Patents Examined by Tongoc Tran
-
Patent number: 10776520Abstract: A system and method include a shield application executing on a processor. The shield application can convert a business application to provide data isolation between the business application and personal applications, and data sharing between the business application and other business applications, e.g., in the bring-your-own-device and enterprise mobility management scenarios.Type: GrantFiled: September 14, 2016Date of Patent: September 15, 2020Assignee: Northwestern UniversityInventors: Yan Chen, Zhengyang Qu, Vaibhav Rastogi
-
Patent number: 10778650Abstract: In accordance with embodiments of the present disclosure, a method may include: (i) retrieving a profile from a management controller of an information handling system, the management controller configured to provide management of the information handling system via management traffic communicated between the management controller and a dedicated management network external to the information handling system, and the profile including data regarding a configuration of the management controller; (ii) comparing the profile to one or more golden profiles to determine whether security of the management controller has been compromised; (iii) responsive to the profile matching a golden profile of the one or more golden profiles, permitting the management controller to continue execution; and (iv) responsive to the profile failing to match a golden profile of the one or more golden profiles, taking remedial action with respect to the management controller.Type: GrantFiled: August 17, 2016Date of Patent: September 15, 2020Assignee: Dell Products L.P.Inventors: Johan Rahardjo, Mukund P. Khatri, Michael J. Stumpf
-
Patent number: 10778718Abstract: Some embodiments of the present invention include a method for detecting and preventing phishing and include generating an authentication cookie based on encrypting an authentication token and a time when the authentication token is generated, the authentication cookie to be installed in a user computing system. The method further includes receiving a login request from the user computing system, the login request including login information, the authentication cookie, and a first detection token, decrypting the authentication cookie in the login request to generate a second detection token, and comparing the first detection token with the second detection token to determine whether the login information is compromised.Type: GrantFiled: September 16, 2016Date of Patent: September 15, 2020Assignee: salesforce.com, inc.Inventor: Vinayendra Turuvekere Nataraja
-
Patent number: 10778672Abstract: An embodiment of the invention provides a method for secure biometrics matching with split phase client-server matching protocol, wherein a first biometric input is received in an electronic device. The first biometric input is stored in the electronic device as a biometric profile; and, the biometric profile is sent to a server. An additional biometric input is received from a user in the electronic device; and, the additional biometric input is compared to the biometric profile stored in the electronic device to generate a local matching score. The additional biometric input is sent to the server. The local matching score and a remote matching score generated by the at least one server are compared; and, it is determined whether to authenticate the user based on the comparison of the local matching score and the remote matching score.Type: GrantFiled: November 16, 2015Date of Patent: September 15, 2020Assignee: International Business Machines CorporationInventors: Jonathan H. Connell, II, Jae-Eun Park, Nalini K. Ratha
-
Information processing device, information processing method, and computer-readable recording medium
Patent number: 10764322Abstract: An operation information specification unit 82, with use of terminal-specific countermeasure information indicating an applicable countermeasure for each terminal against a security risk and definition information defining a correspondence relationship between a type of operation information of the terminal and a countermeasure against the security risk, specifies a type of operation information corresponding to the countermeasure applicable to the terminal. An operation information acquisition unit 83 acquires operation information of the type specified by the operation information specification unit 82, from among operation information of the terminal.Type: GrantFiled: March 8, 2018Date of Patent: September 1, 2020Assignee: NEC CORPORATIONInventor: Yoshio Yasutome -
Patent number: 10764264Abstract: A technique for authenticating network users is disclosed. In one particular exemplary embodiment, the technique may be realized as a method for authenticating network users. The method may comprise receiving, from a client device, a request for connection to a network. The method may also comprise evaluating a security context associated with the requested connection. The method may further comprise assigning the client device one or more access privileges based at least in part on the evaluation of the security context.Type: GrantFiled: December 30, 2005Date of Patent: September 1, 2020Assignee: Avaya Inc.Inventors: Ravi Chakravarthi Kumar, Tal I. Lavian, Vasant Sahay, Nirmalendu Das, Biju Sajibhavan Kunjukunju, David Burton Levi, Philippe Michelet, Shmuel Nehama
-
Patent number: 10754973Abstract: Disclosed herein are system, method, and computer program product embodiments for a secured cloud storage system. An embodiment operates by receiving a compressed file comprising data that has been compressed using a compression algorithm. The compressed data is divided into a plurality of separate files. A password for each of the separate files is determined. Each of the separate files is encrypted with its corresponding password. The encrypted files are stored across a plurality of servers.Type: GrantFiled: January 16, 2018Date of Patent: August 25, 2020Assignee: SAP SEInventors: Alexander Ocher, Viktor Lapitski
-
Patent number: 10757096Abstract: A server and method for supporting device registration by the server are provided. The present disclosure relates to a sensor network, Machine Type Communication (MTC), Machine-to-Machine (M2M) communication, and technology for Internet of Things (IoT). The present disclosure may be applied to intelligent services based on the above technologies, such as smart home, smart building, smart city, smart car, connected car, health care, digital education, smart retail, security and safety services.Type: GrantFiled: November 16, 2015Date of Patent: August 25, 2020Assignee: Samsung Electronics Co., LtdInventor: Kyungjae Kim
-
Patent number: 10749849Abstract: A data communication device includes a first communicator that receives encrypted data; a second communicator that transmits the encrypted data; an identification information acquisition unit that, when the first communicator has received information for encryption that is used for establishing encrypted communications including encrypted part and plaintext part where the plaintext part includes identification information of a transmission source of the encrypted data, acquires the identification information from the information for encryption; and a configurator that sets data transmission of the second communicator, based on the identification information.Type: GrantFiled: December 6, 2016Date of Patent: August 18, 2020Assignee: NEC CORPORATIONInventor: Raika Uki
-
Patent number: 10742681Abstract: A method and system are provided for enabling collaborative access to a data object. The method comprises establishing an access control policy, the access control policy defining at least one collaborative condition under which access to the data object is permissible, monitoring a plurality of users for compliance with the collaborative condition and providing access to the data object after a predetermined number of the users meet the at least one collaborative condition.Type: GrantFiled: August 21, 2015Date of Patent: August 11, 2020Assignee: PUSHPULL TECHNOLOGY LIMITEDInventors: David Jones, Daniel Eccleston
-
Patent number: 10742402Abstract: A method for securing communications for a given network topology is provided. The method comprises generating by a node N(i) of the network, security parameters for the node N(i); transmitting by the node N(i), said security parameters to a controller for the network; maintaining by the controller said security parameters for the node N(i); receiving by the controller a request from a node N(j) for the security parameters for the node N(i); retrieving by the controller the security parameters for the node N(i); and transmitting by the controller said security parameters to the node N(j).Type: GrantFiled: January 26, 2018Date of Patent: August 11, 2020Assignee: Cisco Technology, Inc.Inventors: Syed Khalid Raza, Praveen Raju Kariyanahalli, Rameshbabu Prabagaran, Amir Khan
-
Patent number: 10742637Abstract: The present disclosure discloses a system and method for providing multi-factor authorization for IEEE 802.1x-enabled networks. Specifically, a network device authenticates a client device to obtain access to network resources in a network via a network authentication protocol. The network device then detects a device quarantine trigger indicating an increased level of suspicion that a current user of the client device is a non-authenticated user. In response to the device quarantine trigger, the network device temporarily places the client device from an authenticated state to a quarantined state pending completion of a particular workflow by the current user. The client device has limited access to the network resources while in the quarantined state regardless of a previous successful user and/or device authentication.Type: GrantFiled: May 17, 2019Date of Patent: August 11, 2020Assignee: Hewlett Packard Enterprise Development LPInventor: Cameron Esdaile
-
Patent number: 10733321Abstract: Aspects of the invention include processing queries in a database system having a first database engine and a second database engine. A first instance of a first table is stored in the first database engine in plaintext. At one predefined column of the first table is encrypted, resulting in a set of encrypted columns, using a cascade encryption scheme that includes a set of ordered encryption methods. A subset of the set of columns is stored in a second instance of the first table in the second database engine. An encryption method of the cascade encryption scheme that allows a query operation of a received query on data encrypted with the identified encryption method is identified. The identified encryption method is used to rewrite the query, and the rewritten query is executed using the second instance of the first table.Type: GrantFiled: May 7, 2019Date of Patent: August 4, 2020Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Felix Beier, Peter Bendel, Nicole Finnie, Namik Hrle
-
Patent number: 10733318Abstract: Aspects of the invention include processing queries in a database system having a first database engine and a second database engine. A first instance of a first table is stored in the first database engine in plaintext. At one predefined column of the first table is encrypted, resulting in a set of encrypted columns, using a cascade encryption scheme that includes a set of ordered encryption methods. A subset of the set of columns is stored in a second instance of the first table in the second database engine. An encryption method of the cascade encryption scheme that allows a query operation of a received query on data encrypted with the identified encryption method is identified. The identified encryption method is used to rewrite the query, and the rewritten query is executed using the second instance of the first table.Type: GrantFiled: November 21, 2017Date of Patent: August 4, 2020Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Felix Beier, Peter Bendel, Nicole Finnie, Namik Hrle
-
Patent number: 10728236Abstract: A technology is described for evaluating object data associated with an object represented in an augmented environment. An example method may include detecting an object located within range of a proximity of a sensor included in a device configured to display object data for the object in an augmented environment display. The object data associated with the object may be requested and the object data may be authenticated using an authenticating authority that certifies that the object data is valid and/or by determining that an object attribute represented by the object data corresponds to the object attribute represented by sensor data obtained from the sensor. After the object data has been authenticated, the object data, or a portion of the object data may be displayed in the augmented environment display generated by the device.Type: GrantFiled: September 7, 2016Date of Patent: July 28, 2020Assignee: Amazon Technologies, Inc.Inventor: David Potes
-
Patent number: 10708279Abstract: A method and apparatus for transmitting data. Data to be transmitted is an aggregated frame including a first subframe and a second subframe each including information used to verify integrity of each subframe, and an apparatus receiving the data verifies integrity of a subframe based on the information used to verify the integrity.Type: GrantFiled: December 27, 2016Date of Patent: July 7, 2020Assignee: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTEInventors: Jae Seung Lee, Moon-Sik Lee, Young-Hoon Kim, Jaewoo Park, Gyung-chul Shin, Hoo Sung Lee, Ik Jae Chun, Jeeyon Choi
-
Patent number: 10706181Abstract: Described herein are various technologies pertaining to randomizing logic associated with dangling nodes in a digital circuit design. A dangling node is an input to or output from a logic gate in the digital circuit design that is identified as not impacting a desired output of the digital circuit design. Randomizing the logic associated with a dangling node can include deleting a logic gate, adding a logic gate, replacing a logic gate with another logic gate, etc. Randomizing the logic associated with the dangling node prevents hardware trojans that may have been inserted into the circuit design from being implemented in a circuit that is generated based upon the design.Type: GrantFiled: December 19, 2017Date of Patent: July 7, 2020Assignee: National Technology & Engineering Solutions of Sandia, LLCInventor: Jason Hamlet
-
Patent number: 10693850Abstract: An example of a system and method implementing a live migration of a guest on a virtual machine of a host server to a target server is provided. For example, a host server may utilize a flow key to encrypt and decrypt communications with a target server. This flow key may be encrypted using a receive master key, which may result in a receive token. The receive token may be sent to the Network Interface Controller of the host server, which will then encrypt the data packet and forward the information to the target server. Multiple sender schemes may be employed on the host server, and various updates may take place on the target server as a result of the new location of the migrating guest from the host server to the target server.Type: GrantFiled: May 11, 2015Date of Patent: June 23, 2020Assignee: Google LLCInventor: Benjamin Charles Serebrin
-
Patent number: 10686783Abstract: A technique is provided for establishing a secure access connection with electronic devices. The technique includes receiving a request for establishing the secure access connection, from an electronic device, via an access point associated with the electronic device. The technique further includes dynamically determining at least a local reputation score associated the access point, based on at least a plurality of parameters and pre-defined weights assigned to each of the plurality of parameters. The technique further includes establishing the secure access connection between the host device and the electronic device, via the access point, based on a comparison of an updated global reputation score with a pre-defined threshold. The global reputation score is updated based on the dynamically determined local reputation score.Type: GrantFiled: February 15, 2017Date of Patent: June 16, 2020Assignee: Wipro LimitedInventors: Harish Nair Rajagopal, Sujeet Sreenivasan
-
Patent number: 10666618Abstract: When a computer system is compromised by a malicious user, detecting or preventing the malicious user can improve the security and efficiency of the computer system, as well as prevent data from being deleted or corrupted and/or stolen. An attacker who compromises a computer system is likely to take certain actions to exert control over the computer or avoid detection. When a compromised system is behind a network firewall, the attacker may seek to open a remote reverse shell on the compromised system to more easily issue commands, as the firewall may block direct attempts from outside the network to contact the compromised system. Detecting a reverse shell can be difficult, slow, and unreliable, however. The present disclosure discusses methods for detecting reverse shells based on analyzing redirection of data streams such as STDIN, STDOUT, and STDERR.Type: GrantFiled: September 15, 2016Date of Patent: May 26, 2020Assignee: PAYPAL, INC.Inventor: Shlomi Boutnaru