Patents Examined by Farid Homayounmehr
  • Patent number: 11503007
    Abstract: Systems, methods, and use-cases of multi-modal authentications and content distribution are presented. A content consumer can capture a multi-modal digital representation of multiple objects where a juxtaposition of features derived from the digital representation can be used to recognize that at least some of the objects are a valid authentication object. Upon authentication, an authentication agent determines a content access level for content associated with the corresponding to the juxtaposition. The content can then be presented on an electronic device, possibly within a secure virtual machine, according to the content access level.
    Type: Grant
    Filed: October 15, 2020
    Date of Patent: November 15, 2022
    Assignee: Nant Holdings IP, LLC
    Inventor: Patrick Soon-Shiong
  • Patent number: 11502995
    Abstract: Users of an endpoint remediation system can be assigned to different roles, from which they can request exceptions, approve exceptions, and/or enable remediation on endpoint devices. The compliance scanning and enforcing process can be automated, while allowing entities to request and/or approve certain exceptions. Therefore, security compliance for customers can be actively managed to provide visibility to the endpoint device compliance state at any time.
    Type: Grant
    Filed: December 14, 2017
    Date of Patent: November 15, 2022
    Assignee: KYNDRYL, INC.
    Inventors: Constantin Mircea Adam, Richard Jay Cohen, Robert Filepp, Milton H. Hernandez, Brian Peterson, Maja Vukovic, Sai Zeng, Guan Qun Zhang, Bhavna Agrawal
  • Patent number: 11495088
    Abstract: A computer-implemented method of authenticating a memory of a gaming machine uses a computing device having a processor communicatively coupled to a memory. The method includes identifying a first subset of the memory including one or more operational data components associated with operating the gaming machine. The method also includes identifying a second subset of the memory. At least some of the second subset of the memory is distinct from the first subset of the memory. The method further includes authenticating the first subset of the memory while the gaming machine is in a disabled state. The method also includes enabling operation of the gaming machine after said authenticating the first subset of the memory if the authentication of the first subset of the memory is successful. The method further includes authenticating the second subset of the memory while the gaming machine is in an enabled state.
    Type: Grant
    Filed: November 18, 2019
    Date of Patent: November 8, 2022
    Assignee: Video Gaming Technologies, Inc.
    Inventor: Michael Oberberger
  • Patent number: 11481227
    Abstract: A method can include evaluating each of a plurality of collaborative systems, using a processor, for suitability hosting an artifact according to at least one attribute of the artifact. A first collaborative system can be selected from the plurality of collaborative systems according to the evaluation. The artifact can be stored in the first collaborative system.
    Type: Grant
    Filed: October 14, 2019
    Date of Patent: October 25, 2022
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Thomas J. Burris, Manish Kataria
  • Patent number: 11477232
    Abstract: Disclosed herein are systems and method for anti-virus scanning of backup data at a centralized storage. In an exemplary aspect, a method may receive, at the centralized storage, a backup slice from each respective computing device in a plurality of computing devices, wherein the centralized storage comprises, for each respective computing device, a respective backup archive including a plurality of backup slices. The method may mount the received backup slice as a virtual disk. The method may detect, for the respective computing device, a change between the mounted virtual disk and any number of previous backup slices and may evaluate the change against behavioral rules to identify malicious behavior. In response to determining that the change exhibits malicious behavior, the method may execute a remediation action to prevent an attack on the plurality of computing devices or the centralized storage.
    Type: Grant
    Filed: June 22, 2020
    Date of Patent: October 18, 2022
    Assignee: Acronis International GmbH
    Inventors: Andrey Kulaga, Vladimir Strogov, Sergey Ulasen, Oleg Ishanov, Igor Kornachev, Nikolay Grebennikov, Stanislav Protasov, Serguei Beloussov
  • Patent number: 11470029
    Abstract: Machine learning based methods for the analysis and reporting of suspicious email are disclosed. In one aspect, there is a method that includes displaying a user-selectable icon to report a suspicious electronic message. The method further includes receiving selections of the electronic message and the user-selectable icon. The method further includes quarantining the electronic message in response to the selections. The method further includes electronically communicating the electronic message to a processor for performing threat analysis in response to the selections. The method further includes receiving a response message in response to the performed threat analysis, the response message indicating a threat status of the electronic message.
    Type: Grant
    Filed: October 31, 2018
    Date of Patent: October 11, 2022
    Assignee: Edgewave, Inc.
    Inventors: Louis Ryan, Robert Crowe, Steven Christopher Kelley, John Randall, Gang Ding
  • Patent number: 11455433
    Abstract: In one embodiment, a system on chip includes a dynamic voltage and frequency scaling (DVFS) power supply, a secure environment, a non-secure environment, and a power supply management control module. The secure environment is configured to generate a secure instruction defining a permitted operating point of voltage and frequency for the DVFS power supply. The non-secure environment is configured to generate a request to modify the DVFS power supply, where the request to modify includes a voltage-frequency operating point. The power supply management control module is configured to scale the DVFS power supply to the permitted operating point, in response to the request to modify the DVFS power supply.
    Type: Grant
    Filed: September 23, 2019
    Date of Patent: September 27, 2022
    Assignee: STMICROELECTRONICS (GRAND OUEST) SAS
    Inventors: Arnaud Rosay, Gerald Lejeune, Jean Nicolas Graux, Olivier Claude LeBreton
  • Patent number: 11451394
    Abstract: Methods and systems for performing demographics filtering based on biometric information are disclosed. An access terminal can capture a biometric instance corresponding to a user, such as a fingerprint scan, iris scan, etc. The access terminal can determine demographics information from the biometric instance, such as the age, biological sex, or ethnicity of the user. The access terminal can compare the demographics information to demographics information stored on a group of mobile devices corresponding to a group of users, in order to identify candidate user mobile devices. Once candidate user mobile devices are identified, the access terminal can perform a biometric match between the biometric instance corresponding to the user and biometric instances stored on the candidate user mobile devices. Once a biometric match and the corresponding mobile device are determined, the access terminal can conduct a further interaction with the mobile device.
    Type: Grant
    Filed: July 27, 2018
    Date of Patent: September 20, 2022
    Assignee: Visa International Service Association
    Inventors: Sunpreet Singh Arora, Kim Wagner, John F. Sheets
  • Patent number: 11451373
    Abstract: An example operation may include one or more of authenticating a user, by a first system node, based on a first set of user credentials, computing, by the first system node, a second set of user credentials for a second system node, testing the second system node, by the first system node, to determine if the second system node has a user with the second set of the user credentials, and responsive to the second system node not having the user with the second set of the user credentials, creating a user with the second set of the user credentials.
    Type: Grant
    Filed: April 1, 2020
    Date of Patent: September 20, 2022
    Assignee: International Business Machines Corporation
    Inventors: James Arthur Lindeman, Danny Soroker, Lisa Frankel
  • Patent number: 11436373
    Abstract: Systems and methods are disclosed detecting whether calls to consent rejection functions originate with an automated tool or a human user. The system can determine that a calls to a consent rejection function are likely from an automated tool by determining that a rate and/or number of calls to a function exceeds a threshold and/or that the calls are received before the interface requesting user consent preferences has been rendered to the user. The system can also require that a function call include a token that an automated tool would not have knowledge of or access to and reject function calls without this token. The system can also use private consent rejection function calls with obfuscated names and/or provide a follow up consent rejections confirmation interface requiring human user input before process a consent rejection.
    Type: Grant
    Filed: September 15, 2021
    Date of Patent: September 6, 2022
    Assignee: OneTrust, LLC
    Inventors: Jonathan Blake Brannon, Patrick Whitney, Sharath Chandra Chavva
  • Patent number: 11425164
    Abstract: Distributed storage of a file in edge storage devices that is resilient to eavesdropping adversaries and Byzantine adversaries. Approaches include a cost-efficient approach in which an authorized user has access to the content of all edge storage nodes. In this approach, key blocks and file blocks that are masked with key blocks are saved in the edge storage nodes. Additionally, redundant data for purposes of error correction are also stored. In turn, upon retrieval of all blocks, errors introduced by a Byzantine adversary may be corrected. In a loss resilient approach, redundant data is stored along with masked file partitions. Upon retrieval of blocks from the edge storage nodes, a unique approach to solving for the unknown file partition values is applied with identification of corrupt nodes based on an average residual error value for each storage node.
    Type: Grant
    Filed: August 28, 2020
    Date of Patent: August 23, 2022
    Assignee: SEAGATE TECHNOLOGY LLC
    Inventor: Yasaman Keshtkarjahromi
  • Patent number: 11423139
    Abstract: An information processing apparatus includes a rewrite request receiving unit configured to receive a rewrite request for rewriting an execution module, an update module determination unit configured to determine whether an update module that issues the rewrite request is an authorized module, a first falsification detection unit configured to detect falsification of a whitelist, an unauthorized-rewriting prevention unit configured to prevent unauthorized rewriting while maintaining a function of the information processing apparatus by rejecting the rewrite request without stopping the function of the information processing apparatus, in a case where the execution module for which the rewrite request is issued is registered in a whitelist for which the first falsification detection unit determines that no falsification is made and where the rewrite request is issued by an update module for which the update module determination unit determines to be an unauthorized update module.
    Type: Grant
    Filed: June 22, 2020
    Date of Patent: August 23, 2022
    Assignee: Canon Kabushiki Kaisha
    Inventors: Ayuta Kawazu, Nobuhiro Tagashira, Takami Eguchi
  • Patent number: 11425118
    Abstract: A centralized gateway server receives a first user request, configured to operate with a first development platform, indicating a first operation to be performed on behalf of a first user. The centralized gateway server generates a first service request for performing the first operation, and transmits the first service request to a server associated with a service, to cause the server to perform the first operation on behalf of the first user. The centralized gateway server also receives a second user request indicating a second operation. The second user request is configured to operate with a second development platform different from the first development platform. The centralized gateway server generates a second service request for performing the second operation, and transmits the second service request to the server to cause the server to perform the second operation.
    Type: Grant
    Filed: August 6, 2018
    Date of Patent: August 23, 2022
    Assignee: Giesecke+Devrient Mobile Security America, Inc.
    Inventor: Mehdi Zadeh Heidari
  • Patent number: 11418677
    Abstract: A method for preventing image modification, an image capturing device and an image verification method are disclosed. The image modification method includes: processing a compressed image of at least one frame to obtain feature data of the compressed image of the at least one frame; encrypting the feature data to generate a checksum; generating supplemental enhancement information, which at least includes a time parameter and the checksum; and transmitting and/or storing the supplemental enhancement information and the compressed image of the at least one frame together so as to verify authenticity of the compressed image of the at least one frame by using the supplemental enhancement information. The time parameter is a counter value of a counter in the image capturing device and the counter value continuously increases. With the above method, authenticity of image data can be verified.
    Type: Grant
    Filed: November 8, 2018
    Date of Patent: August 16, 2022
    Assignee: SIGMASTAR TECHNOLOGY LTD.
    Inventor: Lijing Chen
  • Patent number: 11418319
    Abstract: Embodiments may provide distance computations on homomorphic and/or functional encrypted vectors while detecting whether the resulting distance has wrapped around due to the vectors having elements not in an allowed range. A method of user authentication processing may comprise receiving and storing enrollment information from a client computer system, the enrollment information comprising a template of authentication data and at least one additional encrypted vector, receiving an additional template to be used to authenticate the user from the client computer system, authenticating the user using the received additional template using the stored template and the stored at least one additional encrypted vector, and determining that authentication is successful when the received additional template matches the stored template and is valid based on the stored at least one additional encrypted vector.
    Type: Grant
    Filed: April 30, 2020
    Date of Patent: August 16, 2022
    Assignee: International Business Machines Corporation
    Inventors: Ehud Aharoni, Allon Adir, Lev Greenberg, Omri Soceanu, Ariel Farkash
  • Patent number: 11411737
    Abstract: A Zero Knowledge Proof (ZKP)-based privacy protection method and system for authenticated data in a smart contract wherein initialization is performed. Inputting a security parameter obtains a public parameter. A Data Authenticator (DA) generates a public/private key pair. A key pair is generated using the public parameter and a verification circuit as inputs, the key pair including a proof and a verification key. Authentication on private data of a Decentralized App (DApp) User (DU) is performed using the private key of the DA, and generates a signature. A DU prover terminal inputs private data as an input value and a calculation result and hash value as output values. The DU generates a ZKP using the proof key. A validator verifies whether the ZKP is correct. If verification passes, the calculation result is correct; otherwise the calculation result is wrong. The validator executes a smart contract based on the verification result.
    Type: Grant
    Filed: November 19, 2019
    Date of Patent: August 9, 2022
    Assignee: SHANDONG UNIVERSITY
    Inventors: Zhiguo Wan, Zhangshuang Guan
  • Patent number: 11409871
    Abstract: A method for identifying suspicious activity on a monitored computing device is described. In one embodiment, the method may include monitoring a local procedure call interface of the monitored computing device, identifying, based at least in part on the monitoring, a remote procedure call (RPC) of a suspicious process, the RPC being transmitted over a local procedure call message of the local procedure call interface, analyzing the RPC of the suspicious process, and performing a security action based at least in part on the analyzing.
    Type: Grant
    Filed: March 22, 2019
    Date of Patent: August 9, 2022
    Assignee: CA, Inc.
    Inventors: Bahaa Naamneh, Felix Leder
  • Patent number: 11405420
    Abstract: Distributed storage of a file in edge storage devices that is resilient to eavesdropping adversaries and Byzantine adversaries. Approaches include a cost-efficient approach in which an authorized user has access to the content of all edge storage nodes. In this approach, key blocks and file blocks that are masked with key blocks are saved in the edge storage nodes. Additionally, redundant data for purposes of error correction are also stored. In turn, upon retrieval of all blocks, errors introduced by a Byzantine adversary may be corrected. In a loss resilient approach, redundant data is stored along with masked file partitions. Upon retrieval of blocks from the edge storage nodes, a unique approach to solving for the unknown file partition values is applied with identification of corrupt nodes based on an average residual error value for each storage node.
    Type: Grant
    Filed: August 28, 2020
    Date of Patent: August 2, 2022
    Assignee: SEAGATE TECHNOLOGY LLC
    Inventor: Yasaman Keshtkarjahromi
  • Patent number: 11386216
    Abstract: Embodiments relate to a system, program product, and method for use with a computer platform to support privacy preservation. The platform measures and verifies data privacy provided by a shared resource service provider. An assessment is utilized to support the privacy preservation with respect to a data steward, and associated shared data. It is understood that data associated with a data service has an expected level of privacy. A privacy score directly correlating to a leakage indicator of the service is formed, and an associated data container is populated with inferred entities deemed to at least meet a preferred privacy level. The privacy score effectively certifies the security of the populated data container.
    Type: Grant
    Filed: November 13, 2018
    Date of Patent: July 12, 2022
    Assignee: International Business Machines Corporation
    Inventors: Dimitrios Skourtis, Nathalie Baracaldo Angel, Rui Zhang
  • Patent number: 11381595
    Abstract: Preventing Transport Layer Security session man-in-the-middle attacks is provided. A first security digest generated by an endpoint device is compared with a second security digest received from a peer device. It is determined whether a match exists between the first security digest and the second security digest based on the comparison. In response to determining that a match does not exist between the first security digest and the second security digest, a man-in-the-middle attack is detected and a network connection for a Transport Layer Security session is terminated with the peer device.
    Type: Grant
    Filed: November 9, 2018
    Date of Patent: July 5, 2022
    Assignee: International Business Machines Corporation
    Inventors: Wei-Hsiang Hsiung, Sheng-Tung Hsu, Kuo-Chun Chen, Chih-Hung Chou