Patents Examined by Christopher J. Brown
  • Patent number: 10380560
    Abstract: A blockchain configuration may be used to store a distributed ledger for information security and accessibility. One example method of operation may include one or more of logging an asset in a blockchain, identifying a sub-asset linked to the asset, creating a use constraint for the sub-asset, logging the use constraint associated with the sub-asset, and during an access attempt of the sub-asset, prohibiting access to the sub-asset based on the use constraint.
    Type: Grant
    Filed: November 14, 2016
    Date of Patent: August 13, 2019
    Assignee: International Business Machines Corporation
    Inventors: Praveen Jayachandran, Palanivel A. Kodeswaran, Sayandeep Sen
  • Patent number: 10362045
    Abstract: Protection from malware download is provided. A first input is received to access one of an email attachment or a web site link using an application. A newly generated secure virtual machine is obtained from one of a network server or a cloud computing service. The one of the email attachment or the web site link is sent to the newly generated secure virtual machine for processing.
    Type: Grant
    Filed: December 11, 2017
    Date of Patent: July 23, 2019
    Assignee: International Business Machines Corporation
    Inventor: Richard H. Boivie
  • Patent number: 10346343
    Abstract: Encryption of a BIOS using a programmable logic device (PLD) is described. A PLD may include a static random-access memory area including programmable logic in a Lookup Table to receive a request to authenticate a basic input/output system (BIOS) executing on a processor coupled to the PLD. The PLD may calculate a hash value of a message associated with the BIOS using a Secure Hash Algorithm (SHA). The PLD may also include a random-access memory area including a first embedded random access memory block (EBR) to store a first portion of a 256-bit message digest associated with the message, a fifth portion of the 256-bit message digest, and second, third, fourth, sixth, seventh, and eighth EBRs to store second, third, fourth, sixth, seventh, and eighth portions of the 256-bit message digest, respectively.
    Type: Grant
    Filed: June 24, 2016
    Date of Patent: July 9, 2019
    Assignee: Intel Corporation
    Inventors: Vikram Suresh, Sudhir Satpathy, Sanu Mathew, Neeraj Upasani
  • Patent number: 10341382
    Abstract: A system for filtering electronic messages includes a client machine that includes a security module, wherein the security module has access to at least one message sent by a sender identified in the message through respective identification data and received by the client machine, wherein the security module is configured for reading the sender's identification data from the header of the message, finding and storing any potentially harmful contents of the body of the message, verifying if said potentially harmful contents satisfy validation conditions which are specific for the sender having the identification data specified in the header of the message, allowing or denying access to at least part of the body of the message, in which the potentially harmful contents are present, based on the result of the verification.
    Type: Grant
    Filed: June 17, 2014
    Date of Patent: July 2, 2019
    Inventors: Andrea Scozzaro, Gianluca Previti
  • Patent number: 10320824
    Abstract: In one embodiment, a device in a network receives traffic metrics for a plurality of applications in the network. The device populates a feature space for a machine learning-based anomaly detector. The device identifies a missing dataset in the feature space for a particular one of the plurality of applications. The device adjusts how traffic is sent in the network, to capture the missing dataset.
    Type: Grant
    Filed: January 7, 2016
    Date of Patent: June 11, 2019
    Assignee: Cisco Technology, Inc.
    Inventors: Jean-Philippe Vasseur, Grégory Mermoud, Laurent Sartran
  • Patent number: 10318750
    Abstract: An electronic device has a lower power state in which power to a storage device is disabled. Predetermined information stored in a memory is useable to unlock the storage device during a procedure to transition the electronic device from the lower power state to a higher power state. The predetermined information is different from a credential for use in unlocking the storage device.
    Type: Grant
    Filed: April 5, 2017
    Date of Patent: June 11, 2019
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventors: Valiuddin Y. Ali, Lan Wang, James Robert Waldron
  • Patent number: 10311240
    Abstract: Aspects of the subject technology relate to systems and methods for remote storage security. An encryption key is generated based at least on data stored locally by a computing device. The encryption key is bound to a context of the computing device. Data is encrypted using the encryption key. The encrypted data and information associated with the binding of the encryption key are provided for transmission to another computing device.
    Type: Grant
    Filed: August 25, 2015
    Date of Patent: June 4, 2019
    Assignee: Google LLC
    Inventors: Mattias Stefan Nissler, William Alexander Drewry, Darren David Krahn
  • Patent number: 10311223
    Abstract: A system for performing authorization of a user in a virtual reality environment includes a virtual reality user device. The virtual reality user device includes a display configured to display a virtual environment. The user device receives a virtual authentication object comprising a virtual representation of an object that the user can manipulate to enter an authentication code. The user device detects gestures performed by the user on the displayed virtual authentication object and forms an authentication request, which includes the virtual authentication object, the detected gestures; and an identifier of the user. The user device sends the authentication request to an authentication server. The authentication server determines an authentication code using the virtual authentication object and the detected gestures.
    Type: Grant
    Filed: December 2, 2016
    Date of Patent: June 4, 2019
    Assignee: Bank of America Corporation
    Inventors: Amanda J. Adams, Joseph N. Johansen, Michael Ogrinz, Heather Dolan, William P. Jacobson, Manu J. Kurian
  • Patent number: 10296743
    Abstract: A method and device for constructing an apk virus signature database and an apk virus detection system. The method comprises: obtaining a given sample set, the sample set being composed of N normal apk file samples and N virus-infected apk file samples; for any sample in the given sample set, separately obtaining M signature values of the sample according to M preset signatures; for any sample in the given sample set, separately obtaining M signature values of the sample according to M preset signatures; for any sample subset i (i=1, . . .
    Type: Grant
    Filed: March 3, 2015
    Date of Patent: May 21, 2019
    Assignee: Conew Network Technology (Beijing) Co., Ltd.
    Inventors: Guoqing Yuan, Haifeng Su, Xin Shu
  • Patent number: 10291630
    Abstract: A monitoring apparatus, includes a memory configured to store history information regarding a login attempt to a system by a communication apparatus in a state in which a first address is set, the system being a target to be monitored, and set a second address, and a processor coupled to the memory and configured to extract, from the history information, at least one of a variance of a number of login attempts per unit time and a length of a time of the login attempts, determine whether an attack in which accesses are attempted while an address is changed was executed on the system, according to the at least one of the variance and the length of the time, and add the second address of the system to a list that manages systems that had the attack when it is determined that the attack was executed.
    Type: Grant
    Filed: January 6, 2016
    Date of Patent: May 14, 2019
    Inventors: Satomi Saito, Satoru Torii, Masahiko Takenaka
  • Patent number: 10291398
    Abstract: A control unit of a communication device decrypts, when receiving via an antenna from a reader/writer a cipher key encrypted with a key same as a common key recorded in a recording unit by the reader/writer, the encrypted cipher key with the common key recorded in the recording unit, and when receiving via the antenna from the reader/writer a readout target address specifying a region of a data readout source in the recording unit encrypted with a cipher key same as the cipher key by the reader/writer, decrypting the encrypted readout target address with the cipher key, and transmitting the data recorded in the region specified by the readout target address obtained through decryption of the regions of the recording unit to the reader/writer via the antenna.
    Type: Grant
    Filed: July 28, 2016
    Date of Patent: May 14, 2019
    Assignee: Sony Corporation
    Inventors: Toshinori Kanemoto, Teiichi Shiga
  • Patent number: 10284527
    Abstract: Systems and methods may be provided for constructing and deconstructing encoded messages. A method for constructing an encoded message comprising: providing an unencoded message having one or more unencoded characters; identifying one or more suitable human-readable phrases indexed from one or more codebooks wherein characters from extended character sets are mapped to standard characters having similar appearances to the characters from the extended character sets to create one or more human-readable phrases; selecting a suitable human-readable phrase from the one or more codebooks; and generating an encoded message by mapping the unique and repeating characters of the unencoded messages to the extended character set provided by the selected human-readable phrase. Corresponding systems, and computer system products may be provided.
    Type: Grant
    Filed: February 2, 2016
    Date of Patent: May 7, 2019
    Assignee: TUMBLE TELL LTD.
    Inventors: Juan Martin Garcia, Jesse Capon, Francis Syms
  • Patent number: 10284598
    Abstract: In general, in one aspect, a system for providing honeypot network services may monitor network activity, and detect network activity indicative of network service discovery by a first device, for example, port scanning. The system may present a temporarily available network service to the first device in response to detecting the activity indicative of port scanning, for example, by redirecting traffic at an unassigned network address to a honeypot network service. The system may monitor communication between the first device and the presented honeypot network service to determine whether the monitored communication is indicative of a threat, and determine that the first device is compromised based on the monitored communication between the first device and the presented honeypot network service. The system may initiate measures to protect the network from the compromised first device.
    Type: Grant
    Filed: January 29, 2016
    Date of Patent: May 7, 2019
    Assignee: Sophos Limited
    Inventor: Daniel Stutz
  • Patent number: 10277578
    Abstract: Methods and systems are disclosed for providing approaches to receiving, by an enterprise framework device from an application executing on a computing device, a first request associated with accessing an enterprise resource and generating, by the data proxy device, a ticketed URL that is associated with resource device communications related to the first request. The methods and systems may include receiving, by the data proxy device from the operating system, a second request addressed to the ticketed URL, transmitting, by the data proxy device to the operating system, based on the second request addressed to the ticketed URL, a resource device response, and transmitting, by the enterprise framework device to the application, the resource device response.
    Type: Grant
    Filed: January 4, 2016
    Date of Patent: April 30, 2019
    Assignee: Citrix Systems, Inc.
    Inventor: Andrew Carnegie Innes
  • Patent number: 10275582
    Abstract: Systems and methods for controlling access to an online account are described. An access control message including an action to be performed on an online account can be sent from a mobile device to a server. The server may identify the mobile device based on identifying information in the access control message. Upon identifying the mobile device, the server may determine whether the user has authority to initiate the action to be performed on the online account. Upon determining that a user of the mobile device does have authority to initiate the indicated action, the action indicated in the access control message may be taken with respect to the online account.
    Type: Grant
    Filed: March 2, 2016
    Date of Patent: April 30, 2019
    Assignee: Visa International Service Association
    Inventor: Mark Carlson
  • Patent number: 10270789
    Abstract: Provided are systems, methods, and computer-program products for a targeted threat intelligence engine, implemented in a network device. The network device may receive incident data, which may include information derived starting at detection of an attack on the network until detection of an event. The network device may include analytic engines that run in a predetermined order. An analytic engine can analyze incident data of a certain data type, and can produce a result indicating whether a piece of data is associated with the attack. The network device may produce a report of the attack, which may include correlating the results from the analytic engines. The report may provide information about a sequence of events that occurred in the course of the attack. The network device may use the record of the attack to generate indicators, which may describe the attack, and may facilitate configuring security for a network.
    Type: Grant
    Filed: January 12, 2017
    Date of Patent: April 23, 2019
    Inventor: Abhishek Singh
  • Patent number: 10255442
    Abstract: Systems and methods are disclosed herein for publishing sensitive content at a future time, where prior to the future time, receiving an encrypted version of the sensitive content is received and a sequence of proof rules are applied to random portions of the encrypted version of the sensitive content. Upon successful application of the sequence of proof rules, the encrypted version of the sensitive content is prepared for publication and optionally published in encrypted form. At the future time, an encryption key is received for the encrypted version of the sensitive content and the encrypted version of the sensitive content is decrypted with the encryption key to produce the sensitive content.
    Type: Grant
    Filed: November 15, 2016
    Date of Patent: April 9, 2019
    Assignee: Adobe Inc.
    Inventors: Antonio Sanso, Philipp Suter
  • Patent number: 10250593
    Abstract: Embodiments of the invention relate to methods of generating and using an image-based derived key. In various embodiments, the image-based derived key may be used to facilitate user authentication and data encryption. For some embodiments, a method is disclosed comprising determining an image-based derived key, wherein the image-based derived key is generated from a selection of authentication images chosen by a user, encrypting data using the image-based derived key, and transmitting the encrypted data.
    Type: Grant
    Filed: August 15, 2017
    Date of Patent: April 2, 2019
    Assignee: Visa International Service Association
    Inventors: Selim Aissi, Taeho Kgil, Ajit Gaddam
  • Patent number: 10243975
    Abstract: A transparent proxy for malware detection includes a monitor module, a protocol determination module, a challenge generation module, a response determination module, and a data control module. The monitor module examines data originating from an application towards a remote server. The protocol determination module identifies the protocol type used for the data. The challenge generation module produces a challenge for the application based upon the protocol type, sends the challenge to the application, and maintains a state related to the data and the challenge. The response determination module makes a determination if an automatic non-interactive application response is received in response to the challenge from the application. The data control module allows the first data to continue to the remote server when the determination is valid. The data control module reports malware detection and blocks the data to continue to the remote server when the determination is invalid.
    Type: Grant
    Filed: November 22, 2016
    Date of Patent: March 26, 2019
    Assignee: George Mason Research Foundation, Inc.
    Inventors: Angelos Stavrou, Sushil Jajodia, Anup K. Ghosh, Rhandi Martin, Charalampos Andrianakis
  • Patent number: 10237271
    Abstract: A network access device may obtain user fingerprint information of a terminal. The network access device may transmit the user fingerprint information of the terminal to a portal server, before the terminal is authenticated, so that the portal server may push to the terminal an authentication page corresponding to the user fingerprint information of the terminal.
    Type: Grant
    Filed: April 3, 2014
    Date of Patent: March 19, 2019
    Inventor: Chunxia Qiu