Patents Examined by Arezoo Sherkat
  • Patent number: 10878094
    Abstract: Embodiments of the present application disclose a method and apparatus for removing a root-privileged virus, and an electronic device. The method comprises: detecting, according to a preset virus database, whether a smart device has a file with a characteristic of a root-privileged virus; obtaining a system root privilege when a file with the characteristic of the root-privileged virus is detected; terminating all processes corresponding to all the detected files with the characteristic of the root-privileged virus; recovering system startup items to a status before the intrusion of the root-privileged virus; and deleting all the detected files with the characteristic of the root-privileged virus. Compared with the prior art, the embodiments of the present application enable root-privileged viruses to be killed more thoroughly.
    Type: Grant
    Filed: December 26, 2016
    Date of Patent: December 29, 2020
    Inventor: Guoqing Yuan
  • Patent number: 10867071
    Abstract: Encrypted user data are received at a service device from at least one user equipment, and the user data is encrypted in a trusted zone of the at least one user equipment. The encrypted user data then be decrypted in a trust zone of the service device by a first central processing unit (CPU) to obtain decrypted user data. A model is trained by using the decrypted user data to determine a training intermediate value and a training effective representative value, and a determination is made whether the training effective representative value satisfies a specified condition is determined. If so, the trained model is generated based on a model parameter. Otherwise, a model parameter is literately adjusted and the model is iteratively trained based on an adjusted model parameter until the trained effective representative value satisfies the specified condition.
    Type: Grant
    Filed: December 20, 2019
    Date of Patent: December 15, 2020
    Assignee: Advanced New Technologies Co., Ltd.
    Inventors: Ling Xie, Xiaolong Li
  • Patent number: 10862894
    Abstract: Embodiments of network devices for access control are described. In some embodiments, an access control processor of a first node receives a request from a requestor node on an unsecure network to join a first group of nodes on a secure network, where the first node coordinates network activities of the first group of nodes including a plurality of partitioned nodes of a network. In response to receiving the request, the access control processor assigns the requestor node to a first pool of the first group of nodes that are configured to perform authorized modifications of data including a cryptographic hash to protect the data against unauthorized modifications. In some embodiments, the access control processor initiates the authorized modifications of the data using one or more nodes assigned to the first pool and one or more nodes of a second pool of the first group of nodes.
    Type: Grant
    Filed: June 11, 2018
    Date of Patent: December 8, 2020
    Assignee: Fogchain Inc.
    Inventor: Nathanael Phillip Coonrod
  • Patent number: 10839055
    Abstract: A storage apparatus managing method, applied to a storage apparatus connected to a portable electronic apparatus, includes: (a) receiving authentication information via the portable electronic apparatus or the storage apparatus; (b) transmitting at least one confirmation command to a control module via a storage management program in the portable electronic apparatus, wherein the confirmation command is arranged to confirm whether the control module is in a ready state; (c) controlling the portable electronic apparatus to be capable of reading from or writing to an encrypted data region of the storage apparatus, when the control module is confirmed to be in the ready state and the authentication information matches predetermined authentication information; and (d) controlling the portable electronic apparatus to be incapable of accessing the encrypted data region when the authentication information does not match the predetermined authentication information.
    Type: Grant
    Filed: June 27, 2018
    Date of Patent: November 17, 2020
    Assignee: Silicon Motion, Inc.
    Inventors: Li-Ling Chou, Chao-Yu Lin
  • Patent number: 10839083
    Abstract: Systems and methods, disclosed herein, of a campaign controller that stores information to a database about execution of multiple simulated phishing campaigns for multiple users, where each of the simulated phishing campaigns use one or more models for communicating simulated phishing communications. Based on this information, the campaign controller may determine a rate of success of the model, in causing a user to interact with a link in one of the simulated phishing campaigns, and may display the model's rate of success via a user interface.
    Type: Grant
    Filed: December 1, 2017
    Date of Patent: November 17, 2020
    Assignee: KnowBe4, Inc.
    Inventors: Stu Sjouwerman, Eric Sites
  • Patent number: 10805073
    Abstract: Provided are a computer program product, system, and method for generating master and wrapper keys for connected devices in a key generation scheme. For each of the devices, a wrapped master key comprising a master key for the device and a wrapper key is stored. The wrapper keys for a plurality of the devices are generated by another of the devices. For each of a plurality of the devices, the master key for the device is used to generate the wrapper key for a target device comprising another of the devices. For each of the devices, the wrapper key for the device is used to decrypt the stored wrapped master key. At least one of the devices uses the master key for the device to encrypt and decrypt data at the device.
    Type: Grant
    Filed: January 2, 2019
    Date of Patent: October 13, 2020
    Assignee: International Business Machines Corporation
    Inventors: Ronen Gazit, Ron S. Shapiro, Lior Shlomov, Ariel Waizel, Guy-Arie Yur
  • Patent number: 10803049
    Abstract: Method for creating a signal for time-stamping of documents (A), comprising the following steps: a) selecting a digitally stored reference document (D1-D3), which is a digital sample of the current state of a certain reference source at a certain first point in time, where the truthfulness of each reference document can be verified by consulting one or several publically available information sources concerning the historic state of said reference source; b) using the reference document as an input values to a one-way function, and calculating the corresponding output value; c) updating the signal based upon the said output value, so that the said output value (P1-P3) is constituted by or can be determined based upon the value of the signal; and d) repeating from a) using another digitally stored reference document which is a sample of the current state of the same or another reference source at a subsequent point in time.
    Type: Grant
    Filed: August 7, 2014
    Date of Patent: October 13, 2020
    Assignee: ENIGIO TIME AB
    Inventor: Hans Almgren
  • Patent number: 10797878
    Abstract: A system, method and program product for implementing a multi-node transaction management system. A system is disclosed that includes a one-time token generator that generates a one-time token in response to a request for a multi-node transaction with a resource provider for a group of client nodes; a sub-transaction manager that collects tokens from each client node involved in the multi-node transaction, wherein at least one of the tokens is utilized to fully secure the one-time token; a trust manager that ensures that each client node meets an allocated obligation of the multi-node transaction; and a provider interface that forwards the one-time token to the resource provider to complete the multi-node transaction.
    Type: Grant
    Filed: November 29, 2017
    Date of Patent: October 6, 2020
    Assignee: International Business Machines Corporation
    Inventors: James D. Cleaver, Louise A. McGuire, Mike McGuire
  • Patent number: 10776463
    Abstract: Embodiments herein disclose a method and system for authenticating users of an electronic device. In an example, data pertaining to a user of the electronic device is collected for authentication. The data is data indicative of an interaction behavior of the user with the electronic device. A deviation of the collected data from a behavior model of the user is checked. To generate the behavior model, data from multiple users is collected to create the behavior model corresponding to each of the users, each behavior model is indicative of data uncommon between the user corresponding to the behavior model and other users in the plurality of users to separate the user corresponding to the behavior model from other users in the multiple users. Further, an access control policy is enforced on the electronic device, based on the deviation of the collected data from the behavior model of the user.
    Type: Grant
    Filed: March 11, 2019
    Date of Patent: September 15, 2020
    Assignee: KRYPTOWIRE LLC
    Inventors: Angelos Stavrou, Rahul Murmuria, Ryan Johnson, Daniel Barbara
  • Patent number: 10778698
    Abstract: Monitoring use of a sensor of a computing device. A sensor obtains information from an environment of the computing device. A co-processor provides functionality for the sensor, and at least one channel connects the co-processor to a central processing unit (CPU) of the computing device. Sensor data transmission is monitored over the at least one channel to determine when a transmission of data changes from a low data transmission mode to a high data transmission mode, and an alert is activated when the transmission of data is in the high data transmission mode.
    Type: Grant
    Filed: January 9, 2019
    Date of Patent: September 15, 2020
    Assignee: International Business Machines Corporation
    Inventor: George M. Blue
  • Patent number: 10762232
    Abstract: Implementations provide self-consistent, temporary, secure storage of information. An example system includes short-term memory storing a plurality of key records and a cache storing a plurality of data records. The key records and data records are locatable using participant identifiers. Each key record includes a nonce and each data record includes an encrypted portion. The key records are deleted periodically. The system also includes memory storing instructions that cause the system to receive query parameters that include first participant identifiers and to obtain a first nonce. The first nonce is associated with the first participant identifiers in the short-term memory. The instructions also cause the system to obtain data records associated with the first participant identifiers in the cache, to build an encryption key using the nonce and the first participant identifiers, and to decrypt the encrypted portion of the obtained data records using the encryption key.
    Type: Grant
    Filed: December 13, 2018
    Date of Patent: September 1, 2020
    Assignee:, Inc.
    Inventors: Zilong Tang, James F. Chen, Chen Qian
  • Patent number: 10764295
    Abstract: The present invention provides a computer implemented method, a system, and a computer program product of monitoring service policy management. In an exemplary embodiment, the computer implemented method, the system, and the computer program product include (1) receiving, by a computer system, a user-id when a new user logs onto a target network, (2) in response to the receiving, fetching, by the computer system, a rule associated with the new user, and (3) replacing, by the computer system, an active rule in a network monitoring service with the fetched rule such that the network monitoring service is configured to use the fetched rule, instead of the replaced active rule, for monitoring network events and creating an alert.
    Type: Grant
    Filed: August 8, 2017
    Date of Patent: September 1, 2020
    Assignee: International Business Machines Corporation
    Inventors: Alan Byrne, Bryan D. Osenbach, Paul Connolly
  • Patent number: 10749903
    Abstract: The present invention provides a reception apparatus for performing security tunneling and data re-transmission and unidirectionally receiving data from a transmission apparatus and a transmission apparatus for unidirectionally transmitting data to the reception apparatus. When the reception apparatus checks that there is an error in received data, the reception apparatus performs a switching operation or transmits a switching request signal to the transmission apparatus to notify of the error of the received data to the transmission apparatus. When the transmission apparatus has detected the switching, the transmission apparatus re-transmits data, in which an error is generated, to the reception apparatus. The transmission apparatus encrypts the data and transmits the encrypted data to the reception apparatus. According to the present invention, reliability and security of one-unidirectional data communication are improved.
    Type: Grant
    Filed: February 2, 2016
    Date of Patent: August 18, 2020
    Assignee: NNSP CO., LTD.
    Inventors: Ki-Hyun Kim, Eun Sung Na, Il-Yong Kim
  • Patent number: 10740489
    Abstract: The invention relates to obfuscating data while maintaining local predictive relationships. An embodiment of the present invention is directed to cryptographically obfuscating a data set in a manner that hides personally identifiable information (PII) while allowing third parties to train classes of machine learning algorithms effectively. According to an embodiment of the present invention, the obfuscation acts as a symmetric encryption so that the original obfuscating party may relate the predictions on the obfuscated data to the original PII. The various features of the present invention enable third party prediction services to safely interact with PII.
    Type: Grant
    Filed: May 17, 2018
    Date of Patent: August 11, 2020
    Assignee: JPMorgan Chase Bank, N.A.
    Inventors: Carter Tazio Schonwald, Graham L. Giller
  • Patent number: 10733291
    Abstract: A device, such as a payment reader, may include one or more units capable of providing access to sensitive data. Such units may be connected to each other through tamper traces. A secure unit can send known keys or key-value pairs between the units using a multi-directional protocol. The keys or key-value pairs are then compared by the secure unit to monitor or detect a tamper event.
    Type: Grant
    Filed: June 11, 2018
    Date of Patent: August 4, 2020
    Assignee: Square, Inc.
    Inventor: Cameron McLeod
  • Patent number: 10721320
    Abstract: The present application provides a redirection method, apparatus, and system, to increase a redirection success rate. In the method, a broadband remote access server (BRAS) receives a first Transport Layer Security (TLS) handshake packet sent by a terminal, where the first TLS handshake packet carries a flag and an identifier of the terminal, and the flag is used to indicate that the terminal is capable of performing redirection according to a uniform resource locator (URL); after determining that the first TLS handshake packet carries the flag, the BRAS obtains a URL of a destination server and a certificate of the destination server according to the identifier of the terminal, where the destination server is a server that redirection is destined for; and the BRAS sends the URL of the destination server and the certificate of the destination server to the terminal.
    Type: Grant
    Filed: August 11, 2017
    Date of Patent: July 21, 2020
    Inventors: Shuxiang Wang, Hongliang Gao
  • Patent number: 10719595
    Abstract: According to at least one example embodiment of the present invention, provided is a face authentication system including: a criterion setting unit that sets a criterion of face authentication performed on a user so as to be different in accordance with a state of an access target system accessed by the user; and a face authentication unit that performs face authentication of the user based on the criterion.
    Type: Grant
    Filed: February 14, 2019
    Date of Patent: July 21, 2020
    Assignee: NEC Corporation
    Inventors: Shinya Takashima, Shizuo Sakamoto
  • Patent number: 10715508
    Abstract: In one embodiment, a method for secure computation, includes receiving in a server, over a communication channel from a device external to the server a request to perform a modular exponentiation operation in which an exponent of the operation comprises a secret value, wherein the secret value is not provided to the server, and at least two parameters that encode the secret value in accordance with a polynomial or matrix homomorphic encryption of the secret value computed by the device, and performing in the server, in response to the request, a homomorphic exponentiation using the at least two parameters received from the device without decrypting the secret value in the server, so as to generate an output that is indicative of a result of the modular exponentiation operation.
    Type: Grant
    Filed: June 11, 2018
    Date of Patent: July 14, 2020
    Assignee: Cisco Technology, Inc.
    Inventors: Eliphaz Hibshoosh, Aviad Kipnis
  • Patent number: 10705855
    Abstract: Systems, method, and non-transitory computer readable storage medium are provided for configuring an information computing machine during execution of a kernel image. The system can create a file system from a base file system image in system memory of the computing system, apply configuration files from a bundle image to the file system in memory, copy files from a persistent file system stored in the storage resource to memory, validate the files from the persistent file system, and apply validated files to the file system in memory. The base file system image and bundle image can be verified by comparing a signed hash of the image with a hash generated by the initial file system and checking the hash signature against a public certificate included in the initial filesystem. The system can further execute /sbin/init and start application services.
    Type: Grant
    Filed: November 29, 2017
    Date of Patent: July 7, 2020
    Assignee: FORCEPOINT LLC
    Inventors: Mickey J. Malone, II, Jacob Minnis
  • Patent number: 10708243
    Abstract: To encrypt and distribute a message, a processor of a sender device may determine a public key associated with a recipient identifier. The processor may request confirmation of a the recipient identifier from a central authority server. The processor may receive the confirmation of the recipient identifier from the central authority server. The processor may encrypt the message using the public key to form an encrypted message. The processor may distribute the encrypted message. The encrypted message may be decipherable using a private key associated with the recipient identifier and used by a recipient device to securely interact with the distributed blockchain.
    Type: Grant
    Filed: April 24, 2018
    Date of Patent: July 7, 2020
    Assignee: Capital One Services, LLC
    Inventor: Austin Walters