Patents Examined by Carlos Amorin
  • Patent number: 10033713
    Abstract: In a technology stack including members provided in communication, a system and method are provided for managing keys for use in encrypting and decrypting data. The system comprises a key manager configured to define a group of members and to create at least one encryption key associated with the defined group, and a communications manager configured to transmit the at least one encryption key associated with the group to members in the group. Data encrypted by a member in the group using the at least one encryption key received by the member from the communications manager is transmitted to another member in the group for decryption using the at least one encryption key received by the another member from the communications manager.
    Type: Grant
    Filed: June 21, 2012
    Date of Patent: July 24, 2018
    Assignee: ORACLE INTERNATIONAL CORPORATION
    Inventor: Anshuman M. Mishra
  • Patent number: 9923718
    Abstract: In one aspect, a method comprises the steps of deriving a base point on an elliptic curve in a first processing device, generating authentication information in the first processing device utilizing the base point and a private key of the first processing device, and transmitting the authentication information from the first processing device to a second processing device. The base point on the elliptic curve may be derived, for example, by applying a one-way function to a current time value, or by computation based on a message to be signed.
    Type: Grant
    Filed: August 7, 2013
    Date of Patent: March 20, 2018
    Assignee: EMC IP Holding Company LLC
    Inventors: Daniel Vernon Bailey, John G. Brainard, Ari Juels, Burton S. Kaliski, Jr.
  • Patent number: 9904632
    Abstract: A technique to enable secure application and data integrity within a computer system. In one embodiment, one or more secure enclaves are established in which an application and data may be stored and executed.
    Type: Grant
    Filed: March 15, 2013
    Date of Patent: February 27, 2018
    Assignee: Intel Corporation
    Inventors: Simon P. Johnson, Uday R. Savagaonkar, Vincent R. Scarlata, Francis X. McKeen, Carlos V. Rozas
  • Patent number: 9838870
    Abstract: The disclosed apparatus may include (1) a reply-reception module, stored in memory, that receives, from a satellite device, an authentication reply that includes an original authentication message digitally signed by the aggregation device using a private key of the aggregation device and that is digitally signed by the satellite device using a private key of the satellite device, (2) a forwarding module, stored in memory, that forwards the authentication reply to a network management server, (3) a validation-reception module, stored in memory, that receives, from the network management server in response to forwarding the authentication reply, a validation message, and (4) an authentication module, stored in memory, that authenticates the satellite device based at least in part on receiving the validation message. Various other apparatuses, systems, and methods are also disclosed.
    Type: Grant
    Filed: March 25, 2015
    Date of Patent: December 5, 2017
    Assignee: Juniper Networks, Inc.
    Inventors: Ravindranath C Kanakarajan, Venkanna Thadishetty
  • Patent number: 9805221
    Abstract: In one embodiment, the present invention includes a system on a chip (SoC) that has a first agent with an intellectual property (IP) logic, an interface to a fabric including a target interface, a master interface and a sideband interface, and an access control plug-in unit to handle access control policy for the first agent with respect to incoming and outgoing transactions. This access control plug-in unit can be incorporated into the SoC at integration time and without any modification to the IP logic. Other embodiments are described and claimed.
    Type: Grant
    Filed: December 21, 2011
    Date of Patent: October 31, 2017
    Assignee: Intel Corporation
    Inventors: Manoj R. Sastry, Ioannis T. Schoinas, Robert J. Toepfer, Alpa T. Narendra Trivedi, Men Long
  • Patent number: 9800589
    Abstract: Methods and apparatus for detecting VOIP spoofing attacks in systems that provide communication services over IP networks, for gathering information that can be used for preventing or mitigating future malicious attacks, are described. The methods and apparatus send various signals and check for expected responses. Actual responses and/or lack of responses to signals, e.g., messages, are detected, logged and used for making decisions as well as generating a record for informational purposes and analysis which can facilitate identification of common features of malicious packets and/or messages. The methods are well suited for use in a session border controller.
    Type: Grant
    Filed: August 22, 2013
    Date of Patent: October 24, 2017
    Assignee: SONUS NETWORKS, INC.
    Inventors: Tolga Asveren, Shaun Jaikarran Bharrat
  • Patent number: 9794231
    Abstract: Systems and methods are disclosed for registering a host computing device at a server and registering a lock device at the server via an application running on a mobile computing device, each being provided host keys from the server that allow communication between the host computing device the lock device. Further, the lock device can only be registered with the server if a current registered device count is less than a maximum registered device threshold.
    Type: Grant
    Filed: March 16, 2015
    Date of Patent: October 17, 2017
    Assignee: Schlage Lock Company LLC
    Inventors: Joseph Wayne Baumgarte, Patrick GrandPre, Matthew Dexter
  • Patent number: 9705874
    Abstract: Provided is a communication apparatus (121) that securely manages passwords for utilizing a server apparatus. A generator (203) generates a random table having the same number of rows and the same number of columns as a password table associated with a server name specified in an authentication request received by a receiver (202). An acceptor (205) accepts a key from a user to whom the random table is presented by a presenter (204). An identification unit (206) identifies, from the key and the random table, the user's of selection order of elements in the table. An acquirer (207) selects and arranges elements in the password table in the identified selection order, thereby acquiring a password. An output unit (208) displays the acquired password on a display or transmits the acquired password to the server apparatus, thereby allowing the user to utilize the server apparatus.
    Type: Grant
    Filed: August 30, 2011
    Date of Patent: July 11, 2017
    Assignee: Hideharu Ogawa
    Inventor: Hideharu Ogawa
  • Patent number: 9705675
    Abstract: A method and system for testing the cryptographic integrity of data m comprises at least the following elements: a module transmitting a message M, said module comprising a memory for storing the parameters used to execute the steps of the method, such as the key, the public data, a transmission medium, a receiver module also comprising storage means for storing at least the same parameters as in transmission. The system may comprise storage means for storing confidential data such as the secret keys, a processor suitable for executing the steps.
    Type: Grant
    Filed: December 22, 2011
    Date of Patent: July 11, 2017
    Assignee: Thales
    Inventors: Philippe Painchault, Eric Garrido, Sandra Marcello
  • Patent number: 9652616
    Abstract: Techniques for classifying non-process threats are disclosed. In one particular exemplary embodiment, the techniques may be realized as a method for classifying non-process threats comprising generating trace data of at least one observable event associated with execution of a process, representing a first feature of the at least one observable event of the trace data, calculating, using a computer processor, a similarity between the first feature and at least one sample feature, and classifying the process based on the similarity.
    Type: Grant
    Filed: March 14, 2011
    Date of Patent: May 16, 2017
    Assignee: Symantec Corporation
    Inventors: Sandeep B. Bhatkar, Kent E. Griffin, Pratyusa Manadhata
  • Patent number: 9648006
    Abstract: A system and method for communicating with a client application that can include at a communication platform, receiving an authorization token of a first client application; verifying at least one permission associated with the authorization token; at a first server of the communication platform, accepting an incoming communication request; retrieving communication instructions from a server according to the incoming communication request; identifying an instruction to communicate with a communication destination of the first client application; and establishing communication with the first client application.
    Type: Grant
    Filed: September 21, 2012
    Date of Patent: May 9, 2017
    Assignee: Twilio, Inc.
    Inventors: Jeffrey Lawson, John Wolthuis, Evan Cooke, Jonas Borjesson, Rob Simutis
  • Patent number: 9584544
    Abstract: A system and method for providing security in a virtual environment are provided. An example system includes a link module that links a secured logical component to a logical entity including a set of virtual machines. The example system also includes a security module that identifies a set of security policies for one or more communications to the logical entity or one or more communications from the logical entity. The example system further includes a control module that controls, based on the set of security policies, the one or more communications to the logical entity or the one or more communications from the logical entity.
    Type: Grant
    Filed: March 12, 2013
    Date of Patent: February 28, 2017
    Assignee: Red Hat Israel, Ltd.
    Inventor: David Botzer
  • Patent number: 9509688
    Abstract: A technique provides malicious identity profiles. The technique involves storing unsuccessful authentication entries in a database, the unsuccessful authentication entries including (i) descriptions of failed attempts to authenticate users and (ii) biometric records captured from the users during the failed attempts to authenticate the users. The technique further involves generating a set of malicious identity profiles based on the descriptions and the biometric records of the unsuccessful authentication entries stored in the database. Each malicious identity profile includes a profile biometric record for comparison with new biometric records during new authentication attempts. The technique further involves outputting the set of malicious identity profiles. Such a set of malicious identity profiles is well suited for use in future authentication operations, i.e., well suited for predicting intruder attacks and fraud attempts, and for sharing risky identities among authentication systems (e.g.
    Type: Grant
    Filed: March 13, 2013
    Date of Patent: November 29, 2016
    Assignee: EMC IP Holding Company LLC
    Inventors: Triinu Magi Shaashua, Alon Kaufman, Yael Villa
  • Patent number: 9503426
    Abstract: A virtual environment firewall receives a message having a request from a virtual environment entity intended for a virtual environment controller. The virtual environment firewall determines whether the request complies with one or more governance rules of the virtual environment controller. If the request does not comply with the one or more governance rules, the virtual environment firewall processes the message to prevent the request from being processed by the virtual environment controller.
    Type: Grant
    Filed: April 15, 2013
    Date of Patent: November 22, 2016
    Assignee: Qurio Holdings, Inc.
    Inventors: Richard J. Walsh, James Evans, Kunal Kandekar
  • Patent number: 9418238
    Abstract: A searchable encryption resistant to frequency analysis. A conversion rule management device generates a conversion rule table associating a search keyword with a conversion keyword group. Based on the conversion rule table, a data registration device generates registration data associating encrypted data with an encrypted keyword, and registers the registration data in a server device. An information processing device obtains from the conversion rule table a conversion keyword group associated with a specified search keyword, generates an encrypted keyword group, and requests a data search by specifying the encrypted keyword group. Using as a search key an encrypted keyword included in the encrypted keyword group, the server device searches for encrypted data associated with the search key, and returns searched encrypted data. The information processing device decrypts the searched encrypted data, and outputs as a search result search data obtained by decryption.
    Type: Grant
    Filed: February 20, 2012
    Date of Patent: August 16, 2016
    Assignees: Mitsubishi Electric Corporation, The University of Electro-Communications
    Inventors: Takashi Ito, Mitsuhiro Hattori, Nori Matsuda, Kazuo Ota, Yusuke Sakai
  • Patent number: 9398041
    Abstract: A computer identifies each web method, of a web service, declared in a web services description language (WSDL) file. The computer adds a node within a directed graph for each web method identified. The computer identifies pairs of web methods declared in the WSDL file in which a match exists between an output parameter of one of the web methods and an input parameter of another one of the web methods. The computer adds an edge within the directed graph for each of the pairs of web methods identified. The computer generates one or more sequences of web methods based on nodes connected by edges within the directed graph, wherein each of the one or more sequences includes at least one of the pairs of web methods identified. The computer tests each of the one or more sequences of web methods to identify stored vulnerabilities in the web service.
    Type: Grant
    Filed: March 12, 2013
    Date of Patent: July 19, 2016
    Assignee: International Business Machines Corporation
    Inventors: Evgeny Beskrovny, Omer Tripp, Emmanuel Wurth
  • Patent number: 9372982
    Abstract: A system and computer program product for using a multi-user operating system. A user attempts to access the multi-user operating system. The system prompts the user to enter a shared credential associated with the multi-user operating system and an individual credential of the user. The system verifies the entered shared credential and the entered individual credential. The system grants the access to the user if both the entered shared credential and the entered individual credential are verified. The system tracks commands entered by the user granted the access via the entered shared credential while the user is using the multi-user operating system. The tracked commands indicate the entered individual credential.
    Type: Grant
    Filed: August 22, 2013
    Date of Patent: June 21, 2016
    Assignee: International Business Machines Corporation
    Inventors: Gerald D. Colar, Melanie R. Diggs, Terrence E. White, Charles K. Young
  • Patent number: 9218493
    Abstract: A method is provided for generating a human readable passcode to an authorized user including providing a control access datum and a PIN, and generating a unique machine identifier for the user machine. The method further includes modifying the controlled access datum, encrypting the controlled access datum using the PIN and/or a unique machine identifier to camouflage the datum, and generating a passcode using the camouflaged datum and the PIN and/or the unique machine identifier. A mobile user device may be used to execute the method in one embodiment. The passcode may be used to obtain transaction authorization and/or access to a secured system or secured data. The unique machine identifier may be defined by a machine effective speed calibration derived from information collected from and unique to the user machine.
    Type: Grant
    Filed: August 13, 2013
    Date of Patent: December 22, 2015
    Assignee: CA, Inc.
    Inventors: Geoffrey Hird, Rammohan Varadarajan
  • Patent number: 9219713
    Abstract: Electronic electricity meter with integrated digital-certification mechanism for secure communication, comprising current sensors, voltage sensors, electronic circuit for conditioning the current signals and voltage signals in the electrical levels required by the processing unit, processing unit able to continuously sample the current signals and voltage signals provided by the circuit and that reflect, using a known ratio, the real value of the current and voltage delivered to the meter connection terminals, the processing unit calculates the active and passive through energy and determines the energy values to be counted, and a communication unit, linked to the processing unit, which uses a digital data protocol and a physical interface to communicate with the world outside the meter, and a processing unit with digital certification functions located between the processing unit and the communication unit.
    Type: Grant
    Filed: November 25, 2011
    Date of Patent: December 22, 2015
    Inventors: Fábio de Oliveira Toledo, Welson Regis Jacometti, Rodrigo Jardim Riella, Celso Pinto Saraiva
  • Patent number: 9209980
    Abstract: Systems and methods are provided for computing a secret shared with a portable electronic device and service entity. The service entity has a public key G and a private key g. A message comprising the public key G is broadcast to the portable electronic device. A public key B of the portable electronic device is obtained from a manufacturing server and used together with the private key g to compute the shared secret. The portable electronic device receives the broadcast message and computes the shared secret as a function of the public key G and the portable electronic device's private key b. The shared secret can be used to establish a trusted relationship between the portable electronic device and the service entity, to activate a service on the portable electronic device, and to generate certificates.
    Type: Grant
    Filed: June 21, 2012
    Date of Patent: December 8, 2015
    Assignee: BlackBerry Limited
    Inventors: Roger Paul Bowman, Robert Henderson Wood, Nicolaas Santoso Handojo, John Michael Agar, Brian Paul Neill