Patents Examined by C. Harris
-
Patent number: 11765137Abstract: The present invention makes it possible to improve confidentiality. A communication terminal stores a session key shared with other communication terminals (S3). The communication terminal makes a pair of an index generated by using the session key for a character string relating to a message and a message identifier, and transmits it to a server apparatus (S4). The server apparatus stores the pair of the index and the message identifier (S5). The communication terminal generates, when the session key is updated, a re-encryption key with a session key before update and a session key after update (S8). The server apparatus updates, by using the re-encryption key, the stored index to an index generated by using the session key after update (S9). The communication terminal encrypts a search keyword with the session key to generate a search query (S10). The server apparatus extracts a message identifier of which the index matches the search query (S11).Type: GrantFiled: December 6, 2017Date of Patent: September 19, 2023Assignee: NIPPON TELEGRAPH AND TELEPHONE CORPORATIONInventors: Yuki Okano, Reo Yoshida, Tetsutaro Kobayashi
-
Patent number: 11741226Abstract: A method, implemented by a computing system on-board a vehicle, differentiates whether an anomaly originating from a hardware component of the vehicle is caused by a cybersecurity threat, by a degradation of the performance of the hardware component, or by both. States of the respective nodes in a first group of nodes of the first hardware component are compared with a stored table of sets of states of nodes in the first group. A determination is made of whether the anomaly associated with the first hardware component is caused by a cybersecurity threat or by health degradation of the first hardware component based on the comparison of the states of the nodes of the first group with the sets of possible states of the respective nodes where each set is associated with one of a cybersecurity threat and health degradation.Type: GrantFiled: June 29, 2022Date of Patent: August 29, 2023Assignee: Northrop Grumman Systems CorporationInventor: Sunil Dixit
-
Patent number: 11729002Abstract: A computer system obtains a request to apply a signed patch to a piece of signed executable code. The computer system determines whether the signed patch is allowed to be applied to the signed executable based on a set of patch policies. If the patch policies allow the patch to be applied, the patch is applied to the signed executable code. The computer system generates a new digital signature for the modified executable code thereby allowing the resulting signed patched executable code to be verified and executed by the computer system.Type: GrantFiled: September 11, 2020Date of Patent: August 15, 2023Assignee: AMAZON TECHNOLOGIES, INC.Inventor: Nicholas Alexander Allen
-
Patent number: 11722471Abstract: Disclosed herein are embodiments of systems, methods, and products comprise a computing device, which provides a secure data transport service (SecureX) for data packets traversing from an end user device (EUD) to a mission network over untrusted networks. The disclosed SecureX module may be software product running on the EUD and on a SecureX appliance fronting the mission network. The SecureX module on the EUD compresses the data packets by removing header fields that are constant over the same packet flow and double encrypts the data packets with different cryptographic keys. The SecureX on the EUD transmits the double compressed encrypted data packets over the untrusted network. The SecureX appliance receives the double compressed encrypted data packets, decrypts the data packets and decompresses the data packets to recreate the original data packets. The SecureX appliance transmits the original data packets to the mission network.Type: GrantFiled: April 28, 2020Date of Patent: August 8, 2023Assignee: ARCHITECTURE TECHNOLOGY CORPORATIONInventor: Ranga S. Ramanujan
-
Patent number: 11706227Abstract: A system including a processor and a non-transitory, tangible computer-readable medium in which computer program instructions are stored, which instructions, when read by a computer, cause the computer to process access permission type-specific access permission requests from enterprise users in an enterprise, the system including access permission type-specific access permission request receiving functionality operable for receiving at least one request for at least one access permission type-specific access permission of at least one user to at least one data element in the enterprise, and access permission type-specific access permission request output providing functionality operable for employing information pertaining to ones of the enterprise users having similarities to the at least one user with respect to at least the access permission type-specific access permission to the data elements in order to provide an output indication of perceived appropriateness of grant of the request.Type: GrantFiled: July 20, 2016Date of Patent: July 18, 2023Inventors: Yakov Faitelson, Ohad Korkus, Ophir Kretzer-Katzir, David Bass
-
Patent number: 11693957Abstract: An operation behavior monitoring method includes: obtaining target historical operation behavior data of a target user, and performing data statistics on the target historical operation behavior data according to different dimensions, to build a multi-dimensional coordinate system; when a target operation behavior is received, determining a target data item corresponding to the target operation behavior in each dimension, determining whether a labeling point corresponding to the target data item exists in the multi-dimensional coordinate system or not; if yes, increasing the density of the labeling points by one; if not, determining a labeling point corresponding to the target data item in the multi-dimensional coordinate system, and setting the density of the labeling point to be 1; and calculating a center-of-gravity position corresponding to each coordinate axis according to the density of all the labeling points on each coordinate axis, determining a target point based on all the center-of-gravity positioType: GrantFiled: February 24, 2021Date of Patent: July 4, 2023Assignee: INSPUR SUZHOU INTELLIGENT TECHNOLOGY CO., LTD.Inventors: Zhaoyang Qin, Dong Zhang
-
Patent number: 11681811Abstract: A method, implemented by a ground-based computing system, identifies cybersecurity threats originating from proposed updates to software, firmware or configuration file instructions resident in hardware components in a fleet of vehicles. In a proposed update, a valid encrypted signature block of the developer must be present. The proposed update is contained as a last file of a series of linked sequential blockchain files of prior updates. Upon a determination that the proposed update contains a valid signature block and is the last file in a validated series of linked blockchain files, the update is analyzed for any cybersecurity threats. If no cybersecurity threats are found, the update is transmitted to the vehicles in the fleet for implementation in the respective hardware components.Type: GrantFiled: December 29, 2021Date of Patent: June 20, 2023Assignee: Northrop Grumman Systems CorporationInventor: Sunil Dixit
-
Patent number: 11675930Abstract: A client device instantiates an isolator application. A request to instantiate a remote application in a server device is sent by the isolator application instance. The isolator application instance receives, from the remote application instance, draw commands and position information that correspond to the draw commands. The isolator application instance renders one or more portions of output based on the draw commands and the position information.Type: GrantFiled: February 4, 2020Date of Patent: June 13, 2023Assignee: CLOUDFLARE, INC.Inventors: Benjamin Buzbee, Killian Koenig, Trevor Sundberg, Michael Conrad, Darren Remington, David Harnett
-
Patent number: 11665134Abstract: This application provides a message processing method, an access controller, and a network node. The method includes: an access controller receives a first message used to obtain Internet Protocol (IP) address information for a user-side device and a first access loop identifier of a first network node, where the first message and the first access loop identifier are sent by the first network node, the first access loop identifier is not carried in the first message; the access controller obtains an authentication, authorization and accounting (AAA) message according to the first access loop identifier, wherein the AAA message comprises the first access loop identifier; and the access controller sends the AAA message to an AAA server.Type: GrantFiled: December 9, 2019Date of Patent: May 30, 2023Assignee: Huawei Technologies Co., Ltd.Inventor: Ruobin Zheng
-
Patent number: 11651074Abstract: Methods, apparatus, systems and articles of manufacture are disclosed herein to accelerate security threat investigation. An example apparatus includes a model trainer to train a security investigation model, a game engine to determine a source security software product and a destination security software product of a security threat object, an actions database to store at least one of the previous security response action, the source security software product, the destination security software product, and the security threat object, an action generator to generate at least one suggested security response action in response to a user security investigation action, wherein the suggested security response action is based on an execution of the security investigation model, and a software product controller to adjust a display of the destination security software product of the security threat object in response to the security response action.Type: GrantFiled: April 30, 2020Date of Patent: May 16, 2023Assignee: MUSARUBRA US LLCInventor: Wayne Anderson
-
Patent number: 11593466Abstract: Authentication is performed based on a user narrative. A narrative, such as a personal story, can be requested during a setup process. Content, voice signature, and emotion can be determined or inferred from analyzing the narrative. Subsequently, a user can provide vocal input associated with the narrative, such as by retelling the narrative or answering questions regarding the narrative. The vocal input can be analyzed for content, voice signature and emotion, and compared with the initial narrative. An authentication score can then generated based on the comparison.Type: GrantFiled: June 26, 2019Date of Patent: February 28, 2023Assignee: Wells Fargo Bank, N.A.Inventors: Shobha Aiyanda Kuttappa, Radhika Sreeramoju, Anusha Rajkumar Naik, Nithya Mani
-
Patent number: 11568076Abstract: A computer-implemented method of transferring a data string from an application to a data protection device. To provide a computer-implemented method of transferring a data string from an application to a data protection device that the database query contains the data string and the database query is coded in a database language.Type: GrantFiled: May 24, 2019Date of Patent: January 31, 2023Assignee: COMFORTE AGInventors: Henning Horst, Michael Horst
-
Patent number: 11546300Abstract: A firewall service for a cloud computing environment is described that uses an application identifier-based ruleset to process data packets. An application identifier-based rule may provide an action to be taken on a received packet based on the source application identifier, the destination application identifier, and/or an identification token associated with the source application. A firewall controller may verify applications of the computing environment, provide unique application identifiers, and manage the application identifier rules for one or more firewalls of the computing environments.Type: GrantFiled: May 7, 2019Date of Patent: January 3, 2023Assignee: Comcast Cable Communications, LLCInventor: Yiu Leung Lee
-
Patent number: 11539725Abstract: A system and method for analyzing directory service environment attack path choke points for an enterprise may continuously collect data about the attack paths and provide alerts.Type: GrantFiled: September 13, 2021Date of Patent: December 27, 2022Assignee: SPECTER OPS, INC.Inventors: Andrew Robbins, Rohan Vazarkar, John Hopper
-
Patent number: 11531752Abstract: Technologies for control plane separation at a network interface controller (NIC) of a compute device configured to transmit, by a resource of the compute device, commands to a physical function managed by a network interface controller (NIC) of the compute device. The NIC is further to establish a data plane separate from a control plane, wherein the control plane comprises one of the trusted control path and the untrusted control path. Additionally, the resource is configured to transmit the commands via one of the trusted control path or the untrusted control path based on a trust level associated with the physical function. Other embodiments are described herein.Type: GrantFiled: September 26, 2018Date of Patent: December 20, 2022Assignee: Intel CorporationInventors: Akeem Abodunrin, Lev Faerman, Scott Dubal, Suyog Kulkarni, Anjali Singhai Jain, Eliel Louzoun, Nrupal Jani, Yadong Li, Eliezer Tamir, Arvind Srinivasan, Ben-Zion Friedman
-
Patent number: 11516247Abstract: The present disclosure includes methods and systems for protecting network resources. An exemplary method comprises starting, by a processor, copy-on-write snapshotting for modifications to a plurality of files in storage, the modification initiated by a suspicious application, detecting, by the processor, a modification of a file of the plurality of files, determining, by the processor, whether the file is stored on a shared network resource or a local resource, in response to determining that the file is stored on a shared network resource, determining, by the processor, that a current region being modified is not already saved in a snapshot, and if the current region is not saved, saving the current region to a snapshot, marking, by the processor, the current region as being saved and analyzing all saved regions that were modified for malicious activity to determine that the suspicious application modifying the saved regions is malicious.Type: GrantFiled: December 11, 2019Date of Patent: November 29, 2022Assignee: Acronis International GmbHInventors: Vladimir Strogov, Alexey Dod, Valery Chernyakovskiy, Serguei Beloussov, Stanislav Protasov
-
Patent number: 11483313Abstract: Technologies for updating an access control list (ACL) table while minimizing disruption includes a network device. The network device receives a request to store a rule in the ACL. The rule is associated with a precedence group. A precedence group is indicative of a placement priority of a given rule in the ACL. The network device determines, as a function of the precedence group, a placement for the requested rule in the ACL. The network device stores the rule according to the determined placement in the ACL.Type: GrantFiled: June 28, 2018Date of Patent: October 25, 2022Assignee: Intel CorporationInventors: Real Valiquette, Carl Geoffrion, Andre Sylvain, Grzegorz Jereczek
-
Patent number: 11429755Abstract: Examples herein relate to intrusion switch. In particular, implementations herein relate to a computer system including a housing enclosing at least one electronic component therein. The housing includes a base and a removable cover. The cover is movable between engaged and disengaged positions relative to the base and extends over at least a portion of the base and is secured to the base in the engaged position. The cover is removable from the base when the cover is in the disengaged position. The computer system further includes an intrusion switch configured to detect access to an interior of the computer system. A portion of the cover extends through a slot in one of the sidewalls of the base and contacts the intrusion switch when the cover is in the engaged position. Contact between the cover and the intrusion switch is released when the cover is in the disengaged position such that the intrusion switch can detect when the cover is moved to the disengaged position.Type: GrantFiled: April 30, 2019Date of Patent: August 30, 2022Assignee: Hewlett Packard Enterprise Development LPInventors: Paul E. Westphall, Keith Sauer, David M. Paquin
-
Patent number: 11425161Abstract: A computer-implemented method, a system and a computer program for identifying malicious URI data items are provided. The method a) gathers URI data items and b) analyses said URI data items to classify them into malicious URI data items and non-malicious URI data items. The method also c1) intercepts communications with malicious servers, identified by malicious URIs, from several computing entities, using sinkholing techniques, and uncovers and retrieves information which is being exfiltrated to said malicious or supervised servers, and c2) periodically monitors a status of the malicious servers identified by the malicious URIs, to control if they have been taken down or not, and simulates an infected bot to get updates of the commands sent from said malicious servers. The method also d) processes the uncovered information with learning algorithms, e) delivers to a mass storage device normalized and interpreted data; and f) provides warnings about potential cyber threats.Type: GrantFiled: May 22, 2018Date of Patent: August 23, 2022Inventors: Daniel Solis Agea, Gerard Cervello Garcia, Ramon Vicens Lillo, Jordi Domingo Borras
-
Patent number: 11409866Abstract: A method, implemented by a computing system on-board a vehicle, differentiates whether an anomaly originating from a hardware component of the vehicle is caused by a cybersecurity threat, by a degradation of the performance of the hardware component, or by both. States of the respective nodes in a first group of nodes of the first hardware component are compared with a stored table of sets of states of nodes in the first group. A determination is made of whether the anomaly associated with the first hardware component is caused by a cybersecurity threat or by health degradation of the first hardware component based on the comparison of the states of the nodes of the first group with the sets of possible states of the respective nodes where each set is associated with one of a cybersecurity threat and health degradation.Type: GrantFiled: June 25, 2021Date of Patent: August 9, 2022Assignee: NORTHROP GRUMMAN SYSTEMS CORPORATIONInventor: Sunil Dixit