Patents Examined by Shaqueal D Wade
-
Patent number: 11636334Abstract: A system having multiple devices that can host different versions of an artificial neural network (ANN). In the system, inputs for the ANN can be obfuscated for centralized training of a master version of the ANN at a first computing device. A second computing device in the system includes memory that stores a local version of the ANN and user data for inputting into the local version. The second computing device includes a processor that extracts features from the user data and obfuscates the extracted features to generate obfuscated user data. The second device includes a transceiver that transmits the obfuscated user data. The first computing device includes a memory that stores the master version of the ANN, a transceiver that receives obfuscated user data transmitted from the second computing device, and a processor that trains the master version based on the received obfuscated user data using machine learning.Type: GrantFiled: August 20, 2019Date of Patent: April 25, 2023Assignee: Micron Technology, Inc.Inventors: Samuel E. Bradshaw, Shivasankar Gunasekaran, Sean Stephen Eilert, Ameen D. Akel, Kenneth Marion Curewitz
-
Patent number: 11632245Abstract: Techniques are described to generate a first security key when a user equipment operating in an inactive state initiates a data transmission or a procedure to resume network connection. The first security key is generated based on a second security key associated with a first network node and a counter value, and the first security key is associated with a second network node and is used to generate user plane security keys to transmit data to or to receive data from one or more network nodes.Type: GrantFiled: January 27, 2021Date of Patent: April 18, 2023Assignee: ZTE CorporationInventors: Jianxun Al, He Huang
-
Patent number: 11632672Abstract: A multi-hop mesh network includes a root network device and a first network device. The first network device is configured to establish a first direct wireless connection with the root network device and negotiate a first shared secret key with the root network device. The multi-hop network further includes a second network device configured to establish a second direct wireless connection with the first network device and negotiate a second shared secret key with the first network device.Type: GrantFiled: December 30, 2019Date of Patent: April 18, 2023Assignee: TEXAS INSTRUMENTS INCORPORATEDInventors: Feng L. Mo, Jianwei Zhou, Xiaolin Lu, Il Han Kim, Kaichien Tsai
-
Patent number: 11615213Abstract: An encrypted data storage system and method based on offsite key storage are provided, comprising the system includes a key control center, an offsite key storage system, and a data encryption/decryption storage system. The offsite key storage system includes a first key control device, a key storage device, and a first quantum key distribution device. The data encryption/decryption storage system includes a second key control device, a data encryption/decryption storage device, and a second quantum key distribution device. The first quantum key distribution device is in quantum communication connection with the second quantum key distribution device. The first key control device is communicatively connected with the key storage device and the first quantum key distribution device, respectively.Type: GrantFiled: July 23, 2018Date of Patent: March 28, 2023Assignee: ANHUI ASKY QUANTUM TECHNOLOGY CO., LTD.Inventors: Zhengfu Han, Jianfeng Wang, Chunhua Miao, Kai Yin, Jingjing Liu, Yun Liu
-
Patent number: 11611431Abstract: The technology disclosed herein provides network bound encryption that enables a trusted execution environment to persistently store and access recovery data without persistently storing the decryption key.Type: GrantFiled: July 1, 2020Date of Patent: March 21, 2023Assignee: Red Hat, Inc.Inventors: Michael Hingston McLaughlin Bursell, Nathaniel Philip McCallum
-
Patent number: 11611435Abstract: A cryptographic key of a first instance of a group of one or more cloud nodes providing a service is managed. A request to share the cryptographic key with a second instance of a different group of one or more cloud nodes is received. A determination is made whether the second instance is allowed to access the cryptographic key. In response to a determination that the second instance is allowed to access the cryptographic key, the cryptographic key is encrypted with a target key of the second instance and the encrypted cryptographic key is signed using a cryptographic signature of the first instance. The signed encrypted cryptographic key is provided to the second instance.Type: GrantFiled: January 15, 2021Date of Patent: March 21, 2023Assignee: ServiceNow, Inc.Inventors: Shicheng Zhang, Huiqing Wen, Gregory Frederick Gibsen, Shu-Wei Hsu, Pierre Francois Rohel
-
Patent number: 11601259Abstract: The present disclosure relates to a method of creating a trusted bond between a hearing device and a user accessory device, wherein the method comprises: transmitting, by a hearing device fitting system, an authentication key to the hearing device; creating, by the hearing device fitting system authentication data comprising the authentication key in encrypted form; obtaining, by the user accessory device, the created authentication data; receiving, by the user accessory device, identification information from the hearing device the identification information identifying the hearing device; decrypting, by the user accessory device, the encrypted authentication key comprised in the obtained authentication data using at least the received identification information; establishing communication between the hearing device and the user accessory device based on the authentication key.Type: GrantFiled: February 25, 2022Date of Patent: March 7, 2023Assignee: GN HEARING A/SInventor: Allan Munk Vendelbo
-
Patent number: 11593490Abstract: An Information Handling System (IHS) includes multiple hardware devices, and a baseboard Management Controller (BMC) in communication with the plurality of hardware devices. The BMC includes instructions for executing an assistance application (APP) in an untrusted domain of the BMC. The assistance APP configured to monitor a custom BMC firmware stack executed in the untrusted domain. The instructions are further executed to verify an integrity of the assistance APP from a trusted domain of the BMC by encrypting communications between the trusted and untrusted domains using an encryption key that comprises a function of a time counter value.Type: GrantFiled: July 28, 2021Date of Patent: February 28, 2023Assignee: Dell Products, L.P.Inventors: Eugene David Cho, Mario Alberto Sanchez, Akkiah Choudary Maddukuri, Marshal F. Savage, Paul W. Vancil
-
Patent number: 11595209Abstract: There is provided an information processing system including: a first apparatus (10a) that divides a user key (UK) of a share-source user through a secret distribution process to generate a plurality of distribution keys (S1 and S2); a second apparatus (10b) that sends a processing request to execute a predetermined process by using one of a plurality of the distribution keys generated by the first apparatus; and a third apparatus (20) that makes a determination based on one of a plurality of the distribution keys generated by the first apparatus and the processing request received from the second apparatus.Type: GrantFiled: May 22, 2019Date of Patent: February 28, 2023Assignee: SONY CORPORATIONInventors: Shinya Maruyama, Atsushi Uchida
-
Patent number: 11595190Abstract: An encrypted data storage system includes a storage system that is configured to store encrypted data, and a first client device that is coupled to the storage system. The first client device performs a hash operation on first data to generate a Data Encryption Key (DEK), and uses the DEK to perform a data encryption operation on the first data to generate encrypted first data. The first client device then uses a first Key Encryption Key (KEK) to perform a first key encryption operation on the DEK to generate a first encrypted DEK, associates the first encrypted DEK with the encrypted first data, and transmits the encrypted first data to the storage system for storage.Type: GrantFiled: January 27, 2021Date of Patent: February 28, 2023Assignee: Dell Products L.P.Inventors: Radia Perlman, Charles Kaufman
-
Patent number: 11595191Abstract: A storage apparatus sends a request for a key encryption key to a key management server using a storage apparatus ID as a parameter, acquires the key encryption key, for which a request has been sent to the key management server, and its attribute information, and stores the key encryption key and its attribute information in a key encryption key list while eliminating the key encryption key that is duplicated. Then, in the order listed in the key encryption key list, decryption of the encryption key is attempted by the key encryption key stored in the key encryption key list, and the success or failure of the decryption of the encryption key is determined. When the decryption of the encryption key using the key encryption key fails, the decryption of the encryption key is attempted using a key encryption key, which has not been attempted yet, in the key encryption key list.Type: GrantFiled: February 19, 2021Date of Patent: February 28, 2023Assignee: Hitachi, Ltd.Inventors: Yutaka Yoshida, Mioko Moriguchi
-
Patent number: 11589228Abstract: Techniques to protect a subscriber identity, by encrypting a subscription permanent identifier (SUPI) to form one-time use subscription concealed identifiers (SUCIs) using a set of one-time ephemeral asymmetric keys, generated by a user equipment (UE), and network provided keys are disclosed. Encryption of the SUPI to form the SUCIs can mitigate snooping by rogue network entities, such as fake base stations. The UE is restricted from providing the unencrypted SUPI over an unauthenticated connection to a network entity. In some instances, the UE uses a trusted symmetric fallback encryption key KFB or trusted asymmetric fallback public key PKFB to verify messages from an unauthenticated network entity and/or to encrypt the SUPI to form a fallback SUCIFB for communication of messages with the unauthenticated network entity.Type: GrantFiled: May 11, 2018Date of Patent: February 21, 2023Assignee: Apple Inc.Inventors: Xiangying Yang, Huarui Liang, Lijia Zhang, Shu Guo, Haijing Hu, Fangli Xu, Yuqin Chen, Dawei Zhang, Li Li
-
Patent number: 11588849Abstract: Embodiments of the present invention provide a system for providing enhanced cryptography based response mechanism for malicious attacks. The system is configured for generating one or more tracker seeds, storing the one or more tracker seeds in at least one entity system associated with an entity, identifying a malicious event associated with data in the at least one entity system, in response to identifying the malicious event, identifying an encryption algorithm key pair for the malicious event based on the one or more tracker seeds, and decrypting the data in the at least one entity system based on the encryption algorithm key pair.Type: GrantFiled: January 27, 2021Date of Patent: February 21, 2023Assignee: BANK OF AMERICA CORPORATIONInventors: Brandon Sloane, Regina Yee Cadavid, Gloria Joo, Jinyoung Nathan Kim, Ram Korlepara, Elliott Leonard Lillard, Nia Mack, Philip Lone Mintac, Michael Jacob Richardson, Srilekha Mudumbai Srinivasa
-
Patent number: 11588695Abstract: A customer premises device may include a memory configured to store day 0 configuration instructions, a first network interface to couple to an out-of-band network, a second network interface operatively coupled to a customer network, and at least one processor configured to automatically and without user input execute the day 0 configuration instructions. The at least one processor is configured to establish and maintain a secure tunnel connection with a security gateway device via the out-of-band network and to establish a connection with a configuration platform on the provider network via the secure tunnel connection. Orchestration instructions for configuring one or more VNFs are received from the configuration platform via the tunnel connection. The at least one processor is further configured to receive VNF management instructions via the secure tunnel connection, wherein the VNF management instructions include one of: updates, reconfigurations, or patches.Type: GrantFiled: August 16, 2021Date of Patent: February 21, 2023Assignee: Verizon Patent and Licensing Inc.Inventors: Sivanaga Ravi Kumar Chunduru Venkata, Vinod Ramalingam, Brian E. Stephenson, Manish K. Srivastava, Ramesh Nadella
-
Patent number: 11582189Abstract: A method for filtering communication data arriving from a communication partner via a communication connection, which provides access to at least one storage means of a receiving data processing device having at least one computation unit, in the data processing device, wherein PCI Express, in an interface unit, receiving the communication data, of the data processing device, a filter means, at least part of which is embodied as hardware, is used so that, according to configuration information, prescribed on the data processing device, containing at least one approval condition that rates the at least one property of the useful data contained in the communication data, only the communication data meeting at least one approval condition are forwarded from the interface unit to at least one further component of the data processing device.Type: GrantFiled: August 22, 2018Date of Patent: February 14, 2023Assignee: AUDI AGInventors: Changsup Ahn, Kamil Zawadzki, Markus Klein, Hans Georg Gruber
-
Patent number: 11568066Abstract: Example methods and systems disclosed herein facilitate the introduction and use of client-specified object encryption within a computing environment using remote third-party storage systems, where data objects stored on the remote third-party storage systems were previously either stored in unencrypted form or encrypted with a single key tied to an account that owns the data. In some embodiments, the encryption is introduced into the system in gradual stages, so as to minimize or entirely eliminate data availability downtime. In some embodiments, the introduction of client-specified object encryption involves registration of a user function on the third-party storage system, where the user function handles object decryption in response to requests of content consumers for data objects stored by the third-party storage system.Type: GrantFiled: August 13, 2021Date of Patent: January 31, 2023Assignee: Uber Technologies, Inc.Inventor: Ashish Kurmi
-
Patent number: 11556660Abstract: Provided is a method for erasing security-relevant information in a device, having the method steps of: ascertaining at least one movement parameter of the device over time, monitoring the ascertained movement parameters over time on the basis of at least one prescribed movement pattern, and triggering an erase process for the security-relevant information if the ascertained movement parameter over time is consistent with the at least one prescribed movement pattern. An apparatus and a computer program product for carrying out the method to ensure that security-relevant data of the device are erased reliably and completely even in the event of an accident or another unforeseen event is also provided.Type: GrantFiled: April 13, 2017Date of Patent: January 17, 2023Assignee: SIEMENS AKTIENGESELLSCHAFTInventor: Rainer Falk
-
Patent number: 11558382Abstract: In general, techniques are described for supporting bulk delivery of change of authorization data in authentication, authorization, and accounting (AAA) protocols, where delivery is performed as a change of authorization after a subscriber has successfully authenticated and initially authorized. In one example, the techniques are directed to a method including determining, by a RADIUS server for a service provider network, change of authorization data for services to which the subscriber of the service provider network has subscribed. The method further includes generating, by the RADIUS server, RADIUS messages that form a transaction between the RADIUS server and a network access server acting as a RADIUS client. The RADIUS messages provide all of the change of authorization data to the network access server prior to the network access server provisioning the services. The method further includes outputting, by the RADIUS server, the RADIUS messages to the network access server.Type: GrantFiled: April 29, 2021Date of Patent: January 17, 2023Assignee: Juniper Networks, Inc.Inventors: John Gibbons, Paul Raison, Sunil Madhaorao Gandhewar
-
Patent number: 11558410Abstract: A computer-implemented method and device for analyzing network packet traffic flow affected by a network security device in a communication network. Received in a network monitoring device is packet traffic flow data from a network security device that filters network traffic based upon prescribed security filter settings. The network monitoring device analyzes the received packet traffic flow data by correlating the received traffic flow data with the security filter settings prescribed in the network security device. Certain statistics are identified regarding the network traffic flow affected by the security filter settings of the network security device based upon the correlating of the received traffic flow data with the security filter settings prescribed in the network security device. A report regarding the identified statistics is preferably sent to a network administrator.Type: GrantFiled: May 19, 2020Date of Patent: January 17, 2023Assignee: Arbor Networks, Inc.Inventors: Scott Iekel-Johnson, James Edward Winquist, David Watson
-
Patent number: 11546764Abstract: In accordance with some embodiments, an apparatus for privacy protection is provided. The apparatus includes a housing arranged to hold a personal communication device and a peripheral interface supported by the housing, where the peripheral interface is connectable to a supplemental functional device. The apparatus further includes a local communication device coupled to the peripheral interface and supported by the housing, where the local communication device includes a personal communication device interface modem operable to provide a communication channel between the peripheral interface and the personal communication device. The apparatus further includes a controller coupled to the peripheral interface and the local communication device, where the controller is operable to manage the communication channel between the supplemental functional device and the personal communication device.Type: GrantFiled: March 29, 2021Date of Patent: January 3, 2023Assignee: PPIP, LLCInventors: Michael Fong, Neric Hsin-wu Fong, Teddy David Thomas, Haydn Bennett Taylor