Patents Examined by David García Cervetti
  • Patent number: 10440036
    Abstract: Computerized methods and systems determine an entry point or source of an attack on an endpoint, such as a machine, e.g., a computer, node of a network, system or the like. These computerized methods and systems utilize an attack execution/attack or start root, to build an attack tree, which shows the attack on the end point and the damage caused by the attack, as it propagates through the machine, network, system, or the like.
    Type: Grant
    Filed: December 9, 2015
    Date of Patent: October 8, 2019
    Inventors: Anandabrata Pal, Lior Arzi, Tamara Leiderfarb
  • Patent number: 10438308
    Abstract: Embodiments of the disclosed technology include systems and methods for identifying one or more entities associated with activities. In an example implementation, a method includes determining one or more geographical regions proximate to the plurality of locations associated with the one or more activities; determining connections between one or more identities of a population and a plurality of related entities associated with the one or more identities; determining geographical information associated with related entities; weighting one or more metrics for each of the identities based on the geographical information associated with the related entities and the or more geographical regions proximate to the plurality of locations associated with the one or more activities; scoring the one or more weighted metrics; and providing, based on the scoring, an indication of a likelihood that the one or more identities of the population are associated with the one or more activities.
    Type: Grant
    Filed: July 5, 2016
    Date of Patent: October 8, 2019
    Assignee: LexisNexis Risk Solutions FL Inc.
    Inventors: Johannes Philippus de Villiers Prichard, Jesse C P B Shaw, David Alan Bayliss
  • Patent number: 10439825
    Abstract: An example system receives certificate requests from clients. Each request indicates: a number of computerized devices needing certificates; a timestamp indicating when the request was transmitted; and a client. The system includes a Quality of Service (QoS) manager that: distributes the requests from the clients across client queues, each of the client queues corresponding to a particular client; and divides requests into smaller subgroups of entries corresponding to a subset of the computerized devices needing certificates. It also includes a QoS arbiter that selects a sequence of entries from the client queues to be placed onto a QoS queue based on a number of entries in the QoS queue, a latency level of a certificate management service, and timestamps indicating when requests were transmitted, where the QoS manager retrieves entries from the QoS queue in the sequence selected by the QoS arbiter and transmits them to the certificate management service.
    Type: Grant
    Filed: November 13, 2018
    Date of Patent: October 8, 2019
    Inventors: Alan T. Meyer, Daniel R. Fynaardt
  • Patent number: 10437523
    Abstract: A transmit packet processing system includes a memory, one or more processors in communication with the memory, and an operating system. The one or more processors execute a packet processing thread and a rearming thread. The OS maps a receive ring into a first memory of an application and maps the first memory into kernel memory. The packet processing thread reads a receive ring. The packet processing thread retrieves the packet information within the receive ring. The packet processing thread processes the packets. The packet processing thread notifies the rearming thread that a batch size limit is reached and the rearming thread requests the OS to rearm the plurality of descriptors. The OS receives the request and initializes the first descriptor of the plurality of descriptors.
    Type: Grant
    Filed: February 25, 2016
    Date of Patent: October 8, 2019
    Assignee: Red Hat Israel, Ltd.
    Inventor: Michael Tsirkin
  • Patent number: 10425447
    Abstract: A system and method for responding to data security incidents in enterprise networks using an incident response bus (IR bus) within an incident management system is disclosed. An Incident Manager (IM) application of the system stores objects that include information concerning data security incidents that occur in enterprise networks managed by the incident management system. Users configure action conditions on the IM, the satisfaction of which cause the IM to send messages that include the information concerning the incidents to message queues, or destinations. Correspondingly, the IR bus includes plugins associated with the devices in each client's enterprise network, where each plugin can access the message destinations for the messages. The plugins, in one embodiment, also configure one or more chains of plugins that process the messages. The plugins then execute the chains of plugins to specify actions for the devices to execute to provide a response to the incidents.
    Type: Grant
    Filed: August 28, 2015
    Date of Patent: September 24, 2019
    Assignee: International Business Machines Corporation
    Inventors: Kenneth Allen Rogers, Allen Hadden
  • Patent number: 10419410
    Abstract: A controller is configured to perform various steps including receiving a plurality of user identification values. Another step includes determining a first range of the plurality of user identification values, the first range including a first minimum user identification value and a first maximum user identification value. Another step includes assigning a first user identification value to a first user from the first range of the plurality of user identification values to a first user based on the first minimum and maximum user identification values. Another step includes determining a second user identification value from the first range of the plurality of user identification values by incrementing the first user identification value based on the first minimum and maximum identification values. Yet another step includes assigning the second user identification value to a second user.
    Type: Grant
    Filed: December 15, 2016
    Date of Patent: September 17, 2019
    Assignee: Seagate Technology LLC
    Inventors: Deivapalan Perumal Govindan, Christopher David Gouge
  • Patent number: 10419415
    Abstract: A system includes a retrieval engine, an authentication engine, an extraction engine, a determination engine, and an export engine. The retrieval engine receives a request for a data report from a user via a user device. The retrieval engine receives reporting data from one or more data servers. The authentication engine determines whether the user is authorized to receive the customized data based on an authentication token. The extraction engine configured to extract one or more report requirements from the request and extract customized data from the reporting data based on report requirements and metadata. The determination engine determines one or more presentation generation tools based on the report requirements and the customized data. The export engine communicates the customized data and a routine to the one or more presentation generation tools.
    Type: Grant
    Filed: November 16, 2016
    Date of Patent: September 17, 2019
    Assignee: Bank of America Corporation
    Inventors: Apurva R. Kadakia, Venumadhav Mididoddi
  • Patent number: 10419504
    Abstract: Providing streaming of one or more applications from streaming servers onto one or more clients. The computer readable medium includes computer-executable instructions for execution by a processing system. The applications are contained within one or more isolated environments, and the isolated environments are streamed from the servers onto clients. The system may include authentication of the streaming servers and authentication of clients and credentialing of the isolated environments and applications the clients are configured to run. The system may include encrypted communication between the streaming servers and the clients. The system may further include a management interface where administrators may add, remove and configure isolated environments, configure client policies and credentials, and force upgrades.
    Type: Grant
    Filed: October 31, 2017
    Date of Patent: September 17, 2019
    Inventor: Allan Havemose
  • Patent number: 10417447
    Abstract: Methods, systems and computer readable media described herein may facilitate the automatic identification of a need for additional authentication based on a received private message or PID, the urgency of a received private message, thus determining whether an immediate alert is output to a user, and/or a determination whether a protected message is to be archived for later retrieval via authentication. A device may be configured (e.g., by user input) to control selective decoding and display of messages (e.g., private messages), registration and configuration of blacklists, and/or defining criteria for determining urgency of a received message. Device configurations may be dynamically changed or updated according to user preferences and user treatment of received messages.
    Type: Grant
    Filed: June 15, 2016
    Date of Patent: September 17, 2019
    Assignee: ARRIS Enterprises LLC
    Inventors: Sundar Murthy Tumuluru, Albert F. Elcock, Aravind Soundararajan, Lakshmi Arunkumar
  • Patent number: 10411883
    Abstract: Devices for sampling a plurality of input signals are provided, wherein a sampling device is controlled to sample the input signals in a random order with additional delays. Other embodiments relate to voltage monitoring systems and corresponding methods.
    Type: Grant
    Filed: October 18, 2016
    Date of Patent: September 10, 2019
    Assignee: Infineon Technologies AG
    Inventors: Martin Pernull, Andreas Kalt, Gerhard Pichler, Franz Wachter, Bernhard Wotruba
  • Patent number: 10404463
    Abstract: A cryptographic ASIC and method for autonomously storing a unique internal identifier into a one-time programmable memory in isolation, by a foundry or a user. When later powered on, the ASIC calculates the value of the unique internal identifier from a predetermined input and compares the calculated identifier value to the stored identifier value. A match indicates the stored value is valid, while a mismatch indicates the stored value is invalid, whether due to natural memory component aging or damage by unauthorized access attempts. The ASIC may compare the calculated identifier to another copy or copies of the stored identifier, and disregard unreliable copies of the stored identifier. The ASIC may compare multiple copies of the stored identifier in a voting scheme to determine their validity. The confirmed valid lifetime of the ASIC thus extends far beyond the useful lifetime of a single copy of the stored identifier.
    Type: Grant
    Filed: May 31, 2018
    Date of Patent: September 3, 2019
    Assignee: Blockchain ASICs LLC
    Inventor: Edward L. Rodriguez De Castro
  • Patent number: 10402346
    Abstract: An information processing apparatus includes a storage device configured to store data, an encryption chip configured to store an encryption key therein, a nonvolatile memory configured to store a backup encryption key, and a control unit configured to confirm whether the data stored in the storage device has been correctly decrypted by using the encryption key, and when the data has not been correctly decrypted, restore the backup encryption key to the encryption chip, and when the data has been correctly decrypted, back up the backup encryption key, which is a backup of the encryption key, stored in the encryption chip into the nonvolatile memory.
    Type: Grant
    Filed: January 5, 2018
    Date of Patent: September 3, 2019
    Inventor: Akari Yasukawa
  • Patent number: 10382203
    Abstract: A three-way pairing handshake may include an internet-of-things (IoT) service sending an encrypted token to an IoT device in response to a request for a token from that IoT device. The encrypted token may store a service managed client identifier and a device identifier. The IoT device may share the encrypted token with a companion application on a mobile device. In turn, the companion application sends a pairing request to the IoT service which includes the encrypted token, along with a copy of the device identifier and the client identifier. The IoT service may validate the pairing request by decrypting the encrypted token included in the pairing request and verifying that the device identifier and the client identifier recovered from the decrypted token matches the device identifier and client identifier received in the pairing request.
    Type: Grant
    Filed: November 22, 2016
    Date of Patent: August 13, 2019
    Assignee: Amazon Technologies, Inc.
    Inventors: Rameez Loladia, Ashutosh Thakur, Julian Embry Herwitz
  • Patent number: 10380366
    Abstract: Systems and methods are provided for sending a request to register a data offer from a data owner to participate in a distributed ledger, the request including information associated with the data offer and a privacy budget for the data offer, and wherein the information associated with the data offer and the privacy budget is stored in the distributed ledger and the data offer is accessible by third parties to the data owner. The systems and method further providing for receiving a request, associated with a third party computer, to access data associated with the data offer, processing a data request associated with the request to access data, based on determining that there is sufficient privacy budget to allow access to the data associated with the request to access data, to produce result data, anonymizing the result data, and updating the distributed ledger.
    Type: Grant
    Filed: April 25, 2017
    Date of Patent: August 13, 2019
    Assignee: SAP SE
    Inventors: Daniel Bernau, Florian Hahn, Jonas Boehler
  • Patent number: 10382478
    Abstract: In one embodiment, a device in a network constructs a graph based on Domain Name System (DNS) traffic in which vertices of the graph correspond to client addresses from the DNS traffic and domains from DNS traffic. The device uses stacked autoencoders to determine priors for the domains and client addresses. The device assigns the determined priors to the corresponding vertices of the graph. The device uses belief propagation on the graph to determine a malware inference from the graph. The device causes performance of a mitigation action when the malware inference from the graph indicates the presence of malware.
    Type: Grant
    Filed: December 20, 2016
    Date of Patent: August 13, 2019
    Assignee: Cisco Technology, Inc.
    Inventors: David Brandon Rodriguez, Yuxi Pan
  • Patent number: 10374796
    Abstract: Provided is a high-speed and light-weighted authentication system that makes IP address filtering possible and does not impair real-time property even on a network including many and unspecific entities (communication devices). In a communication system that a plurality of communication devices are coupled together such that mutual communication is possible over the network, the communication devices communicate with a server under a secure environment, when authentication has been obtained from the server, random seeds of the same value and individual identifiers are issued to them, each communication device generates the IP address that includes a pseudorandom number and the identifier, and the communication devices establish communication between the communication devices that include the pseudorandom numbers that are mutually the same in their IP addresses.
    Type: Grant
    Filed: August 26, 2015
    Date of Patent: August 6, 2019
    Inventors: Daisuke Oshida, Yoshiyuki Sato, Yasuhiro Sagesaka, Takeshi Itome
  • Patent number: 10367645
    Abstract: A blockchain configuration may be used to store a distributed ledger for information security and accessibility. One example method of operation may include determining a proof-of-work via a device and using a predefined set of nonce values when determining the proof-of-work, storing the proof-of-work on a blockchain, and broadcasting the proof-of-work as a broadcast message.
    Type: Grant
    Filed: October 26, 2016
    Date of Patent: July 30, 2019
    Assignee: International Business Machines Corporation
    Inventors: Sampath Dechu, Ramachandra Kota, Pratyush Kumar
  • Patent number: 10346622
    Abstract: Methods and systems for communicating information between mobile applications are presented. In some embodiments, a mobile device may determine that a plurality of applications are running on the mobile device. The mobile device may determine that each application of the plurality of applications uses a shared passcode to encrypt information about a persistent state. The mobile device may generate a beacon that includes encrypted state information. The mobile device may maintain state information across the plurality of applications beyond the lifetime of any one of the plurality of applications by transmitting the beacon from a first application to a second application before the first application's lifetime is completed.
    Type: Grant
    Filed: June 27, 2017
    Date of Patent: July 9, 2019
    Assignee: Citrix Systems, Inc.
    Inventors: Gary Barton, Richard Hayton, Andrew Carnegie Innes, Georgy Momchilov
  • Patent number: 10348690
    Abstract: A message directed to a recipient of a messaging client is intercepted and prevented from reaching the messaging client in a native sent message format as sent from a sender of the message. One or more portions of the message are rendered to a format that is incapable of execution by a device and the message in the format that is incapable of execution is delivered to the messaging client for viewing and/or printing by the recipient.
    Type: Grant
    Filed: July 8, 2016
    Date of Patent: July 9, 2019
    Assignee: XATTIC, Inc.
    Inventor: Roman Kagarlitsky
  • Patent number: 10334492
    Abstract: Method, apparatus and systems are provided for key derivation. A target base station receives multiple keys derived by a source base station, where the keys correspond to cells of the target base station. The target base station selects a key corresponding to the target cell after obtaining information regarding a target cell that a user equipment (UE) is to access. An apparatus for key derivation and a communications system are also provided.
    Type: Grant
    Filed: May 22, 2017
    Date of Patent: June 25, 2019
    Inventors: Min Huang, Jing Chen, Aiqin Zhang, Xiaohan Liu