Patents Examined by Eleni Shiferaw
  • Patent number: 10206104
    Abstract: A method, system and computer program product for session completion through co-browsing is claimed. The method can include establishing a content browsing session between a first computing device and a content server serving access to content to the first computing device and maintaining state data for the content browsing session. A co-browsing arrangement of the content can be created as between the first computing device and a second computing device and at least a subset of the state data can be cloned for use by the second computing device during co-browsing of the content. Thereafter, a modified form of the subset of the state data can be received from the second computing device resulting from the co-browsing of the content by the second computing device and the modified form of the subset of the state data can be provided to the first computing device for use during the content browsing session.
    Type: Grant
    Filed: December 20, 2017
    Date of Patent: February 12, 2019
    Assignee: International Business Machines Corporation
    Inventors: Andrew J. Ivory, Todd E. Kaplinger, Barry J. Pellas, Matthew T. Pellas
  • Patent number: 10200380
    Abstract: A system for providing layered security is disclosed. In particular, the system may include determining a state of a first device of a device ecosystem and a state of a second device of the device ecosystem. Based on the states of the first and second devices, the system may include calculating a confidence score for the device ecosystem. If the confidence score satisfies a threshold score for enabling access to a selected system, the system may include transmitting an access code to the device ecosystem. Based on the access code, the system may enable the device ecosystem to access the selected system. If, however, the confidence score does not satisfy the threshold score, the system may include requiring the device ecosystem to provide additional authentication information in order to access the selected system.
    Type: Grant
    Filed: December 16, 2015
    Date of Patent: February 5, 2019
    Assignee: AT&T Intellectual Property I, L.P.
    Inventors: Steven Belz, James H. Pratt, Marc A. Sullivan
  • Patent number: 10200859
    Abstract: Methods, systems, and apparatus are described for transferring application data between devices. In one aspect, a method includes causing, by a first service running on a first device, the first device to establish a wireless connection with a second device; receiving, from a second service running on the second device, data specifying applications that are installed on the second device and supported by the second service, each of the applications being separate from the second service; determining, by the first service, that a first application installed on the first device matches one of the applications installed on the second device, the first application being separate from the first service; receiving, by the first service, first application data from the first application; and causing, by the first service, the first device to send the first application data to the second service running on the second device using the wireless connection.
    Type: Grant
    Filed: December 8, 2017
    Date of Patent: February 5, 2019
    Assignee: GOOGLE LLC
    Inventors: Vincent Wei-Kang Chen, Paul Lee, Gregory M. Hecht, Erdi Chen, Jenny Chun-yi Chen, Maria-Ines Carrera, Estelle Laure Myriam Comment, Eric Chu, Peter Jin Hong, Christopher John Adams, Lucas Gill Dixon
  • Patent number: 10200202
    Abstract: The invention relates to a method for a communication system comprising a first device and a second device. The method comprises transferring a packet from a first device to a second device, which packet comprises an authentication request having a challenge; encrypting the challenge from the authentication request by the second device; including the determined challenge as a challenge-response to a response packet by the second device; sending the response packet from the second device to the first device; determining whether the challenge matches with the challenge-response, and if so, authenticating the second device.
    Type: Grant
    Filed: December 21, 2015
    Date of Patent: February 5, 2019
    Assignee: Silicon Laboratories Finland OY
    Inventor: Jere Knaappila
  • Patent number: 10200382
    Abstract: A system and method for detecting abnormal traffic behavior. The method comprises: applying a task to an input data set to create an un-normalized cluster of traffic features, wherein the task defines a plurality of traffic features; computing a center point of the cluster of traffic features; computing a distance between the computed center point and a new sample, wherein the new sample includes traffic features defined in the task; and determining, based on the computed distance, whether the received new sample demonstrates abnormal behavior.
    Type: Grant
    Filed: November 5, 2015
    Date of Patent: February 5, 2019
    Assignee: RADWARE, LTD.
    Inventors: Lev Medvedovsky, David Aviv
  • Patent number: 10198584
    Abstract: Described is a system for obfuscating a computer program. Sensitive data of an unprotected computer program is received as input. A random oracle is used to algebraically hide a set of polynomial-size point functions representing the sensitive data. The system outputs a set of obfuscated instructions internally hiding the sensitive data. The set of obfuscated instructions are used to transform the unprotected computer program into a protected, obfuscated computer program that is accepting of the set of polynomial-size point functions. The obfuscated computer program is written to a non-volatile computer-readable medium.
    Type: Grant
    Filed: April 5, 2016
    Date of Patent: February 5, 2019
    Assignee: HRL Laboratories, LLC
    Inventors: Karim El Defrawy, Chongwon Cho, Daniel C. Apon, Jonathan Katz
  • Patent number: 10193906
    Abstract: Disclosed are methods and systems for detecting malware and potential malware based on using generalized attack trees (generalized attack tree graphs). The generalized attack trees are based on attack trees (attack tree graphs), whose objects, such as links and vertices, have been analyzed, and some of these objects have been generalized, resulting in the generalized attack tree of the invention.
    Type: Grant
    Filed: December 9, 2016
    Date of Patent: January 29, 2019
    Assignee: CHECKPOINT SOFTWARE TECHNOLOGIES LTD.
    Inventors: Tamara Leiderfarb, Lior Arzi, Anandabrata Pal
  • Patent number: 10185817
    Abstract: One embodiment provides a method for ensuring device security via swipe pattern recognition, the method comprising: utilizing at least one processor to execute computer code that performs the steps of: receiving, using a touch device, at least one swipe input of a user; determining, using the at least one processor, if the at least one swipe input matches a known swipe pattern of the user, the match requiring exceeding a match confidence level; and responsive to said determining, executing an action associated with the touch device. Other aspects are described and claimed.
    Type: Grant
    Filed: June 16, 2016
    Date of Patent: January 22, 2019
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Megha Gupta, Apurva Kumar, Ashish Kundu, Amit Anil Nanavati
  • Patent number: 10187469
    Abstract: A cloud agent device including, determines whether the size of the file is less than the size of the remaining capacity of the second cloud storage, validating the verification request information of correctness, sending a affirmative notification to the first cloud storage and transfer the file from the first cloud storage to the second cloud storage when the verification request information is correct. The invention also provides a cloud storage and a file transferring method. The cloud agent device, cloud storage and file transferring method can efficient and accurate transfer of files in a safe condition.
    Type: Grant
    Filed: December 1, 2015
    Date of Patent: January 22, 2019
    Assignee: NANNING FUGUI PRECISION INDUSTRIAL CO., LTD.
    Inventors: Hong-Kai Chen, Shih-Pin Chen, Chih-Wei Tung
  • Patent number: 10187386
    Abstract: Disclosed are approaches for native enrollment of mobile devices. A first message is received from a client device, wherein the first message comprises an enrollment request for the client device. An application is sent to the client device, wherein the application is to be installed on the client device. A second message is received from the client device, wherein the second message comprises an authentication request from the client device. Authentication credentials are then provided to the installed application. A third message is received from the client device, wherein the third message comprises an enrollment confirmation for the client device. The enrollment status of the client device is then changed. Finally, a policy is sent to the installed application.
    Type: Grant
    Filed: October 27, 2015
    Date of Patent: January 22, 2019
    Assignee: AIRWATCH LLC
    Inventors: Varun Murthy, Kalyan Regula, Shravan Shantharam, Jason Roszak
  • Patent number: 10185832
    Abstract: Provided are processes of monitoring or modifying a network of electronically connected assets that dynamically builds relationships and dependencies among detected vulnerabilities in one or more of the assets and sensor measurements so that risk assessment can be achieved more accurately and in real-time. A process includes: identifying a plurality of vulnerabilities on a network of electronically interconnected devices representing one or more critical assets; determining dependencies between each vulnerability in the plurality of vulnerabilities; creating a hidden Markov model representing an attack state of each vulnerability of the plurality of vulnerabilities; determining the exploit likelihood of each of the attack states at a first time; determining the most probable sequences or paths of the attack states; and identifying dynamically the risk of one or more of the critical assets based on the sequences or paths of attack states.
    Type: Grant
    Filed: July 19, 2016
    Date of Patent: January 22, 2019
    Assignee: The United States of America as represented by the Secretary of the Army
    Inventor: Hasan Cam
  • Patent number: 10187205
    Abstract: System and methods for synchronizing and aligning quantum channel for Quantum Key Distribution. The primary object of the invention is to allow a Quantum Key Distribution (QKD) apparatus to work continuously with only two communication channels, a quantum communication channel and a service channel. This is achieved by linking the clock frequencies of both channels and completed by an over-sampling method for phase synchronization tracking. Clock signal carry is done through data using a clock data recovery encoding techniques. Having a continuous operating QKD system is not possible without a tracking system that enables phase alignment. This synchronization and alignment system and method for QKD has multiple benefits as it allows real-time synchronization with continuous data flow and is not dedicated to a specific quantum protocol.
    Type: Grant
    Filed: October 28, 2015
    Date of Patent: January 22, 2019
    Assignee: Université de Genève
    Inventors: Olivier Guinnard, Raphael Houlman
  • Patent number: 10180842
    Abstract: Provided is an integrity verification method for a user device includes verifying integrity of a first verification target on a basis of a first integrity verification scheme during executing a boot-loader, uncompressing a kernel image according to the integrity verification result for the first verification target and verifying integrity of a second verification target on a basis of a second integrity verification scheme while the kernel image is uncompressed, and driving an operating system according to the integrity verification result for the second verification target and verifying integrity of a third verification target on a basis of a third integrity verification scheme while the operating system is driven.
    Type: Grant
    Filed: March 11, 2016
    Date of Patent: January 15, 2019
    Assignee: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE
    Inventor: Yong Hyuk Moon
  • Patent number: 10178103
    Abstract: According to one example of the present invention, there is provided, a method of accessing a service. The method comprising: receiving, from a requesting user, a request for a number of accessing users to have access to the service, generating service access data associated with the service, providing, to the requesting user, the generated service access data for distribution to the accessing users, receiving, from an accessing user, service access data, determining, based in part on the received service access data, whether the service can be provided, and where it is so determined, providing the service to the accessing.
    Type: Grant
    Filed: February 1, 2017
    Date of Patent: January 8, 2019
    Assignee: Hewlett Packard Enterprise Development LP
    Inventor: David Andrew Graves
  • Patent number: 10171492
    Abstract: Systems and methods for improving the performance of DDoS mitigation by monitoring the health of a protected network resource are provided. According to one embodiment, health of a network device protected by DoS mitigation device can be evaluated and packet/traffic received on the DoS mitigation device can be selectively/conditionally forwarded to the protected network device or can be dropped based on the health of the protected network device. According to one embodiment, at-least a part of the traffic is blocked when the health of the protected network device is below a predetermined health threshold. In an exemplary implementation, a measure of volume of traffic originated by different computing devices and handled by the protected network device can be computed, and packet filtering or conditional forwarding can be enabled when the computed measure of volume of traffic exceeds a predetermined traffic volume threshold.
    Type: Grant
    Filed: June 24, 2016
    Date of Patent: January 1, 2019
    Assignee: Fortinet, Inc.
    Inventors: William A. Kish, Sergey Katsev
  • Patent number: 10171432
    Abstract: Systems, methods, and non-transitory computer-readable medium are provided to secure data centers and cloud computing. A method receives network identifiers for functions, requests a network key for each function, allocates network interfaces, requests a virtual network interface controller allocation, requests a network key for each cloud function, receives storage identifiers for functions, requests a storage key for each cloud function, allocates virtual storage disks, requests a storage interface controller allocation, requests a storage key for each cloud function. Methods secure migration of a virtual machine from a source to a target server. A server includes multiple cores where each core is dedicated to a compute function and a unique key encrypts data of each compute function. A non-transitory computer-readable medium encodes programs that execute the above methods.
    Type: Grant
    Filed: December 4, 2017
    Date of Patent: January 1, 2019
    Inventor: Ari Birger
  • Patent number: 10165022
    Abstract: A method to manage screen sharing includes receiving a screen sharing request of a shareable interface displayed on a first computing device of a first end user, conducting, in response to the session sharing request, an inventory of secured assets in the shareable interface, and generating a shared interface from the shareable interface. Generating the shared interface includes obtaining a first secured asset in the inventory of the secured assets, modifying the first secured asset based on a first end user permission defined for the first secured asset to generate a modified secured asset, and adding the modified secured asset to the shared interface. The method further includes transmitting the shared interface to a second computing device of a second end user.
    Type: Grant
    Filed: April 29, 2016
    Date of Patent: December 25, 2018
    Assignee: Intuit Inc.
    Inventors: Paul Hubbard, Clarence Huang, Amir Eftekhari, Andrew Jeddeloh
  • Patent number: 10165072
    Abstract: Methods and apparatuses that collect tracking data items into a plurality of data stores for one or more domain in response to resources received from the domains are described. Each tracking data item may be accessible for one of the domains. Relationships of the domains may be identified among the tracking data items across multiple data stores according to the resources received. One or more of the domains may be selected according to the identified relationships to control accessibility of the tracking data items for the domains. The data stores may be updated to prohibit accessing at least a portion of the tracking data items for the selected domains.
    Type: Grant
    Filed: January 25, 2016
    Date of Patent: December 25, 2018
    Assignee: APPLE INC.
    Inventors: Steven Jon Falkenburg, Darin Benjamin Adler, Jessie Leah Berlin, Jing Jin, Kevin W. Decker, Maciej Stachowiak
  • Patent number: 10158615
    Abstract: A location-reporting request is sent by a processor to at least one remote server. The location-reporting request (i) requests processing of data away from a geo-location-aware client device and (ii) includes an instruction that instructs any available server to respond with a reported geographic location. An asserted geographic location is received from a remote server available to process the data responsive to the instruction in the location-reporting request. In response to determining that the asserted geographic location of the available remote server satisfies location-based data processing restrictions that regulate remote processing of the data away from the geo-location-aware client device, the asserted geographic location is verified using a geo-location assertion server. In response to a successful verification of the asserted geographic location of the available remote server, the data is sent to the available remote server to process.
    Type: Grant
    Filed: March 31, 2017
    Date of Patent: December 18, 2018
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Scott J. Broussard, Jacob D. Eisinger, Ritu Mehta, Karthikeyan Ramamoorthy
  • Patent number: 10157287
    Abstract: A secure access client can be employed to enforce limitations on a user's access to a file while also allowing the user to access the file using an application of choice. To provide this functionality, the secure access client can implement an RDP client that is configured to create an RDP session with an RDP service executing on the same computing device. The RDP service can allow the secure access client to display the user interface of an application employed to open a file. The secure access client can be configured to selectively apply access limitations on a per file basis. This selective enforcement can be accomplished by only implementing a virtual channel extension to provide a particular type of access to the file when the file's access limitations would allow such access.
    Type: Grant
    Filed: February 9, 2016
    Date of Patent: December 18, 2018
    Assignee: Wyse Technology L.L.C.
    Inventors: Andrew Fausak, Oleg Rombakh, James Burke, Darrell Testerman, Chris Burchett, Warren Robbins