Patents Examined by Anthony Brown
-
Patent number: 9608808Abstract: There is provided a mobile terminal for use in a system which includes a backend server having a first encryption key and an onboard unit (OBU). A first receiving unit receives, from the backend server, a base shared key encrypted with a second encryption key, the base shared key encrypted with the first encryption key, and a digital signature. A deriving unit decrypts the base shared key with the second encryption key and derives first authentication information based on the base shared key and a first temporary parameter. A second sending unit sends, to the OBU, the base shared key encrypted with the first encryption key, the digital signature, the first authentication information, identification information of the base shared key, and the first temporary parameter.Type: GrantFiled: March 14, 2013Date of Patent: March 28, 2017Assignee: Telefonaktiebolaget LM Ericsson (publ)Inventors: Shingo Murakami, Takeshi Matsumura, Toshikane Oda, Shinta Sugimoto
-
Patent number: 9602542Abstract: A security-function-design support device is provided.Type: GrantFiled: July 18, 2013Date of Patent: March 21, 2017Assignee: NEC CorporationInventor: Yuki Ashino
-
Patent number: 9596252Abstract: A disclosed computer-implemented method includes receiving and indexing the raw data. Indexing includes dividing the raw data into time stamped searchable events that include information relating to computer or network security. Store the indexed data in an indexed data store and extract values from a field in the indexed data using a schema. Search the extracted field values for the security information. Determine a group of security events using the security information. Each security event includes a field value specified by a criteria. Present a graphical interface (GI) including a summary of the group of security events, other summaries of security events, and a remove element (associated with the summary). Receive input corresponding to an interaction of the remove element. Interacting with the remove element causes the summary to be removed from the GI. Update the GI to remove the summary from the GI.Type: GrantFiled: February 29, 2016Date of Patent: March 14, 2017Assignee: Splunk Inc.Inventors: John Coates, Lucas Murphey, David Hazekamp, James Hansen
-
Patent number: 9595051Abstract: Embodiments facilitate confidential and secure sharing of anonymous user profile data to improve the delivery of customized content. Embodiments of the invention provide a data appliance to an entity such as a business to convert profile data about the business's customers into anonymous identifiers. A similar data appliance is provided to a content provider in one embodiment to generate identifiers for its user profile data. Because the anonymous identifiers are generated with the same anonymization method, identical identifiers are likely generated from profile data of the same users. Therefore, the identifiers can be used to anonymously match the customers of the business to the users of the content provider. Therefore, data can be shared to improve customized content such as advertisements that the business wishes to place with the content provider without requiring the business to disclose customer data in an unencrypted form, and any non-matched data can remain confidential.Type: GrantFiled: February 20, 2015Date of Patent: March 14, 2017Assignee: Experian Marketing Solutions, Inc.Inventors: Brian Stack, Andrew Lientz, Simon Chamberlain, Yacine Abdous, Ray Kahn
-
Patent number: 9591024Abstract: A data selection method for reducing the decoding computational complexity of a vehicle-to-X communication system. The communication unit is used to transmit and receive vehicle-to-X messages, wherein the vehicle-to-X messages each include at least one useful data portion and at least one header data portion, wherein the at least one header data portion in each case is transmitted in uncoded form, and wherein the at least one useful data portion in each case is transmitted in coded form. The received vehicle-to-X messages are weighted into at least two categories on the basis of the at least one header data portion in each case, wherein the at least one useful data portion in each case is decoded on the basis of the weighting.Type: GrantFiled: July 4, 2012Date of Patent: March 7, 2017Assignee: CONTINENTAL TEVES AG & CO. OHGInventors: Ulrich Stählin, Richard Scherping
-
Patent number: 9590959Abstract: A distributed computing environment utilizes a cryptography service. The cryptography service manages keys securely on behalf of one or more entities. The cryptography service is configured to receive and respond to requests to perform cryptographic operations, such as encryption and decryption. The requests may originate from entities using the distributed computing environment and/or subsystems of the distributed computing environment.Type: GrantFiled: February 12, 2013Date of Patent: March 7, 2017Assignee: AMAZON TECHNOLOGIES, INC.Inventors: Gregory Branchek Roth, Matthew James Wren, Eric Jason Brandwine, Brian Irl Pratt
-
Patent number: 9576155Abstract: A trusted computing host is described that provides various security computations and other functions in a distributed multitenant and/or virtualized computing environment. The trusted host computing device can communicate with one or more host computing devices that host virtual machines to provide a number of security-related functions, including but not limited to boot firmware measurement, cryptographic key management, remote attestation, as well as security and forensics management. The trusted computing host maintains an isolated partition for each host computing device in the environment and communicates with peripheral cards on host computing devices in order to provide one or more security functions.Type: GrantFiled: September 28, 2015Date of Patent: February 21, 2017Assignee: Amazon Technologies, Inc.Inventors: Nachiketh Rao Potlapally, Michael David Marr, Eric Jason Brandwine, Donald Lee Bailey, Jr.
-
Patent number: 9578034Abstract: A trusted peripheral device can be utilized with an electronic resource, such as a host machine, in order to enable the secured performance of security and remote management in the electronic environment, where various users might be provisioned on, or otherwise have access to, the electronic resource. The peripheral can have a secure channel for communicating with a centralized management system or service, whereby the management service can remotely connect to this trusted peripheral, using a secure and authenticated network connection, in order to run the above-described functionality on the host to which the peripheral is attached.Type: GrantFiled: January 28, 2016Date of Patent: February 21, 2017Assignee: Amazon Technologies, Inc.Inventors: Nachiketh Rao Potlapally, Michael David Marr
-
Patent number: 9578016Abstract: Systems and techniques are described for optimizing secure communications. Specifically, a first intermediary and a second intermediary can split-terminate a secure connection handshake or a handshake renegotiation between two computing devices. The first and second intermediaries can then optimize secure communications between the two computing devices.Type: GrantFiled: July 17, 2014Date of Patent: February 21, 2017Assignee: RIVERBED TECHNOLOGY, INC.Inventor: Paras Shah
-
Patent number: 9563782Abstract: In an embodiment, a method includes receiving a request from a controlling user to publish particular content. The method also includes determining at least one topic of the particular content. The method further includes allowing the controlling user to select need-to-know criteria, the need-to-know criteria comprising one or more thresholds relating to a prevalence of the at least one topic in logged conversations of a requesting user. In addition, the method includes allowing a controlling user to select a trust threshold, wherein the trust threshold relates, at least in part, to a quantitative analysis of logged behavior of a requesting user on the communications platform. Further, the method includes generating based, at least in part, on the need-to-know criteria and the trust threshold, a self-service access policy for the particular content. Also, the method includes activating the self-service access policy as to the particular content.Type: GrantFiled: April 10, 2015Date of Patent: February 7, 2017Assignee: Dell Software Inc.Inventors: Michel Albert Brisebois, Curtis T. Johnstone, Olivier Le Rudulier
-
Patent number: 9563748Abstract: Provided is a technology for improving the efficiency and the accuracy of data security. To this end, protection information provided to data is maintained correct even when it becomes necessary to change the necessity/non-necessity to protect the data depending on the content of a process performed on the data. More specifically, primitive data with protection attributes set thereon is read as the original data, and an operation is performed on the original data to generate derived data. Then, whether to make the derived data inherit the protection attributes of the original data is determined on the basis of a content of the operation performed on the original data.Type: GrantFiled: March 20, 2014Date of Patent: February 7, 2017Assignee: HITACHI, LTD.Inventors: Takaaki Haruna, Nobuaki Kohinata
-
Patent number: 9560065Abstract: A system, apparatus, computer-readable medium, and computer-implemented method are provided for detecting anomalous behavior in a network. Historical parameters of the network are determined in order to determine normal activity levels. A plurality of paths in the network are enumerated as part of a graph representing the network, where each computing system in the network may be a node in the graph and the sequence of connections between two computing systems may be a directed edge in the graph. A statistical model is applied to the plurality of paths in the graph on a sliding window basis to detect anomalous behavior. Data collected by a Unified Host Collection Agent (“UHCA”) may also be used to detect anomalous behavior.Type: GrantFiled: March 14, 2013Date of Patent: January 31, 2017Assignee: Los Alamos National Security, LLCInventors: Joshua Charles Neil, Michael Edward Fisk, Alexander William Brugh, Curtis Lee Hash, Jr., Curtis Byron Storlie, Benjamin Uphoff, Alexander Kent
-
Patent number: 9558349Abstract: Procedures are described for enhancing target system execution integrity determined by power fingerprinting (PFP): by integrating PFP into the detection phase of comprehensive defense-in-depth security; by deploying a network of PFP enabled nodes executing untrusted devices with predefined inputs forcing a specific state sequence and specific software execution; by embedding module identification information into synchronization signaling; by combining signals from different board elements; by using malware signatures to enhance PFP performance; by automatic characterization and signature extraction; by providing secure signature updates; by protecting against side-channel attacks; performing real-time integrity assessment in embedded platform by monitoring their dynamic power consumption and comparing it against signatures from trusted code, including pre-characterizing power consumption of the platform by concentrating on trace sections carrying the most information about the internal execution status; by uType: GrantFiled: November 24, 2015Date of Patent: January 31, 2017Assignee: Virginia Tech Intellectual Properties, Inc.Inventors: Jeffrey H. Reed, Carlos R. Aguayo Gonzalez
-
Patent number: 9558350Abstract: Procedures are described for enhancing target system execution integrity determined by power fingerprinting (PFP): by integrating PFP into the detection phase of comprehensive defense-in-depth security; by deploying a network of PFP enabled nodes executing untrusted devices with predefined inputs forcing a specific state sequence and specific software execution; by embedding module identification information into synchronization signaling; by combining signals from different board elements; by using malware signatures to enhance PFP performance; by automatic characterization and signature extraction; by providing secure signature updates; by protecting against side-channel attacks; performing real-time integrity assessment in embedded platform by monitoring their dynamic power consumption and comparing it against signatures from trusted code, including pre-characterizing power consumption of the platform by concentrating on trace sections carrying the most information about the internal execution status; by uType: GrantFiled: November 24, 2015Date of Patent: January 31, 2017Assignee: Virginia Tech Intellectual Properties, Inc.Inventors: Jeffrey H. Reed, Carlos R. Aguayo Gonzalez
-
Patent number: 9553854Abstract: A distributed computing environment utilizes a cryptography service. The cryptography service manages keys securely on behalf of one or more entities. The cryptography service is configured to receive and respond to requests to perform cryptographic operations, such as encryption and decryption. The requests may originate from entities using the distributed computing environment and/or subsystems of the distributed computing environment.Type: GrantFiled: February 12, 2013Date of Patent: January 24, 2017Assignee: AMAZON TECHNOLOGIES, INC.Inventors: Gregory Branchek Roth, Matthew James Wren, Eric Jason Brandwine, Brian Irl Pratt
-
Patent number: 9554278Abstract: A relay apparatus detects a request, sent from a communication apparatus, to grant an access authority for a desired resource, sends, in the case where the request to grant the access authority has been detected, an authorization request requesting the granting of the access authority to a server, receives an authorization response, which is a response to the authorization request, from the server, saves the authorization response, generates an authorization relay response based on the authorization response, and sends the authorization relay response to the communication apparatus, wherein in the case where a request to grant the access authority sent from another communication apparatus different from the communication apparatus has been detected, the relay apparatus sends the authorization relay response in response to the request to the other communication apparatus based on the saved authorization response.Type: GrantFiled: March 11, 2015Date of Patent: January 24, 2017Assignee: CANON KABUSHIKI KAISHAInventor: Akira Yaosaka
-
Patent number: 9553720Abstract: An application that consumes key management information (e.g., keys and certificates) through a conventional keystore API is configured to recognize a new keystore type. In addition, the services of that API are pointed to a management server component associated with a key management protocol (e.g., KMIP), and a client component of the key management protocol is instantiated as a “semi-remote” keystore in association with the application. Once configured to use the new keystore type, the consuming application uses the keystore API in a conventional manner, but calls to the new keystore type are directed to the KMIP client. The client intercepts these calls and then interacts with the KMIP server on behalf of the consuming application, and without the application being aware of the interaction over the KMIP client-server API. This approach enables the consuming application to take advantage of the full benefits provided by the key management protocol transparently.Type: GrantFiled: December 23, 2013Date of Patent: January 24, 2017Assignee: International Business Machines CorporationInventors: Bruce Arland Rich, Gordon Kent Arnold, Thomas Harry Benjamin, John Thomas Peck
-
Patent number: 9548969Abstract: An encryption/decryption method are described, which includes that a terminal performs an encryption operation according to information of an encryption sub-node of an Encrypt And Decrypt Management Object (EADMO) node of a local Device Management (DM) tree and reports to a DM server encrypted data state information generated after the encryption succeeds; and the terminal performs a decryption operation according to the encrypted data state information sent from the DM server. An encryption/decryption system and device are also described. By means of technical solutions of embodiments of the disclosure, operations are simple without causing data loss, and a problem that data of a non-local terminal cannot be encrypted is solved.Type: GrantFiled: August 12, 2013Date of Patent: January 17, 2017Assignee: ZTE CORPORATIONInventor: Jiong Qiu
-
Patent number: 9549319Abstract: A first device wirelessly transmits beacon frames having distinct identifying contents within each. The first device issues a request to a second device to report what beacon frame contents the second device may have received. The second device sends a response to the first device. The first device analyzes the response in view of the beacon frame contents actually sent, the respective radio-frequency broadcast power of the beacon frames, and so on. Based on the analysis, the first device may determine proximity or other information regarding the responsive other device.Type: GrantFiled: June 9, 2014Date of Patent: January 17, 2017Assignee: Amazon Technologies, Inc.Inventors: David George Butler, Richard William Mincher
-
Patent number: 9538383Abstract: Access to femto cell service is managed through access control list(s), or “white list(s).” Such white list(s) can be configured via a networked interface which facilitates access management to a femto cell. White list(s) includes a set of subscriber station(s) identifier numbers, codes or tokens, and can also include additional fields for femto cell access management based on desired complexity. Various interfaces and user profiles are associated with granting different levels of access to requesting UEs.Type: GrantFiled: August 20, 2015Date of Patent: January 3, 2017Assignee: AT&T MOBILITY II LLCInventors: Kurt Donald Huber, Judson John Flynn, William Gordon Mansfield