Patents Examined by Jason Chiang
-
Patent number: 11727126Abstract: A method and service to encrypt data at rest on disks that are managed by a container orchestrator (CO) using a container storage interface (CSI). The method and service including intercepting a request transferred from a CO to a CSI plugin and sending the intercepted request to an encryption proxy plugin. The method and service also including examining the request to determine if encryption is needed. In response to encryption being needed, performing encryption on the volume. The method and service also transferring the intercepted request to the container storage interface plugin.Type: GrantFiled: April 8, 2020Date of Patent: August 15, 2023Assignee: Avaya Management L.P.Inventors: Prasanna Kulkarni, Nayana Teja Avatapalli
-
Patent number: 11722490Abstract: A data access processing method for an industrial Internet cloud service platform, comprising an industrial device with data to be accessed transmits a data access request to a data processing unit of the platform, and meanwhile uploads a device identifier capable of identifying the industrial device with data to be accessed, the data processing unit retrieves a data upload authentication tag matching the data to be accessed from a traceability unit according to the data access request, and a corresponding access strategy is selected for processing according to the data upload authentication tag, device representation, and the data access request. The data to be accessed can be processed flexibly and intelligently according to requirements of a data owner and an actual operation condition of the platform; and during data processing, various resources of the platform can be well regulated and controlled to process the data to be accessed.Type: GrantFiled: February 28, 2023Date of Patent: August 8, 2023Assignee: Chengdu University of Information TechnologyInventors: Binyong Li, Xianhui Deng, Fan Yang, Shaowei Zhang, Liangming Deng, Jie Zhang
-
Patent number: 11716354Abstract: A technology is described for determining compliance with security technical implementation guide (STIG) standards. An example of the technology can include identifying a STIG standard that may be applicable to a system component included in a computer system. The STIG standard can be obtained from a security technical implementation guide which specifies security standards for securing computer systems against unauthorized access. A configuration compliance package can be generated to evaluate a configuration setting of the system component for compliance to the STIG standard, and the configuration compliance package can be output to enable a determination of compliance of the configuration setting with the STIG standard.Type: GrantFiled: December 18, 2019Date of Patent: August 1, 2023Assignee: Raytheon CompanyInventors: Austin D. Garrett, Jacob Cole, Stephen Austin Cline
-
Patent number: 11704426Abstract: An object of the invention is to appropriately separate an available cluster for each user in a storage system configured by using a plurality of clusters each of which is an aggregate of nodes. A computer system includes a plurality of K8s clusters each configured by one or a plurality of K8s nodes, a storage that provides a volume, and a tenant management unit that manages the plurality of the K8s clusters and the storage. The tenant management unit creates, in the storage, a plurality of tenants respectively corresponding to the plurality of the K8s clusters. The storage, for each of the plurality of the K8s clusters, permits access from the K8s cluster to a tenant corresponding to the K8s cluster and prohibits access from the K8s cluster to a tenant not corresponding to the K8s cluster.Type: GrantFiled: March 11, 2022Date of Patent: July 18, 2023Assignee: HITACHI, LTD.Inventors: Takaki Nakamura, Takahiro Yamamoto, Hideo Saito, Keisuke Matsumoto, Hiroto Ebara, Naruki Kurata
-
Patent number: 11706624Abstract: Apparatus, systems and methods for agile network isolation through use of packet level non-repudiation (PLNR) are provided. Using a fast cryptography to verify that incoming packets are undeniably being received from the identified source, real-time attack notifications can be independently verified and shared among the network devices to remove compromised nodes from the network. The ability to collaborate among nodes without trust may be achieved via PLNR, to share attack notifications in real-time may be achieved via Telling Attack Layer (TATL), and to establish the identity of an attack in a permanent and binding way may be achieved via DISCOvery (DISCO).Type: GrantFiled: June 11, 2020Date of Patent: July 18, 2023Inventor: Jonathan Grier
-
Patent number: 11689535Abstract: A computer system for secure data access control, according to some examples, may perform operations including: receiving first data from a first client associated with a first user; using a first data access agent to store the first data in a first data store, the first data access agent having access to the first data store and not having access to a second data store; receiving second data from a second client associated with a second user; and using a second data access agent to store the second data in the second data store, the second data access agent having access to the second data store and not having access to the first data store.Type: GrantFiled: December 21, 2020Date of Patent: June 27, 2023Assignee: Capital One Services, LLCInventors: Suresh Pandey, Sebastian Smith, Hala Salim El-Ali
-
Patent number: 11683170Abstract: A secure digital communications method is provided in which a Certificate Authority generates an improved RSA key pair having a modulus, a public key exponent, a public key, and a private key. The public key exponent can contain descriptive attributes and a digital signature. The digital signature can be responsive to the descriptive attributes and the modulus. A secure session can be established between a first system and a second system, within a secure digital communication protocol. The second system can verify the digital signature to authenticate the public key.Type: GrantFiled: December 2, 2020Date of Patent: June 20, 2023Assignee: ARRIS Enterprises LLCInventors: Alexander Medvinsky, Eric J. Sprunk
-
Patent number: 11683181Abstract: A user device implements a certificate authority for issuing digital certificates that extend to other computing devices a level of trust to a particular user paired with the user device. The user device may obtain user persona information, generate a user key, and combine the user key with a device key for the generation of a digital certificate. The computing device may further transmit the digital certificate to a certificate management system, which manages interactions between other computing devices and the user device or authorizes operation of other computing devices by the particular user based on the digital certificate.Type: GrantFiled: April 7, 2020Date of Patent: June 20, 2023Assignee: T-Mobile USA, Inc.Inventors: Ahmad Arash Obaidi, Eric W. Yocam
-
Patent number: 11669320Abstract: In one embodiment, a system for managing a virtualization environment comprises a plurality of host machines, one or more virtual disks comprising a plurality of storage devices, a virtualized file server (VFS) comprising a plurality of file server virtual machines (FSVMs), wherein each of the FSVMs is running on one of the host machines and conducts I/O transactions with the one or more virtual disks, and a virtualized file server self-healing system configured to identify one or more corrupt units of stored data at one or more levels of a storage hierarchy associated with the storage devices, wherein the levels comprise one or more of file level, filesystem level, and storage level, and when data corruption is detected, cause each FSVM on which at least a portion of the unit of stored data is located to recover the unit of stored data.Type: GrantFiled: February 1, 2017Date of Patent: June 6, 2023Assignee: Nutanix, Inc.Inventors: Anil Kumar Gopalapura Venkatesh, Rishabh Sharma, Richard James Sharpe, Shyamsunder Prayagchand Rathi, Durga Mahesh Arikatla
-
Patent number: 11663340Abstract: Systems and methods to manage software vulnerabilities are described. The system retrieves a snapshot image of a production machine from a database. The snapshot image is associated with a recovery point identifier. The recovery point identifier identifies a first recovery point from multiple recovery points respectively corresponding to a plurality of snapshot images of the production machine. The snapshot image includes a first virtual machine that includes software information. The system processes the software information to identify first patch information associated with a first software module. Finally, the system pushes patch information to the production machine based on the processing of the software information.Type: GrantFiled: October 30, 2019Date of Patent: May 30, 2023Assignee: Rubrik, Inc.Inventors: Di Wu, Timothy Hsin-Kang Chou, Boyu Charlie Tong
-
Patent number: 11665160Abstract: System and method are disclosed for providing authentication of a terminal device. One embodiment includes a method implemented by a first terminal device. The method may include receiving first location information and receiving a first predetermined signal. The method may also include transmitting status information and the first location information to a server upon receiving the first predetermined signal to allow the server to compare the first location information with second location information received from a second terminal device and to allow the server to transmit the status information to the second terminal device. The status information may indicate that the first terminal device is authenticated and the first location information may indicate a current location of the first terminal device.Type: GrantFiled: May 17, 2021Date of Patent: May 30, 2023Assignee: Advanced New Technologies Co., Ltd.Inventor: Hua Lu
-
Patent number: 11659394Abstract: Apparatus, systems and methods for agile network isolation through use of packet level non-repudiation (PLNR) are provided. Using a fast cryptography to verify that incoming packets are undeniably being received from the identified source, real-time attack notifications can be independently verified and shared among the network devices to remove compromised nodes from the network. The ability to collaborate among nodes without trust may be achieved via PLNR, to share attack notifications in real-time may be achieved via Telling Attack Layer (TATL), and to establish the identity of an attack in a permanent and binding way may be achieved via DISCOvery (DISCO).Type: GrantFiled: June 11, 2020Date of Patent: May 23, 2023Inventor: Jonathan Grier
-
Patent number: 11645390Abstract: A next generation antivirus (NGAV) security solution in a virtualized computing environment includes a security sensor at a virtual machine that runs on a host and a security engine remote from the host. The integrity of the NGAV security solution is increased, by providing a verification as to whether a verdict issued by the security engine has been successfully enforced by the security sensor to prevent execution of malicious code at the virtual machine.Type: GrantFiled: May 11, 2020Date of Patent: May 9, 2023Assignee: VMWARE, INC.Inventors: Shirish Vijayvargiya, Vasantha Kumar Dhanasekar, Sachin Shinde, Rayanagouda Bheemanagouda Patil
-
Patent number: 11641357Abstract: Systems and methods are described for receiving a request from a data recipient to access information from a data provider associated with a user, wherein the request comprises a data recipient token. The request is validated and in response to validating the request, a secondary token is transmitted to the data provider. The information is received from the data provider and a package of authorized information is generated based on the information received from the data provider. The package of authorized information is transmitted to the data recipient.Type: GrantFiled: October 22, 2021Date of Patent: May 2, 2023Assignee: AKOYA LLCInventors: Denis Babani, Asanka Dissanayake, Jeffrey Kukesh, Anil Mahalaha, Stuart Rubinstein
-
Patent number: 11620398Abstract: Embodiments may be generally directed to techniques to encrypt and decrypt data in a first fuse block array using an encryption key of a second fuse block array, the second fuse block array having the encryption key comprising a plurality of segments of bits, an inverse encryption key comprising a second plurality of segments of bits, each segment of the inverse encryption key to correspond with a particular segment of the encryption key, and a random pattern having equally distributed bit values, the random pattern to enable detection of voltage attacks on the second fuse block array.Type: GrantFiled: May 29, 2019Date of Patent: April 4, 2023Assignee: INTEL CORPORATIONInventors: Neeraj S. Upasani, David P. Turley, Sergiu D. Ghetie, Zhangping Chen, Jason G. Sandri
-
Patent number: 11620445Abstract: A system and method for implementing an automatic data collection and presentation generator module are disclosed. A database stores a plurality of templates and data components. A receiver receives a request from a user to automatically generate an electronic data presentation based on a template and a limited data set selected from the data components. A processor receives user's credential information corresponding to the received request. The processor also accesses the database to identify a template among a plurality of templates based on user's access permission and verified authentication; hydrates the identified template with the limited data by applying a predefined data injection algorithm that is configured to determine that the limited data set is accessible by the user based on the user's access permission and the verified authentication; and automatically generates the electronic data presentation with the hydrated identified template having the limited data.Type: GrantFiled: September 25, 2020Date of Patent: April 4, 2023Assignee: JPMORGAN CHASE BANK, N.A.Inventors: Trevor D. Jaskot, Jeremy Ake
-
Patent number: 11616787Abstract: A set of operations is performed to cause a resource accessible to a first set of entities to also be accessible to a member of a second set of entities, where the set of operations, as a result of being executed, causes a processor to create a project to associate with a set of resources, associate a policy that controls access to the set of resources with the projects, associate the resource with the set of resources of the project, and associate the member of the second set of entities with the project. A request is obtained from the member of the second set of entities to access the resource. The member of the second set of entities is determine to be authorized to access the resource based on the policy. The member of the second set of entities is allowed to obtain access to the resource.Type: GrantFiled: June 28, 2019Date of Patent: March 28, 2023Assignee: Amazon Technologies, Inc.Inventors: Jasmeet Chhabra, Harshad Vasant Kulkarni, Khaled Salah Sedky
-
Patent number: 11604883Abstract: A system and method for security risk identification in a secure software lifecycle. A knowledge database has a plurality of security elements which are identified for a particular software application depending on software environment and prioritized in a task list. Code vulnerabilities are identified using code scanners, with security requirements updated based on identified vulnerabilities, lack of vulnerabilities for weaknesses covered by a code scanner, potential weaknesses not adequately covered by code scanners, and software environment changes. The system identifies a security requirement that has passed the test of the code scanner, identifies the strength of the code scanner to discover a particular code vulnerability associated with the security requirement, and updates the security requirement to indicate a verified compliance state.Type: GrantFiled: May 22, 2020Date of Patent: March 14, 2023Assignee: SECURITY COMPASS TECHNOLOGIES LTD.Inventors: Nishchal Bhalla, Rohit Kumar Sethi, Ramanan Sivaranjan, Ehsan Foroughi, Geoffrey Charles Whittington
-
Patent number: 11593497Abstract: A backup manager for providing backup services includes persistent storage and a backup orchestrator. The persistent storage includes protection policies. The backup orchestrator generates a backup for a client based on the protection policies. The backup orchestrator generates an index for the backup. The index specifies a sensitivity level of each portion of the backup. The backup orchestrator stores portions of the backup in regions of a container that correspond to the sensitivity level of the respective portion of the backup. The backup orchestrator stores the container in backup storage.Type: GrantFiled: October 30, 2019Date of Patent: February 28, 2023Assignee: EMC IP Holding Company LLCInventors: Shelesh Chopra, Manish Sharma, Aaditya Rakesh Bansal, Sunil Yadav
-
Patent number: 11582239Abstract: A method and processing system for managing user access to one or more resources is disclosed. A central service may receive an access change request message regarding a user. The access change request message may include a user identifier, a user role, and an access action for the user. Example access actions may include adding or removing user access with respect to a resource. The central service may determine which resources are associated with the user role and transmit one or more event messages to the resources to implement the access actions. The resources may send acknowledgement messages to the central service to confirm that the access actions have been completed.Type: GrantFiled: October 31, 2019Date of Patent: February 14, 2023Assignee: Intuit Inc.Inventors: David Andrew Kemme, Thomas Fields Hash, Bernard Samuel Diwakar, Hrushikesh Gudala, Supreetha Kashyap