Patents Examined by James J Wilcox
-
Patent number: 10334434Abstract: Systems and techniques are described for authenticating a user. A described technique includes receiving, by an identity management application running on a user computer, a request to authenticate a user to access a user application using the user computer. The technique includes determining, by the identity management application, that a mobile device associated with the user is connected to the user computer using a short distance wireless connection. The technique includes requesting, by the identity management application running on the user computer, authentication information for the user from the mobile device over the short distance wireless connection. The technique includes receiving, by the identity management application running on the user computer, the authentication information for the user from the mobile device over the short distance wireless connection.Type: GrantFiled: September 8, 2016Date of Patent: June 25, 2019Assignee: VMware, Inc.Inventors: Abhishek Soni, Lakshman Rao Abburi
-
Patent number: 10326789Abstract: Web Bot detection methods and systems are provided that receive a request, in connection with a network session. The methods and systems determine whether the request is associated with potential Bot activity, and based thereon assign a Bot confidence designation. The Bot confidence designation indicates a likelihood that the request represents an agent-based request. The methods and systems analyze a session trait of the network session relative to predetermined session traits indicative of human-based requests, and assign a human confidence designation based on the analysis. The human confidence designation indicates a likelihood that the request represents a human-based request. The request is then classified to represent an agent-based request or human-based request based on the Bot and human confidence designations.Type: GrantFiled: September 25, 2015Date of Patent: June 18, 2019Assignee: Amazon Technologies, Inc.Inventors: Forrest MacKenzie Vines, Sevag Demirjian, Nathan David Scott, Jui Te Tseng
-
Patent number: 10313332Abstract: A method of performing one-time password (OTP) authentication using a color code is provided. The method includes generating, by an OTP terminal and an authentication server, an OTP using a reference time, generating, by the OTP terminal, a color code corresponding to a binary code representing the OTP, displaying, by a display device, the color code, obtaining, by a camera, the displayed color code, decoding, by the authentication server, the obtained color code into the color code and generating a password which refers to the decoded binary code, and performing, by the authentication server, authentication by comparing the generated OTP and the password.Type: GrantFiled: August 30, 2016Date of Patent: June 4, 2019Assignee: Research & Business Foundation Sungkyunkwan UniversityInventors: Kwang-Seok Hong, Sang Min Park
-
Patent number: 10311254Abstract: An electronic apparatus and an information access control method thereof are provided. The information access control method includes receiving a user input for a first application on a touch screen, and limiting execution of at least some of remaining applications except for the first application of the electronic apparatus when the user input is a preset first information access control mode input.Type: GrantFiled: January 19, 2016Date of Patent: June 4, 2019Assignee: Samsung Electronics Co., Ltd.Inventors: A. K. M. Fazla Mehrab, Kazy Fayeen Shariar, Sadik Noman
-
Patent number: 10152596Abstract: Runtime verification of software execution events against a behavioral model. For each event, it is verified whether there is a short range correlation of a sequence of the event and preceding event(s) with the behavioral model, and whether there is a long range correlation of a group of the sequences and of an arrangement of groups of the sequences with the behavioral model. After verifying each long range correlation, the arrangement of groups in the behavioral model event is substituted with an intersection of an arrangement of groups of the sequences with an arrangement of groups of the sequences in the behavioral model. If an event is not covered by a short range correlation or a long range correlation of a group or a long range correlation of an arrangement of groups, the event is indicated as anomalous.Type: GrantFiled: January 19, 2016Date of Patent: December 11, 2018Assignee: International Business Machines CorporationInventor: Olgierd S. Pieczul
-
Patent number: 10146950Abstract: Systems herein allow a content manager to share portions of a document with different groups of users. The system can parse the document into screen shots of each page along with an information bundle that describes how to format content on each page. When a user accesses a document, the system can send the user a permitted portion rather than the entire document. The permitted portion can include one or more screen bundle. The user device can execute an application that reads the information bundle and formats content for display on the user device.Type: GrantFiled: January 29, 2016Date of Patent: December 4, 2018Assignee: AIRWATCH LLCInventors: Arjun Kochhar, Lakshmikanth Raju, Manjunath Bhat, Marcos Mendez
-
Patent number: 10146931Abstract: A computer system includes a management computer for automatically changing a password used to authenticate a user to a service application. A user device includes a password vault managed by a password management application. The management computer monitors for an event signifying that the password is to be changed, e.g., a predetermined number of uses, etc. A new password is assigned, and a first message is generated and sent to the service application including the new password and an indication that it is to be used for subsequent user authentication. A second message is also generated and sent to the password management application, also including the new password and an indication that it replaces a current password in the vault for user authentication. The new password is automatically used by both the service application and the user device during subsequent authentications until expiration.Type: GrantFiled: March 13, 2015Date of Patent: December 4, 2018Assignee: EMC IP Holding Company LLCInventors: Boris Kronrod, Lawrence N. Friedman
-
Patent number: 10148673Abstract: Techniques of operating intrusion detection systems provide a recommendation of an intrusion detection rule to an administrator of an intrusion detection system based on the experience of another administrator that has used the rule in another intrusion detection system. For example, suppose that electronic circuitry receives a numerical rating from a first intrusion detection system that indicates whether an intrusion detection rule was effective in identifying malicious activity when used in the first intrusion detection system. Based on the received rating and attributes of the first intrusion detection system, the electronic circuitry generates a predicted numerical rating that indicates whether the intrusion detection rule is likely to be effective in identifying malicious communications when used in a second intrusion detection system.Type: GrantFiled: September 30, 2015Date of Patent: December 4, 2018Assignee: EMC IP Holding Company LLCInventors: Zohar Duchin, Alon Kaufman, Oleg Freylafert, Lior Asher, Alex Zaslavsky
-
Patent number: 10121015Abstract: A method to provide negotiation control to data such that a person or entity can negotiate the use of data gathered beyond what is needed for a particular use by a third party transaction.Type: GrantFiled: February 23, 2015Date of Patent: November 6, 2018Assignee: LENS VENTURES, LLCInventors: Tara Lemmey, Stanislav Vonog
-
Patent number: 10104123Abstract: A mobile device fetches a policy definition library from a policy server responsive to occurrence of a defined event associated with an application package. The policy definition library contains policies defining resources of the mobile device that the application package is permitted to access. The mobile device executes the wrapped application package containing application executable code and application wrapper executable code that is called by each execution of an agnostic wrapper function residing at each of a plurality of locations in the application executable code. Responsive to execution of the agnostic wrapper function at any of the plurality of locations in the application executable code, the mobile device executes the application wrapper executable code to control whether access by the application executable code is granted to resources of the mobile device based on the policies contained in the policy definition library.Type: GrantFiled: September 23, 2015Date of Patent: October 16, 2018Assignee: CA, INC.Inventors: Madhusudhan Ganda, Vikrant Nandakumar, Vardhineedi Satyanarayana Murthy, Hemanth Kumar Pinninti
-
Patent number: 10084751Abstract: A method for balancing load among firewall security devices (FSDs) is provided. According to one embodiment, a switching device performs adaptive load balancing among cluster units of an HA cluster of firewall security devices. A load balancing (LB) function implemented by the switching device is configured based on information received from a network administrator. A LB table is maintained that forms associations between hash values output by the LB function and corresponding ports of the switching device to which the cluster units are coupled. Network traffic received by the switching device is directed to appropriate cluster units based on the LB function and the LB table. A traffic load on each of the cluster units is monitored. Responsive to a deviation from a predefined ideal traffic distribution, an attempt is made to improve performance of the HA cluster by dynamically adjusting the LB balancing table to address the deviation.Type: GrantFiled: November 19, 2017Date of Patent: September 25, 2018Assignee: Fortinet, Inc.Inventors: Edward Lopez, Joe Mihelich, Matthew F. Hepburn
-
Patent number: 10084597Abstract: A cryptographically-enabled RFID tag stores a primary secret key and derives secondary keys from the primary key. A secondary key may be derived by combining the primary key with one or more other parameters using one or more algorithms. The tag uses a derived secondary key to encrypt or electronically sign a tag response sent to a verifying entity. The verifying entity does not know the derived secondary key, but knows the tag primary key and the parameters and algorithms used to derive the secondary key and can derive all of the potential secondary keys. The verifying entity can then attempt to authenticate the tag or tag response by trying potential secondary keys.Type: GrantFiled: January 12, 2018Date of Patent: September 25, 2018Assignee: Impinj, Inc.Inventors: Matthew Robshaw, Alberto Pesavento, Christopher Diorio
-
Patent number: 10025932Abstract: A portable security device for a computing system includes a housing, an interface at least partially disposed within the housing, a trusted platform module within the housing that is coupled to the interface, and a controller within the housing that is coupled to the trusted platform module and the interface. The interface is configured to engage a plurality of different devices and provide communication between the portable security device and an individual device when engaged with the individual device. In some examples, the trusted platform module can receive power from the individual device via the interface when the portable security device is engaged with the individual device. The controller includes logic to detect when the portable security device is coupled to the individual device via the interface.Type: GrantFiled: January 30, 2015Date of Patent: July 17, 2018Assignee: Microsoft Technology Licensing, LLCInventors: Stefan Thom, Ronald Aigner
-
Patent number: 10003592Abstract: A user authentication system enables control of access to historian data through a historian application. The user authentication system creates a user authentication directory for storing user authentication information. The system populates the directory with user authentication information. The system links the directory to a historian application and receives credential data from a user. The system grants access to the historian application when it determines that the credential data from the user matches a portion of the user authentication information on the directory.Type: GrantFiled: March 5, 2015Date of Patent: June 19, 2018Assignee: Schneider Electric Software, LLCInventors: Ravi Kumar Herunde Prakash, Sudhir Gonugunta, John Madden, Elliot Middleton, Olivier Vaillancourt, Vinay T. Kamath
-
Patent number: 9992024Abstract: According to an aspect of an embodiment, a method of establishing a chain of trust into a virtual machine on a hardware system is described. The method may include measuring an immutable portion of a virtual machine image configured to instantiate as the virtual machine to generate a trust anchor measurement. The method may also include storing the trust anchor measurement in a sealed memory.Type: GrantFiled: January 25, 2012Date of Patent: June 5, 2018Assignee: FUJITSU LIMITEDInventors: Zhexuan Song, Maarten H. Wiggers, Ryusuke Masuoka
-
Patent number: 9967265Abstract: Techniques of detecting malicious events involve generating a relational graph of event data describing events that occur within a specified, limited time window. Along these lines, a malicious event detection computer receives event data describing interactions between entities such as users, devices, and network domains from various servers that occur within a specified time window. In response, the malicious event detection computer generates a relational graph that has graph structures (e.g., nodes and edges) representing these interactions. Analysis of patterns within the resulting relational graph indicates whether there is a malicious event occurring.Type: GrantFiled: September 29, 2015Date of Patent: May 8, 2018Assignee: EMC IP Holding Company LLCInventors: Oded Peer, Oleg Freylafert, Anton Khitrenovich, Yana Vaisman
-
Patent number: 9965639Abstract: Embodiments of the present invention provide systems and methods for authenticating the source code of a software end product. The method includes generating a compound key, which is composed of a set of unique keys generated from a source file. A set of files are separately build based on a received source code, and a key generated and embedded into the files at the time of the build. A validation tool is used to compare the values of the generated compound key to the values of the embedded key to determine if the values match.Type: GrantFiled: July 17, 2015Date of Patent: May 8, 2018Assignee: International Business Machines CorporationInventors: Badekila Ganesh Prashanth Bhat, Nageswararao V. Gokavarapu, John Kurian, Raghavendran Srinivasan
-
Patent number: 9954840Abstract: A DNS server receives, from a client device, a DNS query for a resource record type at a domain name. The DNS server determines that the resource record type does not exist at the domain name and generates an answer that indicates that the queried resource record type does not exist at the domain name and also indicates that a plurality of other resource record types exist at the domain name regardless of whether those plurality of other resource record types actually exist at the domain name. The DNS server transmits the generated answer to the client device.Type: GrantFiled: May 6, 2016Date of Patent: April 24, 2018Assignee: CLOUDFLARE, INC.Inventors: Daniel Morsing, Marek Majkowski, Nicholas Thomas Sullivan, Olafur Gudmundsson, Filippo Valsorda
-
Patent number: 9946744Abstract: A database system and method for managing and storing sensitive and non-sensitive vehicle data. Received vehicle data messages are processed to separate out sensitive and non-sensitive data. The data is stored in a database having: an encrypted table, a plain-text table, and an identification mapping table. The encrypted table contains the sensitive data entries in an encrypted format. The plain-text table contains the non-sensitive data entries in a plaintext form. The identification mapping table contains a plurality of mapping data entries, wherein each mapping data entry associates a unique identifier to an affiliated identifier that is used to recall data from the encrypted table and the plain-text table.Type: GrantFiled: January 6, 2016Date of Patent: April 17, 2018Assignee: General Motors LLCInventor: Primo Mark Pettovello
-
Patent number: 9935959Abstract: Techniques are described for implementing a cloud computer system to provide access to a custom execution environment for execution of custom executable instructions. Users may be able to configure one or more different types of template execution environments, e.g., a virtual machine environment, each of which can be used to establish a type of custom execution environment. Users may configure the template execution environment with regard to settings, states, resources, permissions, or other criterion related to an execution environment. Upon request, a custom execution environment (e.g., a child execution environment) may be established for running one instance of a custom executable instruction. The custom execution environment may be based on the template execution environment. The custom execution environment may provide a secure, isolated environment for execution of a custom executable instruction.Type: GrantFiled: September 17, 2014Date of Patent: April 3, 2018Assignee: ORACLE INTERNATIONAL CORPORATIONInventors: Michael Keith, William Bruce Kilgore, Kaj van de Loo