Patents Examined by Aubrey H. Wyszynski
  • Patent number: 11916965
    Abstract: Embodiments of systems and methods for platform framework policy management are described. A platform framework may receive, from an application of an IHS (Information Handling System), a registration as a user of a platform policy that is used to operate one or more of the hardware devices of the IHS. A platform framework of the IHS provides the application with a reference to the platform policy. In response to notifications of updates to the platform policy, the platform framework identifies the application as a registered user of the platform policy and provides the application with a reference to the updated platform policy. The platform policy may include a communication handle by which the policy is retrieved, where the handle may include a token that validates the authenticity of the platform policy.
    Type: Grant
    Filed: June 23, 2021
    Date of Patent: February 27, 2024
    Assignee: Dell Products, L.P.
    Inventors: Daniel L. Hamlin, Vivek Viswanathan Iyer
  • Patent number: 11916966
    Abstract: A system for access policy management of a plurality of valid entities communicating over a network comprising a server executing an application programming interface for registration and authentication of said entities directly or via an edge router, one or more encrypted tunnels between entities and one or more gateways. Wherein said server assigns a private IP address to each authenticated entities and propagates said IP address and associated access policies to each of said one or more gateway; and said one or more gateway processing and routing a plurality of packets received from each entity and enforcing one or more access policies associated with the private IP address assigned to the authenticated entity; and said one or more gateways manage routes based on the propagated private IP addresses of each authenticated entities and routes packets to reach one or more remote entities via one or more tunnels to one or more other gateways creating a network overlay between authenticated entities.
    Type: Grant
    Filed: July 2, 2021
    Date of Patent: February 27, 2024
    Assignee: Adaptiv Networks Inc.
    Inventor: Miika Anttoni Klemetti
  • Patent number: 11902252
    Abstract: Techniques managing access rules are provided. Access rules and their associated profiles are determined for evaluation. A triggering rate or a triggering percentage can be used to indicate efficacy of the rule. Recommendations can be provided based on a triggering percentage difference of the rule during a predetermined period of time. The recommendations can be provided in an interactive user interface.
    Type: Grant
    Filed: July 22, 2022
    Date of Patent: February 13, 2024
    Assignee: Visa International Service Association
    Inventors: Benjamin Scott Boding, Christopher Holmes, Cory Siddens, Henry Wong
  • Patent number: 11876837
    Abstract: A user of a client device accesses a service provided by a server computer. The server computer gathers data about the user. The data gathered may be kept private by the server computer, shared only with other computers and users owned by the same entity, shared with selected third parties, or made public. The server computer provides a privacy policy document that describes how the data gathered is used. A privacy server analyzes the privacy policy document and, based on the analysis, generates a privacy score. The privacy score or an informational message selected based on the privacy score are provided to the client device. In response, the client device presents the privacy score or the informational message to the user. In this way, the user is informed of privacy risks that result from accessing the server computer.
    Type: Grant
    Filed: November 10, 2022
    Date of Patent: January 16, 2024
    Assignee: IDENTITY THEFT GUARD SOLUTIONS, INC.
    Inventors: Brent VanLoo, Christopher Semke, Doug Pollack
  • Patent number: 11868462
    Abstract: A method, system, and apparatus comprising: automatically identifying a login session to a first software system in a Graphical User Interface (GUI) of a user device; automatically extracting user credentials from the login session; automatically manipulating at least a portion of the user credentials to obtain manipulated credentials; automatically verifying that the login session is authentic by: encrypting the user credentials, providing the encrypted credentials to a separate environment, and reconstructing the login session at the separate environment; and automatically adding the manipulated credentials to an account of the user in a second software system that is independent from the separate environment.
    Type: Grant
    Filed: November 1, 2022
    Date of Patent: January 9, 2024
    Assignee: Vim Inc.
    Inventors: Asaf David, Nicolas Mendzylewski, Moran Shemesh, Chen Rozenes, Daniel Hallel Jakobsen, Nandy Vaisman
  • Patent number: 11853109
    Abstract: A method, system, and apparatus comprising: automatically identifying a login session to a first software system in a Graphical User Interface (GUI) of a user device; automatically extracting user credentials from the login session; automatically manipulating at least a portion of the user credentials to obtain manipulated credentials; automatically verifying that the login session is authentic by: encrypting the user credentials, providing the encrypted credentials to a separate environment, and reconstructing the login session at the separate environment; and automatically adding the manipulated credentials to an account of the user in a second software system that is independent from the separate environment.
    Type: Grant
    Filed: December 1, 2022
    Date of Patent: December 26, 2023
    Assignee: VIM INC.
    Inventors: Asaf David, Nicolas Mendzylewski, Moran Shemesh, Chen Rozenes, Daniel Hallel Jakobsen, Nandy Vaisman
  • Patent number: 11856003
    Abstract: Techniques for providing innocent until proven guilty (IUPG) solutions for building and using adversary resistant and false positive resistant deep learning models are disclosed. In some embodiments, a system, process, and/or computer program product includes storing a set comprising one or more innocent until proven guilty (IUPG) models for static analysis of a sample; performing a static analysis of content associated with the sample, wherein performing the static analysis includes using at least one stored IUPG model; and determining that the sample is malicious based at least in part on the static analysis of the content associated with the sample, and in response to determining that the sample is malicious, performing an action based on a security policy.
    Type: Grant
    Filed: May 26, 2021
    Date of Patent: December 26, 2023
    Assignee: Palo Alto Networks, Inc.
    Inventors: Brody James Kutt, Oleksii Starov, Yuchen Zhou, William Redington Hewlett, II
  • Patent number: 11855979
    Abstract: Techniques are described herein that are capable of dynamically failing over authentication traffic to a backup authentication system by a proxy system. An authentication request, which requests authentication of a principal, is received at the proxy system. The authentication request is directed to a primary authentication system. A determination is made, by the proxy system, that the primary authentication system is incapable of providing a valid response to the authentication request. The backup authentication system is caused, by the proxy system, to authenticate the principal using an authentication package received from the primary authentication system by dynamically routing the authentication request to the backup authentication system as a result of the primary authentication system being incapable of providing a valid response to the authentication request.
    Type: Grant
    Filed: May 28, 2021
    Date of Patent: December 26, 2023
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Anirban Basu, Oren Jordan Melzer, Kamen K. Moutafov, Victor Boctor, Shuang Lu
  • Patent number: 11847488
    Abstract: This application relates to a graph data processing method performed by a distributed computer node cluster including a plurality of computer devices, each computer device distributed on a respective computing node of the distributed computer node cluster, the method including: obtaining subgraph data divided from to-be-processed graph data; performing a computation task on the subgraph data to obtain corresponding global data and local data; writing the global data to a blockchain network, the global data of the blockchain network being updated by the distributed computing node cluster; obtaining latest global data from the blockchain network; and iteratively performing, according to the obtained latest global data and the local data, the computation task on the subgraph data without obtaining a computation result until an iteration stopping condition is met.
    Type: Grant
    Filed: August 3, 2020
    Date of Patent: December 19, 2023
    Assignee: TENCENT TECHNOLOGY (SHENZHEN) COMPANY LIMITED
    Inventors: Bo Zheng, Rijia Liu, Zhibin Liu, Qian Chen
  • Patent number: 11849304
    Abstract: Security policies are made dependent on location of a device and the location of a device is determined and the appropriate security policy applied without providing the device's location to a server. A device determine its location and identifies a security policy identifier mapped to a zone including the location. The device requests the security policy corresponding to the identifier from a server and implements it. The device may also store a database of the security policies and implement them according to its location. Devices registered for a user evaluate whether locations detected for the devices correspond to impossible travel by the user. Objects encoding geolocation data of a device may be encrypted with a private key of the device and the public key of another to prevent access by an intermediary server.
    Type: Grant
    Filed: November 3, 2022
    Date of Patent: December 19, 2023
    Assignee: LOOKOUT INC.
    Inventors: Brian James Buck, Jeroen Martijn Wijdogen, Kevin Lam, Varun Shimoga Prakash, Michael Joseph Mole, Pradeep Deepak Phatak, Praveen Kumar Mamnani
  • Patent number: 11843637
    Abstract: The technology disclosed relates to a DHCP relay-based steering logic for policy enforcement on IoT devices. In particular, the technology disclosed provides a steering logic that is interposed between a plurality of special-purpose devices on a network segment of a network and a DHCP server on the network segment. The steering logic is configured to intercept DHCP requests broadcasted to the DHCP server by special-purpose devices in the plurality of special-purpose devices, forward the intercepted DHCP requests to the DHCP sever 522, receive, from the DHCP server, DHCP responses to the intercepted DHCP requests, receive, from a device classification logic, a positive determination that the special-purpose devices are special-purpose devices and not general-purpose devices, modify the received DHCP responses by replacing the default gateway with an inline secure forwarder on the network segment, and send the modified DHCP responses to the special-purpose devices.
    Type: Grant
    Filed: August 12, 2022
    Date of Patent: December 12, 2023
    Assignee: Netskope, Inc.
    Inventors: David Tze-Si Wu, Siying Yang, Krishna Narayanaswamy
  • Patent number: 11842288
    Abstract: Based on the interaction data and response data, an interaction monitoring platform may determine a first known sentiment and a second known sentiment, identify a first pattern and a second pattern in the interaction data, and generate a first pattern-level sentiment and a second pattern-level sentiment based on the known sentiments and the identified patterns. A binary indicator may indicate which identified patterns are exhibited in a subset of the interaction data. The platform may train a gradient boosting model using known sentiment as a target variable and using binary indicators and pattern-level sentiments as input data. The platform may predict a sentiment corresponding to a subset of interaction data with unknown sentiment that exhibits one or more of the first pattern or the second pattern based on a binary indicator and the trained gradient boosting model.
    Type: Grant
    Filed: June 17, 2020
    Date of Patent: December 12, 2023
    Assignee: Capital One Services, LLC
    Inventors: Weiyan Sun, Rohit Sarin, Elizabeth Claire Maue, Robert Edward Cezeaux
  • Patent number: 11826549
    Abstract: Methods, devices and systems are disclosed for inter-app communications between software applications on a mobile communications device. In one aspect, a computer-readable medium on a mobile computing device comprising an inter-application communication data structure to facilitate transitioning and distributing data between software applications in a shared app group for an operating system of the mobile computing device includes a scheme field of the data structure providing a scheme id associated with a target software app to transition to from a source software app, wherein the scheme id is listed on a scheme list stored with the source software app; and a payload field of the data structure providing data and/or an identification where to access data in a shared file system accessible to the software applications in the shared app group, wherein the payload field is encrypted.
    Type: Grant
    Filed: December 14, 2022
    Date of Patent: November 28, 2023
    Assignee: Dexcom, Inc.
    Inventors: Gary A. Morris, Scott M. Belliveau, Esteban Cabrera, Jr., Anna Leigh Davis, Rian W. Draeger, Laura J. Dunn, Timothy Joseph Goldsmith, Hari Hampapuram, Christopher Robert Hannemann, Apurv Ullas Kamath, Katherine Yerre Koehler, Patrick Wile McBride, Michael Robert Mensinger, Francis William Pascual, Philip Mansiel Pellouchoud, Nicholas Polytaridis, Philip Thomas Pupa, Kevin Shoemaker, Brian Christopher Smith, Benjamin Elrod West, Atiim Joseph Wiley
  • Patent number: 11818175
    Abstract: Access privileges of at least one identity to resources are adjusted within an authorization system of a computing environment. Over a detection period, accesses by the identity to the resources are detected and a usage score is computed as a usage function of a measure of use by the identity of access privilege(s) it has been granted to at least one of the resources relative to a measure of a set of possible grantable privileges. In accordance with a least privilege security policy, and according to the usage score, the set of access privileges granted to the identity may then be adjusted.
    Type: Grant
    Filed: February 25, 2021
    Date of Patent: November 14, 2023
    Assignee: MICROSOFT TECHNOLOGY LICENSING, LLC
    Inventors: Shaun Applegate-Swanson, Carl Waldspurger, Balaji Parimi, Naveen Jangalapalli, Maya Neelakandhan, Venkata Adusumilli, Parag Bajaria
  • Patent number: 11811772
    Abstract: Systems and methods may provide for receiving web content and determining a trust level associated with the web content. Additionally, the web content may be mapped to an execution environment based at least in part on the trust level. In one example, the web content is stored to a trust level specific data container.
    Type: Grant
    Filed: December 18, 2020
    Date of Patent: November 7, 2023
    Assignee: Intel Corporation
    Inventors: Hong C. Li, John B. Vicente, Prashant Dewan
  • Patent number: 11805101
    Abstract: Some embodiments provide a novel secure method for suppressing address discovery messaging. In some embodiments, the method receives an address discovery record that provides a network address associated with a machine connected to a network. The method then identifies a set of one or more rules for evaluating the received address discovery record to determine whether the address discovery record or its provided network address should be distributed to one or more hosts and/or devices associated with the network. The method then processes the set of rules to determine whether the received address discovery record violates a rule in the set of rules so as to prevent the distribution of its provided network address. When the address discovery record violates a rule, the method discards it in some embodiments.
    Type: Grant
    Filed: April 6, 2021
    Date of Patent: October 31, 2023
    Assignee: VMWARE, INC.
    Inventors: Li Sun, Parasuramji Rajendran, Yang Ping, Jianjun Shen
  • Patent number: 11799902
    Abstract: Systems and methods for dynamically mitigating a DDOS attack. In an aspect, the technology relates to a computer-implemented method for dynamically mitigating a distributed-denial-of-service (DDOS) attack. The computer-implemented method may include detecting a DDOS attack directing malicious traffic to a target, identifying one or more source locations of the malicious traffic, and in response to detecting the DDOS attack, activating one or more scrub clusters in the identified one or more source locations of the malicious traffic. The method may further include directing traffic intended for the target to the to the activated one or more scrub clusters, detecting an end of the DDOS attack, and in response to detecting the end of the DDOS attack, deactivating the one or more scrub clusters to release hardware resources.
    Type: Grant
    Filed: April 6, 2021
    Date of Patent: October 24, 2023
    Assignee: Level 3 Communications, LLC
    Inventor: Michael Feldpusch
  • Patent number: 11799872
    Abstract: Provided is a verification level control method, the method comprises checking a history of verification or a history of re-authentication of a verification target, setting an abnormal suspicious area according to a change in frequency of access to a partial area within an access permission area of the verification target, based on the checked verification history or re-authentication history and verifying the verification target by reflecting whether the verification target is located in the set abnormal suspicious area, wherein the re-authentication is performed in an explicit authentication method in which the verification target needs to perform a separate action for the re-authentication.
    Type: Grant
    Filed: October 20, 2022
    Date of Patent: October 24, 2023
    Assignee: OPENIT INC.
    Inventor: Min Young Kim
  • Patent number: 11792234
    Abstract: A policy-based browser system for managing browser extensions used to access functionalities on a web browser in a cloud-based multi-tenant system. The policy-based browser system includes a client device, a web server configured to provide the functionality of the browser extension on a web browser of the client device, and a mid-link server. The network traffic from the client device is monitored to identify traffic patterns, risk is determined associated with the browser extension based on the traffic patterns, and a correlation of the browser extension with a plurality of browser extensions. A policy for the browser extension is identified based on the risk. The policies specify access to the browser extensions based on the risk associated with the browser extensions. The browser extensions are categorized based on the policies and the risk. An authorization corresponding to the browser extension is determined based on the policy.
    Type: Grant
    Filed: November 11, 2022
    Date of Patent: October 17, 2023
    Assignee: Netskope, Inc.
    Inventor: James S. Robinson
  • Patent number: 11775663
    Abstract: A method for controlling access to a set of data is provided. The method includes receiving, via an interface, a request from an agent to access the set of data in a database; extracting an access criterion relating to a predefined data access constraint and a predetermined data access policy from the request; and determining whether the agent is granted access to the set of data using the criterion, where the access criterion is based on an attribute that is associated with an element within the set of data.
    Type: Grant
    Filed: January 27, 2021
    Date of Patent: October 3, 2023
    Assignee: JPMORGAN CHASE BANK, N.A.
    Inventors: David Laurance, Michael George Norman