Patents Examined by James Turchen
-
Patent number: 9536069Abstract: We propose a method that uses formatting options of Font, Font Size, Font Color, Shading, Font Style, Font Effects, Font Underline, Character Effects, Picture coloring, as a part of user passwords, credentials, electronic signature, challenge for user authentication and captcha verification. User personalizes user name and or password or text by choosing combination of proposed factors for each character or word in password. Method includes optional time range where user would have different password and factor combinations for each time range. We also propose a method to use these factors for multi-factor authentication where user is required to format given text as per remotely sent instructions. We propose variation of proposed method that would send text and the instruction to format it using different factors through separate communication channels. For user verification, our method asks user to format the given text or given picture as instructed using different formatting options.Type: GrantFiled: August 28, 2015Date of Patent: January 3, 2017Inventor: Dhavalkumar Shah
-
Patent number: 9537854Abstract: Techniques are disclosed for managing a digital certificate enrollment process. A certificate assistant on a server is configured to encode certificate enrollment data in a barcode graphic, such as a quick response (QR) code. A mobile phone application can then scan the barcode graphic using a camera to recover and transmit the enrollment data to a certificate authority. Doing so allows a system administrator (or other user) to complete the certificate enrollment process in cases where the server is blocked from connecting to a certificate authority (CA) directly, e.g., because the server is behind a firewall blocking any outbound network connections from being initiated.Type: GrantFiled: April 18, 2014Date of Patent: January 3, 2017Assignee: Symantec CorporationInventor: Ishita Verma
-
Patent number: 9529980Abstract: In a computer-implemented method for deduplicating a plurality of instances of end user licensing agreements (EULAs), an end user licensing agreement (EULA) from a software bundle is accessed. Only a single instance of the EULA is displayed such that there is a deduplication of a plurality of instances of EULAs.Type: GrantFiled: June 28, 2014Date of Patent: December 27, 2016Assignee: VMware, Inc.Inventor: John Powell
-
Patent number: 9531538Abstract: Exposure of sensitive information to users is controlled using a first security token containing user identity and user credentials to represent the user who requests services, and a second security token containing two other identities, one identifying the token issuer and the other identifying the owning process. When requesting services, the token-owning process sends a security token to indicate who is making the request, and uses its key to digitally sign the request. The token-owning process signs the request to indicate that it endorses the request.Type: GrantFiled: December 11, 2015Date of Patent: December 27, 2016Assignee: International Business Machines CorporationInventors: John Y-C. Chang, Ching-Yun CHao, Bertrand Be-Chung Chiu, Ki Hong Park
-
Patent number: 9525697Abstract: Systems and methods for delivering security functions to a distributed network are described herein. An exemplary method may include: processing a data packet received from a switch, the data packet directed to the at least one network asset; selectively forwarding the data packet using the processing and a rule set; inspecting the forwarded packet; directing the enforcement point to at least one of forward the data packet to the at least one network asset and drop the data packet, using the inspection and the rule set; accumulating data associated with at least one of the data packet, the processing, and the inspection; analyzing the at least one of the data packet, the processing, and the inspection; and initiating compilation of a high-level security policy by the compiler using the analysis to produce an updated rule set.Type: GrantFiled: April 2, 2015Date of Patent: December 20, 2016Assignee: vArmour Networks, Inc.Inventors: Marc Woolward, Choung-Yaw Shieh, Jia-Jyi Lian
-
Patent number: 9521133Abstract: A method, in a server, implementing a moving target defense against cross-site scripting includes receiving a request for a web page, wherein the server has N versions of the web page each with a mutated version of JavaScript; selecting a web page of the N versions; and sending an indication of the mutated version of JavaScript associated with the web page in response to the request. Another method, in a client device, using a moving target defense against cross-site scripting includes requesting a web page; receiving an indication of a mutated version of JavaScript for the web page; and adjusting a JavaScript interpreter based on the mutated version of JavaScript for the web page.Type: GrantFiled: April 21, 2015Date of Patent: December 13, 2016Assignee: The University of North Carolina at CharlotteInventors: Bei-Tseng Chu, Joe Portner, Joel Kerr, Ehab Al-Shaer
-
Patent number: 9519769Abstract: A system and method for providing secure authorization to an electronic device by combining two or more security features of authentication processed at substantially the same time where at least one of the factors is a “tolerant” factor. By combining two factors such as facial recognition and a screen gesture, these can be analyzed at substantially the same time except when a device is oriented in a predetermined position or a unique or individualized motion is detected.Type: GrantFiled: January 8, 2014Date of Patent: December 13, 2016Assignee: Sensible Vision, Inc.Inventors: Cyrus Azar, George Brostoff
-
Patent number: 9514330Abstract: The invention described herein generally relates to systems and methods of securely storing data so that the data contains information about the data and/or the encryption of the data, systems and methods of providing secure access to real world data through data transformations, and systems and methods of managing security parameters for data.Type: GrantFiled: September 1, 2015Date of Patent: December 6, 2016Assignee: Protegrity CorporationInventor: Ulf Mattsson
-
Patent number: 9515819Abstract: Mechanisms are provided for allowing pluggable encryption in an operating system. Modules such as proprietary cipher modules connect to a kernel cryptographic framework using cryptographic cipher adapters. Supported cryptographic ciphers as well as proprietary cryptographic ciphers can be used in a transparent manner during file system access, key management, and metadata maintenance operations. Proprietary cipher modules interact with the cryptographic cipher adapters as though the cryptographic cipher adapters are the kernel cryptographic framework. The kernel cryptographic framework interacts with the cryptographic cipher adapters as though the cryptographic cipher adapters are proprietary cipher modules.Type: GrantFiled: September 3, 2015Date of Patent: December 6, 2016Assignee: Dell Products L.P.Inventors: Geng Chen, Vadim Draluk, Francois Goldfain
-
Patent number: 9509753Abstract: A mobile apparatus configured to communicate with a touch device is disclosed. The mobile apparatus includes a communication interface configured to communicate with a touch device; an interface configured to display a user interface window through which an input attribute for a touch that is input at the touch device is selected; and a controller configured to control the communication interface to transmit to touch device information based on the input attribute selected through the user interface window.Type: GrantFiled: August 26, 2014Date of Patent: November 29, 2016Assignee: SAMSUNG ELECTRONICS CO., LTD.Inventor: Sang-jun Park
-
Patent number: 9501429Abstract: A media processing device includes a key store memory to store a plurality of cryptographic keys and a rule set memory to store a plurality of rules for the plurality of cryptographic keys. The media processing device further includes an integrity module to determine a first cyclical redundancy check (CRC) value from the plurality of rules stored in the rule set memory and compare the first CRC with a second CRC value associated with the plurality of rules. The media processing device further includes an arbitration module to prevent further access to the plurality of rules in the rule set memory responsive to the integrity verification module signaling a mismatch between the first CRC and the second CRC.Type: GrantFiled: February 5, 2015Date of Patent: November 22, 2016Assignee: VIXS Systems Inc.Inventors: Heyun Zheng, Norman Stewart, Jing Zhang
-
Patent number: 9495545Abstract: Methods, systems, and computer-readable storage media for secure storage of and selective access to encrypted audit data. Implementations include actions of receiving a set of audit data in response to occurrence of an incident, determining a set of static audit data and a set of dynamic audit data based on the set of audit data, encrypting items in the set of static audit data using a first attribute-based encryption scheme to provide a set of encrypted static audit data, and items in the set of dynamic audit data using a second attribute-based encryption scheme to provide a set of encrypted dynamic audit data, and transmitting the set of encrypted static audit data and the set of encrypted dynamic audit data to an off-premise database for storage and selective access.Type: GrantFiled: November 13, 2014Date of Patent: November 15, 2016Assignee: SAP SEInventor: Andreas Schaad
-
Patent number: 9497217Abstract: According to one exemplary embodiment, a method for detecting malware in a network stream to at least one host computer is provided. The method may include initializing a browser profile corresponding with a first website having a first website source and a first plurality of content features. The method may include recording the first plurality of content features and a trusted source based on the first website source. The method may include scanning the network stream for a second content feature within a second plurality of content features associated with a second website. The method may include determining if the second content feature matches a first content feature. The method may include determining if the second plurality of content features is consistent with the first plurality of content features. The method may include determining if a second website source matches the trusted source. The method may include generating an alert.Type: GrantFiled: June 3, 2015Date of Patent: November 15, 2016Assignee: International Business Machines CorporationInventors: William A. Bird, Rory F. Bray, Jody D. Brownell, Ben A. Wuest
-
Patent number: 9489541Abstract: A computer system comprising a processor and a memory for storing instructions, that when executed by the processor performs a copy protection method. The copy protection method comprises executing a software loop of a first software application in a first operating system. A first call is executed in the software loop to a code portion. A decrypted code portion of the first software application is executed in a second operating system in response to the first call. The code portion is decrypted in response to a successful validation of the first software application.Type: GrantFiled: April 27, 2012Date of Patent: November 8, 2016Assignee: NVIDIA CORPORATIONInventors: Anthony Michael Tamasi, Timothy Paul Lottes, Bojan Skaljak, Fedor Fomichev, Andrew Leighton Edelsten, Jay Huang, Ashutosh Gajanan Rege, Keith Brian Galocy
-
Patent number: 9489508Abstract: Apparatus and method for controlling access to protected functionality of a data storage device. In some embodiments, a plurality of identification (ID) values associated with a data storage device are combined to form a combined ID value. The combined ID value is cryptographically processed using a secret symmetric encryption key in combination with a hash function or a key derivation function to generate a unique device credential for the data storage device. The unique device credential is used as an input to a selected cryptographic function to control access to a protected function of the data storage device.Type: GrantFiled: November 13, 2014Date of Patent: November 8, 2016Assignee: Seagate Technology LLCInventors: Monty A. Forehand, Manuel A. Offenberg, Christopher J. DeMattio
-
Patent number: 9491185Abstract: One embodiment disclosed relates to a method of proactive containment of network security attacks. Filtering parameters corresponding to a specific system vulnerability are determined. These parameters are distributed to network infrastructure components, and the network infrastructure components examine packets using these parameters to detect occurrence of an attack. Once an attack is detected, the network infrastructure components take action to inhibit the attack. Other embodiments are also disclosed.Type: GrantFiled: May 13, 2013Date of Patent: November 8, 2016Assignee: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LPInventors: John Selep, Mauricio Sanchez
-
Patent number: 9485246Abstract: A method includes, in response to a need to access for a user certain stored data that requires authentication, sending a request for the stored data into a data cloud, the request not identifying the user. The method further includes receiving, from the data cloud, response information descriptive of an authentication realm and a single-use nonce; presenting the information descriptive of the authentication realm to the user and prompting the user for a user name and password; re-sending the request into the data cloud with an authentication header having user credentials generated at least in part using the response information, the user credentials comprising the user name and a hashed password; and if the user credentials are valid, receiving from the data cloud the requested stored data.Type: GrantFiled: December 21, 2010Date of Patent: November 1, 2016Assignee: Nokia Technologies OyInventors: Ari Vepsäläinen, Tapani Lumme, Jussi Mäki
-
Patent number: 9479514Abstract: A system for securely controlling access between two wireless (i.e. Bluetooth-enabled) apparatuses, also comprising a supervisor apparatus. The first apparatus is paired to the second by establishing a secure wireless (i.e. Bluetooth) link. The first apparatus includes a stored partial link key and a link key generator: The first apparatus receives a first secret key from the apparatus user, and may also receive a second secret key from the supervisor apparatus. The link key generator generates either a first link key based upon a stored first partial link key, the first secret key and the second secret key or a second link key based upon the stored first partial link key and the first secret key. An access control module in the second apparatus determines the level of access that the first apparatus is granted based upon the link key used to establish the secure connection—full/restricted access.Type: GrantFiled: March 18, 2014Date of Patent: October 25, 2016Assignee: Certis Cisco Security PTE LTD.Inventors: Poh Beng Tan, Martin James Baptist, Keen Hon Wong, Honching Lui, Xiang Li
-
Patent number: 9473531Abstract: According to one exemplary embodiment, a method for detecting malware in a network stream to at least one host computer is provided. The method may include initializing a browser profile corresponding with a first website having a first website source and a first plurality of content features. The method may include recording the first plurality of content features and a trusted source based on the first website source. The method may include scanning the network stream for a second content feature within a second plurality of content features associated with a second website. The method may include determining if the second content feature matches a first content feature. The method may include determining if the second plurality of content features is consistent with the first plurality of content features. The method may include determining if a second website source matches the trusted source. The method may include generating an alert.Type: GrantFiled: November 17, 2014Date of Patent: October 18, 2016Assignee: International Business Machines CorporationInventors: William A. Bird, Rory F. Bray, Jody D. Brownell, Ben A. Wuest
-
Patent number: 9461821Abstract: Encryption key(s) and/or other protected material are protected on devices. A secret splitting scheme is applied to a secret, S, that protects at least one data item to obtain a plurality of secret shares. At least one secret share is encrypted to provide at least one encrypted secret share using an encryption scheme that uses at least one other secret share as the encryption key. A subset of the plurality of secret shares and encrypted secret share(s) is required to reconstruct the secret, S. One or more secret shares and/or encrypted secret shares are provided to at least one device, for example, based on a corresponding key-release policy, to allow access to the data item(s) secured by the secret, S. The secret, S, comprises, for example, a secret key used to protect at least one content item and/or a key used to protect one or more of a content container and a vault storing one or more protected data items.Type: GrantFiled: June 30, 2014Date of Patent: October 4, 2016Assignee: EMC CorporationInventors: Salah Machani, Nikolaos Triandopoulos, Kevin D. Bowers, Todd A. Morneau