Patents Examined by Ashokkumar B. Patel
  • Patent number: 12294655
    Abstract: A method of unlocking a second device using a first device is disclosed. The method can include: the first device pairing with the second device; establishing a trusted relationship with the second device; authenticating the first device using a device key; receiving a secret key from the second device; receiving a user input from an input/output device; and transmitting the received secret key to the second device to unlock the second device in response to receiving the user input, wherein establishing a trusted relationship with the second device comprises using a key generated from a hardware key associated with the first device to authenticate the device key.
    Type: Grant
    Filed: November 7, 2022
    Date of Patent: May 6, 2025
    Assignee: Apple Inc.
    Inventors: Conrad Sauerwald, Alexander Ledwith, John Iarocci, Marc J. Krochmal, Wade Benson, Gregory Novick, Noah Witherspoon
  • Patent number: 12130938
    Abstract: A computer implemented data product release method or system. The data product release is derived from a sensitive dataset using a privacy protection system such as a differentially private system. The privacy protection parameters, such as noise addition magnitude, are configurable as part of the data product release method or system to alter the balance between maintaining privacy of the sensitive dataset and making the data product release useful.
    Type: Grant
    Filed: December 18, 2018
    Date of Patent: October 29, 2024
    Assignee: PRIVITAR LIMITED
    Inventors: Charles Codman Cabot, Kieron Francois Pascal Guinamard, Jason Derek McFall, Pierre-Andre Maugis, Hector Page, Benjamin Thomas Pickering, Theresa Stadler, Jo-anne Tay, Suzanne Weller
  • Patent number: 12072977
    Abstract: Embodiments disclosed are directed to a computing system that performs steps to forensically isolate a compromised storage resource (e.g., bucket) of a production cloud computing and storage environment. In response to detecting an unauthorized access to resources (e.g., objects) stored in storage resource of the production cloud computing and storage environment, the computing system deploys a forensic isolation application that freezes the compromised storage resource so that a forensic analysis can be performed, duplicates the compromised storage resource's resources, and stores the duplicate resources as forensically isolated resources in a storage device outside of the production cloud computing and storage environment. The forensic isolation application then stores the duplicate resources as operational resources. Subsequently, the forensic isolation application reroutes authorized requests for the frozen resource to the operational copy of the frozen resource.
    Type: Grant
    Filed: August 2, 2021
    Date of Patent: August 27, 2024
    Assignee: Capital One Services, LLC
    Inventor: Paul Warner
  • Patent number: 12021965
    Abstract: A mobile network operator (MNO) uses a provisioning server to update or install profile content in a profile or electronic subscriber identity module (eSIM). In an exemplary embodiment, the profile is present on a secure element such as an embedded universal integrated circuit card (eUICC) in a wireless device. One or more MNOs use the provisioning server to perform profile content management on profiles in the eUICC. In some embodiments, an MNO has a trust relationship with the provisioning server. In some other embodiments, the MNO does not have a trust relationship with the provisioning server and protects payload targeted for an MNO-associated profile using an over the air (OTA) key.
    Type: Grant
    Filed: August 10, 2022
    Date of Patent: June 25, 2024
    Assignee: Apple Inc.
    Inventor: Xiangying Yang
  • Patent number: 12021966
    Abstract: A mobile network operator (MNO) uses a provisioning server to update or install profile content in a profile or electronic subscriber identity module (eSIM). In an exemplary embodiment, the profile is present on a secure element such as an embedded universal integrated circuit card (eUICC) in a wireless device. One or more MNOs use the provisioning server to perform profile content management on profiles in the eUICC. In some embodiments, an MNO has a trust relationship with the provisioning server. In some other embodiments, the MNO does not have a trust relationship with the provisioning server and protects payload targeted for an MNO-associated profile using an over the air (OTA) key.
    Type: Grant
    Filed: August 10, 2022
    Date of Patent: June 25, 2024
    Assignee: Apple Inc.
    Inventor: Xiangying Yang
  • Patent number: 11995178
    Abstract: Protection of a kernel from a sniff and code reuse attack. A kernel mode page table in initialized in a kernel. The kernel page entries in the kernel mode page table are set from s-pages to u-pages. Supervisor mode access prevention is enabled in the u-pages. Code contained in the kernel page entries in the u-pages is executed, the kernel page entries in the u-pages are capable of execution but are not capable of being accessed and read directly.
    Type: Grant
    Filed: December 31, 2021
    Date of Patent: May 28, 2024
    Assignee: International Business Machines Corporation
    Inventors: Dong Yan Yang, Qing Feng Hao, Biao Cao, Xi Qian, Li Ping Hao, Xiao Feng Ren, YaLian Pan
  • Patent number: 11895109
    Abstract: The embodiments described herein describe technologies for Module management, including Module creation and Module deployment to a target device in an operation phase of a manufacturing lifecycle of the target device in a cryptographic manager (CM) environment. One implementation includes a Root Authority (RA) device that receives a first command to create a Module and executes a Module Template to generate the Module in response to the first command. The RA device receives a second command to create a deployment authorization message. The Module and the deployment authorization message are deployed to an Appliance device. A set of instructions of the Module, when permitted by the deployment authorization message and executed by the Appliance device, results in a secure construction of a sequence of operations to securely provision a data asset to the target device.
    Type: Grant
    Filed: April 15, 2022
    Date of Patent: February 6, 2024
    Assignee: Cryptography Research, Inc.
    Inventors: Michael Hamburg, Benjamin Che-Ming Jun, Paul C. Kocher, Daniel O'Loughlin, Denis Alexandrovich Pochuev
  • Patent number: 11889314
    Abstract: A system for associating a device to a user of a service hosted at a remote location may include a device, a WAN, and equipment. The user may identify a wireless network of the device and connect to the device using equipment. An application on the equipment may generate a key and send the key to the device. The device may then connect with the service and transmit the key to the service. The application may disconnect from the device and connect with the service. The application may send a request to the service to associate with the device, sending the key with the request. The service compares the keys received from the device and the application. If the respective keys match, then the service may associate the device to the user of the service. Otherwise, the association is denied.
    Type: Grant
    Filed: April 12, 2018
    Date of Patent: January 30, 2024
    Assignee: Leviton Manufacturing Co., Inc.
    Inventors: Brian A. Yokum, Aaron Ard, Mark Buster
  • Patent number: 11882442
    Abstract: A terminal device seeking access to a mobile network retrieves a handset identifier identifying the terminal device and a cryptographic key for proving an identity of the terminal device from storage circuitry of the terminal device. The terminal device generates signature information by signing a block of information including the handset identifier using the cryptographic key. During a network connection process for negotiating access to the mobile network with a network control device, the terminal device communicates the signature information to the network control device.
    Type: Grant
    Filed: December 3, 2021
    Date of Patent: January 23, 2024
    Assignee: Trustonic Limited
    Inventor: Chris Loreskar
  • Patent number: 11882211
    Abstract: A function secret sharing (FSS) scheme that facilitates multiple evaluations of a secret function. The FSS scheme includes a function share based on a secret function and at least one key of a key-homomorphic pseudo random function (PRF). At least one key and a function share are provided to each party in the FSS scheme. In turn, each party may generate an output share comprising a function share output evaluated at a function input and a masking component generated based on the at least one key in relation to the key-homomorphic PRF. In turn, the output shares of each participating party may be combined to evaluate the secret function. The FSS scheme facilitates multiple evaluations of the secret function without leaking information regarding the secret function.
    Type: Grant
    Filed: September 29, 2021
    Date of Patent: January 23, 2024
    Assignee: SEAGATE TECHNOLOGY LLC
    Inventors: Foo Yee Yeo, Nolan Miranda, Vipin Singh Sehrawat
  • Patent number: 11853412
    Abstract: Systems and methods of defending against stack-based cybersecurity attacks that exploit vulnerabilities in buffer overflows. The embodiments disclosed herein propose applying a randomized modification to the original size of the stack frames of functions of a program. By applying a randomized modification to the length of the stack frame, e.g., randomly increasing the length of the allocated stack frame memory, it becomes harder (if not impossible) for the attacker to guess or estimate the memory location where the return address of a function is stored, regardless of the attacker's knowledge of the length of the stack frame. Multiple implementations, e.g., randomizations at transform time, load time, and run time are discussed herein.
    Type: Grant
    Filed: August 15, 2019
    Date of Patent: December 26, 2023
    Assignee: RUNSAFE SECURITY, INC.
    Inventors: Shane Paulsen Fry, David Nicholas Graham
  • Patent number: 11853453
    Abstract: A processor may receive clear text data. The processor may represent at least a portion of the clear text data as at least one array encoding a description of at least one feature of the clear text data. The processor may process the at least one array using a clustering algorithm to determine whether the at least one array is grouped with a benign cluster or a sensitive cluster of a model. In response to determining that the at least one array is grouped with the sensitive cluster, the processor may generate an alert indicating that the clear text data includes sensitive information.
    Type: Grant
    Filed: March 27, 2019
    Date of Patent: December 26, 2023
    Assignee: INTUIT INC.
    Inventors: Ariel Simhon, Liron Hayman, Gabriel Goldman, Yaron Moshe
  • Patent number: 11853422
    Abstract: Embodiments detect malicious code in distributed software components. A detector element references a source code repository (e.g., open source, commercial) containing lines of various files of a distributed artifact. Subject to certain possible optimizations, the detector inspects the individual files and lines of the artifact file-by-file and line-by-line, to identify whether any commit history information is available from a Versioning Control System (VCS). A risk assessor element receives from the detector element, results identifying those lines and/or files for which no VCS commit history is available. The risk assessor then references code features (e.g., file extension, security-critical API calls) in the results, to generate a probability of the malicious nature of the source code lacking VCS commit history information. An analysis report including this probability and additional relevant information, is offered to a user to conduct further manual review (e.g.
    Type: Grant
    Filed: December 12, 2019
    Date of Patent: December 26, 2023
    Assignee: SAP SE
    Inventor: Henrik Plate
  • Patent number: 11849325
    Abstract: Methods and network equipment for implementing security mechanism for interworking with independent security anchor function (SEAF) in 5G networks. A method performed by the standalone SEAF comprises receive a first request for a key to secure communication between the UE and a first access and mobility function (AMF) which a user equipment (UE) requests registration, wherein the request includes a first indication that indicates UE supports a standalone SEAF or not; receive, from a second AMF with which the UE requests registration for performing inter-AMF mobility to the second AMF, a second request for a key to secure communication between the UE and the second AMF, wherein the request includes a second indication that indicates the UE supports a standalone SEAF or not; and determine whether or not a bidding down attack has occurred depending at least in part on whether the first indication matches the second indication.
    Type: Grant
    Filed: January 3, 2019
    Date of Patent: December 19, 2023
    Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)
    Inventor: Noamen Ben Henda
  • Patent number: 11841963
    Abstract: Examples described herein relate to a data aggregation system for enabling query operations on restricted data that originates from multiple independent sources.
    Type: Grant
    Filed: June 21, 2021
    Date of Patent: December 12, 2023
    Assignee: NEUSTAR, INC.
    Inventors: Xavier Riley, Alan Burye
  • Patent number: 11841938
    Abstract: The present invention relates to a method for activating at least one sensor among a plurality of sensors embedded in a multi-unit device, said at least one sensor being configured to detect attacks during an execution by said multi-unit device of a software code comprising computer code instructions, wherein: said multi-unit device comprises at least two code execution units and a sensor activation circuit, and each sensor is associated to one code execution unit, and said method comprising, performed by said sensor activation circuit before execution of a computer code instruction of said software code by one of said code execution units: —determining (S1) the code execution unit configured to execute said instruction, —activating (S2) only the sensors associated with the determined code execution unit.
    Type: Grant
    Filed: April 9, 2019
    Date of Patent: December 12, 2023
    Assignee: THALES DIS FRANCE SAS
    Inventors: Sylvain Charbonnier, Philippe Loubet Moundi
  • Patent number: 11836267
    Abstract: A computer-implemented method includes receiving deduplication information at a storage system. The deduplication information is accessible to the storage system for performing operations thereon. The deduplication information includes signatures associated with portions of client data. The method also includes receiving the client data encrypted with a client secret key. The client secret key is unavailable to the storage system. The method includes deduplicating data chunks stored in the storage system against chunks of the client data, wherein the client data chunks are selected from the client data for deduplication using the deduplication information.
    Type: Grant
    Filed: August 19, 2019
    Date of Patent: December 5, 2023
    Assignee: International Business Machines Corporation
    Inventor: Steven Robert Hetzler
  • Patent number: 11822657
    Abstract: Disclosed is a computer implemented method for malware detection that analyses a file on a per packet basis. The method receives a packet of one or more packets associated a file, and converting a binary content associated with the packet into a digital representation and tokenizing plain text content associated with the packet. The method extracts one or more n-gram features, an entropy feature, and a domain feature from the converted content of the packet and applies a trained machine learning model to the one or more features extracted from the packet. The output of the machine learning method is a probability of maliciousness associated with the received packet. If the probability of maliciousness is above a threshold value, the method determines that the file associated with the received packet is malicious.
    Type: Grant
    Filed: April 20, 2022
    Date of Patent: November 21, 2023
    Assignee: Zscaler, Inc.
    Inventors: Huihsin Tseng, Hao Xu, Jian L Zhen
  • Patent number: 11809604
    Abstract: A fully-automated, defensible and highly-scalable system for disposition decisioning and, where applicable deleting previously archived electronic communications. In this regard, the present invention is capable of determining, on an individual e-communication basis, whether an e-communication should be deleted/purged from archive or retained in archive taking into account applicable rules and policies based on the geographic location from which the e-communication was sent, received or posted, as well as, based on the status on the sender/poster and/or recipient.
    Type: Grant
    Filed: July 15, 2021
    Date of Patent: November 7, 2023
    Assignee: BANK OF AMERICA CORPORATION
    Inventors: German Ulloa Albertazzi, Brian A. Blakley, Jessica Bond, Bryan L. Ford, Srinivasa Madireddi, James Charles Montagna, Aarti Patel, Jerome N. Rogers, Anthony Stone, Wayne Welsh
  • Patent number: 11809335
    Abstract: A device includes a memory. The device also includes a controller. The controller includes a register configured to store an indication of whether an ability of a received command to alter an access protection scheme of the memory is enabled. The received command may alter the access an access protection scheme of the memory responsive to the indication.
    Type: Grant
    Filed: June 2, 2021
    Date of Patent: November 7, 2023
    Inventors: Danilo Caraccio, Graziano Mirichigni