Patents Examined by Jason K. Gee
  • Patent number: 11934562
    Abstract: Provided is a data processing device including: a noise removal unit that removes noise from data to which noise has been added, the data having been received from a terminal device; a measurement unit that measures the data for each data type constituting a data set and indicating a classification of the data; and a data set updating unit that updates the data set on the basis of a measurement result of the measurement unit.
    Type: Grant
    Filed: December 26, 2019
    Date of Patent: March 19, 2024
    Assignee: SONY GROUP CORPORATION
    Inventor: Tetsuo Umeda
  • Patent number: 11928235
    Abstract: In a method of controlling account user access to transaction information for a joint account, a set of control criteria is stored in a control database. Information for a new transaction is received and stored in a transaction information database. An information limitation request to prevent access to the transaction information by a second account user for a withholding time interval is received from a first account user. An access limitation record including identification of the second account user and the withholding time interval is stored in the information control database. Upon receiving from a second account user a request for account information including the transaction information, a determination may be made as to whether the transaction information should be withheld from the second account user. Responsive to a determination that the transaction information should be withheld, a response excluding the transaction information is transmitted to the second user device.
    Type: Grant
    Filed: August 17, 2020
    Date of Patent: March 12, 2024
    Assignee: CAPITAL ONE SERVICES, LLC
    Inventors: Salik Shah, Sophie Bermudez
  • Patent number: 11914687
    Abstract: A system is described for controlling access to resources using an object model. Users can specify use cases for accessing resources. The user may be granted access if the user satisfies qualifications required for accessing the resource, selected a use case permissible for accessing the resource, and satisfies qualifications required for the use case. Use cases, qualifications, resources, and/or links between them can be implemented using an object model. The system can be used in addition to authentication and authorization.
    Type: Grant
    Filed: November 9, 2020
    Date of Patent: February 27, 2024
    Assignee: Palantir Technologies Inc.
    Inventors: Babak Siavoshy, Kyle Owens, Nathaniel Edwards
  • Patent number: 11902325
    Abstract: A session configuration method and a session configuration apparatus are disclosed. According to the session configuration method, a terminal device sends, to a session management network element, a session establishment request used to request to establish a first session. After receiving the session establishment request, the session management network element sends redundant transmission security information to an access network device. After receiving the redundant transmission security information, the access network device sends the redundant transmission security information to the terminal device. The redundant transmission security information is used to indicate security keys and security policies of the first session and a second session that need to be established by the terminal device. The second session is a redundant session of the first session.
    Type: Grant
    Filed: July 16, 2021
    Date of Patent: February 13, 2024
    Assignee: HUAWEI TECHNOLOGIES CO., LTD.
    Inventor: Rong Wu
  • Patent number: 11895110
    Abstract: Provided are a system, a method, and the like which contribute to more reliably and smoothly providing information relating to an authentication result to a person who has been subjected to authentication. An information provision system according to an embodiment of the present invention comprises: an authentication unit which authenticates an authentication subject, who is to be subjected to authentication, using a captured image of the authentication subject; a determination unit which, in accordance with information about the authentication subject or the conditions of the authentication subject, determines the transmission destination to which information relating to the authentication result is to be transmitted in order to notify the authentication subject of the authentication result; and a transmission unit which transmits the information to the determined transmission destination.
    Type: Grant
    Filed: November 21, 2018
    Date of Patent: February 6, 2024
    Assignee: NEC CORPORATION
    Inventors: Chisato Funayama, Masato Tsukada, Keiichi Chono, Yuka Ogino, Hiroshi Imai, Shoji Yachida, Takashi Shibata
  • Patent number: 11886600
    Abstract: A set of high level test logic is configured to include a set of insertion points. The high-level test logic can be controlled to insert test conditions into a data center configuration. It can also be configured to execute remediation actions that are to be taken, and validation actions to be performed in order to determine whether the remediation action works against the test conditions. Different instances of the high-level test logic can be configured for different environments and different test conditions.
    Type: Grant
    Filed: October 18, 2021
    Date of Patent: January 30, 2024
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Kevin Lo, Daiqian Hu, Hongquan Yin, Lei He
  • Patent number: 11880447
    Abstract: A regional lock-state control system for operation within a region, includes a server, a plurality of mobile devices and a plurality of lock assembles. The server is configured to initiate a lock-state event. The mobile devices are each configured to receive a wireless lock-state directive from the server upon the lock-state event, and send a wireless lock lock-state directive to the server. The lock assemblies are each configured to receive a lock-state command associated with the lock-state directive from the plurality of mobile devices, and are each configured to transmit an advertisement that includes data on a lock-state.
    Type: Grant
    Filed: December 16, 2022
    Date of Patent: January 23, 2024
    Assignee: CARRIER CORPORATION
    Inventors: Adam Kuenzi, Smita Menon, Jonah J. Harkema
  • Patent number: 11880482
    Abstract: A computer system controls access to data. A secure container that is based on an image file is instantiated at an endpoint device of a user, wherein the secure container includes encrypted data corresponding to the user. An access request to the secure container is authenticated by verifying credentials of the user. In response to verifying the credentials of the user, access to the data is granted. Access to the data is controlled by decrypting and enabling access to a portion of the data, wherein additional portions of the data are decrypted and made accessible based on user behavior.
    Type: Grant
    Filed: December 10, 2020
    Date of Patent: January 23, 2024
    Assignee: International Business Machines Corporation
    Inventors: Arielle Tovah Orazio, Matthias Seul, Christopher Pepin, Lloyd Wellington Mascarenhas
  • Patent number: 11876897
    Abstract: A user terminal generates a first key pair and a second key pair, transmits a permission request including a public encryption key of the second key pair after electronically signing the permission request with a secret encryption key, and acquires, from permission information transmitted from a right-holder terminal, a content decryption key by using a secret decryption key of the second key pair and uses the content. The right-holder terminal stores a third key pair and the content decryption key, verifies the permission request received, and encrypts the content decryption key by using the public encryption key of the second key pair included in the permission request and transmits the permission information including the encrypted content decryption key after electronically signing the permission information with a secret encryption key of the third key pair. The permission request and the permission information are transmitted and received via a blockchain.
    Type: Grant
    Filed: September 22, 2021
    Date of Patent: January 16, 2024
    Assignee: Nippon Telegraph and Telephone Corporation
    Inventors: Shigeru Fujimura, Akihito Akutsu, Tomokazu Yamada, Atsushi Nakadaira, Junichi Kishigami
  • Patent number: 11874950
    Abstract: Methods and systems for protecting membership privacy for secure computation and communication are provided. The method includes providing a first dataset, determining a number N based on a data privacy configuration, and generating a padding dataset having more than N elements. An intersection of the padding dataset and the first dataset is empty. The method also includes shuffling the padding dataset, up-sampling the first dataset with a first N elements of the shuffled padding dataset, and performing an intersection operation based on the up-sampled first dataset and a received dataset.
    Type: Grant
    Filed: April 7, 2023
    Date of Patent: January 16, 2024
    Assignee: Lemon Inc.
    Inventors: Jian Du, Bo Jiang, Haohao Qian, Qiang Yan
  • Patent number: 11861200
    Abstract: Systems and methods for recording information at a granular level; checking and verifying that data is used and processed is consistent with an entity's internal policies and/or external regulations; and producing reports to authorized users (e.g., individuals and organizations) with information are provided. The system and methods capture required data in an immutable fashion so that users outside of an entity (e.g., public, third parties) can check and audit that internal policies and other regulatory policies and frameworks are followed.
    Type: Grant
    Filed: November 18, 2022
    Date of Patent: January 2, 2024
    Assignee: IronNet Cybersecurity, Inc.
    Inventors: Robert L. Grossman, Matthew C. Swort, James E. Heath
  • Patent number: 11863541
    Abstract: A system and method for enabling secure device-to-device (D2D) communication between a plurality of user devices. The method includes providing public and private keys for each of the user devices, the private key arranged to decrypt data encrypted by the corresponding public key. A sender user device creates a digital signature using its private key. The sender double-encrypts a transmission using both the public keys of a recipient user device and a first relay user device. The transmission is transmitted from the sender to the recipient through a plurality of relay user devices. Each relay user device receives the transmission, decrypts a first layer of encryption with its private key, encrypts the transmission with the public key of a subsequent user device; and forwards the data transmission to the subsequent user device. The recipient authenticates the digital signature of the sender using the public key of the sender.
    Type: Grant
    Filed: December 21, 2018
    Date of Patent: January 2, 2024
    Assignee: SIGNIFY HOLDING B.V.
    Inventors: Zhang Yuting, Jin Yu, Dan Jiang, Dong Han
  • Patent number: 11848943
    Abstract: Systems and techniques for centralized threat intelligence are described herein. A connection may be established to a plurality of threat data sources. An anonymized set of threat data may be obtained by application of a set of privacy rules to the threat data from the plurality of threat data. A threat database may be populated with the anonymized set of threat data. A registration request may be received for a user of a device. A unique user identifier may be assigned for the user and a unique device identifier may be assigned for the device. A threat model may be generated based on a set of the characteristics from the threat database. A set of data access attributes may be received for a data access request. The data access request may be blocked based on an evaluation of the data access attributes using the threat model.
    Type: Grant
    Filed: July 11, 2022
    Date of Patent: December 19, 2023
    Assignee: Wells Fargo Bank, N.A.
    Inventors: Chad E. Adams, Daniel Robert Caricato, Kahlidah B. Covington, Ashley Brook Godfrey, Christopher Wayne Howser, Nicola A. Maiorana, Nirali J. Patel, Richard Joseph Schroeder, Roger Daryll White
  • Patent number: 11847222
    Abstract: Embodiments described herein are capable of preventing the installation of unwanted software bundled with a desired application at runtime, while allowing the installation of the desired application to continue as expected. For example, the embodiments described herein create a decoy in memory that preempts unwanted code. The decoy attracts any illegitimate code and diverts it into a dead end (e.g., the code is isolated, thereby preventing it from properly executing), while installation of the legitimate code (i.e., the desired application) flows as expected. The foregoing detects that a reflective loading process of DLL associated with the unwanted application has occurred, identifies the entity that attempted to perform the reflective loading process, and prevents the entity from completing the reflective loading process without terminating the main installer.
    Type: Grant
    Filed: March 21, 2019
    Date of Patent: December 19, 2023
    Assignee: Morphisec Information Security 2014 Ltd.
    Inventors: Michael Gorelik, Mordechai Guri, Ronen Yehoshua
  • Patent number: 11836272
    Abstract: Embodiments are directed to protection of privacy and data on smart edge devices. An embodiment of an apparatus includes a sensor to produce a stream of sensor data; an analytics mechanism; and a trusted execution environment (TEE) including multiple keys for data security, the apparatus to exchange keys with a host server to establish one or more secure communication channels between the apparatus and a TEE on a host server, process the stream of sensor data utilizing the analytics mechanism to generate metadata, perform encryption and integrity protection of the metadata utilizing a key from the TEE for the sensor, sign the metadata utilizing a private key for the analytics mechanism, and transfer the encrypted and integrity protected metadata and the signature to the host server via the one or more secure communication channels in a manner that prevents privileged users on the host from accessing the data.
    Type: Grant
    Filed: July 28, 2022
    Date of Patent: December 5, 2023
    Assignee: INTEL CORPORATION
    Inventors: Lawrence A. Booth, Jr., Salessawi Ferede Yitbarek, Reshma Lal, Pradeep M. Pappachan, Brent D. Thomas
  • Patent number: 11836263
    Abstract: Protecting data privacy in secure multi-party computation and communication is provided. A method of protecting data privacy includes determining a differential privacy configuration, determining a number of iterations based on a first parameter and a second parameter, and for each of the number of iterations generating a random value and a random noise data; generating a first message and a second message; and performing a transfer based on the first message, the second message, and an input data to output one of the first message and the second message. The method also includes generating a first noise data based on the random noise data in each of the number of iterations, generating a first share based on a first dataset and a second dataset, applying the first noise data to the first share, and constructing a result based on the first share and a second share.
    Type: Grant
    Filed: April 7, 2023
    Date of Patent: December 5, 2023
    Assignee: Lemon Inc.
    Inventors: Jian Du, Haohao Qian, Yongjun Zhao, Bo Jiang, Chuyuan Chen, Qiang Yan
  • Patent number: 11829492
    Abstract: A new approach is proposed to support hardware-based protection for registers of an electronic device. Sources requesting access to the registers are categorized into a set of internal sources that can be trusted and a set of external sources that are untrusted. The registers are classified into a set of internal registers allowed to be accessed by the internal resources only, a set of read-only external registers that can be read by the external resources in addition to accessed by the internal resources, and a set of read/write external registers that can be read and written by both the internal and the external resources. Each access request by a source to the registers includes the source type, wherein access request is granted or denied based on the matching between the source bits in the access request and the register classification bits of the one or more registers to be accessed.
    Type: Grant
    Filed: January 29, 2021
    Date of Patent: November 28, 2023
    Assignee: Marvell Asia Pte Ltd
    Inventors: Ramacharan Sundararaman, Saurabh Shrivastava, Avinash Sodani, Nithyananda Miyar
  • Patent number: 11811766
    Abstract: Systems, and methods are provided to provide cloud-based coordination of customer premise service appliances. A system can include a cloud-based service platform, which includes a coordination server and a cloud-based service appliance, and an on-premise service appliance. The coordination server is configured to establish a service session, select a service appliance, and control a sequence of operations on the selected service appliance. Establishing the service session can include establishing a service session with a first client in response to a service request received from the first client, the first client associated with an account including a service policy. Selecting the service appliance can include selecting the cloud-based service appliance or the on-premise service appliance, based on the service policy, to handle the service request.
    Type: Grant
    Filed: May 6, 2021
    Date of Patent: November 7, 2023
    Assignee: DocuSign, Inc.
    Inventors: Donald Grant Peterson, Eric Fleischman
  • Patent number: 11811823
    Abstract: A method for identifying data exfiltration attempts on a computer network comprising the following steps: identifying malicious data exfiltration behaviors (DEBs) for known adversary tactics in a knowledge base; identifying benign DEBs; comparing the malicious DEBs with the benign DEBs to identify network features that indicate malicious DEB; calculating, with a network analyzer, an entropy value for each identified network feature; establishing a threshold based on the calculated entropy values; building a complete profile of DEB based on the benign and malicious DEBs; adding every network feature having an entropy value greater than the threshold to a model; comparing the model to live network traffic; and flagging behavior in the live network traffic as a malicious DEB if such behavior includes a network feature that has an entropy value greater than the threshold regardless of whether or not the flagged behavior was previously recognized as a malicious DEB.
    Type: Grant
    Filed: July 27, 2021
    Date of Patent: November 7, 2023
    Assignee: United States of America as represented by the Secretary of the Navy
    Inventors: Jennifer Miuling Cheung, Antonio Monje
  • Patent number: 11803766
    Abstract: An automated security assessment service of a service provider network may identify, and notify a customer of, misconfigured VM instances that can be access (e.g., via the Internet). A scanner tool may call an automated reasoning service to identify any VM instances of a customer that can be accessed, and may receive information from the automated reasoning service that is usable to exchange packets with those identified instances. The scanner tool can use the information to send requests to the identified instances. After receiving responses from the identified instances, the scanner tool can store, in storage of a network-based storage service, and in association with a customer account of the customer, encrypted data about the results of the scan (e.g., any VM instances that are vulnerable to attackers), and this encrypted data is thereby accessible to the customer with proper decrypt permissions.
    Type: Grant
    Filed: December 12, 2019
    Date of Patent: October 31, 2023
    Assignee: Amazon Technologies, Inc.
    Inventors: Preethi Srinivasan, Sreekanth Reddy Polaka, Christopher Wooram Yi, John David Backes, Everett Richard Anthony, Aparna Nagargadde, Mark Edward Stalzer