Abstract: A management device installed in a vehicle includes a master key storing part configured to share the master key that is used to generate an initial key held by an ECU together with an identifier of the ECU; a communication part configured to communicate with the ECU; a key generation part configured to generate the initial key of the ECU by use of the master key stored on the master key storing part and the identifier of the ECU received from the ECU via the communication part; and an initial key storing part configured to store the initial key of the ECU that is generated by the key generation part in connection with the identifier of the ECU.
Abstract: A method at a primary communication device for participating in log-in of a secondary communication device where, upon recognizing a successful log-in of the primary communication device, a request for extended log-in to the secondary communication device is received from the secondary communication device. Instruction to initiate the requested extended log-in is transmitted to the secondary communication device. After having received physiological data, associated with the user of the secondary communication device, the first physiological data is compared with the physiological data provided from the secondary device for determining whether there is a match between the compared physiological data. In case of a match at least one credential is transmitted to the secondary communication device, whereas no credential is transmitted to the secondary device if no match is determined.
Type:
Grant
Filed:
December 21, 2015
Date of Patent:
October 26, 2021
Assignee:
Telefonaktiebolaget LM Ericsson (Publ)
Inventors:
José Araújo, Lars Andersson, Guoqiang Zhang
Abstract: The present invention is a system and method for the repeated, dynamic, and automated transformation and manipulation of strings of printable or typeable characters that are commonly used for passwords, PINs, keys, tokens, keys, encryption, and filenames forming a class of printable strings. The system and method described makes use of secured password “Hopping” to maximize data security and user's ease of implementation. “Hopping” refers to a method of automated random-password construction and serial substitution. The process of Hopping as described herein is based upon a set of user-selected transformation rules that employ, among other variables, easily accessible, time-variable, data as sources of randomized inputs. Use of randomized inputs and automated serial substitution at time intervals heightens the security of resulting generated passwords.
Type:
Grant
Filed:
June 22, 2018
Date of Patent:
October 19, 2021
Inventors:
Thomas M. McNamara, Jr., Jason T. Good, Carly J. Bruce
Abstract: A system described herein may use automated techniques to verify network connection integrity and provide visual indicators of connection validity or invalidity. The system may generate a unique identifier related to a user and/or web resource during an initial use. The unique identifier may be utilized to transform a secure image and store the transformed image. Upon subsequent use of the web resource, a visit identifier may be generated and utilized to perform an inverse transformation of the transformed image and display the result, where the resulting image will be the same as the secure image if the visit identifier matches the unique identifier.
Type:
Grant
Filed:
June 27, 2019
Date of Patent:
October 19, 2021
Assignee:
Verizon Patent and Licensing Inc.
Inventors:
Bruno Mendez, Manuel Enrique Caceres, Mauricio Pati Caldeira de Andrada
Abstract: Systems and methods are provided for securing data using a mobile device. The method may include determining securing global positioning data values of the mobile device; measuring a securing direction of the mobile device relative to a magnetic north direction; capturing a securing password by the mobile device; and securing the data against unauthorized access using the determined global positioning data values, the securing password, and the securing direction as a combined password.
Type:
Grant
Filed:
September 23, 2019
Date of Patent:
October 12, 2021
Assignee:
International Business Machines Corporation
Inventors:
Alberto L. Galvani, Ugo Madama, Paolo Ottaviano, Andrea Tortosa
Abstract: Implementations describe providing secure encryption key management in trust domains. In one implementation, a processing device includes a key ownership table (KOT) that is protected against software access. The processing device further includes a processing core to execute a trust domain resource manager (TDRM) to create a trust domain (TD) and a randomly-generated encryption key corresponding to the TD, the randomly-generated encryption key identified by a guest key identifier (GKID) and protected against software access from at least one of the TDRM or other TDs, the TDRM is to reference the KOT to obtain at least one unassigned host key identifier (HKID) utilized to encrypt a TD memory, the TDRM is to assign the HKID to the TD by marking the HKID in the KOT as assigned, and configure the randomly-generated encryption key on the processing device by associating the randomly-generated encryption key with the HKID.
Abstract: A computer-implemented method includes receiving an indication of a first selected instrument, where the first selected instrument is selected from a plurality of instruments. One or more first sequences of notes are received. One or more saved sound compositions are generated based on the first selected instrument and the one or more first sequences of notes. One or more current sound compositions are compared to the one or more saved sound compositions using sound analysis. A user is authenticated based on a similarity between the one or more current sound compositions and the one or more saved sound composition.
Type:
Grant
Filed:
July 31, 2018
Date of Patent:
October 5, 2021
Assignee:
INTERNATIONAL BUSINESS MACHINES CORPORATION
Inventors:
Juan F. Vargas, Mark Maresh, Michael J. Whitney, Colm Nolan
Abstract: A method for operating an apparatus according to various embodiments may comprise the operations of: detecting whether a first signal transmitted from a control device to a storage device includes a designated address; and transmitting a second signal to the control device if the first signal includes the designated address, wherein the first signal may be a signal for transmitting, by the control device, a request for data to the storage device, and the second signal may be a signal for detecting whether uncommon data is included in a signal generated from the first signal.
Type:
Grant
Filed:
October 31, 2016
Date of Patent:
September 21, 2021
Inventors:
Byoungik Kang, Minsoo Kim, Wonjin Kim, Philkoo Yeo, Sangchul Jung, Taedong Jung
Abstract: Systems and methods for end to end encryption are provided. In example embodiments, a computer accesses an image including a geometric shape. The computer determines that the accessed image includes a candidate shape inside the geometric shape. The computer determines, using the candidate shape, an orientation of the geometric shape. The computer determines a public key of a communication partner device by decoding, based on the determined orientation, data encoded within the geometric shape. The computer receives a message. The computer verifies, based on the public key of the communication partner device, whether the message is from the communication partner device. The computer provides an output including the message and an indication of the communication partner device if the message is verified to be from the communication partner device. The computer provides an output indicating an error if the message is not verified to be from the communication partner device.
Abstract: Examples discussed herein disclose, among other things, a method. The method includes, among other things, obtaining a plaintext, obtaining a key from a plurality of keys, and determining whether the plaintext is longer than a predefined threshold length. If the plaintext is longer than the predefined threshold length, the method may encrypt the plaintext with the key to generate a first ciphertext having a length of the plaintext, where the character at a predefined position within the first ciphertext belongs to a first subset of characters. And if the plaintext is not longer than the predefined threshold length, the method may encrypt the plaintext with the key to generate a second ciphertext, which is longer than the plaintext, where the character at the same predefined position in the second ciphertext belongs to a second subset of characters.
Abstract: In an example embodiment, a system analyzes a set of computer routines. The system may perform an analysis including a determination of a likelihood of vulnerability to unexpected behavior for one or more computer routines of the set. Based upon the analysis, the system may identify one or more computer routines of the set having the likelihood of vulnerability. The system may asynchronously and dynamically manipulate at least one of the one or more computer routines through a testing technique. The system may determine unexpected behavior of at least one of the one or more computer routines.
Abstract: Systems, methods, and processing devices for aiding with cyber intrusion investigations that includes capabilities for extracting data from a specified range of a volatile memory of a target processing device, reconstructing data structures and artifacts from the extracted data; and generating and presenting a visualization of the reconstructed data structures and the reconstructed artifacts.
Type:
Grant
Filed:
August 18, 2016
Date of Patent:
August 17, 2021
Assignee:
Volexity, Inc.
Inventors:
Aaron Walters, Michael Ligh, Steven Adair
Abstract: Systems, apparatuses, methods, and computer program products are disclosed for generating behavioral attribute data structures. An example method includes generating a video data structure comprising a video stream captured over a duration of time. The example method further includes generating a sensor data structure comprising a set of sensor data captured over the duration of time and stored in temporal relation to the video stream. The example method further includes generating, based on the video data structure, a biometric attribute data structure comprising a set of biometric attributes of the user derived from the video stream. Subsequently, the example method includes generating, based on the sensor data structure and the biometric attribute data structure, a behavioral attribute data structure comprising a set of behavioral attributes of the user derived from the set of sensor data.
Abstract: Systems and methods for tiered connection pooling are disclosed herein, which may be used in a method of fulfilling user requests in an enterprise computing system. The method involving generating, by a processing unit, a first connection pool comprising one or more previously used authenticated connections with a resource; generating, by the processing unit, a second connection pool comprising one or more unused authenticated connections with the resource; and generating, by the processing unit, a third connection pool comprising one or more unauthenticated connections with the resource; receiving, by the processing unit, a request from the user device to access the resource, the resource requiring authentication for access; and fulfilling, by the processing unit, the request based on a connection from the first, second, or third connection pool.
Abstract: Embodiments of system and methods for providing centralized management of a software defined automation (“SDA”) system are disclosed. The SDA system comprises of a collection of controller nodes and logically centralized and yet physically distributed collection of compute nodes by monitoring activities of the compute nodes. In accordance with some embodiments, one or more components of the system monitor execution, network and security environments of the system to detect an event in a first environment. In response to the detected event, at least one component in the first environment is remediated, the remediation of the first environment creating a trigger to cause remediation of at least one component in each of a second and third environments.
Type:
Grant
Filed:
October 12, 2016
Date of Patent:
August 3, 2021
Assignee:
Schneider Electric Industries SAS
Inventors:
Antonio Chauvet, Philippe Wilhelm, Merrill Harriman, Eric Alfano, Alen Mehmedagic, Andrew Lee David Kling, David Doggett, Vijay Vallala
Abstract: Disclosed are various embodiments for an authentication manager. In one embodiment, the authentication manager performs an identity verification on a network site. The authentication manager determines that a particular portable data store is present in the client computing device, and then reads a security credential from the particular portable data store. The authentication manager automatically sends data encoding the security credential to the network site.
Abstract: A communication method of an electronic device may comprise: a step of wirelessly outputting an advertisement signal at predetermined time intervals when power is supplied; a step of acquiring access information of an access repeater from an external device while outputting the advertisement signal; a step of stopping the output of the advertisement signal and accessing the access repeater on the basis of the access information of the access repeater when the access information of the access repeater is acquired; and a step of stopping the output of the advertisement signal if an elapsed time after the power is supplied is greater than a predetermined reference time.
Abstract: A system and method for international biometric identity verification between two countries; without transferring biometric information between the two countries. The system and method will replace the traditional approach of identification of uniforms and identification cards, which are easily compromised, into a secure approach of leveraging biometric information through a person's identity. This system and method are consistent with the policy of not sharing any biometric information relating to verification of identification of individuals with other countries.
Abstract: In one example in accordance with the present disclosure, a method may receiving a plaintext to be encrypted. The plaintext may include a first block, a second block and a third block. The method may include generating a preliminary ciphertext based on the first block and the second block and generating, using an encryption key, a first ciphertext using an encryption operation receiving the third block and the preliminary ciphertext as inputs. The method may also include generating, using the encryption key, a first finalized ciphertext using the encryption operation receiving the first block and the first ciphertext as inputs and generating, using the encryption key, a second finalized ciphertext using the encryption operation receiving the second block and the first finalized ciphertext as inputs.
Type:
Grant
Filed:
March 24, 2016
Date of Patent:
July 20, 2021
Assignee:
Hewlett Packard Enterprise Development LP