Patents Examined by Shewaye Gelagay
-
Patent number: 11637825Abstract: A first user device can transmit an interaction request to a remote computer via a long range communication channel. The first user device can receive an authentication request message from the remote computer and can then transmit the authentication request message to a second user device via a short range communication channel. The first user device can then receive an authentication response message comprising a response value from the second user device via the short range communication channel. The first user device can then transmit the authentication response message to the remote computer causing the remote computer to verify the response value and perform further processing if the response value is verified.Type: GrantFiled: January 11, 2019Date of Patent: April 25, 2023Assignee: VISA INTERNATIONAL SERVICE ASSOCIATIONInventor: Wilson Thampi
-
Patent number: 11627121Abstract: According to one configuration, a wireless access service provider selects and assigns a particular authentication option amongst multiple different authentication options to an entity such as a wireless access point or a sub-network supported by the wireless access point. When a communication device attempts to use the corresponding wireless access point provided by the wireless access service provider, a wireless access gateway receives information from the wireless access point indicating the particular authentication option assigned to authenticate the communication device. The wireless access gateway communicates the notification of the particular authentication option to an authentication manager, which provides the wireless access gateway with network address information indicating a captive portal in which to authenticate the communication device.Type: GrantFiled: November 15, 2017Date of Patent: April 11, 2023Assignee: Charter Communications Operating, LLCInventors: Shane B. Newberg, Christopher J. Teague, Venkata R. Divvi, Cheryl A. Warne, Loay O. Kreishan
-
Patent number: 11611442Abstract: Systems and applications are described that use group signature technology to allow for anonymous and/or semi-anonymous feedback while allowing for the application of rules and parameters. The use of group signature technology may serve to potentially mitigate or prevent malicious identification of individuals or entities providing a communication such as feedback. Feedback may range from constructive feedback all the way to the ‘whistleblower’ variety. It may be desirable to identify the individuals as belonging to a particular group or having a particular status or position while maintaining the anonymity of the individuals within the particular group.Type: GrantFiled: December 18, 2019Date of Patent: March 21, 2023Assignee: Wells Fargo Bank, N.A.Inventor: Phillip H. Griffin
-
Patent number: 11601411Abstract: A caching framework for a multi-tenant cloud-based system includes a plurality of microservices, a global cache that implements a global namespace, and a plurality of tenant caches, each tenant cache corresponding to a different tenant of the multi-tenant cloud-based system. The framework further includes a common module corresponding to each of the microservices and comprising a cache application programming interface (API), and a cache module comprising a service provider interface (SPI) adapted to connect to a distributed remote cache.Type: GrantFiled: April 17, 2020Date of Patent: March 7, 2023Assignee: ORACLE INTERNATIONAL CORPORATIONInventors: Lokesh Gupta, Ashutosh Pitre
-
Patent number: 11588796Abstract: According to one embodiment, a host communicates with a data processing (DP) accelerator using an obfuscation scheme. The DP accelerator receives an obfuscation kernel algorithm (or obfuscation algorithm), where the obfuscation kernel algorithm is used to obfuscate and de-obfuscate data in communication with a host. The DP accelerator de-obfuscates, using the obfuscation kernel algorithm, obfuscated data received from the host for a prediction request to obtain one or more AI models. The DP accelerator generates prediction results by applying the one or more AI models to a prediction input. The DP accelerator obfuscates, using the obfuscation kernel algorithm, the prediction results. The DP accelerator sends the obfuscated prediction results to the host, where the host retrieves the prediction results by de-obfuscating the obfuscated prediction results.Type: GrantFiled: September 11, 2019Date of Patent: February 21, 2023Assignees: BAIDU USA LLC, KUNLUNXIN TECHNOLOGY (BEIJING) COMPANY LIMITEDInventors: Yueqiang Cheng, Hefei Zhu
-
Patent number: 11576040Abstract: A wireless enabled lighting device having the ability to retrieve credentials for a primary wireless LAN from another previously configured wireless enabled lighting device is disclosed. After installation, the lighting device may be instructed to join a secondary wireless network temporarily provided by the previously configured lighting device. Once connected to the secondary wireless network, the lighting device may be provided the credentials for the primary wireless LAN from the previously installed device. The lighting device may then join the primary wireless LAN based on the provided credentials and may automatically initiate enrollment with a remote cloud service. After enrollment, the lighting device may be instructed to operate as an access point for the secondary wireless network, thereby allowing a subsequently installed lighting device to retrieve the credentials for the primary wireless LAN from the newly enrolled lighting device.Type: GrantFiled: December 6, 2019Date of Patent: February 7, 2023Assignee: LEVITON MANUFACTURING CO., INC.Inventors: Aaron Ard, James Shurte
-
Patent number: 11575704Abstract: A method for real-time detection of and protection from steganography in a kernel mode comprises detecting transmission of a file via a firewall, an operating system, or an e-mail system. A size of the file is determined. From a file system, a stored filesize of the file is retrieved. The determined size of the file is compared to the stored filesize of the file. Responsive to the determined size of the file being larger than the stored filesize of the file, steganography detection analytics are executed on the file. Responsive to the steganography detection analytics indicating presence of steganography in the file, a steganography remediation action is executed, and information is transmitted describing the steganography to a client device.Type: GrantFiled: May 30, 2018Date of Patent: February 7, 2023Assignee: CYEMPTIVE TECHNOLOGIES, INC.Inventors: Stewart P. MacLeod, Robert Pike
-
Patent number: 11562088Abstract: A security platform uses a sensor-event-analysis-response methodology to iteratively adapt to a changing security environment by continuously creating and updating entity models based on observed activities and detecting patterns of events that deviate from these entity models.Type: GrantFiled: April 12, 2019Date of Patent: January 24, 2023Assignee: Sophos LimitedInventors: Joseph H. Levy, Andrew J. Thomas, Daniel Salvatore Schiappa, Kenneth D. Ray
-
Patent number: 11563758Abstract: A packet-filtering system configured to filter packets in accordance with packet-filtering rules may receive data indicating network-threat indicators and may configure the packet-filtering rules to cause the packet-filtering system to identify packets comprising unencrypted data, and packets comprising encrypted data. A portion of the unencrypted data may correspond to one or more of the network-threat indicators, and the packet-filtering rules may be configured to cause the packet-filtering system to determine, based on the portion of the unencrypted data, that the packets comprising encrypted data correspond to the one or more network-threat indicators.Type: GrantFiled: January 23, 2018Date of Patent: January 24, 2023Assignee: Centripetal Networks, Inc.Inventors: David K. Ahn, Sean Moore, Douglas M. Disabello
-
Patent number: 11558364Abstract: Example methods are provided for a host to perform authentication offload in a virtualized computing environment that includes the host and a destination server. The method may comprise detecting, from a virtualized computing instance, a packet destined for the destination server. The method may also comprise: in response to determination that the detected packet is an authentication request, obtaining, from the virtualized computing instance, metadata associated with a client application for which authentication is requested; and sending the authentication request and the metadata to the destination server to cause the destination server to authenticate the client application based on the metadata.Type: GrantFiled: July 18, 2017Date of Patent: January 17, 2023Assignee: NICIRA, INC.Inventors: Hong Yue, Changyan Chi, Wen Wang, Yao Zhang, Wenping Fan, Xiansheng Yu
-
Patent number: 11558748Abstract: The disclosed technology relates to a mobile terminal adapted to receive a memory card comprising a processing unit, an input interface and a card locking actuator configured to lock the memory card into the mobile terminal. The card locking actuator is controlled by the processing unit. In one aspect, the card locking actuator is configured to be locked when the mobile terminal is switched on. In another aspect, the processing unit is configured to lock the screen until a screen unlocking authentication procedure is performed by a user at the input interface and is configured to command unlocking of the card locking actuator after detecting that a predetermined authentication procedure is performed by a user at the input interface.Type: GrantFiled: December 14, 2018Date of Patent: January 17, 2023Assignee: OrangeInventors: Shi Jiao, Zhihong Guo
-
Patent number: 11552805Abstract: A form of the invention is applicable for use in conjunction with a security credential management system that produces and manages pseudonym digital certificates issued to vehicles and used by vehicles to establish trust in vehicle-to-vehicle communications, the security credential management system including a pseudonym certificate authority processor entity which issues pseudonym digital certificates to vehicles, a registration authority processor entity that validates, processes and forwards requests for pseudonym digital certificates to the pseudonym certificate authority processor entity, and a misbehavior authority processor entity that receives misbehavior reports from reporter vehicles that include information about the reporter vehicles and suspect misbehaving vehicles and is responsible for producing a list of revoked credentials; the pseudonym certificate processor entity and registration authority processor entity participating in producing linkage values to be contained within the issued pseudonType: GrantFiled: December 3, 2018Date of Patent: January 10, 2023Assignee: OnBoard Security, Inc.Inventors: Virendra Kumar, William Whyte, Abhishek Jain
-
Patent number: 11531767Abstract: A media storage and playback apparatus encrypts header fields and side-information fields within respective packets of a compressed, packetized media file to obfuscate unencrypted payload fields within the packets. After encrypting the header fields and side-information fields, the media storage and playback apparatus stores the encrypted header fields and side-information fields together with the unencrypted payload fields within a nonvolatile storage for later retrieval, decryption and playback.Type: GrantFiled: September 24, 2018Date of Patent: December 20, 2022Assignee: SUPERPOWERED INC.Inventors: Gabor Szanto, Alexander Patrick Vlaskovits
-
Patent number: 11528293Abstract: Techniques for routing a request based on a vulnerability in a processing node are disclosed. A vulnerability analyzer determines a set of detected vulnerabilities in each of a set of processing nodes. Based on the detected vulnerabilities, the vulnerability analyzer determines a respective vulnerability score for each processing node. A routing engine receives a request to be processed by at least one of the set of processing nodes. The routing engine selects a particular node for processing the request based on the detected vulnerabilities in one or more of the set of processing nodes. The routing engine may select the particular node based on the vulnerability scores of the set of processing nodes. Additionally or alternatively, the routing engine may select the particular node based on whether the particular node includes any vulnerability that may be exploited by the request.Type: GrantFiled: July 23, 2020Date of Patent: December 13, 2022Assignee: Oracle International CorporationInventors: Ajai Joy, Sarat Aramandla
-
Patent number: 11509457Abstract: The present invention concerns a method for secure data classification by a computer platform. A client sends to the platform data to be classified in encrypted form using a first symmetric key. Similarly, a supplier sends to the platform parameters of a classification model in encrypted form using a second symmetric key. The invention uses a homomorphic cryptosystem defined by a public key and a private key. The platform performs a first transcryption step by deciphering the data to be classified in the homomorphic domain and a second transcryption step by deciphering the model parameters in the homomorphic domain. The classification function is then evaluated in the homomorphic domain for providing a classification result encrypted by said public key.Type: GrantFiled: December 8, 2017Date of Patent: November 22, 2022Assignee: COMMISSARIAT A L'ENERGIE ATOMIQUE ET AUX ENERGIES ALTERNATIVESInventors: Sergiu Carpov, Renaud Sirdey, Oana Stan
-
Patent number: 11494503Abstract: A cloud-based data governance system includes a processing unit, a network adapter, and memory for storing data and code. The network adapter establishes a connection with a remote data storage system associated with a remote file system over a wide-area network (WAN). The code includes an event collection interface, a data governance service, and an enforcement service. The event collection interface is configured to capture an event from the remote data storage system. The event is indicative of a file system operation executed on a data object of the remote file system. The data governance service is configured to receive the event from the event collection interface and to process the event to determine whether the file system operation conflicts with a governance policy of the data governance system. The enforcement service executes a set of remediation actions if the file system operation does conflict with the governance policy.Type: GrantFiled: April 14, 2017Date of Patent: November 8, 2022Assignee: Egnyte, Inc.Inventors: Amrit Jassal, Shishir Sharma, Sean H. Puttergill, Ramakrishnan Sundararaj
-
Patent number: 11477191Abstract: A system including a mobile terminal having an authenticator, a TPM with tamper resistance and a voice assistant. The voice assistant makes a process request corresponding to voice input of a user to a server in accordance with the input, receives a biometric authentication request from the server, makes a request for a biometric authentication process to the mobile terminal of the user in accordance with the request for biometric authentication via wireless communication, and transmits an authentication result from the mobile terminal to a server. The mobile terminal executes the biometric authentication process using biometric information stored in the authenticator and the TPM in accordance with the request for the biometric authentication process from the voice assistant, and transmits an authentication result to the voice assistant.Type: GrantFiled: September 26, 2018Date of Patent: October 18, 2022Assignee: CANON KABUSHIKI KAISHAInventor: Nao Funane
-
Patent number: 11461505Abstract: A method for obfuscation of operations using minimal additional hardware is presented herein. The method can begin by executing a first iteration of a set of computations, the execution of the set of computations resulting in a first iteration output. The method can continue by executing a second iteration of the set of computations, wherein the second execution is distinct from the first iteration but should satisfy a matching condition. The distinction can be a rearrangement of sub-operations, insertion of dummy sub-operations, or a combination of the two. After the iterations are complete, the iteration outputs can be compared. If the comparison of the first iteration output and the second iteration output satisfy the matching condition, the process result can be output. If the matching condition is not satisfied, an error detected signal can be output.Type: GrantFiled: October 17, 2019Date of Patent: October 4, 2022Assignee: ARM LIMITEDInventors: Michael Weiner, Oded Golombek, David Yellin
-
Patent number: 11436354Abstract: One example method includes transmitting, from a client, a remote procedure call (RPC) to a fileserver of a data protection system, the RPC including information identifying an export, then receiving, at the client, node information concerning the export, and the node information concerns a master pseudofs of the fileserver. Finally, the example method includes creating, at the client, a sparse client-specific pseudofs that is based on the node information received from the fileserver, and the sparse client-specific pseudofs includes fewer than all the master pseudofs nodes that the client is authorized to access.Type: GrantFiled: January 30, 2018Date of Patent: September 6, 2022Assignee: EMC IP HOLDING COMPANY LLCInventors: Robert L. Fair, Thomas R. Vanderputten
-
Patent number: 11431688Abstract: Disclosed is a method that includes training, at a client, a part of a deep learning network up to a split layer of the client. Based on an output of the split layer, the method includes completing, at a server, training of the deep learning network by forward propagating the output received at a split layer of the server to a last layer of the server. The server calculates a weighted loss function for the client at the last layer and stores the calculated loss function. After each respective client of a plurality of clients has a respective loss function stored, the server averages the plurality of respective weighted client loss functions and back propagates gradients based on the average loss value from the last layer of the server to the split layer of the server and transmits just the server split layer gradients to the respective clients.Type: GrantFiled: October 12, 2021Date of Patent: August 30, 2022Assignee: TripleBlind, Inc.Inventors: Gharib Gharibi, Ravi Patel, Babak Poorebrahim Gilkalaye, Praneeth Vepakomma, Greg Storm, Riddhiman Das