Patents Examined by Habibullah
-
Patent number: 12316665Abstract: Systems and methods include a computer-implemented method for presenting a model of cybersecurity. Questionnaire answers corresponding to individual components of each of three elements contributing to cybersecurity risk and maturity for a computer system are received by a four-dimensional cybersecurity assurance model application. Three scores corresponding to dimensions of cybersecurity assurance for the computer system are generated by the four-dimensional cybersecurity assurance model application using the questionnaire answers. A three-dimensional graph presenting a four-dimensional model of cybersecurity assurance for the computer system is generated by the four-dimensional cybersecurity assurance model application using the three scores and temporal information.Type: GrantFiled: February 11, 2022Date of Patent: May 27, 2025Assignee: Saudi Arabian Oil CompanyInventors: John Gwilliams, Sultan Saadaldean Alsharif
-
Patent number: 12259964Abstract: Method, systems, and computer-readable media for securely executing a script on a computer appliance are disclosed. A script payload is obtained from a requesting entity via an interface of the computer appliance, the script payload comprising the script and script security data. Multiple authentication factors for the script are obtained from the script security data, the multiple authentication factors comprising at least some nested authentication factors, wherein a first one of the authentication factors is encapsulated within a second one of the authentication factors. A first validation is performed to authenticate the script and the first authentication factor based on the second authentication factor and to generate a validated first authentication factor. A second validation is performed to authenticate the script based on the validated first authentication factor. Responsive to the script being authenticated by the first and second validations, the script is executed on the computer appliance.Type: GrantFiled: October 27, 2021Date of Patent: March 25, 2025Inventors: Mortimer Hubin, Charles Desjardins, Jean Bouchard
-
Patent number: 12242879Abstract: An approach for protecting container image and runtime data from host access may be presented. Container systems have allowed for more efficient utilization of computing resources, removing the requirement of a hypervisor, and packaging all necessary dependencies within an application. Preventing host access to container image and runtime data can be advantageous for a multitude of reasons. The approach herein may include, flattening a plurality of root file system of a one or more container images into a single layer. The approach may also include generating a container base image for each of the one or more flattened root file system. The approach may include encrypting each of the generated container base images with the flattened root file system.Type: GrantFiled: July 6, 2022Date of Patent: March 4, 2025Assignee: International Business Machines CorporationInventors: Wen Yi Gao, Qi Feng Huo, Si Bo Niu, Sen Wang, Dan Li
-
Patent number: 12216766Abstract: Techniques are described for assessing container images for vulnerabilities without actually scanning the container images. A vulnerability assessment system (VAS) is described that is configured to perform vulnerabilities assessment for container images. The VAS is configured to perform the vulnerability assessment without scanning the container images. In certain embodiments, the VAS calculates a vulnerability score for the container image where the vulnerability score is indicative of a probability that the container image contains a vulnerability.Type: GrantFiled: February 4, 2022Date of Patent: February 4, 2025Assignee: Oracle International CorporationInventor: Olgierd Stanislaw Pieczul
-
Patent number: 12192205Abstract: The present disclosure relates to systems, methods, and computer-readable media for utilizing a content access authorization system to determine user access control efficiently and flexibly for digital documents that are stored in different geographic regions. For instance, the content access authorization system can convert sensitive user information for digital documents stored in a first geographic region into a probabilistic data structure that does not include user information and share the probabilistic data structure with a second geographic region. The content access authorization system can then utilize the probabilistic data structure to efficiently pre-filter user document access control for digital documents requested by a user in the second geographic region that are stored in the first geographic region, which significantly saves on latency and computing resource usage by reducing the number of document control access queries needed to be made to the first geographic region.Type: GrantFiled: June 24, 2022Date of Patent: January 7, 2025Assignee: Microsoft Technology Licensing, LLCInventors: Charitha Herath Daskon Herath Mudiyanselage, Kaare Koehler Hoevik, Åge Andre Kvalnes, Tor Kreutzer, Mohamed Azmil Macksood
-
Patent number: 12165138Abstract: Systems, apparatuses and methods may provide for technology to store hardware details associated with a plurality of hardware components of a computing device. The technology further extracts a first hardware identifier from first authentication data received from the computing device, where the first hardware identifier is associated with a first hardware component of the computing device, and determines whether to validate the first hardware component based on a comparison of the first hardware identifier to a first hardware detail of the hardware details.Type: GrantFiled: March 30, 2022Date of Patent: December 10, 2024Assignee: MASTERCARD INTERNATIONAL INCORPORATEDInventors: Sachin Kumar Singh, Kaushal Shetty
-
Patent number: 12141279Abstract: In a backdoor inspection apparatus, a static analysis unit executes static analysis processing for a backdoor on each code block included in target software to be inspected to thereby specify a first code block and a condition, the first code possibly being the backdoor and the first code block being executed under the condition. Next, the static analysis unit outputs the target software to which first information indicating the specified first code block is added and second information indicating the specified condition to a dynamic analysis unit. The dynamic analysis unit controls dynamic analysis processing for the backdoor performed on the target software to which the first information is added based on the first information and the second information.Type: GrantFiled: August 29, 2019Date of Patent: November 12, 2024Assignee: NEC CorporationInventors: Takayuki Sasaki, Yusuke Shimada
-
Patent number: 12113796Abstract: Secured data access in virtual data processing is described. An example includes instructions to receive a request from an application in a compute node of a compute cluster in a virtual data processing environment to access a secured data source for a user, the virtual data processing environment including a multiple secured data sources that are accessible by compute nodes of the virtual compute cluster; fetch a credential in a current application context and forward the credential for validation; validate the credential with a credential authority; and, upon successfully validating the credential, authenticate the user at the secured data source and establish a connection with the secured data source.Type: GrantFiled: March 30, 2022Date of Patent: October 8, 2024Assignee: Hewlett Packard Enterprise Development LPInventors: Xiongbing Ou, Thomas Anthony Phelan, David E. Lee, Ramaswami Kishore
-
Patent number: 12107855Abstract: Embodiments of a device and method are disclosed. In an embodiment, a method for network security involves determining whether a device connected to a network port of a switch of a network is a native device or a non-native device for the network and in response to determining whether the device is the native device or the non-native device for the network, performing native device authentication or non-native device authentication.Type: GrantFiled: March 17, 2022Date of Patent: October 1, 2024Assignee: Nile Global, Inc.Inventors: Suresh Katukam, Promode Nedungadi, Avinash Kumar, Avoy Nanda
-
Patent number: 12086265Abstract: Methods, apparatus, and processor-readable storage media for automatically performing varied security scans on distributed files using machine learning techniques are provided herein. An example computer-implemented method includes obtaining at least one input file from one of multiple source channels; identifying a data security scan operation, from a set of multiple data security scan operations, for the at least one input file by processing historical data attributed to the at least one input file using machine learning techniques; executing the identified data security scan operation on the at least one input file; generating a hash of the at least one input file and information pertaining to results of the executed data security scan operation; caching the generated hash in at least one cache; and performing automated actions based on the caching of the generated hash in the at least one cache.Type: GrantFiled: January 19, 2022Date of Patent: September 10, 2024Assignee: Dell Products L.P.Inventors: Bijan Kumar Mohanty, Vinotth Ramalingam, Subramanya Padubidri, Hung T. Dinh
-
Patent number: 12086240Abstract: Malware infection or an abnormal operation caused by a malicious attack is detected in real time, even in an electronic device with relatively inferior processing capacity. An electronic device includes an executable code identification unit configured to receive an executable code string output from a processor, and identify at least an execution address in a user program region of an operating system (OS), and an execution address in a kernel region, and a determination unit configured to check a predetermined feature value obtained at a predetermined timing from an identification result obtained by the executable code identification unit, against a predetermined expected value, and determine that an attack happens, in a case where a difference is equal to or larger than a predetermined difference, and the determination unit notifies the processor of a predetermined abnormality notification signal if the determination unit determines that an attack happens.Type: GrantFiled: December 7, 2020Date of Patent: September 10, 2024Assignee: HITACHI, LTD.Inventors: Kenichi Shimbo, Tadanobu Toba
-
Patent number: 12047377Abstract: Techniques are disclosed for restricting operations between two attached two compute instances. An infrastructure and a generalized method is described for attaching two or more cloud resources (e.g., two compute instances) in spite of the compute resources being provisioned by two different services from different cloud tenancies, and then modifying the allowed operations that can be performed due to the attachment.Type: GrantFiled: August 27, 2021Date of Patent: July 23, 2024Assignee: ORACLE INTERNATIONAL CORPORATIONInventors: A M Helali Mortuza Bhuiyan, Girish Nagaraja, Jyotishman Nag, Sahitya Gollapudi
-
Patent number: 12047388Abstract: A hardware detection method includes sending first verification data to a physical carrier, where the physical carrier carries a plurality of pieces of hardware; receiving a ciphertext and binding relationship information from the physical carrier, where the ciphertext is obtained after at least two of the pieces of hardware respectively encrypt the first verification data using respective keys, and where the binding relationship information indicates a binding relationship between the at least two pieces of hardware; verifying the ciphertext and the binding relationship information; and determining security of the at least two pieces of hardware based on a verification result.Type: GrantFiled: January 21, 2022Date of Patent: July 23, 2024Assignee: HUAWEI TECHNOLOGIES CO., LTD.Inventors: Mengnan Zhang, Lizhong Qiao, Haiwu Chen