Disclosed herein are system, method, and computer program product embodiments for preemptively evaluating whether roles are over-privileged within an (IAM) identity and access management system. Roles may be over-privileged when they are granted permissions to perform certain actions outside the scope granted to those roles. The evaluation occurs without submitting the certain actions to the IAM system and allows roles to be evaluated on a preemptive basis so that corrective actions may be taken to prevent unauthorized access to resources. Roles may be associated with policies which may each define different permissions for accessing resources. The evaluation may involve generating an effective policy from the policies associated with a role to provide a comprehensive view of all permissions associated with the role. The specified solution operates to generate an effective permission for accessing a resource and evaluating whether that effective permission is outside of a permissible scope of access for the role.

A mobile terminal comprises: a body frame that is expandable in a first direction and shrinkable in a second direction; a flexible display in which the area of a display unit positioned on the front surface of the body frame is expanded according to the expansion of the body frame; a driving unit that changes the size of the body; a sensing unit that senses a user command; and a control unit that controls the driving unit to expand or shrink the body frame on the basis of the user command sensed by the sensing unit. Thus, a screen of the display unit positioned on the front surface can be expanded through size adjustment. Because a part of the screen always faces the outside, a separate secondary display unit is not required, and the screen may be expanded step by step as needed.

A mobile terminal comprises: a body frame that is expandable in a first direction and shrinkable in a second direction; a flexible display in which the area of a display unit positioned on the front surface of the body frame is expanded according to the expansion of the body frame; a driving unit that changes the size of the body; a sensing unit that senses a user command; and a control unit that controls the driving unit to expand or shrink the body frame on the basis of the user command sensed by the sensing unit. Thus, a screen of the display unit positioned on the front surface can be expanded through size adjustment. Because a part of the screen always faces the outside, a separate secondary display unit is not required, and the screen may be expanded step by step as needed.

A data transmission method for the transmission of information between a server and at least one authenticated device, and in particular it is directed to a method for transmitting a set of data with a tree configuration over a computer network sending differential status updates from a single source, or server, to a plurality of user devices.

A data transmission method for the transmission of information between a server and at least one authenticated device, and in particular it is directed to a method for transmitting a set of data with a tree configuration over a computer network sending differential status updates from a single source, or server, to a plurality of user devices.

One example method includes reading, at an air-gapped system, a code provided by a control system, and the code includes a message containing instructions from the control system to the air-gapped system, checking, by the air-gapped system, the message to determine if the message includes a command executable by the air-gapped system, and when the message identifies a command executable by the air-gapped system, and the command is included in a list of authorized commands, executing, by the air-gapped system, the command.

One example method includes reading, at an air-gapped system, a code provided by a control system, and the code includes a message containing instructions from the control system to the air-gapped system, checking, by the air-gapped system, the message to determine if the message includes a command executable by the air-gapped system, and when the message identifies a command executable by the air-gapped system, and the command is included in a list of authorized commands, executing, by the air-gapped system, the command.

Systems and methods for providing user-controlled access to prescribed medications are provided. A cloud-based prescription database includes prescriptions, each associated with a unique patient identifier, locations of pharmacies, and available stock for the pharmacies. A unique patient identifier is received from a user device and the related prescriptions are retrieved from the database and displayed for user selection. Pharmacies which are geographically proximate to a location of the given user device which report availability of the medication associated with the user selected prescription are displayed at a map at the given user device.

An automated teller machine (ATM) may include an input component and one or more processors. The input component may be configured to detect multi-factor input associated with an account. The multi-factor input may include at least two of: a sequence of characters input via the input component, a force with which at least one character, of the sequence of characters, is input via the input component, a length of time over which at least one character, of the sequence of characters, is input via the input component, or a combination of at least two characters, of the sequence of characters, that are input concurrently via the input component. The ATM may receive the multi-factor input, validate the multi-factor input in association with the account, and selectively permit or deny access to one or more actions associated with the account based on validating the multi-factor input.

An automated teller machine (ATM) may include an input component and one or more processors. The input component may be configured to detect multi-factor input associated with an account. The multi-factor input may include at least two of: a sequence of characters input via the input component, a force with which at least one character, of the sequence of characters, is input via the input component, a length of time over which at least one character, of the sequence of characters, is input via the input component, or a combination of at least two characters, of the sequence of characters, that are input concurrently via the input component. The ATM may receive the multi-factor input, validate the multi-factor input in association with the account, and selectively permit or deny access to one or more actions associated with the account based on validating the multi-factor input.