Patents Examined by Syed Zaidi
-
Patent number: 11621978Abstract: A method, computer program product, and system includes a processor(s) obtaining an authorization failure from a target application because an access request was denied based on insufficient permissions of a user. The processor(s) institutes a mock interface with a visual appearance of the target application. The mock interface displays predefined data and the target application displays dynamic data, from the server(s) executing the target application. The processor(s) obtains, via the mock interface, a request to change the permissions of the user to the target application, which includes a selection, by the user, through the mock interface, of one or more individual permissions displayed in the mock interface. The processor(s) automatically generates a customized security policy comprising the selection, where based on applying the customized security policy, repeating the access request results in authorized access to the target application.Type: GrantFiled: December 21, 2017Date of Patent: April 4, 2023Assignee: International Business Machines CorporationInventors: Dong Chen, Wu Mi Zhong, Ting Yin, Zhi Li Guan, Yang Liang, Shao Jun Ding
-
Patent number: 11619924Abstract: A combined visualization configuration is stored and provided by a visualization manager to a thin client HMI. Based upon the configuration, the thin client HMI accesses individual visualizations from automation components, such as automation controllers, motor controllers, camera, and so forth. Policies may be established for users and their roles, and for particular thin client HMIs, and for particular locations of or around a machine or process being monitored and/or controlled. Based on the policies, the individual visualizations are combined and may be changed if one or more of the factors changes. Interactions with the individual visualizations of the combined visualization result in signals back to the automation components originating the visualizations.Type: GrantFiled: April 13, 2017Date of Patent: April 4, 2023Assignee: Rockwell Automation, Inc.Inventors: Tim Caine, Randy Cannady
-
Patent number: 11616801Abstract: The present disclosure describes systems and methods for determining a subsequent action of a simulated phishing campaign. A campaign controller identifies a starting action for a simulated phishing campaign directed to a user of a plurality of users. The simulated phishing campaign includes a plurality of actions, one or more of the plurality of actions to be determined during execution of the simulated phishing campaign The campaign controller responsive to the starting action, communicates a simulated phishing communication to one or more devices of a user. The campaign controller determines a subsequent action of the plurality of actions of the simulated phishing campaign based at least on one of a response to the simulated phishing communication received by the campaign controller or a lack of response within a predetermined time period and initiating, responsive to the determination, the subsequent action of the simulated phishing campaign.Type: GrantFiled: December 22, 2020Date of Patent: March 28, 2023Assignee: KnowBe4, Inc.Inventor: Stu Sjouwerman
-
Patent number: 11615169Abstract: A method for dynamically authenticating and granting access to a computing system may be provided. The method comprises deriving at least one authentication question from at least one identified fact contained in a received text data. The at least one identified fact is stored in a knowledge base relating to a user profile. The method comprises conducting a textual authentication dialog. The textual authentication dialog comprises presenting the at least one authentication question and determining, based on natural language processing, that a received response comprises the at least one identified fact from which the at least one authentication question has been derived. The method comprises granting access to the computing system based on the textual authentication dialog.Type: GrantFiled: February 6, 2020Date of Patent: March 28, 2023Assignee: International Business Machines CorporationInventors: Patrizia Manganelli, Nicola Milanese, Cristina Bonanni, Domenico Raguseo
-
Patent number: 11611430Abstract: An arithmetic apparatus includes an interface and a circuity. The interface is connected to an information processing apparatus that is connected to a client apparatus and that processes data in an encrypted state. The circuitry acquires, from the information processing apparatus, encryption input data or encryption target data encrypted with a first encryption key. The circuitry decrypts the acquired, encryption input data or encryption target data with a first decryption key. Then, the circuitry executes a predetermined arithmetic operation on the decrypted arithmetic operation target data, encrypts data of an arithmetic operation result obtained by the predetermined arithmetic operation with the first encryption to key, and outputs the encrypted data of the arithmetic operation result to the information processing apparatus.Type: GrantFiled: March 27, 2020Date of Patent: March 21, 2023Assignee: AXELL CORPORATIONInventor: Yusuke Hoshizuki
-
Systems, methods, and media for media session concurrency management with recurring license renewals
Patent number: 11604856Abstract: The disclosed subject matter relates to systems, methods, and media for media session concurrency management with recurring license renewals. More particularly, the disclosed subject matter relates to using recurring license renewals for concurrent playback detection and concurrency limit enforcement for video delivery services and managing server resources for handling such recurring license renewals.Type: GrantFiled: February 3, 2020Date of Patent: March 14, 2023Assignee: Google LLCInventors: David Kimbal Dorwin, Thomas William Inskip, Mark David Scott -
Patent number: 11601461Abstract: Data that includes user data and application data that is generated during a remote desktop session to a cloud computing system is stored in cloud storage according to a risk level of the remote desktop session. The storage device has provisioned therein a plurality of storage containers, including first and second storage containers, where the first storage container stores less percentage of the user data than the second storage container. The first storage container is selected for storing the user data if the determined risk level of the remote desktop session is at a first level and the second storage container is selected for storing the user data if the determined risk level of the remote desktop session is at a second level that is lower than the first level.Type: GrantFiled: January 13, 2020Date of Patent: March 7, 2023Assignee: VMware, Inc.Inventors: Sisimon Soman, Arun Padoor Chandramohan
-
Patent number: 11593512Abstract: Described herein are a secure system for sharing private data and related systems and methods for incentivizing and validating private data sharing. In some embodiments, private data providers may register to selectively share private data under controlled sharing conditions. The private data may be cryptographically secured using encryption information corresponding to one or more secure execution environments. To demonstrate to the private data providers that the secure execution environment is secure and trustworthy, attestations demonstrating the security of the secure execution environment may be stored in a distributed ledger (e.g., a public blockchain). Private data users that want access to shared private data may publish applications for operating on the private data to a secure execution environment and publish, in a distributed ledger, an indication that the application is available to receive private data.Type: GrantFiled: May 11, 2018Date of Patent: February 28, 2023Assignee: Massachusetts Institute of TechnologyInventors: Zhizhuo Zhang, Manolis Kellis, Dianbo Liu, Anne Kim, Lauren Huang, Sandeep Nuckchady
-
Patent number: 11588828Abstract: Systems and methods are provided for automated retrieval, processing, and/or distribution of cyber-threat information using a cyber-threat device. Consistent with disclosed embodiments, the cyber-threat device may receive cyber-threat information in first formats from internal sources of cyber-threat information using an accessing component of the cyber-threat device. The cyber-threat device may receive cyber-threat information second formats from external sources of cyber-threat information using an accessing component of the cyber-threat device. The cyber-threat device may process the received cyber-threat information in the first formats and the second formats into a standard format using a processing component of the cyber-threat device. The cyber-threat device may provide the processed items of cyber-threat information to a distributor using a distributing component of the cyber-threat device.Type: GrantFiled: February 24, 2020Date of Patent: February 21, 2023Assignee: Capital One Services, LLCInventor: Nathan Weilbacher
-
Patent number: 11586762Abstract: A privacy management system that is configured to process one or more data subject access requests and further configured to: (1) enable a data protection officer to submit an audit request; (2) perform an audit based on one or more parameters provided as part of the request (e.g., one or more parameters such as how long an average request takes to fulfill, one or more parameters related to logging and/or tracking data subject access requests and/or complaints from one or more particular customer advocacy groups, individuals, NGOs, etc.); and (3) provide one or more audit results to the officer (e.g., by displaying the results on a suitable display screen).Type: GrantFiled: April 6, 2020Date of Patent: February 21, 2023Assignee: OneTrust, LLCInventors: Kabir A. Barday, Jonathan Blake Brannon, Jason L. Sabourin, Mihir S. Karanjkar, Kevin Jones, Richard A. Beaumont
-
Patent number: 11550898Abstract: Methods and systems are disclosed for an internet isolation system implemented using a browser application. The host computer system may be configured to receive a request to communicate with a first network destination. The host computer system may determine whether the first network destination is trusted or untrusted. The host computer system may instantiate a browser application. The browser application may be configured to, on a condition that the first network destination is determined to be trusted, enable communication with the first network destination via a first browser process executed in a workspace of the host computer system. The browser application may be configured to, on a condition that the first network destination is determined to be untrusted, implement an isolated computing environment using an internal isolation firewall and enable communication with the first destination via a second browser process executed in the isolated computing environment.Type: GrantFiled: October 18, 2018Date of Patent: January 10, 2023Assignee: L3 Technologies, Inc.Inventors: Glenn Coleman, Peter Martz, Kenneth Moritz
-
Patent number: 11550899Abstract: Systems and methods are provided for reducing attack surface of a software environment by removing code of an unused functionality. A security hardening module may identify a portion of code of a software, the software comprising at least one of: an operating system and an application. The security hardening module may determine whether the portion is being utilized, and in response to determining that the process is not being utilized, the security hardening module may generate a live patch that removes the portion from the code and may modify, during runtime, the software using the live patch without restarting the software.Type: GrantFiled: October 14, 2019Date of Patent: January 10, 2023Assignee: Cloud Linux Software Inc.Inventor: Kirill Korotaev
-
Patent number: 11537742Abstract: Some embodiments are directed to a data sampling device for obtaining a sample of records from a remote dataset satisfying a private criterion using multi-party computation. One or more sample providing devices store respective subdatasets of the remote dataset. The data sampling device determine a candidate size for a sample providing device; requests the sample providing device to determine a candidate sample of the candidate size from the subdataset of the sample providing device; perform a multi-party computation with the sample providing device to obtain a set of indices of records from the candidate sample satisfying the private criterion; sample a subset of the set of indices; and obtains from the sample providing device records of the candidate sample corresponding to the subset of the set of indices.Type: GrantFiled: August 21, 2019Date of Patent: December 27, 2022Assignee: Koninklijke Philips N.V.Inventors: Meilof Geert Veeningen, Peter Petrus van Liesdonk
-
Patent number: 11537741Abstract: A data manager in an enterprise provides data management of users' personal data, which is used by enterprise applications to support operations in the enterprise. The data manager obtains personal data from the enterprise applications via the use of corresponding connector modules. The data manager communicates with each connector module, which then communicates with its corresponding enterprise application to obtain personal data used by that application. The data manager can also communicate with a central database that can store personal data used by the enterprise applications. The central database can serve as a central store of personal data for the enterprise applications.Type: GrantFiled: March 5, 2019Date of Patent: December 27, 2022Assignee: SAP SEInventors: Sharath Jois, Girish Sainath
-
Patent number: 11526624Abstract: Aspects of the present disclosure provide methods, apparatuses, systems, computing devices, computing entities, and/or the like for protection of system software, or data from destruction, unauthorized modification, and/or unauthorized disclosure securing by, for example, detecting the transfer and/or processing of target data. Accordingly, a method is provided that involves: scanning a software application to identify functionality configured for processing target data; identifying fields associated with the functionality; identifying metadata associated with a field; generating, from the metadata, an identification of a type of data associated with the field; determining a location based on the processing of the target data by the functionality; determining a risk associated with the functionality processing the target data based on the location and the type of data; determining that the risk satisfies a threshold level of risk; and in response, causing an action to be performed to mitigate the risk.Type: GrantFiled: September 21, 2021Date of Patent: December 13, 2022Assignee: OneTrust, LLCInventors: Jonathan Blake Brannon, Patrick Whitney
-
Patent number: 11522703Abstract: Methods, systems, and apparatus, including computer-readable media encoded with computer program instructions, for a decentralized application ecosystem and data sharing platform. In some implementations, a system stores data for different individuals in different logical data storage areas. The system stores data indicating a set of predetermined data classifications, and for at least some of the data storage areas, the system determines and stores data classifications for data stored in an encrypted form in the data storage area. The system provides an application programming interface (API) that enables multiple different applications to access the data storage areas over a communication network. The system is configured to (i) provide access through the API to the data of data storage areas, conditioned on applications providing authorization tokens, and (ii) provide access through the API to the data classifications in the metadata that is not conditioned on providing authorization tokens.Type: GrantFiled: January 19, 2022Date of Patent: December 6, 2022Assignee: VigNet IncorporatedInventors: Praduman Jain, Josh Schilling, Dave Klein
-
Patent number: 11516223Abstract: Technologies are described for authenticating a sender identity of an online message. For example, an online message having a purported sender identity can be obtained. Various features can then be extracted from the message, including stylometric features, origin location features, attached file features for any files attached to the message, and embedded URL features. The extracted features can then be compared to a sender profile for a known sender identity matching the purported sender identity, or to one or more sender profiles for recognized suspicious senders if the purported sender identity does not match a known sender identity. The sender profile for a given sender identity can include features extracted from one or more messages previously sent by the sender identity. A global risk score for the message indicating a likelihood that the purported sender identity is inauthentic can be determined based at least in part upon the comparison.Type: GrantFiled: August 20, 2020Date of Patent: November 29, 2022Assignee: UVic Industry Partnerships Inc.Inventors: Issa Traore, Marcelo Luiz Brocardo
-
Patent number: 11501015Abstract: A secure machine learning system of a database system can be implemented to use secure shared data to train a machine learning model. To manage the model, a first user of the database can share data in an encrypted view with a second user of the database, and further share one or more functions of an application that accesses the data while the data is encrypted. The second user can access functions of the application and can call the functions to generate a trained machine learning model and further generate machine learning outputs (e.g., predictions) from the trained model.Type: GrantFiled: December 16, 2021Date of Patent: November 15, 2022Assignee: Snowflake Inc.Inventors: Monica J. Holboke, Justin Langseth, Stuart Ozer, William L. Stratton, Jr.
-
Patent number: 11501017Abstract: In a computer system (1), generated (S2) is a visual code which encodes reference information for identifying a data object linked to a person. Using a camera of a mobile communication device (2), the reference information encoded in the visual code is captured from a visual representation of the visual code and stored (S5) in the mobile communication device (2). In the mobile communication device (2), generated (S8) is a data package which includes the captured reference information and an image (23) of a document (4) of the person. The data package is transferred (S9) from the mobile communication device (2) to the computer system (1). In the computer system (1), the image of the document (4) is stored (S11) linked to the data object (10), defined by the reference information received in the data package.Type: GrantFiled: March 13, 2018Date of Patent: November 15, 2022Assignee: RINGLER INFORMATIK AGInventor: Marcel Ringler
-
Patent number: 11494484Abstract: The disclosed embodiments disclose techniques for leveraging instrumentation capabilities to enable monitoring services. During operation, an operating system kernel is instrumented to associate a sub-program with a target operation. Upon receiving a request from an application to perform the target operation, the operating system kernel executes the sub-program with kernel privileges in the process context of the application. The sub-program analyzes the memory space associated with the application to extract a desired data value. This extracted data value is returned to at least one of a specified target process or target location.Type: GrantFiled: February 19, 2020Date of Patent: November 8, 2022Assignee: Nubeva, Inc.Inventors: Greig W. Bannister, Randy Yen-pang Chou