Patents Examined by Abdullah Almamun
  • Patent number: 12192224
    Abstract: According to some embodiments, a method includes detecting a start of an OpenTelemetry span by an application and determining security information related to the start of the OpenTelemetry span. The method further includes monitoring the application for one or more application behaviors during execution of the OpenTelemetry span. The method further includes detecting an end of the OpenTelemetry span by the application, and in response, calculate a security score for the OpenTelemetry span using the security information related to the start of the OpenTelemetry span and the one or more application behaviors detected during execution of the OpenTelemetry span. The method further includes updating a status of the OpenTelemetry span to include the security score and a text string related to the calculation of the security score.
    Type: Grant
    Filed: August 30, 2022
    Date of Patent: January 7, 2025
    Assignee: CISCO TECHNOLOGY, INC.
    Inventors: Walter T. Hulick, Jr., Ashutosh Kulshreshtha
  • Patent number: 12164885
    Abstract: An exemplary random number generation system leverages the r includes at least one solar power panel of a solar power system, at least one sensor and a random number generator. The sensor senses one or more output parameters (e.g., voltage or current) from the solar power system and provides the sensed parameter to the random number generator, which uses the sensed parameter to generate a number that is truly random (i.e., is not deterministic). As an example, the random number generator may receive multiple samples of the measured parameter and generate a random number based on a difference of the multiple samples. If desired, the random number generator may include an algorithm to remove biasing in the random number.
    Type: Grant
    Filed: November 21, 2023
    Date of Patent: December 10, 2024
    Assignee: Board of Trustees of the University of Alabama, for and on behalf of the University of Alabama in Huntsville
    Inventor: Biswajit Ray
  • Patent number: 12058108
    Abstract: In some embodiments, a method receives a packet at an instance of a distributed firewall associated with one of a plurality of workloads running on a hypervisor. Each of the plurality of workloads has an associated instance of the distributed firewall. An index table is accessed for the workload where the index table includes a set of references to a set of rules in a rules table. Each workload in the plurality of workloads is associated with an index table that references rules that are applicable to each respective workload. The method then accesses at least one rule in a set of rules associated with the set of references from the rules table and compares one or more attributes for the packet to information stored for the at least one rule in the set of rules to determine a rule in the set of rules to apply to the packet.
    Type: Grant
    Filed: April 18, 2022
    Date of Patent: August 6, 2024
    Assignee: VMware LLC
    Inventors: Jingmin Zhou, David Lorenzo, Subrahmanyam Manuguri, Anirban Sengupta
  • Patent number: 12052242
    Abstract: In general, the disclosure relates to a method for creating segment mapping in a network, by a network device. The method includes receiving a segment identification (ID) for a client device of the network from an authentication system. The segment ID identifies a segment of the network including the client device and the network device wherein the segment ID is associated with a media access control (MAC) address of the client device. The network device or a network management system (NMS) determines an internet protocol (IP) address of the client device and the network device creates an IP address to segment ID mapping for the client device using the IP address. The IP address to segment ID mapping is provided to the NMS for distribution to remaining network devices of the network. At least one packet of the client device is processed using the IP address to segment ID mapping.
    Type: Grant
    Filed: May 21, 2021
    Date of Patent: July 30, 2024
    Assignee: ARISTA NETWORKS, INC.
    Inventors: John French, Manish Singhvi
  • Patent number: 12052288
    Abstract: In general, embodiments relate to a network device, including network device hardware including a processor; and memory comprising instructions which, when executed by the processor, performs a method for creating segment mapping in a network. The method includes entering a fallback mode in response to detecting a fallback scenario, determining, based on the fallback mode, a segment identification (ID) for a client device of the network, wherein the segment ID identifies a segment of the network including a client device, obtaining an Internet Protocol (IP) address to segment ID mapping, wherein the client device is associated with the IP address, and processing at least one packet from the client device using the IP address to segment ID mapping.
    Type: Grant
    Filed: March 8, 2022
    Date of Patent: July 30, 2024
    Assignee: ARISTA NETWORKS, INC.
    Inventor: John William French
  • Patent number: 12032691
    Abstract: Examples of the present disclosure describe systems and methods for a behavioral threat detection engine. In examples, the behavioral threat detection engine manages execution of one or more virtual machines, wherein each virtual machine processes a rule in relation to a context. The behavioral threat detection engine uses any of a variety of techniques to identify when events occur. Accordingly, the behavioral threat detection engine provides event indications, in the form of event packets, to one or more virtual machines, such that corresponding rules are able to process the events accordingly. Eventually, a rule may make a determination as to the presence or absence of a behavior. As a result, execution of the associated virtual machine may be halted, thereby indicating to the behavioral threat detection engine that a determination has been made. Thus a behavioral threat detection engine employs a behavior-based approach to detecting malicious or potentially malicious behaviors.
    Type: Grant
    Filed: July 17, 2023
    Date of Patent: July 9, 2024
    Assignee: OPEN TEXT INC.
    Inventors: Eric Klonowski, Fred Krenson
  • Patent number: 12032678
    Abstract: An information processing architecture for implementation in a vehicle includes a software segregation unit which is configured to provide a first security domain and a second security domain which are assigned in each case to different operational areas of the vehicle and have their own data processing environments which are segregated from one another to run a multiplicity of computer applications. The software segregation unit is further configured to provide a synchronization instance, wherein the synchronization instance has a central dataset which is synchronized with data generated in the respective security domains independently from one another via data exchange and is selectively readable by both security domains.
    Type: Grant
    Filed: March 29, 2021
    Date of Patent: July 9, 2024
    Assignee: Airbus Operations GmbH
    Inventors: Kai Möller, Christian Groth, Sören Hübner, Oliver Schalke, René Niedermowe
  • Patent number: 12028449
    Abstract: Systems, apparatuses, methods, and computer program products are disclosed for session authentication. An example method includes determining, by decoding circuitry, a set of quantum bases to use for measurement. The example method further includes receiving, by the decoding circuitry, a series of photons. The example method further includes decoding, by the decoding circuitry and based on the determined set of quantum bases, the series of photons to generate a decoded set of bits. The example method further includes receiving, by the decoding circuitry, a control signal indicative of an instruction to initiate decoding based on the set of quantum bases. The example method further includes, in response to receiving the control signal, decoding, by the decoding circuitry, the series of photons based on the set of quantum bases. The example method further includes generating, by session authentication circuitry, a session key based on the decoded set of bits.
    Type: Grant
    Filed: December 17, 2021
    Date of Patent: July 2, 2024
    Assignee: Wells Fargo Bank, N.A.
    Inventor: Masoud Vakili
  • Patent number: 12019759
    Abstract: A data processing system has a processor and a system memory. The system memory may be a dynamic random-access memory (DRAM). The processor includes an embedded memory. The system memory is coupled to the processor and is organized in a plurality of pages. A portion of the code or data stored in the plurality of memory pages is selected for permutation. A permutation order is generated and the memory pages containing the portion of code or data is permuted using a permutation order. The permutation order and/or a reverse permutation order to recover the original order may be stored in the embedded memory. Permuting the memory pages with a permutation order stored in the embedded memory prevents the code or data from being read during a freeze attack on the system memory in a way that is useful to an attacker.
    Type: Grant
    Filed: January 7, 2021
    Date of Patent: June 25, 2024
    Assignee: NXP B.V.
    Inventors: Wilhelmus Petrus Adrianus Johannus Michiels, Jan Hoogerbrugge, Ad Arts
  • Patent number: 12003623
    Abstract: Systems and methods for multilayer encryption for user privacy compliance and corporate confidentiality are described. In some embodiments, an Information Handling System (IHS) may include a processor and a memory coupled to the processor, the memory having program instructions stored thereon that, upon execution, cause the IHS to: transmit, from a workspace instantiated by a local management agent to a portal managed by an enterprise: (i) a request to store a once-encrypted document, and (ii) an indication that the once-encrypted document is encrypted with a controlvault key; receive, from the portal at the workspace, a request to encrypt the once-encrypted document with an enterprise-issued cryptographic key to produce a twice-encrypted document; and transmit, from the workspace to the portal, a copy of the twice-encrypted document.
    Type: Grant
    Filed: December 18, 2020
    Date of Patent: June 4, 2024
    Assignee: Dell Products, L.P.
    Inventors: Charles D. Robison, Nicholas D. Grobelny, Ricardo L. Martinez
  • Patent number: 12001542
    Abstract: A container system includes a container server that is configured to host a first container that includes an execution of a first image. The container server is also configured to receive a request to access the first container and receive an indication that the request to access is a potential security threat. In response to receiving the indication, the container server generates a second image that includes a copy of the first image. Additionally, in response to receiving the indication, the container server provides access to a second container that includes an execution of the second image.
    Type: Grant
    Filed: January 26, 2021
    Date of Patent: June 4, 2024
    Assignee: United Services Automobile Association (USAA)
    Inventors: Ashley Raine Philbrick, Ryan Thomas Russell, David Joaquin Harris, Sacha Melquiades De'Angeli
  • Patent number: 12001587
    Abstract: A conference management system facilitates data compliance in recording conversations between users. A host user can send an electronic invitation for a meeting to participants. Upon accessing the invitation, the participants can be presented with two options to join the conference—a first option using which a participant can join the meeting by providing consent to recording the meeting and a second option using which the participant can join the meeting by opting-out of recording of the meeting. When a participant opts-out of the recording of the meeting, the conference management system ensures that the recording is performed in compliance with a data compliance policy applicable to the participant who opted out of recording.
    Type: Grant
    Filed: June 26, 2023
    Date of Patent: June 4, 2024
    Assignee: ZOOMINFO CONVERSE LLC
    Inventors: Russell Levy, Dominik Facher, Micha Yochanan Breakstone
  • Patent number: 11991522
    Abstract: An apparatus for traffic security processing in a slicing service of mobile edge computing according to an embodiment of the present invention includes: a plurality of security modules for analyzing a received packet to respectively execute security functions suitable for slicing security of mobile edge computing; a controller for managing a slicing security module list in the mobile edge computing; and a main security module for analyzing a received packet on the basis of the slicing security module list to determine a security function to be executed and priority of the security function to be executed, wherein the controller transmits the received packet to at least one corresponding security module among the plurality of security modules according to the priority of the security function to be executed, which is determined by the main security module.
    Type: Grant
    Filed: December 24, 2021
    Date of Patent: May 21, 2024
    Assignee: WINS Co., Ltd.
    Inventors: Eun Young Joo, Yong Sig Jin
  • Patent number: 11983287
    Abstract: Systems as described herein may implement non-persistent data caching using a dedicated web server. A non-persistent data caching system may determine that an application, executing on a computing device may require access to secure data located on a remote server external to the computing device. The non-persistent data caching system may initiate a dedicated web server on the computing device, retrieve the secure data from the remote server, and store the secure data in a volatile memory of the computing device. The non-persistent data caching system may subsequently redirect a request for at least a portion of the secure data from the application and to the dedicated web server, and the dedicated web server may send the requested portion to the application.
    Type: Grant
    Filed: December 2, 2020
    Date of Patent: May 14, 2024
    Assignee: Capital One Services, LLC
    Inventor: Riley McCuen
  • Patent number: 11979394
    Abstract: Methods, systems, and apparatuses for secure communications in a communications system through a secure database (SDB) using random numbers including, one-time use random number cipher keys.
    Type: Grant
    Filed: September 23, 2022
    Date of Patent: May 7, 2024
    Assignee: MATRICS2, INC
    Inventors: Michael R. Arneson, William R. Bandy
  • Patent number: 11974120
    Abstract: A system for securing control plane traffic in a sliced communication network that is adapted to run a plurality of network functions includes a plurality of security guards, each placed at an edge of an internal security zone, wherein the internal security zone is formed by grouping one or more network functions. Each security guard is configured to receive an incoming message from a requestor external to corresponding internal security zone and validate the extracted information against each other, and against a service specification policy for the communication network, and against threat intelligence analytics data. Each security guard is configured to compute one or more risk scores indicating risk perception or incidence of attack for its associated internal security zone and to initiate one or more attack preventive measures if a computed risk score exceeds a predetermined threshold. such as modifying or correcting or dropping the incoming message.
    Type: Grant
    Filed: January 31, 2022
    Date of Patent: April 30, 2024
    Assignee: ADAPTIVE MOBILE SECURITY LIMITED
    Inventors: Cathal Mc Daid, Silke Holtmanns
  • Patent number: 11943616
    Abstract: Methods, systems, and computer readable media for ingress message rate limiting are disclosed. One method includes, at a network node, receiving a service request message from a service consumer network function and extracting, from the received service request message, an access token that includes a consumer network function instance identifier identifying the service consumer network function. The method further includes determining, using the consumer network function instance identifier, that an allowed ingress message rate associated with the service consumer network function has been reached or exceeded and in response to determining that the allowed ingress message rate associated with the service consumer network function has been reached or exceeded, performing a message rate limiting action.
    Type: Grant
    Filed: December 28, 2020
    Date of Patent: March 26, 2024
    Assignee: ORACLE INTERNATIONAL CORPORATION
    Inventors: Jay Rajput, Shashikiran Bhalachandra Mahalank, Ankit Srivastava
  • Patent number: 11934520
    Abstract: The disclosure provides systems and processes for applying neural networks to detect intrusions and other anomalies in communications exchanged over a data bus between two or more devices in a network. The intrusions may be detected in data being communicated to an embedded system deployed in vehicular or robotic platforms. The disclosed system and process are well suited for incorporation into autonomous control or advanced driver assistance system (ADAS) vehicles including, without limitation, automobiles, motorcycles, boats, planes, and manned and un-manned robotic devices. Data communicated to an embedded system can be detected over any of a variety of data buses. In particular, embodiments disclosed herein are well suited for use in any data communication interface exhibiting the characteristics of a lack of authentication or following a broadcast routing scheme—including, without limitation, a control area network (CAN) bus.
    Type: Grant
    Filed: March 28, 2019
    Date of Patent: March 19, 2024
    Assignee: NVIDIA Corporation
    Inventors: Gorkem Batmaz, Nicola DiMiscio, Mark Overby, Ildiko Pete
  • Patent number: 11936790
    Abstract: Systems and methods for enhanced hash transforms are disclosed. In particular embodiments, biometric data is concatenated with non-biometric data for generating a fixed-sized vector, and furthermore performing various permutations and projections on the vector. The resulting vector may be stored in a registry, and a corresponding key may be generated and provided to the user associated with the biometric data. The hash transformation may be a lossy process, such that the resulting hash includes less bytes than the initial biometric data, and a hash reversal fails to generate an exact copy of the original biometric data.
    Type: Grant
    Filed: September 29, 2022
    Date of Patent: March 19, 2024
    Assignee: T Stamp Inc.
    Inventors: Gareth Neville Genner, Norman Hoon Thian Poh
  • Patent number: 11928217
    Abstract: An apparatus comprising: a unit configured to verify whether a first region that specifies a verification range of a first boot code and a second region that specifies a verification range of a second boot code have been altered; a unit configured to, when the first region has not been altered, verify whether the first boot code has been altered; a unit configured to, when the first boot code has been altered and the second region has not been altered, verify whether the second boot code has been altered; and a unit configured to, when the second boot code has not been altered, restore the first boot code using the second boot code, wherein the first and second regions are regions that are not rewritten after a start of the apparatus.
    Type: Grant
    Filed: November 17, 2021
    Date of Patent: March 12, 2024
    Assignee: Canon Kabushiki Kaisha
    Inventors: Takami Eguchi, Nobuhiro Tagashira, Ayuta Kawazu