Patents Examined by Alexander Lapian
  • Patent number: 9852303
    Abstract: Sensitive data is protected in a software product. A source file of the software product is compiled to generate an object file, in which the source file includes at least one piece of sensitive data marked with a specific identifier. The object file has a secure data section for saving storage information of the at least one piece of sensitive data at compile-time and run-time. The object file is linked to generate an executable file. The executable file updates the secure data section at run-time. Sensitive data is also protected when a core dump is generated.
    Type: Grant
    Filed: February 26, 2015
    Date of Patent: December 26, 2017
    Assignee: International Business Machines Corporation
    Inventors: Rui Feng, Shuang Shuang Jia, Da Fei Shi, Lijun Wei
  • Patent number: 9853964
    Abstract: A method of authenticating the legitimacy of a request for a resource from a resource provider by a user, including providing an authentication process in which a resource provider message is received and de-assembled, the integrity of the user request message is confirmed, a result indicator as to the legitimacy of the resource provider message is created by performing two or more authenticity checks, and an authentication result is sent.
    Type: Grant
    Filed: November 27, 2012
    Date of Patent: December 26, 2017
    Assignee: Robojar Pty Ltd
    Inventor: Jacques Noel Marc Chester
  • Patent number: 9843488
    Abstract: The present invention relates to systems and methods for detecting anomalies in computer network traffic with fewer false positives and without the need for time-consuming and unreliable historical baselines. Upon detection, traffic anomalies can be processed to determine valuable network insights, including health of interfaces, devices and network services, as well as to provide timely alerts in the event of attack.
    Type: Grant
    Filed: February 20, 2015
    Date of Patent: December 12, 2017
    Inventors: Igor Balabine, Alexander Velednitsky
  • Patent number: 9830440
    Abstract: A computer-implemented biometric identity verification method including the steps of storing a database of registered users, including data identifying profile attributes of each registered user and a respective plurality of stored biometric signatures, each stored biometric signature associated with a corresponding one or more of the profile attributes. A predicted biometric signature is derived for a requesting user when it is determined that a period of time has elapsed since the requesting user's stored biometric signature was last updated, by adapting the stored biometric signature based on biometric variances derived from a biometric peer group of registered users with at least one profile attribute in common with the requesting user. The predicted biometric signature is used to verify the identity of the requesting user.
    Type: Grant
    Filed: September 26, 2013
    Date of Patent: November 28, 2017
    Assignee: Barclays Bank PLC
    Inventor: Lee Randall
  • Patent number: 9807062
    Abstract: A method and apparatus for enabling a cloud server to provide screen information data indicating a screen to be displayed on a client device are provided. The method of enabling a cloud server to provide screen information data relating to a screen to be displayed on a client device includes: generating the screen information data; determining whether or not to protect the generated screen information data based on characteristics of an object configuring the screen; encrypting the provided screen information data based on the determining; and transmitting the encrypted the screen information data to the client device.
    Type: Grant
    Filed: September 26, 2013
    Date of Patent: October 31, 2017
    Inventors: Sung-bum Park, Yong-je Kim, Myung-jin Eom, Dae-Sung Cho, Woong-il Choi
  • Patent number: 9787682
    Abstract: In a method for securely connecting a controller for a machine or plant to a higher-level IT system, an integration layer is provided between the controller and the IT system, a controller image of the controller is generated in the integration layer, and the controller image is accessed from the IT system. The IT system thus always accesses the controller image rather than directly the controller. This prevents malware from gaining access to the controller e.g. via a network.
    Type: Grant
    Filed: September 26, 2013
    Date of Patent: October 10, 2017
    Assignee: Siemens Aktiengesellschaft
    Inventors: Johannes Birzer, Rainer Ordenewitz
  • Patent number: 9729548
    Abstract: The invention is about an identification process of an individual or object, in a system comprising a control server and a management server of a database comprising N indexed data of N stored individuals, in which, to identify the individual or object, its datum is compared to each of the N data of the base.
    Type: Grant
    Filed: December 20, 2012
    Date of Patent: August 8, 2017
    Assignee: MORPHO
    Inventors: Alain Patey, Herve Chabanne, Julien Bringer, Melanie Favre
  • Patent number: 9686257
    Abstract: In response to reception of a request, an authorization server system identifies authorization based on first authorization information received by a reception unit along with the request. The authorization server system gives at least some of the identified authorization to an application, and issues second authorization information for identifying the given authorization.
    Type: Grant
    Filed: September 26, 2013
    Date of Patent: June 20, 2017
    Inventor: Yu Tamura
  • Patent number: 9679145
    Abstract: The present invention relates to a method of managing switching from a first mode of operation to a second mode of operation a first processor in a processing device which comprises at least one other processor and a controller processor. The method comprises receiving a message which comprises a request to switch the first processor from a first to a second mode of operation; deciding whether the switching is appropriate; and upon decision of switching, switching the first processor from a first mode of operation to a second mode of operation according to the selected type of switching.
    Type: Grant
    Filed: October 4, 2012
    Date of Patent: June 13, 2017
    Inventors: Gilles Gallet, Julie Gonin, Nicolas Mareau, Claire Verilhac
  • Patent number: 9674169
    Abstract: A system and method for writing, updating and reading the static and dynamic identification data for an aeronautical appliance, which is secure, of low weight and simple to implement. The system for writing, updating and reading the static and dynamic identification data includes a data collection device for collecting and storing static and dynamic identification data for an aeronautical appliance, the collection device integrated into the aeronautical appliance and coupled to a computing unit of the aeronautical appliance according to a master-slave communication model, the computing unit always being master of the communication with the collection device, and a reading device for remotely reading at least part of the identification data stored on the collection device.
    Type: Grant
    Filed: April 10, 2014
    Date of Patent: June 6, 2017
    Assignee: AIRBUS OPERATIONS (S.A.S.)
    Inventors: Bertrand Leconte, Thierry Planche, Bertrand Deleris
  • Patent number: 9667628
    Abstract: The present application is directed to establishing ownership of a secure workspace (SW). A client device may provide a SW data structure (SWDS) to a SW configurator. A SWDS may comprise a hash of an original SW and a public key, and may be signed by a private key corresponding to the public key. The SW configurator may cause an execution container (EC) to be generated including a SW initiated using the SWDS. The client device may claim SW ownership using a request (signed by the private key) transmitted along with a copy of the public key. SW ownership may be determined by an ownership determination module that verifies the signature of the request using the public key received with the request, determines a hash of the received public key and compares the hash of the received public key to a hash of the public key in the SWDS.
    Type: Grant
    Filed: November 6, 2014
    Date of Patent: May 30, 2017
    Assignee: Intel Corporation
    Inventors: Simon P. Johnson, Asher M. Altman, Abhishek Das, Vincent R. Scarlata
  • Patent number: 9654504
    Abstract: A computer system monitors a set of inactive addresses. The computer system identifies a suspicious activity associated with at least one inactive address of the set of inactive addresses. The computer system determines a suspicion score for the at least one inactive address based on the suspicious activity associated with the at least one inactive address. The computer system categorizes the at least one inactive address as a potentially hijacked address if the suspicion score exceeds a threshold.
    Type: Grant
    Filed: December 10, 2013
    Date of Patent: May 16, 2017
    Assignee: Symantec Corporation
    Inventors: Pierre-Antoine Vervier, Marc Dacier, Olivier Thonnard
  • Patent number: 9596248
    Abstract: A trojan detection method and device, used to solve the problem in the prior art of being unable to effectively detect a trojan in a network, the method comprising: when a trojan heartbeat is detected in a session, according to whether the trojan heartbeat detection frequency is fixed, increasing the recorded session weight by a corresponding weight and recording the increased weight, and checking whether each packet transmitted from a controlling end to a controlled end complies with the characteristics of a trojan control command packet; if yes, then increasing by a third weight onto the recorded session weight and recording the same, and when the session weight reaches an alarm threshold, generating an alarm to notify that the session is initiated by a trojan. An embodiment of the present invention achieves trojan detection by detecting the packet in the session, thereby the trojan in a network can be detected.
    Type: Grant
    Filed: December 18, 2012
    Date of Patent: March 14, 2017
    Inventors: Yuxuan Duan, Lijun Cheng, Peng Han
  • Patent number: 9530006
    Abstract: A method for performing a memory safety check of a program coded in an unmanaged programming language includes receiving an intermediate representation (IR) of the program and performing a static analysis pass of the IR to generate annotations including a safe pointer and an unsafe pointer. The method further includes removing, during a static analysis pass of the IR, the safe pointer from the annotations, inserting, into the IR using the annotations, a sandbox function call at the unsafe pointer to generate a modified IR, compiling the modified IR to generate an executable version of the program, executing, inside a sandbox framework, the executable version of the program, generating, during runtime and upon reaching the sandbox function call, a metadata entry and an enhanced pointer for atomicity, and comparing, during runtime and upon reaching a use of the unsafe pointer, the metadata entry with the enhanced pointer.
    Type: Grant
    Filed: April 11, 2014
    Date of Patent: December 27, 2016
    Assignee: Oracle International Corporation
    Inventors: Jens Troeger, Vishv Mohan Malhotra
  • Patent number: 9444846
    Abstract: Embodiments of a method are disclosed for computing trust index among multiple entities associated with a resource marketplace. The method includes receiving multiple inputs including interaction attributes, attribute importance factors, references to databases, and multiple entities associated with the resource marketplace. The method also includes creating a weighted-interaction graph based on the received inputs. The weighted-interaction graph includes multiple vertices representing the entities. The method further includes performing a topology-specific analysis of the weighted-interaction graph. The method furthermore includes computing Euclidean distances for each pair of vertices in the weighted-interaction graph based on the performed analysis. The method also includes determining a trust index for a first entity in the received multiple entities based on the computed Euclidean distances. The trust index includes ranking of at least one of the multiple entities with respect to the first entity.
    Type: Grant
    Filed: June 19, 2014
    Date of Patent: September 13, 2016
    Assignee: Xerox Corporation
    Inventors: Avinash Sharma, Partha Dutta, Tridib Mukherjee, Shruti Kunde
  • Patent number: 9378341
    Abstract: An audio processing method for an electronic device includes a first audio file, a second audio file, and a first digital watermark to perform an audio processing method. The first digital watermark has ownership information regarding the first audio file. A first discrete audio array of the first audio file and a second discrete audio array of the second audio file are generated. A cipher code is generated using the first discrete audio array and the first digital watermark, and a second digital watermark is generated using the cipher code and the second discrete audio array. The first and second digital watermarks are compared, to confirm common ownership or otherwise of the second and first audio files.
    Type: Grant
    Filed: December 9, 2013
    Date of Patent: June 28, 2016
    Inventors: Xue-Wen Feng, Shou-Ke Ma
  • Patent number: 9350728
    Abstract: A method and system for generating and authorizing a dynamic password, which relate to the field of identity authentication. The method comprises: a token receiving a command for generating a dynamic password, and generating a first dynamic factor according to a first timer; acquiring current data from a first data set according to a first offset pointer, and generating a first dynamic password according to the first dynamic factor and the current data; a server receiving a second dynamic password input by a user, and obtaining a second dynamic factor according to a second timer; obtaining an authentication window according to the second dynamic factor and an authentication window value; and according to the dynamic factor in the authentication window and the data in a second data set, calculating to generate a group of dynamic passwords, and verifying whether there is a dynamic password consistent with the second dynamic password in the group of dynamic passwords or not.
    Type: Grant
    Filed: August 30, 2013
    Date of Patent: May 24, 2016
    Assignee: Feitian Technologies Co., Ltd.
    Inventors: Zhou Lu, Huazhang Yu
  • Patent number: 9344417
    Abstract: An authenticating method including establishing trust between an authentication provider and service provider; establishing trust between the authentication provider and authentication application installed in a terminal. The authentication provider, for each session, receives an access code request and connection information from the terminal; generates and stores the access code; sends the access code to the terminal; receives the access code from the authentication application; indicates verification of the access code to the authentication application and terminal; receives from the authentication application a request to grant access to the terminal; instructs the service provider to grant access; and sends a confirmation of the granted access to the terminal. An authenticated session between the terminal and the service provider is setup for providing services to the terminal.
    Type: Grant
    Filed: March 30, 2012
    Date of Patent: May 17, 2016
    Assignee: MEONTRUST INC.
    Inventors: Markku Mehtälä, Teemu Mikkonen, Janne-Petteri Parkkila, Harri Salminen
  • Patent number: 9317680
    Abstract: A method and system for protecting against unknown malicious activities by determining a reputation of a link are disclosed. A reputation server queries a database including reputation information associated with a plurality of links to retrieve a reputation of a redirected link. The reputation information may indicate whether the links are associated with a malicious activity. The reputation of the redirected link may be associated with the original link to create a reputation of the original link.
    Type: Grant
    Filed: October 20, 2010
    Date of Patent: April 19, 2016
    Assignee: McAfee, Inc.
    Inventors: Russell Bertrand Carter, III, Pravat Kumar Lall, Geoff Oitment, Davoud Maha, Javed Hasan
  • Patent number: 9306956
    Abstract: Immediately upon identifying a potential breach to a file system, a read-only snapshot of one or more file sets of data stored on a storage volume of the file system is created, and one or more file system protection commands are invoked that restrict access to the snapshot of the file set. Generating the snapshot and restricting access to the snapshot data may include immediately opening an administrative shell for the file-system in response to identifying a potential breach, and executing administrative shell commands that invoke creation of snapshot and limit access of the snapshot data to an administrator or super user.
    Type: Grant
    Filed: May 21, 2015
    Date of Patent: April 5, 2016
    Assignee: GLOBALFOUNDRIES Inc.
    Inventors: Blaine H. Dolph, Sandeep R. Patil, Riyazahamad M. Shiraguppi, Gandhi Sivakumar, Matthew B. Trevathan