Systems and methods for learning differentially private machine-learned models are provided. A computing system can include one or more server computing devices comprising one or more processors and one or more non-transitory computer-readable media that collectively store instructions that, when executed by the one or more processors cause the one or more server computing devices to perform operations. The operations can include selecting a subset of client computing devices from a pool of available client computing devices; providing a machine-learned model to the selected client computing devices; receiving, from each selected client computing device, a local update for the machine-learned model; determining a differentially private aggregate of the local updates; and determining an updated machine-learned model based at least in part on the data-weighted average of the local updates.

Embodiments of the present application relate to a method for policy enforcement, a system for policy enforcement, and a computer program product for policy enforcement. A method for policy enforcement is provided. The method includes receiving a host information profile report from a client device, and enforcing a security policy for network access based on the host information profile report. The host information profile report includes device profile information associated with the client device.

Technologies for power-aware scheduling include a computing device that receives network packets. The computing device classifies the network packets by priority level and then assigns each network packet to a performance group bin. The packets are assigned based on priority level and other performance criteria. The computing device schedules the network packets assigned to each performance group for processing by a processing engine such as a processor core. Network packets assigned to performance groups having a high priority level are scheduled for processing by processing engines with a high performance level. The computing device may select performance levels for processing engines based on processing workload of the network packets. The computing device may control the performance level of the processing engines, for example by controlling the frequency of processor cores. The processing workload may include packet encryption. Other embodiments are described and claimed.

The invention relates to systems and methods to enable a mobile device to be used as a remote control, in order to control one or more remotely controllable objects. In possible embodiments of the invention, proximity-based (or other) remote controls include control authorization to enable the transfer or sharing of control between different remote controls being implemented on different mobile devices, in order to permit different users to transfer or share control of a same remotely controllable object, for example. In other possible embodiments of the invention, a proximity-based (or other) remote control uses control authentication to enable the pairing of a remote control implemented on a device and a remotely controllable object, for example. Various embodiments of control authority and control authentication are possible and anticipated by the invention to address a wide range of practical remote control applications and provide many benefits to users.

This disclosure relates to a method for privacy-preserving web activity monitoring including receiving, from an application on a user device of a user, a request for digital content from a domain, assigning, to the application and at a first time, a randomized cohort constructed based on a randomly selected identifier and a timestamp indicating the first time at which the randomized cohort was assigned to the application, and providing, to the application and at the first time, (i) a digitally signed certificate corresponding to the randomly selected identifier and the timestamp and (ii) a unique public key and corresponding unique private key associated with the certificate, wherein the randomly selected identifier is also assigned to at least a threshold number of other applications executing on other user devices within a predetermined period of time of the assignment of the randomized cohort to the application.

A digital certificate obtaining method and apparatus. The method includes: a routing device receives a network access request sent by a terminal on the basis of a first virtual local area network, wherein the first virtual local area network is associated with a uniform resource locator (URL) of a server, so that the terminal obtains, by means of the server, a digital certificate used for accessing a second virtual local area network; and in response to the network access request sent by the terminal on the basis of the first virtual local area network, the routing device sends the URL of the server to the terminal, so that the terminal obtains the digital certificate from the server according to the URL.

A system and method for processing dynamic host configuration protocol (DHCP) snooping entry information in a ring network An entry information processing apparatus includes a processor and a non-transitory memory connected to the processor and storing program code for execution by the processor. The program code includes instructions to generate a first packet, where the first packet includes DHCP snooping entry information, the DHCP snooping entry information includes a first internet protocol (IP) address of first user equipment and a first media access control (MAC) address of the first user equipment, and the first user equipment accesses a ring network via a first communication apparatus in which the entry information processing apparatus is used, and send the first packet.

Systems and methods are provided that may be implemented to orchestrate trusted enrollment of an endpoint client information handling system by deploying a signed payload of an enrollment package to the endpoint client system, and by using a client software agent executing on the endpoint client system to first verify the distribution chain and/or signature of the deployed enrollment package before proceeding to use other information contained in the enrollment package to contact a registration server to enroll the endpoint client system.

A method of controlling access to a digital asset by a user includes creating the digital asset, which includes a program file and a content file. The digital asset is associated with a primary key sequence and with a key-sequence document. The digital asset is stored at a distribution server. A user registration process, a user verification process, and an asset acquisition process are performed. The user registration process includes registering a storage device with the distribution server. The storage device includes a unique device identifier. The user is associated with the device identifier, with a secondary key sequence, and with a network interface. The network interface includes a unique interface identifier and has embedded therein an asset access application, the secondary key sequence and a key sequence rule are provided to the user.

A scrambling method of data on a J1939 communication system of a vehicle involves at least moving data from one of a PGN and a PGN/SPN location to another PGN or PGN/SPN location at a first controller on the vehicle before transmitting data and then re-ordering the data at a second controller. Some embodiments further comprise encrypting data either before or after shifting, but before transmitting so as to further complicate efforts to interpret meaningful data from the transmission. The second controller may be on the vehicle or may be remotely located.