Patents Examined by Abdullah Almamun
  • Patent number: 11526772
    Abstract: Embodiments disclosed herein relate to methods, systems, and computer programs for automatically determining an outcome associated with a reasoning graph, based on one or more data sets. The methods, systems, and computer programs compare hash values associated with different data sets to determine if they match to assign the outcome associated with a pre-existing hash to the later provided hash and data set associated therewith.
    Type: Grant
    Filed: February 11, 2019
    Date of Patent: December 13, 2022
    Assignee: Cotiviti, Inc.
    Inventors: Christopher Taylor Creel, Bharath Kumar Reddy Lingannagari, Christopher Shawn Watson
  • Patent number: 11522868
    Abstract: A method performed by a device for identifying a network node within a network to which data will be replicated is disclosed. The method comprises encrypting a session key according to an attribute-based encryption scheme; broadcasting the encrypted session key within the network; receiving at least one message encrypted using the session key from at least one network node within the network; and selecting a network node from the at least one network node to which data will be replicated. A further method, a device and a non-transitory machine-readable medium are also disclosed.
    Type: Grant
    Filed: July 27, 2017
    Date of Patent: December 6, 2022
    Assignee: KONINKLIJKE PHILIPS N.V.
    Inventors: Daniel Pletea, Peter Petrus van Liesdonk
  • Patent number: 11509645
    Abstract: Disclosed are various approaches for providing authentication of a user and a client device. A user's credentials can be authenticated by an identity provider. In addition, a device posture assessment that analyzes the device from which the authentication request originates is also performed. An authentication request can be authenticated based upon whether the device posture assessment reveals that device to be a managed device that is in compliance with compliance rules.
    Type: Grant
    Filed: July 16, 2019
    Date of Patent: November 22, 2022
    Assignee: AirWatch LLC
    Inventors: Craig Farley Newell, Jonathan Blake Brannon, Kabir Barday, Ashish Jain
  • Patent number: 11503461
    Abstract: Techniques for refreshing security keys for enciphering and deciphering packets in a wireless communications system are provided. An exemplary method generally includes transmitting, while in a state with no dedicated resources allocated to the UE, a first message to request resumption of a radio resource control (RRC) connection, the first message encrypted using a first set of one or more keys, receiving, in response to the first message, a second message encrypted using the first set of one or more keys or a second set of one or more keys, determining, based on an indication in the second message or received prior to the second message, whether portions of the second message are encrypted using the second set of one or more keys, and processing the second message using the first set of one or more keys or the second set of one or more keys, based on the determination.
    Type: Grant
    Filed: February 13, 2018
    Date of Patent: November 15, 2022
    Assignee: QUALCOMM Incorporated
    Inventors: Huichun Liu, Keiichi Kubota, Soo Bum Lee
  • Patent number: 11496315
    Abstract: Systems and methods for enhanced hash transforms are disclosed. In particular embodiments, biometric data is concatenated with non-biometric data for generating a fixed-sized vector, and furthermore performing various permutations and projections on the vector. The resulting vector may be stored in a registry, and a corresponding key may be generated and provided to the user associated with the biometric data. The hash transformation may be a lossy process, such that the resulting hash includes less bytes than the initial biometric data, and a hash reversal fails to generate an exact copy of the original biometric data.
    Type: Grant
    Filed: May 8, 2019
    Date of Patent: November 8, 2022
    Assignee: T Stamp Inc.
    Inventors: Gareth Neville Genner, Norman Hoon Thian Poh
  • Patent number: 11487906
    Abstract: According to one or more embodiments of the present invention, a computer implemented method includes enabling, by a secure interface control of a computer system, a non-secure entity of the computer system to access a page of memory shared between the non-secure entity and a secure domain of the computer system based on the page being marked as non-secure with a secure storage protection indicator of the page being clear. The secure interface control can verify that the secure storage protection indicator of the page is clear prior to allowing the non-secure entity to access the page. The secure interface control can provide a secure entity of the secure domain with access to the page absent a check of the secure storage protection indicator of the page.
    Type: Grant
    Filed: March 8, 2019
    Date of Patent: November 1, 2022
    Assignee: International Business Machines Corporation
    Inventors: Lisa Cranton Heller, Fadi Y. Busaba, Jonathan D. Bradbury
  • Patent number: 11481486
    Abstract: Examples of the present disclosure describe systems and methods for a behavioral threat detection engine. In examples, the behavioral threat detection engine manages execution of one or more virtual machines, wherein each virtual machine processes a rule in relation to a context. The behavioral threat detection engine uses any of a variety of techniques to identify when events occur. Accordingly, the behavioral threat detection engine provides event indications, in the form of event packets, to one or more virtual machines, such that corresponding rules are able to process the events accordingly. Eventually, a rule may make a determination as to the presence or absence of a behavior. As a result, execution of the associated virtual machine may be halted, thereby indicating to the behavioral threat detection engine that a determination has been made. Thus a behavioral threat detection engine employs a behavior-based approach to detecting malicious or potentially malicious behaviors.
    Type: Grant
    Filed: March 27, 2019
    Date of Patent: October 25, 2022
    Assignee: Webroot Inc.
    Inventors: Eric Klonowski, Fred Krenson
  • Patent number: 11483306
    Abstract: Methods, systems, and apparatuses for secure communications in a communications system through a secure database (SDB) using random numbers including, one-time use random number cipher keys.
    Type: Grant
    Filed: March 26, 2019
    Date of Patent: October 25, 2022
    Assignee: Matrics2, Inc.
    Inventors: Michael R. Arneson, William R. Bandy
  • Patent number: 11470102
    Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for network monitoring, user account compromise determination, and user behavior database system. The system monitors network actions of user accounts including user account access across multitudes of network accessible systems, determines user account transitions, and determines different types of high-risk user behavior indicative of compromise. Network actions can be obtained from generated information by the network accessible systems, and correlated across additional data sets including contextual ones. User interfaces are generated describing network actions of user accounts, and are configured for user interaction, which cause generation of updated user interfaces and access to electronic data sources to determine information relevant to the user interaction.
    Type: Grant
    Filed: November 12, 2018
    Date of Patent: October 11, 2022
    Assignee: Palantir Technologies Inc.
    Inventors: Samuel Jones, Timothy Yousaf, Drew Dennison, Vivek Lakshmanan, Joseph Staehle, Samuel Kremin, Maxim Kesin, Taylor Heroux
  • Patent number: 11449615
    Abstract: Disclosed herein are systems and methods for forming a log during an execution of a file with vulnerabilities. In one aspect, an exemplary method comprises, discovering an activation of a trigger during an execution of a thread of a process created upon opening the file, wherein the trigger describes conditions accompanying an event which relates to an attempt to exploit a vulnerability of the file, analyzing a stack of the process created upon opening the file, and discovering a chain of function calls preceding the event in a form of a sequence of call and return addresses, analyzing the discovered chain of function calls for fulfillment of conditions of the trigger which relate to the attempt to exploit the vulnerability, and when the conditions of the trigger are fulfilled, saving information about the chain of function calls in a log.
    Type: Grant
    Filed: May 15, 2019
    Date of Patent: September 20, 2022
    Assignee: AO Kaspersky Lab
    Inventors: Alexey V. Monastyrsky, Mikhail A. Pavlyushchik, Vladislav V. Pintiysky, Denis V. Anikin, Dmitry A. Kirsanov
  • Patent number: 11429714
    Abstract: A method of operating a privacy management system for managing personal data includes receiving a first input indicative of a first user activity in accessing personal data stored within a memory element. The method also includes creating an activity model based on the first input. The activity model is indicative of typical activity in accessing personal data stored in the memory element. The method further includes receiving a second input indicative of a second user activity in accessing personal data stored within the memory element. Also, the method includes recognizing, according to the activity model, the second user activity as being anomalous to the typical activity in accessing personal data stored in the memory element. Moreover, the method includes generating, as a result of recognizing the second user activity as being anomalous, a command that causes at least one of the client devices to perform an anomaly corrective action.
    Type: Grant
    Filed: March 12, 2019
    Date of Patent: August 30, 2022
    Assignee: salesforce.com, inc.
    Inventors: Christian Meyer, Chris Lawrence
  • Patent number: 11429694
    Abstract: Techniques for managing customer license agreements are described. In one embodiment, a user-specified resource metric of a license model and a user-specified limit of the user-specified resource metric are obtained. A request for permission to launch a new compute resource at a computing device of the provider network is obtained from a service within a provider network. The new compute resource having a property that is an amount of the user-specified metric. A determination is made that a launch of the new compute resource would cause the user-specified limit to be exceeded, and the request the request to launch the new compute resource is denied.
    Type: Grant
    Filed: August 17, 2018
    Date of Patent: August 30, 2022
    Assignee: Amazon Technologies, Inc.
    Inventors: Murtaza Chowdhury, Malcom Featonby, Adnan Ijaz, Anup P. Pandya, Anupama Anand, Niti Khadapkar, Ramapulla Reddy Chennuru, Raviprasad Mummidi, Srivasan Ramkumar, Jagruti Patil, Yupeng Zhang
  • Patent number: 11425559
    Abstract: Embodiments of a data transmission network device and methods of operating the same are disclosed. In one embodiment, the data transmission network device includes an encryption module and an RF transceiver. The encryption module is configured to receive data and encrypt the data so as to generate first encrypted data. The encryption module then encrypts the first encrypted data so as to generate second encrypted data. The RF transceiver is configured to generate an RF signal such that the second encrypted data is modulated onto the RF signal. By providing the double encryption in a single device, the data transmission network device has greater spectral efficiency and is a much more cost-effective solution than what is currently provided in the market. Furthermore, the encryption module can be disabled so that unsecure data can also be transmitted via the data transmission network device.
    Type: Grant
    Filed: May 15, 2019
    Date of Patent: August 23, 2022
    Inventors: Claude Church, Patrick L. Geddes
  • Patent number: 11418499
    Abstract: The description relates to password reset security. One example can receive a login request and a password for a cloud-based user account. The example can also retrieve stored authenticated user information associated with the password. The example can further send a notification of the login request to a contact address associated with the cloud-based user account. The notification can contain at least some of the stored authenticated user information.
    Type: Grant
    Filed: July 19, 2019
    Date of Patent: August 16, 2022
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Liqiang Zhu, Yi Zeng, Yu Huang
  • Patent number: 11411915
    Abstract: A network device configured to communicate with a network executes a security protocol. The security protocol establishes a secure session with a security peer network device, exchanges security protected traffic with the security peer network device over a secure link, detects whether there is a security failure in the secure session, and upon detecting a security failure, signals there is a security failure. The network device also executes a routing protocol. The routing protocol maintains a routing table that includes a route to the security peer over the secure link, routes the security protected traffic along the route, and, upon receiving from the security protocol the signal that there is a security failure, removes the route from the routing table to stop the routing.
    Type: Grant
    Filed: January 9, 2019
    Date of Patent: August 9, 2022
    Assignee: CISCO TECHNOLOGY, INC.
    Inventors: Craig Thomas Hill, Stephen Michael Orr
  • Patent number: 11347869
    Abstract: A method is provided. The method is implemented by a secure interface control of a computer that prevents unauthorized accesses to locations in a memory of the computer. The secure interface control determines that a host absolute page is not previously mapped to a virtual page in accordance with securing the host absolute page and a host virtual page is not already mapped to an absolute page in accordance with securing the host absolute page.
    Type: Grant
    Filed: March 8, 2019
    Date of Patent: May 31, 2022
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Martin Schwidefsky, Heiko Carstens, Jonathan D. Bradbury, Lisa Cranton Heller
  • Patent number: 11316678
    Abstract: The present disclosure relates to a pre-5th-Generation (5G) or 5G communication system to be provided for supporting higher data rates Beyond 4th-Generation (4G) communication system such as Long Term Evolution (LTE). Embodiments herein provide method and system for end-to-end security over signaling plane in a mission critical data (MCData) communication system. The proposed method includes various ways of securing MCData data payload transmitted over signaling plane using short data service (SDS). The proposed method allows usage of multiple security keys to encrypt the MCData SDS message as per the requirements. Various Keys such as, signaling plane key or media plane key or a dedicated MCData data payload signaling key can be used independently or in a combination thereof to achieve the desired security context. The proposed method allows protection of all the application level components with the signaling plane security context.
    Type: Grant
    Filed: January 29, 2018
    Date of Patent: April 26, 2022
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Rajavelsamy Rajadurai, Nishant Gupta
  • Patent number: 11310202
    Abstract: In some embodiments, a method receives a packet at an instance of a distributed firewall associated with one of a plurality of workloads running on a hypervisor. Each of the plurality of workloads has an associated instance of the distributed firewall. An index table is accessed for the workload where the index table includes a set of references to a set of rules in a rules table. Each workload in the plurality of workloads is associated with an index table that references rules that are applicable to each respective workload. The method then accesses at least one rule in a set of rules associated with the set of references from the rules table and compares one or more attributes for the packet to information stored for the at least one rule in the set of rules to determine a rule in the set of rules to apply to the packet.
    Type: Grant
    Filed: March 13, 2019
    Date of Patent: April 19, 2022
    Assignee: VMWARE, INC.
    Inventors: Jingmin Zhou, David Lorenzo, Subrahmanyam Manuguri, Anirban Sengupta
  • Patent number: 11288985
    Abstract: An encryption device includes hardware processors to: acquire a public key including an identification polynomial f(t) and a multivariable indeterminate equation X having elements of a ring Fp[t]/g(t) as coefficients; disperse and embed a message m as coefficients of plaintext polynomial factors mi having, as coefficients, polynomials with a limited degree among the elements of the ring; generate a plaintext polynomial M by multiplying the plaintext polynomial factors mi; randomly generate a random polynomial r having as a coefficient an element of the ring; randomly generate a noise polynomial e having as coefficients polynomials with a limited degree among the elements of the ring; and generate a ciphertext by encryption processing of performing an operation including adding, subtracting, or multiplying the identification polynomial f(t), the random polynomial r, the noise polynomial e, and the multivariable indeterminate equation X to, from, or by the plaintext polynomial M.
    Type: Grant
    Filed: August 27, 2020
    Date of Patent: March 29, 2022
    Assignee: KABUSHIKI KAISHA TOSHIBA
    Inventor: Koichiro Akiyama
  • Patent number: 11290466
    Abstract: A server is provided for managing access of an electronic entity to a communications network. The server includes a contact point in operable communication with the electronic entity. The contact point is configured to receive a network access granting request message from the electronic entity. The server further includes a processing module, configured to process the received network access granting request message, validate trust indicators contained within the network access granting request message, authorize access of the electronic entity to the network upon validation of the trust indicators, and transmit a response message to the electronic entity indicating a level of access to the network that has been authorized.
    Type: Grant
    Filed: August 16, 2018
    Date of Patent: March 29, 2022
    Assignee: Cable Television Laboratories, Inc.
    Inventor: Massimiliano Pala