Patents Examined by Habibullah
  • Patent number: 12316665
    Abstract: Systems and methods include a computer-implemented method for presenting a model of cybersecurity. Questionnaire answers corresponding to individual components of each of three elements contributing to cybersecurity risk and maturity for a computer system are received by a four-dimensional cybersecurity assurance model application. Three scores corresponding to dimensions of cybersecurity assurance for the computer system are generated by the four-dimensional cybersecurity assurance model application using the questionnaire answers. A three-dimensional graph presenting a four-dimensional model of cybersecurity assurance for the computer system is generated by the four-dimensional cybersecurity assurance model application using the three scores and temporal information.
    Type: Grant
    Filed: February 11, 2022
    Date of Patent: May 27, 2025
    Assignee: Saudi Arabian Oil Company
    Inventors: John Gwilliams, Sultan Saadaldean Alsharif
  • Patent number: 12259964
    Abstract: Method, systems, and computer-readable media for securely executing a script on a computer appliance are disclosed. A script payload is obtained from a requesting entity via an interface of the computer appliance, the script payload comprising the script and script security data. Multiple authentication factors for the script are obtained from the script security data, the multiple authentication factors comprising at least some nested authentication factors, wherein a first one of the authentication factors is encapsulated within a second one of the authentication factors. A first validation is performed to authenticate the script and the first authentication factor based on the second authentication factor and to generate a validated first authentication factor. A second validation is performed to authenticate the script based on the validated first authentication factor. Responsive to the script being authenticated by the first and second validations, the script is executed on the computer appliance.
    Type: Grant
    Filed: October 27, 2021
    Date of Patent: March 25, 2025
    Inventors: Mortimer Hubin, Charles Desjardins, Jean Bouchard
  • Patent number: 12242879
    Abstract: An approach for protecting container image and runtime data from host access may be presented. Container systems have allowed for more efficient utilization of computing resources, removing the requirement of a hypervisor, and packaging all necessary dependencies within an application. Preventing host access to container image and runtime data can be advantageous for a multitude of reasons. The approach herein may include, flattening a plurality of root file system of a one or more container images into a single layer. The approach may also include generating a container base image for each of the one or more flattened root file system. The approach may include encrypting each of the generated container base images with the flattened root file system.
    Type: Grant
    Filed: July 6, 2022
    Date of Patent: March 4, 2025
    Assignee: International Business Machines Corporation
    Inventors: Wen Yi Gao, Qi Feng Huo, Si Bo Niu, Sen Wang, Dan Li
  • Patent number: 12216766
    Abstract: Techniques are described for assessing container images for vulnerabilities without actually scanning the container images. A vulnerability assessment system (VAS) is described that is configured to perform vulnerabilities assessment for container images. The VAS is configured to perform the vulnerability assessment without scanning the container images. In certain embodiments, the VAS calculates a vulnerability score for the container image where the vulnerability score is indicative of a probability that the container image contains a vulnerability.
    Type: Grant
    Filed: February 4, 2022
    Date of Patent: February 4, 2025
    Assignee: Oracle International Corporation
    Inventor: Olgierd Stanislaw Pieczul
  • Patent number: 12192205
    Abstract: The present disclosure relates to systems, methods, and computer-readable media for utilizing a content access authorization system to determine user access control efficiently and flexibly for digital documents that are stored in different geographic regions. For instance, the content access authorization system can convert sensitive user information for digital documents stored in a first geographic region into a probabilistic data structure that does not include user information and share the probabilistic data structure with a second geographic region. The content access authorization system can then utilize the probabilistic data structure to efficiently pre-filter user document access control for digital documents requested by a user in the second geographic region that are stored in the first geographic region, which significantly saves on latency and computing resource usage by reducing the number of document control access queries needed to be made to the first geographic region.
    Type: Grant
    Filed: June 24, 2022
    Date of Patent: January 7, 2025
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Charitha Herath Daskon Herath Mudiyanselage, Kaare Koehler Hoevik, Åge Andre Kvalnes, Tor Kreutzer, Mohamed Azmil Macksood
  • Patent number: 12165138
    Abstract: Systems, apparatuses and methods may provide for technology to store hardware details associated with a plurality of hardware components of a computing device. The technology further extracts a first hardware identifier from first authentication data received from the computing device, where the first hardware identifier is associated with a first hardware component of the computing device, and determines whether to validate the first hardware component based on a comparison of the first hardware identifier to a first hardware detail of the hardware details.
    Type: Grant
    Filed: March 30, 2022
    Date of Patent: December 10, 2024
    Assignee: MASTERCARD INTERNATIONAL INCORPORATED
    Inventors: Sachin Kumar Singh, Kaushal Shetty
  • Patent number: 12141279
    Abstract: In a backdoor inspection apparatus, a static analysis unit executes static analysis processing for a backdoor on each code block included in target software to be inspected to thereby specify a first code block and a condition, the first code possibly being the backdoor and the first code block being executed under the condition. Next, the static analysis unit outputs the target software to which first information indicating the specified first code block is added and second information indicating the specified condition to a dynamic analysis unit. The dynamic analysis unit controls dynamic analysis processing for the backdoor performed on the target software to which the first information is added based on the first information and the second information.
    Type: Grant
    Filed: August 29, 2019
    Date of Patent: November 12, 2024
    Assignee: NEC Corporation
    Inventors: Takayuki Sasaki, Yusuke Shimada
  • Patent number: 12113796
    Abstract: Secured data access in virtual data processing is described. An example includes instructions to receive a request from an application in a compute node of a compute cluster in a virtual data processing environment to access a secured data source for a user, the virtual data processing environment including a multiple secured data sources that are accessible by compute nodes of the virtual compute cluster; fetch a credential in a current application context and forward the credential for validation; validate the credential with a credential authority; and, upon successfully validating the credential, authenticate the user at the secured data source and establish a connection with the secured data source.
    Type: Grant
    Filed: March 30, 2022
    Date of Patent: October 8, 2024
    Assignee: Hewlett Packard Enterprise Development LP
    Inventors: Xiongbing Ou, Thomas Anthony Phelan, David E. Lee, Ramaswami Kishore
  • Patent number: 12107855
    Abstract: Embodiments of a device and method are disclosed. In an embodiment, a method for network security involves determining whether a device connected to a network port of a switch of a network is a native device or a non-native device for the network and in response to determining whether the device is the native device or the non-native device for the network, performing native device authentication or non-native device authentication.
    Type: Grant
    Filed: March 17, 2022
    Date of Patent: October 1, 2024
    Assignee: Nile Global, Inc.
    Inventors: Suresh Katukam, Promode Nedungadi, Avinash Kumar, Avoy Nanda
  • Patent number: 12086265
    Abstract: Methods, apparatus, and processor-readable storage media for automatically performing varied security scans on distributed files using machine learning techniques are provided herein. An example computer-implemented method includes obtaining at least one input file from one of multiple source channels; identifying a data security scan operation, from a set of multiple data security scan operations, for the at least one input file by processing historical data attributed to the at least one input file using machine learning techniques; executing the identified data security scan operation on the at least one input file; generating a hash of the at least one input file and information pertaining to results of the executed data security scan operation; caching the generated hash in at least one cache; and performing automated actions based on the caching of the generated hash in the at least one cache.
    Type: Grant
    Filed: January 19, 2022
    Date of Patent: September 10, 2024
    Assignee: Dell Products L.P.
    Inventors: Bijan Kumar Mohanty, Vinotth Ramalingam, Subramanya Padubidri, Hung T. Dinh
  • Patent number: 12086240
    Abstract: Malware infection or an abnormal operation caused by a malicious attack is detected in real time, even in an electronic device with relatively inferior processing capacity. An electronic device includes an executable code identification unit configured to receive an executable code string output from a processor, and identify at least an execution address in a user program region of an operating system (OS), and an execution address in a kernel region, and a determination unit configured to check a predetermined feature value obtained at a predetermined timing from an identification result obtained by the executable code identification unit, against a predetermined expected value, and determine that an attack happens, in a case where a difference is equal to or larger than a predetermined difference, and the determination unit notifies the processor of a predetermined abnormality notification signal if the determination unit determines that an attack happens.
    Type: Grant
    Filed: December 7, 2020
    Date of Patent: September 10, 2024
    Assignee: HITACHI, LTD.
    Inventors: Kenichi Shimbo, Tadanobu Toba
  • Patent number: 12047377
    Abstract: Techniques are disclosed for restricting operations between two attached two compute instances. An infrastructure and a generalized method is described for attaching two or more cloud resources (e.g., two compute instances) in spite of the compute resources being provisioned by two different services from different cloud tenancies, and then modifying the allowed operations that can be performed due to the attachment.
    Type: Grant
    Filed: August 27, 2021
    Date of Patent: July 23, 2024
    Assignee: ORACLE INTERNATIONAL CORPORATION
    Inventors: A M Helali Mortuza Bhuiyan, Girish Nagaraja, Jyotishman Nag, Sahitya Gollapudi
  • Patent number: 12047388
    Abstract: A hardware detection method includes sending first verification data to a physical carrier, where the physical carrier carries a plurality of pieces of hardware; receiving a ciphertext and binding relationship information from the physical carrier, where the ciphertext is obtained after at least two of the pieces of hardware respectively encrypt the first verification data using respective keys, and where the binding relationship information indicates a binding relationship between the at least two pieces of hardware; verifying the ciphertext and the binding relationship information; and determining security of the at least two pieces of hardware based on a verification result.
    Type: Grant
    Filed: January 21, 2022
    Date of Patent: July 23, 2024
    Assignee: HUAWEI TECHNOLOGIES CO., LTD.
    Inventors: Mengnan Zhang, Lizhong Qiao, Haiwu Chen