Techniques are described for securely managing computing resources in a computing environment comprising a computing service provider and a remote computing network. The remote computing network includes computing and network devices configured to extend computing resources of the computing service provider to remote users of the computing service provider. The network devices include a trusted network device that includes a root of trust. The trusted network device detects that a new device is communicatively coupled to a port on the trusted network device. The trusted network device determines that the new device is not authorized to access computing resources at the remote computing network. The port is isolated at the trusted network device.

A Cloud Access Security Broker (CASB) system includes a controller; a message broker connected to the controller; and a plurality of workers connected to the message broker and connected to one or more cloud providers having a plurality of files contained therein for one or more tenants, wherein the plurality of workers are configured to crawl through the plurality of files for the one or more tenants, based on policy and configuration for the one or more tenants provided via the controller, and based on assignments from the message broker. The plurality of workers can be further configured to cause an action in the one or more cloud providers based on the crawl and based on the policy and the configuration. The action can include any of allowing a file, deleting a file, quarantining a file, and providing a notification.

A publish and subscribe architecture can be utilized to manage records, which can be used to accomplish the various functional goals. At least one template having definitions for managing production and consumption of data within an unconfigured group of computing resources is maintained. Records organized by topic collected from multiple disparate previously configured producers are utilized to initiate configuration of the unconfigured group of computing resources. Records within a topic are organized by a corresponding topic sequence. A first portion of the computing resources are configured as consumers based on the at least one template. The consumers to consume records at a pace independent of record production. A second portion of the computing resources are configured as producers based on the at least one template. The producers to produce records at a pace independent of record consumption.

Network circuitry authorizes User Equipment (UEs) for wireless services from wireless networks. The network circuitry stores lists of network identifiers that are associated with UE types. The network circuitry receives an authorization request that indicates a network identifier and a UE type. The UE type comprises model, operating system, user application, and/or radio frequency. The network circuitry retrieves a networks list for the UE type and compares the network identifier from the authorization request to the network identifiers on the network list. The authorization circuitry authorizes the UE responsive to a match between the network identifier from the authorization request and a network identifier on the network list.

A method and processing system for managing user access to one or more resources is disclosed. A central service may receive an access change request message regarding a user. The access change request message may include a user identifier, a user role, and an access action for the user. Example access actions may include adding or removing user access with respect to a resource. The central service may determine which resources are associated with the user role and transmit one or more event messages to the resources to implement the access actions. The resources may send acknowledgement messages to the central service to confirm that the access actions have been completed.

A network controller (102) for granting a device and/or an application (120) access rights to at least one device of a set of devices (112, 130) is disclosed. The set of devices (112, 130) comprises a controllable device (130) and a control device (110), wherein the control device (110) comprises a user input element (112) configured to receive a user input, and wherein the control device (110) is configured to generate an input signal (114) based on the received user input. The network controller (102) comprises a communication unit (104) configured to receive an access request signal (124) from the device and/or the application (120), and to receive the input signal (114) from the control device (110), and a processor (106) configured to switch, upon receipt of the access request signal (124), the network controller (102) from a control mode to a configuration mode, wherein the processor (106) is configured to control, if the network controller (102) is in the control mode, the controllable device (130) based on the input signal (114), wherein the processor (106) is configured to grant, if the network controller (102) is in the configuration mode, the access rights to the device and/or the application (120) upon receipt of the input signal (114).

A messaging system for exchanging messages between nodes in a network via a broker that uses a publish-subscribe message protocol, which nodes have object identifications (IDs). Messages between the nodes are routed using the object IDs of the nodes. Secure communication is provided using authentication according to digital certificates being used as first and second tiers by a commissioning broker and a data broker, respectively, in which the second tier certificate used by the data broker has a shorter lived expiration time.

Systems and methods for multi-attendee video conferencing are described. A system can convert from huddle video conference mode to spatial video conference mode. In particular, by assigning user roles, specific users can have greater control of the video conference as compared to other users. For instance, moderators may have a greater level of control of the video conferencing system. Thus, in example implementations of the present disclosure, specific users can affect transition between two or more video conferencing modes, such as between a huddle video conference mode and a spatial video conference mode.

Systems and methods for multi-attendee video conferencing are described. A system can convert from huddle video conference mode to spatial video conference mode. In particular, by assigning user roles, specific users can have greater control of the video conference as compared to other users. For instance, moderators may have a greater level of control of the video conferencing system. Thus, in example implementations of the present disclosure, specific users can affect transition between two or more video conferencing modes, such as between a huddle video conference mode and a spatial video conference mode.

Managing security access in real-time to a computer system using control lists includes detecting a security event at a computer system. The security event is analyzed including an analysis of a historical corpus having historical data of security events. An access control list is generated based on the security event. A determination is made when the security event includes abnormal behavior based on the analysis of the security event and the historical corpus. The security event is published to a monitoring system for controlling access to the computer system, in response to the security event.