Patents Examined by Abiy Getachew
  • Patent number: 11328076
    Abstract: A method by one or more electronic devices implementing a system for providing community-based data security, where the system is communicatively coupled to a plurality of database security analyzers, where each of the plurality of database security analyzers is configured to analyze data accesses to one or more databases associated with that database security analyzer. The method includes obtaining, for each of the plurality of database security analyzers, learning metadata generated by that database security analyzer, generating security parameters based on the learning metadata generated by the plurality of database security analyzers, and providing the security parameters to one or more of the plurality of database security analyzers to cause the one or more of the plurality of database security analyzers to apply the security parameters when analyzing data accesses to detect security incidents.
    Type: Grant
    Filed: April 30, 2019
    Date of Patent: May 10, 2022
    Assignee: Imperva, Inc.
    Inventors: Doron Tzur, Shiri Margel, Itsik Mantin
  • Patent number: 11323253
    Abstract: The invention relates to a method for generating cryptographic keys according to a key derivation function model. An embodiment includes the following steps: defining a master key for different models of a product type from a manufacturer; defining a set of key derivation parameters for the key derivation function model; determining the key derivation parameters for the model for which a cryptographic key is to be derived; deriving a single cryptographic key or a set of cryptographic keys from the master key according to the key derivation function model taking into account the key derivation parameters, wherein the step of defining a set of key derivation parameters comprises at least the following parameters: key type identification and key type learning counter.
    Type: Grant
    Filed: August 26, 2020
    Date of Patent: May 3, 2022
    Assignee: VOLKSWAGEN AKTIENGESELLSCHAFT
    Inventors: Alexander Tschache, Timo Winkelvos
  • Patent number: 11321471
    Abstract: Disclosed is a method of encrypted storage of data, applied to a client having an application (APP) installed thereon. The method includes: generating an encryption key based on a preset algorithm; dividing the encryption key into m portions, and respectively storing the portions in m media of the client, where m is a natural number greater than 1; and encrypting target data by using the encryption key.
    Type: Grant
    Filed: November 23, 2018
    Date of Patent: May 3, 2022
    Assignee: Beijing Sankuai Online Technology Co., Ltd
    Inventor: Tao Wang
  • Patent number: 11321442
    Abstract: The present disclosure relates to authenticity and data security for bus-based communication networks in a vehicle. The present disclosure teaches a protocol frame, a sender on data link layer, and a receiver on data link layer providing such authenticity and data security as well as a communication network in a vehicle employing the protocol frame, the sender and the receiver according to the present disclosure.
    Type: Grant
    Filed: March 20, 2020
    Date of Patent: May 3, 2022
    Assignee: Infineon Technologies AG
    Inventors: Alexander Zeh, Harald Zweck
  • Patent number: 11323443
    Abstract: Methods and systems for performing on demand access transactions are disclosed. In one example, the method includes receiving, by a directory service computer from an authorizing computer, a file including a primary access identifiers and virtual access identifiers, the virtual access identifiers not being capable of being used at resource providers to conduct transactions. The method also includes receiving a request to provide an access token that is associated with an account, the request comprising information that identifies the account. The method further includes retrieving a virtual access identifier based on the identifying information; and requesting, by the directory service computer to a token service computer, that the access token be provisioned on the user device or an application computer associated with an application on the user device.
    Type: Grant
    Filed: November 28, 2017
    Date of Patent: May 3, 2022
    Assignee: VISA INTERNATIONAL SERVICE ASSOCIATION
    Inventors: Dong Soon Denis Kang, Francois Hribovsek, Swapnil Vasant Mhasde, Guan Heng Christophe Yeo
  • Patent number: 11321472
    Abstract: Disclosed embodiments relate to systems and methods for securely and privately auditing web sessions. Techniques include receiving, from a browser extension executing on a user endpoint device, encrypted browser session data and an encrypted session key, storing the encrypted browser session data and the encrypted session key; receiving, from an auditor endpoint device, an audit request associated with the stored encrypted browser session data; retrieving the stored encrypted browser session data and the stored encrypted session key based on the audit request; and transmitting at least some of the encrypted browser session data and the encrypted session key to the auditor endpoint device to enable access to the browser session data by the auditor endpoint device.
    Type: Grant
    Filed: October 29, 2021
    Date of Patent: May 3, 2022
    Assignee: CyberArk Software Ltd.
    Inventor: Evgeni Aizikovich
  • Patent number: 11316681
    Abstract: A user identity authentication method includes: receiving first information input by a user, and obtaining intermediate information of the user from a block-chain; generating second information by using the first information and the intermediate information; and obtaining a matching result by determining whether the second information matches result information stored in the block-chain, and determining whether user identity of the user is valid according to the matching result.
    Type: Grant
    Filed: June 21, 2019
    Date of Patent: April 26, 2022
    Assignee: BOE TECHNOLOGY GROUP CO., LTD.
    Inventor: Zhengong Zhao
  • Patent number: 11316679
    Abstract: A data monitoring system comprising a server communicatively coupled to a client device and a data module via a network. The server is configured to store a private key of a public-private key pair associated with the data module, receive a request from the client device for authenticated access to the data module, and generate an authentication key based at least on the private key and a time. The client device is configured to generate the request for authenticated access to the data module and transmit the request to the server. The data module is configured to store the private key of the public-private key pair associated with the data module, generate the authentication key based at least on the private key and the time, and grant access to the data module if the authentication key generated by the data module and the authentication key generated by the server match.
    Type: Grant
    Filed: September 18, 2018
    Date of Patent: April 26, 2022
    Assignee: ABIOMED, INC.
    Inventor: Alessandro Simone Agnello
  • Patent number: 11308239
    Abstract: Method and apparatus for protecting against a jitter attack upon a cryptographic processing device. In some embodiments, the cryptographic processing circuit is configured to perform a cryptographic function on a set of input data to generate a corresponding set of transformed output data. An input line supplies an input signal used by the cryptographic processing IC during execution of the cryptographic function. A monitor circuit monitors the input signal, and temporarily disables the cryptographic processing IC when time-varying changes to the input signal indicate a jitter attack may be taking place. The input signal may be a source voltage, and voltage transitions in the source voltage can be monitored. Alternatively, the input signal may be a clock signal, and frequency variations in the clock signal can be monitored. The monitor circuit may be arranged on a power island to maintain power during power fluctuations.
    Type: Grant
    Filed: May 15, 2018
    Date of Patent: April 19, 2022
    Assignee: SEAGATE TECHNOLOGY LLC
    Inventor: Robert Wayne Moss
  • Patent number: 11308223
    Abstract: Blockchain-based file handling is provided by receiving a data file from a user device, storing the data file to local storage of the blockchain peer, generating a file identifier of the data file, providing the file identifier to the user device, storing the file identifier to a synchronized ledger of the blockchain network, where the synchronized ledger tracks access to the data file, and distributing data of the data file to one or more other blockchain peers of the blockchain network.
    Type: Grant
    Filed: November 7, 2019
    Date of Patent: April 19, 2022
    Assignee: Kyndryl, Inc.
    Inventors: Yu Lin Zhai, Zi Jian Ji, Si Heng Sun, Yuan Yuan Li, Xiao Lu Wang, Yue Zhang
  • Patent number: 11303432
    Abstract: Double key encryption encrypts sensitive data using a content key, obtains a user public key from a key management service, encrypts the content key using the user public key, and encrypts the result using a cloud service provider key. Data confidentiality is protected efficiently through multilevel encryption and also by utilizing keys that are managed by different entities. Sensitivity labeling allows analytics to track sensitive data without compromising confidentiality. Compliance mechanisms may use attribute-based access control to support storage of sensitive data in a cloud, but only inside a permitted region, and without giving the cloud service provider access to the sensitive data.
    Type: Grant
    Filed: May 1, 2020
    Date of Patent: April 12, 2022
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Benjamin Sean Levin, Kartik Tirunelveli Kanakasabesan, Laurie Lee Litwack, Kurt Matthew Brendon, Ajay Kumar Karanam, Kiran Doreswamy, Ryan Jay Best
  • Patent number: 11303446
    Abstract: An example operation includes one or more of selecting, by a trust maintainer node, at least two blockchain nodes to be assigned as non-human intelligent nodes controlled by separate consortiums, identifying, by the trust maintainer node, a plurality of blockchain nodes that are not assigned as non-human intelligent nodes, assigning, by the trust maintainer node, a trust value to each of the plurality of the blockchain nodes based on voting histories of each of the plurality of the blockchain nodes to determine an overall trust value of a blockchain, and responsive to the overall trust value of the blockchain being below a minimum threshold, selecting at least one node from the plurality of the nodes to be assigned as the non-human intelligent node to increase the overall trust value of the blockchain.
    Type: Grant
    Filed: April 9, 2020
    Date of Patent: April 12, 2022
    Assignee: International Business Machines Corporation
    Inventors: Vijender Koorella, Daniel Pacheco, Richard Daniel Gunjal, Ching-Yun Chao
  • Patent number: 11290286
    Abstract: A method for registering and provisioning an electronic device is provided. The method includes a step of inserting a first keypair into a secure element of the electronic device. The first keypair includes a public key and a private key. The method further includes a step of requesting, from a server configured to register and provision connected devices, a provisioning of credentials of the electronic device. The method further includes a step of verifying, by the server, the electronic device credentials. The method further includes a step of registering, by the server, the electronic device. The method further includes a step of transmitting, from the server to the electronic device, a device certificate. The method further includes steps of installing the transmitted device certificate within the secure element of the electronic device, and provisioning the electronic device according to the installed device certificate.
    Type: Grant
    Filed: July 23, 2019
    Date of Patent: March 29, 2022
    Assignee: Cable Television Laboratories, Inc.
    Inventors: Massimiliano Pala, Ronald H. Ih
  • Patent number: 11288377
    Abstract: A virtual machine (VM) provisioned in the IaaS platform from a custom OS distribution that implements a remote attestation of itself. The VM can prove its privacy and integrity properties to an external party using a set of OS-level restrictions and IaaS-level validations. Remote attestation provides guarantees that the VM administrator cannot tamper with the VM operation and cannot access sensitive data. The attested properties are guaranteed by the correct operation of the underlying VM technology.
    Type: Grant
    Filed: October 3, 2019
    Date of Patent: March 29, 2022
    Inventor: Pavel Izhutov
  • Patent number: 11283598
    Abstract: A data message authentication system in a vehicle communication network includes a sequence generator configured to generate a sequence representative of an intra-message pattern; a parsing processor configured to receive a data message, receive the sequence from the sequence generator, select a subset of data segments from the data message based on the intra-message pattern, and output the selected subset of data segments; and a tag generator configured to receive the selected subset of data segments from the parsing processor and generate an authentication code based on the selected subset of data segments, where the authentication code corresponds to the data message.
    Type: Grant
    Filed: January 25, 2019
    Date of Patent: March 22, 2022
    Inventors: Alexander Zeh, Marcus Janke
  • Patent number: 11277390
    Abstract: Software installed in the nodes in a communication network allows them to perform a “name server” function, which entails the management of a dynamic list of the client devices that are connected to the cloud, a “task” function, which entails the receipt and transmission of the packets, and an “authority” function, which entails the determination of the routes of the packets through the cloud. Each node is capable of performing only one function at a time. After completing a job, a node reverts to an undifferentiated, state awaiting its next performance request.
    Type: Grant
    Filed: July 10, 2019
    Date of Patent: March 15, 2022
    Inventors: Ievgen Verzun, Richard K. Williams
  • Patent number: 11277262
    Abstract: Generating unique data encryption keys for a data set, by allocating a data set associated with a security policy, where the security policy specifies a key encryption key (KEK) label, retrieving the KEK label from the security policy, storing the KEK label as metadata of the data set, opening the data set for a first time write, generating a data encryption key (DEK), retrieving a KEK from a key store according to the KEK label, encrypting the DEK using the KEK, storing the encrypted DEK as metadata of the data set, and encrypting the data set using the DEK.
    Type: Grant
    Filed: July 1, 2020
    Date of Patent: March 15, 2022
    Assignee: International Business machines Corporation
    Inventors: Eysha Shirrine Powers, Michael Joseph Jordan, Cecilia Carranza Lewis, Eric David Rossman
  • Patent number: 11271745
    Abstract: Embodiments of this specification provide methods and systems for operating an IoT device An exemplary method comprises: receiving, by a user equipment, an operation instruction for the IoT device from a user, wherein the user equipment is communicatively coupled with the IoT device; identifying, by the user equipment, a biometric feature of the user; verifying, by the user equipment, an identity of the user based on the biometric feature; signing, by the user equipment, the operation instruction using a first user key of the user in response to the identity of the user being verified; transmitting, by the user equipment, the signed operation instruction to the IoT device; verifying, by the IoT device, the signed operation instruction using a second user key of the user; and executing, by the IoT device, the operation instruction in response to the signed operation instruction being verified.
    Type: Grant
    Filed: May 6, 2021
    Date of Patent: March 8, 2022
    Assignee: ADVANCED NEW TECHNOLOGIES CO., LTD.
    Inventors: Qi Huang, Hui Liao
  • Patent number: 11263350
    Abstract: In a cryptographic apparatus, a cryptographic module executes first assurance check processing, which is processing for satisfying a predetermined certification requirement on image data of first software, and also executes second assurance check processing, which is processing for satisfying the above predetermined certification requirement on a verification target, which is at least part of image data of second software, and on which verification for satisfying the predetermined certification requirement is not performed by a device.
    Type: Grant
    Filed: September 14, 2020
    Date of Patent: March 1, 2022
    Assignee: HITACHI, LTD.
    Inventors: Hideaki Monji, Yuusaku Kiyota
  • Patent number: 11265146
    Abstract: An electronic apparatus for managing data based on a block chain and a method therefor are provided. The electronic apparatus includes a communication interface, a memory, and a processor to receive a request for accessing data from an authenticated user, generate first block information regarding the request by including information on the request and at least one second block information related to the request from among a plurality of second block information stored in the memory, transmit the generated first block information to at least one of a plurality of external apparatuses constituting a block chain, and update the plurality of second block information stored in the memory based on the generated first block information. The plurality of second block information includes information on a block regarding a latest access history by category among a plurality of blocks included in block chain data shared by the plurality of external apparatuses.
    Type: Grant
    Filed: April 30, 2019
    Date of Patent: March 1, 2022
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Sangbok Han, Hyuncheol Park, Sangmin Kim, Seonjae Kim, Donghyun Lee, Changhoon Lee, Isak Choi, Kyungwan Han