Some embodiments provide a local controller on a set of host computers that reduce the volume of data that is communicated between the server set and the set of host computers. The local controller executing on a particular host computer, in some embodiments, receives a portion of the namespace including only the policies (e.g., opcode) that are relevant to API-authorization processing for the applications executing on the particular host computer provided by a local agent executing on the computer to authorize the API requests based on policies and parameters. The local controller analyzes the received policies (e.g., policy opcodes) and identifies the parameters (e.g. operands), or parameter types, needed for API-authorization processing (e.g., evaluating the policy opcode upon receiving a particular API request) by the local agent. In some embodiments, the local controller performs this analysis for each updated set of policies (e.g., policy opcodes).

In one embodiment, a method comprises: receiving, by a secure executable container executed by a network device, a request initiated by a user for a community forum in a secure data network, the user having generated the request via an endpoint device and the user having established a two-way trusted relationship with the endpoint device in the secure data network; processing, by the secure executable container, the request for the community forum in the secure data network, the processing including causing a network device executing a community server to post the community forum in the secure data network according to identifiable features selected by the user; and preventing, by the secure executable container, any executable resource in the network device from accessing the secure data network without authorized access via a prescribed Application Programming Interface (API) required by the secure executable container.

An apparatus and method for providing ML processing for one or more ML applications operating on one or more Internet of Things (IoT) devices includes receiving a ML request from an IoT device. The ML request can be generated by a ML application operating on the IoT device and include input data collected by the first ML application. A ML model to perform ML processing of the input data included in the ML request is identified and provided to an ML core for ML processing along with the input data included in the first ML request. The ML core produces ML processing output data based on ML processing by the ML core of input data included in the ML request using the ML model. The ML processing output data can be transmitted to the IoT device.

A method of traffic reduction in a mesh computing system (400), the mesh computing system (400) comprising hosts located on edge nodes of the mesh computing system (400) and a central registry located outside the mesh computing system (400), the central registry holding the images. The method comprises, at a first host located at a first edge node, receiving (920) a request from a client for an image, sending (930) a request for the image to at least one other host of the mesh computing system (400). When the first host receives (940) notification that at least a second host holds the image, the first host downloads (960) the image from the second host to the first host. The first host creates (970) a container from the image. A host at a node (636; 700) and a mesh computing system (400) are also provided.

A method of hosting a single page application incudes hosting, at an application programming interface (API) module of a server, the single page application as a first API operation by providing code to a client device to enable rendering of a page at the client device as a user interface presentation.

Various example embodiments for supporting device telemetry control are presented. Various example embodiments may provide a customer of a device, which is monitoring the device based on device telemetry whereby the device exposes device data of the device based on device telemetry control information of the device such that the data of the device may be accessed by the customer, with control over device telemetry of the device. Various example embodiments may provide a customer, which may access device data of a device based on device telemetry supported by the device, with additional control over access to the device data of the device via device telemetry by providing the customer with control over the device telemetry including enabling the customer to insert customer device telemetry control information into the device telemetry control information of the device that controls device telemetry on the device.

Described embodiments provide for routing remote application data. A device can receive a request to access an application. The application can be provided by data centers and accessible via service providers. The device can select a data center from the plurality of data centers and a service provider based at least on a metric indicative of a connection between the data center and the service provider. The device can query a database including one or more connection metrics using the application identified in the request and a location of a router transmitting the request. The device can determine the location of the router based on an internet protocol (IP) address of a client communicably coupled to the router. The device can transmit a response to the request identifying the selected data center and the selected service provider.

Various example embodiments for providing device application support are presented. In at least some example embodiments, device application support may be configured to support device programmability. In at least some example embodiments, device application support may be configured to support device programmability for enabling a customer that operates a device to develop a customer application for the device and to run the customer application on the device. In at least some example embodiments, device application support may be provided in a manner for enabling a customer to develop and run a customer application for a device without a need for the customer to use a software development kit (SDK) to develop the customer application.

Systems and methods for managing Application Programming Interfaces (APIs) are disclosed. Systems may involve automatically generating a honeypot. For example, the system may include one or more memory units storing instructions and one or more processors configured to execute the instructions to perform operations. The operations may include receiving, from a client device, a call to an API node and classifying the call as unauthorized. The operation may include sending the call to a node-imitating model associated with the API node and receiving, from the node-imitating model, synthetic node output data. The operations may include sending a notification based on the synthetic node output data to the client device.

A computing system includes a processing device and a memory device configured to store an Application Programming Interface (API) and computer software. The computer software has a plurality of software components configured to enable the processing device to utilize internal data for performing a plurality of functions. The API is configured to define interactions between the software components and is further configured to define access constraints with respect to the computing system. The access constraints are configured to restrict access by an end user associated with the computing system with respect to the internal data and software components. Also, the computer software is configured to adjust the access constraints of the API.