Patents Examined by Darren B Schwartz
  • Patent number: 10318729
    Abstract: A method, system and computer-usable medium are disclosed for performing a privacy operation, comprising: monitoring user behavior via a data stream collector, the data stream collector capturing data streams resulting from user/device interactions between a user and a corresponding endpoint device; determining whether the data streams resulting from user/device interactions include sensitive personal information; obfuscating the sensitive personal information, the obfuscating preventing unauthorized viewing of the sensitive personal information; and, presenting the sensitive personal information as a sensitive personal information token indicating the data streams include sensitive personal information.
    Type: Grant
    Filed: August 2, 2017
    Date of Patent: June 11, 2019
    Assignee: Forcepoint, LLC
    Inventors: Richard A. Ford, Christopher B. Shirey, Jonathan B. Knepher, Lidror Troyansky
  • Patent number: 10311224
    Abstract: A digital seal of a current configuration of a rack can be generated to authenticate that rack components within the rack remain unchanged during transport. At a manufacturing site, an agent can be executed so as to capture a plurality of device identifiers, which indicate what hardware or software components are present in the rack. A digital seal representing a current configuration of the rack can be generated using the device identifiers and stored at a secure location within the rack. When the rack is transported from one location to another, the digital seal of the rack travels with the rack. At a data center, the rack can be re-tested and a new measurement can be captured. The stored digital seal can be compared to the new measurement to ensure that the rack components have not been compromised during shipping.
    Type: Grant
    Filed: March 23, 2017
    Date of Patent: June 4, 2019
    Assignee: Amazon Technologies, Inc.
    Inventors: Munif M. Farhan, Jaime Ismael Rangel Martinez
  • Patent number: 10313396
    Abstract: Techniques are provided by which devices in a network may subscribe to a rapidly changing rules in central threat repository. The policies associated with threats are filtered so that just current attack vectors from within subnets learned via routing and/or forwarding information (at the network level of the network) are installed in the local access control list/policy database of the network devices. As routing changes occur, the list of applied policies are continually refined/revisited and pulled from a central security application. Publish/subscribe mechanisms ensure “zombie” policies are not left over in the device after reboot or routing changes occur.
    Type: Grant
    Filed: March 31, 2017
    Date of Patent: June 4, 2019
    Assignee: Cisco Technology, Inc.
    Inventors: Eric A. Voit, Jyoti Verma
  • Patent number: 10305875
    Abstract: A system includes circuitry for performing hybrid blockchain rewrites by trusted parties. The hybrid blockchain may include blocks with multiple parts. In some cases, the blocks may include a core part and a tertiary part. The system may include conditions for validity preserving and/or non-tamper-evident rewrites to the parts of the block. The conditions to support rewrites to the core part may be more stringent than the corresponding conditions to support rewrites to the tertiary part. In some cases, the core part may be write-locked.
    Type: Grant
    Filed: January 28, 2019
    Date of Patent: May 28, 2019
    Assignees: Accenture Global Solutions Limited, GSC Secrypt, LLC
    Inventors: Giuseppe Ateniese, Michael T. Chiaramonte, David Treat, Bernardo Magri, Daniele Venturi
  • Patent number: 10305871
    Abstract: A server receives a request from a client to establish a secure session. The server analyzes the request to determine a set of one or more properties of the request. The server selects, based at least in part on the determined set of properties, one of multiple certificates for a hostname of the server, where each of the certificates is signed using a different signature and hash algorithm pair. The server returns the selected certificate to the client.
    Type: Grant
    Filed: December 9, 2015
    Date of Patent: May 28, 2019
    Assignee: CLOUDFLARE, INC.
    Inventors: Nicholas Thomas Sullivan, Lee Hahn Holloway, Piotr Sikora, Ryan Lackey, John Graham-Cumming, Dane Orion Knecht, Patrick Donahue, Zi Lin
  • Patent number: 10305695
    Abstract: The present invention provides systems and methods for supporting encrypted communications with a medical device, such as an implantable device, through a relay device to a remote server, and may employ cloud computing technologies. An implantable medical device is generally constrained to employ a low power transceiver, which supports short distance digital communications. A relay device, such as a smartphone or WiFi access point, acts as a conduit for the communications to the internet or other network, which need not be private or secure. The medical device supports encrypted secure communications, such as a virtual private network technology. The medical device negotiates a secure channel through a smartphone or router, for example, which provides application support for the communication, but may be isolated from the content.
    Type: Grant
    Filed: April 9, 2018
    Date of Patent: May 28, 2019
    Assignee: Poltorak Technologies LLC
    Inventor: Alexander I Poltorak
  • Patent number: 10296752
    Abstract: A computing device can include an embedded universal integrated circuit card (eUICC) in order to receive and decrypt an encrypted profile, where the encrypted profile includes network access credentials. The eUICC can record a first private key and a set of cryptographic parameters. The computing device can use the eUICC to authenticate with a server. The computing device can receive (i) a signal for deriving a second private key and corresponding public key, and (ii) a nonce as user input. The eUICC can use the first private key to process a digital signature for the corresponding public key and the nonce. The eUICC can use at least the second private key, the set of cryptographic parameters, and an elliptic curve Diffie Hellman key exchange in order to derive a symmetric ciphering key. The eUICC can receive the encrypted profile and decrypt with at least the derived symmetric ciphering key.
    Type: Grant
    Filed: November 19, 2018
    Date of Patent: May 21, 2019
    Assignee: IoT and M2M Technologies, LLC
    Inventor: John A. Nix
  • Patent number: 10298584
    Abstract: Systems and methods for secure control of a wireless mobile communication device are disclosed. Each of a plurality of domains includes at least one wireless mobile communication device asset. When a request to perform an operation affecting at least one of the assets is received, it is determined whether the request is permitted by the domain that includes the at least one affected asset, by determining whether the entity with which the request originated has a trust relationship with the domain, for example. The operation is completed where it is permitted by the domain. Wireless mobile communication device assets include software applications, persistent data, communication pipes, and configuration data, properties or user or subscriber profiles.
    Type: Grant
    Filed: July 2, 2018
    Date of Patent: May 21, 2019
    Assignee: BlackBerry Limited
    Inventors: Russell Norman Owen, Herbert Anthony Little, David Paul Yach, Michael Shenfield
  • Patent number: 10298609
    Abstract: A method, system and computer-usable medium are disclosed for generating a cyber behavior profile comprising monitoring user interactions between a user and an information handling system; converting the user interactions into electronic information representing the user interactions, the electronic information representing the user interactions comprising multi-layered electronic information, each layer of the multi-layered electronic information corresponding to a respective layer of user interaction; and generating a unique multi-dimensional cyber behavior profile based upon the multi-layered electronic information representing the user interactions.
    Type: Grant
    Filed: May 8, 2018
    Date of Patent: May 21, 2019
    Assignee: Forcepoint, LLC
    Inventors: Richard Anthony Ford, Brandon L. Swafford
  • Patent number: 10298564
    Abstract: The invention relates to a method for a first communication device to perform authenticated distance measurement between the first communication device and a second communication device, wherein the first and the second communication device share a common secret and the common secret is used for performing the distance measurement between the first and the second communication device. The invention also relates to a method of determining whether data stored on a first communication device are to be accessed by a second communication device. Moreover, the invention relates to a communication device for performing authenticated distance measurement to a second communication device. The invention also relates to an apparatus for playing back multimedia content comprising a communication device.
    Type: Grant
    Filed: August 30, 2018
    Date of Patent: May 21, 2019
    Assignee: KONINKLIJKE PHILIPS N.V.
    Inventor: Franciscus L. A. J. Kamperman
  • Patent number: 10298607
    Abstract: Methods and systems for detecting anomalous events include detecting anomalous events in monitored system data. An event correlation graph is generated by determining a tendency for a first process to access a system target, including an innate tendency of the first process to access the system target, an influence of previous events from the first process, and an influence of processes other than the first process. Kill chains are generated from the event correlation graph that characterize events in an attack path over time. A security management action is performed based on the kill chains.
    Type: Grant
    Filed: October 5, 2017
    Date of Patent: May 21, 2019
    Assignee: NEC Corporation
    Inventors: LuAn Tang, Hengtong Zhang, Zhengzhang Chen, Bo Zong, Zhichun Li, Guofei Jiang, Kenji Yoshihira
  • Patent number: 10289841
    Abstract: Methods and systems for detecting anomalous events include detecting anomalous events in monitored system data. An event correlation graph is generated based on the monitored system data that characterizes the tendency of processes to access system targets. Kill chains are generated that connect malicious events over a span of time from the event correlation graph that characterize events in an attack path over time by sorting events according to a maliciousness value and determining at least one sub-graph within the event correlation graph with an above-threshold maliciousness rank. A security management action is performed based on the kill chains.
    Type: Grant
    Filed: October 5, 2017
    Date of Patent: May 14, 2019
    Assignee: NEC Corporation
    Inventors: LuAn Tang, Hengtong Zhang, Zhengzhang Chen, Bo Zong, Zhichun Li, Guofei Jiang, Kenji Yoshihira
  • Patent number: 10270811
    Abstract: The present invention provides a security domain management method, apparatus, and system, which relate to the communications field, and can manage, according to a service status of a user-subscribed service, a security domain used for storing service configuration information. A specific solution is as follows: A communications terminal obtains a management request message sent by a server, where the management request message includes an issuer security domain profile identifier; and the communications terminal manages a security subdomain in a mobile network operator profile corresponding to the issuer security domain profile identifier, where the security subdomain is used to store configuration information of a first service. The present invention is used for security domain management.
    Type: Grant
    Filed: August 13, 2014
    Date of Patent: April 23, 2019
    Assignee: Huawei Technologies Co., Ltd.
    Inventors: Xinmiao Chang, Guoqing Li
  • Patent number: 10268817
    Abstract: Exemplary embodiments relate to the secure storage of security questions through an immutable log, such as a blockchain. The security questions may be stored in a centralized location, accessible from an application or browser tab running on the user's device. When a security question is required, such as to perform a password reset on a website, the website may interact with the application or browser tab, which retrieves the question(s) from the blockchain. The user may enter their answers to the question(s), which may be hashed by the application or tab. The hashed answers may be entered into the original requesting website, which may verify with the blockchain that the correct answers have been provided. Thus, the requesting website sees neither the questions nor the answers. Additional security features may include logging requests for questions, so that a user can determine if a security question may have been compromised.
    Type: Grant
    Filed: October 5, 2018
    Date of Patent: April 23, 2019
    Assignee: Capital One Services, LLC
    Inventors: Vincent Pham, Austin Grant Walters, Jeremy Edward Goodsitt, Fardin Abdi Taghi Abad, Anh Truong, Kate Key, Kenneth Taylor
  • Patent number: 10264012
    Abstract: A method, system and computer-usable medium are disclosed for generating a cyber behavior profile comprising monitoring user interactions between a user and an information handling system; converting the user interactions into electronic information representing the user interactions, the electronic information representing the user interactions comprising multi-layered electronic information, each layer of the multi-layered electronic information corresponding to a respective layer of user interaction; and generating a unique multi-dimensional cyber behavior profile based upon the multi-layered electronic information representing the user interactions.
    Type: Grant
    Filed: April 20, 2018
    Date of Patent: April 16, 2019
    Assignee: Forcepoint, LLC
    Inventors: Matthew P. Moynahan, Richard Anthony Ford, Christopher Brian Shirey, Brandon L. Swafford, Richard Heath Thompson
  • Patent number: 10262153
    Abstract: A method, system and computer-usable medium are disclosed for performing a privacy operation, comprising: monitoring user behavior via an Input/output collector, the Input/output collector capturing user/device interactions between a user and a device; determining whether the user/device interactions include sensitive personal information; obfuscating the sensitive personal information, the obfuscating preventing viewing of the sensitive personal information; storing obfuscated sensitive personal information within an obfuscated sensitive personal information repository; and, allowing access to the obfuscated sensitive personal information stored within the obfuscated sensitive personal information repository only when an administrator is authorized to access the obfuscated sensitive personal information so as to provide conditional sensitive personal information access.
    Type: Grant
    Filed: November 17, 2017
    Date of Patent: April 16, 2019
    Assignee: Forcepoint, LLC
    Inventors: Richard A. Ford, Christopher B. Shirey, Jonathan B. Knepher, Lidror Troyansky
  • Patent number: 10257701
    Abstract: Mechanisms for authenticating a connection between a user device and a streaming media content device comprising: identifying a collection of candidate streaming media content devices based on beacon(s) detected by a user device; receiving an indication that one of the content devices is to be selected for connection to the user device; transmitting instructions to the content devices to broadcast a signal, wherein the signal broadcast by each of the content devices contains a value that indicates an identity of the content device; receiving, from the user device, an audio signal that includes a detected signal; processing the audio signal to extract the value indicating the identity of a particular content device associated with the detected signal contained in the received audio signal; identifying the particular content device based on the determined value; and transmitting an indication that the user device and the particular content device are authenticated to communicate.
    Type: Grant
    Filed: June 24, 2015
    Date of Patent: April 9, 2019
    Assignee: Google LLC
    Inventors: Liam O'Gorman, Nate Plumley, Jagjit Singh Chawla, Brian Patrick Williams
  • Patent number: 10250613
    Abstract: A data access method based on a cloud computing platform, and a user terminal, are provided. The method is performed by a user terminal, and the method includes obtaining an access request for a data ciphertext of the cloud computing platform, the access request including a decryption key, and the decryption key including a user precise identity identifier and a user attribute identifier. The method further includes decrypting the data ciphertext into a data plaintext, in response to the user precise identity identifier belonging to an identity identifier set included in an access structure of the data ciphertext and/or in response to the user attribute identifier belonging to a user attribute identifier set included in the access structure of the data ciphertext.
    Type: Grant
    Filed: May 24, 2016
    Date of Patent: April 2, 2019
    Assignees: TENCENT TECHNOLOGY (SHENZHEN) COMPANY LIMITED, Hunan University
    Inventor: Qin Liu
  • Patent number: 10250916
    Abstract: A device is configured to perform a method that detects a trigger marker for an action corresponding to a segment of a multimedia signal. A fingerprint is generated based on the segment of the multimedia signal at a trigger time point. The generated fingerprint is stored in a database and communicated to the device. During playback of the multimedia signal, fingerprints of segments of the multimedia signal are generated and matched against fingerprints in the database. When a match is found, one or more associated actions for the segment are retrieved by the device. The trigger time point may be determined as a time point near or at the segment of the multimedia signal with the matched fingerprint. In this way, trigger markers for actions may be enabled without modifying the multimedia signal.
    Type: Grant
    Filed: June 25, 2018
    Date of Patent: April 2, 2019
    Assignee: Gracenote, Inc.
    Inventors: Job Cornelis Oostveen, Warner Rudolph Theophile Ten Kate, Adrianus Johannes Maria Denissen, David K. Roberts
  • Patent number: 10242217
    Abstract: The present disclosure describes techniques for storing encrypted files in a secure file repository and transferring those encrypted files to one or more recipients. A user selects a file to upload to a secure file repository. A secure collaboration app on the user's device generates a first encryption key that is used to encrypt the file. The encrypted file is then uploaded to the secure file repository, which provides the secure collaboration app with a random file name and a location of the encrypted file. The secure collaboration app updates locally stored metadata of the first encrypted file. To securely transfer the file, the user generates a second encryption key, encrypts the metadata with the second encryption key, and transmits the encrypted metadata to one or more receivers. The one or more receivers decrypt the encrypted metadata and use the decrypted metadata to retrieve the file and decrypt it.
    Type: Grant
    Filed: September 26, 2017
    Date of Patent: March 26, 2019
    Assignee: Wickr Inc.
    Inventors: Thomas Michael Leavy, Christopher Howell, David A. Sugar, Dipakkumar R. Kasabwala, Ernest W. Grzybowski