Patents Examined by Daniel B Potratz
  • Patent number: 11683165
    Abstract: The concepts and technologies disclosed herein are directed to quantum key distribution (“QKD”) networking as a service. According to one aspect disclosed herein, a microservices controller can establish a plurality of quantum connections with a plurality of virtual quantum connection managers (“vQCMs”) deployed in association with a set of quantum user nodes (“QUNs”) in a QKD network. The microservices controller can receive a request to initialize the QKD network. The microservices controller can coordinate with the plurality of vQCMs to handle initialization of the QKD network. The microservices controller can receive a QKD service request from a QKD network operator. The microservices controller can invoke a plurality of microservices to handle the QKD service request.
    Type: Grant
    Filed: November 30, 2020
    Date of Patent: June 20, 2023
    Assignee: AT&T Intellectual Property I, L.P.
    Inventors: Moshiur Rahman, William Trost, Daniel Solero, Daniel Sheleheda
  • Patent number: 11676011
    Abstract: Embodiments are disclosed for a method for private transfer learning. The method includes generating a machine learning model comprising a training application programming interface (API) and an inferencing API. The method further includes encrypting the machine learning model using a predetermined encryption mechanism. The method additionally includes copying the encrypted machine learning model to a trusted execution environment. The method also includes executing the machine learning model in the trusted execution environment using the inferencing API.
    Type: Grant
    Filed: October 24, 2019
    Date of Patent: June 13, 2023
    Assignee: International Business Machines Corporation
    Inventors: Jeb R. Linton, John Behnken, John Melchionne, Michael Amisano, David K. Wright
  • Patent number: 11677542
    Abstract: An example operation may include one or more of identifying blockchain transactions for a particular blockchain, identifying blockchain transaction metrics from the blockchain transactions, determining whether the blockchain transaction metrics require a change to current blockchain operating rules, and when the blockchain transaction metrics require the change to the current blockchain operating rules, modifying the current blockchain operating rules.
    Type: Grant
    Filed: May 17, 2018
    Date of Patent: June 13, 2023
    Assignee: International Business Machines Corporation
    Inventors: Garfield Vaughn, Tetiana Iakovenko, Marcelo A. Martins, Nitin Gaur, Rolando Franco
  • Patent number: 11671412
    Abstract: The technology disclosed herein provides network bound encryption that enables a node management device to orchestrate workloads with encrypted data without sharing the decryption key. An example method may include: obtaining an asymmetric key pair comprising a public asymmetric key and a private asymmetric key; establishing a symmetric key using a key establishment service, wherein the symmetric key is established in view of the private asymmetric key of a first computing device and a public asymmetric key of the key establishment service; transmitting sensitive data encrypted using the symmetric key to a persistent storage device accessible to a second computing device; initiating a creation of an execution environment on the second computing device; and providing, by the first computing device, the public asymmetric key and the location data to the second computing device, wherein the location data corresponds to the key establishment service.
    Type: Grant
    Filed: July 1, 2020
    Date of Patent: June 6, 2023
    Assignee: Red Hat, Inc.
    Inventors: Michael Hingston McLaughlin Bursell, Nathaniel Philip McCallum
  • Patent number: 11671446
    Abstract: A method for mitigating network abuse includes obtaining a first set of network traffic messages of network traffic currently received by a network service and determining, via a first model, whether network abuse is occurring based on the first set of network traffic messages. When the network abuse is occurring, the method includes obtaining a second set of current network traffic messages. The method also includes, for each network traffic message in the second set of network traffic messages, labeling, via a second model, the network traffic message as an abusing network traffic message or a non-abusing network traffic message. The method also includes generating, via a third model, at least one network traffic rule. Each network traffic rule, when implemented, reduces an effect of the abusing network traffic messages.
    Type: Grant
    Filed: December 11, 2020
    Date of Patent: June 6, 2023
    Assignee: Google LLC
    Inventors: Francois Pepin, Andre Lloyd Perlee Harder, Prajakta Joshi, Amitabha Roy, Saila Talagadadeevi, Emil Kiner, Chia-Tung Kuo, Jiayu Ye
  • Patent number: 11665182
    Abstract: One or more computing devices, systems, and/or methods are provided. Event information associated with a plurality of events may be identified. The plurality of events may be associated with first entities corresponding to a first entity type and second entities associated with a second entity type. A first network profile associated with the first entities and the second entities may be generated based upon the event information. An arrangement of particles corresponding to the first entities and the second entities may be generated. Charges associated with the particles may be determined based upon the first network profile. The particles may be rearranged to a second arrangement of particles based upon the charges. One or more clusters of particles in the second arrangement of particles may be identified. One or more coalition networks associated with fraudulent activity may be identified based upon the one or more clusters of particles.
    Type: Grant
    Filed: February 5, 2021
    Date of Patent: May 30, 2023
    Assignee: Yahoo Assets LLC
    Inventor: Timothy Michael Olson
  • Patent number: 11664976
    Abstract: A method for hyper security encoding includes receiving data to be encrypted, and padding the data to be encrypted with padding data to avoid un-obfuscated bits after encryption. The method also includes encrypting, with a Mojette Transform, the data to be encrypted after the data to be encrypted is padded with the padding data, and outputting a result of the encryption as encrypted data.
    Type: Grant
    Filed: November 24, 2020
    Date of Patent: May 30, 2023
    Assignee: ZEBWARE AB
    Inventor: Johan Andersson
  • Patent number: 11665004
    Abstract: Systems and methods are described that enable trusted communications between two entities. In one implementation, a controller of a vehicle may include one or more processors configured to receive data and a controller signature from a second controller of the vehicle. The controller signature may be generated based on at least a first portion of the data. The one or more processors may be further configured to transmit the data and the controller signature to a gateway of the vehicle and receive a gateway signature from the gateway. The gateway signature may be generated based on at least a second portion of the data and transmitted to the controller after the gateway verified the controller signature. In addition, the one or more processors may be configured to verify the gateway signature and process the data.
    Type: Grant
    Filed: May 28, 2021
    Date of Patent: May 30, 2023
    Assignee: NEUSTAR, INC.
    Inventor: Brian R. Knopf
  • Patent number: 11658979
    Abstract: A method for providing access to media content from a media content provider is performed at an electronic device. The method includes receiving, from a client device, a request for access to a media item. The request for access includes a self-describing user-identifier. The method includes, in response to the request for access to the media item, initiating an analysis to determine whether the client device is authorized to access the media item, the analysis including an examination of a media consumption log associated with the client device. The media consumption log stores data representing self-describing user-identifiers. The analysis includes, based on the examination of the media consumption log, detecting multiple requests from different self-describing user identifiers corresponding to the client device to determine whether the client device has reached an access limit and, when the client device has reached the access limit, terminating access to the media item.
    Type: Grant
    Filed: March 29, 2021
    Date of Patent: May 23, 2023
    Assignee: Spotify AB
    Inventors: Henrik Tobias Lof, Marcus Per Vesterlund
  • Patent number: 11652844
    Abstract: Methods and systems are provided for identifying suspect Internet Protocol (IP) addresses, in accordance with embodiments described herein. In particular, embodiments described herein include obtaining a set of login pairs comprising login identifiers (e.g., user identifiers) and IP addresses used in attempts to login to a source. A set of IP clusters is generated using the set of login pairs. Each IP cluster can include one or more IP addresses identified as related based on a login identifier being used to attempt to login to the source via multiple IP addresses or an IP address being used to attempt to login to the source via multiple login identifiers. Thereafter, it is determined that a particular IP cluster exceeds a threshold amount of IP addresses. Each of the IP addresses within the particular IP cluster is designated as a suspect IP address.
    Type: Grant
    Filed: May 1, 2020
    Date of Patent: May 16, 2023
    Assignee: ADOBE INC.
    Inventors: Portase Nicuşor-Sorin, Cristian-Aurel Opincaru, Manole Catalin-Teodor
  • Patent number: 11651063
    Abstract: In one example, a non-transitory computer readable medium for component verification and revocation includes instructions for a processor to verify that a component in a device is valid using a verification service and consequently enable a premium service. The processor may later use information from the verification service that the component is no longer valid and consequently alter the premium service.
    Type: Grant
    Filed: August 30, 2017
    Date of Patent: May 16, 2023
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventors: Shell Simpson, Brett Green, Timothy P. Blair
  • Patent number: 11645101
    Abstract: Provision of a virtual secure cryptoprocessor (VSC) for a guest virtual machine (VM), part of a first guest, of a hypervisor of a computer system, includes (i) storing guest VM state and VSC state together in an encrypted virtual hard disk drive file, (ii) storing a decryption key in a sealed partition, of a second guest, sealed against a physical secure cryptoprocessor, (iii) based on verifying that a host computing environment of the computer system is in a trusted state and on booting the hypervisor thereon, unsealing the sealed partition of the second guest, the unsealing providing the decryption key, and decrypting the encrypted virtual hard disk drive file using the decryption key, where the decrypting decrypts the stored guest VM state for execution of the guest VM and decrypts the VSC state to provide the VSC for use by the guest VM.
    Type: Grant
    Filed: March 31, 2020
    Date of Patent: May 9, 2023
    Assignee: ASSURED INFORMATION SECURITY, INC.
    Inventors: Richard Turner, Joel Upham
  • Patent number: 11640250
    Abstract: Techniques in electronic systems, such as in systems including a processing chip and one or more external memory chips, provide improvements in one or more of system security, performance, cost, and efficiency. In some embodiments, the processing chip includes immutable hardware that is enabled, without a use of any CPUs, to determine and/or confirm an expected configuration of one or more external memory chips (such as with a Serial Presence Detect operation), and/or to enable communication with the one or more external memory chips. The immutable hardware is further enabled to copy executable code from a non-volatile one of the one or more external memory chips to another of the one or more external memory chips so that a CPU of the processing chip is able to securely boot by fetching initial instructions from the copy of the executable code.
    Type: Grant
    Filed: September 18, 2020
    Date of Patent: May 2, 2023
    Assignee: AXIADO CORPORATION
    Inventor: Axel K. Kloth
  • Patent number: 11638148
    Abstract: A technique for generating a diversified encryption key for a contactless legacy magnetic stripe card is disclosed. The diversified key can be generated using a master key, a key diversification value and an encryption algorithm. In one example embodiment, the key diversification value can be provided by the user as a fingerprint, numeric code or photo. The user can provide the key diversification value to the card or a cellphone. The card can generate the diversified key using the user provided key diversification value. The card or the cellphone can transmit the user provided diversification value to the server and the server can regenerate the diversified key using the user provided diversification value.
    Type: Grant
    Filed: May 6, 2020
    Date of Patent: April 25, 2023
    Assignee: CAPITAL ONE SERVICES, LLC
    Inventors: Evan Lerner, Lara Mossler
  • Patent number: 11621948
    Abstract: A computer system detects that a digital certificate is set to expire within a threshold amount of time. In response to detecting that the digital certificate is set to expire, the computer system generates an update to cause a second computer system to perform operations to indicate an upcoming expiration of the digital certificate. The computer system provides the update to the second computer system to cause the second computer system to perform the operations.
    Type: Grant
    Filed: November 15, 2019
    Date of Patent: April 4, 2023
    Assignee: Amazon Technologies, Inc.
    Inventors: Marcel Andrew Levy, Peter Zachary Bowen, Jonathan Kozolchyk, Nicholas Wexler
  • Patent number: 11615189
    Abstract: In some embodiments, there is provided a method for updating a gateway in a substation. The method includes receiving, at a gateway from a server, an update package assigned with a first identifier, the update package including at least one of: a configuration associated with at least one monitoring device connected to the gateway; and an application configurable to collect data from the at least one monitoring device; in response to receiving the update package, determining whether the first identifier matches a second identifier of the gateway; and in response to determining that the first identifier matches the second identifier of the gateway, updating the gateway with the received update package.
    Type: Grant
    Filed: May 28, 2020
    Date of Patent: March 28, 2023
    Assignee: ABB SCHWEIZ AG
    Inventors: Huixiang Chen, Zhui Wang, Hongzheng Chen
  • Patent number: 11606367
    Abstract: Systems and methods for detecting network anomalies are described. These may include determining burst scores for external network resources, determining burst scores for internal network resources, and using the burst scores to construct a burst graph where the edges are weighted by the number of connections between each resource. The graph is then analyzed by a graph convolutional neural network to identify patterns from which anomalous network traffic can be detected and from which corrective action can be taken. These techniques can allow for better detection and mitigation of abusive network traffic, improve computer network security, and provide more robust access to networked computer resources.
    Type: Grant
    Filed: October 11, 2019
    Date of Patent: March 14, 2023
    Assignee: PAYPAL, INC.
    Inventor: Zhe Chen
  • Patent number: 11599618
    Abstract: A user authentication device includes a user authentication setter that enables or disables a predetermined plurality of authentication methods, and a user authenticator that accepts user authentication by the authentication method that the user authentication setter enables, and a controller that controls the user authentication setter and the user authenticator. When the user authentication setter accepts a setting that enables a single authentication method among the plurality of authentication methods, the controller controls the user authentication setter to disable all authentication methods other than the single authentication method, and the user authenticator accepts only user authentication by the single authentication method.
    Type: Grant
    Filed: October 21, 2019
    Date of Patent: March 7, 2023
    Assignee: SHARP KABUSHIKI KAISHA
    Inventor: Kazuhisa Kubota
  • Patent number: 11595411
    Abstract: A system for data protection includes a first computing device comprising a security module; and a storage device coupled to the first computing device via a network interface. The security module comprises at least one of Software Root of Trust (SRoT) and Hardware Root of Trust (HRoT). The security module is further configured to: establish a trust channel between the first computing device and the storage device or storage service; monitor the first computing device and the storage device; create and enforce multi-dimensional data access control by tightly binding data access and permissions to authorized computing devices, users, applications, system services, networks, locations, and access time windows; and take over control of the storage device or storage service in response to a security risk to the system.
    Type: Grant
    Filed: March 27, 2020
    Date of Patent: February 28, 2023
    Assignee: Raytheon Company
    Inventor: Torsten Staab
  • Patent number: 11595360
    Abstract: A method for hosted payload operations comprises transmitting, by a hosted payload (HoP) operation center (HOC), encrypted hosted commands to a host spacecraft operations center (SOC). The method further comprises transmitting, by the host SOC, encrypted host commands and the encrypted hosted commands to a vehicle. Also, the method comprises reconfiguring a host payload according to unencrypted host commands, and reconfiguring a hosted payload according to unencrypted hosted commands. Additionally, the method comprises transmitting host payload data to a host receiving antenna. Also, the method comprises transmitting hosted payload data to a hosted receiving antenna and/or the host receiving antenna. Additionally, the method comprises transmitting, by a host telemetry transmitter, encrypted host telemetry to the host SOC; and transmitting, by a hosted telemetry transmitter, encrypted hosted telemetry to the host SOC.
    Type: Grant
    Filed: June 17, 2020
    Date of Patent: February 28, 2023
    Assignee: The Boeing Company
    Inventors: Yi-Feng James Chen, Haig F. Krikorian, Robert J. Winig, Jonathan Fish, Craig Benjamin