Patents Examined by Carlos M De Jesus Lassala
  • Patent number: 10637889
    Abstract: Aspects of the embodiments are directed to systems, methods, and computer program products to program, via a northbound interface, a mapping between an endpoint identifier (EID) and a routing locator (RLOC) directly into a mapping database at a mapping system; receive, from a first tunneling router associated with a first virtual network, a mapping request to a second virtual network, the first router compliant with a Locator/ID Separation Protocol, the mapping request comprising an EID tuple that includes a source identifier and a destination identifier; identify an RLOC based, at least in part, on the destination identifier of the EID tuple from the mapping database; and transmit the RLOC to the first tunneling router implementing an high level policy that has been dynamically resolved into a state of the mapping database.
    Type: Grant
    Filed: July 22, 2016
    Date of Patent: April 28, 2020
    Assignee: Cisco Technology, Inc.
    Inventors: Vina Ermagan, Fabio R. Maino, Florin T. Coras, Marius Horia Miclea, John William Evans, Paul Quinn, Darrel Jay Lewis, Brian E. Weis
  • Patent number: 10616208
    Abstract: A mobile secure agent on a wireless device executes one or more authenticated data collection profiles provisioned by a private profile producer. Each data package can only be transmitted to a collector certificated by the same private profile producer. Update profiles are signed and provisioned through a tunnel initiated from the mobile secure agent. A Certificate Authority provides libraries, anchors, and certificates in a key management message module to each mobile secure agent which enables revocation and replacement of certificates. Data stored in this way on a wireless device may only be transmitted in encrypted form to an authenticated destination.
    Type: Grant
    Filed: May 15, 2018
    Date of Patent: April 7, 2020
    Assignee: AT&T MOBILITY IP, LLC
    Inventors: Dustin Michael Moore, R. Travis Jones, Bruce Blaine Lacey
  • Patent number: 10586060
    Abstract: Disclosed in a device for the secure transmission and storage of data. The device for information to be securely stored on a storage device. A first data processing device is connected using a unidirectional link to a second data processing device. The first data processing device is given information from an external source, which is then transmitted using said unidirectional link. The first data processing transmits data to the second data processing device, which in turn stores the data either internally or externally on the storage device. The second data processing device optionally signals a user if the transmission was successful.
    Type: Grant
    Filed: May 19, 2016
    Date of Patent: March 10, 2020
    Inventors: Justin Cote, August Culbert
  • Patent number: 10558587
    Abstract: A method for reading or writing data at an address of a memory is disclosed. The data includes a number of consecutive words that each has a plurality of bits. The words are transferred to or from the memory in synchronization with a clock signal so that each word is transferred in one cycle of the clock signal. The bits are scrambled or unscrambled by applying a logic function to the bits of each word. The logic function is identical for the scrambling and the unscrambling and makes use of a bit-key that is dedicated to the word and is identical for the scrambling and the unscrambling. Each bit-key comes from a pseudo-random series generated based on the address.
    Type: Grant
    Filed: February 28, 2017
    Date of Patent: February 11, 2020
    Assignees: STMICROELECTRONICS (GRAND OUEST) SAS, STMICROELECTRONICS (GRENOBLE 2) SAS
    Inventors: Abdelaziz Goulahsen, Patrice Derouet
  • Patent number: 10528708
    Abstract: Embodiments include method, systems and computer program products for preventing unauthorized resource updates. In some embodiments, it may be determined that a mainframe computer is not within a service period. A control file may be obtained and decrypted. Using the decrypted control file, the mainframe computer may be determined to be authorized. An available resource update file may be selected based on a determination that the mainframe computer is authorized. An update to a resource of the mainframe computer may be facilitated based on the available resource update file.
    Type: Grant
    Filed: December 16, 2016
    Date of Patent: January 7, 2020
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Michael J. Allen, Brent J. Boisvert, Michael S. Bomar, John D. Eggleston, Ruben O. Manso, Brian D. Valentine
  • Patent number: 10530755
    Abstract: Exemplary systems and methods are disclosed for providing access through security key pairs. One exemplary method includes generating, by a platform, a key pair specific to a user and associated with an access period to an asset, where the key pair includes a first key and a second key associated with the first key, and storing the key pair in a data structure. The method also includes distributing the first key to an application associated with the user and distributing the second key to an access system of the asset. The method further includes receiving an access request for the asset during the access period and including the first key, identifying from the data structure the second key of the key pair based on the received first key, and transmitting a message including the second key to the access system for allowing, or not, access to the asset.
    Type: Grant
    Filed: August 22, 2017
    Date of Patent: January 7, 2020
    Assignee: MASTERCARD INTERNATIONAL INCORPORATED
    Inventors: Manash Bhattacharjee, Stephane Wyper
  • Patent number: 10516655
    Abstract: In a resource-on-demand environment, dynamically created server instances are allowed to boot from encrypted boot volumes. Access keys to the boot volumes are provided from a key provider that authenticates new instances based on possession of a security token that has been previously shared between the key provider and the new instance through an out-of-band communication.
    Type: Grant
    Filed: September 7, 2016
    Date of Patent: December 24, 2019
    Assignee: Amazon Technologies, Inc.
    Inventor: Eric J. Brandwine
  • Patent number: 10515234
    Abstract: A method for securing a KVM Matrix system by inserting a plurality of input security isolators, each of the input security isolators is placed between a host computer and matrix host adapter of the KVM matrix system to enforce security data flow policy that is applicable for the corresponding host computer. Additionally, a security filter is placed between peripheral devices and a matrix console adapter to enforce security data flow policy that is applicable for the corresponding peripheral devices.
    Type: Grant
    Filed: February 21, 2017
    Date of Patent: December 24, 2019
    Assignee: HIGH SEC LABS LTD.
    Inventor: Aviv Soffer
  • Patent number: 10484399
    Abstract: The disclosed computer-implemented method for detecting low-density training regions of machine-learning classification systems may include (i) receiving a training dataset that is used to train a classifier of a machine-learning classification system, (ii) calculating a density estimate of a distribution of the training dataset, (iii) receiving a sample that is to be classified by the classifier, (iv) using the density estimate to determine that the sample falls within a low-density region of the distribution of the training dataset, and (v) performing a security action in response to determining that the sample falls within the low-density region. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Grant
    Filed: February 16, 2017
    Date of Patent: November 19, 2019
    Assignee: Symantec Corporation
    Inventor: Ryan Curtin
  • Patent number: 10474589
    Abstract: The present embodiments relate to methods and apparatuses for side-band management of security for server computers. According to certain aspects, such management is directed to the security of data that is stored under the local control of the server, as well as data that flows through the network ports of the server. Such locally stored data is secured by encryption, and the encryption keys are managed by a management entity that is separate from the server. The management entity can also manage the security of network data flowing through the server using its own configuration of network security applications such as firewalls, monitors and filters.
    Type: Grant
    Filed: March 2, 2016
    Date of Patent: November 12, 2019
    Assignee: JANUS TECHNOLOGIES, INC.
    Inventor: Sofin Raskin
  • Patent number: 10469532
    Abstract: The present disclosure provides a method and a device for preventing DNS cache poisoning. According to an example of the method, a preventing equipment may forward a first DNS query request packet sent by a DNS server to a first authoritative DNS server. The preventing equipment may construct a second DNS query request packet including the target domain name and send the second DNS query request packet to a second authoritative DNS server when a first DNS reply packet received for the first DNS query request packet indicates a DNS cache poisoning attack occurs. When a second DNS reply packet received for the second DNS query request packet indicates no DNS cache poisoning attack occurs, the preventing equipment may generate a final DNS reply packet according to the second DNS reply packet and feed back the final DNS reply packet to the DNS server.
    Type: Grant
    Filed: January 23, 2017
    Date of Patent: November 5, 2019
    Assignee: Hangzhou DPtech Technologies Co., Ltd.
    Inventor: Tao Xing
  • Patent number: 10462178
    Abstract: A management platform that allows security and compliance users to view risks and vulnerabilities in their environment with the added context of what other mitigating security countermeasures are associated with that vulnerability and that are applicable and/or available within the overall security architecture. Additionally, the platform allows users to take one or more actions from controlling the operation of a security countermeasure for mitigation purposes to documenting the awareness of a security countermeasure that is in place.
    Type: Grant
    Filed: August 4, 2014
    Date of Patent: October 29, 2019
    Assignee: Alert Logic, Inc.
    Inventors: Michael S. Curtis, Audian H. Paxson, Eva E. Bunker, Nelson W. Bunker, Kevin M. Mitchell
  • Patent number: 10439995
    Abstract: A system and method for providing secure private electronic communications. An exemplary method includes encrypting a hidden message using an encryption scheme; encoding the encrypted hidden message in a source message; providing the source message having the encoded hidden message by a first electronic device; and transmitting a decryption key to a second electronic device. Moreover, the second electronic device can capture the encoded hidden message provided by the first electronic device, decode the hidden message, and extract the hidden message using the decryption key so that the hidden message can be rendered by the second electronic device.
    Type: Grant
    Filed: January 12, 2017
    Date of Patent: October 8, 2019
    Assignee: Acronis International GmbH
    Inventors: Alexander G. Tormasov, Stanislav S. Protasov, Serguei M. Beloussov, Mark Shmulevich
  • Patent number: 10409977
    Abstract: A service receives a request from a user of a group of users to perform one or more operations requiring group authentication in order for the operations to be performed. In response, the service provides a first user of the group with an image seed and an ordering of the group of users. Each user of the group applies a transformation algorithm to the seed to create an authentication claim. The service receives this claim and determines, based at least in part on the ordering of the group of users, an ordered set of transformations, which are used to create a reference image file. If the received claim matches the reference image file, the service enables performance of the requested one or more operations.
    Type: Grant
    Filed: October 11, 2017
    Date of Patent: September 10, 2019
    Assignee: Amazon Technologies, Inc.
    Inventors: Jon Arron McClintock, Darren Ernest Canavor, George Nikolaos Stathakopoulos
  • Patent number: 10404681
    Abstract: Techniques are disclosed for accelerating online certificate status protocol (OCSP) response distribution to relying parties using a content delivery network (CDN). A certificate authority generates updated OCSP responses for OCSP responses cached in the CDN that are about to expire. In addition, the certificate authority pre-generates cache keys in place of CDNs generating the keys. The certificate authority sends the OCSP responses and the cache keys in one transaction, and the CDN, in turn, consumes the new OCSP responses using the cache keys.
    Type: Grant
    Filed: December 21, 2017
    Date of Patent: September 3, 2019
    Assignee: DigiCert, Inc.
    Inventors: Richard F. Andrews, Quentin Liu
  • Patent number: 10389538
    Abstract: Disclosed herein are systems and methods for a security gateway to process secure network sessions where there is a server certificate validation error. In various embodiments, varying security policies can be applied to the secure network sessions, including intercepting of network data, bypass of the security gateway, or termination of the secure sessions.
    Type: Grant
    Filed: March 8, 2017
    Date of Patent: August 20, 2019
    Assignee: A10 Networks, Inc.
    Inventors: Ali Golshan, Xuyang Jiang, Yang Yang
  • Patent number: 10375096
    Abstract: In one embodiment, a device in a network receives domain information from a plurality of traffic flows in the network. The device identifies a particular address from the plurality of traffic flows as part of an onion routing system based on the received domain information. The device distinguishes the particular address during analysis of the traffic flows by a traffic flow analyzer that includes a domain generation algorithm (DGA)-based traffic classifier. The device detects a malicious traffic flow from among the plurality of traffic flows using the traffic flow analyzer. The device causes performance of a mitigation action based on the detected malicious traffic flow.
    Type: Grant
    Filed: December 8, 2016
    Date of Patent: August 6, 2019
    Assignee: Cisco Technology, Inc.
    Inventors: Lukas Machlica, Martin Vejman
  • Patent number: 10367815
    Abstract: In embodiments of the present invention improved capabilities are described for the steps of receiving an indication that a computer facility has access to a secure data store, causing a security parameter of a storage medium local to the computer facility to be assessed, determining if the security parameter is compliant with a security policy relating to computer access of the remote secure data store, and in response to an indication that the security parameter is non-compliant, cause the computer facility to implement an action to prevent further dissemination of information, to disable access to network communications, to implement an action to prevent further dissemination of information, and the like.
    Type: Grant
    Filed: August 19, 2016
    Date of Patent: July 30, 2019
    Assignee: Sophos Limited
    Inventors: David P. Keene, Daryl E. Donley
  • Patent number: 10356089
    Abstract: An electronic device includes a processor and a memory functionally connected to the processor. The electronic device acquires user's biometric information through a biometric sensor, determines virtual biometric information corresponding to the acquired biometric information, and transmits the virtual biometric information to an external electronic device through communication circuitry. The electronic device may include the biometric sensor, the communication circuitry, and the memory may be electrically connected to the biometric sensor and the communication module and store instructions to be executed by the processor.
    Type: Grant
    Filed: December 16, 2016
    Date of Patent: July 16, 2019
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Moon-Soo Chang, Hak-Joo Kim, Sang-Ho Park, Yong-Jun Park, Jong-Hoon Park, In-Jun Son, Yang-Soo Lee, Hyung-Joo Cho, Ho-Dong Jwa, Woo-Young Choi, Dong-Hyun Yeom
  • Patent number: 10339739
    Abstract: A vehicle key programming system and method for chip reading and writing, key and remote programming and remote frequency testing. The system tracks programming usage when not connected to system servers and reports such usage upon connection. Immobilizer algorithms are used to program and such algorithms are optimized with each attempted use.
    Type: Grant
    Filed: January 26, 2017
    Date of Patent: July 2, 2019
    Assignee: SmartBox Technology, LLC
    Inventor: Ornis Mala