Patents Examined by Catherine Thiaw
  • Patent number: 11910197
    Abstract: A service processing method includes receiving, by a mobile phone, a first identifier from a head device of a vehicle after the head device receives a trigger request to perform a vehicle door opening service, determining, by the mobile phone based on the first identifier, to perform authentication, indicating, by the mobile phone, the head device to perform the vehicle door opening service when the authentication succeeds, or determining, by the mobile phone based on the first identifier, not to perform the authentication, and sending, by the mobile phone, location information of the mobile phone, and an indication that indicating a location of the mobile phone and a location of the head device are normal to the head device.
    Type: Grant
    Filed: September 7, 2018
    Date of Patent: February 20, 2024
    Inventor: Zhuofei Li
  • Patent number: 11888891
    Abstract: A method for creating a heuristic rule to identify Business Email Compromise (BEC) attacks includes filtering text of received email messages, using a first classifier, to extract one or more terms indicative of a BEC attack from the text of the received email messages. One or more n-grams are generated, using the first classifier, based on the extracted terms. A vector representation of the extracted terms is generated, using a second classifier, based on the generated one or more n-grams. The second classifier includes a logit model. A weight coefficient is assigned to each of the one or more extracted terms based on an output of the trained logit model. A higher weight coefficient indicates higher relevancy to BEC attack of the corresponding term. A heuristic rule associated with the BEC attack is generated by combining the weight coefficients of a combination of the one or more extracted terms.
    Type: Grant
    Filed: September 13, 2021
    Date of Patent: January 30, 2024
    Assignee: AO Kaspersky Lab
    Inventors: Roman A. Dedenok, Nikita D. Benkovich, Dmitry S Golubev, Yury G. Slobodyanuk
  • Patent number: 11888874
    Abstract: Application-initiated network traffic is intercepted and analyzed by an application firewall in order to identify streams of traffic for a target application. An application signature generator preprocesses the raw data packets from the intercepted network traffic by tokenizing the data packets and then weighting each token according to its importance for application identification. The weighted features for each data packet are clustered using an unsupervised learning model, and the resulting clusters are iteratively refined and re-clustered using a proximity score between the clusters and feature vectors for key tokens for the target application. The application signature generator generates a signature for the clusters corresponding to the target application which the application firewall implements for filtering network traffic.
    Type: Grant
    Filed: October 31, 2022
    Date of Patent: January 30, 2024
    Assignee: Palo Alto Networks, Inc.
    Inventor: Stefan Achleitner
  • Patent number: 11882113
    Abstract: The disclosed technology is generally directed to web authentication. In one example of the technology, authentication of a broker is obtained with an identity provider. Obtaining the authentication includes at least communication between the broker and a top-level frame and communication between the broker and the identity provider. The broker is executing in a descendant frame of the top-level frame. The top-level frame and the broker are hosted on different domains. At the broker, from an embedded application that is executing on another descendant frame of the top-level frame, a token request is received. Via the broker, a token is requested from the identity provider. The token is associated with an authorization of secure delegated remote access of at least one resource by the embedded application. At the broker, from the identity provider, the token is received. Via the broker, the token is provided to the embedded application.
    Type: Grant
    Filed: June 29, 2021
    Date of Patent: January 23, 2024
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Hirsch Patrick Singhal, Pavel Michailov, Jason Donchey Nutter, Adrian Frei, William Alden Bartlett, Thomas Lyle Norling, Prithviraj Sanjeev Kanherkar
  • Patent number: 11863685
    Abstract: A request for a transaction between a client system and a server system may be processed. The transaction may be associated with transmission of data between the client system and the server system. The data may be encrypted using a transient encryption key to form encrypted data. The transient encryption key may be a synced-clock random number configured to automatically change when a designated time interval elapses. The encrypted data may be transmitted between the client system and the server system.
    Type: Grant
    Filed: May 26, 2022
    Date of Patent: January 2, 2024
    Assignee: Salesforce, Inc.
    Inventors: Prashanth Kannan, Prabhjot Singh
  • Patent number: 11847197
    Abstract: A computer-implemented method includes: receiving a request for associating a first index of privileges and permissions with an identity token, the first index specifically encoding the privileges and permissions of a first subscriber in accessing transactional data of the requester, the request including the identity token that identifies a person and has been issued to the requester by a trusted entity through a vetting process; in response to determining that the identity token is valid and verifying that the requester is the person identified by the identity token, associating the first index of privileges and permissions of the first subscriber with the identity token; and providing the identity token associated with the first index of privileges and permissions of the first subscriber, the identity token enabling the first subscriber to access transactional data of the requester in accordance with the first index of privileges and permissions.
    Type: Grant
    Filed: June 25, 2021
    Date of Patent: December 19, 2023
    Assignee: Idemia Identity & Security USA LLC
    Inventor: Margaret Bouse
  • Patent number: 11848966
    Abstract: A system and method for analyzing integrated operational technology and information technology systems with sufficient granularity to predict their behavior with a high degree of accuracy. The system and method involve creating high-fidelity models of the operational technology and information technology systems using one or more cyber-physical graphs, performing parametric analyses of the models to identify key components, scaling the parametric analyses of the models to analyze the key components at a greater level of granularity, and iteratively improving the models testing them against in-situ data from the real-world systems represented by the high-fidelity models.
    Type: Grant
    Filed: April 30, 2021
    Date of Patent: December 19, 2023
    Assignee: QOMPLX, INC.
    Inventors: Jason Crabtree, Andrew Sellers
  • Patent number: 11838755
    Abstract: According to an exemplary embodiment of the present disclosure, a computer program stored in a computer readable storage medium is disclosed. The computer program includes commands which cause a processor of a control device to execute steps below, the steps including: acquiring International Mobile Station Identity (IMSI) related to a Subscriber Identity Module (SIM) and location information of a controlled device from the controlled device; calculating a hash value obtained by hashing the IMSI by using a hash function; generating first signature data in which the hash value and the location information are encrypted with a private key of the control device by using an asymmetric key algorithm; generating first encryption data obtained by encrypting the first signature data with a public key of a home subscriber server by using the asymmetric key algorithm; and transmitting a connection request message including the first encryption data to the home subscriber server.
    Type: Grant
    Filed: May 24, 2021
    Date of Patent: December 5, 2023
    Assignee: Korea University Research and Business Foundation
    Inventors: Dayoung Kang, Jin-Young Choi
  • Patent number: 11831768
    Abstract: A mechanism to share cryptographic material across entities that may not have a direct trust relationship between or among each other, or no network connectivity, or some combination thereof, but where participating entities do share a trust relationship (or trusted connection(s)) with a common entity, sometimes referred to herein as a “conduit” entity. This technique enables such entities to leverage their trust relationship with a common “conduit” entity to share cryptographic material between or among themselves.
    Type: Grant
    Filed: March 15, 2021
    Date of Patent: November 28, 2023
    Assignee: Akamai Technologies, Inc.
    Inventors: Rupinder Gill, Punit Kandoi, Venukrishna Prasad, Seetharama Ayyadevara
  • Patent number: 11831682
    Abstract: A system and method for a highly scalable distributed connection interface for data capture from multiple network service sources. The connection interface is designed to enable simple to initiate, performant and highly available input/output from a large plurality of external networked service's and application's application programming interfaces (API) to the modules of an integrated predictive business operating system. To handle the high volume of information exchange, the connection interface is distributed and designed to be scalable and self-load-balancing. The connection interface possesses robust expressive scripting capabilities that allow highly specific handling rules to be generated for the routing, transformation, and output of data within the business operating system.
    Type: Grant
    Filed: October 20, 2020
    Date of Patent: November 28, 2023
    Assignee: QOMPLX LLC
    Inventors: Jason Crabtree, Angadbir Salaria, Andrew Sellers, Marian Trnkus
  • Patent number: 11809600
    Abstract: Embodiments of the present disclosure may provide a data clean room allowing secure data analysis across multiple accounts, without the use of third parties. Each account may be associated with a different company or party. The data clean room may provide security functions to safeguard sensitive information. For example, the data clean room may restrict access to data in other accounts. The data clean room may also restrict which data may be used in the analysis and may restrict the output. The overlap data may be anonymized to prevent sensitive information from being revealed.
    Type: Grant
    Filed: January 31, 2023
    Date of Patent: November 7, 2023
    Assignee: Snowflake Inc.
    Inventors: Rachel Frances Blum, Joshua James Chacona, Christian Kleinerman, Justin Langseth, William L. Stratton, Jr.
  • Patent number: 11799840
    Abstract: When a failure occurs in a counterpart company network, the cause of the failure is specified. A failure detection apparatus 1 that detects a failure in a counterpart company network includes a hierarchy level detection unit 11 detecting the number of hierarchy levels indicating a depth of hierarchy levels of the counterpart company network by transmitting a request including the maximum number of transfers to the counterpart company network, a failure location specifying unit 13 specifying a hierarchy level of a failure location in the counterpart company network by transmitting the request to the counterpart company network in a case where the failure in the counterpart company network has been detected, and a determination unit 14 determining that the failure is present in a network core apparatus of the counterpart company network in a case where the hierarchy level of the failure location is a hierarchy level at a depth less than the number of hierarchy levels of the counterpart company network.
    Type: Grant
    Filed: February 27, 2019
    Date of Patent: October 24, 2023
    Assignee: Nippon Telegraph and Telephone Corporation
    Inventors: Kodai Yamamoto, Koji Tanida
  • Patent number: 11800365
    Abstract: In embodiments for authorized use of personal controlled-environment facility resident communication and/or media devices by device location eligibility within a controlled-environment facility, each resident device, itself, determines whether the device is authorized to operate within a particular area within the facility that the device is entering or attempting to operate in, and/or whether the device is authorized to operate one or more particular application programs (apps) and/or device functions within the particular area. The device, itself, allows operation of the device, and/or allows operation of the particular app(s) and/or device functions, in response to a determination that the device is authorized to do so within the particular area.
    Type: Grant
    Filed: December 15, 2020
    Date of Patent: October 24, 2023
    Assignee: Securus Technologies, LLC
    Inventors: Isaac Parampottil, Connor Pickens, Alice J. Clements
  • Patent number: 11792229
    Abstract: A system and method for automated cybersecurity defensive strategy analysis that predicts the evolution of new cybersecurity attack strategies and makes recommendations for cybersecurity improvements to networked systems based on a cost/benefit analysis. The system and method use machine learning algorithms to run simulated attack and defense strategies against a model of the networked system created using a directed graph. Recommendations are generated based on an analysis of the simulation results against a variety of cost/benefit indicators.
    Type: Grant
    Filed: July 30, 2021
    Date of Patent: October 17, 2023
    Assignee: QOMPLX, INC.
    Inventors: Jason Crabtree, Andrew Sellers
  • Patent number: 11775447
    Abstract: In one embodiment, an apparatus comprises a processor to read a data line from memory in response to a read request from a VM. The data line comprises encrypted memory data. The apparatus also comprises a memory encryption circuit in the processor. The memory encryption circuit is to use an address of the read request to select an entry from a P2K table; obtain a key identifier from the selected entry of the P2K table; use the key identifier to select a key for the read request; and use the selected key to decrypt the encrypted memory data into decrypted memory data. The processor is further to make the decrypted memory data available to the VM. The P2K table comprises multiple entries, each comprising (a) a key identifier for a page of memory and (b) an encrypted address for that page of memory. Other embodiments are described and claimed.
    Type: Grant
    Filed: October 12, 2021
    Date of Patent: October 3, 2023
    Assignee: Intel Corporation
    Inventors: David M. Durham, Siddhartha Chhabra, Amy L. Santoni, Gilbert Neiger, Barry E. Huntley, Hormuzd M. Khosravi, Baiju V. Patel, Ravi L. Sahita, Gideon Gerzon, Ido Ouziel, Ioannis T. Schoinas, Rajesh M. Sankaran
  • Patent number: 11777953
    Abstract: Systems and methods for managing digital identities. In some embodiments, a method is provided, comprising acts of: receiving a request to validate at least one statement about a user; identifying, from the request, a reference to a distributed ledger, the reference comprising an identifier for the distributed ledger and an identifier for a transaction recorded on the distributed ledger; identifying, based at least in part on the identifier for the distributed ledger, at least one node of a network of nodes managing the distributed ledger; and communicating with the at least one node to validate the at least one statement about the user.
    Type: Grant
    Filed: March 1, 2021
    Date of Patent: October 3, 2023
    Assignee: Cambridge Blockchain, Inc.
    Inventors: Alex Oberhauser, Matthew Commons, Alok Bhargava
  • Patent number: 11778466
    Abstract: Systems, computer program products, and methods are described herein for secure resource allocation communication with a network. The present invention may be configured to provide, to a device management system, a request for authentication and receive, from the device management system, a file including a link to a certificate system. The present invention may be further configured to provide, using the link, a certificate enrollment request to the certificate system and receive, from the certificate system, a signed certificate. The present invention may be further configured to establish, using the signed certificate, a wireless connection to a network. In some embodiments, the present invention may include a scanner device for processing instruments associated with resource allocations and a network device communicatively connected to the scanner device for enabling the scanner device to communicate wirelessly with the network.
    Type: Grant
    Filed: September 21, 2020
    Date of Patent: October 3, 2023
    Inventors: Mary Ann Siedow, John Reynolds Dansak, Shardul Vasudev Joshi, Abhishek Palahalli Manjunath, Manish Kumar Nigam, David W. O'Neil, Thomas Clement Rowe, Sai Prasanth Reddy Suri, Matthew Edward Taylor
  • Patent number: 11765164
    Abstract: Techniques for providing a credential of a secure data network to a computing device are described. In an example, a system stores an association between the computing device and a user account. The user account is also associated with a credential of the secure data network. The system receives a certificate of the computing device and determines the association between the computing device and the user account based on the certificate. Further, the system authenticates the computing device based on the association being determined to send to the computing device data, where this data is verified based on a private key of the system. The system receives a request of the computing device for the credential based on the data and sends the credential to the computing device.
    Type: Grant
    Filed: February 26, 2019
    Date of Patent: September 19, 2023
    Assignee: Amazon Technologies, Inc.
    Inventors: Abraham Martin Passaglia, Andrew Roths, Paul Joseph Ellis
  • Patent number: 11764948
    Abstract: A cryptography service provides an interface layer between an application and a cryptographic device, such as a hardware security module, trusted platform module, or cryptoprocessor that includes non-exportable tamper-resistant memory. A translation layer is provided between the customer application and the load-balancing service that accepts requests from the client application in a first protocol, such as KMIP, and converts the requests into a second protocol that is compatible with the cryptographic device. Results that are returned from the cryptographic device are translated and returned in accordance with the first protocol. In an embodiment, the cryptographic devices may be arranged in a cluster configuration where each cryptographic device stores a matching set of cryptographic keys, and a load-balancing service acts as an interface to the cluster of cryptographic devices.
    Type: Grant
    Filed: April 30, 2018
    Date of Patent: September 19, 2023
    Assignee: Amazon Technologies, Inc.
    Inventor: Avni Harilal Rambhia
  • Patent number: 11764977
    Abstract: Techniques for providing to a user with an anonymous user signature on a message in a distributed decentralized network are presented. The techniques use a hardware security module and a certificate authority. The certificate authority: obtains a credential that includes a certificate for the user, where the certificate includes a user public key and a plurality of user attributes; receives a request for a signature on the message, where the request includes an indication of a subset of the plurality of user attributes to be revealed; accesses from the hardware security module a user secret key; and provides to the user at least the message signed by the user secret key and a zero-knowledge proof that establishes that the message is signed by the user secret key corresponding to the user public key in the credential without revealing the plurality of user attributes.
    Type: Grant
    Filed: April 1, 2021
    Date of Patent: September 19, 2023
    Inventor: Joydeep Sarkar