Patents Examined by Andrew J Steinle
  • Patent number: 10812479
    Abstract: Example embodiments relate to authenticating a user operating a user computing entity. An input ordered sequence of biometric inputs is received and stored as profile templates. The templates are concatenated and a function is applied to generate a profile token. To authenticate a user, the same ordered sequence of biometric inputs are received to generate an authentication token with the profile token and the authentication token being compared for a match.
    Type: Grant
    Filed: December 5, 2018
    Date of Patent: October 20, 2020
    Assignee: FISERV, INC.
    Inventors: Nishant Dilip Apturkar, Harshal Vilasrao Chitkuntalwar
  • Patent number: 10805317
    Abstract: Described herein is a system transmits and combines local models, that individually include a set of local parameters computed via stochastic gradient descent (SGD), into a global model that includes a set of global model parameters. The local models are computed in parallel at different geographic locations (e.g., different instances of computing infrastructure) along with symbolic representations. Network transmission of the local models and the symbolic representations, rather than transmission of the large training data subsets processed to compute the local models and symbolic representations, conserves resources and decreases latency. The global model can then be used as a model to determine a likelihood that at least a portion of current and/or recently received data traffic is illegitimate data traffic that is associated with a cyber attack. In some instances, the system can implement a remedial action to mitigate the effects of the cyber attack on computing infrastructure.
    Type: Grant
    Filed: June 15, 2017
    Date of Patent: October 13, 2020
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Madanlal S. Musuvathi, Todd D. Mytkowicz, Saeed Maleki, Yufei Ding
  • Patent number: 10805332
    Abstract: Some embodiments of the invention provide a novel architecture for capturing contextual attributes on host computers that execute one or more machines, and for consuming the captured contextual attributes to perform services on the host computers. The machines are virtual machines (VMs) in some embodiments, containers in other embodiments, or a mix of VMs and containers in still other embodiments. Some embodiments execute a guest-introspection (GI) agent on each machine from which contextual attributes need to be captured. In addition to executing one or more machines, each host computer in these embodiments executes a context engine and one or more attribute-based service engines. Through the GI agents of a host's machines, the context engine of that host in some embodiments collects contextual attributes associated with network and/or process events on the machines, and provides the contextual attributes to the service engines to use to identify service rules for processing.
    Type: Grant
    Filed: October 30, 2017
    Date of Patent: October 13, 2020
    Assignee: NICIRA, INC.
    Inventors: Laxmikant Vithal Gunda, Sachin Mohan Vaidya
  • Patent number: 10803184
    Abstract: Implementations of the present specification provide method for determining a new model parameter for a data processing model. The method includes determining and receiving, from one or more other data parties, one or more other shares of a new model parameter. The one or more other shares of the new model parameter can be combined with a first share of the new model parameter determined by a first data party to produce a new model parameter. The new model parameter is used to train the data processing model.
    Type: Grant
    Filed: February 11, 2020
    Date of Patent: October 13, 2020
    Assignee: Alibaba Group Holding Limited
    Inventors: Yashun Zhou, Lichun Li, Shan Yin, Huazhong Wang
  • Patent number: 10805298
    Abstract: In general, techniques are described for provided result reporting via authentication, authorization and accounting (AAA) protocols. An authorization server comprising a control unit may be configured to perform the techniques. The control unit may authorize a network access server to allow an endpoint device to access one or more services in accordance with a network access protocol. The control unit may also request, in accordance with the network access protocol, a result from the network access server as to whether the one or more authorized services are presently provided for use by the endpoint device.
    Type: Grant
    Filed: December 18, 2015
    Date of Patent: October 13, 2020
    Assignee: Juniper Networks, Inc.
    Inventor: Sunil Madhaorao Gandhewar
  • Patent number: 10795999
    Abstract: Identifying and protecting against computer security threats while preserving privacy of individual client devices using condensed local differential privacy (CLDP). In one embodiment, a method may include accessing an actual data value, generating a perturbed data value by adding noise to the actual data value, aggregating the perturbed data values to at least partially cancel out aggregate noise of the aggregated perturbed data values at a population level, analyzing, using CLDP, the aggregated perturbed data values to identify a computer security threat, and in response, protecting against the computer security threat by performing a remedial action. The amount of noise added to each actual data value may be probabilistically computed such that a probability of noise being added decreases as an amount of added noise increases. The perturbed data values may preserve privacy of the actual data values.
    Type: Grant
    Filed: September 28, 2018
    Date of Patent: October 6, 2020
    Assignee: NORTONLIFELOCK INC.
    Inventors: Mehmet Emre Gursoy, Acar Tamersoy
  • Patent number: 10790981
    Abstract: The present solution discloses example methods and systems for verifying block data. One example method includes identifying newly added data to be stored in a blockchain, and selecting a data node in a block to store the newly added data. A string is generated based on the newly added data, and then a verification value for the newly added data is developed from the string using a predetermined algorithm. A new verification value for the block is calculated based on the verification value of the newly added data and the original verification values of the unchanged data nodes in the block. The new verification value for the block can then be used to verify the data stored in the block is consistent with data stored in the rest of the blockchain.
    Type: Grant
    Filed: October 22, 2019
    Date of Patent: September 29, 2020
    Assignee: Alibaba Group Holding Limited
    Inventor: Honglin Qiu
  • Patent number: 10789363
    Abstract: Identifying and protecting against computer security threats while preserving privacy of individual client devices using condensed local differential privacy (CLDP). In one embodiment, a method may include mapping non-ordinal data values to ordinal data values, generating a first ordering scheme for the ordinal data values, accessing actual non-ordinal data values, converting the actual non-ordinal data values to actual ordinal data values according to the mapping, generating first perturbed ordinal data values by adding noise, and aggregating the first perturbed ordinal data values.
    Type: Grant
    Filed: September 28, 2018
    Date of Patent: September 29, 2020
    Assignee: NORTONLIFELOCK INC.
    Inventors: Mehmet Emre Gursoy, Acar Tamersoy
  • Patent number: 10783088
    Abstract: Methods, systems, and computer devices are included for data backup. An example method includes receiving an activation signal from a hardware input of a data storage device that is operating in a read-only mode. In response to receiving the activation signal, a backup application is provided from the data storage device to a computing device that is communicatively coupled to the data storage device. An authenticated session is established between the data storage device and the backup application that is executed on the computing device. Backup data from the computing device is received via the authenticated session. The authenticated session causes the data storage device to operate in at least a write mode with respect to the received backup data during the authenticated session. The received backup data is written to the data storage device. If the authenticated session is terminated, the data storage device returns to a read-only mode.
    Type: Grant
    Filed: December 21, 2017
    Date of Patent: September 22, 2020
    Assignee: RED HAT, INC.
    Inventor: Stan Silvert
  • Patent number: 10785030
    Abstract: A system for decrypting encrypted data may include a data storage server that may store encrypted data in a server memory, communicate a portion of the encrypted data to a first user device, and generate an access code for decrypting the portion of the encrypted data. The data storage device may also communicate the access code to a second user device. The first user device may display, on a first device display, a visual representation of the portion of the encrypted data. The second user device may acquire the visual representation of the portion of the encrypted data from the first device display, decrypt the portion of the encrypted data based upon the access code and the visual representation, and display the decrypted portion of the encrypted data on a second device display.
    Type: Grant
    Filed: May 7, 2018
    Date of Patent: September 22, 2020
    Assignee: CITRIX SYSTEMS, INC.
    Inventor: Jeffrey David Wisgo
  • Patent number: 10785021
    Abstract: Methods for authenticating a user account are generally described. In various examples, the methods may comprise performing a first handshake comprising sending authentication data to a first computing device. The authentication data may include a handshake identifier, a user token, and an encryption key. In some examples, the methods may further comprise storing the handshake identifier, the user token, and the encryption key in a database. The methods may further comprise receiving a request for verification of a transaction. The request may comprise the handshake identifier and an encrypted user token. The user token and the encryption key may be retrieved from the database based at least in part on the handshake identifier of the request. The encryption key may be used to decrypt the encrypted user token. A determination may be made that the decrypted user token matches the user token retrieved from the database.
    Type: Grant
    Filed: February 28, 2018
    Date of Patent: September 22, 2020
    Assignee: AMAZON TECHNOLOGIES, INC.
    Inventors: Anshu Piyush Prabhat, Christopher Darren Maines, Rajbeer Kaur Bhatia
  • Patent number: 10785264
    Abstract: A security inspection system verifying a security system of electronic equipment may include an inspector having: a communicator connecting wireless diagnostic communication with the electronic equipment entering a process line; a KMS inspection portion inspecting a management state of generation and destruction of encryption key of a key management system device included in the electronic equipment; an application firewall inspection portion inspecting security policy of an application firewall disposed in a gateway of the electronic equipment; a version inspection portion updating at least one of a patch program and a firmware of the security system included in the electronic equipment; a database storing a program and data for a security inspection of the electronic equipment; and a controller performing diagnostic test of a firewall installation state, an encryption key management state, a transmission/reception state of an encrypted message, or blocking of abnormal data of the security system.
    Type: Grant
    Filed: October 31, 2018
    Date of Patent: September 22, 2020
    Assignees: Hyundai Motor Company, Kia Motors Corporation
    Inventors: Jun Yeon Park, Changmo Yang, Jin Seok Kim
  • Patent number: 10778709
    Abstract: Techniques facilitating cloud-native extensibility provided to security analytics are provided. A system comprises a memory that stores, and a processor that executes, computer executable components. The computer executable components can comprise a security component that implements an instance of an encapsulated security application. The encapsulated security application can be embedded into a container image as an extended analytic script. The computer executable components can also comprise an execution component that applies the instance of the encapsulated security application to a simulated system state of a computing device during subsequent scanning operations that result in respective analytics for scanning operations of the subsequent scanning operations.
    Type: Grant
    Filed: October 31, 2018
    Date of Patent: September 15, 2020
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Shripad Nadgowda, Canturk Isci
  • Patent number: 10776473
    Abstract: Improved systems and techniques are disclosed for controlling the security states of anti-theft security systems such as product display assemblies using security fobs. According to an example embodiment, a manager security fob and another security fob that is to be authorized for use in controlling the security status of a product display assembly can interact with a system in accordance with a defined sequence to add the another security fob to an authorization list for the product display assembly. For example, the defined sequence can be a connection of the manager security fob with the system, followed by a disconnection of the manager security fob from the system, followed a connection of the another security fob with the system within a defined window.
    Type: Grant
    Filed: April 27, 2018
    Date of Patent: September 15, 2020
    Assignee: Mobile Tech, Inc.
    Inventors: Robert Logan Blaser, Kristopher Wendell Schatz, Hunter Anderson Wylie
  • Patent number: 10776495
    Abstract: This disclosure relates to systems, devices, and methods for receiving security configuration information and malware state information for a plurality of client devices, the security configuration information comprising identification of at least one of security parameters, hardware configurations, or software configurations of each of the plurality of client devices, and the malware state information comprising identification of at least one or more types of malware on each of the plurality of devices. The security configuration information and malware state information may be analyzed to identify which client devices from the plurality of devices have a security configuration that places the identified client devices in a vulnerable security state.
    Type: Grant
    Filed: May 10, 2018
    Date of Patent: September 15, 2020
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Hermineh Sanossian, Tushar Suresh Sugandhi
  • Patent number: 10771342
    Abstract: Example method includes: identifying three relationships about a network function in an intent-based stateful network—(1) the network function forwarding a network packet implies that at least one previous network packet was received by the network function in the same direction prior to the network packet is forwarded, (2) an established state in the network function implies that at least one previous network packet was received at the network function, (3) the network function receiving the network packet as a downward network function implies the network packet was previously sent by a second network function acting as an upward network function; encoding the network function using a combination of at least one of the three identified relationships; and verifying a plurality of network intents in the intent-based stateful network based at least in part on the encoding of the network function.
    Type: Grant
    Filed: October 31, 2018
    Date of Patent: September 8, 2020
    Assignee: Hewlett Packard Enterprises Development LP
    Inventors: Joon-Myung Kang, Huazhe Wang, Puneet Sharma
  • Patent number: 10762174
    Abstract: A system to generate a graphical user interface to display a presentation of a set of shared user groups between users of a social networking service is described. Embodiments of the present disclosure relate generally to systems for: receiving an identification of a second user from a user account of a first user; identifying a user group that includes the first user and the second user in response to the identification of the second user from the user account of the first user; retrieving user identifiers of the first user and the second user, wherein the user identifiers may include graphical avatars; generating a group identifier based on the user identifiers; and causing display of a presentation of the user group at a client device.
    Type: Grant
    Filed: September 28, 2018
    Date of Patent: September 1, 2020
    Assignee: Snap Inc.
    Inventors: Trevor Denton, Swetha Krishna Prabhakar, Jeremy Voss
  • Patent number: 10762185
    Abstract: In response to receiving a second verification record of a second location and time at which a user is verified as present by a second internet of things (loT) device based on biometric input recognition, a proximity service maintains the second verification record in association with a user identifier only if travel between the second location and a first location previously recorded at a first time prior to the second time is feasible as determined by a mapping service. In response to receiving a verification request for verifying feasibility of the proximity of an authorized user of an account identifier at a third location at which the account identifier is presented with a transaction request and detecting the second verification record is maintained, the proximity service verifies the feasibility of the proximity of the authorized user as present at the third location in view of the second location and time.
    Type: Grant
    Filed: November 5, 2018
    Date of Patent: September 1, 2020
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Keith G. Frost, Kyle M. Brake, Stanley J. Vernier, Stephen A. Boxwell
  • Patent number: 10764309
    Abstract: Analysis of samples for maliciousness is disclosed. A sample is executed and one or more network activities associated with executing the sample are recorded. The recorded network activities are compared to a malware profile. The malware profile comprises a set of network activities taken by a known malicious application during execution of the known malicious application. A verdict of “malicious” is assigned to the sample based at least in part on a determination that the recorded network activities match the malware profile.
    Type: Grant
    Filed: January 31, 2018
    Date of Patent: September 1, 2020
    Assignee: Palo Alto Networks, Inc.
    Inventors: Jun Wang, Wei Xu
  • Patent number: 10757129
    Abstract: The present invention discloses a software security verification method, a device, and a system, and relates to the communications field, so as to resolve a problem in the prior art that security verification on a VNF packet increases a VNF instantiation delay and reduces VNF instantiation performance. In a specific solution, after a first device receives an instantiation request of a VNF, the first device performs security verification on a stored VNF packet of the VNF when or after starting to instantiate the VNF according to the instantiation request of the VNF, and the first device sends first result information to a second device when security verification on the VNF packet of the VNF succeeds. The first result information includes information that security verification on the VNF packet of the VNF succeeds. The present invention is applied to software security verification.
    Type: Grant
    Filed: October 27, 2017
    Date of Patent: August 25, 2020
    Assignee: HUAWEI TECHNOLOGIES CO., LTD.
    Inventors: Chengyan Feng, Jiangsheng Wang