Patents Examined by Brandon S Hoffman
  • Patent number: 11271954
    Abstract: Presented herein are techniques for classifying devices as being infected with malware based on learned indicators of compromise. A method includes receiving, at a security analysis device, a set of feature vectors extracted from one or more flows of traffic to domains for a given user in a network during a period of time. The security analysis device analyzes the feature vectors included in the set of feature vectors with a set of operators to generate a set of per-flow vectors for the given user. Based on the set of per-flow vectors for the user, the security analysis device generates a single behavioral vector representative of the given user. The security analysis device classifies a computing device associated with the given user based on the single behavioral vector and at least one of known information or other behavioral vectors for other users.
    Type: Grant
    Filed: July 14, 2017
    Date of Patent: March 8, 2022
    Assignee: CISCO TECHNOLOGY, INC.
    Inventors: Tomá{hacek over (s)} Komárek, Petr Somol
  • Patent number: 11272361
    Abstract: A technique for establishing connectivity between electronic devices is described. In particular, when an electronic device is first connected to a network, the electronic device may use a predefined location of a registrar device to request location information for a controller for the electronic device. The electronic device may provide a manufacturer certificate to the registrar device to confirm its identity. After receiving from the registrar device the location information and a registrar certificate that confirms its identity, the electronic device may use the location information to request the security information from a controller that allows the electronic device to establish connectivity with another electronic device. The electronic device may receive the security from the controller along with a controller certificate that confirms the identity of the controller. Moreover, the electronic device may establish a connection with the other electronic device based on the security information.
    Type: Grant
    Filed: March 30, 2015
    Date of Patent: March 8, 2022
    Assignee: ARRIS Enterprises LLC
    Inventor: David Sheldon Stephenson
  • Patent number: 11271928
    Abstract: User bioelectrical authentication is provided. A bioelectrical configuration signature of a user in physical contact with a hardware token is received, via a token reader, during a low range radio frequency user authentication process to permit a secure transaction by the user. The bioelectrical configuration signature of the user is utilized as part of the low range radio frequency user authentication process to authenticate the user to perform the secure transaction.
    Type: Grant
    Filed: March 25, 2019
    Date of Patent: March 8, 2022
    Assignee: International Business Machines Corporation
    Inventors: Matthias Seul, Nicolo′ Sgobba, Erik Rueger
  • Patent number: 11271947
    Abstract: A method for real-time processing of data retrieval requests is disclosed. The method includes: receiving, from a client device, a first login request to log in to a service; authenticating the user for login to the service; in response to authenticating the user, generating a first data string representing at least a unique device identifier for the client device and a validity period; storing the device identifier; sending, to the client device, the first data string; receiving, from the client device, a data retrieval request to retrieve a data set from a remote server, the data retrieval request including the first data string; determining whether the first data string is valid based on checking the validity period; in response to determining that the first data string is valid: obtaining the data set from the remote server; and sending, to the client device, first data based on the obtained data set.
    Type: Grant
    Filed: July 24, 2019
    Date of Patent: March 8, 2022
    Assignee: The Toronto-Dominion Bank
    Inventors: Denny Devasia Kuruvilla, Md Abdur Razzak Chowdhury, Dani Kartikay, Ryan Wu, Andrey Petrov, Peter Horvath, Prashanth Dappula, Sivashanthan Sivapalan, Nolan Glynn-Udrow, Esli Gjini, Sarah Reeve, Matija Bosnjakovic, Guy Dagmara, Jaspal Singh Samra, Abhiney Natarajan, Haobin Li, Richard Yu
  • Patent number: 11269621
    Abstract: A method is provided for obfuscating program code to prevent unauthorized users from accessing video. The method includes receiving an original program code that provides functionality. The original program code is transformed into obfuscated program code defining a randomized branch encoded version of the original program code. The obfuscated program code is then stored, and a processor receiving input video data flow uses the obfuscated program code to generate an output data flow.
    Type: Grant
    Filed: January 27, 2016
    Date of Patent: March 8, 2022
    Assignee: ARRIS Enterprises LLC
    Inventor: Lex Aaron Anderson
  • Patent number: 11265703
    Abstract: Data in a portable electronic device is protected by using external and internal status detection means to determine if the device is misplaced, lost, or stolen. The device then takes, singly or in combination, one of several actions to protect the data on the device, including declaring its location to an owner or service provider, locking the device or specific functions of the device to disable all data retrieval functionality, erasing or overwriting all the stored data in the device or, where the data has been stored in the device in an encrypted format, destroying an internally-stored encryption key, thereby preventing unauthorized access to the encrypted data in the device.
    Type: Grant
    Filed: December 18, 2019
    Date of Patent: March 1, 2022
    Assignee: Applied Minds, LLC
    Inventors: Bran Ferren, W. Daniel Hillis
  • Patent number: 11256701
    Abstract: Embodiments of the present invention provide a system for tracking and mapping flow of resources. The system is configured for receiving data from an external computing system, categorizing the data received from the external computing system, transferring the data to a first internal computing system, identifying transfer of the data from the first internal computing system to at least one other internal computing system, creating an interactive map associated with the transfer of the data from the external computing system to the at least one internal computing system, wherein the interactive map comprises one or more hop levels associated with the transfer of the data, receiving a query from one or more internal computing systems, wherein the query is associated with lineage of the data, and transmitting control signals to cause the one or more internal computing systems to display the interactive map associated with the data.
    Type: Grant
    Filed: January 2, 2019
    Date of Patent: February 22, 2022
    Assignee: BANK OF AMERICA CORPORATION
    Inventors: Timothy J. Bendel, David Joa, Prakash Srinivasan
  • Patent number: 11258799
    Abstract: Methods, systems and computer programs for verifying permissioning rights to one or more data resources associated with a data processing platform (DPP) are disclosed. An exemplary method comprises receiving an assertion statement identifying a user, a data resource and an operation performable with respect to the data resource; in response to receiving the assertion statement, generating a hierarchical representation of an access control list for the data resource identified in the statement and evaluating the hierarchical representation against a current state of permissions to determine if the received assertion statement is true or false in relation to said data resource identified in the assertion statement; in response to determining that the assertion is false, generating an error message for output.
    Type: Grant
    Filed: April 13, 2020
    Date of Patent: February 22, 2022
    Assignee: PALANTIR TECHNOLOGIES INC.
    Inventor: Luke Tomlin
  • Patent number: 11256796
    Abstract: The invention relates to a method for ensuring the authenticity of at least one value of a device property wherein the device property is a characteristic of a device (6). According to the invention, at least one operating value (14, 16) of at least one dynamic device property is signed using a digital key (20), wherein an operating-dependent digital signature (2) is generated.
    Type: Grant
    Filed: March 28, 2018
    Date of Patent: February 22, 2022
    Assignee: SIEMENS AKTIENGESELLSCHAFT
    Inventors: Oliver Drumm, Anna Palmin
  • Patent number: 11258770
    Abstract: A method for requesting proof of delegation for delivery of content to a client terminal via an encrypted connection. The content is referenced on a content server, to which the client terminal emitted a request to obtain the content. The content server has delegated the delivery of the content to a primary delivery server. The method is implemented by a secondary delivery server, to which the primary delivery server has delegated the delivery of the content. The method includes: receiving a request to establish an encrypted connection, from the client terminal, including an identifier of the content server; emitting a request for proof of delegation of delivery, addressed to the content server; receiving of a message from the content server, including an encryption key; emitting a response for establishing an encrypted connection, addressed to the client terminal; and establishing the encrypted connection with the client terminal using the encryption key.
    Type: Grant
    Filed: January 16, 2018
    Date of Patent: February 22, 2022
    Assignee: ORANGE
    Inventors: Emile Stephan, Frederic Fieau
  • Patent number: 11251961
    Abstract: Methods, systems and apparatus, including computer programs encoded on computer storage media, for managing account private keys of a blockchain account registered by a user. In one example, the method includes obtaining identification information provided by the user; obtaining a private key set provided by the user, wherein the private key set comprises at least one account private key of a blockchain account registered by the user; establishing and storing an association relationship between the identification information and the private key set; obtaining an encryption key provided by the user; encrypting the private key set by using the encryption key to obtain an encrypted private key set; and storing the encrypted private key set on the user device.
    Type: Grant
    Filed: April 29, 2021
    Date of Patent: February 15, 2022
    Assignee: Advanced New Technologies Co., Ltd.
    Inventor: Yanpeng Li
  • Patent number: 11252133
    Abstract: A method for content delivery network (CDN) inter-node encryption by a CDN node includes receiving a symmetric key set and a key index from a key center, determining a key from the symmetric key set according to the key index, and performing encryption and decryption processing using the key when performing Hyper Text Transfer Protocol (HTTP) data transmission with another CDN node.
    Type: Grant
    Filed: February 5, 2018
    Date of Patent: February 15, 2022
    Assignee: GUIZHOU BAISHANCLOUD TECHNOLOGY CO., LTD.
    Inventors: Yang Yang, Hui Miao
  • Patent number: 11251976
    Abstract: A method for securely processing data includes: acquiring, by a first processor, security data from a second processor of a security server; and performing, by a secure element (SE) application run on the first processor, security processing on a trusted application (TA) of a trusted execution environment (TEE) using the security data. The method is simple to implement, and when combined with device network capabilities, may provide a solution that conforms to the SE while overcoming difficulty in integration and high costs of the hardware SE, thereby reducing costs of an IoT device.
    Type: Grant
    Filed: May 7, 2021
    Date of Patent: February 15, 2022
    Assignee: ADVANCED NEW TECHNOLOGIES CO., LTD.
    Inventor: Xiaoyun Liu
  • Patent number: 11243839
    Abstract: A method for execution by a dispersed storage and task (DST) processing unit includes obtaining audit records for an audit object and determining when the audit object is complete. When the audit object is complete, aggregating the audit records of the audit object within the audit object by generating the audit object to include the audit records; generating identifier (ID) information and generating integrity information. Fields of the audit object are populated with the audit records, the ID information, and the integrity information and a name of the audit object is determined for storage of the audit object and the name of the audit object in a dispersed storage network (DSN).
    Type: Grant
    Filed: April 28, 2020
    Date of Patent: February 8, 2022
    Assignee: PURE STORAGE, INC.
    Inventors: Jason K. Resch, Wesley B. Leggette
  • Patent number: 11240212
    Abstract: Existing approaches to security within network, for instance oneM2M networks, are limited. For example, content might only be protected while the content is in transit between entities that trust each other. Here, the integrity and the confidentiality of content in an M2M network are protected. Such content may be “at rest,” such that the content is stored at a hosting node. Only authorized entities may store and retrieve the data that is stored at the hosting node, and the data may be protected from a confidentiality perspective and an integrity perspective.
    Type: Grant
    Filed: March 23, 2020
    Date of Patent: February 1, 2022
    Assignee: Convida Wireless, LLC
    Inventors: Vinod Kumar Choyi, Yogendra C. Shah, Dale N. Seed, Michael F. Starsinic, Shamim Akbar Rahman, Quang Ly, Zhuo Chen, William Robert Flynn, IV
  • Patent number: 11240023
    Abstract: Techniques described herein enhance information security in contexts that utilize key management systems and cryptographic keys. A cryptographic structure is utilized to maintain cryptographic keys with associated expiration times such that after an expiration time associated with a cryptographic key has passed, the cryptographic key is no longer accessible.
    Type: Grant
    Filed: June 19, 2019
    Date of Patent: February 1, 2022
    Assignee: Amazon Technologies, Inc.
    Inventors: Bryan James Donlan, Gregory Alan Rubin
  • Patent number: 11232222
    Abstract: In an access management system for managing access to data handled on a shared server, the data in a registered folder on the shared server is kept in secret through transform using an access key. A database in the system is configured to store identification information of n shares generated by splitting the access key using threshold secret sharing scheme in association with a data path of a folder assigned to a first user. Some of the shares are retained in the system as system shares and at least one remaining share is provided to the first user as a user share. When an access request is received along with a first user share from the first user, target data recovered using the access key recovered based on a number of shares that satisfies the quorum is deployed to the registered folder.
    Type: Grant
    Filed: December 26, 2017
    Date of Patent: January 25, 2022
    Assignee: ZENMUTECH, INC
    Inventors: Atsushi Kunii, Kiyoshi Tomomura
  • Patent number: 11223472
    Abstract: There is provided an encrypted message search technique making it difficult to, at the time of searching for a message in a state of being encrypted, guess content of the search and a result of the search.
    Type: Grant
    Filed: August 30, 2017
    Date of Patent: January 11, 2022
    Assignee: NIPPON TELEGRAPH AND TELEPHONE CORPORATION
    Inventors: Yuki Okano, Reo Yoshida, Ryo Nishimaki, Tetsutaro Kobayashi
  • Patent number: 11222110
    Abstract: There are disclosed devices, system and methods for detecting malicious scripts received from malicious client side vectors. First, a script received from a client side injection vector and being displayed to a user in a published webpage is detected. The script may have malicious code configured to cause a browser unwanted action without user action. The script is wrapped in a java script (JS) closure and/or stripped of hyper-text markup language (HTML). The script is then executed in a browser sandbox that is capable of activating the unwanted action, displaying execution of the script, and stopping execution of the unwanted action if a security error resulting from the unwanted action is detected. When a security error results from this execution in the sandbox, executing the malicious code is discontinued, displaying the malicious code is discontinued, and execution of the unwanted action is stopped.
    Type: Grant
    Filed: May 15, 2020
    Date of Patent: January 11, 2022
    Assignee: Clean.io, Inc.
    Inventors: Alexey Stoletny, Seth Demsey, Iván Soroka
  • Patent number: 11216565
    Abstract: The disclosed computer-implemented method for selectively encrypting controlled information for viewing by an augmented reality device may include (i) automatically identifying, at a computing device and using at least one of natural language processing and/or a pre-defined data loss prevention policy, a portion of a source text including controlled information, (ii) tokenizing the portion of the source text, and (iii) performing a security action that may include (A) generating a public key, (B) encrypting the tokenized portion of the source text with the public key to produce an encrypted marker, and (C) replacing the portion of the source text with the encrypted marker to produce a replacement document. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Grant
    Filed: June 24, 2019
    Date of Patent: January 4, 2022
    Assignee: NortonLifeLock Inc.
    Inventors: David Silva, Johann Roturier, Pratyush Banerjee