Patents Examined by Ellen Tran
  • Patent number: 12292974
    Abstract: Backup data is leveraged to determine whether primary data has been encrypted by malware. The disclosed approach does not rely on recognizing particular malware instances or malware provenance, and thus can be applied to any body of data. Even a novel and previously unknown malware attack can be detected in this way. An illustrative data storage management system analyzes secondary copies it created over time, applies a multi-factor analysis to data recovered from the secondary copies and, based on the analysis, infers whether the primary data from which the secondary copies were created may be encrypted. The present approach uses successive versions of backup copies to find indicia of malware encryption, rather than trying to trace or identify the malware itself. Indicia of entropy correlate highly with encryption, such as encryption performed by malware attacks. Conversely, indicia of similarity correlate highly with lack of encryption of successive versions of documents.
    Type: Grant
    Filed: October 27, 2022
    Date of Patent: May 6, 2025
    Assignee: Commvault Systems, Inc.
    Inventors: Jitin Jindal, Arun Prasad Amarendran, Chandan Singh, Gopikannan Venugopalsamy, Yongtao Liu
  • Patent number: 12292983
    Abstract: Ingesting large quantities of data in a secure manner can be problematic, particularly processing types of data streams to determine the content of the data stream. As provided herein, a context associated with the data stream can be ascertained by mapping the content of data stream using contextual maps. The content and context can then be further processed in order to generate appropriate responses. In addition, obfuscation can be applied to the content such that the original content is lost while the contextual meaning associated with the content is maintained. In this way, an understanding can persist of the original content without retaining the underlying raw data.
    Type: Grant
    Filed: May 26, 2023
    Date of Patent: May 6, 2025
    Assignee: Aurelius Technologies Group, Inc.
    Inventor: Ryan Welker
  • Patent number: 12267336
    Abstract: Dynamic multi-network security controls are provided herein. A method can include receiving a report of malicious network traffic observed by first network equipment operating in a first communication network, where the report indicates a second communication network distinct from the first communication network as an originating network of the malicious network traffic, identifying second network equipment operating in the second communication network as a source of the malicious network traffic, and based on the identifying, blocking communications from the second network equipment for a defined time interval.
    Type: Grant
    Filed: July 1, 2021
    Date of Patent: April 1, 2025
    Assignee: AT&T Intellectual Property I, L.P.
    Inventors: Donald Levy, Jason Godfrey, Robert Kong, Deon Ogle
  • Patent number: 12265606
    Abstract: Methods, systems, and computer program products for direct assignment of physical devices to confidential virtual machines (VMs). At a first guest privilege context of a guest partition, a direct assignment of a physical device associated with a host computer system to the guest partition is identified. The guest partition includes the first guest privilege context and a second guest privilege context, which is restricted from accessing memory associated with the first guest privilege context. The guest partition corresponds to a confidential VM, such that a memory region associated with the guest partition is inaccessible to a host operating system. It is determined, based on a policy, that the physical device is allowed to be directly assigned to the guest partition. Communication between the physical device and the second guest privilege context is permitted, such as by exposing the physical device on a virtual bus and/or forwarding an interrupt.
    Type: Grant
    Filed: September 26, 2022
    Date of Patent: April 1, 2025
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Jin Lin, Jason Stewart Wohlgemuth, Michael Bishop Ebersol, Aditya Bhandari, Steven Adrian West, Emily Cara Clemens, Michael Halstead Kelley, Dexuan Cui, Attilio Mainetti, Sarah Elizabeth Stephenson, Carolina Cecilia Perez-Vargas, Antoine Jean Denis Delignat-Lavaud, Kapil Vaswani, Alexander Daniel Grest, Steve Michel Pronovost, David Alan Hepkin
  • Patent number: 12267308
    Abstract: A method and system for transmission of digital content via e-mail with point of use digital rights management is disclosed. The secured access rights to the digital content may be customized for individual recipients by the sender, and may evolve over time. The access rights are enforced according to a time-dependent scheme. A key server is used to arbitrate session keys for the encrypted content, eliminating the requirement to exchange public keys prior to transmission of the digital content. During the entire process of transmitting and receiving e-mail messages and documents, the exchange of cryptographic keys remains totally transparent to the users of the system. Additionally, electronic documents may be digitally signed with authentication of the signature.
    Type: Grant
    Filed: April 28, 2022
    Date of Patent: April 1, 2025
    Inventors: Patrick Carson Meehan, Zachary Wisenbaker Price, Raymond Joseph Zambroski, Jr., William Henry Frenchu, Shawn Patrick Hickey, Jesse Lee White, Anthony Allen Mohr, Jeremy Wayne Gomsrud
  • Patent number: 12261854
    Abstract: A cybersecurity infection detection system and method of use. In some embodiments, the system and process provide improved network security, computer security, or both, through mutually assured, defense in depth approaches. In some embodiments, one or more of defense in depth, collaborative attack detection, remediation, component redundancy, component self-monitoring, and component self-replacing are combined to effect an enhanced cybersecurity system. In some embodiments, the cybersecurity system and method include, but are not limited to, one or more of one or more probes, monitors, configuration ledgers, signature ledgers, audit ledgers, configuration controllers, message engines, switchboards, and a public-private key infrastructure.
    Type: Grant
    Filed: June 7, 2023
    Date of Patent: March 25, 2025
    Inventor: C. Kerry Nemovicher
  • Patent number: 12255984
    Abstract: Methods, systems, and devices for memory operations are described. First scrambling sequences may be generated for first addresses of a memory device after an occurrence of a first event, where the first addresses may be associated with commands received at the memory device. Portions of the memory array corresponding to the first address may be accessed based on the first scrambling sequences. After an occurrence of a subsequent event, second scrambling sequences may be generated for the first addresses, where the second scrambling sequences may be different than the first set of scrambling sequences. After the occurrence of the subsequent event, the portions of the memory array may be accessed based on the second scrambling sequences.
    Type: Grant
    Filed: May 26, 2021
    Date of Patent: March 18, 2025
    Assignee: Micron Technology, Inc.
    Inventors: Daniele Vimercati, Simon J. Lovett
  • Patent number: 12250292
    Abstract: In an example embodiment, a protocol for private set intersection is introduced that provides for two-party computation. Each party has a private data set and both parties want to securely compute the intersection of their sets, such that only the result is revealed and nothing else. Construction rules are provided that rely on the evaluation of a branching program (BP) using a fully homomorphic encryption (FHE) scheme. Using the properties of an FHE scheme, a non-interactive protocol is built with extendable functionalities. Thus, not only can the intersection be securely computed but the result can be used for further secure computations. Furthermore, the communication overhead for practical applications is independent of the server's set size, allowing for easy scalability.
    Type: Grant
    Filed: May 24, 2022
    Date of Patent: March 11, 2025
    Assignee: SAP SE
    Inventors: Anselme Tueno, Jonas Janneck
  • Patent number: 12242577
    Abstract: One embodiment provides a method, including: receiving, at an information handling device, a request from a user to access content; detecting, using at least one sensor associated with the information handling device, a face of the user; generating, using at least one audio output device and subsequent to the detecting, an audible sound; determining, using a processor, whether an expected movement of the face is identified with respect to the audible sound; and granting, responsive to determining that the expected movement is identified, the user access to the content. Other aspects are described and claimed.
    Type: Grant
    Filed: September 30, 2019
    Date of Patent: March 4, 2025
    Assignee: Lenovo (Singapore) Pte. Ltd.
    Inventors: Zhenyu Yang, Ming Qian, Jianbang Zhang, Song Wang
  • Patent number: 12244632
    Abstract: Embodiments of the present invention provide techniques, systems, and methods for remote, agent-less enterprise computer threat data collection, malicious threat analysis, and identification and reporting of potential and real threats present on an enterprise computer system. Specifically, embodiments are directed to a system that securely identifies and maps sensitive information from computers across the enterprise. Secure and sensitive information may be internally encrypted and analyzed for indicators of compromise, threatening behavior, and known vulnerabilities. The remote, agent-less collection, analysis, and identification process can be repeated periodically to detect and map additional sensitive information over time, and may delete itself after completion to avoid detection.
    Type: Grant
    Filed: September 1, 2023
    Date of Patent: March 4, 2025
    Assignee: KIVU CONSULTING, INC.
    Inventors: Elgan David Jones, Thomas Langer, Winston Krone
  • Patent number: 12238197
    Abstract: Encryption of an image is achieved through application of a homomorphic encryption function to produce cipher images for each image. Encryption is performed individually on sub-values of a pixel's intensity value, wherein the pixel's intensity value can be described as a sum of the smaller numerical sub-values. The encrypted values for each sub-value form encrypted images that can be transferred or stored on insecure media. Separate encryption approaches can be applied to individual sets of the numerical sub-values to improve security.
    Type: Grant
    Filed: May 24, 2019
    Date of Patent: February 25, 2025
    Assignee: HOWARD UNIVERSITY
    Inventor: Mamadou Ibra Wade
  • Patent number: 12229264
    Abstract: A system and method for securing an application through an application-aware runtime agent can include: acquiring a code profile, instrumenting the application with a runtime agent according to the code profile, enforcing the runtime agent on the execution of the application, and responding to the runtime agent. Enforcing the runtime agent on the execution of the application can include monitoring the execution flow, which comprises of monitoring the utilization of the controls through the execution of the application; detecting a threat, which comprises identifying a section of the execution flow as a potential security threat; and regulating the execution flow to prevent or ameliorate the security threat. Responding to the runtime agent can include responding to the security threat and providing a user interface that may output runtime agent diagnostics and trigger alerts.
    Type: Grant
    Filed: May 18, 2023
    Date of Patent: February 18, 2025
    Assignee: ShiftLeft Inc
    Inventors: Chetan Conikee, Manish Gupta, Vlad A Ionescu, Ignacio del Valle Alles
  • Patent number: 12229453
    Abstract: A processor of an aspect includes a decode unit to decode an instruction. The processor also includes an execution unit coupled with the decode unit. The execution unit, in response to the instruction, is to determine that an attempted change due to the instruction, to a shadow stack pointer of a shadow stack, would cause the shadow stack pointer to exceed an allowed range. The execution unit is also to take an exception in response to determining that the attempted change to the shadow stack pointer would cause the shadow stack pointer to exceed the allowed range. Other processors, methods, systems, and instructions are disclosed.
    Type: Grant
    Filed: May 22, 2023
    Date of Patent: February 18, 2025
    Assignee: Intel Corporation
    Inventors: Vedvyas Shanbhogue, Jason W. Brandt, Ravi L. Sahita, Barry E. Huntley, Baiju V. Patel
  • Patent number: 12223066
    Abstract: A system includes a memory, a user device that can be used by a user to enter a virtual environment and a processor coupled to the user device and the memory. The processor is configured to receive a first user credential from the user to perform a first data interaction in the virtual environment with a second user. The processor detects that the first user and the second user are part of a first virtual community, invokes a first set of rules, and processes the first request according to the first set of rules. The processor receives a second request from the first user to perform a second data interaction in the virtual environment with a third user. The processor detects that the third user is part of a second virtual community, invokes a second set of rules, and processes the second request according to the second set of rules.
    Type: Grant
    Filed: June 29, 2022
    Date of Patent: February 11, 2025
    Assignee: Bank of America Corporation
    Inventors: Lalit Dhawan, Manu J. Kurian
  • Patent number: 12223089
    Abstract: A method for data filtering that identifies a topic of interest for a user and individual sub-topics within the topic the user could be, or is, interested in. A three-dimensional map depicting a topic of interest containing markers for the sub-topics is created and used to specify a level of detail about the user's interest in the sub-topics that can be shared to or used by an external source.
    Type: Grant
    Filed: March 29, 2023
    Date of Patent: February 11, 2025
    Assignee: Aurelius Technologies Group, Inc.
    Inventor: Ryan Welker
  • Patent number: 12212604
    Abstract: Embodiments of the present disclosure provide a method and apparatus for security assurance of a network function or service. The method comprises: generating security requirements for a network function based on a security profile and a deployment and runtime environment of the network function; generating a security policy and a security test specification for the network function based on the security requirements; deploying the network function based on the security policy; validating security compliance of the network function with the security test specification; and activating the network function or service, in response to the network function being in compliance with the security policy.
    Type: Grant
    Filed: April 29, 2019
    Date of Patent: January 28, 2025
    Assignee: NOKIA TECHNOLOGIES OY
    Inventors: Jing Ping, Xiaoming She, Shuqiang Sun, Wei Lu, Stéphane Mahieu
  • Patent number: 12192320
    Abstract: Disclosed is an encryption method and apparatus. The encryption method using homomorphic encryption may include generating a ciphertext by encrypting data, and bootstrapping the ciphertext by performing a modular reduction based on a selection of one or more target points for a modulus corresponding to the ciphertext.
    Type: Grant
    Filed: March 31, 2021
    Date of Patent: January 7, 2025
    Assignees: Samsung Electronics Co., Ltd., SNU R&DB Foundation, Industry-Academic Cooperation Foundation, Chosun University
    Inventors: Jong-Seon No, Joonwoo Lee, Young-Sik Kim, Yongwoo Lee, Eunsang Lee
  • Patent number: 12182309
    Abstract: A method and a system are disclosed for generating a global identifier for linking or unifying a plurality of de-identified customer data received from multiple source environments. The plurality of customer data is de-identified based on a master salt and a master token is generated. The master token is encrypted using a source-encryption key to generate a source token. The source token is also encrypted using a target-encryption key to generate a transfer token. At a central environment or a central storage unit, the transfer token is decrypted and the source token is obtained. Thereafter, source token is decrypted to obtain the master token. At the central storage unit, the master token is hashed with a target salt to generate the global identifier which is subsequently used to unify the plurality of de-identified customer data.
    Type: Grant
    Filed: November 21, 2022
    Date of Patent: December 31, 2024
    Assignee: INNOVACCER INC.
    Inventors: Prashant Kumar, Varun Jain, Mridul Saran
  • Patent number: 12177256
    Abstract: A compliance check system to provide compliance validation for a user system is described. The compliance check system includes a compliance checker plug-in on a device used to access a secured resource. The compliance checker plug-in receives a request for compliance validation prior to providing access to a secured resource, and triggers one or more compliance checkers. In one embodiment, the compliance checker is a device encryption compliance checker configured to determine whether a device drive is encrypted. In one embodiment, the compliance checker is a password compliance checker configured to determine whether passwords in the user system comply with password compliance requirements. The compliance checker plug-in further to verify the compliance status of the device, based on data from the compliance checkers.
    Type: Grant
    Filed: April 17, 2023
    Date of Patent: December 24, 2024
    Assignee: Alertsec Inc.
    Inventors: Ebba Ulrika Margareta Blitz, Leif Olov Billstrom, Kurt Uno Lennartsson, Hans Fredrik Loevstedt, Erik Magnus Ahlberg
  • Patent number: 12169575
    Abstract: A method includes: receiving, by a computing device, user input to move content from an augmented reality (AR) interface to a virtual reality (VR) interface; obtaining, by the computing device, security levels of users in a VR environment associated with the VR interface; determining, by the computing device and based on the security levels, which of the users in the VR environment is permitted to see the content; and changing, by the computing device, at least one of the AR interface to the VR interface based on the determining.
    Type: Grant
    Filed: September 10, 2021
    Date of Patent: December 17, 2024
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Clement Decrop, Jeremy R. Fox, Tushar Agrawal, Sarbajit K. Rakshit