Patents Examined by Harris C Wang
  • Patent number: 12361114
    Abstract: A system and method for securing a device of an industrial process control and automation system comprises setting a lock code in a device index of the device and executing a monitoring software program that reads the lock code and sets the device in a locked state. An enforcement software program prevents changes to the configuration and firmware of the device when the device is in the locked state. The device is further arranged to be released from the lock state by setting an unlock code in the device index and executing the monitoring software program to read the unlock code and set the device in an unlocked state.
    Type: Grant
    Filed: September 14, 2022
    Date of Patent: July 15, 2025
    Assignee: Honeywell International Inc.
    Inventor: Brian R. Reynolds
  • Patent number: 12362914
    Abstract: Disclosed are various embodiments for authentication with network connected computing resources using a cryptographic coprocessor installed on a client device. A request can be sent to the client device to provision an asymmetric encryption key-pair using a cryptographic coprocessor installed on the client device, wherein the request comprises a key-authorization credential for the asymmetric encryption key-pair and the asymmetric encryption key-pair comprises a public key and a private key. The public key of the asymmetric encryption key-pair and an identity public key for the cryptographic coprocessor can be received. The public key, key-authorization credential, and the identity public key can then be stored in association with each other.
    Type: Grant
    Filed: October 11, 2019
    Date of Patent: July 15, 2025
    Assignee: American Express Travel Related Services Company, Inc.
    Inventors: Wael Ibrahim, Manik Biswas, Manish K. Deliwala
  • Patent number: 12363137
    Abstract: A method for the detection of multi-killchain alerts is disclosed. The method includes receiving, by a computer system, a plurality of alerts indicative of activity within a computer network, wherein a given alert specifies one or more events having attributes, and extracting attributes from events included in the plurality of alerts. The method further includes determining attribute similarity for pairs of events based on whether a given pair of events has common values for one or more attributes and whether attribute values of the given pair of events indicates lateral movement within computers of the computer network. Linked pairs are then identified based on the determined attribute similarity and added to a graph data structure. The method further includes the computer system analyzing the graph data structure to find clusters of events relating to a security attack.
    Type: Grant
    Filed: January 31, 2022
    Date of Patent: July 15, 2025
    Assignee: Salesforce, Inc.
    Inventor: Anirudh Kondaveeti
  • Patent number: 12355767
    Abstract: Systems and methods for securely handling data traffic on local or private networks, such as by using cloud computing, are provided. A non-transitory computer-readable medium, according to one implementation, may be configured to store executable instructions enabling a processor of a user device to perform the step of discovering an origin of a source application associated with network packets bound for a private address space. The executable instructions may further enable the processor to send a tuple regarding the discovered origin to a cloud server to request an analysis of the tuple. Upon receiving an allow instruction from the cloud server, the instructions enable the processor to allow the network packets to flow normally to a destination associated with the private address space. Upon receiving a deny instruction from the cloud server, the instructions enable the processor to drop the network packets.
    Type: Grant
    Filed: April 15, 2021
    Date of Patent: July 8, 2025
    Assignee: Zscaler, Inc.
    Inventors: Abhinav Bansal, Rohit Goyal
  • Patent number: 12348498
    Abstract: Aspects of the disclosure relate to identification of confidential data, in a message, and encryption of the confidential data. A computing platform may determine, based on a knowledge base, confidential data in a first message transmitted over one or more computing networks. The computing platform may encrypt the confidential data in the message. The computing platform may generate a second message based on encrypted confidential data. Further, the computing platform may update a header, corresponding to the second message, to indicate an encryption technique used for the encrypted confidential data. The computing platform may further encrypt the header of the second message, and transmit the second message.
    Type: Grant
    Filed: July 8, 2022
    Date of Patent: July 1, 2025
    Assignee: Bank of America Corporation
    Inventors: Sandeep Kumar Chauhan, Amit Kumar Singhal
  • Patent number: 12333174
    Abstract: Security is improved when creating a remote copy pair while suppressing performance deterioration of the overall system. In a data management system 1, when a user logs in, a first storage (main site storage 20) uses an external authentication server 50 to authenticate the user's access to its own storage and retains issued authentication information. Subsequently, when a command instructing a creation of a remote copy pair of a first volume (P-VOL) of the first storage and a second volume (S-VOL) of a second storage (sub site storage 40) is issued based on the user's operation, the first storage sends a command to the second storage by appending the authentication information, and the second storage uses the authentication information and requests the external authentication server 50 to authenticate the user's access to its own storage and, when the authentication is successful, the first or second storage starts synchronization of data between the pair volume.
    Type: Grant
    Filed: September 7, 2022
    Date of Patent: June 17, 2025
    Assignee: HITACHI VANTARA, LTD.
    Inventor: Kazuma Okamoto
  • Patent number: 12321503
    Abstract: In some embodiments, a method can include measuring, via a sensor disposed within an interior of a housing, an out-of-band characteristic of an electronic circuit disposed within the interior of the housing. The method can further include receiving, from the sensor and at a management circuit disposed within the interior of housing, a sensor signal indicating the out-of-band characteristic of the electronic circuit. The method can further include analyzing, at the management circuit, the out-of-band characteristic of the electronic circuit to produce an alarm signal. The method can further include sending, from the management circuit, the alarm signal to initiate a remedial action in response to receiving the alarm signal.
    Type: Grant
    Filed: July 22, 2021
    Date of Patent: June 3, 2025
    Assignee: Global Technical Systems
    Inventor: Thomas Scott Morgan
  • Patent number: 12299174
    Abstract: Embodiments seek to protect privacy of potentially sensitive client resources in web transactions using crowd-disambiguation. Crowd-disambiguation machines can aggregate information about resources from multiple clients as resource fingerprints, and can use the fingerprints to provide crowd-sourced services in a privacy-protected manner. For example, embodiments can communicate a resource fingerprint as a fully ambiguated resource instance (FARI) and a partially disambiguated resource instance (PDRI). When one (or few) clients communicates the resource fingerprint, the identity of the resource remains obfuscated from the crowd-disambiguation machine. As more clients communicate fingerprints for the same resource (e.g., identified by the matching FARIs), respective, differently generated PDRIs of those fingerprints enable the crowd-disambiguation machine to resolve further portions of the resource, ultimately permitting the resource to be revealed and considered non-private (e.g.
    Type: Grant
    Filed: December 27, 2023
    Date of Patent: May 13, 2025
    Assignee: Viasat, Inc.
    Inventors: David F. Lerner, Peter J Lepeska, Douglas C. Larrick, Devin R. Toth
  • Patent number: 12278820
    Abstract: Various embodiments described herein relate to a call management system that aims to provide a more efficient, secure, and dynamic technique for authenticating a user based on a location of the user. A server of the call management system receives a phone call from a user device. The server transfers the phone call to an analyst device. When the analyst device accepts the phone call, the server starts an electronic communication session between the user device and the analyst device. The server then determines a current location of the user. The server further determines a question for authentication of the user based on the current location. The server transmits the question to the analyst device. The analyst device transmits the question to the user device via the server. In response to an answer received from the user device, the server authenticates the user.
    Type: Grant
    Filed: December 19, 2022
    Date of Patent: April 15, 2025
    Assignee: United Services Automobile Association (USAA)
    Inventors: Bryan J. Osterkamp, Ryan Thomas Russell, Jon D. McEachron, Gregory B. Yarbrough, Janelle Denice Dziuk
  • Patent number: 12248611
    Abstract: Systems, methods, and apparatuses for providing a central location to manage permissions provided to third-parties and devices to access and use user data and to manage accounts at multiple entities. A central portal may allow a user to manage all access to account data and personal information as well as usability and functionality of accounts. The user need not log into multiple third-party systems or customer devices to manage previously provided access to the information, provision new access to the information, and to manage financial or other accounts. A user is able to have user data and third-party accounts of the user deleted from devices, applications, and third-party systems via a central portal. The user is able to impose restrictions on how user data is used by devices, applications, and third-party systems, and control such features as recurring payments and use of rewards, via a central portal.
    Type: Grant
    Filed: December 25, 2023
    Date of Patent: March 11, 2025
    Assignee: Wells Fargo Bank, N.A.
    Inventors: Lila Fakhraie, Brian M. Pearce, Steven Pulido, Benjamin Soccorsy, James Stahley, Mojdeh Tomsich
  • Patent number: 12225137
    Abstract: Systems and methods are described that relate to authentication and/or binding of multiple devices with varying security profiles. In one aspect, a first device with a higher security profile may vouch for the authenticity of a second device with a lower security profile when the second device requests access for content from a content provider. The vouching process may be implemented by allowing the first device to overlay its digital signature on a registration request that has been signed and transmitted by the second device. The second device with the lower security profile may access content from the content provider or source for a predetermined time period, even when the second device does not access content through the first device.
    Type: Grant
    Filed: September 15, 2023
    Date of Patent: February 11, 2025
    Assignee: Comcast Cable Communications, LLC
    Inventors: James W. Fahrny, Kyong Park
  • Patent number: 12223091
    Abstract: Systems, methods, and apparatuses for providing a central location to manage permissions provided to third-parties and devices to access and use user data and to manage accounts at multiple entities. A central portal may allow a user to manage all access to account data and personal information as well as usability and functionality of accounts. The user need not log into multiple third-party systems or customer devices to manage previously provided access to the information, provision new access to the information, and to manage financial or other accounts. A user is able to have user data and third-party accounts of the user deleted from devices, applications, and third-party systems via a central portal. The user is able to impose restrictions on how user data is used by devices, applications, and third-party systems, and control such features as recurring payments and use of rewards, via a central portal.
    Type: Grant
    Filed: January 24, 2024
    Date of Patent: February 11, 2025
    Assignee: Wells Fargo Bank, N.A.
    Inventors: Lila Fakhraie, Brian M. Pearce, Steven Pulido, Benjamin Soccorsy, James Stahley, Mojdeh Tomsich
  • Patent number: 12212571
    Abstract: This disclosure relates to systems, methods, and apparatuses for determining access models for applications. The access models can be determined using various techniques described herein. The access models can enable the applications to be onboarded into the enterprise system and, in some cases, can be utilized by an identity and access management (IdAM) system and/or identity and governance administration (IGA) system to facilitate ongoing identity management and access control functions for the applications in the enterprise system.
    Type: Grant
    Filed: August 19, 2022
    Date of Patent: January 28, 2025
    Assignee: ACEISS, INC.
    Inventors: Lloyd O'Connor, Brian Jou, Nigel John Slinn, Cory Hacking
  • Patent number: 12190718
    Abstract: Systems and methods include providing a user with wireless control of electronic devices associated with a multi-tenant structure to enable a user to engage in wireless control of the electronic devices associated with permissions granted to the user. Embodiments of the present disclosure relate to receiving associated permissions granting wireless control of partitioned electronic devices to the user from a central aggregation control system. The partitioned electronic devices are associated with the multi-tenant structure that are under wireless control and have the associated permissions granting wireless control to the user. The electronic devices to provide the user with wireless control of the partitioned electronic devices are determined based on the associated permissions granted to the user. Wireless control of the partitioned electronic devices is automatically activated when the associated permissions for the user grant the user with the wireless control of the partitioned electronic devices.
    Type: Grant
    Filed: March 23, 2020
    Date of Patent: January 7, 2025
    Assignee: Xiber, LLC
    Inventors: Stephen Hon, Timothy Hon
  • Patent number: 12175507
    Abstract: A system and method for providing access to data of a first party including receiving information for identifying the first party, authenticating the first party using the received information for identifying the first party and generating a first read-only personal identification number (PIN). The first read-only PIN is associated with a first set of access rights for the data of the first party and provided to a second party. The first read-only PIN is stored with the first set of access rights in a computer database. A third party receives the first read-only PIN from the second party, authenticates the received first read-only PIN using the stored first read-only PIN and provides the second party with access to at least a portion of the data of the first party using the first set of access rights associated with the first read-only PIN if the received first read-only PIN is authenticated.
    Type: Grant
    Filed: November 30, 2021
    Date of Patent: December 24, 2024
    Assignee: CAPITAL ONE SERVICES, LLC
    Inventor: Jeffrey Michael Chapman
  • Patent number: 12164623
    Abstract: A computer implemented method is used for changing a password in a multi-domain environment. The method includes obtaining a private key and a public key from a security card at a user device in a user domain, transferring the public key to a controller in a secure domain, requesting a password change, receiving a public key encrypted new password from the secure domain, and decrypting the new password using the private key.
    Type: Grant
    Filed: April 1, 2021
    Date of Patent: December 10, 2024
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Kameshwar Jayaraman, Nicholas Elliot Claunch, Priyanshu Kumar Jha, Shankaranand Arunachalam
  • Patent number: 12166800
    Abstract: Methods and apparatuses for automatic determination of a content security policy for a network resource are described. A proxy server receives from a first authenticated client device a first request for a first network resource, retrieves the first network resource and transmits a first response to the first client device that includes a content tracker that causes the client device to report information on additional network resources identified when the first client device interprets the first network resource. A content security policy is determined based on the reported information. The proxy server receives, from a second client device, a second request for the first network resource. The proxy server transmits, to the second client device, a second response that includes the content security policy that is determined based on the information on the additional network resources.
    Type: Grant
    Filed: February 15, 2022
    Date of Patent: December 10, 2024
    Assignee: CLOUDFLARE, INC.
    Inventors: Jesse Kipp, Patrick Meenan
  • Patent number: 12147563
    Abstract: The present disclosure relates to a system, method, and apparatus for securing electronic personal identifying information. The system enhances data privacy, by minimizing the amount of authentic personal identifying information that is shared with a third party. Namely, the system includes a database of known websites, apps, etc. that require personal identifying information to sign up—and then classifies whether any given type of information is strictly necessary to the functioning of the website. The system then generates placeholder “dummy” data for any fields that are required for signup, but are not strictly necessary for the website to function. The system allows for creation of several user profiles that vary the amount of authentic personal identifying information to be shared, based on the user's preferences. The system therefore helps to secure personal information in the event that, for example, the website later has a data breach.
    Type: Grant
    Filed: November 10, 2021
    Date of Patent: November 19, 2024
    Assignee: United Services Automobile Association (USAA)
    Inventors: Michael Jay Szentes, Sumita T. Jonak, Brian Christopher Hawes, Shane Elliot Richard
  • Patent number: 12120110
    Abstract: A block generation unit 13 generates, in a predetermined case, a block including an ID of a user in a blockchain. The block generation unit 13 generates a new block including information indicating a service provider and service contents, when face data of the user and the service contents are received from a terminal of the service provider and face authentication is successful based on the face data and face authentication data, or when the ID of the user and the service contents are received from the terminal of the service provider, and adds the new block to the blockchain.
    Type: Grant
    Filed: July 27, 2020
    Date of Patent: October 15, 2024
    Assignee: NEC CORPORATION
    Inventor: Katsuhiko Ishida
  • Patent number: 12107890
    Abstract: A computing device receives an IP address and a port number related to a transport protocol and an application protocol version and other attributes related to an application protocol extracted from an encrypted client hello (ECH) enabled transport layer security (TLS) connection request from a client computing device and extracts, from the database, a set of all known hostnames matching the IP address. The device generates a reduced list of the set of all hostnames matching the IP address, and assigns a confidence score to each hostname of the reduced list based on an alias count and/or a popularity ranking of the hostname. Finally, a prioritized list of one or more hostnames is generated based on the confidence score, the prioritized list indicating the one or more hostnames in the order of descending probability of being requested in the ECH enabled TLS connection request.
    Type: Grant
    Filed: April 12, 2022
    Date of Patent: October 1, 2024
    Assignee: Cujo LLC
    Inventors: Filip Savin, Leonardas Marozas, Kimmo Kasslin