Patents Examined by Ellen Tran
  • Patent number: 10917384
    Abstract: Methods, systems, and media for modifying firewall rules based on dynamic Internet Protocol (IP) addresses are provided. In some embodiments, the method comprises: receiving, from a database server, a request to modify a firewall rule of a firewall protecting a remote computer, wherein the request includes an IP address of a user device initiating a connection to the remote computer, and wherein the firewall rule indicates IP addresses of devices allowed to establish connections to the remote computer; determining whether the IP address of the user device is to be added to the firewall rule; and in response to determining that the IP address of the user device is to be added to the firewall rule, adding the current IP address to the firewall rule.
    Type: Grant
    Filed: September 12, 2017
    Date of Patent: February 9, 2021
    Assignees: Synergex Group, Pham Holdings, Inc.
    Inventor: Thien Van Pham
  • Patent number: 10904214
    Abstract: A method includes, for a storage unit of a set of storage units of the DSN, performing at least one of determining whether a data access request for the storage unit is atypical, determining whether an error rate for the storage unit is atypical, and determining whether a response rate for the storage unit is atypical. When the at least one of the data access request, the error rate, and the response rate for the storage unit is atypical, the method continues by identifying the storage unit as having a security risk. The method continues by executing a security response for the storage unit based on the security risk.
    Type: Grant
    Filed: May 10, 2019
    Date of Patent: January 26, 2021
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventor: Bart R. Cilfone
  • Patent number: 10896260
    Abstract: A system for determining vulnerability of an application container is provided. The system receives a report associating a first version of a software package with a vulnerability and a second version of the software package as being an update that fixes the vulnerability. The system receives the first version and the second version of the software package. The second version has one or more files that correspond to files in the first version. The system identifies a changed file in the first version of the software package that is different from a corresponding file in the second version of the software package. The system identifies a container file in an application container that matches the changed file in the first version of the software package. The system associates the identified container file with the vulnerability.
    Type: Grant
    Filed: October 16, 2018
    Date of Patent: January 19, 2021
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Shripad Nadgowda, Sastry Duri
  • Patent number: 10880278
    Abstract: In some aspects, a key establishment protocol is executed to generate a shared secret. A first entity calculates a first image curve EB representing an image of an elliptic curve E under a first isogeny ?B; calculates the shared secret based on the first image curve EB; receives a second image curve EA and a first pair of elliptic curve points {?A(PB), ?A(QB)} and from a second entity; obtains a basis {R, S}; calculates a third image curve EBA representing an image of the second image curve EA under a second isogeny ?B; calculates a third pair of elliptic curve points {?B(R), ?B(S)}; and sends the third image curve EBA and the third pair of elliptic curve points {?B(R), ?B(S)} to the second entity, wherein the third image curve EBA and the third pair of elliptic curve points {?B(R), ?B(S)} enable the second entity to compute the shared secret.
    Type: Grant
    Filed: October 3, 2019
    Date of Patent: December 29, 2020
    Assignee: ISARA Corporation
    Inventors: Victoria de Quehen, Edward William Eaton, Gustav Michael Gutoski, Christopher Leonardi
  • Patent number: 10873590
    Abstract: Disclosed are systems and methods for cloud detection, investigation and elimination of targeted attacks. In one exemplary aspect, the system comprises a computer protection module configured to: gather information on an object in a computer in a network; and save a security notification with the object in an object database in the network; and a module for protection against targeted attacks configured to: search for the object in a threat database in the network; add one or more tags to the object when the object is found in the threat database and adding a correspondence between a record in the object database and the threat database; and determine that a computer attack has occurred when the one or more tags correspond to signatures in a database of computer attacks.
    Type: Grant
    Filed: March 16, 2018
    Date of Patent: December 22, 2020
    Assignee: AO Kaspersky Lab
    Inventors: Sergey V. Gordeychik, Konstantin V. Sapronov, Yury G. Parshin, Teymur S. Kheirkhabarov, Sergey V. Soldatov
  • Patent number: 10873448
    Abstract: An invention aimed at keeping in a secret and indecipherable form any type of information or data that can be stored, transmitted, displayed or expressed by any means or format, regardless of what its content or purpose may be and to keep the original information inaccessible to unauthorized persons, by means of a cryptographic technique, procedure or process of encryption widely applicable, either physically (hardware), logically (software) or mixed (Firmware) and other forms that may be created in the future.
    Type: Grant
    Filed: November 28, 2016
    Date of Patent: December 22, 2020
    Inventors: Agustin Murguia Cosentino, Santiago Murguia Cosentino, Julian Murguia Hughes
  • Patent number: 10872156
    Abstract: A method of scanning software code to identify security flaws or risks and reporting those flaws or risks to a software developer or other interested party, where the software code is written in a language for which a vulnerability scanner is not available.
    Type: Grant
    Filed: August 10, 2018
    Date of Patent: December 22, 2020
    Assignee: JPMORGAN CHASE BANK, N.A.
    Inventors: Laura J Schornack, Anna Borowski, Sandeep V Chandan, Sonia L D'Souza, Derek M Ferguson, Daniel F Gleeson, Sreevani Rachakonda, Kaushik Ravichandran, Ankit Shah, Dayann Thompson, Arunkumar Unniparambath
  • Patent number: 10868800
    Abstract: A secure communication system includes a wearable secure communication device which may receive and transmit information via a network. A wearable secure communication device may include a noise generator. The wearable secure communication device further includes a power input connection. Additionally, the wearable secure communication device may include a communication processor. The secure communication system and the wearable secure communication device may provide access to a secure information exchange system.
    Type: Grant
    Filed: August 3, 2018
    Date of Patent: December 15, 2020
    Assignee: WK Consulting, LLC
    Inventor: Wallace Lindsey
  • Patent number: 10862895
    Abstract: Systems and methods for NAC access policy creation and reconfiguration of access points to enforce same are provided. A NAC device maintains (i) an access point model that maps logical networks to a corresponding enforcement action implementation for each access point associated with a private network and (ii) access policies each specifying a current state of a particular endpoint device and an enforcement action, specified with reference to a logical network. Responsive to an event associated with an endpoint, the NAC device receives an attribute of the endpoint. A matching access policy is identified based on the attribute. The corresponding enforcement action implementation for the access point to which the endpoint is connected is retrieved based on the logical network specified in the matching access policy. Finally, the access point is reconfigured by the NAC device to perform the enforcement action based on the retrieved enforcement action implementation.
    Type: Grant
    Filed: October 8, 2018
    Date of Patent: December 8, 2020
    Assignee: Fortinet, Inc.
    Inventor: Bradley J. Trimby
  • Patent number: 10860723
    Abstract: A compliance checker to verify that a device complies with a policy is described. In one embodiment, the compliance checker comprises a compliance checker agent, to initiate the compliance check, in response to receiving the request, and an encryption checker upper driver above a level of a disk encryption driver, and an encryption checker lower driver, below the level of the disk encryption driver with a comparator to determine whether known data read from the upper driver is identical to known data read from the lower driver. The compliance checker plug-in in one embodiment verifies the compliance status of the device, based on the data from the comparator.
    Type: Grant
    Filed: October 19, 2016
    Date of Patent: December 8, 2020
    Assignee: Alertsec, Inc.
    Inventors: Ebba Ulrika Margareta Blitz, Leif Olov Billstrom, Kurt Uno Lennartsson, Hans Fredrik Loevstedt, Erik Magnus Ahlberg
  • Patent number: 10855659
    Abstract: An apparatus for securely configuring a tenant VLAN includes a processor and a memory that stores code executable by the processor. The code is executable by the processor to detect connection of a new device to a computing system. The new device is designated for use by a new tenant and the new device in a default state prior to configuration for use by the new tenant. The computing system is a multi-tenant system. The code is executable by the processor to command the new device to enter a provisioning state in response to detecting connection of the new device. The new device in the provisioning state is unable to access operational equipment of the computing system and data stored by tenants of the computing system.
    Type: Grant
    Filed: September 12, 2017
    Date of Patent: December 1, 2020
    Assignee: LENOVO Enterprise Solutions (Singapore) PTE. LTD
    Inventors: Gary D. Cudak, Fred A. Bower
  • Patent number: 10855689
    Abstract: Obtaining information may be increasingly more challenging in modern times. The systems described herein enable a user to have access to one or more data streams. For example, the data stream may include messages from a famous person provided to an online social networking service, where the messages may be limited character messages. Yet, in some instances, the data stream may also include images posted on a blog, videos posted on a social networking service for connecting people, a list of searches and/or search strings by a famous person, and a number of purchase orders by an actress. The systems may also control the user's access to the one or more data streams, possibly limiting the access to portions of the one or more data streams.
    Type: Grant
    Filed: February 25, 2019
    Date of Patent: December 1, 2020
    Assignee: PayPal, Inc.
    Inventors: Akshay Sanjeevaiah Krishnaiah, Sandy Lynn Godsey, Michael Charles Todasco, Rohan Baddam, Cheng Tian, Philip Chuang, Srivathsan Narasimhan
  • Patent number: 10841099
    Abstract: Method for generating a digital signature for a digital content using a computer and trustworthy signature hardware connected thereto for data exchange, includes generating a message digest from the digital content by an application executed on the computer; generating descriptive data relating to the electronic digital signature; transmitting the message digest and the descriptive data to the trustworthy signature hardware; outputting the descriptive data at an output device of the trustworthy signature hardware; carrying out a user interaction as precondition for the continuation of the method; generating signature data from the message digest and the descriptive data by the trustworthy signature hardware; and transmitting the signature data from the trustworthy signature hardware to the computer and in particular the application.
    Type: Grant
    Filed: July 17, 2015
    Date of Patent: November 17, 2020
    Assignee: BUNDESDRUCKEREI GMBH
    Inventor: Frank Morgner
  • Patent number: 10833852
    Abstract: Techniques to transmit encoded data along a physical medium, e.g. tape, and decode the transmitted data along the physical medium are provided. Some techniques include logic to encode data transmitted along a physical medium, such as a tape suitable for any purpose including the encoding of multimedia data, where the encoding is pursuant to a conversion between a first and second colorspace. The logic may further be configured to decode the data once it is received at a node along the tape, where the colorspace conversion provides the basis, key, or cipher for preforming the decoding operation. The logic may be further configured to alter the encryption and decryption basis, key, or cypher by altering the colorspace scheme defining the encoding (and by extension the decoding) during transmission, including a transmission that takes place after a previous transmission governed by the previously defined (and subsequently altered) colorspace conversion scheme. Other embodiments are described and claimed.
    Type: Grant
    Filed: October 3, 2019
    Date of Patent: November 10, 2020
    Assignee: Capital One Services, LLC
    Inventors: Jeremy Edward Goodsitt, Austin Grant Walters
  • Patent number: 10834109
    Abstract: Particular embodiments described herein provide for an electronic device that can be configured to identify a process running on the electronic device, assign a reputation to the process if the process has a known reputation, determine if the process includes executable code, determine a reputation for the executable code, and combine the reputation for the executable code with the reputation assigned to the process to create a new reputation for the process.
    Type: Grant
    Filed: December 23, 2014
    Date of Patent: November 10, 2020
    Assignee: McAfee, LLC
    Inventor: Joel R. Spurlock
  • Patent number: 10834130
    Abstract: A method by a security system for detecting malicious attempts to access a decoy database object in a database. The database includes database objects accessible by clients of the database called database clients. The method includes detecting access to a decoy database object of the database is being attempted by a database client over a connection to the database, where the decoy database object is a database object that is created for the purpose of deceiving an attacker as opposed to being a legitimate database object, determining that the connection is of an application connection type, where the application connection type is a type of connection over which queries generated by a database client are submitted, and responsive to the determination that the connection is of the application connection type, causing an alert to be generated.
    Type: Grant
    Filed: March 16, 2018
    Date of Patent: November 10, 2020
    Assignee: Imperva, Inc.
    Inventors: Elad Erez, Amichai Shulman
  • Patent number: 10819519
    Abstract: Data can be protected in a centralized tokenization environment. A security value is received by a central server from a client device. The central server accesses a token table corresponding to the client device and generates a reshuffled static token table from the accessed token table based on the received security value. When the client device subsequently provides data to be protected to the central server, the central server tokenizes the provided data using the reshuffled static token table and stores the tokenized data in a multi-tenant database. By reshuffling token tables using security values unique to client devices, the central server can protect and store data for each of multiple tenants such that if the data of one tenant is compromised, the data of each other tenant is not compromised.
    Type: Grant
    Filed: November 13, 2018
    Date of Patent: October 27, 2020
    Assignee: Protegrity Corporation
    Inventors: David Clyde Williamson, George Curran, Raul Ortega, Jan Boberg, Rajnish Jain, Yigal Rozenberg
  • Patent number: 10812501
    Abstract: Techniques for Domain Generation Algorithm (DGA) behavior detection are provided. In some embodiments, a system, process, and/or computer program product for DGA behavior detection includes receiving passive Domain Name System (DNS) data that comprises a plurality of DNS responses at a security device; and applying a signature to the passive DNS data to detect DGA behavior, in which applying the signature to the passive DNS data to detect DGA behavior further comprises: parsing each of the plurality of DNS responses to determine whether one or more of the plurality of DNS responses correspond to a non-existent domain (NXDOMAIN) response.
    Type: Grant
    Filed: February 1, 2018
    Date of Patent: October 20, 2020
    Assignee: Palo Alto Networks, Inc.
    Inventors: Wei Xu, Xin Ouyang
  • Patent number: 10790963
    Abstract: The blockchain generation apparatus 1 includes: a synchronizer 121 that acquires shared data 111 which includes the blockchain data 112 and transaction datasets 113 not included in the blockchain data 112; a transaction pattern count calculator 124 that calculates the number of transaction patterns for a generating party using the blockchain generation apparatus 1, based on the transaction datasets which are in the blockchain data 112 and are related to an identifier of the generating party; a block generation condition checker 125 that determines whether the generating party is qualified to generate the new blockchain data, based on the number of transaction patterns calculated by the transaction pattern count calculator; and a blockchain generator 126 that tries to generate the new blockchain by referring to the shared data 111 if the block generation condition checker 125 determines that the generating party is qualified.
    Type: Grant
    Filed: November 8, 2016
    Date of Patent: September 29, 2020
    Assignee: Nippon Telegraph and Telephone Corporation
    Inventors: Hiroki Watanabe, Akihito Akutsu, Yasuhiko Miyazaki, Atsushi Nakadaira, Shigeru Fujimura, Junichi Kishigami
  • Patent number: 10778431
    Abstract: An encryption device (500) includes an encryption unit (504), a detection element generation unit (505), and a transmission unit (506). The encryption unit (504) encrypts a plain text by using one of a pair of keys to generate an encrypted text into which the plain text has been encrypted and which can be subjected to homomorphic computation. The detection element generation unit (505) generates a detection element E used to detect a change in the encrypted text by using the one key and the encrypted text. The transmission unit (506) transmits the encrypted text and the detection element.
    Type: Grant
    Filed: January 18, 2016
    Date of Patent: September 15, 2020
    Assignee: MITSUBISHI ELECTRIC CORPORATION
    Inventors: Yutaka Kawai, Takato Hirano, Yoshihiro Koseki