Described herein are systems and methods for end user connection load balancing amongst multiple on-premise connector proxies deployed across geographic locations and reducing connection setup latency without using a shared or distributed database. The system can load balance connections deterministically amongst the on-premise connector proxies using load statistics. The system utilizes an intelligent DNS service that can use network experience data, service availability, and application metrics to provide sophisticated traffic management via DNS or API-based decisions. The system can include a domain name system (DNS) resolver configured to receive metrics for a first connector and a second connector of a data center of an entity, receive a DNS request including an entity identifier and a data center identifier; and transmit a response to the DNS request identifying a server selected based on the metrics identified using the entity identifier and the data center identifier.

A method for applying or overriding preferred locality criteria in processing NF discovery requests includes, at an NRF including at least one processor, maintaining an NF profiles database including NF profiles of producer NFs registered to provide service to other NFs, receiving, from an NF, an NFDiscover request including a preferred-locality attribute or lacking a preferred-locality attribute, accessing the NF profiles database to identify NF profiles of producer NFs capable of providing a service indicated by query parameters in the NFDiscover request, generating an NFDiscover response including the NF profiles identified as capable of providing the service indicated by the query parameters in the NFDiscover request, prioritizing the NF profiles in the NFDiscover response in a manner that overrides the preferred-locality attribute in the NFDiscover request or applies a preferred locality attribute selected by the NRF, and transmitting the NFDiscover response to the NF that transmitted the NFDiscover request.

A method for applying or overriding a preferred-locality attribute during network function (NF) discovery includes, at a service communications proxy (SCP) or security edge protection proxy (SEPP) including at least one processor, receiving, from an NF, an NF discovery request including a preferred-locality attribute or lacking a preferred-locality attribute. The method further includes selecting, by the SCP or SEPP, a value for the preferred-locality attribute for the NF discovery request. The method further includes inserting, by the SCP or SEPP, the value for the preferred-locality attribute into the NF discovery request. The method further includes transmitting, by the SCP or SEPP, the NF discovery request to a network function repository function (NRF).

Aspects described herein relate to methods, devices and systems that allow for a client device, as part of a remote access or cloud-based network environment, to map external user identities to desktops and applications. Local user accounts can be dynamically generated on a virtual delivery agent. A mapping of the local user account to an external identity can be secured using signed tokens and maintained by a broker machine that allocates resources for the deployment of particular applications to the client device from the virtual delivery agent. This allows for the removal of any dependency on an Active Directory for maintaining user identities or federated sign-on services, greatly simplifying the management of user identities within the system and allowing for greater compatibility across client devices.

The disclosure herein describes handling tokenization requests associated with electronic transactions at a payment network at a throttled processing rate. Tokenization requests are received by tokenization stream brokers from request sources. The tokenization requests include primary account numbers (PANs) to be tokenized. The tokenization requests are then consumed from the tokenization stream brokers, at a request storage rate, for storage in a request data store. Tokenization operations are then performed, at a request processing rate, based on the tokenization requests stored in the request data store. The tokenization operations include providing at least the primary account numbers to be tokenized to issuers associated with the tokenization requests at issuer tokenization rates associated with the issuers, whereby the request processing rate is throttled for compatibility with capabilities of the system and the issuers without unnecessary limitations placed on request sources.

An information processing apparatus including: a memory; and a processor coupled to the memory, the processor being configured to: in a network coupling a plurality of storage nodes, at least one proxy, and at least one client; collect information of accesses executed most by the at least one client via the at least one proxy on a path of each access; based on the information of accesses, calculate network distances between the plurality of storage nodes and the at least one proxy; and based on the network distances, determine a leader to be one of the plurality of storage nodes that is close to one of the at least one proxy accessed most frequently.

Disclosed are various examples for enrollment of gateway enrollment for Internet-of-Things (IoT) device management. In one example, the gateway device transmits an enrollment request to a management service. The enrollment request includes enrollment credentials that are entered through a user interface. The gateway device receives gateway credentials that authenticate communications with a management service. Subsequent communications transmitted from the gateway device to the management service are authenticated using the gateway credentials.

A remote node device including a hardware layer, a hardware abstraction layer, and a software stack operating on the hardware abstraction layer. The software stack including an open-source cloud-based operating system integrated with a service provider defined abstraction layer configured to coordinate functionality of the software stack, virtualized software components such as a virtualized Converged Cable Access Platform (vCCAP) implemented in docker containers where the vCCAP is configured to command and control the remote node device with respect to a customer premise equipment. The software layer of the remote node device includes different types of YANG data models for model-driven management and model-driven telemetry from the remote node device and a customer premise equipment to a service provider back-office system.

A remote node device including a hardware layer, a hardware abstraction layer, and a software stack operating on the hardware abstraction layer. The software stack including an open-source cloud-based operating system integrated with a service provider defined abstraction layer configured to coordinate functionality of the software stack, virtualized software components such as a virtualized Converged Cable Access Platform (vCCAP) implemented in docker containers where the vCCAP is configured to command and control the remote node device with respect to a customer premise equipment. The software layer of the remote node device includes different types of YANG data models for model-driven management and model-driven telemetry from the remote node device and a customer premise equipment to a service provider back-office system.

The present disclosure is directed to a scalable, extensible, fault-tolerant system for stateful joining of two or more streams that are not fully synchronized, event ordering is not guaranteed, and certain events arrive a bit late. The system can ensure to combine the events or link the data in near real-time with low latency to mitigate impacts on downstream applications, such as ML models for determining suspicious behavior. Apart from combining events, the system can ensure to propagate the needed entities to other product streams or help in entity resolution. If any of the needed data is yet to arrive, a user can configure a few parameters to achieve desired eventual and attribute consistency. The architecture is designed to be agnostic of stream processing framework and can work well with both streaming and batch paths.