Patents Examined by Jenise E. Jackson
-
Patent number: 11973749Abstract: Systems, methods, and storage media for management of identity systems in an identity infrastructure are disclosed. Exemplary implementations may: install a discovery agent in the identity infrastructure; assess the identity infrastructure by the discovery agent; install an identity fabric in the identity infrastructure based on the assessing; receive, at the identity infrastructure, one or more data flows pertaining to identity data or identity metadata for at least one identity domain/system; manage, by a controller element, control plane operations across one or more elements or agents; manage, by at least one of the agents, the one or more data flows; detect and monitor, by the one or more elements or agents, at least one event linked to the one or more data flows; and assess the identity data or metadata and an associated state across the identity domains in the identity infrastructure based on the detecting and monitoring.Type: GrantFiled: March 30, 2021Date of Patent: April 30, 2024Assignee: Strata Identity Inc.Inventors: Eric Olden, Christopher Marie, Carl Eric Leach
-
Patent number: 11973873Abstract: Systems and methods of Exact Data Matching (EDM) include receiving customer specific sensitive data for a customer, wherein the customer specific sensitive data are converted into a plurality of tokens; receiving a configuration for exact data matching of the plurality of tokens; performing inline monitoring of a user associated with the customer; detecting a presence of one or more tokens of the plurality of tokens based on the inline monitoring; and, responsive to the detecting, performing an action based on the configuration.Type: GrantFiled: July 29, 2022Date of Patent: April 30, 2024Assignee: Zscaler, Inc.Inventors: Pooja Deshmukh, Siva Udupa
-
Patent number: 11962707Abstract: Method for authenticating at least one ventilator with at least one remote station, wherein the ventilator can connect itself via at least one interface to the remote station, at least one authentication file is stored on the ventilator, the authentication file contains at least one signature code of a signing authority, and a public keycode of the signing authority is known to the remote station, the ventilator sends the authentication file to the remote station when establishing the connection to the remote station, the remote station checks the signature code of the authentication file using the public keycode as to whether the signature code originates from the signing point and the ventilator is authenticated when the remote station recognizes the signature code as originating from the signing authority.Type: GrantFiled: January 5, 2022Date of Patent: April 16, 2024Assignee: LOEWENSTEIN MEDICAL TECHNOLOGY S.A.Inventors: Igor Bychkov, Matthias Schwaibold
-
Patent number: 11947692Abstract: The disclosed computer-implemented method for dynamic formjacking protection may include identifying a sensitive data input field element on a webform loaded in a browser, creating a secure isolated container overlaid on the identified sensitive data input field element, and collecting, via the secure isolated container, real input data intended for the sensitive data input field element. The method may also include inserting dummy data into the sensitive data input field element and intercepting a form submit request from the webform to a destination. The method may further include determining whether the destination is a trusted destination, and when the destination is determined to be the trusted destination, modifying the form submit request to allow the real input data to be sent to the trusted destination. The method may also include sending the form submit request to the destination. Various other methods, systems, and computer-readable media are also disclosed.Type: GrantFiled: December 16, 2021Date of Patent: April 2, 2024Assignee: GEN DIGITAL INC.Inventors: Iskander Sanchez Rola, David Luz Silva, Bahaa Naamneh
-
Patent number: 11936664Abstract: Embodiments detect identity attacks by comparing usage of compromised passphrases or other weak credentials in failed sign-in attempts to access restriction conditions. A restriction threshold amount of weak credential failed sign-ins (WCFSI) or a WCFSI increase indicates an identity attack, such as a password spray attack. Going beyond the mere number of failed sign-ins by also considering credential strength allows embodiments to detect attacks sooner than other approaches. An embodiment may also initiate or impose defenses by locking accounts, blocking IP addresses, or requiring additional authentication before access to an account is allowed. Weak credentials may include short passwords, simple passwords, compromised passwords, or wrong usernames, for instance. Password strength testing may be used for attack detection in addition to preventive use on passwords proposed by authorized users. Familiar and unfamiliar traffic source locations may be tracked, as sets or individually.Type: GrantFiled: March 14, 2020Date of Patent: March 19, 2024Assignee: Microsoft Technology Licensing, LLCInventors: Andrew Numainville, Rohini Goyal, Jingjing Zhang
-
Patent number: 11930008Abstract: Example subscription information configuration methods and a communications device are described. One example method includes receiving a first device identifier by a network device from a first terminal device in a first access mode and receiving a second device identifier from a second terminal device in a second access mode. The network device determines whether the first device identifier matches the second device identifier to identify legality of the first terminal device. If the first device identifier matches the second device identifier, it indicates that the first terminal device is a legal terminal device. The network device sends subscription information of the first terminal device to the first terminal device in the first access mode, so that the first terminal device successfully accesses a network by using the subscription information.Type: GrantFiled: January 13, 2021Date of Patent: March 12, 2024Assignee: Huawei Technologies Co., Ltd.Inventors: Li Hu, Weisheng Jin, Jing Chen, He Li
-
Patent number: 11921887Abstract: A request to contact a service provider may be received from a client machine. The request may be associated with an identity claim and including a service identifier. The identity claim may be validated via a distributed identity service that includes a plurality of identity nodes in communication via a network. Validating the identity claim may include determining a designated network identifier associated with a distributed identity account shared among the plurality of identity nodes. A service query that includes the service identifier and the designated network identifier may be sent to a plurality of customer relations management services. A communication session may be established between a service provider remote computing system and the client machine. The service provider may store customer relations management information at a designated one of the plurality of customer relations management services.Type: GrantFiled: January 25, 2022Date of Patent: March 5, 2024Assignee: Salesforce, Inc.Inventor: Prithvi Krishnan Padmanabhan
-
Patent number: 11916903Abstract: Provided a method for setting up an authorization verification for a first device, for example a field device in an automation system, wherein the first device is configured by configuration data transmitted to the first device from a configuration module that is detachably connected to the first device and, for example, is implemented in the form of an SD card or a USB stick, having: detection of a connection of a configuration module to the first device, reading configuration module-specific device information from the configuration module, requesting configuration module-specific authorization verification for the configuration model-specific device information from the first device in an authorization device, and storing the requested configuration module-specific authorization verification on a security storage unit of the first device.Type: GrantFiled: July 9, 2019Date of Patent: February 27, 2024Assignee: SIEMENS MOBILITY GMBHInventor: Rainer Falk
-
Patent number: 11914721Abstract: A blockchain smart contract rewriting framework system has a vulnerability detection tool, a rewriter tool, and a deployment component. The deployment component obtains a permission to upgrade the smart contract, which granted by a smart contract creator/owner. The contract rewriting framework system retrieves the smart contract from the blockchain network, and passes it to the vulnerability detection tool. The vulnerability detection tool detects a vulnerability in the smart contract, and determines a type of the vulnerability and an instruction location of the vulnerability. The rewriter tool rewrites the smart contract to include a patch for fixing the vulnerability, a patched smart contract being generated by the rewriter tool based on the type of the vulnerability and the instruction location of the vulnerability.Type: GrantFiled: June 9, 2020Date of Patent: February 27, 2024Assignee: NEC CORPORATIONInventors: Michael Rodler, Lucas Davi, Ghassan Karame, Wenting Li
-
Patent number: 11888895Abstract: Aspects of the disclosure relate to generating threat intelligence information. A computing platform may receive forensics information corresponding to message attachments. For each message attachment, the computing platform may generate a feature representation. The computing platform may input the feature representations into a neural network, which may result in a numeric representation for each message attachments. The computing platform may apply a clustering algorithm to cluster each message attachments based on the numeric representations, which may result in clustering information. The computing platform may extract, from the clustering information, one or more indicators of compromise indicating that one or more attachments corresponds to a threat campaign.Type: GrantFiled: June 25, 2021Date of Patent: January 30, 2024Assignee: Proofpoint, Inc.Inventors: Zachary Mitchell Abzug, Kevin Patrick Blissett, Brian Sanford Jones
-
Patent number: 11888852Abstract: According to one embodiment of the present application, provided is an access management method of an access control device, comprising the steps of: receiving, from a user terminal, a first advertising packet including open authentication information; generating a key on the basis of at least a first random key; confirming the open authentication information on the basis of the generated key; and determining the opening of a door on the basis of the open authentication information.Type: GrantFiled: September 1, 2022Date of Patent: January 30, 2024Assignee: SUPREMA INC.Inventors: Seong Bin Choi, Young Soo Moon
-
Patent number: 11882112Abstract: A system for communicating email messages using tokens receives a request to send an email message to a receiver. The email message is associated with a sender's email address. The system determines whether the sender's email address is associated with a token from a plurality of tokens stored in a token-email address mapping table. The system generates a particular token for the sender's email address in response to determining that the sender's email address is not associated with a token, where the particular token uniquely identifies the sender's email address. The system sends the email message using the particular token instead of the sender's email address, such that the sender's email address remains anonymous from the perspective of the receiver.Type: GrantFiled: May 26, 2021Date of Patent: January 23, 2024Assignee: Bank of America CorporationInventors: Kelly Renee-Drop Keiter, Michael Robert Young, Tomas Mata Castrejon, III, Rick Wayne Sumrall
-
Patent number: 11882110Abstract: Examples of renewal of security certificates of supplicant devices are described. In an example, a request to authenticate a supplicant device based on a security certificate is received by an authenticator device and from a supplicant device. The request comprises information relating to the security certificate which is expired. A login history of the supplicant device and presence of a valid account associated with the supplicant device in a directory database is determined. An authentication successful message is sent to the supplicant device based on the login history and presence of the valid account in the directory database. The supplicant device is redirected to a captive web portal for authentication of the supplicant device based on the login credential. In response to a successful authentication of the supplicant device in the captive web portal, a renewed security certificate for the supplicant device is provided.Type: GrantFiled: April 2, 2021Date of Patent: January 23, 2024Assignee: Hewlett Packard Enterprise Development LPInventors: Vikram Limaye, Jason Atkins, Preeti Bhagavan
-
Patent number: 11882119Abstract: The communication system is a communication system including a management communication apparatus, a first communication apparatus, and a second communication apparatus. The first communication apparatus is capable of communicating using a plurality of Internet Protocol (IP) addresses in different versions from each other, and includes a first communication unit configured to notify the management communication apparatus of a first IP address among the plurality of IP addresses in a first authentication process for entering the communication system, and to notify the management communication apparatus of a second IP address among the plurality of IP addresses after the first authentication process, the first authentication process being performed between the first communication apparatus and the management communication apparatus.Type: GrantFiled: July 1, 2019Date of Patent: January 23, 2024Assignee: PANASONIC INTELLECTUAL PROPERTY MANAGEMENT CO., LTD.Inventors: Yoichi Masuda, Kenji Kuramae, Masao Akimoto
-
Patent number: 11881938Abstract: There is disclosed in one example an enrollment over secure transport (EST)-capable gateway device, including: a hardware platform including a processor and a memory; a first network interface to communicatively couple to an external network, including an external DNS server; a second network interface to communicatively couple to a home network; a caching DNS server including a local DNS cache, and logic to provide DNS services to the home network; and an EST proxy to authenticate to a local endpoint on the home network, provision a DNS server certificate on the local endpoint, provision an authentication domain name (ADN) on the local endpoint, and provide encrypted domain name system (DNS) services to the local endpoint.Type: GrantFiled: August 24, 2022Date of Patent: January 23, 2024Assignee: McAfee, LLCInventors: Tirumaleswar Reddy Konda, Shashank Jain, Himanshu Srivastava, Naveen Kumar Reddy Kandadi, Piyush Pramod Joshi
-
Patent number: 11870768Abstract: Presented herein are certificate-based techniques through which a Radio Interface Unit may be securely onboarded to a service provider network. In one example, a method is provided that includes obtaining, by a Dynamic Host Configuration Protocol (DHCP) server, an address assignment request for the, wherein the address assignment request comprises a vendor device certificate, a signed nonce, a non-encrypted serial number for the RIU, a signed serial number for the RIU, and a vendor identifier; validating the vendor device certificate, the signed nonce, and the signed serial number for the RIU based on a vendor root certification authority certificate; validating the non-encrypted serial number for the RIU; and generating an address assignment response based on validating the non-encrypted serial number for the RIU, the vendor device certificate, the signed nonce, and the signed serial number for the RIU.Type: GrantFiled: April 10, 2020Date of Patent: January 9, 2024Assignee: CISCO TECHNOLOGY, INC.Inventors: Devendra Kumar Vishwakarma, Om Prakash Suthar, Vivek Agarwal
-
Patent number: 11870777Abstract: A relay device includes a plurality of input/output ports (111); an authentication information storage unit (114) to store authentication information used for performing authentication of a target relay device which is a relay device to be authenticated; an authentication processing unit (113) to acquire a target authentication packet which is an authentication packet used for authentication of the target relay device via a target input/output port (111) which is an input/output port connected to the target relay device in the plurality of input/output ports and to authenticate the target relay device by referring to the authentication information, and a relay processing unit (112) to cause a transfer input/output port which is an input/output port (111) to which a transfer destination of the transfer packet is connected, and to discard the transfer packet when the authentication of the target relay device is failed.Type: GrantFiled: May 18, 2018Date of Patent: January 9, 2024Assignee: MITSUBISHI ELECTRIC CORPORATIONInventor: Saburo Kasahara
-
Patent number: 11863674Abstract: Systems and methods of Exact Data Matching (EDM) for identifying related tokens in data content using structured signature data implemented in a cloud-based system receiving data sets and customer configuration from a customer, wherein the data sets include customer specific sensitive data from a structured data source with each token represented by a hash value and the customer configuration includes one or more primary keys for a plurality of records in the data sets; distributing the data sets and the customer configuration to a plurality of nodes in the cloud-based system; performing monitoring of content between a client of the customer and an external network; detecting a presence of a plurality of tokens associated with a record in the customer specific sensitive data based on the monitoring; and performing a policy-based action in the cloud-based system based on the detecting.Type: GrantFiled: December 23, 2020Date of Patent: January 2, 2024Assignee: Zscaler, Inc.Inventors: Balakrishna Bayar, Arun Bhallamudi, Srikanth Devarajan, Siva Udupa, Pooja Deshmukh
-
Patent number: 11841958Abstract: Various embodiments of the present invention relate to a device and method for providing connection between an electronic device and other electronic devices through figure input.Type: GrantFiled: February 28, 2019Date of Patent: December 12, 2023Assignee: Samsung Electronics Co., Ltd.Inventor: Jeongmin Kim
-
Patent number: 11843581Abstract: A method in a first virtual private network (VPN) server associated with clustering a plurality of VPN servers in a clustered network, the method including receiving, from a VPN service provider (VSP) control infrastructure, VPN data associated with a user device having an established VPN connection with the clustered network; and communicating, utilizing key information, the VPN data with the user device during the established VPN connection. Various other aspects are contemplated.Type: GrantFiled: August 16, 2021Date of Patent: December 12, 2023Assignee: Netflow, UABInventors: Donatas Budvytis, Karolis Kaciulis