Patents Examined by Taghi Arani
-
Patent number: 10025937Abstract: Techniques are disclosed for dynamically managing hardening policies in a client computer (e.g., of an enterprise network). A hardening management application monitors activity on the client computer that is associated with a first hardening policy. The monitored activity is evaluated based on one or more metrics. Upon determining that at least one of the metrics is outside of a tolerance specified in the first hardening policy, the client computer is associated with a second hardening policy. The client computer is reconfigured based on the second hardening policy.Type: GrantFiled: June 26, 2015Date of Patent: July 17, 2018Assignee: Symantec CorporationInventors: Anand Kashyap, Kevin A. Roundy, Sandeep Bhatkar, Aleatha Parker-Wood, Christopher Gates, Yin Liu, Leylya Yumer
-
Patent number: 9992190Abstract: Even when an intermediate server exists, a plurality of servers simultaneously authenticates a user securely. A user apparatus disperses a password. The user apparatus obtains a ciphertext, which is obtained by encrypting a dispersed value. The intermediate server transmits the ciphertext to an authentication server. The authentication server decrypts the ciphertext to obtain the dispersed value. The authentication server determines a verification value. The authentication server obtains a ciphertext. The intermediate server decrypts the ciphertext to obtain the verification value. The intermediate server verifies whether a sum total of the verification values is equal to 0 or not. The authentication server determines a verification value. The authentication server obtains a ciphertext. The authentication server decrypts the ciphertext to obtain the verification value. The authentication server verifies whether a sum total of the verification values is equal to 0 or not.Type: GrantFiled: August 21, 2014Date of Patent: June 5, 2018Assignee: NIPPON TELEGRAPH AND TELEPHONE CORPORATIONInventors: Ryo Kikuchi, Dai Ikarashi, Koji Chida, Koki Hamada
-
Patent number: 9977917Abstract: A content management system implementing methodologies providing retroactive shared content item links is disclosed. The content management system and methodologies allow a team administrator of a team to configure a team-wide shared link policy that determines whether non-team members can access content items associated with team accounts using shared links generated for the content items by team members. The team shared link policy has two settings. In a first setting, the content management system allows non-team members to use shared links generated by team members to access content items associated with team accounts. In a second setting, the content management system blocks access to the content items by non-team members. Shared links are retroactive in the sense they do not need to be regenerated after the team shared link policy has been changed from the second setting back to the first setting.Type: GrantFiled: June 30, 2017Date of Patent: May 22, 2018Assignee: Dropbox, Inc.Inventors: Anand Subramani, Mark Delamere, Jonathan Vincent, Philip Rha, Emil Ibrishimov, Thomas Carriero, Francois Alexander Allain
-
Patent number: 9977899Abstract: In an aspect, a method can include generating a cyclic redundancy check code for a binary data item, using a generator polynomial; and masking, using polynomial addition, the binary data item with a binary mask. The method can also include at least one of: storing, by a microcircuit, the masked binary data item in a memory of an electronic device; or transferring, by the microcircuit, the masked data item to another device. The cyclic redundancy check code for the binary data item can be generated from the masked binary data item to prevent discovery of the binary data item by a side-channel attack during the generating the cyclic redundancy check. The binary mask can be a multiple of a random number and the generator polynomial, such that respective cyclic redundancy check code of the masked data item and the binary data item have a same result.Type: GrantFiled: March 26, 2013Date of Patent: May 22, 2018Assignee: Inside SecureInventors: Mylène Roussellet, Vincent Verneuil
-
Patent number: 9965530Abstract: A computing device may include a presence-sensitive display, at least one processor, and a memory storing instructions that, when executed by the at least one processor, cause the at least one processor to output, for display at the presence-sensitive display, a graphical keyboard including a plurality of keys and a suggestion region; determine, based on a selection of the suggestion region or one or more keys from the plurality of keys, a search query; retrieve one or more search results determined based on the search query; and output, in place of at least a portion of the graphical keyboard, a visual representation of a particular search result of the one or more search results.Type: GrantFiled: April 20, 2016Date of Patent: May 8, 2018Assignee: Google LLCInventors: Muhammad Mohsin, Pranay Gupta, Michael Burks
-
Patent number: 9953157Abstract: An application creating apparatus generates first authentication information using an authentication element is provided. The apparatus includes an application module when the application module is created, inserts the first authentication information into the application module, and distributes the application module. A user digital device that executes the application module checks the authentication element and the first authentication information included in the application module, generates second authentication information for the authentication element, and determines whether to execute the application module based on a result of comparison between the first authentication information and the second authentication information.Type: GrantFiled: October 23, 2014Date of Patent: April 24, 2018Assignee: Samsung Electronics Co., Ltd.Inventors: Jae-Mok Hong, Jin-Ho Ko, Tae-Do Bae, Nam-Geol Lee
-
Patent number: 9948624Abstract: Disclosed is a key downloading method. The method comprises: sending a hardware series number (SN) and a first random number (Rnd1) to a key server; receiving a second random number (Rnd2), a first encrypted text (C1) and a key server working certificate (KSWCRT) sent by the key server; authenticating the validity of KSWCRT by using a KSRCRT; if valid, extracting a public key (PuKS) from the KSWCRT, and decrypting the first encrypted text (C1) by using the PuKS to obtain a third random number (Rnd1?); determining whether Rnd1 is consistent with Rnd1?; if consistent, encrypting the second random number (Rnd2) by using a terminal authentication public key (TKP_Pu) to generate a third encrypted text (C2?), and sending the C2? to the key server; receiving an key encrypted text (Ctmk) sent by the key server; and obtain a master key (TMK), and storing the TMK in a security control module.Type: GrantFiled: January 23, 2014Date of Patent: April 17, 2018Assignee: FUJIAN LANDI COMMERCIAL EQUIPMENT CO., LTDInventors: Wenlong Su, Luqiang Meng, Yixuan Hong
-
Patent number: 9942252Abstract: One or more proxy logs are processed in order to generate a graph of domains, wherein those domain pairs in the graph that are connected have low support and high confidence. One or more domains within the graph that are highly connected to other domains in the graph are identified. The identified domains are flagged as suspicious domains.Type: GrantFiled: December 21, 2015Date of Patent: April 10, 2018Assignee: EMC IP Holding Co. LLCInventors: Anirudh Kondaveeti, Jin Yu
-
Patent number: 9940485Abstract: Disclosed are a password entry method and system. In the present invention, an intelligent display terminal receives a password entry instruction of a user, and randomly generates image data of a soft keyboard; the intelligent display terminal decomposes the image data of the soft keyboard into image data of a first soft keyboard and image data of a second soft keyboard by using a subtractive color process; the intelligent display terminal displays an image of the first soft keyboard according to the image data of the first soft keyboard, and sends the image data of the second soft keyboard to a portable display terminal; and the portable display terminal combines the image data of the first soft keyboard and the image data of the second soft keyboard by using an additive color process to restore an image of the soft keyboard, and displays the image of the soft keyboard.Type: GrantFiled: December 11, 2014Date of Patent: April 10, 2018Assignee: SHENZHEN TCL NEW TECHNOLOGY CO., LTDInventor: Feng Jiang
-
Patent number: 9940461Abstract: A method for allowing an operating system (OS), to access an encrypted data storage system of a computer, wherein: the data storage system comprises: a partition; and first encrypted data units that comprise partition table data of said data storage system; and said computer is connectable to an external device comprising: a boot loader for an external OS that is not installed on the computer; and partitioning information capturing an expected location of said partition in the data storage system; and wherein second encrypted data units that comprise reference partition table data for said data storage system are available from said computer or said external device, the method comprising: upon connection of said external device to the computer, instructing to boot the computer from said boot loader; and during or after booting of the computer: comparing the first and second encrypted data units; and if the first and second encrypted data units match, allow the external OS to access, based on the partitioningType: GrantFiled: July 23, 2015Date of Patent: April 10, 2018Assignee: International Business Machines CnmnrationInventors: Peter Buhler, Thomas Gschwind, Paolo Scotton
-
Patent number: 9935768Abstract: A system on chip includes a central processing unit and a key manager coupled to the central processing unit. The key manager includes a random number generator configured to generate a key and a key memory configured to store the key and a user setting value associated with the key.Type: GrantFiled: April 11, 2014Date of Patent: April 3, 2018Assignee: Samsung Electronics Co., Ltd.Inventors: Hyesoo Lee, Jaechul Park, Yun-Ho Youm, Kyungae Kim, TongPyo Hong
-
Patent number: 9934383Abstract: The present invention is notably directed to a method for allowing an operating system, or OS, to access an encrypted data storage system of a computer (10), wherein: the data storage system (11) comprises: a partition (122); and first encrypted data units (120) that comprise partition table data of said data storage system; and said computer (10) is connectable to an external device (20) comprising: a boot loader (24) for an external OS (112) that is not installed on the computer; and partitioning information (22) capturing an expected location of said partition (122) in the data storage system; and wherein second encrypted data units (220) that comprise reference partition table data for said data storage system are available from said computer (10) or said external device, the method comprising: upon connection (S21) of said external device (20) to the computer, instructing to boot (S23) the computer (10) from said boot loader (24); and during or after booting of the computer: comparing (S25) the first (12Type: GrantFiled: April 14, 2015Date of Patent: April 3, 2018Assignee: International Business Machines CorporationInventors: Peter Buhler, Thomas Gschwind, Paolo Scotton
-
Selectively enabling and disabling biometric authentication based on mobile device state information
Patent number: 9923930Abstract: Methods, systems, and computer-readable media for selectively enabling and disabling biometric authentication are presented. In some embodiments, a computing platform may receive, from a device monitoring and management computer system, a device state indicator message comprising device state information associated with a mobile computing device. Subsequently, the computing platform may set a biometric authentication flag for the mobile computing device based on the device state indicator message received from the device monitoring and management computer system. Then, the computing platform may generate an authentication functionality message for the mobile computing device based on the biometric authentication flag set for the mobile computing device, and the authentication functionality message may be configured to selectively enable or disable one or more biometric authentication functions provided by the mobile computing device.Type: GrantFiled: November 19, 2015Date of Patent: March 20, 2018Assignee: Bank of America CorporationInventors: Xianhong Zhang, Wenhui Meng, Kalyan V. Pasumarthi, Elizabeth S. Votaw, Andrew T. Keys, Apeksh M. Dave -
Patent number: 9923717Abstract: One of n?2 servers, connectable via a network, implements a cryptographic protocol using a secret key K which is shared between the n servers, and includes first and second server compartments. The first is connectable to the network, adapted to implement the cryptographic protocol, and stores a current key share of the secret key K. The second is inaccessible from the network in the operation of the server, stores a set of master keys, and is adapted, for each of successive time periods, to unilaterally generate a new key share of the secret key K and to supply it to the first as the current key share for that time period. The new key share includes a random share of a predetermined value p which is shared between the n servers, and the random share includes a function of the set of master keys.Type: GrantFiled: October 7, 2015Date of Patent: March 20, 2018Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Jan L. Camenisch, Anja Lehmann, Gregory Neven
-
Patent number: 9900148Abstract: A method for validating a signature request for a first message M, comprising: receiving, a validation challenge (VC) from a signature creation device (SCD), the VC created by the SCD, in response to receiving the signature request and message M from a user, using a second message M? which is based on message M and a secret shared between the SCD and user, the VC generated by encrypting message M? using the secret; generating, the message M? from the VC by decrypting the VC using the secret; displaying the message M? to the user; receiving confirmation from the user that the displayed message M? corresponds to the message M; generating, a validation code confirming the signature request to create a signature; and outputting the code to the SCD, to cause the SCD to generate the signature for the user for message M based on successfully verifying the code.Type: GrantFiled: June 2, 2017Date of Patent: February 20, 2018Assignee: Cryptomathic Ltd.Inventors: Guillaume Forget, Torben Pryds Pedersen, Peter Landrock
-
Patent number: 9900158Abstract: A system for cryptographically authenticated communication, wherein an activation signal is sent from a communications device to a memory device (410). The memory device derives a random challenge from at least one physical property of the activation signal and sends it back to the communications device (420). A signature is computed using the received random challenge (440) and sent, together with a certificate, to the memory device (450).Type: GrantFiled: March 23, 2012Date of Patent: February 20, 2018Assignee: Nokia Technologies OyInventors: Vesa-Veikko Luukkala, Sampo Sovio, Harald Kaaja, Sergey Boldyrev, Ian Oliver
-
Patent number: 9886597Abstract: The invention relates to a data-processing method that includes encoding a plurality of data of n bits into code words having a predefined constant Hamming weight, characterized in that said method also includes using (4000) encryption operations or arithmetic operations on the resulting code word(s) and also in that encoding each datum includes: decomposing (100) the datum into a plurality of m bit sequences to be encoded, m strictly being less than n; encoding (300) each bit sequence into a partial code word, each having a predefined Hamming weight, such that the sum of the Hamming weights of the partial code words are equal to the Hamming weights of the code word; and concatenating (300) the partial code words such as to produce the code word corresponding to the datum. The invention also relates to a data transmission method and to an electronic circuit configured to implement said methods.Type: GrantFiled: January 17, 2014Date of Patent: February 6, 2018Assignee: MORPHOInventors: Julien Bringer, Victor Servant
-
Patent number: 9871769Abstract: A communication method to publish a user message suitable for one or more vendors. The communication method may be performed by one or more controllers and may include one or more acts of receiving a message from a user station of a user; processing the received message to anonymize the message to conceal an identity of the user; publishing the anonymized message and anonymous link information; receiving a request from a vendor of the one or more vendors for user context information corresponding to the user in response to the published anonymized message; receiving restriction information in accordance with a user persona selected by the user from a plurality of user personas that are each associated with the user; and providing the user context information in accordance with the restriction information.Type: GrantFiled: August 22, 2011Date of Patent: January 16, 2018Assignee: ORANGEInventors: Julian Gay, Alfred Chioiu
-
Patent number: 9866393Abstract: A system and method for generating a signature for a document using an identity verification token. The identity verification token receives a request that includes a set of credential data from a signatory, obtains a document identifier that identifies the document to a service provider, and obtains a token identifier that identifies the identity verification token to the service provider. The identity verification token generates the signature based at least in part on the obtained document identifier, the received set of credential data, and obtained the token identifier, and provides the signature.Type: GrantFiled: December 22, 2014Date of Patent: January 9, 2018Assignee: Amazon Technologies, Inc.Inventors: Dylan Harris Rush, Darren Ernest Canavor, Daniel Wade Hitchcock, Jesper Mikael Johansson, Jon Arron McClintock
-
Patent number: 9853979Abstract: Policy changes are propagated to access control devices of a distributed system. The policy changes are given immediate effect without having to wait for the changes to propagate through the system. A token encodes the policy change and can be provided in connection with access requests. Before an access control device has received a propagated policy change, the access control device can evaluate a token provided in connection with a request to determine, consistent with the policy change, whether to fulfill the request.Type: GrantFiled: March 11, 2013Date of Patent: December 26, 2017Assignee: AMAZON TECHNOLOGIES, INC.Inventors: Gregory Branchek Roth, Matthew James Wren