Patents Examined by Hee K Song
-
Patent number: 11451388Abstract: A data extraction system includes a registration apparatus, a data storage apparatus, and a query apparatus. The registration apparatus generates registration data including first information obtained by encrypting secret information, which is information that a user wishes to keep secret, by using a secret key and second information obtained by encrypting the secret key by using at least biological information of the user. The data storage apparatus holds the registration data. The query apparatus acquires the registration data by generating a query for acquiring the registration data from the data storage apparatus, extracts the secret key from the registration data by using biological information of the user, and extracts the secret information from the registration data by using the extracted secret key.Type: GrantFiled: August 29, 2017Date of Patent: September 20, 2022Assignee: NEC CORPORATIONInventors: Toshiyuki Isshiki, Haruna Higo, Kengo Mori
-
Patent number: 11444923Abstract: A database protection system (DPS) detects anomalies in real time without reliance on discrete security rules, instead relying on a machine learning-based approach. In particular, a Bayesian machine learning model is trained on a set of database protocol metadata (DPM) that the system collects during its runtime operation. Typically, a set of DPM parameters is protocol-specific. The approach herein presumes that DPM parameters are not independent, and that their conditional dependencies (as observed from the database connections) can be leveraged for anomaly detection. To that end, the machine learning model is trained to detect dominant (repeating) patterns of connection DPM parameters. Once trained, the model is then instantiated in the DPS and used to facilitate anomaly detection by identifying connections that do not conform to these patterns, i.e. that represent unusual connection DPM parameters.Type: GrantFiled: July 29, 2020Date of Patent: September 13, 2022Assignee: International Business Machines CorporationInventors: Leonid Rodniansky, Shay Harel, Tania Butovsky, Peter Maniatis
-
Patent number: 11443577Abstract: An encrypted security system and associated methods for controlling physical access. The system includes a security server configured to receive a request for authentication from a mobile device, the request having information identifying the mobile device and a physical access control device. The security server forwards an encryption message having a plurality of unique identifiers to the physical access control device via the mobile device. The physical access control device is configured to authenticate the plurality of unique identifiers in the encryption message and operate an access control mechanism.Type: GrantFiled: March 11, 2020Date of Patent: September 13, 2022Assignee: DELPHIAN SYSTEMS, LLCInventors: Gary L Myers, Ashok Hirpara, John D Veleris, Michael Aaron Cohen, Eugene Nakshin, Arkadiusz Zimny
-
Patent number: 11425130Abstract: A plurality of permissions associated with the on-demand computing services environment may be identified. Each of the permissions may identify a respective one or more actions permitted to be performed within the on-demand computing services environment. Each of the permissions may be granted to a respective one or more user accounts within the on-demand computing services environment. A degree of overlap between a first group of the user accounts granted a first one of the permissions and a second group of the user accounts granted a second one of the permissions may be determined. When the degree of overlap exceeds a designated threshold, a designated permission set that includes the first permission and the second permission may be created.Type: GrantFiled: November 13, 2019Date of Patent: August 23, 2022Assignee: Salesforce.com, Inc.Inventors: Freeman Parks, Ryan D. Woebkenberg
-
Patent number: 11411992Abstract: There is disclosed in one example a computing apparatus, including: a processor and a memory; a network interface; and instructions encoded within the memory to instruct the processor to: receive a uniform resource locator (URL) for analysis, the URL to access a web page via a remote server; via the network interface, retrieve from the remote server a copy of the web page; render the web page in a headless browser to provide a computer-accessible visual output; perform visual analysis of the visual output via a digital eye; compare the visual analysis to a plurality of known phishing target websites; and if the comparison identifies the web page as visually similar to a known phishing target website, detect the web page as a phishing web page.Type: GrantFiled: November 7, 2019Date of Patent: August 9, 2022Assignee: McAfee, LLCInventor: Shashi Klran N
-
Patent number: 11397795Abstract: A method by one or more network devices for providing obfuscated code to web application clients. The method includes determining a configuration utilized by a web application client based on a header of a web application layer request generated by the web application client, selecting, for providing to the web application client with a web application layer response corresponding to the web application layer request, an obfuscated code from a plurality of obfuscated codes for the configuration utilized by the web application client, where the plurality of obfuscated codes for the configuration utilized by the web application client provide the same intended functionality but are obfuscated differently from each other, and providing the selected obfuscated code to the web application client with the web application response.Type: GrantFiled: August 1, 2019Date of Patent: July 26, 2022Assignee: Imperva, Inc.Inventor: Itsik Mantin
-
Patent number: 11397820Abstract: Some embodiments disclose a method and apparatus for processing data, a computer device and a storage medium. A method can include: acquiring, by a cloud storage system, a series of slices obtained by dividing a to-be-stored file; encrypting, by the cloud storage system, each slice by using a different data key; and storing, by the cloud storage system, an encrypted data ciphertext.Type: GrantFiled: March 13, 2019Date of Patent: July 26, 2022Inventors: Wei Lu, Fei Zhou, Linjiang Lian, Meng Wang, Xianhui Niu
-
Patent number: 11399033Abstract: There is disclosed in one example an advertisement reputation server, including: a hardware platform including a processor and a memory; a network interface; and an advertisement reputation engine including instructions encoded in memory to instruct the processor to: receive via the network interface a plurality of advertisement instances displayed on client devices; extract from the advertisement instances an advertiser identifier; analyze one or more advertisements associated with the advertiser identifier to assign an advertiser reputation; and publish via the network interface advertisement reputation information derived from the reputation for the advertisement identifier.Type: GrantFiled: June 25, 2019Date of Patent: July 26, 2022Assignee: McAfee, LLCInventors: Joel R. Spurlock, Nikhil Meshram, Prashanth Palasamudram Ramagopal, Daniel L. Burke
-
Patent number: 11392672Abstract: Methods and systems for obfuscating computer program code are disclosed. In an embodiment, a method of generating obfuscated binary code from input source code for execution on a target processor comprises: generating a set of random obfuscation transform selections; and iteratively optimizing the obfuscation transform selections until a termination criterion is met. The obfuscation transformation selections may comprise indications of custom instructions which are executable on the co-processor in order to reduce side channel leakage.Type: GrantFiled: November 7, 2019Date of Patent: July 19, 2022Assignee: Nanyang Technological UniversityInventors: Siew Kei Lam, Hung Thinh Pham, Alexander Fell, Veeranna Nandeesha
-
Patent number: 11386208Abstract: The disclosed computer-implemented method for malware detection using localized machine learning may include (i) generating a global score for a file using a global machine learning model, (ii) generating a localized score for the file using a localized machine learning model, (iii) determining that the file is malware using the global score, the localized score, and the local conviction threshold, and (iv) in response to determining that the file is malware, performing a security action to protect the computing device against malware. Various other methods, systems, and computer-readable media are also disclosed.Type: GrantFiled: May 16, 2019Date of Patent: July 12, 2022Assignee: CA, INC.Inventors: Qichao Lan, Tao Cheng
-
Patent number: 11379563Abstract: There is provided a computer-implemented method of enhancing data privacy. One or more tensors of numeric data are determined, at a processor, in dependence on input data. A transform is determined in dependence on user-associated data, which may be user input or biometric data. Each of the one or more tensors of numeric data are transformed into at least two fragments of data by applying the transform. Each of the fragments of data obfuscates the numeric data. Each of the at least two fragments of data are stored separately at a respective geographically separated storage system.Type: GrantFiled: March 26, 2019Date of Patent: July 5, 2022Assignee: LOCKULAR LIMITEDInventors: Gary Mawdsley, Dmitry Tishkovsky
-
Patent number: 11381379Abstract: Some embodiments are directed to an electronic computation device (100) arranged for obfuscated execution of a multiplication. The device comprises a storage (120) arranged for storing multiple variables used in the execution of an arithmetic operation, a variable (x: y; 2) of the multiple variables being represented as multiple multiplicative shares (X=(x0, x1, . . . , xm?1); Y=(y0, y1, . . . , ym?1); 20), said multiplicative shares being represented in the storage as multiple additive shares (xi=(xi,0,xi,1, . . . , xi,n?1); Yi=(yi,0,yi,1, . . . , yi,n?1); 210, 220).Type: GrantFiled: October 29, 2018Date of Patent: July 5, 2022Assignee: Koninklijke Philips N.V.Inventors: Ronald Rietman, Sebastiaan Jacobus Antonius De Hoogh
-
Patent number: 11372992Abstract: Embodiments relate to data storage systems and data processing systems using a data hub, connector grid, and channel services. The systems can extract raw data from a plurality of source systems, and load and store the raw data at a data hub implemented by a non-transient data store. The systems can receive request to generate data for consumption and, in response, transmit generates data sets to channel services. The system can implement event detection and logging. The system can implement policy enforcement and identity management with access controls.Type: GrantFiled: July 19, 2019Date of Patent: June 28, 2022Assignee: BANK OF MONTREALInventors: Iouri Mikhailov, Ching Leong Wan
-
Patent number: 11354958Abstract: An encrypted security system and associated methods for controlling physical access are described. The system includes a security server configured to receive a request for authentication from a mobile device, the request including information identifying the mobile device and a physical access control device. The security server forwards an encryption message including a plurality of unique identifiers to the physical access control device via the mobile device. The physical access control device is configured to authenticate the plurality of unique identifiers in the encryption message and operate an access control mechanism.Type: GrantFiled: March 11, 2020Date of Patent: June 7, 2022Assignee: DELPHIAN SYSTEMS, LLCInventors: Gary L Myers, Ashok Hirpara, John D. Veleris, Arkadiusz Zimny, Eugene Nakshin, Michael Aaron Cohen
-
Patent number: 11349668Abstract: An encryption device (10) is an encryption device in authentication encryption. A key generation unit (21) generates a key K of an encryption function E of a block cipher, in accordance with an initial parameter N. A hash calculation unit (22) calculates a hash value msk with an internal parameter ctr as an input. An encryption unit (23) generates a ciphertext c of the message m by using the encryption function E, with a key K generated by the key generation unit (21), a hash value msk calculated by the hash calculation unit (22), and a message m as inputs.Type: GrantFiled: February 21, 2017Date of Patent: May 31, 2022Assignee: Mitsubishi Electric CorporationInventor: Yusuke Naito
-
Patent number: 11343083Abstract: A host processing device instructs a plurality of virtual data processing (VDP) accelerators, configured on each of a plurality of data processing accelerators. The VDP accelerators configure themselves for secure communications. The host device generates an adjacency table of each of the plurality of VDP accelerators. Then the host device then establishes a session key communication with each VDP accelerator and sends the VDP accelerator a list of other VDP accelerators that the VDP accelerator is to establish a session key with, for secure communications between the VDP accelerators. The VDP accelerator establishes a different session key for each pair of the plurality of VDP accelerators.Type: GrantFiled: November 22, 2019Date of Patent: May 24, 2022Assignee: BAIDU USA LLCInventors: Yong Liu, Yueqiang Cheng
-
Patent number: 11343090Abstract: There is disclosed in one example a computing system, including: a processor; a memory; and a memory encryption engine (MEE) including circuitry and logic to: allocate a protected isolated memory region (IMR); encrypt the protected IMR; set an access control policy to allow access to the IMR by a device identified by a device identifier; and upon receiving a memory access request directed to the IMR, enforce the access control policy.Type: GrantFiled: June 27, 2019Date of Patent: May 24, 2022Assignee: Intel CorporationInventors: Siddhartha Chhabra, Prashant Dewan
-
Patent number: 11341216Abstract: Provided is a method for computer-aided obfuscation of program code, wherein a plurality of calculation steps is implemented in the program code, wherein predetermined calculation steps of the plurality of calculation steps are retrieved in a predetermined order with the execution of the program code, and at least some of the predetermined calculation steps are predefined calculation steps in which a respective first table that is stored in the program code and includes of a plurality of digital first tabular values is accessed in order to read a first tabular value required for the respective predefined calculation step from the first table. As part of the obfuscation of the program code, a dynamic mask formed by a plurality of digital mask values is used, wherein, for any predefined calculation step, another mask value is used to replace the first tabular value from the first table with a second tabular value.Type: GrantFiled: December 13, 2017Date of Patent: May 24, 2022Inventor: Johannes Zwanzger
-
Patent number: 11329815Abstract: A key management device for data encryption/decryption is provided. The key management device includes a static random-access memory (SRAM), a register, and a control circuit. The control circuit can set a key lookup table in the SRAM or the register, and manage a key database. The key database includes the SRAM and an one-time programmable (OTP) memory disposed outside the key management device, and the key database stores at least one key. The key lookup table includes a key number and metadata of each of the at least one key stored in the key database. According to a specific key number contained in a key read command or a key delete command from the processor, the control circuit reads or deletes a specific key corresponding to the specific key number in the key database.Type: GrantFiled: December 31, 2019Date of Patent: May 10, 2022Assignee: NUVOTON TECHNOLOGY CORPORATIONInventor: Yu-Shan Li
-
Patent number: 11321433Abstract: A system and method for providing authenticating user access to an access controlled device such as computers, mobile devices, or tablets. The present disclosures describes a novel method and system for eye tracking performed through the execution of computer software on a nontransitory computer-readable medium to measure neurological impulses through physiological expressions of the user. These measurements are unique to each user and therefore ideal for the use in the field of encryption and decryption. This novel system can potentially make mobile devices significantly more secure. Preferably, the system comprises a user interface and a camera.Type: GrantFiled: August 31, 2018Date of Patent: May 3, 2022Assignee: EYETHENTICATE, LLCInventor: Austin H. Lubetkin