Patents Examined by Nelson Scott Giddins
-
Patent number: 9882892Abstract: The disclosed embodiments provide a system that enables access to a resource. During operation, the system obtains, from a first service, a request for access to the resource on a second service by a user using the first service. Next, the system provides, in a response to the request, an intent token for accessing the resource by the user to the first service. Upon receiving the intent token from an authorized user on the second service, the system enables access to the resource on the second service for the user on the first service.Type: GrantFiled: June 18, 2014Date of Patent: January 30, 2018Assignee: INTUIT INC.Inventors: Peter Vogel, Vinod K. Nair, Wing Ming Brigitte Chan, Kishore Jonnalagedda
-
Patent number: 9882957Abstract: Client-side endpoint configuration can be accomplished by allowing a client to include as part of an API request, a desired endpoint for subsequent notifications from a server. The endpoint can be an endpoint identifier, such as a Uniform Resource Identifier (URI) or a domain name. When a web service receives the API request from a client device, the web service can generate a response to the request and send the response to the endpoint identified in the request. The API request can asynchronously communicate with the client device whenever the response is completed.Type: GrantFiled: August 13, 2013Date of Patent: January 30, 2018Assignee: Amazon Technologies, Inc.Inventor: Andre Mostert
-
Patent number: 9883399Abstract: A method and apparatus are for automatically accessing a social network account that provides member information about each of a plurality of social network members. The member information about at least one of the social network members, denoted as a particular member, includes a network detection portion and a security portion. The network detection portion is retrieved from the social network for at least the particular member. A detection is made that the wireless device is within range of a secure wireless network associated with the particular member. The detection uses the network detection portion of the particular member as an input. The security portion of the member information of the particular member is retrieved from the social network. The security portion is used to derive access credentials for the secure wireless network. The derived access credentials are used to securely access the secure wireless network.Type: GrantFiled: September 25, 2015Date of Patent: January 30, 2018Assignee: GOOGLE TECHNOLOGY HOLDINGS LLCInventor: Apostolis K. Salkintzis
-
Patent number: 9239934Abstract: A mobile computing system for providing a high-security execution environment is provided. The mobile computing system separates execution environments in the same mobile device on the basis of virtualization technology and manages user-specific execution environments using the same hardware security module, thereby facilitating protection of personal privacy.Type: GrantFiled: March 18, 2013Date of Patent: January 19, 2016Assignee: Electronics and Telecommunications Research InstituteInventors: Hong-Il Ju, Yong-Sung Jeon, Young-Sae Kim, Seung-Yong Yoon, Jeong-Nyeo Kim
-
Patent number: 9210194Abstract: A method and system for evaluating and enforcing a data flow policy at a mobile computing device includes a data flow policy engine to evaluate data access requests made by security-wrapped software applications running on the mobile device and prevent the security-wrapped software applications from violating the data flow policy. The data flow policy defines a number of security labels that are associated with data objects. A software application process may be associated with a security label if the process accesses data having the security label or the process is in communication with another process that has accessed data having the security label.Type: GrantFiled: May 20, 2015Date of Patent: December 8, 2015Assignee: SRI INTERNATIONALInventor: Phillip A. Porras
-
Patent number: 9088571Abstract: Techniques for resolving conflicts between web service policies that are attached (via LPA and/or GPA metadata) to a policy subject (e.g., a WS client/service endpoint). In one set of embodiments, a priority value can be assigned to each policy attached to a policy subject via the policy's corresponding policy attachment metadata file. These priority values can be taken into account when determining whether one policy should be given precedence over another, conflicting policy attached to the same policy subject. In certain embodiments, as part of this determination, the priority value of a policy can be given greater weight than the scope at which the policy is attached.Type: GrantFiled: August 28, 2012Date of Patent: July 21, 2015Assignee: Oracle International CorporationInventors: Jeffrey Jason Bryan, Nickolas Kavantzas
-
Patent number: 9054848Abstract: An electronic apparatus includes a secure unit to store public key information, an input unit to receive user authentication information and a data searching word, a user authenticating unit to perform user authentication with the inputted user authentication information, an encryption generating unit to generate a searching word encryption to use in data search, and a control unit to control generating the searching word encryption using the previously-stored public key information, the inputted user authentication information, and the data searching word.Type: GrantFiled: September 13, 2012Date of Patent: June 9, 2015Assignee: SAMSUNG ELECTRONICS CO., LTD.Inventor: Hyun-sook Rhee
-
Patent number: 9047463Abstract: A method and system for evaluating and enforcing a data flow policy at a mobile computing device includes a data flow policy engine to evaluate data access requests made by security-wrapped software applications running on the mobile device and prevent the security-wrapped software applications from violating the data flow policy. The data flow policy defines a number of security labels that are associated with data objects. A software application process may be associated with a security label if the process accesses data having the security label or the process is in communication with another process that has accessed data having the security label.Type: GrantFiled: October 24, 2012Date of Patent: June 2, 2015Assignee: SRI InternationalInventor: Phillip A. Porras
-
Patent number: 9038132Abstract: A bus monitoring security device is connected to a bus, which includes a tool side bus having a tool connection terminal and an ECU side bus. The ECU side bus is coupled with an ECU, and the tool side bus is coupled with a tool capable of communicating with the ECU via the tool connection terminal. The tool side bus and the ECU side bus are separately coupled with the bus monitoring security device. The bus monitoring security device includes: a controller for determining whether the tool being to access the ECU is connected to the ECU side bus, and for restricting transmission and reception of data between the tool and the ECU when the controller determines that the tool is connected to the ECU side bus.Type: GrantFiled: September 13, 2012Date of Patent: May 19, 2015Assignee: DENSO CORPORATIONInventors: Yuzo Harata, Yasuyuki Takahashi, Satoshi Suzuki, Mitsuyoshi Natsume, Tomohisa Kishigami
-
Patent number: 9026784Abstract: An example method includes identifying a transport layer security (TLS) session between a client and a server, parsing one or more TLS messages to identify a session ticket associated with the session, transforming the session ticket into a fixed size session token, and managing the session using the session token to identify the session. The transforming may include computing a hash value of the session ticket using a hashing algorithm. If any of the TLS messages is spread across more than one TLS protocol record, the method can include computing a hash value of a portion of the session ticket encountered in a TLS protocol record using a hashing algorithm, incrementally computing another hash value of another portion of the session ticket encountered in a subsequent TLS protocol record from the previously computed hash value, and repeating the incremental computing until portions of the session ticket have been processed.Type: GrantFiled: January 26, 2012Date of Patent: May 5, 2015Assignee: McAfee, Inc.Inventors: Shivakumar Buruganahalli, Venu Vissamsetty
-
Patent number: 8918862Abstract: Embodiments of the invention relate to password management of one or more data storage devices. A set of passwords are employed to manage access to the storage devices, with authentication of both passwords enabling access to the subject storage device(s) for read and/or write operation privileges. The first password is known by the user and is used as an initial input string. The second password is not known by the user and is authenticated with the subject storage device(s) through BIOS and without input from the user.Type: GrantFiled: August 31, 2011Date of Patent: December 23, 2014Assignee: International Business Machines CorporationInventors: Sukadev Bhattiprolu, Jujjuri Venkateswararao, Haren Myneni, Malahal R. Naineni, Badari Pulavarty, Chandra Seetharaman, Narasimha Nageshrao Sharoff