Patents Examined by Dant Shaifer-Harriman
  • Patent number: 10181043
    Abstract: Example embodiments of the present invention provide a method, an apparatus, and a computer program product for correlating privacy-related portions of a data stream with information indicative of a privacy policy. The method includes receiving privacy-related portions of a data stream transmitted from a source intended for a destination and receiving information indicative of a privacy policy associated with the destination. The privacy-related portions of the data stream then may be correlated with the information indicative of the privacy policy. According to this correlation, the privacy-related portions of the data stream may be forwarded to the destination.
    Type: Grant
    Filed: September 28, 2012
    Date of Patent: January 15, 2019
    Assignee: EMC IP HOLDING COMPANY LLC
    Inventors: Wayne A. Pauley, Jr., Stephen J. Todd, Michel F. Fisher
  • Patent number: 10154055
    Abstract: An apparatus is provided including at least one platform; an intrusion prevention system configured to communicative couple with the at least one platform; a firewall configured to communicative couple with the at least one platform; at least one first data storage configured to communicative couple with the at least one platform; and at least one second data storage configured to communicative couple with the at least one platform. The at least one platform is configured to perform a plurality of operations that collective protect one or more networked devices.
    Type: Grant
    Filed: August 24, 2015
    Date of Patent: December 11, 2018
    Assignee: SecurityProfiling, LLC
    Inventors: Brett M. Oliphant, John P. Blignaut
  • Patent number: 10068086
    Abstract: A system and method for automatic password recovery for one or more web services comprising: obtaining user registration data and a request password restoration, determining a first security question associated with a first complexity factor, causing the first security question to be asked to the user, obtaining the first user's answer and assigning a first weighting factor thereto, the first weighting factor depending on the first complexity factor determining a second security question associated with a second complexity factor, causing the second security question to be asked to the user, obtaining the second user's answer and assigning a second weighting factor thereto, the second assigned weighting factor depending on the second complexity factor, adding up the first weighting factor and the second weighting factor, if the sum exceeds a given threshold, automatically restoring the password and if the sum is below the given threshold, denying automatic password restoration.
    Type: Grant
    Filed: November 12, 2015
    Date of Patent: September 4, 2018
    Assignee: YANDEX EUROPE AG
    Inventors: Ekaterina Aleksandrovna Andreeva, Alexey Andreevich Goncharov, Aleksandra Arsenyevna Epifanovskaia, Ilya Gennadievich Levinson, Yury Alekseyevich Leonychev
  • Patent number: 9998286
    Abstract: A system may provide hardware acceleration for blockchain-based record entry. Client circuitry may provide record entry information to node circuitry. The node circuitry may compile the record entry information into a record entry for submission to blockchain management circuitry (BMC). The BMC may access a consensus operating procedure. The BMC may apply the consensus operating procedure to the record entry to gain append permissions for a blockchain. After completing the consensus operating procedure, the BMC may append a block generated based on the record entry to the blockchain. Accordingly, the system may ensure that blocks added to the blockchain were generated in compliance with the consensus operating procedure.
    Type: Grant
    Filed: May 15, 2017
    Date of Patent: June 12, 2018
    Assignee: Accenture Global Solutions Limited
    Inventors: Noel Vivek Ramathal, Kevin Bernard Greene
  • Patent number: 9934091
    Abstract: A dispersed storage (DS) processing module sends a plurality of undecodeable portions of a plurality of data files via a public wireless communication network to one or more targeted devices of a private wireless communication network. The DS processing module continues processing by sending data content indicators regarding the plurality of data files and in response to a selection of a data file of the plurality of data files based on a corresponding one of the data content indicators, sending, via the private wireless communication network, one or more encoded data slices of each of one or more sets of encoded data slices of the data file such that, for each of the one or more sets of encoded data slices, the one or more targeted devices obtains at least a decode threshold number of encoded data slices to decode the data file.
    Type: Grant
    Filed: June 23, 2016
    Date of Patent: April 3, 2018
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Gary W. Grube, Timothy W. Markison
  • Patent number: 9917849
    Abstract: Systems and methods for performing intra-zone and inter-zone security management in a network are provided. According to one embodiment, an association is formed by a network security device between a first zone including a first set of devices and a first set of security policies defining a first type of security scanning to be performed on packets originated within the first zone and between a second zone including a second set of devices and a second set of security policies defining a second type of security scanning to be performed on packets originated within the second zone. A first zone packet is received by the network security device. It is determined whether the destination is within the first zone. If so, then the first type of security scanning is performed. A second zone packet is received by the network security device. It is determined whether the destination is within the second zone. If so, then the second type of security scanning is performed.
    Type: Grant
    Filed: July 29, 2013
    Date of Patent: March 13, 2018
    Assignee: Fortinet, Inc.
    Inventors: Elie Bitton, Alex Samonte
  • Patent number: 9912700
    Abstract: Disclosed is a system for escalating security protocol requirements. The system typically includes a processor, a memory, and a security protocol module stored in the memory.
    Type: Grant
    Filed: January 4, 2016
    Date of Patent: March 6, 2018
    Assignee: Bank of America Corporation
    Inventors: Alicia C. Jones-McFadden, Joseph Neil Johansen
  • Patent number: 9894050
    Abstract: In one general aspect, a method can include receiving, by an application running on a computing device, an indication that a user of the computing device has been authenticated, and receiving a selection of a settings page, the settings page associated with the application and the user. The method can further include requesting the settings page for display on a display device included in the computing device, and receiving the settings page including a value for a preference for a setting included on the settings page, the value for the preference being signed by a private key associated with the user. The method can further include validating, by the application, the value for the preference using a public key associated with the application, and based on the validation, displaying, by the display device, the settings page including an indication of the value of the preference for the setting.
    Type: Grant
    Filed: August 11, 2015
    Date of Patent: February 13, 2018
    Assignee: GOOGLE LLC
    Inventors: Erik Lewis Wright, Erik Kay, Robert Shield
  • Patent number: 9881142
    Abstract: An apparatus, method, and system for curtailing and investigating software piracy is provided. The method includes spawning user applications on a computer without use of a file on the file system. A protected application data source is retrieved by an operating system of the computer from a server and placed into a portion of memory not accessible by at least one application. The operating system also prevents the protected application data source from being written to the file system. In this manner there is no file subject to unauthorized distribution. The protected application data may also be watermarked by ordering at least one of executable functions, function call parameters, and program data according to a license identifier so that any two versions execute the same, but carry an identifier which can be used to trace piracy to the source.
    Type: Grant
    Filed: September 11, 2015
    Date of Patent: January 30, 2018
    Inventor: Patrick Robert Koren
  • Patent number: 9882898
    Abstract: Provided is a method for managing a software defined network using a software control layer to regulate a geo-fenced volume. The software control layer can use a Global Positioning System (GPS) including a range of latitudes, a range of longitudes and a range of altitudes. A resource within the geo-fenced volume can be assigned a location using the GPS coordinates. The resource can be managed by external applications that are operating through the software control layer. To determine an access of a device to the geo-fenced volume, the GPS coordinates, are gathered as a geographical location of the device. A user profile can be accessed to determine an access path of the user. Depending on the geographical location of the device a first condition can be generated based on the device being within the geo-fenced volume. A network permission can be granted to the device based on the first condition.
    Type: Grant
    Filed: February 26, 2016
    Date of Patent: January 30, 2018
    Assignee: International Business Machines Corporation
    Inventors: Franck Barillaud, Insoo Cho, Daniel M. Christiani, Mark R. Thill, David S. Zhang
  • Patent number: 9876787
    Abstract: Techniques provided herein may facilitate registering audio content services with an audio system. An example technique involves a computing device receiving via a control interface for controlling an audio system, an input to register an audio content service with the audio system, where an audio content service application corresponding to the audio content service is installed on the computing device. The computing device identifies authentication information used by the audio content service application to access the audio content service and registers the audio system with the audio content service based at least in part on authentication information used by the audio content service application to access the audio content service. After registering the audio system with the audio content service, the computing device causes at least one playback device of the audio system to stream music from the audio content service.
    Type: Grant
    Filed: September 21, 2015
    Date of Patent: January 23, 2018
    Assignee: Sonos, Inc.
    Inventors: Jonathan P. Lang, Paul Andrew Bates
  • Patent number: 9871652
    Abstract: A computer generates a third encrypted polynomial that corresponds to a result of encrypting a third polynomial by use of a result of multiplying a first encrypted polynomial by a second encrypted polynomial, and outputs cryptographic information that represents the third encrypted polynomial. The first encrypted polynomial is a polynomial obtained by encrypting a first polynomial that corresponds to a first vector, and the second encrypted polynomial is a polynomial obtained by encrypting a second polynomial that corresponds to a second vector. The third polynomial includes a first term that has a coefficient based on an inner product of the first vector and the second vector and a second term other than the first term, in which a coefficient of the second term is masked.
    Type: Grant
    Filed: August 20, 2015
    Date of Patent: January 16, 2018
    Assignee: FUJITSU LIMITED
    Inventors: Ikuya Morikawa, Masaya Yasuda
  • Patent number: 9866552
    Abstract: Provided is a method for managing a software defined network using a software control layer to regulate a geo-fenced volume. The software control layer can use a Global Positioning System (GPS) including a range of latitudes, a range of longitudes and a range of altitudes. A resource within the geo-fenced volume can be assigned a location using the GPS coordinates. The resource can be managed by external applications that are operating through the software control layer. To determine an access of a device to the geo-fenced volume, the GPS coordinates, are gathered as a geographical location of the device. A user profile can be accessed to determine an access path of the user. Depending on the geographical location of the device a first condition can be generated based on the device being within the geo-fenced volume. A network permission can be granted to the device based on the first condition.
    Type: Grant
    Filed: May 8, 2015
    Date of Patent: January 9, 2018
    Assignee: International Business Machines Corporation
    Inventors: Franck Barillaud, Insoo Cho, Daniel M. Christiani, Mark R. Thill, David S. Zhang
  • Patent number: 9853978
    Abstract: A virtual computing environment service may receive a request from a customer to provision a virtual computing environment and join the virtual computing environment to a managed directory. The virtual computing environment service may provision the virtual computing environment and uses a set of administrator credentials from the customer and a set of credentials corresponding to the environment to access the managed directory and request joining of the environment to the managed directory. In response, the managed directory may create a computer account corresponding to the environment and which enables the environment to be used to access the managed directory. The virtual computing environment service may then enable the customer to specify one or more users that may utilize the virtual computing environment to access the managed directory.
    Type: Grant
    Filed: February 3, 2017
    Date of Patent: December 26, 2017
    Assignee: Amazon Technologies, Inc.
    Inventors: Erik Jonathon Tellvik, Gaurang Pankaj Mehta, Ajit Nagendra Padukone, Chirag Pravin Pandya, Colin Harrison Brace, Deepak Suryanarayanan, Guruprakash Bangalore Rao, Krithi Rai, Malcolm Russell Ah Kun, Sameer Palande, Shon Kiran Shah, Vivek Lakshmanan
  • Patent number: 9843582
    Abstract: Systems and methods for authenticating the identity of a user prior to giving access to confidential data at a user interface via a network are described. In an exemplary implementation in an Internet environment, a server hosts an application providing selective access by the user to confidential data related to the user. The user provides initial data to the application as part of a request to access the confidential data. At least one database having the confidential data stored therein is accessed by the server to retrieve confidential data relating to the user located in the database based on the initial data received from the client interface. An exam creation function causes the server to create an exam comprising at least one question based at least in part on a portion of the confidential data relating to the user. This function creates the exam based on at least one exam definition.
    Type: Grant
    Filed: April 7, 2014
    Date of Patent: December 12, 2017
    Assignee: Trans Union LLC
    Inventors: Alka Mahendrakar, Kehang Chen, Luis Obregon
  • Patent number: 9830480
    Abstract: A computing device executes one or more trusted execution environment (TEE) processes in a TEE of a processor. The one or more TEE processes cryptographically protect a secret and a policy. The policy specifies a plurality of conditions on usage of the secret. A particular non-TEE process generates a request whose fulfillment involves an action requiring use of the secret. Responsive to the request, one or more non-TEE processes determine whether a first subset of the plurality of conditions is satisfied. Responsive to the first subset of the plurality of conditions being satisfied, the one or more TEE processes determine that a second, different subset of the plurality of conditions is satisfied. Responsive to determining the second subset of the plurality of conditions is satisfied, the one or more TEE processes use the secret to perform the action.
    Type: Grant
    Filed: August 21, 2015
    Date of Patent: November 28, 2017
    Assignee: Google LLC
    Inventors: Benjamin David Poiesz, Andrew Abramson, Neel Rao, Shawn Edward Willden, Andres Guillermo Morales, James Brooks Miller
  • Patent number: 9832174
    Abstract: A method and system for authenticating of the pairing of computing devices is described. In an example, a passphrase is established on computing devices. The pairing between two devices is initiated by a first device by communicating independently generated data, wherein the generated data is used along with the passphrase on each of the devices to derive a common pairing key. The pairing is authenticated by using at least a first portion of the common pairing key through a key exchange protocol. Further, a shared secret code is derived using a second portion of the common pairing key and stored to be used indirectly to secure future communication between the paired devices.
    Type: Grant
    Filed: August 11, 2015
    Date of Patent: November 28, 2017
    Assignee: NetApp, Inc.
    Inventors: Craig Everhart, Subhash Sankuratripati
  • Patent number: 9825819
    Abstract: A cloud service usage assessment system analyzes network traffic from an enterprise data network and generates cloud service usage analytics for the enterprise. In some embodiments, the cloud service usage analytics may include cloud service usage risk assessment. The cloud service usage assessment system is advantageous applied to assess network security in view of an enterprise's adoption of multiple cloud based services.
    Type: Grant
    Filed: January 3, 2017
    Date of Patent: November 21, 2017
    Assignee: Skyhigh Networks, Inc.
    Inventors: Dejan Curcic, Sekhar Sarukkai, Kaushik Narayan, Rajiv Gupta, Rama Taraniganty, Glenn Mulvaney
  • Patent number: 9813422
    Abstract: A privileged account management system can maintain a database that defines a normal amount of time that it takes to perform a task associated with a reason code. When an administrator requests admin credentials for accessing a server, the administrator can provide a reason code which defines a task that the administrator intends to accomplish. A PAM system can maintain a database that defines, for each reason code, a normal amount of time that is required to accomplish the task associated with the reason code. The PAM system can then monitor an elapsed time over which the admin credentials are checked out to an administrator to determine whether the elapsed time exceeds the corresponding normal amount of time. If the elapsed time exceeds the normal amount, the PAM system can take appropriate action to mitigate any potential harm to the server.
    Type: Grant
    Filed: April 30, 2015
    Date of Patent: November 7, 2017
    Assignee: Quest Software Inc.
    Inventors: Matthew T. Peterson, Daniel F. Peterson, Jordan S. Jones
  • Patent number: 9807066
    Abstract: Techniques from the proposed invention relate to providing enhanced security. For example, techniques described herein allow a computer system, such as a mobile device, to support a wide variety of security functions and security sensitive applications on a mobile device by providing enhanced security via secure input and output data transmission and verification through a secure module. The secure module may cause user interfaces to be provided to users by providing obfuscated user interface data to the operating system that do not reveal elements that are part of the user interfaces. The secure module may receive obfuscated user input values representing user input values, and de-obfuscate these user input values, whereby the actual input values are not exposed to the underlying operating system. The secure module may track the flow of user input/output data through the computing device to ensure the integrity and authenticity of this data.
    Type: Grant
    Filed: October 12, 2016
    Date of Patent: October 31, 2017
    Assignee: Visa International Service Association
    Inventors: Selim Aissi, Taeho Kgil, Gyan Prakash