Patents Examined by Mohammad W. Reza
-
Patent number: 11782849Abstract: A processor includes a decode unit to decode an instruction that is to indicate a page of a protected container memory, and a storage location outside of the protected container memory. An execution unit, in response to the instruction, is to ensure that there are no writable references to the page of the protected container memory while it has a write protected state. The execution unit is to encrypt a copy of the page of the protected container memory. The execution unit is to store the encrypted copy of the page to the storage location outside of the protected container memory, after it has been ensured that there are no writable references. The execution unit is to leave the page of the protected container memory in the write protected state, which is also valid and readable, after the encrypted copy has been stored to the storage location.Type: GrantFiled: July 3, 2021Date of Patent: October 10, 2023Assignee: Intel CorporationInventors: Carlos V. Rozas, Mona Vij, Rebekah M. Leslie-Hurd, Krystof C. Zmudzinski, Somnath Chakrabarti, Francis X. Mckeen, Vincent R. Scarlata, Simon P. Johnson, Ilya Alexandrovich, Gilbert Neiger, Vedvyas Shanbhogue, Ittai Anati
-
Patent number: 11777911Abstract: Requests are pre-generated to include a cryptographic key to be used in fulfilling the requests. The requests may be encoded in uniform resource locators and may include authentication information to enable a service provider to whom the requests are submitted to determine whether the requests are authorized. The requests may be passed to various entities who can then submit the requests to the service provider. The service provider, upon receipt of a request, can verify the authentication information and fulfill the request using a cryptographic key encoded in the request.Type: GrantFiled: September 15, 2021Date of Patent: October 3, 2023Assignee: Amazon Technologies, Inc.Inventors: Gregory Branchek Roth, Eric Jason Brandwine
-
Patent number: 11775662Abstract: A method and apparatus of a device searches encrypted objects stored in a secure virtual storage space is described. In an exemplary embodiment, the device receives a search query that includes a set of tokens and encrypts the set of tokens. The device further creates a hashed set of encrypted tokens using a second hash function. In addition, the device sends the hashed set of encrypted tokens to a first search server as a query. Furthermore, the device receives, from the first search server, a first set of encrypted object names as a search result. The device additionally determines a set of client-side indexes to search by hashing at least some of the first set of encrypted object names using a first hash function. The device further decrypts the set of encrypted object names. The additionally searches the set of client-side indexes using the set of decrypted object names.Type: GrantFiled: December 9, 2020Date of Patent: October 3, 2023Inventor: Duncan MacDougall Greatwood
-
Patent number: 11775683Abstract: Generating a first signature value corresponding to a first dataset stored in a first data region having a first access permission level. Determining a signature anonymization value. Truncating the first signature value based on the signature anonymization value. Generating a secure search query for identifying, based on the truncated first signature value, second signature values corresponding to entries of a second dataset stored in one or more second data regions having one or more second access permission levels. Receiving a response to the secure search query including the plurality of second signature values. Determining the entries of the second dataset from the second signature values. Comparing the respective entries of the second dataset to the at least a portion of the first dataset. Generating one or more notifications based on the comparisons indicating a potential match between a particular respective entry of the second dataset and the at least a portion of a first dataset.Type: GrantFiled: July 26, 2021Date of Patent: October 3, 2023Assignee: Palantir Technologies Inc.Inventors: John Doyle, Jason Free, Jacob Magid, Michael Rochlin, Sean Hacker
-
Patent number: 11770703Abstract: Techniques are provided for validating a mobile device in a passive digital key system. An example method of validating a mobile device includes determining a positioning measurement for the mobile device relative to a reference point, obtaining a measured distance with at least a first transceiver, obtaining a calibration distance based at least in part on the positioning measurement for the mobile device, computing a validation distance based at least in part on a difference between the measured distance and the calibration distance, and validating the mobile device based at least in part on a comparison of the validation distance and a threshold value.Type: GrantFiled: April 6, 2021Date of Patent: September 26, 2023Assignee: QUALCOMM IncorporatedInventors: Rolf De Vegt, Xiaoxin Zhang, Peyman Siyari
-
Patent number: 11770701Abstract: Devices, systems, and methods are provided for communications between autonomous and emergency vehicles. A method may include identifying, by an autonomous vehicle (AV), a first message received from a first vehicle, and identifying, by the AV, in the first message, information associated with identifying the AV, a security key associated with identifying the first vehicle, and an instruction associated with causing the AV to perform an action. The method may include authenticating, by the AV, based on the security key, the first vehicle, and controlling operation, based on the instruction and the information associated with identifying the AV, of the AV to perform the action.Type: GrantFiled: February 5, 2021Date of Patent: September 26, 2023Assignee: ARGO AI, LLCInventor: Kleanthes G. Koniaris
-
Patent number: 11770370Abstract: According to one example, a system includes a first computing device that includes one or more processors configured to generate a first encryption key, and encrypt data, using the first encryption key, for transmittal to a second computing device. The one or more processors are further configured to determine a first set of tokens; determine, from the first set of tokens, a plurality of tokens for the first encryption key; generate a packet comprising the encrypted data, and further comprising the plurality of tokens; and transmit the packet for receipt by the second computing device.Type: GrantFiled: May 9, 2022Date of Patent: September 26, 2023Assignee: Eclypses, Inc.Inventor: Timothy W. Reynolds
-
Patent number: 11768931Abstract: Technologies for memory management with memory protection extension include a computing device having a processor with one or more protection extensions. The processor may load a logical address including a segment base, effective limit, and effective address and generate a linear address as a function of the logical address with the effective limit as a mask. The processor may switch to a new task described by a task state segment extension. The task state extension may specify a low-latency segmentation mode. The processor may prohibit access to a descriptor in a local descriptor table with a descriptor privilege level lower than the current privilege level of the processor. The computing device may load a secure enclave using secure enclave support of the processor. The secure enclave may load an unsandbox and a sandboxed application in a user privilege level of the processor. Other embodiments are described and claimed.Type: GrantFiled: November 29, 2021Date of Patent: September 26, 2023Assignee: INTEL CORPORATIONInventors: Michael LeMay, Barry E. Huntley, Ravi Sahita
-
Patent number: 11765155Abstract: Systems and methods are disclosed to implement an application that can automatically download new digital certificates to verify signed code updates received by the application. In embodiments, under normal circumstances, the application uses a pinned certificate in the application's executable code to verify received updates signed using the certificate. However, if the code signing certificate changes, the application will automatically retrieve the new certificate from a certificate publishing service. Accordingly, the new certificate does not have to be included as part of the code update package, and the retrieval of the new certificate can be managed more robustly by the application updater. In embodiments, downloads from the certificate publishing service may be secured using a nonce and a shared secret that is known to the service and also pinned to the application. In this way, the download process can be protected from hijacking attacks.Type: GrantFiled: September 29, 2020Date of Patent: September 19, 2023Assignee: Amazon Technologies, Inc.Inventors: Preethi Srinivasan, Dheeraj Kumar Mekala
-
Patent number: 11757941Abstract: A computer performs dynamic address isolation. The computer comprises an application associated with an application address, a network interface coupled to receive incoming data packets from and transmit outgoing data packets to an external network, a network address translation engine configured to translate between the application address and a public address, and a driver for automatically forwarding the outgoing data packets to the network address translation engine to translate the application address to the public address, and for automatically forwarding the incoming data packets to the network address translation engine to translate the public address to the application address. The computer may communicate with a firewall configured to handle both network-level security and application-level security.Type: GrantFiled: March 16, 2021Date of Patent: September 12, 2023Assignee: CUPP Computer ASInventor: Shlomo Touboul
-
Patent number: 11748496Abstract: A method for managing data in view of data controls includes determining that a jurisdictional restriction associated with a jurisdiction applies to utilization of a portion of data, determining that a compliant service to utilize the portion of data is unavailable, deploying an instance of the compliant service, and utilizing the portion of data using the instance of the compliant service.Type: GrantFiled: July 29, 2020Date of Patent: September 5, 2023Assignee: United Services Automobile Association (USAA)Inventors: Ashley Philbrick, Justin Jackson, Sean C. Mitchem, Yevgeniy Khmelev, Ruthie Lyle, Ravi Durairaj
-
Patent number: 11750385Abstract: A system and a method for an electronic method of authenticating a user to establish a service session the method comprising the steps of receiving an access request at a service provider device from a user device, authenticating a user based on a unique user credential associated with the user, by the service provider, establishing a service session between the user device and the service device.Type: GrantFiled: November 16, 2017Date of Patent: September 5, 2023Assignee: Prisec Innovation LimitedInventor: Cheuk Yiu So
-
Patent number: 11743287Abstract: A denial-of-service detection system includes a denial-of-service detection subsystem coupled to a plurality of storage systems via a network. The denial-of-service detection subsystem receives current first storage system data for each of a plurality of different storage system operating metrics from a first storage system included in the plurality of storage systems.Type: GrantFiled: August 6, 2020Date of Patent: August 29, 2023Assignee: Dell Products L.P.Inventors: Deepak Nagarajegowda, Bina Thakkar
-
Patent number: 11734604Abstract: A method of detecting deviation from an operational state of a rotational device includes receiving, from one or more sensor devices coupled to the rotational device, frequency domain data indicative of vibration data sensed during a sensing period. The method also includes processing the frequency domain data using a trained anomaly detection model to generate an anomaly score for the sensing period and processing the anomaly score using an alert generation model to determine whether to generate an alert.Type: GrantFiled: April 15, 2020Date of Patent: August 22, 2023Assignee: SPARKCOGNITION, INC.Inventors: Alexandru Ardel, Shashank Bassi, Elmira M Bonab, Jeff Brown
-
Patent number: 11729006Abstract: A method for securing the communications between a publisher and a subscriber in an Internet of things networks. An example method includes receiving a challenge vector from a subscriber and determining a response vector using a physically unclonable function (PUF) for each challenge value in the challenge vector to generate a response value. The response vector it is sent to the subscriber.Type: GrantFiled: March 31, 2021Date of Patent: August 15, 2023Assignee: Intel CorporationInventors: Davide Carboni, Michael Nolan, Ned M. Smith, Mo Haghighi
-
Patent number: 11722531Abstract: A remote access system for policy-controlled computing with a client device connected to a remote software environment is disclosed. The client device communicates with the remote software environment that securely runs applications. Restrictions for a local application that runs on the client device are enforced using a first plurality of policies based on whether the client device is connected to a specific Virtual Private Network (VPN). A mid-link server enforces restrictions on the remote software environment using a second plurality of policies.Type: GrantFiled: May 12, 2021Date of Patent: August 8, 2023Assignee: Netskope, Inc.Inventor: Bradley B. Harvell
-
Patent number: 11720989Abstract: A computer-implemented method for generating device-identifying digital content on social media platforms may include (i) identifying digital content created by a content-creation device for display on a social media platform, (ii) modifying the digital content to indicate that the digital content was created by the content-creation device such that, when the modified digital content is displayed on the social media platform, the modified digital content identifies the content-creation device as the source of the digital content, and (iii) displaying, on the social media platform, the modified digital content to enable users of the social media platform to identify the content-creation device as the source of the digital content. Various other methods, systems, and computer-readable media are also disclosed.Type: GrantFiled: November 20, 2020Date of Patent: August 8, 2023Assignee: Meta Platforms Technologies, LLCInventor: Matthew F. Jacobson
-
Patent number: 11704709Abstract: The disclosed systems and methods may request a merchant identifier associated with a merchant from a third party, receive the merchant identifier, retrieve or receive a first uniform resource locator (URL) associated with the merchant, and store the merchant identifier and the first URL in a database. In response to a web browser extension detecting that a user is preparing to make an online purchase associated with the merchant, the system may receive an age request for an age of the merchant from a user device and identify the merchant identifier in the database based on a second URL included in the age request. The system may then request the age of the merchant from the database based on the merchant identifier, receive the age of the merchant from the third party, and transmit the age of the merchant to the user device for display.Type: GrantFiled: May 19, 2020Date of Patent: July 18, 2023Assignee: CAPITAL ONE SERVICES, LLCInventors: Abdelkader Benkreira, Joshua Edwards, Michael Mossoba
-
Patent number: 11700129Abstract: Example embodiments of systems and methods for data delegation and control through the use of tokenized data are provided. In an exemplary method of data delegation and control, a data device may store private information associated with a user and generate an access token, comprising tokenized data identifying the data device. The data device may transmit the access token to a user device through a front channel and receive an information request from a merchant device comprising the access token through a secure back channel. Upon authenticating the access token, the data device may transmit a portion of the private information to the merchant device through the secure back channel.Type: GrantFiled: June 19, 2020Date of Patent: July 11, 2023Assignee: CAPITAL ONE SERVICES, LLCInventors: Qiaochu Tang, Jason Hoover, Micah Price, Stephen Wylie, Geoffrey Dagley
-
Patent number: 11695738Abstract: A communication system utilizing unified gateways bridges communication gaps between data transmitters having differing transmission, security, data format, overhead restrictions and performance metrics by dynamically determining optimal data paths for the data being routed. The unified gateways can also dynamically alter data packages to upgrade/downgrade security standards, alter transmission networks, translate data to match recipient requirements and split/combine data to optimize data throughput using disparate systems.Type: GrantFiled: March 12, 2021Date of Patent: July 4, 2023Assignee: Sierra Nevada CorporationInventors: Kyle Andrew Shepard, Kevin Jeffrey Streander, Peter Fischer