Patents Examined by Christopher J. Brown
  • Patent number: 10986150
    Abstract: The disclosed technology teaches distributed routing and load balancing in a dynamic service chain: receiving and processing a packet, with added header including stream affinity code, at a first service instance and based on processing determining a second service, among available services, that should next handle the packet. The technology teaches accessing a flow table using the stream affinity code in the header to select a service instance performing the second service in the service chain, and routing the packet to the second service instance upon egress from the first service instance. When the flow table lacks an entry for the second service corresponding to the stream affinity code, the disclosed technology teaches accessing a consistent hash table of service instances performing the second service, selecting an available instance, and updating the flow table to specify the second service instance as providing the second service for packets sharing the header.
    Type: Grant
    Filed: March 2, 2020
    Date of Patent: April 20, 2021
    Assignee: Netskope, Inc.
    Inventors: Ravi Ithal, Umesh Bangalore Muniyappa
  • Patent number: 10977364
    Abstract: Systems and methods for identifying a security risk include a security group analyzer that identifies a first set of users belonging to a security group such as a local administrators' group. A privileges analyzer identifies a second set of users having one or more privileges gained from user rights assignments that may pose a security risk. An autostart extensibility point (ASEP) access analyzer identifies a third set of users by identifying users having access to an ASEP entry or an image path identified by an ASEP entry. A security risk identifier identifies security risks by identifying users that are in the second or third set of users but are not in the first set of users. A security handler performs a responsive action in response to the identification of the security risk. A security graph builder uses the identified interrelationships to build a security graph that illustrates the security risks.
    Type: Grant
    Filed: February 16, 2018
    Date of Patent: April 13, 2021
    Assignee: Microsoft Technology Licensing, LLC
    Inventor: Andrew F. Harris
  • Patent number: 10972487
    Abstract: A Content Delivery Network (CDN) includes one or more cache servers communicatively coupled to end users for providing content thereto; and one or more origin servers communicatively coupled to the one or more cache servers through a plurality of nodes, the one or more cache servers are configured to receive traffic related to the content from the one or more origin servers through the one or more nodes of the plurality of nodes, based on one or more of a push technique and a pull technique, and the plurality of nodes are configured to monitor the traffic between the one or more origin servers and the one or more cache servers in an inline manner, process the traffic for malware and data leakage based on policy, and block the traffic responsive to detection of one or more of the malware and the data leakage, prior to traffic entering the CDN.
    Type: Grant
    Filed: January 28, 2019
    Date of Patent: April 6, 2021
    Assignee: Zscaler, Inc.
    Inventors: Dhawal Kumar Sharma, Manoj Apte, Patrick Foxhoven
  • Patent number: 10963580
    Abstract: Embodiments for rendering content by a processor are provided. A request to render content is received. A score is assigned to each of a plurality of rendering browsers based on a plurality of factors associated with the content and the plurality of rendering browsers, the score used in determining a selection of the rendering browser and weighted according to each of the plurality of factors which include: a security risk of the content, and language support, performance characteristics and a user preference of the plurality of rendering browsers. The selected rendering browser is automatically instantiated and the content is rendered by the selected rendering browser on the computing device.
    Type: Grant
    Filed: August 7, 2019
    Date of Patent: March 30, 2021
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Ramamohan Chennamsetty, Charles K. Davis, III, Christopher R. Dotson, Charles S. Lingafelt
  • Patent number: 10965685
    Abstract: A method includes receiving a user indication to create an online collaborative team within an online chat environment. The method further includes receiving a user selection of members for the online collaborative team. The online collaborative team enables the selected members of the online collaborative team to communicate with one another. The online chat environment maintains communication of the members and activities of the members of the online collaborative team. The online chat environment makes the activities and the communication available to the members when the members are within the online chat environment. The method further includes accessing attributes associated with the members of the online collaborative team. The method, responsive to the accessing the attributes associated with the members, determines a privacy setting of the online collaborative team.
    Type: Grant
    Filed: April 5, 2019
    Date of Patent: March 30, 2021
    Assignee: RingCentral, Inc.
    Inventors: Christopher van Rensburg, Kevin Cubba
  • Patent number: 10966083
    Abstract: An anchor key generation method, device, and system, where the method includes generating, by a unified data management network element (UDM), an intermediate key based on a cipher key (CK), an integrity key (IK), and indication information regarding an operator; sending, by the UDM, the intermediate key to an authentication server function (AUSF); receiving, by the AUSF, the intermediate key; generating, by the AUSF, an anchor key based on the intermediate key; sending, by the AUSF, the anchor key to a security anchor function (SEAF); and generating, by the SEAF, a key (Kamf) based on the anchor key, where the Kamf is used to derive a 3rd Generation Partnership Project (3GPP) key.
    Type: Grant
    Filed: June 14, 2019
    Date of Patent: March 30, 2021
    Assignee: HUAWEI TECHNOLOGIES CO., LTD.
    Inventors: Rong Wu, Bo Zhang, Lu Gan
  • Patent number: 10956559
    Abstract: An approach is described for securely and automatically handling credentials when used for accessing endpoints, and/or applications and resources on the endpoints, and more particularly accessing web endpoints and/or web applications and resources on the web endpoints. The approach involves selecting and injecting credentials at an endpoint by an accessor and/or protocol agent to log into the endpoint, running applications, or gaining access to resources on the endpoint, without full credential information traversing the accessor's machine.
    Type: Grant
    Filed: March 5, 2019
    Date of Patent: March 23, 2021
    Assignee: BEYONDTRUST CORPORATION
    Inventors: Rajesh Cherukuri, John Burns Smith, III, Nicholas Shawn Twerdochlib, Ricardo Fabiano De Andrade
  • Patent number: 10944778
    Abstract: A method and system for implementing risk-based cyber security. Specifically, the disclosed method and system entail evaluating risk as a decision threshold for conducting cyber security assessments of system images within cloud computing environments. Further, the disclosed method and system pivot on intelligence pertaining to the latest cyber threats and/or vulnerabilities found worldwide.
    Type: Grant
    Filed: October 27, 2017
    Date of Patent: March 9, 2021
    Assignee: EMC IP Holding Company LLC
    Inventors: Oron Golan, Assaf Natanzon, Amit Lieberman, Yuri Manusov, Raul Shnier
  • Patent number: 10944771
    Abstract: Systems and methods are disclosed for computing network operations. For example, methods may include identifying one or more partial matches between a value associated with a configuration item and a value associated with one or more computing resource types from a set of computing resource types; forming a search query based on the one or more partial matches; invoking a search of one or more information sources using the search query to obtain ranked search results; selecting one computing resource type from the set of computing resource types based on a ranking of the search results; and updating the configuration item to associate the configuration item with the selected computing resource type.
    Type: Grant
    Filed: May 3, 2017
    Date of Patent: March 9, 2021
    Assignee: SERVICENOW, INC.
    Inventors: Apolak Borthakur, Manish Srivastava, Yu Xia
  • Patent number: 10924262
    Abstract: The present disclosure provides a computer-implemented method for processing dynamic data by dynamic data processing device. The device comprises a homomorphic encryption module and a plurality of computing modules running in parallel. The method comprises carrying out, by the homomorphic encryption module, fully homomorphic encryption to dynamic data received from an object which generates the dynamic data; updating, by the computing module which is not in bootstrapping, the encrypted state variable; and carrying out, by the computing module which completes bootstrapping, the first update to the encrypted state variable. The first update to the encrypted state variable after completion of bootstrapping is carried out by x(t+Nboot)?ANbootx(t)+?j=0Nboot?1ANboot?1?jB(r(t+j)?y(t+j)).
    Type: Grant
    Filed: August 7, 2019
    Date of Patent: February 16, 2021
    Assignee: Crypto Lab Inc.
    Inventors: Hyungbo Shim, Junghee Cheon, Yongsoo Song, Miran Kim, Junsoo Kim, Chanhwa Lee
  • Patent number: 10911432
    Abstract: Methods and apparatuses for using certificates using a positive list are provided. This involves a message, wherein the message includes a certificate for a device, the certificate has a signature for checking an authenticity of the certificate and a piece of admissibility information for ascertaining an admissibility of the certificate using a positive list, being taken as a basis for carrying out authorization for the device subject to the check and the ascertainment. The disclosed can be used in industrial or medical environments.
    Type: Grant
    Filed: December 8, 2014
    Date of Patent: February 2, 2021
    Inventors: Rainer Falk, Steffen Fries
  • Patent number: 10867038
    Abstract: A system and method is provided for determining whether an electronic file is malicious. An exemplary method includes extracting resources from an electronic file; forming a first rule that establishes a functional dependency between the extracted resources; identifying, in a database of malicious file resources, a second rule associated with one or more of the extracted resources; comparing the formed first rule with the identified second rule to calculate a degree of similarity between first and second rules; and determining the electronic file to be a malicious file when the calculated degree of similarity exceeds a predetermined threshold value.
    Type: Grant
    Filed: August 4, 2017
    Date of Patent: December 15, 2020
    Assignee: AO KASPERSKY LAB
    Inventors: Vladimir V. Krylov, Alexander V. Liskin
  • Patent number: 10862906
    Abstract: A comprehensive security operation platform with artificial intelligence capabilities which may collaborate and/or automate tasks, including complex and/or redundant security tasks. An automated system may assist security analysts and security operations center managers in discovering security incidents. A comprehensive security operations platform may combine intelligent automation scale and collaborative human social learning, wisdom and experience. An automated system may empower security analysts to resolve incidents faster and reduce redundancy through collaboration with peers in virtual war rooms. An automated system may automate security analyst work by executing tasks from the war room or by following playbooks defined by the security analysts.
    Type: Grant
    Filed: February 16, 2018
    Date of Patent: December 8, 2020
    Assignee: PALO ALTO NETWORKS, INC.
    Inventors: Doron Sharon, Meir Wahnon, Aviad Lichtenstadt
  • Patent number: 10860739
    Abstract: One embodiment provides a method, including: accessing, on a mobile end user device, a media file; processing, using a processor of the mobile end user device, the media file to characterize the media file; detecting, using the processor, at least one privacy-sensitive characteristic of the media file; and setting an indicator, using the processor, denoting the media file as privacy-sensitive prior to permitting the media file to be stored on a cloud account device. Other embodiments are described and claimed.
    Type: Grant
    Filed: December 12, 2014
    Date of Patent: December 8, 2020
    Assignee: Lenovo (Singapore) Pte. Ltd.
    Inventors: Scott Wentao Li, Russell Speight VanBlon, David Rivera
  • Patent number: 10862669
    Abstract: The present invention relates to a method for encryption or decryption of a data block from a secret key, wherein the method comprises: generating a first round key kr dependent on the secret key, selecting each of a first mask (?br) and a second mask (?br+1) in a set consisting of a mask of bits all at one and a mask of all zero bits, calculating a first masked key kr? from the first round key kr and the first mask (?br) as follows: kr?=kr?(?br) wherein ? is an exclusive disjunction, executing a first encryption round applied to two first data dependent on the data block, by means of the first masked round key kr? so as to produce two second data, after producing the first masked key kr?, generating a second round key kr+1 dependent on the secret key, calculating a second masked key kr+1? from the second round key kr+1 and the second mask (?br+1) as follows: kr+1?=kr+1?(?br+1), calculating two third data Lrbr+1, Rrbr+1 as follows: Rrbr+1=Rrbr?(?br?1)?(?br) Lrbr+1=Lrbr?(?br?1)?(?br) and executing a secon
    Type: Grant
    Filed: September 20, 2017
    Date of Patent: December 8, 2020
    Assignee: IDEMIA IDENTITY & SECURITY FRANCE
    Inventors: Houssem Maghrebi, Guillaume Dabosville, Emmanuel Prouff
  • Patent number: 10862671
    Abstract: Described herein is a system in which an electronic record is stored on a distributed environment with respect to an item. In this system, transactions may be conducted for an item in an anonymous fashion. In some embodiments, a first user may input an item identifier associated with an item as well as an indication of an action to be performed with respect to that item. The identifier may be transmitted to a blockchain network, which may use that identifier to locate a blockchain associated with the item. A blockchain may include a series of transaction records associated with the item, each of which is signed using a private key. Upon performance of the indicated action, the blockchain network may generate a new transaction record, append that transaction record to the blockchain, and sign the transaction record.
    Type: Grant
    Filed: August 2, 2017
    Date of Patent: December 8, 2020
    Assignee: Visa International Service Association
    Inventor: William Leddy
  • Patent number: 10855715
    Abstract: One variation of a method for predicting security risks of assets on a computer network includes: over a first period of time, detecting an asset connected to the computer network and a first set of behaviors exhibited by the asset; associating the asset with a first set of assets based on similarity of the first set of behaviors to behaviors characteristic of the first set of assets; over a second period of time succeeding the first period of time, detecting the asset connected to the computer network and a second set of behaviors exhibited by the asset; detecting deviation of the asset from the first set of assets based on differences between the second set of behaviors and behaviors characteristic of the first set of assets; and generating a security alert for the asset in response to deviation of the asset from the first set of assets.
    Type: Grant
    Filed: October 31, 2017
    Date of Patent: December 1, 2020
    Assignee: SUMO LOGIC, INC.
    Inventors: Gregory Charles Martin, Jeffrey J. Guy, Grant Babb
  • Patent number: 10855688
    Abstract: A cloud asset manager can securely provide multi-tenant access to remote assets while preserving isolation across tenants. The remote asset manager defines various roles for legitimate users of the remote asset manager. The roles are associated with credentials that provide access to the remote assets and/or information about the remote assets maintained by a service provider. And the users map to roles based on attempted actions that access the service provider. Thus, a user's requested action is attempted with credentials associated with a role that maps to the requested action.
    Type: Grant
    Filed: December 16, 2014
    Date of Patent: December 1, 2020
    Assignee: NetApp Inc.
    Inventors: Dekel Sharabi, Ofer Nivy
  • Patent number: 10855668
    Abstract: Authenticating a client device coupled to an authenticator network device for a network. A service request is received from the client device at the authenticator network device. User credentials, including a user ID, a user key, and a nonce for a user are received at the authenticator network device. A token is generated using the received user credentials. The service request is modified to include the token and a user ID parameter that is the user ID to generate a modified service request. The modified service request is used to provide single sign-on access to a service that is the subject of the service request.
    Type: Grant
    Filed: February 13, 2017
    Date of Patent: December 1, 2020
    Assignee: Extreme Networks, Inc.
    Inventors: Peng Fan, Xu Zou, Wei Song
  • Patent number: 10853466
    Abstract: In various implementations, a key may be provided. The key may be portable to facilitate use and reduce costs. The key may include a connector and a housing. The connector may allow direct coupling of the key with a mobile device. Once the connector is directly coupled to a mobile device, the key may perform tests or other commands from a server and/or lock the mobile device.
    Type: Grant
    Filed: March 8, 2018
    Date of Patent: December 1, 2020
    Assignee: Hyla, Inc.
    Inventors: Bikramjit Singh, Rebekah Jane Griffiths, Rajiv Kumar Dwivedi, Karl Felix Medina