The present invention is generally directed to securely receiving data input at a computing device without storing the data locally. The invention allows an application, such as a mobile app, to receive payment information (e.g. credit card information) directly from a user without requiring the application to comply with the PA DSS or another standard. The application can employ any type of user interface for receiving user input as well as one or more overlaid input fields that receive sensitive payment information. The overlaid input fields can be part of a web page or other interface that can securely submit data to a remote computer system (e.g. a server) where it can be stored, processed, or transmitted in accordance with the PCI DSS. In this way, the sensitive payment information (or another type of information) is not stored, processed, or transmitted by the application on the local device.

The subject matter described herein relates to methods, systems, and computer readable media for testing network equipment devices using connection-oriented protocols. In some examples, a method for testing a network equipment device under test (DUT) includes executing, by a network equipment test device, a test script to test the network equipment DUT using a connection-oriented protocol. The method includes inserting, during a connection establishment process of the connection-oriented protocol for a network flow to the network equipment DUT, a flow-identifying sequence number into a sequence number field of a first message of the network flow. The flow-identifying sequence number is a number uniquely identifying the network flow from other network flows. The method includes receiving a second message from the network equipment DUT and determining that the second message belongs to the network flow by extracting the flow-identifying sequence number from the second message.

An Internet of Things (IoT) topology analyzer includes an input to passively receive packets exchanged between IoT devices operating within a network and at least one IoT server connected to the network. A processor is coupled to the input and is configured to determine a number of IoT devices operating within the network based on the received packets, with the number of IoT devices used to define an IoT topology of the network.

A method for profiling network traffic. The method includes capturing, from the network traffic using a packet capturing device, a plurality of packets, identifying a first portion of the plurality of packets as a first flow based at least on a common Internet Protocol (IP) address assigned to each packet of the first flow by a network address translation (NAT) device, extracting, by a hardware processor separate from the NAT device and based on an NAT profile of the NAT device, a first data item from the first flow, wherein the first data item is inserted into the first flow by the NAT device for identifying a first host device coupled to the NAT device, and determining, by the hardware processor based on the first data item, that the first flow is generated by the first host device.

A first server comprises: an information request reception unit that receives a request transmitted by a user terminal; an instruction code generating unit that generates a predetermined tag of causing the user terminal to connect to a second server for which a common session ID is to be used, and to receive the common session ID from the second server; an information generating unit that generates a web page that includes the predetermined tag, as a web page that is transmitted to the user terminal in response to the request; and an information transmission unit that transmits, to the user terminal, the common session ID and the generated web page including the predetermined tag.

A method, system, and computer-usable medium are disclosed for: (i) communicating, from a client device to a security device via a metadata connection, metadata regarding a data connection to be established by the client device, the metadata comprising a connection identifier uniquely identifying the data connection; and (ii) communicating, from the client device to the security device via the data connection, network traffic comprising a packet that includes the connection identifier, such that the security device may use the connection identifier to index an entry associated with the metadata that the security device has stored in a metadata cache.

A network device for use with a client device and a cable modem termination system (“CMTS”), the client device being configured to run applications requiring data traffic of a first and second quality of service (“QoS”). The CMTS is configured to provide a first service flow and a second service flow to the network device. The network device provides a local area network (“LAN”) for connection to the client device and a network address translation (“NAT”). The NAT is configured to map the network device IP address to the client device IP address; divide the source ports into a first range and a low latency range; assign the respective data traffic of the applications to at least one port within the first range and to at least one port within the low latency range; and modify the low latency range of source ports based on a change in data traffic.

Methods and systems for cryptographically secured data validation. The system includes a first validator. The first validator is designed and configured to receive a first instance of an immutable sequential data structure containing at least a first digitally signed textual element containing at least a first physical asset transfer field populated with a at least a first physical asset transfer datum and at least a second digitally signed textual element generated by a second validator. The first validator authenticates the first instance of the immutable sequential data structure. The first validator generates at least a second validity indicating a determination by the first validator as to the accuracy of the at least a first physical asset transfer field. The first validator detects a conflict between the at least a first validity flag and the at least a second validity flag. The first validator transmits to the at least a second validator an indication of the conflict.

A computer-implemented method includes receiving an internet protocol address and an identifier for a display and storing the display's internet protocol address and the display's identifier in a viewing record. A device's internet protocol address and a user identifier are received for a request sent by the device to a server. The display's internet protocol address is determined to match the device's internet protocol address and in response the display's identifier is associated with the user identifier. A display identifier in a viewing record and the association between the display's identifier and the user identifier are then used to determine that content listed in the viewing record was viewed by a user represented by the user identifier.

Devices, system and methods build a mesh virtual private network (VPN) in a hybrid cloud cluster having a private and a public cloud with connected network nodes. Each node has an operating system (OS) to discover nodes of the VPN by determining IP addresses and port addresses of the nodes from data received from discovery agents. An internal discovery agent of each of the nodes determines IP addresses and port addresses of the nodes. A node discovery agent located within a node determines IP addresses and port addresses of other nodes. An external discovery agent located outside the cluster determines IP addresses and port addresses of nodes. A VPN configuration data generator of the OS generates VPN configuration data of the clouds using the IP addresses and port addresses. A VPN builder of the OS builds a configuration of the VPN of the hybrid cluster using the VPN configuration data.