Systems, methods, and software described herein enhances how security actions are implemented within a computing environment. In one example, a method of implementing security actions for a computing environment comprising a plurality of computing assets includes identifying a security action in a command language for the computing environment. The method further provides identifying one or more computing assets related to the security action, and obtaining hardware and software characteristics for the one or more computing assets. The method also includes translating the security action in the command language to one or more action procedures based on the hardware and software characteristics, and initiating implementation of the one or more action procedures in the one or more computing assets.

An instrumentation analysis system processes data streams by executing instructions specified using a data stream language program. The data stream language allows users to specify a search condition using a find block for identifying the set of data streams processed by the data stream language program. The set of identified data streams may change dynamically. The data stream language allows users to group data streams into sets of data streams based on distinct values of one or more metadata attributes associated with the input data streams. The data stream language allows users to specify a threshold block for determining whether data values of input data streams are outside boundaries specified using low/high thresholds. The elements of the set of data streams input to the threshold block can dynamically change. The low/high threshold values can be specified as data streams and can dynamically change.

Systems and methods for service deployment are disclosed herein. Certain implementations may include a memory encoded with computer executable instructions that when executed cause a processing unit to operate a service deployment engine and use consistent APIs both (a) internally via a package API when consuming deployment packages in order to expose them, and (b) externally via a service API when exposing available packages and services to the outside world or enterprise server. By doing so, calling applications can depend on the consistency of the service API engine while the enterprise server itself can reliably consume and interact with a dynamic set of packages organized in a consistent and predictable way. The service deployment engine may be configured to act as a dynamic library loader to interrogate, deploy, start/stop, and/or uninstall packages and services in real time. The packages and services may all implement the same package API.

The disclosure provides a method and apparatus for processing search data. For a historical search query that includes a knowledge requirement, the disclosure mines entity information for the historical search query and uses that as an answer recommended to users. Thus, the accuracy of entity information recommended to users is improved, and the current problem of poor search results for a historical search query that includes a knowledge requirement is solved.

A data processing method, having an index cache structure specified to a transaction in a mobile DBMS environment, comprising: recording only information on whether data is deleted/inserted on the an index cache without changing original index data while an inquiry process is progressed in response to a request to insert or delete data from an inquiry processor; and performing a change on data by changing the original index based on whether data recorded on the index cache upon a transaction commit is deleted.

A database security system protects a data table at both the column level and the individual data record level. Access to data records within the data table is governed by categories assigned to data records, by user roles assigned to users, and by a set of security access tables. A first access table maps data record identifiers to data record categories, data record protection schemes, and corresponding scheme keys. A second access table maps user roles to data record categories. A third access table maps column identifiers to column protection schemes and corresponding scheme keys. A fourth access table maps user roles to column identifiers. If a user requests access to a data record, the security access tables are queried using the data record identifier, the associated column identifier, and the user roles associated with the user to determine if the user can access the requested data record.

A networked database management system (DBMS) is disclosed. The DBMS may include a computer accessible data storage including a database, an access control module, a communication module, and a matching module. The database may be remotely located from a plurality of user nodes and a plurality of venue nodes. The remote database may include a plurality of records, wherein the records comprise: user node data, venue node data, and transaction data. The communication module may be in data communication with the data storage and may be configured to receive user node data and venue node data for storage in the database and query requests to retrieve user node data and venue node data from the database.

A machine learning image processing system performs natural language processing (NLP) and auto-tagging for an image matching process. The system facilitates an interactive process, e.g., through a mobile application, to obtain an image and supplemental user input from a user to execute an image search. The supplemental user input may be provided from a user as speech or text, and NLP is performed on the supplemental user input to determine user intent and additional search attributes for the image search. Using the user intent and the additional search attributes, the system performs image matching on stored images that are tagged with attributes through an auto-tagging process.

A file server apparatus includes a second file system volume including cache data of a first file system volume stored in a shared file storage apparatus. The file server apparatus determines the operation type indicated by an access request to the first file system volume from a client. When the operation type is directory operation, the file server sends an instruction of directory operation to the shared file storage apparatus, and then transmits a completion response to the client. When the operation type is file operation, the file server apparatus executes a file operation in the second file system volume, transmits a completion response to the client, and then transmits a file operation instruction to the shared file storage apparatus.

An anonymization processing device that anonymizes input data and outputs anonymized output data, includes an input unit configured to receive the input data; a processing unit configured to anonymize the input data, to generate anonymized data corresponding to the input data that has been anonymized; a first storage unit configured to store the anonymized data; and an output unit configured, in a case where a plurality of anonymized data items stored in the first storage unit satisfy an anonymity index, to generate and output a plurality of output data items corresponding to the anonymized data items, respectively, and to delete the anonymized data items from the first storage unit.