Patents Examined by Aubrey Wyszynski
  • Patent number: 9413768
    Abstract: A system for securing and tracking usage of transaction services or computer resources by a client computer from a first server computer, which includes clearinghouse means for storing identity data of the first server computer and the client computer(s); server software means and client software means adapted to forward its identity data and identity data of the client computer(s) to the clearinghouse means at the beginning of an operating session; and a hardware key connected to the client computer, the key being adapted to generate a digital identification as part of the identity data; wherein the hardware key is implemented using a hardware token access system, a magnetic card access system, a smart card access system, a biometric identification access system or a central processing unit with a unique embedded digital identification.
    Type: Grant
    Filed: April 28, 2016
    Date of Patent: August 9, 2016
    Assignee: PRISM TECHNOLOGIES LLC
    Inventors: Richard L. Gregg, Sandeep Giri, Timothy C. Goeke
  • Patent number: 9405915
    Abstract: Methods, apparatus, and systems for characterizing vulnerabilities of an application source code are disclosed. Steps for characterizing vulnerabilities include traversing a representation of the application source code, generating a signature of a potential vulnerability of the application source code, and determining characteristics of the potential vulnerability based on a correlation between the generated signature of the potential vulnerability and previously stored signatures of potential vulnerabilities.
    Type: Grant
    Filed: March 14, 2013
    Date of Patent: August 2, 2016
    Assignee: WHITEHAT SECURITY, INC.
    Inventor: Eric Sheridan
  • Patent number: 9391962
    Abstract: For multi-node encryption, a method generates an upstream node nonce from communication data exchanged with an upstream node. In addition, the method generates a first upstream message transformation as a function of the upstream node nonce. The method further generates a tunnel transformation as a function of previous upstream message transformations and the first upstream message transformation.
    Type: Grant
    Filed: September 29, 2014
    Date of Patent: July 12, 2016
    Assignee: Utah State University
    Inventors: Robert F. Houghton, Jeffrey J. Johnson
  • Patent number: 9374372
    Abstract: Systems and methods are disclosed for providing, generating, and managing profiles. Such systems and methods may be implemented to control access to a function of a web server or site based on a level of trust associated with a user or device profile. According to one exemplary method, session information associated with a request to access a function of a web server is identified. At least one processor determines whether the request is associated with a trusted device profile based on the at least the session information. Access to the requested function is provided when the request is associated with a trusted device profile.
    Type: Grant
    Filed: December 8, 2014
    Date of Patent: June 21, 2016
    Assignee: AOL, INC.
    Inventors: Scott Dorfman, Richard Rodriguez-Val
  • Patent number: 9369469
    Abstract: A system for securing and tracking usage of transaction services or computer resources by a client computer from a first server computer, which includes clearinghouse means for storing identity data of the first server computer and the client computer(s); server software means and client software means adapted to forward its identity data and identity data of the client computer(s) to the clearinghouse means at the beginning of an operating session; and a hardware key connected to the client computer, the key being adapted to generate a digital identification as part of the identity data; wherein the hardware key is implemented using a hardware token access system, a magnetic card access system, a smart card access system, a biometric identification access system or a central processing unit with a unique embedded digital identification.
    Type: Grant
    Filed: November 21, 2014
    Date of Patent: June 14, 2016
    Assignee: PRISM TECHNOLOGIES, L.L.C.
    Inventors: Richard L. Gregg, Sandeep Giri, Timothy C. Goeke
  • Patent number: 9361456
    Abstract: A computing device includes a central processing resource, memory, a network interface, and a security control module. The security control module determines when to change a program of the computing device. When the program is to be changed, the security control module accesses a library of programs that includes a plurality of versions of the program and selects one of the plurality of versions of the program. The security control module then updates an active program list to include the selected version of the program. When the program is evoked, the central processing resource uses the selected version of the program such that execution of the program is changed, which changes internal operation of the computing device thereby reducing adverse impact of the malicious software.
    Type: Grant
    Filed: April 1, 2013
    Date of Patent: June 7, 2016
    Assignee: UNIQUESOFT, LLC
    Inventors: Terrence Ming Swee Heng, Walter Lee Davis
  • Patent number: 9361245
    Abstract: A data storage system including a SSD includes a capability to detect whether its location is acceptable for function, and a capability to self-disable in the event the location of the device is unacceptable, or to self-enable only while the location of the device is acceptable.
    Type: Grant
    Filed: February 26, 2015
    Date of Patent: June 7, 2016
    Assignee: Telecommunication Systems, Inc.
    Inventors: Rodyn Jones, Ken Vancouvering
  • Patent number: 9356939
    Abstract: Systems and methods include receiving data corresponding to a request to access a resource by an identity provided with authority to access the resource. Systems and methods include determining whether the identity is a member of a community based on associating data. The community includes identities as members thereof. Systems and methods include determining a risk level associated with the request. The risk level is determined using a history of access of the resource by a particular member the community if the identity is a member of the community. The risk level is determined using a history of access of the resource by the identity if the identity is not a member of the community. Systems and methods include determining an access policy based on the risk level associated with the request. The access policy indicates whether access to the resource by the identity is to be restricted.
    Type: Grant
    Filed: March 14, 2013
    Date of Patent: May 31, 2016
    Assignee: CA, Inc.
    Inventors: Carrie E. Gates, Timothy Gorden Brown, Anil Somayaji, Yiru Li
  • Patent number: 9355227
    Abstract: A method for displaying a digital document to a user where the display sequence of the pages of the document is personalized based on the user's past interactions with the document, such as viewing, annotating, editing, sharing, etc. on each pages. As user interacts with the document, the viewer application on the client computer reports the user interactions to a server. Through analytics, the server can decide the importance of individual pages and rank the pages accordingly, and sends page ranking information back to the client. The viewer application on the client can then render the document where pages are ordered based on the ranking, which reflects the user's interest in these pages. Different modes of reorganizing a document based on user interaction history are provided, so that the pages can be displayed in sequences based on the frequency of certain types of user interactions.
    Type: Grant
    Filed: June 30, 2014
    Date of Patent: May 31, 2016
    Assignee: KONICA MINOLTA LABORATORY U.S.A., INC.
    Inventor: Rabindra Pathak
  • Patent number: 9356922
    Abstract: A method of operating a mobile device comprises executing a trusted service application in a trusted operating system through secure access, executing a trusted web server module in the trusted operating system, wherein the trusted web server module is configured to transfer information using an internet protocol and the information is generated by execution of the trusted service application, and executing a user application in a rich operating system through normal access, wherein the user application is configured to relay communication between a remote web server and the trusted web server module through a security session.
    Type: Grant
    Filed: December 9, 2014
    Date of Patent: May 31, 2016
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Won-Churl Jang, Myung-Hee Kang, Dong-Jin Park
  • Patent number: 9350553
    Abstract: Aspects of the invention include methods and systems for electronically signing a plurality of documents, such as an insurance application, a loan application, a set of mortgage papers, a bank application, or the like. A customer, or multiple customers, electronically submits the signature once and the customer's one signature is applied to all of the areas where the customer signature is required. The electronic signature may include initials and/or a graphical representation of the customer's handwritten signature. Aspects of the invention include an apparatus comprising a display, a memory, and a processor coupled to the memory and programmed with computer-executable instructions that, when executed, perform a method for electronically signing a plurality of documents.
    Type: Grant
    Filed: January 13, 2015
    Date of Patent: May 24, 2016
    Assignee: Allstate Insurance Company
    Inventors: George N. Sakkos, Carolyn Beth Carter, Yunzhu Chen, Victoria Marguerite Kummer-Donnellan
  • Patent number: 9350608
    Abstract: A method and system for securing a VXLAN environment, including configuring a default network policy, associated with interfaces of the network device, for dropping all VXLAN frames including a VXLAN attribute; obtaining, by the network device, registered VTEP identifiers; determining, using the registered VTEP identifiers, that an interface of the network device is operatively connected to a registered VTEP associated with a registered VTEP identifier; disassociating the default network policy from the interface based on the determination; receiving, at the interface, a frame; performing a first verification that the frame is a VXLAN frame by examining the frame to determine that the frame includes the VXLAN attribute; performing a second verification to determine that the VXLAN frame includes a registered VTEP identifier; allowing, based on the first verification and the second verification, the network device to process the VXLAN frame; and processing the VXLAN frame.
    Type: Grant
    Filed: January 9, 2015
    Date of Patent: May 24, 2016
    Assignee: Arista Networks, Inc.
    Inventors: Douglas Alan Gourlay, Kenneth James Duda
  • Patent number: 9325706
    Abstract: Associating a network packet with biometric information for a user includes identifying biometric identification information for a user of a network device, including an identifier of the biometric identification information in at least one of a header and a trailer of a network packet without including biometric identification information in a payload of the network packet, and sending the packet via a network, wherein the identifier identifies the network packet as having originated from the user.
    Type: Grant
    Filed: May 1, 2012
    Date of Patent: April 26, 2016
    Assignee: Scenera Mobile Technologies, LLC
    Inventors: Jeffrey Scott Bardsley, Richard M. Horner
  • Patent number: 9300672
    Abstract: A method for redacting QA system answer information based on user access to content including analyzing a corpus by natural language processing techniques, wherein the corpora includes non-sensitive and sensitive content, and storing the analyzed corpora in memory; receiving a user question to be answered by utilizing the analyzed corpora; utilizing a processor to determine a set of answer information by processing using the corpora; determining a user access right to sensitive content; and redacting an answer information item from the set of answer information if sensitive content to which the user does not have access was used to determine the answer information item.
    Type: Grant
    Filed: October 5, 2014
    Date of Patent: March 29, 2016
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Torsten Bittner, Leugim A. Bustelo, Abraham G. Guerra, Peter J. Parente
  • Patent number: 9300661
    Abstract: There is disclosed a technique for use in authentication. In one embodiment, the technique comprises a method with the following steps. The method comprises detecting an occurrence associated with an authentication device. The method also comprises receiving a one-time password as issued by the authentication device. The method further comprises receiving an authentication factor, wherein the authentication factor is unrelated to one-time passwords issued by the authentication device. The method still further comprises determining whether to suspend authentication by the authentication device based on the one-time password and the authentication factor.
    Type: Grant
    Filed: June 30, 2014
    Date of Patent: March 29, 2016
    Assignee: EMC Corporation
    Inventors: Michael O'Malley, Robert S. Philpott
  • Patent number: 9276939
    Abstract: A system or computer usable program product for redacting QA system answer information based on user access to content including analyzing a corpus by natural language processing techniques, wherein the corpora includes non-sensitive and sensitive content, and storing the analyzed corpora in memory; receiving a user question to be answered by utilizing the analyzed corpora; utilizing a processor to determine a set of answer information by processing using the corpora; determining a user access right to sensitive content; and redacting an answer information item from the set of answer information if sensitive content to which the user does not have access was used to determine the answer information item.
    Type: Grant
    Filed: December 17, 2013
    Date of Patent: March 1, 2016
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Torsten Bittner, Leugim A. Bustelo, Abraham G. Guerra, Peter J. Parente
  • Patent number: 9264048
    Abstract: An integrated circuit includes a programmable logic device and optionally a control circuit coupled to the programmable logic device (PLD). The control circuit may detect that a reconfiguration criterion is satisfied. Responsive to the reconfiguration criterion being satisfied, the control logic may configure, using one or more randomizations, the PLD to implement a secret operation, wherein a first randomized configuration of the PLD results in a first circuit implementation that is different from, but functionally equivalent to, a second circuit implementation that results from a second randomized configuration of the PLD.
    Type: Grant
    Filed: December 18, 2013
    Date of Patent: February 16, 2016
    Assignee: Intel Corporation
    Inventor: Rachael J. Parker
  • Patent number: 9258119
    Abstract: A cryptographic system includes a memory device and a processor. The memory device has at least two sections, including a first section and a second section. The processor is configured to determine a mode of operation, receive a signal, and selectively zeroize at least one section of the memory device based at least in part on the received signal and the determined mode of operation.
    Type: Grant
    Filed: May 8, 2014
    Date of Patent: February 9, 2016
    Assignee: Cyber Solutions International, LLC
    Inventor: Richard J. Takahashi
  • Patent number: 9251150
    Abstract: An information processing device for managing information saved in a save location, including an authentication unit configured to manage first authentication information and second authentication information in association with each other, said first authentication information required to authenticate a client device requesting an operation relevant to the information, and said second authentication information required for authentication at said save location that saves the information; a save location monitor unit configured to monitor the information saved in the save location by using the second authentication information, and update index information of the information saved in the save location; and an information management unit configured to create a list of the information saved in the save location by using the index information of the information saved in the save location, and provide the list to the client device.
    Type: Grant
    Filed: May 8, 2014
    Date of Patent: February 2, 2016
    Assignee: RICOH COMPANY, LTD.
    Inventors: Satoru Hirakata, Ryoh Shimomoto, Shinya Mukasa, Teruaki Takahashi
  • Patent number: 9246937
    Abstract: The present invention relates to a system and method for controlling a network access of a network packet on the basis of a thread which is inserted into a process through code injection. The network access control system according to the present invention comprises: a process inspecting unit for detecting a code injection-based thread included in a process; and a network monitoring unit for performing network filtering so as to detect a network packet having access to a network, and, if a communication subject of the detected network packet is the code injection-based thread, blocking the traffic of the detected network packet.
    Type: Grant
    Filed: April 26, 2012
    Date of Patent: January 26, 2016
    Assignee: INCA Internet Co., Ltd.
    Inventors: Bo-Seung Ko, Sung-Eun Kim, Sang-Hoon Kim, Myung-Su Park