Patents Examined by Christopher A. Revak
-
Patent number: 11290276Abstract: A method for managing documents includes obtaining, from a first computing device, a first signed document, and in response to obtaining the first signed document: identifying a first plurality of validity services associated with the signed document, sending a verification request to the first plurality of validity services, wherein each of the plurality of verification requests specifies the first signed document, obtaining a plurality of verification responses from the first plurality of validity services, and making a determination, based on the plurality of verification responses, that the first signed document is valid.Type: GrantFiled: August 2, 2019Date of Patent: March 29, 2022Assignee: EMC IP Holding Company LLCInventors: Radia Joy Perlman, Charles William Kaufman
-
Patent number: 11290257Abstract: To securely realize updating of a key shared between an apparatus on a transmission side and an apparatus on a reception side. A second apparatus encrypts a new shared key by an encryption processing unit, issues a signature for the encrypted new shared key from a signature processing unit, and transmits the signature and the encrypted new shared key to a first apparatus. When a signature processing unit fails in verifying the signature, the first apparatus performs control to prohibit at least one of processing executed after reception of the encrypted new shared key and required to store the new shared key into a storage unit.Type: GrantFiled: April 10, 2019Date of Patent: March 29, 2022Assignee: RENESAS ELECTRONICS CORPORATIONInventors: Tadaaki Tanimoto, Daisuke Moriyama
-
Patent number: 11281773Abstract: A method can include obtaining access card data from an access card. The access card can include accessibility data. The access card can be configured to electronically permit access to one or more systems by transmitting the accessibility data. The access card data can include at least a portion of the accessibility data. The method can further include storing the access card data. The method can further include transmitting the access card data to a penetration test system that is configured to test the one or more systems for at least one system vulnerability based, at least in part, on the access card data.Type: GrantFiled: November 21, 2019Date of Patent: March 22, 2022Assignee: International Business Machines CorporationInventors: Justin Podzunas, Jason A. Nikolai
-
Patent number: 11275832Abstract: Methods and systems for security monitoring and response include assigning an anomaly score to each of a plurality of event paths that are stored in a first memory. Events that are cold, events that are older than a threshold, and events that are not part of a top-k anomalous path are identified. The identified events are evicted from the first memory to a second memory. A threat associated with events in the first memory is identified. A security action is performed responsive to the identified threat.Type: GrantFiled: February 4, 2020Date of Patent: March 15, 2022Inventors: Ding Li, Kangkook Jee, Zhichun Li, Zhengzhang Chen, Xiao Yu
-
Patent number: 11269998Abstract: To provide an image data alteration detection device, an image data alteration detection method, and a data structure of image data that can easily detect an alteration in image data. Metadata in image data includes a first hash value calculated based on predetermined data, a second hash value calculated based on a character string of a script, and the script. An image alteration detection device calculates a third hash value based on the predetermined data and the script included in the metadata, calculates a fourth hash value based on a character string of the script included in the metadata, compares the first hash value included in the metadata with the calculated third hash value and the second hash value included in the metadata with the calculated fourth hash value, and detects that the image data is altered when one of the values is not equal.Type: GrantFiled: January 15, 2020Date of Patent: March 8, 2022Assignee: JVCKENWOOD CorporationInventor: Yuuki Watanabe
-
Patent number: 11272443Abstract: A computer implemented method of distributed wireless communications access security, the method comprising steps a computer processor of a server computer is programmed to perform, the steps comprising: receiving data characterizing a device, selecting a policy from a database of policies using the received data characterizing the device, for the device, the policy defining a criterion for determining which wireless access points are allowable, and communicating data defining the selected policy to the device, for the device to use for determining whether access to an active wireless access point is allowable.Type: GrantFiled: April 19, 2017Date of Patent: March 8, 2022Assignee: CORONET CYBER SECURITY LTD.Inventor: Doron Milchtaich
-
Patent number: 11265174Abstract: A method for processing blockchain data is applied to a terminal device provided with a trusted execution environment and includes: acquiring, from a blockchain, data to be verified of a target service, the data to be verified including circulation data generated during execution of the target service and recorded in the blockchain; determining, based on the target service, a relevant third-party authority for verifying authenticity of the data to be verified, and acquiring benchmark circulation data generated during the execution of the target service and recorded in the third-party authority; transferring the data to be verified and the benchmark circulation data to the trusted execution environment through a first trusted application on the terminal device; and determining whether the data to be verified meets a verification rule, and outputting a verification result of the data to be verified.Type: GrantFiled: June 25, 2021Date of Patent: March 1, 2022Assignee: Alipay (Hangzhou) Information Technology Co., Ltd.Inventors: Wenyu Yang, Honglin Qiu, Ying Yan, Shubo Li, Yuan Chen, Hanghang Wu, Renhui Yang, Qin Liu
-
Patent number: 11258805Abstract: An event can be associated with a monitored computing device and a command-line record. An event vector can be determined for each of a plurality of events based at least in part on at least a portion of the respective command-line record and on a trained representation mapping. A respective reduced event vector can be determined having fewer elements. The reduced event vectors can be clustered to determine cluster identifiers. A first event can be determined to be associated with a security violation based on a corresponding cluster identifier matching a cluster identifier of a second event that is associated with a security violation. In some examples, a cluster can include a relatively larger first group of events and a relatively smaller second group of events. That cluster can be determined to satisfy a criterion based on the numbers of events in at least one of the groups.Type: GrantFiled: March 28, 2019Date of Patent: February 22, 2022Assignee: CrowdStrike, Inc.Inventors: Cory-Khoi Quang Nguyen, Jaron Michael Bradley, John Lee, Brody Nisbet
-
Patent number: 11250126Abstract: Disclosed herein are systems and method for malicious behavior detection in processing chains comprising identifying a chain of related processes executing on a computing device; for each respective process in the chain of related processes: monitoring events generated by the respective process; storing snapshots of data modified by any of the events; determining a level of suspicion for the respective process by applying an artificial intelligence (AI) model to the snapshots of data; determining whether the chain of related processes is trusted based on the determined levels of suspicion; and in response to determining that the chain of related processes is not trusted, restoring objects affected by the chain from the snapshots.Type: GrantFiled: September 25, 2019Date of Patent: February 15, 2022Assignee: Acronis International GmbHInventors: Vladimir Strogov, Vyacheslav Levchenko, Serguei Beloussov, Sergey Ulasen, Stanislav Protasov
-
Patent number: 11250133Abstract: A system is provided for configurably signing a secure data image that includes software code that interprets cryptographic atomic code. In the system, a code signing engine includes an interpreter that interprets atomic code signing operations presented in a recipe defined by a system administrator according to configuration parameter values supplied with the input image.Type: GrantFiled: January 14, 2019Date of Patent: February 15, 2022Assignee: ARRIS Enterprises LLCInventors: Tat Keung Chan, Ting Yao, Alexander Medvinsky
-
Patent number: 11244046Abstract: An electronic device includes clock generation circuitry, a combinational logic circuit, one or more functional state-sampling components, and protection logic. The clock generation circuitry is configured to generate a clock signal having a periodic clock cycle. The combinational logic circuit includes multiple internal nets and one or more outputs. The functional state-sampling components are configured to sample the respective outputs of the combinational logic circuit periodically in accordance with the clock signal. The protection logic is configured to receive one or more signals from the internal nets or outputs of the combinational logic circuit, to detect, in one or more of the received signals, a signal instability that occurs during a predefined portion of the periodic clock cycle in which, in accordance with a design of the combinational logic circuit, the signals are expected to be stable, and to initiate a responsive action in response to the detected signal instability.Type: GrantFiled: September 16, 2019Date of Patent: February 8, 2022Assignee: NUVOTON TECHNOLOGY CORPORATIONInventor: Ziv Hershman
-
Patent number: 11233655Abstract: Examples in this application disclose data verification methods, media, and systems. One example method includes receiving, from a blockchain network by a trusted execution environment (TEE) in a blockchain node, a trigger instruction based on a timed starting logic identifying a starting time to execute a smart contract, where the timed starting logic is comprised in a chain code which comprises information of a blockchain account and is executable by the blockchain node to determine the information of the blockchain account, retrieving first encrypted data from a first institution, decrypting the first encrypted data, receiving a data sharing request comprising a user identity corresponding to user basic data from a second institution, retrieving the user basic data based on the user identity, performing verification processing of the user basic data based on the trigger instruction to obtain a verification result, and sending the verification result to the second institution.Type: GrantFiled: June 30, 2021Date of Patent: January 25, 2022Assignee: Alipay (Hangzhou) Information Technology Co., Ltd.Inventors: Renhui Yang, Yuan Chen, Xinmin Wang, Wenyu Yang, Feng Qian, Qianting Guo, Shubo Li
-
Patent number: 11233656Abstract: A method for mining a block in a decentralized blockchain consensus network (DBCN) includes sending, by a mining computing entity (MCE), a signing request for mining a new block of a blockchain to a trusted execution environment computing entity (TEE-CE), the signing request including block information, the block information including block height information, and comparing, by the TEE-CE, the block height information of the signing request with block height information from a last signing request and providing a matching, when the difference between the block height information of the signing request and the block height information from the last signing request satisfies a defined value. The method further comprises, upon providing the matching, signing, by the TEE-CE, the new block based on the block information, and providing, by the MCE, the new signed block to the DBCN.Type: GrantFiled: February 24, 2017Date of Patent: January 25, 2022Assignee: NEC CORPORATIONInventors: Ghassan Karame, Jens-Matthias Bohli, Wenting Li
-
Patent number: 11228587Abstract: Disclosed is a method of authorizing a user for accessing a server and/or for receiving of an on-line service and the steps of: capturing biometric data of the user using the sensor on a ME; forming from the biometric data a biometric template on the IDS and storing the biometric template on the MED; and via the IDS allowing access to a server by the user providing to the IDS, via the MED, matching biometric data and a biometric template. On the MED, a local check can be made for a match between biometric data of the user that are captured using the sensor on the MED and biometric data read out of the memory.Type: GrantFiled: February 16, 2017Date of Patent: January 18, 2022Assignee: MORPHO B.V.Inventors: Joost Van Prooijen, Claire Durand, Rodolphe Hugel, Jouri De Vos
-
Patent number: 11223489Abstract: Techniques for transparently adding one or more security controls to a challenge-response-based protocol are provided. In one technique, a client device sends a request for a resource to a resource server. The client device receives a challenge as part of a challenge-response handshake and forwards, to a proxy server, the challenge as part of a cryptographic request that includes a key identifier and certain data. In response, the proxy server initiates one or more security controls and sends the key identifier and the certain data to a cryptographic device that generates output based on the certain data. The proxy server receives the output from the cryptographic device. The proxy server determines whether at least one of the security controls resulted in a success. The proxy server sends the output to the client device only in response to determining that at least one of the security controls resulted in a success.Type: GrantFiled: April 13, 2021Date of Patent: January 11, 2022Assignee: Garantir LLCInventor: Kieran Miller
-
Patent number: 11212259Abstract: A method, system, and computer-usable medium are disclosed for performing packet processing of network traffic on a master security device of a plurality of security devices, such packet processing including connection tracking for the network traffic, and offloading packet inspection of the network traffic to one or more slave security devices of the plurality of security devices.Type: GrantFiled: February 9, 2018Date of Patent: December 28, 2021Assignee: Forcepoint LLCInventors: Mika Lansirinne, Valtteri Rahkonen, Pekka Riikonen
-
Patent number: 11212096Abstract: A hosted secrets management transport system and method for managing secrets at one or more offsite locations that facilitates secret flow, secret retrieval, and secret replication. The method includes defining boundaries for two or more sovereignties, each sovereignty having an independent master record and each sovereignty including two or more regions; defining a primary region within the two or more regions; accessing, within the primary region, a master record hardware security module that is a primary source of secrets; defining a second region; accessing, within the second region, a backup record hardware security module that is where data backups of the secrets from the master record hardware security module are created; and executing live replication from the master record hardware security module to the backup record hardware security module in which the live replication that supports multi-tenancy secret management of multiple distinct companies at the same time.Type: GrantFiled: January 29, 2019Date of Patent: December 28, 2021Assignee: CELLAR DOOR MEDIA, LLCInventors: Christopher Teitzel, Tynor Fujimoto
-
Patent number: 11212110Abstract: Arrangements of the present disclosure relate to a method for securing data located in a blockchain having a plurality of blocks. The method includes creating a pointer within a block of the plurality of blocks, the pointer pointing to a security vault located external to the blockchain. The method further includes copying the block, storing the copied block in the security vault using the pointer, and securing the security vault.Type: GrantFiled: March 26, 2019Date of Patent: December 28, 2021Assignee: Wells Fargo Bank, N.A.Inventor: Phillip H. Griffin
-
Patent number: 11206127Abstract: The disclosure disclosures a blockchain-based verifiable inter-domain routing validation method, which includes: constructing a blockchain-based verifiable inter-domain routing system consisting of a verifiable inter-domain routing and a routing behavior validation subsystem; constructing, by a sender router R1, a routing behavior validation terminal of an autonomous domain to which the R1 belongs, and the routing validation blockchain system, a routing evidence and a routing evidence validation proposal, validating and endorsing the proposal, determining whether the proposal satisfies an endorsement policy, generating a routing evidence transaction, conducting consensus ordering on the transaction and updating a routing validation blockchain; and constructing, by a receiver router T, a routing behavior validation terminal of an autonomous domain to which the T belongs, and the routing validation blockchain system, a routing request validation message and retrieving whether a routing evidence corresponding toType: GrantFiled: November 20, 2020Date of Patent: December 21, 2021Inventors: Yaping Liu, Binxing Fang, Shuo Zhang, Zhe Li, Qingyuan Li
-
Patent number: 11201746Abstract: A system may receive a credential token and an access command. The access command may identify access logic to modify a datablock stored in a blockchain. The credential token may be mapped to a role token included in a role-based access control model. The system may determine a role-based access control framework authorizes the access command by identifying an authorization token in the role-based access control model, and the system may determine the role token is mapped to the identified authorization token in the role-based access control model. The system may determine the datablock includes the identified authorization token. The system may validate the identified authorization token. The system may authorize execution of the access logic to modify the datablock in response to the access command being authorized by the role-based access control framework, and validation of the identified authorization token included in the datablock.Type: GrantFiled: August 1, 2019Date of Patent: December 14, 2021Assignee: ACCENTURE GLOBAL SOLUTIONS LIMITEDInventor: Sridhar Ranganathan