be removed from the pre-adjusted computation window;
adjusting, by the computing-device-based computing system, the pre-adjusted computation window by:
removing the accessed or received data element from the pre-adjusted computation window; and
adjusting the computation window size counter;
decrementally deriving, by the computing-device-based computing system, two or more components of an autocorrelation at lag l for the adjusted computation window based at least in part on the two or more components of the autocorrelation at lag l initialized or derived for the pre-adjusted computation window without accessing and using all data elements in the adjusted computation window from at least one of the one or more storage media to reduce data access latency and reduce operations performed by the computing-device-based computing system thereby saving computing resources, increasing calculation efficiency, and reducing the computing-device-based computing system's power consumption; and
generating, by the computing-device-based computing system, an autocorrelation at lag l for the adjusted computation window based on one or more of the decrementally derived components.

US Pat. No. 10,659,368

TRANSPARENT CONTROL AND TRANSFER OF NETWORK PROTOCOLS

F5 Networks, Inc., Seatt...

1. A method for managing network communication, executable by one or more traffic management computers with one or more processors executing the method, the method comprising actions to:receiving, by a first processor on the one or more traffic management computers, network traffic; and
when a network protocol associated with the network traffic is unknown, performing, by a second processor on the one or more traffic management computers further operations, including:
providing one or more constant value recognition actions, wherein one or more of the constant value recognition actions correspond to one or more complex protocols;
when a constant value recognition condition is satisfied, perform, by a third processor on the one or more traffic management computers further operations, including:
determining one or more variable offsets for packets in a network flow based on employing one or more regular expressions to compute immediate offset values of one or more known positions for one or more constant offset values associated with the one or more complex protocols and employing one or more other regular expressions to compute a sum of the immediate offset values of the one or more known positions and compare the sum to one or more expected offset values at one or more other positions in the packets;
scanning one or more portions of data from the network traffic, wherein the one or more portions of the data correspond to the one or more variable offsets of the one or more complex protocols;
providing one or more values that are based on the one or more portions of the data and one or more constants associated with the one or more complex protocols; and
performing one or more comparisons based on the one or more values and the one or more complex protocols; and
when a count of the one or more comparisons that are affirmative exceeds a threshold value, performing, by a fourth processor on the one or more traffic management computers, one or more operations on the network traffic based on one or more policy rules that are associated with the one or more complex protocols; and
when the count of the one or more comparisons that are affirmative is less than the threshold value, perform, by the fourth processor on the one or more traffic management computers, one or more operations on the network traffic based on one or more other policy rules that are associated with the one or more complex protocols that are non-confirmed because the count of affirmative comparisons is less than the threshold value.

US Pat. No. 10,659,367

SYSTEM AND METHOD FOR RATE-BASED PACKET TRANSMISSION OVER A NETWORK

Citrix Systems, Inc., Fo...

1. A method comprising:(a) identifying, by a device, one or more characteristics of one or more first flows of data packets, wherein the device is configured to switch between a plurality of transmission controls comprising at least a rate-based data transmission control and a congestion window-based data transmission control;
(b) receiving, by the device, one or more second flows of data packets;
(c) selecting, by the device, between a transmission control of the plurality of transmission controls for controlling transmission of packets of the one or more second flows of data packets based at least on the one or more characteristics of the one or more first flows of data packets; and
(d) transmitting, by the device, one or more packets of the one or more second flows of data packets using the selected transmission control.

US Pat. No. 10,659,366

LOAD BALANCER METADATA FORWARDING ON SECURE CONNECTIONS

Amazon Technologies, Inc....

1. A system, comprising:a plurality of back-end processes implemented by a plurality of back-end servers; and
one or more load balancers coupled to the plurality of back-end servers, wherein individual ones of the one or more load balancers are configured to:
establish connections with clients;
receive requests from the clients via respective ones of the established connections;
establish secure connections to the respective back-end processes of the plurality of back-end processes according to a secure connection protocol;
apply a load balancing mechanism to select a respective back-end process of the plurality of back-end processes to handle respective ones of the received requests;
for a given one of the requests received via the established connections,
extract client metadata, comprising a source address of the respective client, based on the given received request,
generate a corresponding request for the one of the plurality of back-end processes selected according to the load balancing mechanism, wherein the corresponding request is generated according to the secure connection protocol, and
include the client metadata in a load balancer certificate defined by the secure connection protocol; and
send, to the selected back-end process on a respective one of the established secure connections,
the corresponding request, and
the extracted client metadata comprising the source address of the respective client in the load balancer certificate.

US Pat. No. 10,659,365

USING WIRELESS CLIENT FOR PROXY CHANNEL SCAN

ARRIS Enterprises, Inc., ...

1. A method comprising:determining that a first channel is impaired beyond a threshold level, wherein an access point is configured to communicate over the first channel, and wherein determining that the first channel is impaired beyond a threshold level comprises, determining that resources available to the first channel are exhausted from utilisation of the first channel by one or more wireless stations;
identifying at least one idle wireless station associated with the access point;
outputting a channel scan request to the at least one idle wireless station, wherein the channel scan request comprises a request for the at least one idle wireless station to scan one or more channels and to determine a level of impairment on each of the one or more channels;
receiving one or more channel scan reports from the at least one idle wireless station, wherein the one or more channel scan reports comprise an indication of the level of impairment on each respective channel of the one or more channels, wherein the indication of the level of impairment on each respective channel comprises an indication of a congestion level of the respective channel and one or more signal quality metrics, wherein the indication of the level of congestion and the one or more signal quality metrics are obtained by the at least one idle wireless station from one or more broadcast messages that are received by the at least one idle wireless station while the at least one idle wireless station is tuned to the respective channel;
based upon the indication of the level of impairment on each respective channel of the one or more channels carried by the one or more channel scan reports, determining a level of impairment on each respective channel of the one or more channels;
determining if a more advantageous channel is available based on the indication of the level of impairment on each respective channel, wherein determining if a more advantageous channel is available comprises determining whether a level of impairment on at least one channel of the one or more channels is less than a level of impairment on the first channel; and
if a more advantageous channel is available, configuring the access point to communicate over the more advantageous channel.

US Pat. No. 10,659,364

HYBRID AQM CONTROLLER USING RBF FOR QUEUE UTILIZATION APPROXIMATION AS A NON-LINEAR SYSTEM

NXP USA, Inc., Austin, T...

1. A method for deriving a packet select probability value for a data packet for performing active queue management to reduce network congestion, comprising:determining a buffer size setpoint for a target buffer of the data packet;
applying a nonlinear model for buffer utilization to at least a buffer size value for the target buffer to generate at least an adjustment signal for a fuzzy membership function; and
supplying the adjustment signal to a first controller to automatically adjust thresholds for membership function inputs to the first controller, where the first controller calculates a first packet select probability value for the data packet based at least partly on the adjustment signal and an error measure derived from the buffer size setpoint and the buffer size value, wherein the adjustment signal automatically adjusts membership function values in response to the buffer size value and first packet select probability value.

US Pat. No. 10,659,363

FORWARDING TABLE MANAGEMENT

Extreme Networks, Inc., ...

1. A computer implemented method for representing a forwarding information base (FIB) in a database, comprising:determining, by at least one processor, that a first routing prefix of a first forwarding entry in the FIB is a less specific routing prefix than a second routing prefix in a second forwarding entry in the FIB;
determining, by the at least one processor, a first next hop of the first routing prefix is equal to a second next hop of the second routing prefix;
removing, by the at least one processor, the second forwarding entry from the FIB based on the determination that the first next hop of the first routing prefix is equal to the second next hop of the second routing prefix; and
inserting, by the at least one processor, the first forwarding entry into a longest exact match (LEM) database or a longest prefix match (LPM) database based on a prefix length of the first routing prefix of the first forwarding entry.

US Pat. No. 10,659,362

TRAFFIC FORWARDING IN LARGE-SCALE NETWORKS

Arista Networks, Inc., S...

1. A method for traffic forwarding in a network, comprising:matching a destination IP (Internet protocol) address (DIP) of a packet, in a forwarding information base (FIB) table to point to a next-hop group for the packet, in a first matching operation;
redirecting the packet to a differing next-hop group, responsive to matching each of the next-hop group for the packet and a field of the packet in a second matching operation, wherein the field marks the packet as belonging to a class of service; and
routing the packet to a next node, in accordance with the next-hop group or the differing next-hop group as determined for the packet.

US Pat. No. 10,659,361

PACKET PROCESSING

New H3C Technologies Co.,...

1. A packet processing method, comprising:identifying an operation type of an operation to be performed for a packet by obtaining related configuration information of an ingress interface of the packet from an interface table, after receiving the packet, extracting a key value from the packet and performing Hash calculation for the extracted key value;
taking a calculation result of the Hash calculation as a Hash entrance, and finding at least one Hash index table entry from a local Hash index table;
performing a match operation between the identified operation type and the at least one Hash index table entry; and
processing the packet according to a matched Hash index table entry if the matched Hash index table entry is found.

US Pat. No. 10,659,360

ROUTING METHOD, NEAR FIELD COMMUNICATION CONTROLLER, DEVICE HOST, AND TERMINAL

Huawei Technologies Co., ...

1. A routing method used in a first terminal, the first terminal comprising a device host (DH), a near field communication controller (NFCC), and at least one near field communication execution environment (NFCEE), the method comprising:receiving, by the NFCC, a first data frame from a second terminal;
determining, by the NFCC, whether a default-NFCEE-based routing manner is used to search for a first matched routing entry for the first data frame;
in response to determining the default-NFCEE-based routing manner is used to search for the first matched routing entry for the first data frame, selecting, by the NFCC, a first NFCEE as a first target NFCEE according to the default-NFCEE-based routing manner, so that the NFCC routes the first data frame to the first target NFCEE;
receiving, by the NFCC, a second data frame from the second terminal;
determining, by the NFCC, whether the default-NFCEE-based routing manner is used to search for a second matched routing entry for the second data frame; and
in response to determining the default-NFCEE-based routing manner is not used to search for the second matched routing entry for the second data frame, selecting, by the NFCC, a second NFCEE as a second target NFCEE according to a first routing manner that is different from the default-NFCEE-based routing manner, so that the NFCC routes the second data frame to the second target NFCEE, the first routing manner comprising an Application Identifier based (AID-based) routing manner, an Application Protocol Data Unit based (APDU-based) routing manner, an NFC device identifier (NFCID2) routing manner, a protocol-based routing manner, or a technology-based routing manner.

US Pat. No. 10,659,359

METHOD AND DEVICE FOR CHECKING FORWARDING TABLES OF NETWORK ROUTERS

HUAWEI TECHNOLOGIES CO., ...

1. A method performed by a network device for checking a forwarding table of a target router in a network, comprising:determining, according to a destination Internet Protocol (IP) address and network topology information of the network, a forwarding path from the network device to the destination IP address, with the target router being on the forwarding path;
determining a number N of hops from the network device to the target router along the forwarding path;
obtaining N link labels corresponding to the N hops from the network device to the target router;
generating a check packet for checking the forwarding table of the target router, the check packet comprising a label stack including the N link labels, a time-to-live (TTL) value, a source IP address, and the destination IP address, the TTL value being set to N+1, and the source IP address being an IP address of the network device;
sending the check packet to the target router via the forwarding path utilizing label-forwarding based on the N link labels in the label stack, wherein the TTL value is to be deducted by 1 each hop the check packet is forwarded along the forwarding path;
receiving a notification message sent by a next-hop node of the target router indicating that the TTL value is deducted to 0 when the check packet reaches the next-hop node of the target router; and
determining whether the next-hop node of the target router is a node predicted by the network topology information, wherein the next-hop node of the target router being the node predicted by the network topology information indicates that the forwarding table of the target router is correct.

US Pat. No. 10,659,358

METHOD AND APPARATUS FOR ADVANCED STATISTICS COLLECTION

CISCO TECHNOLOGY, INC., ...

1. A method comprising:analyzing a frame received by a virtual switch to determine one or more statistics relating to network traffic between a first virtual machine (VM) and a second VM, the virtual switch controlled by a virtual switch controller and deployed on a first physical server, the analyzing of the frame includes determining whether the frame is intra-server, inter-server, and/or inter-domain;
performing a lookup in a forwarding table of the virtual switch to determine a virtual tunnel network address and a virtual network identifier;
encapsulating the frame with a virtual network overlay encapsulation based on the virtual tunnel network address and the virtual network identifier to yield an encapsulated frame;
sending the encapsulated frame from the virtual switch to a physical switch;
sending the one or more statistics to the virtual switch controller; and
determining whether to migrate a VM from the first physical server to a second physical server based at least in part on the one or more statistics.

US Pat. No. 10,659,357

SWITCH WITH NETWORK SERVICES PACKET ROUTING

AVAGO TECHNOLOGIES INTERN...

1. A network device comprising:at least one processor core and associated memory;
a memory storing a network services table indicating to which of a plurality of software service instances the network device will route received packets and from which the network device will receive packets operated on by the software services instances;
a packet analyzer coupled to said at least one processor core and said network services table which reviews received packets for a services tag, the services tag specifying network services to be performed on the packet, and compares the services tag to said network service table to determine to which of a plurality of software service instances the network device will route packets; and
a router coupled to said at least one processor core, said packet analyzer, and said network service table and for coupling to the plurality of software service instances to which the network device will route packets, the router for routing the received packets as determined by said packet analyzer.

US Pat. No. 10,659,356

TRANSLATION BETWEEN A FIRST VERSION OF INTERNET PROTOCOL AND A SECOND VERSION OF INTERNET PROTOCOL WHEN AN APPLICATION LAYER GATEWAY (ALG) IS INVOLVED

Juniper Networks, Inc., ...

1. A device, comprising: amemory; and
one or more processors to:
receive, from a first device that supports internet protocol version 4 (IPv4), a port control protocol (PCP) request that includes a customer side translator (CLAT) prefix and one or more private IPv4 addresses,
the PCP request being received via an internet protocol version 6 (IPv6) network;
establish an association between the CLAT prefix and the one or more private IPv4 addresses;
receive, from the first device and via the IPv6 network, a packet that includes:
a private IPv4 address, of the one or more private IPv4 addresses, in a payload of the packet, and
an IPv6 address that includes the CLAT prefix and a second instance of the private IPv4 address,
the IPv6 address being associated with a header of the packet;
translate the private IPv4 address to a public IPv4 address using the CLAT prefix;
search the payload to identify the private IPv4 address;
replace, in the payload, the private IPv4 address with the public IPv4 address; and
provide, based on replacing, in the payload, the private IPv4 address with the public IPv4 address, the packet to a second device that supports IPv4.

US Pat. No. 10,659,355

ENCAPSULATING DATA PACKETS USING AN ADAPTIVE TUNNELLING PROTOCOL

NICIRA, INC, Palo Alto, ...

1. A method for processing packets using a particular adaptive tunnel protocol, the method comprising:at a first network element of a network:
receiving a packet and identifying a second network element of the network to which the packet should be forwarded with a set of contextual data;
based on the identified second network element, selecting (i) an encapsulating tunnel header to encapsulate the packet and (ii) a particular size for a variable size option field to store the set of contextual data;
encapsulating the packet with the encapsulating tunnel header and the particular size option field that stores the set of contextual data; and
sending the encapsulated packet with the stored contextual data to the second network element through an overlay tunnel connecting the first network element to the second network element.

US Pat. No. 10,659,354

PROCESSING DATA PACKETS USING A POLICY BASED NETWORK PATH

A10 Networks, Inc., San ...

1. A system for processing a data packet using a policy-based network path, the system comprising:a policy enforcing point that:
receives, from a client, the data packet associated with a service session, the policy enforcing point being associated with a plurality of network application appliances configured to process data packets;
determines data packet information associated with the data packet;
based on the data packet information and one or more packet processing criteria, selects the policy-based network path for the data packet from a database storing the one or more packet processing criteria and a plurality of policy-based network paths, the policy-based network path including an order list of the plurality of network application appliances associated with a plurality of policy enforcing points;
based on the order list of the plurality of network application appliances, sends the data packet to a first network application appliance of the order list of the plurality of network application appliances, the first network application appliance being associated with the policy enforcing point;
receives the data packet back from the first network application appliance upon processing the data packet by the network application appliance;
based on the determination of the policy-based network path, generates a further data packet by encapsulating the data packet and the policy-based network path into the further data packet; and
routes the further data packet to a further policy enforcing point of the plurality of policy enforcing points in the policy-based network path, wherein the further policy enforcing point determines the policy-based network path by retrieving the policy-based network path from the further data packet; and
the database configured to store the plurality of policy-based network paths.

US Pat. No. 10,659,353

DYNAMIC SCRIPTABLE ROUTING

International Business Ma...

1. A computer implemented method to dynamically alter routing decisions of internet protocol (IP) packets being sent through a network of interconnected devices, the method comprising:extending an IP packet to add a routing script, wherein routing requirements and decisions of a client are stored in the routing script;
extending client software and protocols of a network device to execute the routing script;
extracting the routing script from the extended IP packet;
executing the routing script to obtain script results;
changing a routing decision based on the script results;
delivering the extended IP packet to a destination system within the network of interconnected devices based on the changed routing decision;
processing the routing script to determine if the routing script is securely signed;
if the routing script is securely signed,
initializing a sandbox with an environment stack of information containers and a scripting toolbox containing a predefined set of scripting templates, wherein the information containers include a router status information container, a network status information container, and an environment information container;
executing the routing script in the sandbox; and
outputting a routing verdict and a routing list comprising an updateable list of routing peers from the sandbox; and
maintaining a list of smart capable router peers by querying a node on a list of known, connected routing nodes, wherein a smart capable router peer is capable of recognizing the extended IP packet and executing the routing script, wherein the querying comprises:
transmitting a smart packet having a cyclic redundancy code only detectable by the smart capable router peers, to the node on the list of known, connected routing nodes; and
marking a particular node on the list of known, connected routing nodes as a smart capable router peer if the particular node detects the cyclic redundancy code and properly responds to the smart packet.

US Pat. No. 10,659,352

SIGNALING PRIVATE CONTEXT FORWARDING TABLES FOR A PRIVATE FORWARDING LAYER

Juniper Networks, Inc., ...

1. A method comprising:receiving, by a first network device, a private label route message from a second network device, the private label route message specifying a private label as a destination, a route distinguisher of an egress network device for the private label, a context protocol next hop address that identifies a private Multiprotocol Label Switching (MPLS) forwarding layer, and a next hop for the private label;
determining, by the first network device and based on the private label route message, a label stack having a plurality of labels to use for forwarding traffic to the next hop for the private label; and
storing, in a context forwarding table associated with the private MPLS forwarding layer, a private label destination with the label stack as a next hop for reaching the private label.

US Pat. No. 10,659,351

DATAFLOW CONSISTENCY VERIFICATION

Hewlett Packard Enterpris...

1. A network controller comprising:a flow repository that stores dataflow configurations of multiple applications previously specified by multiple applications;
a consistency verification engine to:
determine not to perform a dataflow consistency verification for any of the multiple applications from which a consistency verification request has not been received by the network controller;
perform a dataflow consistency verification for a particular application among the multiple applications by:
retrieving a dataflow configuration previously specified by the particular application from the flow repository;
retrieving flow table entries from a flow table of a network device;
identifying an inconsistency between the dataflow configuration previously specified by the application and the flow table entries of the network device; and
responding to the identified inconsistency.

US Pat. No. 10,659,350

DATA ROUTING METHOD AND APPARATUS

HUAWEI TECHNOLOGIES CO., ...

1. A data routing method, comprising:receiving, by a traffic classifier, a data packet of a first data flow;
allocating, by the traffic classifier, a first data route identifier to the first data flow, wherein the first data route identifier is used to identify a service function chain of the first data flow and is used to identify the first data flow;
adding, by the traffic classifier, the first data route identifier to the data packet;
determining, by the traffic classifier, a second data route identifier of a second data flow, wherein the second data flow is a data flow in a direction opposite to the first data flow, and the second data route identifier is used to identify a service function chain of the second data flow and is used to identify the second data flow; and
adding, by the traffic classifier, indication information to the data packet, wherein the indication information is used to indicate the second data route identifier; and
sending, by the traffic classifier, the data packet to a service function forwarding device, wherein the determining, by the traffic classifier, a second data route identifier of a second data flow comprises:
determining, by the traffic classifier, a second service function chain identifier of the second data flow, and allocating the second data route identifier to the second data flow according to the second service function chain identifier, wherein the second service function chain identifier is used to identify the service function chain of the second data flow; or
determining, by the traffic classifier, the second data route identifier according to a correspondence between the second data flow and the second data route identifier, wherein the second data route identifier is allocated when the traffic classifier receives the second data flow.

US Pat. No. 10,659,349

SYSTEMS AND METHODS FOR PROVIDING SECURE NETWORK EXCHANGED FOR A MULTITENANT VIRTUAL PRIVATE CLOUD

Twilio Inc., San Francis...

1. A method comprising:receiving, by a multitenant platform, a first configuration for a first private network exchange for a first account, the multitenant platform being hosted by a virtual private cloud (VPC) system that is a cloud computing service, the first configuration comprising a location of a first regional exchange system for establishing a network connection of the first private network exchange, the first regional exchange system providing a plurality of private network exchange interfaces including a virtual private network (VPN) connection, a cross connect connection, and a multiprotocol label switching (MPLS) connection;
establishing a network connection for the first private network exchange, between the first regional exchange system and a first outside entity system of the first account, via one from the plurality of private network exchange interfaces, of the first regional exchange system, identified in the first configuration, the establishing comprising mapping an identifier of the first account to the first private network exchange, wherein establishing the network connection includes determining an internet protocol (IP) address for the network connection; and
routing traffic of the first private network exchange through the first regional exchange system, the routing traffic comprising:
routing real-time voice communication data for the first private network exchange through the first regional exchange system and a real-time voice communication service of the VPC system based on the mapping.

US Pat. No. 10,659,348

HOLDING OF A LINK IN AN OPTICAL INTERFACE BY A LOWER LEVEL PROCESSOR UNTIL AUTHORIZATION IS RECEIVED FROM AN UPPER LEVEL PROCESSOR

INTERNATIONAL BUSINESS MA...

1. A method, comprising:in response to detecting a link down condition of a link, holding the link by a lower level processor by transmitting an indication to indicate that an operational port facility that is ready for frame transmission and reception exists;
in response to the holding of the link, transmitting, by the lower level processor, a command to an upper level processor indicating the link down condition of the link; and
initiating, by the lower level processor, a process of link recovery for the link, in response to receiving an authorization from the upper level processor.

US Pat. No. 10,659,347

INTEGRATED HETEROGENEOUS SOFTWARE-DEFINED NETWORK

Avago Technologies Intern...

1. A system, comprising:a network of a plurality of hybrid switches, each hybrid switch of the plurality of hybrid switches configured to support a software-defined data flow and a regular data flow via a port partitioned into a first partition and a second partition, respectively, wherein an identifier included in a header of a frame received via the port determines whether the frame belongs to the software defined data flow or to the regular data flow; and
processing circuitry that manages the network, the processing circuitry configured to:
poll the plurality of hybrid switches to collect state information that indicates a state of the network;
apply a policy-based routing procedure to balance link loads based on a flow definition in a flow table, wherein the policy is based on a priority associated with the software-defined data flow so that a value of the priority dictates an order at which the hybrid switch uses the flow table; and
balance the link loads, based on the collected state information and the policy-based routing procedure, for software-defined data flows between hybrid switches in the network.

US Pat. No. 10,659,346

END POINT SCALING ON SEGMENT ROUTING FABRICS

CISCO TECHNOLOGY, INC., ...

1. A method to negotiate a no-op segment routing tunnel, the method comprising:receiving, at a node, a segment ID;
determining a local range;
calculating a label based on the segment ID and the local range;
determining no-op capabilities of the node to yield a determination; and
configuring the node based on the determination.

US Pat. No. 10,659,345

SERVICE PATH PROTECTION METHOD, CONTROLLER, DEVICE AND SYSTEM

HUAWEI TECHNOLOGIES CO., ...

1. A device applied to an end node of a protection path, the device comprising:a computer readable medium having a plurality of computer executable instructions; and
a processor configured, when executing the computer executable instructions, to control the end node to:
receive a path selection instruction sent by a software defined networking (SDN) controller, wherein the path selection instruction comprises a service path and protection path activation type, a forwarding relationship of a service path in the end node, and a forwarding relationship of the protection path in the end node,
activate at least one forwarding relationship of the forwarding relationship of the service path in the end node and the forwarding relationship of the protection path in the end node according to the service path and protection path activation type,
in response to an occurrence of a fault in the service path, send a fault report to the SDN controller, the fault report for notifying that a fault occurs in the service path,
receive, from the SDN controller, a switchover instruction in response to the fault report, and
based on the switchover instruction, invalidate the forwarding relationship of the service path in the end node and activate the forwarding relationship of the protection path in the end node;
wherein the protection path is a standby path for protecting a path between specified nodes on the service path; and
wherein to invalidate the forwarding relationship of the service path in the end node and activate the forwarding relationship of the protection path in the end node, the processor is configured to control the end node to update, in a group mode table, a state field of a first entry associated with the forwarding relationship of the service path to a first value that indicates an inactive status, and update, in the group mode table, a state field of a second entry associated with the forwarding relationship of the protection path to a second value that indicates an active status, wherein the group mode table comprises a state field and a type field for each entry to indicate a service path or a protection path, and a port field associated with the state field to indicate an ingress port and an egress port associated with the active or inactive state field.

US Pat. No. 10,659,344

INFORMATION TRANSMISSION METHOD, APPARATUS AND SYSTEM

ZTE CORPORATION, Shenzhe...

1. An information transmission method, comprising:generating, by a control platform, forwarding information of a Bit Indexed Explicit Replication (BIER) network; and
sending, by the control platform according to the forwarding information of the BIER network, a BIER flow table to one or more forwarding devices through an OpenFlow protocol,
wherein the BIER flow table comprises BIER information, the BIER information comprising a BitString, the BitString being formed by a set of BIER egress forwarding devices, and
wherein the BIER information is only sent to an ingress forwarding device.

US Pat. No. 10,659,343

METHOD AND SYSTEM FOR GATEWAY SELECTION IN INTER-REGION COMMUNICATION ON IP NETWORKS

1. A method, comprising:formatting an advertisement message having a dedicated preferred route to one of a first physical entity and a first logical entity of a recipient autonomous system, the dedicated preferred route indicating at least two routing attributes,
wherein the recipient autonomous system comprises a Route Reflector and wherein a plurality of routers within the recipient autonomous system peer with the Router Reflector for routing information,
wherein a first routing attribute of the at least two routing attributes is defined by a first device of the recipient autonomous system and a second routing attribute of the at least two routing attributes is defined by a second device of the recipient autonomous system,
further wherein the first routing attribute and the second routing attribute are different community values; and
transmitting the advertisement message to a sender autonomous system from the recipient autonomous system,
wherein routing traffic to be sent from the sender autonomous system to the recipient autonomous system is based on the at least two routing attributes.

US Pat. No. 10,659,342

FLOW ENTRY CONFIGURATION METHOD, APPARATUS, AND SYSTEM

HUAWEI TECHNOLOGIES CO., ...

1. A method performed by a switch in a software defined networking (SDN) system, comprising:reporting information about a first data packet of a first service to a controller coupled to the switch in the SDN system;
receiving a first flow entry of the first service from the controller, wherein the first flow entry is generated by the controller based on the information about the first data packet and a flow table structure, wherein the flow table structure is used to generate, for different hardware flow tables corresponding to a plurality of switches, the first flow entry for processing data packets of the first service, wherein the flow table structure comprises a plurality of match fields and a plurality of actions, wherein the plurality of match fields comprise a match field of the first service, and wherein the plurality of actions comprise an action for processing data packets of the first service;
determining, from a plurality of preconfigured service paths, a first target service path associated with the first flow entry, wherein a match field of the first target service path comprises the match field of the first service, and an action of the first target service path comprises the action for processing data packets of the first service; and
configuring, according to the first flow entry of the first service, a flow entry of a target hardware flow table corresponding to the first target service path, wherein the target hardware flow table is a hardware flow table of a hardware forwarding chip in the switch.

US Pat. No. 10,659,341

SYSTEM FOR DYNAMIC ELECTION OF ROUTE REFLECTORS

PAYPAL, INC., San Jose, ...

1. A computer system, comprising:one or more computer-readable memories storing program instructions; and
one or more processors configured to execute the program instructions to cause the computer system to perform operations comprising:
identifying, by a first route reflector client manager, that a distributed lock has been released, wherein the first route reflector client manager corresponds to a first route reflector client;
in response to the identifying that the distributed lock has been released, retrieving, by the first route reflector client manager, the distributed lock;
in response to retrieving the distributed lock, provisioning, by the first route reflector client manager, the first route reflector client into a first route reflector; and
advertising, by the first route reflector client manager, information corresponding to the provisioning of the first route reflector client into the first route reflector, wherein the advertising causes at least a second route reflector client to identify the first route reflector client as the first route reflector.

US Pat. No. 10,659,340

SYSTEM AND METHOD FOR SUPPORTING VM MIGRATION BETWEEN SUBNETS IN A HIGH PERFORMANCE COMPUTING ENVIRONMENT

ORACLE INTERNATIONAL CORP...

1. A method for supporting virtual machine migration in a high performance computing environment, comprising:providing, at one or more computers, including one or more microprocessors
a network fabric, the network fabric comprising
a first subnet, the first subnet comprising a first set of network switches, the first set of network switches comprising a gateway switch, the gateway switch having access to a memory;
a second subnet, the second subnet comprising a second set of network switches;
a virtual machine attached to the first subnet via a first virtual function, the virtual machine being associated with a first plurality of addresses, the first plurality of addresses comprising at least a global unique identifier (GUID), a global identifier (GID), and a destination local identifier (DLID); and
a global fabric manager, the global fabric manager having administrative control within the first subnet and second subnet;
detaching the virtual machine from the first virtual function;
migrating the virtual machine from the first subnet to the second subnet, wherein after migration the virtual machine is associated with a second plurality of addresses, the second plurality of addresses comprising the GUID, a second GID, and a second DLID, wherein the second GID is different from the GID, and wherein the second DLID is different from the DLID;
attaching the virtual machine to the second subnet via a second virtual function;
adding a temporary entry to the memory, the temporary entry comprising a set of addresses comprising the first plurality of addresses and the second plurality of addresses of virtual machine;
after migrating the virtual machine, receiving, at the gateway switch of the first subnet, a packet addressed to the virtual machine at the first plurality of addresses;
performing a lookup within the memory to find the second plurality of addresses of the virtual machine; and
updating a header of the received packet with the second plurality of addresses of the virtual machine.

US Pat. No. 10,659,339

ENHANCING TRANSMISSION CONTROL PROTOCOL (TCP) PERFORMANCE AND SCALABILITY ON MULTICORE PROCESSOR ARCHITECTURES

Spirent Communications, I...

1. A transmission control protocol (TCP) session processing architecture for conducting numerous TCP sessions during testing of a network-under-test (NUT), including:multiple processor cores running allocated to TCP session handling, some of the cores sharing a processor die;
program instructions, stored in a memory of the TCP session processing architecture and configured to distribute processing of each TCP session across multiple cores,
wherein a first set of cores is allocated to handle TCP session control, a second set of cores is allocated to handle transmission of TCP packets in a session, and a third set of cores is allocated to handle receipt of TCP packets in the session;
a shared memory accessible to the first, second and third sets of cores, that holds protocol control blocks (PCBs) for each of the numerous TCP sessions during the testing of the NUT wherein the PCBs include state information that is updated during set-up and operation of a TCP session; and
wherein update access to each of the PCBs is controlled by an atomic spinlock processor instruction that each state machine running on any of a first, second and third set of cores must engage to secure the update access to a respective PCB in order to proceed with state processing of its respective TCP session.

US Pat. No. 10,659,338

ISOLATION OF NETWORK SEGMENTS AFFECTING APPLICATION PERFORMANCE

Cisco Technology, Inc., ...

1. A method, comprising:detecting, at an agent process, a trigger to analyze a communication channel between application end points, wherein the agent process is located at a source end point of the application end points;
generating, by the agent process in response to the trigger, a synthetic workload to produce packet traffic to transmit toward a destination end point of the application end points;
iteratively performing, by the agent process, a sub-process comprising:
i) transmitting a packet of the synthetic workload toward the destination end point, the transmitted packet having a time-to-live (TTL) value set to one greater than that of a previous packet of a directly previous iteration, with an initial TTL value for an initial packet set to ‘1’;
ii) receiving a TTL expiry error message from an intermediate node along the communication channel at which the TTL of the transmitted packet expired, the TTL expiry error message having a node identifier (ID) for the intermediate node and error data points associated with the TTL expiry error message;
iii) determining an isolated network segment of the communication channel between the intermediate node and a directly previous intermediate node, with an initial isolated network segment being between the source end point and a first-encountered intermediate node;
iv) computing a set of network metrics for the isolated network segment based at least in part on the error data points; and
v) encapsulating, for inclusion within an encapsulated data field of a next transmitted packet of a directly subsequent iteration, a list of intermediate node IDs along the communication channel up to a latest received node ID and computed sets of network metrics for respective network segments; and
generating, by the agent process upon termination of the sub-process, a report, the report including the list of intermediate node IDs along the communication channel up to a latest received node ID and computed sets of network metrics for respective network segments.

US Pat. No. 10,659,337

RETIMER DATA COMMUNICATION MODULES

INPHI CORPORATION, Santa...

1. A data communication device comprising:a host receive section for receiving incoming host data from a host device, the host receive section including a plurality of host receive lanes, the plurality of host receive lanes including a first host receive lane, the first receive lane including a first analog interface and a first pattern checker module;
a host transmit section for transmitting outgoing host data to the host device, the host transmit section including a plurality of host transmit lanes and a host cross point section, the plurality of host transmit lanes including a first host transmit lane, the first host transmit lane including a first buffer and a first pattern generator;
a link monitor section coupled to the host receive section and the host transmit section;
a line receive section for receiving incoming line data from a line device, the line receive section including a plurality of line receive lanes, the plurality of line receive lanes including a first line receive lane, the first line receive lane including a first sequence checker and a first soft FEC decoder;
a line transmit section for transmitting outing line data to the line device, the line transmit section including a plurality of line transmit lanes and a line cross point section, the plurality of line transmit lanes including a first line transmit lane, the first line transmit lane including a first soft FEC encoder; and
a management interface module coupled to the link monitor section;
wherein:
the incoming host data are transmitted to the line device via the host receive section and line transmit section in an egress operation;
the incoming line data are transmitted the host device via the line receive section and the host transmit section in an ingress operation.

US Pat. No. 10,659,336

SERVER ACCESS TIMES

Hewlett Packard Enterpris...

1. A computing device, comprising:a processing resource; and
a memory resource storing non-transitory machine-readable instructions to cause the processing resource to:
locate the server having the determined MAC address by parsing a predetermined server configuration file;
determine a media access control (MAC) address of a server;
poll a top of rack (TOR) switch connected to the server to capture a packet;
determine a source MAC address using the captured packet;
determine, based on the source MAC address, an identity of a user computing device; and
log, based on a time included in the captured packet, a time the user computing device last accessed the server.

US Pat. No. 10,659,335

CONTEXTUAL ANALYSES OF NETWORK TRAFFIC

GREYNOISE INTELLIGENCE IN...

1. A system for analyzing network traffic, comprising:a plurality of network nodes distributed in multiple geographical regions, wherein the plurality of network nodes are configured to collect mass scanning network traffic data; and
at least one processor configured to:
receive, from the plurality of network nodes, the collected mass scanning network traffic data;
generate an omnidirectional network traffic database based on the received mass scanning network traffic data;
receive a query against the omnidirectional network traffic database, the query comprising information of a source of a network scanning activity;
determine whether the source matches any record in the omnidirectional network traffic database;
generate an indication based on the determination;
receive, from multiple users, multiple queries, each comprising a respective network scanning activity from a same source; and
tag the source as suspicious of conducting micro-targeting network scans.

US Pat. No. 10,659,334

METHODS, SYSTEMS, AND COMPUTER PROGRAM PRODUCTS FOR DISTRIBUTED PACKET TRAFFIC PERFORMANCE ANALYSIS IN A COMMUNICATION NETWORK

VIAVI Solutions Inc., Sa...

1. A method, comprising:receiving, by a micro network access agent associated with a network element of a network, packet traffic;
identifying, by the micro network access agent, one or more specific packets based on packet traffic analysis information for the packet traffic,
the packet traffic analysis information including:
information associated with a base station handover efficiency, and
traffic capacity information associated with the network element and a determined quality of service; and
transmitting, by the micro network access agent and based on identifying the one or more specific packets, a signal to one or more other micro network access agents associated with the network,
the signal identifying the one or more specific packets for further analysis at the one or more other micro network access agents.

US Pat. No. 10,659,333

DETECTION AND ANALYSIS OF SEASONAL NETWORK PATTERNS FOR ANOMALY DETECTION

Cisco Technology, Inc., ...

1. A method, comprising:determining, by a device in a network, cluster assignments that assign traffic data regarding traffic in the network to activity level clusters based on one or more measures of traffic activity in the traffic data, wherein the activity level clusters are representative of levels of activity between particular hosts in the network;
using, by the device, the cluster assignments to predict seasonal activity for a particular subset of the traffic in the network by using a machine learning-based (ML-based) classification function that models how a plurality of samples of traffic data of the network is assigned to the levels of activity between the particular hosts in the network using at least one regression, wherein the predicted seasonal activity is based on a plurality of intervals of periods of time indicative of stable behavior in the particular subset of traffic;
determining, by the device, an activity level for new traffic data regarding the particular subset of traffic in the network; and
detecting, by the device, a network anomaly by comparing the activity level for the new traffic data to the predicted seasonal activity.

US Pat. No. 10,659,332

NETWORK NODE, A COMMUNICATION SYSTEM AND ASSOCIATED METHODS

NXP USA, Inc., Austin, T...

1. A method for use by a first network node in a first communication network of estimating availability of a second network node for receiving data over the first communication network, the second network node being arranged to communicate over the first communication network in a first part of a communication period and arranged to not communicate over the first communication network in a second part of the communication period, the method comprising:sending data formatted in data packets from the first network node over the first communication network to the second network node,
determining a success statistics, the success statistics indicating which amount of the data packets is received as a function of time over a period of time, wherein the period of time is equal to the communication period,
deriving an availability estimation from the success statistics, the availability estimation indicating when the second network node is available for receiving data over the first communication network.

US Pat. No. 10,659,331

NETWORK SYSTEM, DEVICE MANAGEMENT METHOD, NETWORK DEVICE, CONTROL METHOD THEREOF, AND NON-TRANSITORY COMPUTER-READABLE MEDIUM

Canon Kabushiki Kaisha, ...

1. A network system comprising a plurality of network devices, and a management system configured to manage information collected from the plurality of network devices,wherein a management application executed by each of the plurality of network devices sends token information to the management system,
wherein the management system includes
a first memory storing first instructions; and
a first processor which is capable of executing the first instructions causing the management system to:
manage the plurality of network devices in association with each other for one management group;
receive token information from the managed network devices;
register the received token information in association with each of the managed network devices; and
when an abnormality in communication with a first network device out of the managed network devices is detected, send the registered token information that has been received from the first network device to a second network device managed in association with the same management group as the first network device;
wherein the second network device includes
a second memory storing second instructions; and
a second processor which is capable of executing the second instructions causing the second network device to:
try communication with the first network device by using the token information sent from the management system; and
send information regarding the communication to the management system.

US Pat. No. 10,659,330

CHANNEL MANAGEMENT IN SCALABLE MESSAGING SYSTEM

Satori Worldwide, LLC, P...

1. A method, comprising:assigning, by one or more computer processors, each channel of a plurality of channels to a channel bucket to form a plurality of channel buckets, wherein each channel bucket comprises at least two channels from the plurality of channels;
distributing, by the one or more computer processors, a listing of assignments of channels to channel buckets to a plurality of nodes processing the channels; and
assigning, by the one or more computer processors, each channel bucket to a node selected from the plurality of nodes.

US Pat. No. 10,659,329

CONTAINER DISTANCE MEASUREMENT AND CLUSTERING

EMC IP Holding Company LL...

1. An apparatus comprising:a plurality of container host devices;
the container host devices implementing a plurality of containers for executing applications on behalf of one or more tenants of cloud infrastructure;
wherein one or more of the container host devices are each configured to compute distance measures between respective pairs of the containers and to assign the containers to container clusters based at least in part on the distance measures;
wherein the distance measures are computed as respective content-based distance measures between hash identifiers of respective layers of layer structures of the corresponding containers;
wherein a given one of the layer structures comprises:
one or more read-only layers each associated with one or more container images; and
one or more read-write layers each associated with at least one running instance of at least one of the containers;
wherein assigning the containers to the container clusters comprises sorting distance measures for respective pairs of the containers in a designated order and applying at least one filter to the sorted distance measures to assign particular pairs of the containers to particular ones of the container clusters; and
wherein the assignment of the containers to container clusters based at least in part on the distance measures facilitates identification of containers that exhibit at least a specified degree of similarity to one another in their respective content;
the container host devices being implemented on at least one processing platform comprising a processor coupled to a memory.

US Pat. No. 10,659,328

TRACING MESSAGE TRANSMISSIONS BETWEEN COMMUNICATING NETWORK DEVICES

Purdue Research Foundatio...

1. A method of transmitting data to a network device, the method comprising automatically performing the following steps using a processor:storing a packet-identification value in a first storage element;
transmitting a packet of data and the stored packet-identification value to the network device, wherein the network device has an identifier;
a tracing step of storing in a second storage element the identifier in association with an indication that the packet was sent;
recording in a third storage element the stored packet-identification value in association with the identifier;
after the recording and tracing steps, increasing the stored packet-identification value; and
repeating the transmitting, tracing, recording, and increasing steps.

US Pat. No. 10,659,327

NETWORK TRAFFIC ANALYSIS

CISCO TECHNOLOGY, INC., ...

1. A method comprising:at an endpoint device that provides network access to one or more client devices:
obtaining a collection duration indicator from a network controller;
obtaining a traffic data sample based on a collection duration, wherein the collection duration is set according to the collection duration indicator;
generating traffic analysis data by characterizing the traffic data sample; and
in response to receiving, from the network controller, a traffic analysis query including one or more query parameters, providing, to the network controller, a portion of the traffic analysis data that satisfies the one or more query parameters;
wherein when the traffic analysis query corresponds to a first query type, the portion is from the traffic analysis data that has been obtained since a time relative to a reference indicator;
wherein when the traffic analysis query corresponds to a second query type, the portion is from the traffic analysis data has been obtained since last sending traffic analysis data.

US Pat. No. 10,659,326

CLOUD COMPUTING NETWORK INSPECTION TECHNIQUES

Microsoft Technology Lice...

1. A system for cloud computing network inspection, the system comprising:at least one processor; and
at least one memory in communication with the at least one processor, the at least one memory having computer readable instructions stored thereupon that, when executed by the at least one processor, cause the system to:
receive a message, which is generated based on user input received via a user interface (UI), at a first computing service associated with a cloud computing network, the first computing service being an orchestrator service deployed in the cloud computing network to manage connectivity with an interconnect platform of the cloud computing network;
responsive to receiving the message at the first computing service and the message having a predetermined message type, cause the first computing service to generate temporal data and to forward at least some aspects of the message to a second computing service associated with the cloud computing network, the second computing service being a provisioning service to provide procurement of resources associated with the cloud computing network, wherein the temporal data defines at least a first date and time specifying when the message was received by the first computing service and a second date and time specifying when the at least some aspects of the message were forwarded to the second computing service;
responsive to receiving the at least some aspects of the message having the predetermined message type at the second computing service, cause the second computing service to generate additional temporal data that defines at least a third date and time specifying when the at least some aspects of the message were received by the second computing service;
communicate the temporal data and the additional temporal data to a telemetry store; and
generate a report at the telemetry store that includes at least the temporal data and the additional temporal data, wherein the report indicates whether the first computing service and the second computing service are functioning properly.

US Pat. No. 10,659,325

MONITORING ENTERPRISE NETWORKS WITH ENDPOINT AGENTS

ThousandEyes, Inc., San ...

1. A system, comprising:a processor configured to:
deploy a plurality of endpoint agents to a plurality of endpoint devices;
collect test results from each of the plurality of endpoint agents for a plurality of tests, wherein the test results are based on tests executed on each of the plurality of endpoint devices for monitoring network activity, wherein periodic network access and system data are used to collect periodic active network measurements to network infrastructure and to capture a system resource snapshot of each of the plurality of endpoint devices based on a data collection profile, and wherein the data collection profile (DCP) includes a configured plurality of domains that are monitored for triggering automatic data collection using one of the plurality of endpoint agents when a user visits one or more of configured plurality of domains using a browser executed on one of the plurality of endpoint devices, and wherein the DCP includes a frequency for performing the periodic network measurements; and
generate a graphical visualization of an application delivery state for one or more application delivery layers based on the test results;
and
a memory coupled to the processor and configured to provide the processor with instructions.

US Pat. No. 10,659,324

APPLICATION MONITORING PRIORITIZATION

CISCO TECHNOLOGY, INC., ...

1. A computer-implemented method comprising:determining a first criticality ranking for a first endpoint in a datacenter;
determining a second criticality ranking for a second endpoint; and
when the first criticality ranking and the second criticality ranking are determined to be a same criticality ranking, executing a tie-breaker process by:
determining a first secondary value for the first endpoint;
determining a second secondary value for the second endpoint;
determining, based on the first criticality ranking, the first secondary value, the second criticality ranking, and the second secondary value, that one of the first endpoint and the second endpoint is a higher priority endpoint; and
triaging the higher priority endpoint before the other of the first endpoint and the second endpoint to mitigate endpoint damage to the datacenter if the datacenter becomes compromised.

US Pat. No. 10,659,323

METHOD AND APPARATUS FOR IMPROVING BROADBAND EXPERIENCE USING CLOUD BASED RECOMMENDATION ENGINE

ASSIA SPE, LLC, Wilmingt...

1. A method performed by a computing device for controlling home network system associated with a plurality of Wi-Fi communicating devices, the method comprising:analyzing operational data associated with the plurality of Wi-Fi communicating devices, the operational data collected from the plurality of Wi-Fi communicating devices, wherein the operational data comprises current operational data and historical operational data;
providing individual recommendations for each of the plurality of Wi-Fi communicating devices for improving performance of the home network system according to the analyzed operational data;
defining hierarchies for the individual recommendations for each of the plurality of Wi-Fi communication devices;
correlating the individual recommendations into groups; and
aggregating the individual recommendations from the groups to generate unified recommendations for improving the home network system.

US Pat. No. 10,659,322

MONITORING SYSTEM, FACILITY MANAGEMENT DEVICE, MONITORING METHOD, AND PROGRAM

Mitsubishi Electric Corpo...

1. A monitoring system comprising:a plurality of equipment management devices configured to manage equipment items installed in a building;
a server; and
terminals, wherein
the server comprises first ports and second ports different from the first ports, each equipment management device of the plurality of equipment management devices being uniquely assigned to a first port and a second port of the first ports and the second ports of the server;
the equipment management device comprises:
a notifier configured to establish communication with the server by connecting one port of the equipment management device and the first port assigned to the equipment management device, and to notify the server of states of the equipment items through the first port; and
a transmitter configured to establish communication with the server by connecting another port of the equipment management device and the second port assigned to the equipment management device, and to receive a request for the equipment information relating to the equipment items from the second port of the server, and to transmit the equipment information to the server through the second port in response to the received request; and
the terminals each comprise:
an acquirer configured to establish communication with the server by connecting one port of a respective terminal and the first port of the server assigned to the equipment management device to notify the terminal of the states of the equipment items, and to acquire the states of the equipment items from the server through the first port of the server;
a receiver configured to establish communication with the server by connecting another port of the respective terminal and the second port of the server assigned to the equipment management device to send the equipment information to the terminal, and to transmit a request for the equipment information to the second port of the server and to receive the equipment information from the server through the second port of the server; and
a presenter configured to present to a user the states of the equipment items acquired by the acquirer and the equipment information received by the receiver,
the server (i) notifies the terminals of the states through the first port upon being notified of the states of the equipment items by the equipment management device and (ii) transmits requests from the terminals to the equipment management device through the second port and transmits a response of the plurality of equipment management devices to the requests of the terminals to the terminals from which the requests originated through the second port.

US Pat. No. 10,659,321

ELECTRONIC APPARATUS FOR RECORDING DEBUGGING INFORMATION AND CONTROL METHOD THEREOF

Samsung Electronics Co., ...

1. A control method of an electronic apparatus which records debugging information, the method comprising:obtaining debugging information using a source code;
adding index information, which corresponds to the debugging information, to the debugging information and storing the debugging information which includes the index information in a buffer; and
converting a plurality of pieces of index information stored in the buffer to a binary file.

US Pat. No. 10,659,320

DEVICE MANAGEMENT SYSTEM

Dell Products L.P., Roun...

1. A device management system, comprising:a system management device that is coupled to a network;
a first managed device that is not connected to the network such that the first managed device cannot directly communicate with the system management device; and
a first user device that is configured to:
establish a first communication connection with the first managed device without the use of the network;
retrieve, from the first managed device using the first communication connection, first managed device information about the first managed device;
establish, subsequent to retrieving the first managed device information from the first managed device, a second communication connection with the system management device using the network; and
provide, through the network to the system management device using the second communication connection, at least one first notification that is based on the first managed device information that was retrieved from the first managed device by the first user device using the first communication connection before the first user device established the second communication connection with the system management device using the network.

US Pat. No. 10,659,319

SYSTEMS AND METHODS FOR ENABLING INTER-AGENT MULTICAST DOMAIN NAME SYSTEM CLIENT ROAMING IN WIDE AREA NETWORK

CISCO TECHNOLOGY, INC., ...

1. A method comprising:receiving, at a controller from a first agent, a request to advertise a service of a networked device;
storing, at a database accessible by the controller, the service and associated records of the service;
receiving, at the controller from a second agent, a request to advertise the service of the networked device and the associated records of the service;
verifying, at the database, whether the service exists;
in response to verifying the service exists in the database, comparing contents of the associated records received from the first agent and the associated records received from the second agent; and
in response to a conflict between the contents of the associated records received from the first agent and the associated records received from the second agent, updating the database with the associated records received from the second agent.

US Pat. No. 10,659,318

METHODS AND APPARATUS RELATED TO MANAGEMENT OF UNIT-BASED VIRTUAL RESOURCES WITHIN A DATA CENTER ENVIRONMENT

Virtustream IP Holding Co...

1. A method comprising:managing hardware resources of a data center as a plurality of data center units, a first one of the data center units comprising a first grouping of two or more different types of hardware resources configured to perform at a given set of one or more predefined hardware resource limit values, and at least a second one of the data center units comprising a second grouping of two or more different types of hardware resources configured to perform at the given set of one or more predefined hardware resource limit values;
assigning the plurality of data center units to different users to operate virtual resources in the data center by assigning two or more data center units, each configured to perform at the given set of one or more predefined hardware resource limit values, to a given user to operate a given one of the virtual resources, the given virtual resource emulating functionality of at least one of a physical device and software associated with the physical device;
monitoring performance of the hardware resources of the data center that implement the two or more data center units, each configured to perform at the given set of one or more predefined hardware resource limit values, providing the given virtual resource; and
dynamically modifying a number of the two or more data center units, each configured to perform at the given set of one or more predefined hardware resource limit values, assigned to the given user operating the given virtual resource responsive to the monitored performance;
wherein assigning the plurality of data center units to the different users comprises:
receiving a request to operate the given virtual resource for the given user;
determining a number of data center units, each configured to perform at the given set of one or more predefined hardware resource limit values, required to operate the given virtual resource; and
assigning the determined number of data center units, each configured to perform at the given set of one or more predefined hardware resource limit values, to the given user; and
wherein the method is performed by at least one processing device comprising a processor coupled to a memory.

US Pat. No. 10,659,317

DYNAMICALLY ADAPTING CLOUD APPLICATIONS

Intel Corporation, Santa...

1. A system for dynamically adapting a cloud application, the system comprising:a processor and memory, configured with instructions to:
detect, using a key performance indicator (KPI) detector, a current value of a KPI of an executing cloud service instance of a cloud application, the cloud application hosted by a Platform as a Service (PaaS) provider, the KPI corresponding to a service level agreement (SLA) between a provider of the cloud application and a user of the cloud application, the cloud service instance having a service type, wherein the KPI and the SLA are tied to a block of code in the cloud application, and wherein the block of code is provided by the PaaS provider;
determine, using a first KPI filter, whether the current value of the KPI is outside of an acceptable range, wherein the determination includes a determination of whether the current value of the KPI is within a KPI adaptation range; and
use a first KPI adaptor to, upon a determination that the current value of the KPI is outside of an acceptable range and is within the KPI adaptation range, implement a cascading application programming interface (API) calling structure provided by the PaaS provider to invoke a first API call and successive API calls based on the cascading API calling structure, the first API call to request a cloud service instance monitor of the cloud service instance to adapt the cloud service instance to operate within the acceptable range.

US Pat. No. 10,659,316

STATE MACHINE CONTROLLED DYNAMIC DISTRIBUTED COMPUTING

JOVIANDATA, INC., San Jo...

1. A non-transitory computer readable storage medium with executable instructions specifying execution of a state machine operating across a plurality of computing nodes in a distributed computing system, comprising executable instructions to:execute a plurality of operators, wherein execution of each operator is under control of the state machine that periodically invokes pause control states to pause the execution of the operator in response to a violation of a service level agreement specifying an operating condition threshold within the distributed computing system.

US Pat. No. 10,659,315

VIRTUAL NETWORK FUNCTION (VNF) RELOCATION IN A SOFTWARE DEFINED NETWORK (SDN)

Sprint Communications Com...

1. A method of operating a data communication system to control Software Defined Network (SDN) Virtual Network Functions (VNFs), the method comprising:a Network Function Virtualization Infrastructure (NFVI) executing the SDN VNFs and responsively transferring SDN Key Performance Indicators (KPIs) to a Management and Orchestration (MANO) computer system;
the MANO computer system processing the SDN KPIs from the NFVI and responsively determining an NFVI task to perform for the SDN VNFs wherein the NFVI task comprises at least one of relocating some of the SDN VNFs, off-boarding some of the SDN VNFs, darkening some of the SDN VNFs, lightening some of the SDN VNFs, and on-boarding a new SDN VNF;
the MANO computer system transferring NFVI control data indicating the NFVI task to the NFVI; and
the NFVI performing the NFVI task for the SDN VNFs responsive to the NFV control data from the MANO computer system wherein the NFVI task comprises at least one of the SDN VNF relocation, the SDN VNF off-boarding, the SDN VNF darkening, the SDN VNF lightening, and the SDN VNF on-boarding.

US Pat. No. 10,659,314

COMMUNICATION HOST PROFILES

Schweitzer Engineering La...

1. A system to automate configuration of a plurality of communication hosts based on a repeatable host profile, the communication hosts in communication with a software defined network (SDN) comprising a control plane and a data plane and associated with an electric power transmission and distribution system, the system comprising:a first communication host configured to produce electric power transmission system data and in communication with the data plane of the SDN;
a second communication host configured to consume electric power transmission system data produced by the first communication host and in communication with the data plane of the SDN;
a plurality of switches disposed within the data plane of the SDN;
a communication host profile subsystem disposed within the control plane and in communication with the plurality of switches and configured to:
select a repeatable host profile for use with the plurality of switches from a plurality of repeatable host profiles, the repeatable host profile comprising at least one repeatable attribute and at least one customizable attribute, wherein the at least one repeatable attribute comprises at least a flow type;
apply the repeatable host profile to the plurality of switches; and
create at least one communication flow within the data plane of the SDN between the first communication host and the second communication host based on the at least one repeatable attribute and based on the at least one customizable attribute specified in the repeatable host profile; and
a traffic routing subsystem configured to implement the at least one communication flow within the data plane of the SDN between the first communication host and the second communication host.

US Pat. No. 10,659,313

DYNAMIC OPTIMIZATION OF SIMULATION RESOURCES

RESCALE, INC., San Franc...

1. A method for facilitating hardware and software metering of tasks performed by a plurality of applications on behalf of a plurality of users, the method comprising the following steps:(a) provisioning a first cluster of computing resources on one of a plurality of hardware provider platforms for executing an application on behalf of a user and, in the event a change in computing resources is warranted while the application is running, provisioning a second cluster of computing resources and terminating the application on the first cluster;
(b) configuring the application and initiating execution of the application on the provisioned first cluster and, in the event the second cluster is provisioned by the cluster service, reconfigures the application and resumes execution of the application on the second cluster;
(c) authenticating each user of the application with a corresponding license server before permitting that user to initiate execution of the application on the provisioned first and second cluster; (d) monitoring the total hardware time the provisioned computing resources are in use during execution of the task, wherein the total hardware time includes the sum of the times the provisioned computing resources are in use on the first cluster and the second cluster; and
(e) monitoring the total time the application is in use during execution of the task, wherein the total software time includes the sum of the times the application is in use on the first cluster and the second cluster.

US Pat. No. 10,659,312

NETWORK ANOMALY DETECTION

International Business Ma...

1. A network managing system comprising:a processor; and
a memory coupled to the processor, wherein the memory comprises instructions that are executed by the processor to cause the processor to:
generate a metric type reference data structure comprising a plurality of entries of metric type reference data, wherein one entry of the plurality of entries in the metric type reference data structure comprises:
a metric type identifier identifying a first predetermined metric type,
a corresponding standard metric property upon which a first plurality of metrics of first predetermined metric type are measured,
a good metric property identifying a potential behavior of each of the first plurality of metrics of the first predetermined metric type, as measured based on the standard metric property, that would be stable and expected, and
a bad metric property identifying a potential behavior of each of the first plurality of metrics of the first predetermined metric type, as measured based on the standard metric property, that would be unusual, and wherein a different entry of the plurality of entries in the metric type reference data structure comprises:
a different metric type identifier identifying a second predetermined metric type different from the first predetermined metric type,
a corresponding second standard metric property upon which a second plurality of metrics of the second predetermined metric type are measured,
a second good metric property identifying a potential behavior of each of the second plurality of metrics of the second predetermined metric type, as measured based on the second standard metric property, that would be stable and expected, and
a second bad metric property identifying a potential behavior of each of the second plurality of metrics of the second predetermined metric type, as measured based on the second standard metric property, that would be unusual; collect metric data from a plurality of managed network devices;
determine, for a collected metric in the collected metric data, that the collected metric is one of the first predetermined metric type or the second predetermined metric type, based on a matching of the collected metric to one of the first predefined metric type or the second predefined metric type in the metric type reference data structure;
automatically apply, based on a measurement of the collected metric in accordance with the standard metric property, a property corresponding to one of the first good metric property, the first bad metric property, the second good metric property, or the second bad metric property based results of determining that the collected metric is one of the first predetermined metric type or the second predetermined metric type; and
responsive to the applied property being one of the first bad metric property or the second bad metric property, automatically generate a notification of an anomaly.

US Pat. No. 10,659,311

METHOD AND APPARATUS FOR PROCESSING DELIVERY DATA, AND STORAGE MEDIUM

Baidu Online Network Tech...

1. A method for processing delivery data, comprising: executing the following steps in a browser application:capturing, from displayed contents of a first web page, a jump web page link of delivery data to be loaded, wherein the jump web page link comprises a uniform resource locator of a data delivery platform website and identification information of the delivery data;
sending delivery data loading request according to the jump web page link, so as to load and present a web page of the delivery data, a web page link of the first web page being different from the jump web page link;
detecting a loading completion status of jumping from the jump web page link to an arrival web page link comprising the identification information, the arrival web page link being different from the jump web page link and from the web page link of the first web page; and
associatively storing the jump web page link, the arrival web page link, and information about the loading completion status.

US Pat. No. 10,659,310

DISCOVERING AND MAPPING THE RELATIONSHIPS BETWEEN MACRO-CLUSTERS OF A COMPUTER NETWORK TOPOLOGY FOR AN EXECUTING APPLICATION

LogicMonitor, Inc., Sant...

1. A method of mapping relationships between remote macro-clusters of a network object topology of a computer communication network, the method comprising:selecting a remote network object that has a relationship with a remote first macro-cluster of the network that includes a first set of the network objects, the network including a remote second macro-cluster that includes a second set of the network objects, the remote first macro-cluster having a relationship with the remote second macro-cluster;
gathering at a first local network object:
communication flow logs of the selected network object using an agent-less flow log source located within the first local network object that uses low level permissions;
metric data from the selected network object using an agent-less metrics source located within the first local network object that uses low level permissions;
configuration data from the selected network object using an agent-less configuration source located within the first local network object that uses low level permissions;
generating at the first local network object, configuration data and time data for each network object of the first set of network objects and of the second set of network objects using the gathered flow log data, metric data and configuration data;
creating at a second local network object, remote network topology information using the configuration data and time data, wherein creating comprises:
automatically grouping network objects having a first common function into the first macro-cluster by creating a first number of abstraction layers by interpreting low level relations between first pairs of the network objects and collapsing a functional group of the first network objects into the first set of network object, and automatically grouping network objects having a second common function into the second macro-cluster by creating a second number of abstraction layers by interpreting low level relations between second pairs of the network objects and collapsing a functional groups of the second network objects into the second set of network objects; and
determining:
a unique key for the first macro-cluster and the second macro-cluster that each uniquely identify each macro-cluster from other macro-clusters, the relationship between macro-clusters, the relationships between network objects and the network objects,
time dimension data for the first macro-cluster and the second macro-cluster,
a type of macro-cluster of each of the first macro-cluster and the second macro-cluster, and the type of macro-cluster is one of a micro-service, a cluster subset or a service subset,
a remote macro-cluster relationship between a first network object of the first macro-cluster and a second network object of the second macro-cluster, wherein the relationship includes one of the first macro-cluster controlling actions performed by the second macro-cluster, the first macro-cluster depending on the second macro-cluster in order to operate correctly or the first macro-cluster streaming data to the second macro-cluster,
a unique key for the remote macro-cluster relationship that uniquely identifies the relationship between the first and second macro-clusters from any other macro-cluster relationship, any network object and any macro-cluster, and
remote macro-cluster topology information of the first set of the network objects and of the second set of the network objects; and
storing at the second local network object, the topology information in a memory.

US Pat. No. 10,659,309

SCALABLE DATA CENTER NETWORK TOPOLOGY ON DISTRIBUTED SWITCH

International Business Ma...

1. A data center network topology, comprising:at least ten base units each of which comprises a set of a plurality of nodes in the data center network topology connected by southbound connections of corresponding multi-host network interface controllers, said multi-host network interface controllers having northbound a higher total bandwidth than southbound, each base unit also comprising a corresponding multi-host network interface controller; and
a super unit comprising the ten base units with their respective multi-host network interface controllers connected in a modified Peterson graph form as an intragroup network wherein the ten base units of the super unit comprise three groups each including three of the ten base units, in which each of said multi-host network interface controllers is configured to use three intragroup northbound connections for a direct connection to three other base units of the super unit, and in which each of two base units of each of the groups are connected via a respective one of a fourth intragroup northbound connection to one of said other two groups, and a remaining base unit out of said ten base units not being part of one of the three groups of three base units is configured to use three intragroup northbound connections for a direct connection to one base unit in each of the three groups, wherein each base unit in a group is connected to the two other base units in the group via two of three intragroup northbound connections, and wherein said multi-host network interface controllers are configured as dragonfly switches.

US Pat. No. 10,659,308

DEVICE DIFFERENTIATION FOR ELECTRONIC WORKSPACES

Amazon Technologies, Inc....

1. A method comprising:establishing a connection between a first device and a second device;
presenting, on a first display of the first device, a device identification corresponding to the second device;
causing presentation of the device identification on a second display associated with the second device;
receiving, at the first device, first input data indicating a selection of the device identification;
presenting, on the first display of the first device, a content item;
receiving, at the first device, second input data indicating a request to present the content item on the second display associated with the second device; and
based at least in part on the selection of the device identification, sending, from the first device and to the second device, an indication of the content item.

US Pat. No. 10,659,307

HYBRID CLOUD IDENTITY MAPPING INFRASTRUCTURE

eBay Inc., San Jose, CA ...

1. A system, comprising:at least one processor;
a memory storing instructions that, when executed by the at least one processor, configure the system to perform operations comprising:
store an enterprise identity as an entry in a directory of an external cloud that is external to an enterprise cloud;
determine a mapping between a first external name from the external cloud to a second enterprise name from the enterprise cloud in the directory of the external cloud; and
based on the mapping, allow a user of the enterprise identity to access the external cloud after using the second enterprise name.

US Pat. No. 10,659,306

INFORMATION PROCESSING DEVICE AND METHOD FOR SETTING THE ENVIRONMENT OF THE DEVICE

Panasonic Intellectual Pr...

1. An information processing device comprising:circuitry configured to communicate and be connected to a network;
a storage device comprising a nonvolatile memory configured to store information specifying (i) icon arrangement of the information processing device or (ii) a default printer of the information processing device, the information being set according to a type of the network and a presence or absence of a virtual network created through the network; and
a processor configured to set appearance of a display output, which is connected to the information processing device, based on the information stored by the storage device in at least one of following cases:
when the network is switched to another network, and
when the presence or absence of the virtual network is changed.

US Pat. No. 10,659,305

METHOD AND SERVER SYSTEM FOR IDENTIFYING DEVICES

LENOVO (BEIJING) CO., LTD...

1. A method for identifying a device connected to a server system, comprising:establishing a connection between the server system and a plurality of target devices; and
acquiring device information of each of the plurality of target devices based on the connection, wherein; the connection is at least one of a data connection or a device connection;
the device connection provides at least one router manager center (RMC) device configured to connect the server system with the plurality of target devices; and
acquiring the device information of each of the plurality of target devices further comprises:
acquiring correspondence relationship information transmitted by the at least one RMC, wherein the correspondence relationship information is obtained by the at least one RMC by sequentially powering up ports of the plurality of target devices connected to the server system, and the correspondence relationship information comprises correspondence relationship information among the ports, device identifiers of the plurality of target devices, and IP addresses of the plurality of target devices, and
based on the correspondence relationship information, acquiring the device information of the plurality of target devices.

US Pat. No. 10,659,304

METHOD OF ALLOCATING PROCESSES ON NODE DEVICES, APPARATUS, AND STORAGE MEDIUM

FUJITSU LIMITED, Kawasak...

1. A method of allocating a plurality of processes on a plurality of node devices coupled through a network, the method comprising:determining, by a processor, whether or not a start node device at which a process to be performed first in the plurality of processes and an end node device at which a process to be performed finally in the plurality of processes are designated in the plurality of node devices;
specifying, when determining that the start node device is not designated, first processes which are included in the plurality of processes, the process to be performed first being included in the first processes, the first processes having a total calculation amount which indicates a calculation amount to perform the first processes and is equal to or less than a calculation resource at the start node device;
comparing a first bandwidth used for data communication among the first processes with a second bandwidth used for data communication between a final process which is to be performed finally in the first processes and a next process which is not included in the first processes and is to be performed after the final process;
dividing, when the first bandwidth is smaller than the second bandwidth, the first processes into the final process and one or more first processes other than the final process; and
allocating the one or more first processes on the start node device.

US Pat. No. 10,659,303

EXTERNAL DATA COLLECTION FOR REST API BASED PERFORMANCE ANALYTICS

ServiceNow, Inc., Santa ...

1. A cloud-based computer system, comprising:a network interface; and
a memory partition communicatively coupled to one or more processing units and the network interface, wherein the memory partition comprises computer instructions that when executed by the one or more processing units cause the cloud-based computer system to:
provide a hosted client instance over the network interface for communicatively coupling with a remote client device, the hosted client instance including a performance analytics module that is configured to present an internal key performance indicator and an external key performance indicator on a performance analytics dashboard;
execute a query to a connection to an external data source over a network to obtain a result set of external data associated with the external key performance indicator, wherein the external data source is external to the hosted client instance;
obtain the result set of external data from the external data source over a communication interface coupled to the network; and
execute a plurality of representational state transfer application programming interfaces (REST APIs) associated with the performance analytics module to:
store the result set of external data in an internal storage device of the hosted client instance, wherein the internal storage device stores both the external data associated with the external key performance indicator and internal data associated with the internal key performance indicator;
retrieve the external data associated with the external key performance indicator and the internal data associated with the internal key performance indicator from the internal storage device of the hosted client instance; and
render, via a user interface (UI) rendering engine of the performance analytics module, one or more widgets on the performance analytics dashboard, wherein the REST APIs interact with the data associated with the internal and external key performance indicators in the internal storage device to render the one or more widgets.

US Pat. No. 10,659,302

CONFIGURING COMPUTING DEVICES USING A BOOTSTRAP CONFIGURATION

Apple Inc., Cupertino, C...

1. A method for configuring a computing device, comprising:in the computing device, performing operations for:
querying an activation server to determine whether a bootstrap configuration server has a bootstrap configuration for the computing device;
in response to determining that the bootstrap configuration server has the bootstrap configuration for the computing device, sending a device identifier to the bootstrap configuration server; and
receiving, from the bootstrap configuration server, a bootstrap configuration approved for the device identifier based on a list of approved devices, the bootstrap configuration comprising a reference to a location on a device management server from where a device configuration file is to be retrieved.

US Pat. No. 10,659,301

CONFIGURING CONTAINER ATTRIBUTE DATA ON NETWORK SWITCHES TO ENABLE NETWORKING FUNCTIONALITY

Cisco Technology, Inc., ...

1. A computer-implemented method comprising:receiving, at a network switch from a container network manager that executes on a first computing device that is both separate from the network switch and communicates with one or more container orchestration engines, container attribute data for a container hosted at a second computing device that is separate from both the network switch and the first computing device;
at the network switch, enabling networking functionality for the container hosted at the second computing device by updating container configuration data based upon one or more container attribute data values contained in the container attribute data for the container hosted at the second computing device.

US Pat. No. 10,659,300

SELF-FORMING NETWORK COMMISSIONING SYSTEM AND METHOD

CURRENT LIGHTING SOLUTION...

1. A network system comprising:node devices configured to be distributed in a structure and to self-form separate network groups; and
a control commissioner device having a system coordinator device that is configured to communicatively couple with the node devices, the system coordinator device also configured to control formation of the separate network groups of different groups of the node devices by restricting which of the node devices can communicatively couple with different local coordinator devices, the control commissioner device including an upgrade coordinator device configured to change one or more of software or firmware of one or more of the node devices by directing the one or more node devices to communicatively decouple from the corresponding local coordinator device and to communicatively couple with the upgrade coordinator device,
wherein the node devices of each of the separate network groups are configured to communicate with the local coordinator device associated with the network group.

US Pat. No. 10,659,299

MANAGING PRIVACY SETTINGS FOR CONTENT ON ONLINE SOCIAL NETWORKS

Facebook, Inc., Menlo Pa...

1. A method comprising, by one or more computing devices of an online social network:receiving an indication of a trigger action by a first user of the online social network, wherein the trigger action is with respect to a second user of the online social network;
sending, to a client system of the first user, automatically in response to receiving the indication of the trigger action, a content-update interface associated with the second user, wherein the content-update interface allows the first user to update, en masse, a plurality of privacy settings of a plurality of content objects, respectively, each of the content objects being associated with the first user and the second user, wherein the privacy settings of each content object controls an accessibility of the respective content object by one or more other users of the online social network;
receiving, from the client system of the first user via the content-update interface, one or more settings updates for the plurality of privacy settings of the plurality of content objects, respectively, wherein the one or more settings updates change the accessibility of the respective content objects by the second user associated with the trigger action; and
applying the settings updates to the plurality of privacy settings of the plurality of content objects, respectively.

US Pat. No. 10,659,298

EPOCH COMPARISON FOR NETWORK EVENTS

CISCO TECHNOLOGY, INC., ...

1. A method comprising:receiving a first epoch identifier and a second epoch identifier, the first and second epoch identifiers associated with a network having gone through one or more reconfigurations;
retrieving, based on the first and second epoch identifiers, a first epoch event data and a second epoch event data, the first epoch event data associated with the first epoch identifier and the second epoch event data associated with the second epoch identifier; and
generating an epoch diffs by comparing the first epoch event data to the second epoch event data, the diffs containing labeled events associated with the first and second epoch event data.

US Pat. No. 10,659,297

NEGOTIATION MODE PROCESSING METHOD AND INTELLIGENT NETWORK DEVICE

HUAWEI TECHNOLOGIES CO., ...

1. A negotiation mode processing method, comprising:receiving, by an intelligent network device via a first physical layer (PHY), a first auto-negotiation configuration stream from a first network device coupled to the first PHY, wherein the intelligent network device comprises the first PHY and a second PHY coupled to a second network device, and wherein the first auto-negotiation configuration stream indicates that a negotiation mode of the first network device comprises an auto-negotiation mode;
changing, by the intelligent network device, a negotiation mode of the second PHY from a non-auto-negotiation mode to the auto-negotiation mode according to the first auto-negotiation configuration stream received via the first PHY;
sending, by the intelligent network device using another intelligent network device, a second auto-negotiation configuration stream to the second network device after the negotiation mode of the second PHY is changed to the auto-negotiation mode;
receiving, by the intelligent network device using the other intelligent network device, a third auto-negotiation configuration stream from the second network device; and
changing, by the intelligent network device, a negotiation mode of the first PHY from the non-auto-negotiation mode to the auto-negotiation mode after receiving the third auto-negotiation configuration stream from the second network device.

US Pat. No. 10,659,296

METHOD AND APPARATUS FOR ADMISSION TO A PREMISES-BASED CABLE NETWORK

Maxlinear, Inc., Carlsba...

1. A network node, the node comprising:at least one circuit comprising:
a network communication circuit; and
a processor and memory,
wherein the at least one circuit is operable to, at least:
receive a broadcast message comprising timing information that indicates when an admission control message is allowed to be transmitted;
analyze at least the timing information in the received broadcast message to determine when to transmit an admission control message;
transmit the admission control message to solicit an admission control response message from an other node;
receive the admission control response message from the other node in reply to the transmitted admission control message, the admission control response message comprising network name information specifying a name of a network;
analyze at least the network name information and a network admission control parameter to determine whether the network node is authorized to join the network, wherein at least one value of the network admission control parameter indicates that the network node may join only a network having a particular name; and
if it is determined that the network node is authorized to join the network, then join the network.

US Pat. No. 10,659,295

SYSTEMS FOR CONFIGURING AND MANAGING CLASSROOM DEVICES

AirWatch, LLC, Atlanta, ...

1. A non-transitory, computer-readable medium containing instructions executed by at least one processor to perform stages for configuring user devices in a classroom, the stages comprising:receiving at least one selection on a graphical user interface (“GUI”) to:
assign a first plurality of user devices to a first cart and a second plurality of user devices to a second cart;
assign the first cart to a first class; and
assign a first application to the first class;
assigning the first application to the first plurality of user devices based on the first cart being assigned to the first class; and
installing the first application on the first plurality of user devices, including staging the first application on at least one of the first plurality of user devices.

US Pat. No. 10,659,294

LINKING MULTIPLE ENROLLMENTS ON A CLIENT DEVICE

VMware, Inc., Palo Alto,...

1. A non-transitory computer-readable medium embodying a program executed by a computing device for facilitating multiple enrollments of a client device as a managed device, wherein the program is configured to cause the computing device to at least:initiate a first enrollment of the client device with a management service, wherein the first enrollment is associated with a first device identifier corresponding to the client device;
cause a management component to be installed on the client device through the management service;
transmit a management profile to the client device, the management profile causing the management component to generate a user prompt that initiates a second enrollment of the client device with the management service;
in response to a first user login at the user prompt, initiate the second enrollment of the client device with the management service, the second enrollment being initiated by the management component and being associated with a second device identifier;
in response to a second user login, remove the second enrollment of the client device by disassociating the second device identifier from the client device; and
in response to the second user login, initiate a third enrollment with the management service, the third enrollment being performed by the management component and being associated with a third device identifier.

US Pat. No. 10,659,293

APPARATUS, SYSTEM, AND METHOD FOR DYNAMICALLY SCALING MEMORY FOR VIRTUAL ROUTERS

Juniper Networks, Inc, S...

1. A method comprising:executing a virtual router that services traffic within a network in connection with a specific network consumer; and
dynamically scaling memory of the virtual router to accommodate a networking need of the specific network consumer by:
installing, in a first component of a physical network device that hosts the virtual router, a first set of networking objects that facilitate servicing the traffic in connection with the specific network consumer;
installing, in a second component of the physical network device, a second set of networking objects that facilitate servicing the traffic in connection with the specific network consumer;
determining a first amount of memory that is consumed by the first set of networking objects at the first component of the physical network device;
determining a second amount of memory that is consumed by the second set of networking objects at the second component of the physical network device; and
modifying a configuration file of the virtual router such that the memory of the virtual router is scaled to store the first and second sets networking objects via the first and second components.

US Pat. No. 10,659,292

ARBITRATION METHOD, APPARATUS, AND SYSTEM USED IN ACTIVE-ACTIVE DATA CENTERS

HUAWEI TECHNOLOGIES CO., ...

1. An arbitration method used in active-active data centers, comprising:viewing, by a first data center, a preset arbitration policy when the first data center determines that communication between the first data center and a second data center is interrupted and when an arbitration device cannot perform arbitration; and
continue providing, by the first data center, a service when the first data center determines, according to the preset arbitration policy, that the first data center is a preferred data center,
wherein the first data center and the second data center are the active-active data centers.

US Pat. No. 10,659,291

LABEL AND ASSOCIATED TRAFFIC BLACK HOLE CORRECTION

Juniper Networks, Inc., ...

1. A method comprising:determining, by an ingress router of a label switched path (LSP), an error in a forwarding engine of at least one transit router of the LSP;
in response to determining the error in the forwarding engine of at least one transit router of the LSP, generating, by the ingress router, an end-to-end path message including at least a flag instructing any transit router along the LSP to reprogram label information into the forwarding engine of the transit router using label information that was pre-programmed within a routing engine of the transit router prior to determining the error; and
sending, by the ingress router, the end-to-end path message including at least the flag to the transit router.

US Pat. No. 10,659,290

RSVP LOCAL PROTECTION SIGNALING REDUCTION

Juniper Networks, Inc., ...

1. A method comprising:receiving, by a merge point network device, a plurality of resource reservation request messages for establishing a plurality of protected label switched paths (LSPs) that include a protected resource between a common point of local repair network device and the merge point network device, wherein each of the resource reservation request messages includes a common bypass tunnel identifier that identifies a common bypass tunnel that extends between the point of local repair network device and the merge point network device and avoids the protected resource;
in response to receiving the plurality of resource reservation request messages, storing, by the merge point network device, an association between the bypass tunnel identifier and each of the plurality of protected LSPs;
receiving, by the merge point network device, a single message over the bypass tunnel to trigger creation of backup LSP state information for a plurality of backup LSPs corresponding to the plurality of protected LSPs, wherein the single message includes the bypass tunnel identifier;
determining, by the merge point network device, that the bypass tunnel identifier included in the single message is the same as the bypass tunnel identifier of the stored association; and
in response to the determining, automatically creating, by the merge point network device, backup LSP state information for each of the plurality of backup LSPs corresponding to the plurality of protected LSPs associated with the bypass tunnel identifier according to the stored association.

US Pat. No. 10,659,289

SYSTEM AND METHOD FOR EVENT PROCESSING ORDER GUARANTEE

ServiceNow, Inc., Santa ...

1. A method for processing event alerts in a networked computer architecture, the method comprising:at an event management listener, generating a message key and event indication in response to a condition on a resource monitored by the event management listener;
assigning a first management, instrumentation, and discovery (MID) server of a plurality of MID servers as a publishing MID server and a second MID server of the plurality of MID servers as a subscribed MID server;
assigning the message key to the subscribed MID server to receive each event indication associated with the message key;
at the publishing MID server, receiving the message key and the event indication and publishing the event indication and message key to a message bus;
at the subscribed MID server, processing the event indication, wherein the subscribed MID server is subscribed to the message key so that other MID servers of the plurality of MID servers do not receive the event indication associated with the message key, and wherein processing the event indication comprises generating an alert based on a set of event rules; and
providing the alert to an instance in communication with the subscribed MID server.

US Pat. No. 10,659,288

METHOD FOR CONTROLLING SERVER DEVICE, RECORDING MEDIUM, SERVER DEVICE, TERMINAL DEVICE, AND SYSTEM

GREE, Inc., Minato-ku (J...

1. A method for controlling a server for providing a game to a plurality of terminal devices used by respective users of a plurality of users to participate in the game, the server including a memory for storing battle data relating to battles proceeding in the game and user data relating to the plurality of users, the method comprising:transmitting data, over a computer network, for displaying a battle list including information related to a plurality of battles for the game, to the terminal devices of the plurality of users;
in response to receiving a request to participate in a battle selected from the plurality of battles from a terminal device of any one of the plurality of users, storing a user using said terminal device as a participating user in the memory, and transmitting data for displaying a battle screen including information relating to the battle to said terminal device;
executing the battle and monitoring the battle, in response to receiving a request to proceed with the battle from the terminal device of the user participating in the battle;
for each user, storing information on a certain operation which is performed by said each user in the battle, as a degree of contribution to the battle, in the memory;
when the battle is over, automatically selecting from the plurality of users, using circuitry, one or more candidate users (candidates) who have participated in the battle and whose degree of contribution to the battle is larger than a threshold value;
transmitting, over the computer network, to a terminal device of a user who has participated in the battle, data for displaying a selection screen in which the automatically selected one or more candidates, with whom the user may establish a friend status are displayed; and
allowing said user who has participated in the battle to select whether or not the terminal device of said user transmits, over the computer network, an association request to associate at least one first candidate selected from the one or more candidates by said user with said user to the server, wherein
the selection screen includes the automatically selected one or more candidates, the terminal device automatically activating a first object corresponding to a first candidate of the automatically selected one or more candidates in the selection screen in response to the first candidate satisfying a predetermined criterion, and the terminal device not activating a second object corresponding to a second candidate of the automatically selected one or more candidates in the selection screen in response to the second candidate not satisfying the predetermined criterion,
the selection screen includes, for each of the one or more candidates, a selection element used for automatically selecting at least one corresponding candidate as the first candidate on the basis of a predetermined criterion using the circuitry and manually selecting a corresponding candidate, which is not selected, as the first candidate by said user, and for transmitting the association request over the computer network, and
in response to a user selection of the second object, the terminal device is configured to activate the second object selected by the user, and in response to a user selection of the first object, the terminal device is further configured to not active the first object selected by the user.

US Pat. No. 10,659,287

MANAGEMENT SERVER

DENSO CORPORATION, Kariy...

1. A system comprising:a content execution device located in a vehicle and including a navigation system device and a mobile communication terminal provided separately from each other;
a management server including a content access server and a content authentication information management server;
a content distribution device;
the management server managing provisions for the content execution device located in the vehicle;
the navigation system device and the mobile communication terminal both having a cooperative application installed which executes content based on mutual cooperation with each other, the content being acquired by the mobile communication terminal from the content distribution device through the content access server based on a user request, the navigation system device and the mobile communication terminal each executing the cooperative application to cooperatively execute the content, and, while the navigation system device and the mobile communication terminal each execute the cooperative application to cooperatively execute the content, the mobile communication terminal also functions as a communication medium between the navigation system device and the content access server; and
the content authentication information management server including:
a registered vehicular device enabling portion that configures the navigation system device included in the content execution device as a registered vehicular device when the content execution device, including the navigation system device and the mobile communication terminal provided separately from each other and each installed with the cooperative application for executing the content based on the mutual cooperation with each other, starts the cooperative application for the first time; and
a user identification information management portion that manages user identification information in association with vehicular device identification information of the registered vehicular device, identifying the registered vehicular device, the user identification information being registered only with the associated vehicular device identification information when the content execution device including the registered vehicular device starts the cooperative application for the first time and transmits the user identification information and the associated vehicular device identification information to the user identification information management portion of the content authentication information management server;
wherein the management server permits the provision of a content distribution service for the content execution device by the content distribution device when the user identification information transmitted from the content execution device matches the user identification information managed by the user identification information management portion regardless of whether the navigation system device included in the content execution device is the registered vehicular device.

US Pat. No. 10,659,286

METHOD AND SYSTEM FOR SIMPLIFYING DISTRIBUTED SERVER MANAGEMENT

BladeLogic, Inc., Housto...

1. A method comprising:providing through a graphical user interface (GUI) a representation of a plurality of servers as a single virtual server, the representation of the single virtual server implemented by a virtual server client and a plurality of virtual server agents, each server of the plurality of servers running a respective virtual server agent of the plurality of virtual server agents, and a first server of the plurality of servers having an operating system that differs from a second server of the plurality of servers;
receiving via the GUI a system call that requests a service from an operating system of at least one of the plurality of servers, the system call being provided via the GUI by a user with an authenticated identity for the GUI;
transmitting the system call to a first respective virtual server agent for the first server and to a second respective virtual server agent for the second server;
the first respective virtual server agent selecting a first local user identity for the first server based on a role associated with the authenticated identity;
the second respective virtual server agent selecting a second local user identity for the second server based on the role associated with the authenticated identity; and
executing the system call using the first local user identity on the first server and using the second local user identity on the second server.

US Pat. No. 10,659,285

MANAGEMENT APPARATUS AND INFORMATION PROCESSING SYSTEM

FUJITSU LIMITED, Kawasak...

1. A management apparatus comprising:a memory configured to store management information indicating statuses of a plurality of components, the plurality of components including a first component included in a first information processing apparatus and a second component included in a second information processing apparatus; and
a processor configured to perform a procedure including:
upon receiving a Simple Network Management Protocol (SNMP) trap indicating a state change of the first information processing apparatus, determining whether to query for component information indicating current statuses of query target components in response to the SNMP trap, the SNMP trap including a trap type specific to a vendor of the first information processing apparatus,
when a determination is made to query for the component information, detecting the state change affects the second information apparatus based on the trap type and selecting the first component and the second component as the query target components from the plurality of components, the selecting includes selecting the query target components related to the state change, based on content of the state change indicated by the SNMP trap,
acquiring the component information of the selected query target components from the first information processing apparatus and the second information processing apparatus, and
updating the management information stored in the memory, based on the component information.

US Pat. No. 10,659,284

SNMP REQUEST PROCESSING WITHIN DISTRIBUTED DEVICE ARCHITECTURE

International Business Ma...

1. A method, said method comprising:maintaining, by a master device of a distributed device architecture comprising the master device and multiple member devices, a management information base (MIB) for the distributed device architecture, including for the master device and for the member devices, where the MIB is an only MIB of the distributed device architecture, such that wherein none of the member devices includes a MIB;
receiving, by a simple network management protocol (SNMP) agent of the master device, a SNMP request of SNMP management information content from a managing device, wherein the SNMP agent of the master device is the only SNMP agent within the distributed device architecture, wherein no SNMP communication occurs between the master device and the multiple member devices, wherein no SNMP communication occurs among the multiple member devices, wherein the MIB is a database that stores SNMP management information for the master device and the multiple member devices, wherein the MIB does not store the SNMP management information content requested within the SNMP request;
determining, by the master device, that the SNMP request pertains to a given member device, of the member devices;
in response to said determining that the SNMP request pertains to the given member device, determining, by the master device, that the SNMP request requires the given member device to fulfill the SNMP request;
in response to said determining that the SNMP request requires the given member device to fulfill the SNMP request, generating, by the master device, a non-SNMP request corresponding to the SNMP request;
transmitting, from the master device to the given member device, the non-SNMP request;
after said transmitting the non-SNMP request, receiving, by the master device from the given member device, results of processing the non-SNMP request;
generating, by the master device, a SNMP response corresponding to the results of processing the non-SNMP request; and
transmitting, from the SNMP agent of the master device to the managing device, the SNMP response,
wherein the managing device communicates with the distributed device architecture as a single device, such that the managing device is unaware that the distributed device architecture includes a plurality of devices including the master device and the member devices,
wherein the non-SNMP request is encapsulated in a first enhanced layer two transport (EL2T)-based packet, and
wherein the results of processing the non-SNMP request are encapsulated in a second enhanced layer two transport (EL2T)-based packet.

US Pat. No. 10,659,283

REDUCING ARP/ND FLOODING IN CLOUD ENVIRONMENT

CISCO TECHNOLOGY, INC., ...

1. One or more computer readable, non-transitory storage media encoded with software comprising computer executable instructions and, when the software is executed, operable to:receive an address resolution protocol (ARP) request message from a requesting virtual machine, the ARP request message comprising a request for a destination address for a destination virtual machine, the destination address comprising a destination hardware address and a destination media access control address;
augment the ARP request message with a network service header (NSH), the NSH identifying an ARP service function;
forward the ARP request message with the NSH to the ARP service function;
when the destination address for the destination virtual machine is not present in an ARP service function database, receive an ARP reply message from the ARP service function with a flag indicating no entry;
when the destination address for the destination virtual machine is present in the ARP service function database and the destination address is not local, receive the ARP reply message from the ARP service function with a flag indicating the destination address; and
determine, from the ARP reply message, whether the destination address for the destination virtual machine is present in the ARP service function database based on the flag indicating no entry or the flag indicating the destination address.

US Pat. No. 10,659,282

COMMUNICATION APPARATUS, METHODS, AND NON-TRANSITORY COMPUTER-READABLE MEDIA FOR DETERMINING IP ADDRESSES FOR USE IN DIFFERENT NETWORKS

Brother Kogyo Kabushiki K...

1. A communication apparatus comprising:a wireless interface;
a processor; and
a memory storing computer-readable instructions therein, the computer-readable instructions, when executed by the processor, instructing the communication apparatus to:
obtain a first IP address of the communication apparatus to be used in a first type wireless network comprising the communication apparatus and a first device and not comprising any access point different from the communication apparatus and the first device;
establish the first type wireless network via the wireless interface in a case where the first IP address is obtained;
in response to accepting an instruction for establishing a second type wireless network, under a situation where the first type wireless network is established, obtain, from an access point, a second IP address of the communication apparatus to be used in the second type wireless network, wherein the second type wireless network comprises the communication apparatus, a second device, and the access point;
establish the second type wireless network via the wireless interface in a case where the second IP address is obtained;
maintain the first type wireless network in a case where a second value of a part of the second IP address masked by a second subnet mask of the second type wireless network is different from a first value of a part of the first IP address masked by a first subnet mask of the first type wireless network;
under a situation where both the first type wireless network and the second type wireless network are established, execute, using the first IP address, a first communication with the first device in the first type wireless network via the wireless interface; and
terminate the first type wireless network in a case where the second value is the same as the first value.

US Pat. No. 10,659,281

METHOD AND APPARATUS FOR TRANSMITTING/RECEIVING A BROADCAST SIGNAL

LG ELECTRONICS INC., Seo...

1. A method for transmitting a broadcast signal in a transmitter, comprising:link layer processing IP (Internet Protocol) data to output at least one link layer packet,
wherein the at least one link layer packet includes a payload, at least one of a base header, an additional header or an optional header having SID (Sub-stream Identifier) for indicating a sub-stream identifier for the at least one link layer packet; and
physical layer processing the at least one link layer packet based on a PLP (Physical Layer Pipe),
wherein the link layer processing includes:
compressing a header of the IP data, and
performing an adaptation function for the IP data based on three adaptation modes,
wherein the three adaptation modes includes:
a first adaptation mode in which a first IR (Initialization and Refresh) packet, a first IR-DYN (IR Dynamic) packet and a first compressed packet are bypassed,
a second adaptation mode in which context information of a second IR packet is extracted, and the second IR packet is converted into a second IR-DYN packet, and
a third adaptation mode in which context information of a third IR packet is extracted, context information of a third IR-DYN packet is extracted, the third IR packet is converted into a second compressed packet, and the third IR-DYN packet is converted into a third compressed packet.