Patents Examined by Eleni Shiferaw
  • Patent number: 10693890
    Abstract: A packet relay apparatus, which is configured to transmit from a mirror port a mirror packet copied from one of a packet to be received and a packet to be transmitted, the packet relay apparatus comprising: a packet receiving module configured to receive a packet from an input port; a security judgment module configured to judge whether or not the packet is possibly one of an attack and an attack sign; a mirror processing module configured to generate, when it is judged that the packet is possibly one of an attack and an attack sign, a replica of the packet as the mirror packet; and a transmitting module configured to transmit the mirror packet from the mirror port.
    Type: Grant
    Filed: May 10, 2017
    Date of Patent: June 23, 2020
    Inventors: Yuichi Ishikawa, Nobuhito Matsuyama
  • Patent number: 10685587
    Abstract: A cryptographic device (100) calculates a block cipher (500) on a block cipher input (105) and produces a block cipher output (106). The block cipher calculation operates on encoded values (210). The cryptographic device includes a round function unit (140; 300) for applying the final round (118) of the multiple rounds of cryptographic processing implementing the block cipher. A first output unit (160) and second output unit (180) decodes encoded output data (132, 152).
    Type: Grant
    Filed: April 19, 2016
    Date of Patent: June 16, 2020
    Assignee: Koninklijke Philips N.V.
    Inventor: Ronald Rietman
  • Patent number: 10673848
    Abstract: A foldable device includes: a display; a touch panel configured to detect a touch input; a sensing interface configured to detect an angle of the foldable device; and a controller configured to activate the display unit when the angle detected by the sensing unit as the foldable device is unfolded is equal to or greater than a first angle, and activate the touch panel when the angle detected by the sensing unit is equal to or greater than a second angle.
    Type: Grant
    Filed: March 11, 2019
    Date of Patent: June 2, 2020
    Inventor: Dae-myung Kim
  • Patent number: 10671757
    Abstract: Technologies relating to converting an alphanumerical string that comprises personally identifying data (PID) into a signature for the string are described herein. The string is partitioned into several substrings, where each substring includes at least one character. For each substring, a sequence of bits that is uniquely mapped to the substring is retrieved from a mapping table. Thereafter, at least one bit is removed from each sequence of bits to create updated sequences of bits, and the updated sequences of bits are ordered based upon their values. For each updated sequence of bits, a substring that is uniquely mapped to the updated sequence of bits is retrieved from the mapping table. The retrieved substrings are concatenated in the order corresponding to the updated sequence of bits.
    Type: Grant
    Filed: December 22, 2016
    Date of Patent: June 2, 2020
    Inventors: Brent Arasimowicz, Gordon Lyles Blackwell, Jr., Michael Pastrone
  • Patent number: 10666626
    Abstract: A computing device receives one or more messages in a secure communication session with a peer device. Security information for the secure communication session includes a first network address associated with the peer device. The computing device detects that a new message in the secure communication session includes a second network address different from the first network address. The computing device validates the new message as part of the secure communication session and sends an informational request to the peer device. The informational request is sent to the peer device at a destination address of the second network address. The computing device receives an update message from the peer device.
    Type: Grant
    Filed: January 18, 2017
    Date of Patent: May 26, 2020
    Assignee: Cisco Technology, Inc.
    Inventors: Mukesh Yadav, Navneet Priya, Siddeshi R
  • Patent number: 10664588
    Abstract: A method and apparatus prevents hacker code from infecting an application program by requiring decryption of the application program prior to running the application program on a computer. The device is preferably a computer system that includes a dongle, or a separate unit that is connected or connectable to the computer. A security program decrypts a first key with a second key stored on the dongle. When a new application is installed the first time on the computer, the security program uses a decrypted first key to encrypt whatever is installed such that the encrypted application program is the only installed version of the application program on any non-transitory computer readable memory accessible by the computer. When a command is given to startup the application program, whatever code is needed for startup is first decrypted using the decrypted first key.
    Type: Grant
    Filed: January 27, 2020
    Date of Patent: May 26, 2020
    Inventor: John Almeida
  • Patent number: 10645123
    Abstract: A cloud network may include a distributed security switch (DSS). The DSS may be to receive configuration information from the hypervisor. The configuration information may include a set of access mode attributes and a security policy. The DSS may be to determine that a packet is to be directed from a source virtual machine to a target virtual machine. The DSS may be to identify an egress interface of the source virtual machine and an ingress interface of the target virtual machine. The egress interface may be associated with a first access mode attribute and the ingress interface being associated with a second access mode attribute. The DSS may be to selectively route the packet, using the shared memory, based on the first access mode attribute, the second access mode attribute, and the security policy.
    Type: Grant
    Filed: December 28, 2016
    Date of Patent: May 5, 2020
    Assignee: Juniper Networks, Inc.
    Inventors: Suresh Vishwanathan, Avinash Kumar Singh
  • Patent number: 10637772
    Abstract: Data packets passing from a source to a destination in a network according to a Service Function Chain (SFC) are processed by an ordered sequence of at least one service function (SF). For each SF in the SFC in order, a current value of a function, such as a hash function, is recursively computed including, as input values, at least current identifying data that identifies a corresponding current one of the SFs, and a value of the function output from an immediately preceding SF. After computing the current value of the function for a selected SF in the SFC, the current value of the function is compared with an expected value. If the value of the function for the selected SF is the same as the expected value, the data packet is allowed to be transmitted to a subsequent processing stage; if not, then an error response action is taken.
    Type: Grant
    Filed: May 28, 2016
    Date of Patent: April 28, 2020
    Assignee: Guardtime SA
    Inventors: Hema Krishnamurthy, Jeffrey Pearce
  • Patent number: 10637827
    Abstract: A security network system is disclosed. The security network system includes a processor selectively operable in either a normal world or a secure world, wherein the processor receives, from an external network, a packet by using a network driver module of the secure world, extracts data of the packet by using a TCP/IP module of the secure world if the packet received from the external network is used in the secure world, uses the data of the packet in the secure world, and extracts the data of the packet by using the TCP/IP module of the secure world so as to transmit the data of the packet to the normal world if the packet is not used in the secure world.
    Type: Grant
    Filed: July 21, 2016
    Date of Patent: April 28, 2020
    Inventors: Yu-sun Kim, In-ho Kim, In-hwan We, Jong-tak Lee
  • Patent number: 10637842
    Abstract: The present disclosure provides a method and system for sharing a real time, dynamic, adaptive and non-linearly assembled video on one or more publisher platforms. The method includes collection of a first set of information associated with a publisher platform of the one or more publisher platforms and fetching a set of preference data of the user from the publisher platform in the real time. The method includes fragmentation of each tagged video into the one or more tagged fragments and segregation of one or more mapped fragments into one or more logical sets of mapped fragments. The method includes mining of semantic context information and clustering of the one or more logical sets of mapped fragments into the one or more logical clusters of mapped fragments. The method includes assembling the one or more logical clusters of mapped fragments and sharing an assembled video on the publisher platform.
    Type: Grant
    Filed: August 29, 2016
    Date of Patent: April 28, 2020
    Inventors: N. Dilip Venkatraman, Savitri Dilip
  • Patent number: 10594711
    Abstract: A method and device for detecting botnets in a cloud-computing infrastructure are provided. The method includes gathering data feeds over a predefined detection time window to produce a detection dataset, wherein the detection dataset includes at least security events and a first set of bot-labels related to the activity of each of at least one virtual machine in the cloud-computing infrastructure during the detection time window; generating, using the detection dataset, a features vector for each of a plurality of virtual machines in the cloud-computing infrastructure, wherein the features vector is based on idiosyncratic (iSync) scores related to botnet activity; transmitting each generated features vector to a supervised machine learning decision model to generate a label indicating if each of the plurality of virtual machines is a bot based on the respective features vector; and determining each virtual machine labeled as a bot as being part of a botnet.
    Type: Grant
    Filed: November 28, 2016
    Date of Patent: March 17, 2020
    Inventors: Roy Levin, Royi Ronen
  • Patent number: 10567529
    Abstract: Methods and apparatuses are disclosed herein for unified tracking data management. An example method is performed at a device with a display and one or more input devices, the method including: displaying a user interface with two or more sets of tracking-data configuration options associated with a plurality of websites, the sets including: a first tracking-data configuration option that, when selected, causes the device to block all of the plurality of websites from storing tracking data; and a second tracking-data configuration option that, when selected, causes the computing device to limit receipt by all of the plurality of websites of information associated with device. While displaying the user interface, the method includes: receiving a selection of the first tracking-data configuration option; and, in response, causing the computing device to block all of the plurality of websites from storing tracking data of at least the first type on the computing device.
    Type: Grant
    Filed: November 19, 2018
    Date of Patent: February 18, 2020
    Assignee: APPLE INC.
    Inventors: Steven Jon Falkenburg, Darin Benjamin Adler, Jessie Leah Berlin, Jing Jin, Kevin W. Decker, Maciej Stachowiak
  • Patent number: 10554666
    Abstract: An information processing device includes: a first reception unit that receives first information indicating a storage location of a document to be printed; a first transmission unit that uses the first information to generate an authorization request, generates corresponding second information, and transmits the authorization request and the second information to a terminal used by a sender of the first information; a second reception unit that receives a corresponding authorization code; a controller that uses the authorization code to acquire an access token, and controls storage of the access token, the second information, and the first information in association with each other; and a second transmission unit that, if the second information is received from an image processing device, uses the corresponding access token and information indicating a storage location to acquire a document in the storage location, and transmits the document to the image processing device.
    Type: Grant
    Filed: May 6, 2019
    Date of Patent: February 4, 2020
    Assignee: FUJI XEROX CO., LTD.
    Inventor: Yasuhiro Maruyama
  • Patent number: 10523427
    Abstract: In accordance with embodiments of the present disclosure, a management controller configured to provide management-domain management of an information handling system may include a processor and a key management utility embodied in non-transitory computer-readable media. The key management utility may be configured to issue one or more commands to a cryptoprocessor for storing and sealing a key encryption key on the cryptoprocessor, wherein the key encryption key is for decrypting a media encryption key for encrypting and decrypting data stored to a storage resource of a host domain of the information handling system. The key management utility may also be configured to issue one or more commands to the cryptoprocessor for unsealing and retrieving the key encryption key from the cryptoprocessor.
    Type: Grant
    Filed: January 11, 2016
    Date of Patent: December 31, 2019
    Assignee: Dell Products L.P.
    Inventors: Gobind Vijayakumar, Johan Rahardjo, Theodore Stratton Webb
  • Patent number: 10455402
    Abstract: A telecommunications system is provided, comprising a plurality of different cellular telecommunications networks, an identity module registrable on the plurality of different networks and containing multiple unique identifiers, each unique identifier being associated with a respective network; and, a device, operative in accordance with the identity module, to communicate with the networks when the identity module is registered on that network. The identity module comprises a common security key associated with at least two of the unique identifiers such that the identity module is registrable on each one of the plurality of networks when a unique identifier of the identity module and its associated security key are authenticated for that network.
    Type: Grant
    Filed: December 19, 2016
    Date of Patent: October 22, 2019
    Assignee: Vodafone IP Licensing Limited
    Inventors: Yakeen Prabdial, Richard Gumbrell, Najib Koraichi
  • Patent number: 10423793
    Abstract: Example embodiments disclosed herein relate to an approach for installing a runtime agent during a security test. A security test is initiated or performed on an application under test executing on a server. An application vulnerability associated with the application under test is determined. The application vulnerability is exploited to install the runtime agent on the server. The security test is continued using the runtime agent to receive additional information about the application under test.
    Type: Grant
    Filed: June 19, 2014
    Date of Patent: September 24, 2019
    Inventors: Matias Madou, Ronald J. Sechman, Sam Ng Ming Sum
  • Patent number: 10404450
    Abstract: A system performs a setup function which outputs a master secret key associated with a content producing device and public parameters. The system generates a secret key for a user in a content centric network (CCN) based on a master secret key associated with the content producing device, and a schema associated with the user. In response to an interest from the user that includes a name that matches the schema, the system encrypts a payload of a content object based on the name and the public parameters. The system transmits the content object to the user. The encrypted payload is configured such that it can only be decrypted by the secret key of the user and cannot be decrypted by the user if the name in the interest does not match the schema, thereby facilitating schematized access control to content objects in the CCN.
    Type: Grant
    Filed: May 2, 2016
    Date of Patent: September 3, 2019
    Assignee: Cisco Technology, Inc.
    Inventors: Christopher A. Wood, Glenn C. Scott
  • Patent number: 10397185
    Abstract: Systems and methods for protecting and deduplicating streams of data in a cloud based platform. A platform is configured with multiple services and can communicate with multiple clients. The platform receives all requests at an endpoint and distributes the requests to workers using multiple queues. The platform may be stateless and is scalable. The meta-data is handled separately from the data in one example.
    Type: Grant
    Filed: December 23, 2016
    Date of Patent: August 27, 2019
    Inventors: Thomas Sandholm, Julio Lopez, Vaibhav Kamra, Niraj Tolia
  • Patent number: 10380373
    Abstract: Collecting nodes receive data from multiple data sources via a communication structure. The data is processed to generate at least one meta data block reflecting information about objects of interest represented by the data content. The at least one meta data block is encrypted. The data is divided into data chunks of a respective predefined size, and encrypted. The encrypted data chunks and meta blocks are sent over the communication structure to fusion nodes, where, after decryption, meta data blocks are fused into a new meta data block if an object-of-interest criterion is fulfilled. The new meta data blocks are encrypted and sent over the communication structure. Data storage nodes store copies of the encrypted data chunks and meta data blocks in an information structure of block chains of encrypted meta data blocks organized in one chain per object of interest.
    Type: Grant
    Filed: September 7, 2017
    Date of Patent: August 13, 2019
    Assignee: Dataunitor AS
    Inventors: Chunming Rong, Erdal Cayirci
  • Patent number: 10372917
    Abstract: Aspects of the disclosure relate to hierarchical data structures. A method is disclosed for storing data in a hierarchical data structure. The method may include receiving first data to be committed in a distributed database, the first data including one or more data elements. A result of the selection function may be computed, applying the selection function to each of the one or more data elements. A first node of a first hierarchical data structure may be identified based on the result of the selection function applied to a first data element. The first node of the first hierarchical data structure may be updated using the first data element.
    Type: Grant
    Filed: December 6, 2016
    Date of Patent: August 6, 2019
    Assignee: GOOGLE LLC
    Inventors: Etienne Membrives, Przemyslaw Pietrzkiewicz, Benjamin Lerman, Despoina Vouzoukidou