Patents Examined by Jeffery L Williams
  • Patent number: 11455349
    Abstract: Described herein are methods, systems, and software to handle verification information in a content node. In one example, a method of operating a content node includes receiving a secure content request from an end user device and determining the availability of verification information stored on the content node to service the secure content request. The method further provides, if the verification information is available, verifying the end user device based on the verification information. The method also includes, if the verification information is unavailable, querying an origin server to verify the end user device.
    Type: Grant
    Filed: September 4, 2018
    Date of Patent: September 27, 2022
    Assignee: Fastly, Inc.
    Inventors: Artur Bergman, Tyler B. McMullen
  • Patent number: 11451374
    Abstract: A first device nonce and a first Hash based Message Authentication Code (HMAC) of the first device nonce using an old password as a key is received. The received first HMAC is compared to a computed second HMAC of the received first device nonce using a stored old password as the key for a match. In response to the match, a third HMAC of a second device nonce using the stored old password as the key is computed. A change password acknowledgement message is sent to the first device that comprises the second device nonce and the third HMAC. A final secret is computed using a second device secret and the first device nonce. A new password using a key derivation function that uses the old password and the final secret is computed. Thus, a new password is generated without sending the password over a network.
    Type: Grant
    Filed: February 24, 2021
    Date of Patent: September 20, 2022
    Assignee: MICRO FOCUS LLC
    Inventors: Vamsi Krishna, Harinath Jarugula, Keshavan Santhanam
  • Patent number: 11445376
    Abstract: A security establishment method includes generating a pair of keys via mutual authentication between a terminal device (110) and a serving network, and the terminal device (110) and the serving network sharing KASME by using the generated pair of keys (Steps S50 and S100), the terminal device (110) and a roaming destination network of the terminal device (110) generating, by using the KASME, KSEAF mapped with SEAF (50) (Steps S140 and S150), and the terminal device (110) and the roaming destination network generating, by using at least the KSEAF and SUPI used to recognize a subscriber in the serving network, KAMF mapped with AMF (60) (Steps S140 and S150).
    Type: Grant
    Filed: October 10, 2018
    Date of Patent: September 13, 2022
    Assignee: NTT DOCOMO, INC.
    Inventors: Hiroshi Aono, Alf Zugenmaier
  • Patent number: 11443072
    Abstract: A peripheral device package for use in a host computing device has a plurality of compute elements and a plurality of resources shared by the plurality of compute elements. A datastructure is stored in a hidden memory of the peripheral device package. The data structure holds metadata about ownership of resources of the peripheral device package by a plurality of user runtime processes of the host computing device which use the compute elements. At least one of the user runtime processes is a secure user runtime process. The peripheral device package has a command processor configured to use the datastructure to enforce isolation of the resources used by the secure user runtime process.
    Type: Grant
    Filed: June 29, 2018
    Date of Patent: September 13, 2022
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Stavros Volos, Kapil Vaswani
  • Patent number: 11438348
    Abstract: An apparatus may include a processor that may be caused to access a distribution of a plurality of values, each value of the plurality of values quantifying an event of an event type in a computer network. The processor may determine a mean of the plurality of values and a second highest value of the plurality of values, generate an expected maximum of the distribution based on the mean and the second highest value, and access a first value quantifying a first event of the event type in the computer network. The processor may further determine that the first event is an anomalous event based on the first value and the expected maximum.
    Type: Grant
    Filed: March 27, 2020
    Date of Patent: September 6, 2022
    Assignee: Interset Software, Inc.
    Inventors: Ross Diener, Shaun Pilkington, Maria Pospelova
  • Patent number: 11424926
    Abstract: The present disclosure is generally directed to systems and methods for providing privacy to a user of a user device that is used for interacting with a networked software platform. A server computer coupled to the user device receives a hashed device ID of the device and generates a unique user ID in the form of a unique number. The user ID can be used by the server and other entities to gather information related to the activities of the user with respect to the networked software platform, which can be, for example, a video game platform, a social media platform, or a health-related diagnostic tool. The identity of the user remains anonymous during the information gathering procedures because neither the device ID nor the identity of the user is transmitted over the network when the user is participating in activities of the networked software platform.
    Type: Grant
    Filed: April 23, 2020
    Date of Patent: August 23, 2022
    Assignee: Yo Corporation
    Inventor: Devang Jitendra Patel
  • Patent number: 11425167
    Abstract: An intelligent electronic device (IED) of an electric power distribution system includes processing circuitry and a memory that includes a tangible, non-transitory, computer-readable comprising instructions. The instructions, when executed by the processing circuitry, are configured to cause the processing circuitry to receive operating data associated with the electric power distribution system, determine whether the operating data matches with expected operating data, generate a connectivity association key (CAK) based on the operating data in response to a determination that the operating data matches with the expected operating data, and establishing a connectivity association based on the CAK.
    Type: Grant
    Filed: March 15, 2021
    Date of Patent: August 23, 2022
    Assignee: Schweitzer Engineering Laboratories, Inc.
    Inventors: Ryan Bradetich, Colin Gordon, Arun Shrestha, Karen S J Wyszczelski, Hidayatullah Ahsan
  • Patent number: 11418343
    Abstract: Techniques are described for enabling resources within a cloud computing system to interact with each other. In certain embodiments, a token renewal mechanism is provided for extending the duration in which a first resource can access another resource. The token renewal mechanism can involve the first resource periodically causing a new credential to be generated for itself and then communicating the new credential to an identity and access management (IAM) system. The new credential may be generated for compliance with a credential rotation policy specifying that credentials should be changed after a certain period of time. The IAM system may associate a digital access token with the new credential so that for subsequent requests, the IAM system will only recognize the resource principal based upon the new credential. The digital token can be invalidated if a new credential is not changed within the specified period of time.
    Type: Grant
    Filed: March 10, 2021
    Date of Patent: August 16, 2022
    Assignee: Oracle International Corporation
    Inventors: Ayman Mohammed Aly Hassan Elmenshawy, Girish Nagaraja, Daniel M. Vogel
  • Patent number: 11411932
    Abstract: Systems, devices, media, and methods are presented for device independent secure messaging. The systems and methods generate an encrypted message by encrypting message content, designated for a specified recipient, with an encryption key. The systems and methods select a set of recipient keys, associated with the specified recipient, from a plurality of member keys. For each recipient key, the systems and methods encrypt the encryption key to generate a set of encrypted keys and transmit the encrypted message and an encrypted key of the set of encrypted keys to one or more client devices associated with the specified recipient. The systems and methods then receive an acknowledgement indicating a termination status of the encrypted message.
    Type: Grant
    Filed: November 20, 2017
    Date of Patent: August 9, 2022
    Assignee: Snap Inc.
    Inventors: Michael Duong, Anirudh Garg, Subhash Sankuratripati, Edward Chenhui Xue, Marcel M. Yung
  • Patent number: 11411963
    Abstract: According to an example aspect of the present invention, there is provided a method, comprising: detecting, by a first wireless device, a locally accessible second wireless device, sending a request to the second device for network access via the second wireless device, setting network access terms with the second wireless device for temporary provision of network access for the first wireless device via the second wireless device, exchanging a set of bilateral transactions with the second wireless device for the network access, each of the transactions being associated with a network access resource provided by the second wireless device for the first wireless device according to the set access terms, and causing provision of a public transaction on the basis of the set of bilateral transactions to be distributed within a blockchain network.
    Type: Grant
    Filed: February 13, 2017
    Date of Patent: August 9, 2022
    Assignee: Nokia Technologies Oy
    Inventors: Karina Palyutina, Troels Roennow, Enrique Martín López
  • Patent number: 11399282
    Abstract: Technologies directed to a secured peer-to-peer cloud-assisted authentication exchange protocol are described. A first wireless device receives a first request including information identifying a second wireless device. The first wireless device determines that the information matches second information. The first wireless device activates a virtual access point (VAP) with a modified service set identifier (SSID) having a group identifier appended to a first SSID. The first wireless device authenticates the second wireless device to the VAP. The first wireless device sends credentials and a second SSID to the second wireless device. The second SSID corresponds to a second access point (AP). The first wireless device receives a second request from the second wireless device to connect to the second AP. The first wireless device authenticates the second wireless device with the second AP. The first wireless device deactivates the VAP after expiration of an amount of time.
    Type: Grant
    Filed: June 22, 2020
    Date of Patent: July 26, 2022
    Assignee: Amazon Technologies, Inc.
    Inventors: Kun Ting Tsai, Haritha Tamvada, Kiran Kumar Edara, Sarang Wagholikar, Nishant Suneel Sarmukadam, Ramesh Radhakrishnan
  • Patent number: 11395136
    Abstract: Various aspects of the present disclosure generally relate to wireless communication. In some aspects, a wireless device may receive a beamformed signal from a transmitting device. The wireless device may estimate a weighted sum based at least in part on one or more coefficients that relate to impairments associated with the transmitting device, a spatial location of the wireless device, and/or the like. The wireless device may determine a cryptographic key based at least in part on a ratio among the plurality of coefficients in the weighted sum, and one or more communications between the wireless device and the transmitting device may be secured based on the cryptographic key. Numerous other aspects are provided.
    Type: Grant
    Filed: September 25, 2019
    Date of Patent: July 19, 2022
    Assignee: QUALCOMM Incorporated
    Inventors: David Yunusov, Assaf Touboul, Gideon Shlomo Kutz, Shay Landis
  • Patent number: 11395143
    Abstract: This application discloses a network access method and apparatus, and a network device. The network access method is performed by an access gateway, includes: receiving a PPPoE message or a IPoE message sent by a user terminal, obtaining access information included in the PPPoE message or the IPoE message; encapsulating the access information into an NAS message or an EAP message; then, sending the NAS message or the EAP message to a control plane function entity CP; receiving network interface information sent by the CP; and sending the network interface information to the user terminal, so that the user terminal accesses a network. As can be learned from this solution, the user terminal is not limited by a protocol stack when accessing the network. Therefore, full services can be provided by deploying only one core network. This not only saves a resource but also facilitates network maintenance.
    Type: Grant
    Filed: September 10, 2019
    Date of Patent: July 19, 2022
    Assignee: HUAWEI TECHNOLOGIES CO., LTD.
    Inventors: Youyang Yu, Hua Li
  • Patent number: 11381592
    Abstract: The invention relates to a computer-implemented system and method for automatic collection, analysis and reporting of data relating to a cybersecurity threat. The method may comprise the steps of: presenting an interface through which an executable can be configured and automatically generated; transmitting the executable to a client to enable the client to execute the executable on client systems to automatically collect forensic data; receiving from the client an encrypted data package that includes the forensic data; using a forensic toolset to automatically analyze the forensic data; presenting an option to select one or more of at least two types of output reports designed for different types of readers; inputting the analysis files into an automatic report generator to automatically generate the types of output reports selected by the client; and sending the output reports selected by the client to the client.
    Type: Grant
    Filed: June 18, 2021
    Date of Patent: July 5, 2022
    Assignee: KPMG LLP
    Inventors: David Benjamin Nides, David Phillip Cartier, Hernan Rael Cortes, Edward L. Goings, Zachariah Sheldon Harris, Brian John Marks, Matthew Lewis Seyer, Andrea Sancho Silgado
  • Patent number: 11374967
    Abstract: A system and method for detecting replay attacks on secure data are disclosed. A system on a chip (SOC) includes a security processor. Blocks of data corresponding to sensitive information are stored in off-chip memory. The security processor uses an integrity data structure, such as an integrity tree, for the blocks. The intermediate nodes of the integrity tree use nonces which have been generated independent of any value within a corresponding block. By using only the nonces to generate tags in the root at the top layer stored in on-chip memory and the nodes of the intermediate layers stored in off-chip memory, an amount of storage used is reduced for supporting the integrity tree. When the security processor detects events which create access requests for one or more blocks, the security processor uses the integrity tree to verify a replay attack has not occurred and corrupted data.
    Type: Grant
    Filed: February 14, 2019
    Date of Patent: June 28, 2022
    Assignee: Apple Inc.
    Inventors: Zhimin Chen, Timothy R. Paaske, Gilbert H. Herbeck
  • Patent number: 11374737
    Abstract: A method of response signal processing applied in traction power networks, comprising establishing an data transmission channel between a target and a backend terminal through a relay router in a power distribution room; delivering a temperature-humidity information to the backend terminal by the target through the data transmission channel, and a response signal being delivered to the relay router; the relay router determining a second signal to noise ratio (SNR) according to a first SNR of the data transmission channel responded from the target when a noise ratio (NR) adjusting requirement is satisfied; the relay router determining a first identification of encryption algorithm based on the second SNR, and transmitting the first identification of encryption algorithm to the target. The present invention avoids the needs for retransmitting encrypted response signals for several times during transmission between the backend terminal and the charging controller.
    Type: Grant
    Filed: December 8, 2019
    Date of Patent: June 28, 2022
    Assignee: Nanjing Institute of Railway Technology
    Inventors: Qihou Song, Honggao Feng, Baichuan Xu
  • Patent number: 11373012
    Abstract: A smart display card and an operation method thereof are provided. The smart display card includes a connection interface, a security chip, a processing chip, and a display. The connection interface receives a power signal and a data signal provided by an external card reader when the smart display card is connected to the external card reader. The security chip is coupled to the connection interface and receives the power signal and the data signal. The security chip complies with a first communication protocol. The processing chip is coupled to the connection interface and receives the power signal and the data signal. The processing chip complies with a second communication protocol different from the first communication protocol. The display is coupled to the processing chip. The processing chip drives the display based on the power signal and the data signal.
    Type: Grant
    Filed: June 3, 2019
    Date of Patent: June 28, 2022
    Assignee: E Ink Holdings Inc.
    Inventors: Chuen-Jen Liu, Jia-Hong Xu
  • Patent number: 11368280
    Abstract: Efficient polynomial multiplication for Accelerated Fully Homomorphic Encryption (FHE). An efficient method for large integer and polynomial multiplication in a ring using negacyclic convolution and discrete Galois transform with arbitrary primes is described. The method is adapted to work with arbitrary primes that support Gaussian arithmetic. Dealing with non-Gaussian primes gives rise to another problem of how to find primitive roots of unity and of (i). An efficient solution to find those roots of interest is provided.
    Type: Grant
    Filed: July 24, 2018
    Date of Patent: June 21, 2022
    Assignee: Agency for Science, Technology and Research
    Inventors: Ahmad Al Badawi, Khin Mi Mi Aung
  • Patent number: 11368301
    Abstract: The present invention is a platform and/or agnostic method and system operable to protect data, documents, devices, communications, and transactions. Embodiments of the present invention may be operable to authenticate users and may be operable with any client system. The method and system are operable to disburse unique portions of anonymous related information amongst multiple devices. These devices disburse unique portions of anonymous information and are utilized by the solution to protect sensitive data transmissions, and to authenticate users, data, documents, device and transactions. When used for authentication, login-related information is not stored in any portion of the solution, users and devices are anonymously authenticated. The solution also permits a user to access secured portions of the client system through a semi-autonomous process and without having to reveal the user's key.
    Type: Grant
    Filed: January 25, 2021
    Date of Patent: June 21, 2022
    Assignee: Autnhive Corporation
    Inventor: Devi Selva Kumar Vijayanarayanan
  • Patent number: 11366893
    Abstract: Systems, methods, and non-transitory computer-readable media can receive a notification of a user request to securely process a first set of data. A time estimate is calculated, wherein the time estimate is indicative of an expected amount of time for a secure data processing application to process the first set of data. An actual utilization time required for a first instance of the secure data processing application to process the first set of data is measured. A determination is made as to whether the secure data processing application may be compromised based on a comparison of the time estimate and the actual utilization time. In various embodiments, a re-cryptor process is used to change the cryptographic keys accessed by the secure data processing application. In various embodiments, a re-credentialer is used to change the database access credentials the secure data processing application used to access the encrypted data.
    Type: Grant
    Filed: October 27, 2020
    Date of Patent: June 21, 2022
    Assignee: Ent. Services Development Corporation LP
    Inventors: Jeff Kalibjian, Scott Lopez, Peter Eugene Schmidt, II, Mari Mortell Kwee