Patents Examined by Beemnet W Dada
  • Patent number: 10356086
    Abstract: The present invention provides methods and apparatuses that utilize a portable apparatus to securely operate a host electronic device. Typically, each portable apparatus includes a data storage unit which stores an operating system and other software. In one example, a portable apparatus can provide a virtual operating environment on top of a host's operating system for a host device. In another example, a portable apparatus containing its operating system can directly boot a host device with one or more hardware profiles. Furthermore, a device-dependent protection against software piracy, a user-dependent protection against sensitive data leaks, a controllable host operating environment to prevent unwanted information exposure, and a secure restoration procedure to prevent virus infection between the host device users may be incorporated. Moreover, a pre-defined information may also be utilized to authorize a connected-state guest operation environment in the host device.
    Type: Grant
    Filed: August 27, 2018
    Date of Patent: July 16, 2019
    Inventor: Evan Huang
  • Patent number: 10339300
    Abstract: Novel tools and techniques are implemented for providing computer security. In various embodiments, a computer system might receive data from one or more data feeds, might obtain a binary object based on the data, might load the binary object onto a sandboxed system, and might execute the binary object with the sandbox system. The computer system might analyze operation of the sandboxed system to determine whether the binary object includes a malware payload, and might, based on a determination that the binary object includes a malware payload, generate a report indicating that the binary object includes a malware payload.
    Type: Grant
    Filed: March 21, 2016
    Date of Patent: July 2, 2019
    Assignee: Binary Guard Corp.
    Inventors: Ihab Shraim, Allen E. Chen, Stanislav Datskovskiy, Jordan R. Hannes, Daniel M. Marcus, Ray R. Reese, III
  • Patent number: 10333922
    Abstract: Disclosed are various embodiments for validating the identity of network sites. A communication session is established with a network site using a credential for the network site. A validation of the communication session is generated based at least in part upon a profile for the network site. The profile is derived from at least one previous communication session with the network site. An action is initiated in response to the validation when the validation indicates a discrepancy exists between the profile for the network site and the communication session with the network site.
    Type: Grant
    Filed: July 24, 2017
    Date of Patent: June 25, 2019
    Assignee: Amazon Technologies, Inc.
    Inventor: Nima Sharifi Mehr
  • Patent number: 10333961
    Abstract: Systems and methods may be used to prevent attacks on a malware detection system. A method may include modeling a time series of directed graphs using incoming binary files during training of a machine learning system and detecting, during a time-window of the dine series, an anomaly based on a directed graph of the time series of directed graphs. The method may include providing an alert that the anomaly has corrupted the machine learning system. The method may include preventing or remedying corruption of the machine learning system.
    Type: Grant
    Filed: June 27, 2017
    Date of Patent: June 25, 2019
    Assignee: Intel Corporation
    Inventor: Li Chen
  • Patent number: 10331901
    Abstract: Systems and methods are provided herein for enabling a user to access a blocked media asset. These systems and methods allow a user to request that a parent, or another user, who can approve access to the blocked media asset approve access to the blocked media asset for viewing. The request may be transmitted as a notification to a mobile phone or another suitable device, such that the parent the other user can approve the request, even though they may be remote from the requesting user. Both the requesting user and the user whose approval is required to unblock the media asset (i.e., the approver), are identified by the system based on an identifier associated with each user. This informs the approver which user submitted the request. Additionally, this also adds a layer of security, since the approver must enter an identifier to authenticate their identity to the system before being able to unblock the program for the requesting user.
    Type: Grant
    Filed: August 27, 2018
    Date of Patent: June 25, 2019
    Assignee: Rovi Guides, Inc.
    Inventor: Reda Harb
  • Patent number: 10334437
    Abstract: A method includes sending identification information for a mobile hotspot device from that device to a cloud-based computer processing system, sending identification information for a security monitoring device from that device to an app on a user's mobile device, prompting the user, via the app, to provide the identification information for the mobile hotspot device to the user's mobile device, and sending a pairing request from the app to the cloud-based computer processing system. The pairing request includes the identification information for the mobile hotspot device that was provided by the user and the identification information for the security monitoring device. The method further includes sending a response to the pairing request from the cloud-based computer processing system to the app, and using information in the response to establish a wireless connection between the mobile hotspot device and the security monitoring device.
    Type: Grant
    Filed: June 9, 2017
    Date of Patent: June 25, 2019
    Assignee: Canary Connect, Inc.
    Inventors: Andrey Katsman, Byron Schiel, Jean Michel Amblat, Andrew Martin, Rajendra Kumar Umadas
  • Patent number: 10326754
    Abstract: An electronic component includes a processor and a memory. The electronic component has a secure platform capable of storing at least one dual key pair and a corresponding digital signature. There is also a system including a host machine and an electronic component capable of being operated by the host machine. The electronic component has a processor, a memory, and a secure platform capable of storing at least one dual key pair and a corresponding digital signature. Another aspect describes a method, which includes reading a public key from an electronic component by a host machine, verifying the public key against a stored key in the host machine, digitally signing data using a private key from the electronic component, verifying the signed data against the stored key, and using the electronic component by the host machine only if the signed data and the public key are verified.
    Type: Grant
    Filed: October 3, 2017
    Date of Patent: June 18, 2019
    Assignee: STMICROELECTRONICS, INC.
    Inventors: Sean Newton, John Tran, David Tamagno
  • Patent number: 10326782
    Abstract: A network monitoring device according to an embodiment monitors a message that is periodically transmitted in a network in which a message identified by an identifier is transmitted and received, and includes a reception time recording unit and an unauthorized-transmission determination unit. The reception time recording unit records a reception time in association with the identifier, every time a message to be monitored is received. The unauthorized-transmission determination unit determines presence of an unauthorized transmission on the received message to be to be monitored, based on a latest reception time Ti, an m previous reception time Ti-m, a message transmission period F, and a constant ? determined in advance, in a period from the reception time Ti-m to the reception time Ti, every time the message to be monitored is received.
    Type: Grant
    Filed: March 22, 2017
    Date of Patent: June 18, 2019
    Assignees: TOSHIBA DIGITAL SOLUTIONS CORPORATION, TOYOTA JIDOSHA KABUSHIKI KAISHA
    Inventors: Koji Yura, Takeshi Kitamura, Hideki Goto, Tomokazu Moriya
  • Patent number: 10320809
    Abstract: Methods and systems for providing web content from a decoupled rendering engine to a visual display of an electronic device of a user are provided. A request for web browser content is received at a browser rendering engine server from a local web browser of an electronic device of a user. The browser rendering engine server is physically separate from the electronic device of the user. The requested web content is retrieved. Additionally, the requested web content is provided to a rendering engine that is isolated within a rendering engine container stored on the browser rendering engine server. The web content is rendered at rendering engine, thereby generating web content output from the rendering engine. Further, the web content output is provided to a viewing application on the electronic device of the user.
    Type: Grant
    Filed: October 31, 2016
    Date of Patent: June 11, 2019
    Assignee: Cyberinc Corporation
    Inventors: Scott Alexander, Branden Spikes
  • Patent number: 10313391
    Abstract: A method of automatically reformatting electronic content for providing to a visual display of an electronic device of a user is provided. The method comprises receiving a first version of electronic content. The method also comprises identifying one or more elements within the electronic content, each element having a first format. Additionally, the method comprises identifying a corresponding second format for each of the one or more elements. The method also comprises automatically reformatting the first version of the electronic content to a second version of the electronic content. The method further comprises presenting the second version of the electronic content on said visual display of an electronic device of the user.
    Type: Grant
    Filed: October 31, 2016
    Date of Patent: June 4, 2019
    Assignee: Cyberinc Corporation
    Inventors: Branden Spikes, Scott Alexander
  • Patent number: 10305874
    Abstract: A user may desire to execute a process in a target environment. However, administrators may want control over processes that haven't been preapproved to prevent the execution of processes that may affect security and compliance within the environment. Implementation of a multi-factor execution gateway may grant the user limited access to execute the process himself at an otherwise restricted, protected, or decoupled environment, while ensuring security and compliance by obtaining approval from the appropriate authorities. For example, a request to execute the process in the environment may be detected, and a fingerprint may be generated based on parameters of the request. A signature for the fingerprint in the form of private key(s) acquired from authorizer(s) based on a level of authorization required for the process may be received to generate a key, and execution of the process may then be allowed at the environment using the key.
    Type: Grant
    Filed: June 16, 2017
    Date of Patent: May 28, 2019
    Assignee: Microsoft Technology Licensing, LLC
    Inventor: Alan Tus
  • Patent number: 10305692
    Abstract: In one example, a method includes transitioning, responsive to determining that a charging coil of wireless charger is in proximity of an implantable medical device (IMD) and by the IMD, from operating in a non-pairing mode into a pairing mode of a far-field wireless communication protocol. In this example, operating in the paring mode comprises: receiving, by the IMD and via a transceiver of the far-field wireless communication protocol, a public encryption key from another device that is different than the wireless charger; and determining, based on the public encryption key of the other device and a public encryption key of the IMD, a link encryption key for future communication between the IMD and the other device. In this example, the method further includes communicating, by the IMD and based on the link encryption key, with the other device via the far-field wireless communication protocol.
    Type: Grant
    Filed: February 22, 2017
    Date of Patent: May 28, 2019
    Assignee: Medtronic, Inc.
    Inventor: Erik J. Peterson
  • Patent number: 10303899
    Abstract: A host Virtual Machine Monitor (VMM) operates “blindly,” without the host VMM having the ability to access data within a guest virtual machine (VM) or the ability to access directly control structures that control execution flow of the guest VM. Guest VMs execute within a protected region of memory (called a key domain) that even the host VMM cannot access. Virtualization data structures that pertain to the execution state (e.g., a Virtual Machine Control Structure (VMCS)) and memory mappings (e.g., Extended Page Tables (EPTs)) of the guest VM are also located in the protected memory region and are also encrypted with the key domain key. The host VMM and other guest VMs, which do not possess the key domain key for other key domains, cannot directly modify these control structures nor access the protected memory region. The host VMM, however, can verify correctness of the control structures of guest VMs.
    Type: Grant
    Filed: February 28, 2017
    Date of Patent: May 28, 2019
    Assignee: Intel Corporation
    Inventors: David M. Durham, Gilbert Neiger, Barry E. Huntley, Ravi L. Sahita, Baiju V. Patel
  • Patent number: 10298574
    Abstract: A method includes a client device forming a link-layer protocol packet having a field that includes first credentials of the client device and sending the link-layer protocol packet to a directly attached network device while the client device is in a first configuration. The method further includes a management system obtaining the first credentials from the network device and using the first credentials to access the client device and change the client device from the first configuration to a second configuration. Optionally, a computer system may include a plurality of client devices that implement the method to facilitate securely configuring the entire computer system. Preferably, each client device generates system-unique first credentials.
    Type: Grant
    Filed: August 18, 2016
    Date of Patent: May 21, 2019
    Assignee: Lenovo Enterprise Solutions (Singapore) Pte. Ltd.
    Inventors: Gary D. Cudak, Jarrod B. Johnson, Matthew A. Steele, Andrew H. Wray
  • Patent number: 10284597
    Abstract: A system and method for determining whether an e-mail originates from a sender authorized by an address provider to send the e-mail to an intended recipient's e-mail address. The e-mail identifies an address provider from which the intended recipient's e-mail address was obtained. The e-mail is delivered to the intended recipient only upon verification that the sender is authorized by the address provider to obtain the intended recipient's e-mail address. The system and method may also provide for determining whether an e-mail originates from a forged source. A server receives data relating to an e-mail, including a purported sender and a verification host. The server queries the verification host with information pertaining to the e-mail and requests confirmation that the e-mail originates from the purported sender. The e-mail is determined to originate from a forged source unless the verification host responds that the e-mail originates from the purported sender.
    Type: Grant
    Filed: January 28, 2013
    Date of Patent: May 7, 2019
    Inventor: Gary Stephen Shuster
  • Patent number: 10284530
    Abstract: A method for improving security of peripheral devices is described. In one embodiment, the method includes sending, by a processor of a peripheral device, at least one packet of data to an operating system of a computing device, identifying, by the processor, execution of a software application on the computing device, performing, by the processor, a handshake protocol between the secure input device and the software application based at least in part on the execution of the software application, and establishing, by the processor, a secure session over a secure channel between the secure input device and the software application based at least in part on the handshake protocol. In some cases, the at least one packet of data identifies the peripheral device to the operating system as two or more peripheral devices such as a default input device and a secure input device.
    Type: Grant
    Filed: July 13, 2017
    Date of Patent: May 7, 2019
    Assignee: Symantec Corporation
    Inventors: Chengi Jimmy Kuo, Haik Mesropian, Petrus Johannes Viljoen, David Kane
  • Patent number: 10250440
    Abstract: An approach is provided for managing requests by a cloud-based multipurpose messaging queue (MPMQ) located in a first computer. For each given request in requests received by the MPMQ, the MPMQ receives a specification of whether the given request is a standard or a critical request based on whether the given request requires an action by a second computer of a third party to respond to the given request. On condition that the received specification indicates that the given request is the critical request, a first message is added to a critical message queue to be accessed by the second computer, with the first message including response information helpful to the second computer in responding to the given request corresponding to the first message. On condition that the received specification indicates that the given request is the standard request, a first message is added to a standard message queue.
    Type: Grant
    Filed: November 29, 2016
    Date of Patent: April 2, 2019
    Assignee: International Business Machines Corporation
    Inventor: Asher C. Johnson
  • Patent number: 10243997
    Abstract: A method implemented by an agent operating on a mobile device communicating to a cloud-based system includes opening up local listening sockets on the mobile device; redirecting outgoing traffic from all application on the mobile device except the agent to the local listening sockets; and forwarding the outgoing traffic from the local listening sockets to the cloud-based system with additional information included therein for the cloud-based system.
    Type: Grant
    Filed: April 19, 2016
    Date of Patent: March 26, 2019
    Assignee: Zscaler, Inc.
    Inventors: Purvi Desai, Vikas Mahajan, Abhinav Bansal
  • Patent number: 10244391
    Abstract: A computer file storage system and method are provided. The system and method include means for separating a file into components, encrypting each of those components and storing them on different cloud storage systems. Suitable security steps are provided to effect the encryption and access to the file components. When retrieval of the file is desired, the system will find the various file components and decrypt the components and reassemble them into the original file format.
    Type: Grant
    Filed: March 18, 2016
    Date of Patent: March 26, 2019
    Assignee: Cloud-Clout, LLC
    Inventor: Yevhenii Shulha
  • Patent number: 10223361
    Abstract: Methods and systems for an object based storage are provided. As an example, a method for generating a metadata object for an archive data container having a plurality of data containers is disclosed. The method includes generating a first metadata signature for the archive data container using an archive data container identifier, a number of data containers within the archive data container, and placement information of each data container within the archive data container; assigning a plurality of blocks for storing data for the plurality of data containers at an object based storage to an intermediate logical object; updating a payload signature with placement information of the plurality of blocks within the intermediate logical object; and placing the first metadata signature and the updated payload signature within the metadata object, wherein the metadata object is used to retrieve location information for a specific data container within the archive data container.
    Type: Grant
    Filed: January 18, 2017
    Date of Patent: March 5, 2019
    Assignee: NETAPP, INC.
    Inventors: Kiran Nenmeli Srinivasan, Sumeeth Kyathanahalli, Sudhindra Tirupati Nagaraj