Techniques are disclosed relating to time synchronization in a network. In some embodiments, an apparatus includes a first circuit having a first clock configured to maintain a local time value for a node coupled to a network. The first circuit is configured to send a first message to a second circuit. The first message includes a first nonce. The second circuit has a second clock that maintains a reference time value for the network. The first circuit receives a second message from the second circuit, the second message including a second nonce and is associated with a timestamp identifying the reference time value. The first circuit compares the first nonce to the second nonce to determine whether the timestamp is valid and, in response to determining that the timestamp is valid, uses the timestamp to synchronize the first clock with the second clock.

A method synchronizes frame counters for protecting data transmissions between a first end-device and a second end-device. The data, in particular data frames, are transferred between the first end-device and the second end-device. The data frames are provided with frame counters to protect the data transfer between the first end-device and the second end-device. The second end-device sends a first data frame to the first end-device. The first data frame contains a marker in its payload data. The first end-device sends back a second data frame as an answer to the second end-device. The second data frame contains a frame counter in the header data, and the second data frame contains the frame counter and the marker in its payload data.

Examples of the present disclosure are directed to systems and methods for using router identifier information to mitigate denial of service attacks in an autonomous system (AS). Each router of the AS may be assigned a router identifier (ID) that is unique to the AS and may be periodically changed. The ingress router first receiving the packet within a particular AS may insert its router ID into the packet. A threat intelligence system may sample packets of traffic received by the AS and examine the inserted ingress router IDs in making a threat determination. If a distribution of detected ingress router IDs from sampled packets does not match an expected distribution of ingress router IDs, one or more threat mitigation actions may be invoked.

One or more embodiments of the present disclosure relate to receiving application data indicative of a plurality of runnables corresponding to a computing application. Additionally, one or more embodiments may relate to generating, based at least on the application data, an execution schedule for execution of the plurality of runnables using a plurality of compute engines. The execution schedule may include one or more commands corresponding to one or more timing fences. The one or more timing fences may dictate a timing and order of execution between at least a first runnable and a second runnable of the plurality of runnables.

One or more embodiments of the present disclosure relate to identifying, based on application data associated with a computing application that includes a set of runnables, a plurality of scheduling branches associated with scheduling execution of at least a subset of runnables of the set of runnables. Further, one or more embodiments relate to selecting a scheduling branch from the plurality of scheduling branches based at least on a coupling constraint that is applied to related runnables of at least the subset of runnables. The related runnables may include a first runnable that is designated for execution on a first compute engine and that triggers execution of a second runnable on a second compute engine. In addition, one or more embodiments may relate to determining an execution schedule of the set of runnables based at least on the scheduling branch.

One or more embodiments of the present disclosure relate to executing, by a plurality of compute engines, a plurality of runnables of a computing application based at least on an execution schedule and a set of commands associated with the execution schedule. The execution schedule may be generated using a compiling system to include the set of commands. The set of commands may include one or more individual commands corresponding to one or more timing fences dictating a timing and order of execution of one or more individual runnables of the plurality of runnables.

The present disclosure provides various embodiments of systems and methods to securely authenticate a user. More specifically, the present disclosure provides embodiments of multi-factor authentication methods that improve both security and user convenience by using trusted secondary devices or peripherals (hereinafter “trusted devices”) to provide additional authentication factor(s) for verifying user presence/identity after an initial authentication factor has been used to verify user presence/identity. Unlike conventional multi-factor authentication methods, the additional authentication factor(s) provided by the trusted devices do not require user input or intervention.

A method includes detecting a memory error associated with a memory device of a storage unit of a set of storage units that is storing a set of encoded data slices, the storage unit services encoded data slice access messages from a processing unit, and the detecting occurs while attempting to access one or more of: a read threshold number (R) of encoded data slices, a decode threshold number (D) of encoded data slices needed to reconstruct the data segment, or a write threshold number (W) indicating a number of encoded data slices that must be accurately stored. The method further includes identifying an error descriptor code based on the detected memory error. The method further includes determining to perform an action based on the error descriptor code and executing the action to produce an action result.

A system for monitoring actual access to data elements in an enterprise computer network and providing associated data, the system including an at least near real time data element audit subsystem providing audit output data including at least one of a time stamp, identification of an accessor, user depository stored data regarding the accessor, accessed data element data, affected data element data, type of access operation, source IP address of access and access outcome data, in at least near real time, relating to actual access to data elements in the enterprise computer network, and an additional data providing subsystem receiving in at least near real time at least a part of the audit output data and utilizing the at least part of the audit output data for providing additional data which is not part of the audit output data.

Techniques are disclosed relating to time synchronization in a network. In some embodiments, an apparatus includes a first circuit having a first clock configured to maintain a local time value for a node coupled to a network. The first circuit is configured to send a first message to a second circuit. The first message includes a first nonce. The second circuit has a second clock that maintains a reference time value for the network. The first circuit receives a second message from the second circuit, the second message including a second nonce and is associated with a timestamp identifying the reference time value. The first circuit compares the first nonce to the second nonce to determine whether the timestamp is valid and, in response to determining that the timestamp is valid, uses the timestamp to synchronize the first clock with the second clock.