Patents Examined by Jeffrey D. Popham
  • Patent number: 12026219
    Abstract: The disclosed concepts achieve privacy for data operated on by an algorithm in an efficient manner A method includes receiving a first algorithm subset, receiving a second algorithm subset, generating two shares of a first mathematical set based on the first algorithm subset and transmitting the two shares of the first mathematical set from a first entity to a second entity. The method can include generating two shares of a second mathematical set based on the second algorithm subset, transmitting the two shares of the second mathematical set from the second entity to the first entity, receiving first split data subset of a full data set and receiving a second split data subset of the full data set. The system, based on these subsets of data, generates a first output subset and a second output subset which are combined for the final output.
    Type: Grant
    Filed: March 24, 2020
    Date of Patent: July 2, 2024
    Assignee: TRIPLEBLIND, INC.
    Inventors: Greg Storm, Riddhiman Das, Babak Poorebrahim Gilkalaye
  • Patent number: 11977621
    Abstract: A system and associated methods for authenticating physical or digital objects are disclosed. In at least one embodiment, a plurality of authentication devices is initiated, with each of the authentication devices associated with a one of the objects and containing a unique authentication sequence algorithm used to generate a sequence of device sequence values stored on each said authentication device. Upon a user desiring to authenticate a given object via a user application on a user device, the authentication device provides a data set to an authentication server. If the authentication server locates the authentication device in an authentication table, and subsequently processes the data set successfully, the authentication server obtains from the authentication table a server sequence value associated with the authentication device. If the device sequence value is later in the sequence than the server sequence value, the authentication server transmits a success message to the user application.
    Type: Grant
    Filed: April 12, 2023
    Date of Patent: May 7, 2024
    Inventors: Cynthia Fascenelli Kirkeby, Anthony Suk Ko
  • Patent number: 11968292
    Abstract: Data is encoded to be incrementally authenticable. A plaintext is used to generate a ciphertext that comprises a plurality of authentication tags. Proper subsets of the authentication tags are usable to authenticate respective portions of plaintexts obtained from the ciphertext. Portions of the plaintext can be obtained and authenticated without decrypting the complete ciphertext.
    Type: Grant
    Filed: December 18, 2014
    Date of Patent: April 23, 2024
    Assignee: Amazon Technologies, Inc.
    Inventor: Hanson Char
  • Patent number: 11915524
    Abstract: This disclosure relates generally to a method and system for online handwritten signature verification providing a simpler low cost system. The method comprises extracting signature data for the subject from a sensor array for the predefined time window at regular predefined time instants. Further, differentiating the matrix row wise and column wise to generate a row difference matrix and a column difference matrix. Further, determining an idle signature time fraction for the extracted signature data of the subject being monitored from the column difference matrix. Further, determining a plurality of signature parameters based on the row difference matrix and the column difference matrix.
    Type: Grant
    Filed: February 18, 2019
    Date of Patent: February 27, 2024
    Inventors: Dibyendu Roy, Arijit Chowdhury, Arijit Sinharay, Avik Ghose
  • Patent number: 11888884
    Abstract: A cyber threat intelligence infrastructure allows processing of network data to enrich captured data with data from different sources to identify possible and/or actual cyber threats.
    Type: Grant
    Filed: December 21, 2017
    Date of Patent: January 30, 2024
    Assignee: BCE Inc.
    Inventors: Hakem Habib, Kushwant Singh Gidda, Corey Still, Maciej Broda, Amir-Hossein Razavi, Matthew Kitching, Marc-Andre Hervieux, James Skinner, Mahamudul Chowdhury, Shaffiq Dhanji
  • Patent number: 11860985
    Abstract: A user of a device is authenticated after providing a pass code or other data confirming the user can access data on the device. While the user uses the device, behaviometric data is recorded which includes measures of how the user uses the device. Additional data, however, can only be accessed with a biometric and/or second authentication after collecting at least some behaviometric data, in embodiments of the disclosed technology. Depending on how close of a match the behaviometric data received is to previously recorded behaviometric data for the particular user, a threshold minimum is set for the biometric match in order to grant stepped up authentication and authorization to view the additional data. In this manner, a legitimate user often requires less time to authenticate compared to the prior art and a fraudulent user is rejected from access to sensitive data more accurately.
    Type: Grant
    Filed: April 8, 2019
    Date of Patent: January 2, 2024
    Assignee: BEHAVIOSEC INC
    Inventors: Ingo Deutschmann, Per Burstrom
  • Patent number: 11743257
    Abstract: An application-operating organization may delegate a third-party server to serve as an automated contextual authentication responder and an authorization responder. The third-party server may manage a delegated section of the organization's namespace that includes the public identities of various devices controlled by the organization. The third-party server may also dynamically generate interaction control list that is tailored to a requesting device's context based on the interaction control policies set forth by the organization. The interaction control list may include information that determines the authorization of the requesting device to interact with another device. The third-party server may also automatically determine the role of a new device to which existing policies are inapplicable and provide guided workflow for the organization to set up new interaction control policies in governing the new device.
    Type: Grant
    Filed: January 22, 2021
    Date of Patent: August 29, 2023
    Assignee: ValiMail Inc.
    Inventors: Peter Martin Goldstein, Seth Joshua Blank, Ashley Duane Wilson, Jack William Abbott, Robert Benjamin Barclay
  • Patent number: 11720661
    Abstract: Systems and methods for a passive wireless multi-factor authentication approach are provided. According to one embodiment, a user authentication request is received by a first computing device connected to a private network. The user authentication request is sent by an endpoint protection suite running on the first computing device to an authentication device associated with the private network. A proximity of a second computing device, which was previously registered with the authentication device to be used as a factor of a multi-factor authentication process involving the first computing device, is determined by the authentication device in relation to one or more wireless access points of a wireless network of the private network. The user authentication request is then processed by the authentication device based on the proximity.
    Type: Grant
    Filed: December 18, 2017
    Date of Patent: August 8, 2023
    Assignee: Fortinet, Inc.
    Inventor: Eric C. Hastings
  • Patent number: 11706195
    Abstract: The technology disclosed herein enables micro-segmentation of virtual computing elements. In a particular embodiment, a method provides identifying one or more multi-tier applications comprising a plurality of virtual machines. Each application tier of the one or more multi-tier applications comprises at least one of the plurality of virtual machines. The method further provides maintaining information about the one or more multi-tier applications. The information at least indicates a security group for each virtual machine of the plurality of virtual machines. Additionally, the method provides identifying communication traffic flows between virtual machines of the plurality of virtual machines and identifying one or more removable traffic flows of the communication traffic flows based, at least in part, on the information. The method then provides blocking the one or more removable traffic flows.
    Type: Grant
    Filed: December 15, 2020
    Date of Patent: July 18, 2023
    Assignee: Nicira, Inc.
    Inventors: Laxmikant Gunda, Rajiv Krishnamurthy
  • Patent number: 11657143
    Abstract: A request control device, when receiving a request issued from a client to a Web system, causes a sandbox in which an environment of the Web system is reproduced to inspect the request. The request control device transfers the request to the Web system if an inspection result of the request in the sandbox does not indicate detection of an attack. The request control device does not transfer the request to the Web system if the inspection result of the request indicates detection of an attack.
    Type: Grant
    Filed: January 26, 2018
    Date of Patent: May 23, 2023
    Inventors: Yang Zhong, Tohru Sato
  • Patent number: 11646867
    Abstract: Systems and methods for increasing security in a computer system are provided. The system includes one or more logic circuits. The one or more logic circuits receive a plurality of independent first entropy values from a hardware source, apply at least some of the plurality of independent first entropy values to a function to generate a second entropy value, and seed a pseudorandom number generator with the second entropy value. The one or more logic circuits also generate a random number using the pseudorandom number generator seeded with the second entropy value and may produce a block of ciphertext or message authentication code using the random number, or otherwise use the generated numbers as secure random numbers in applications such as cryptographic protocols.
    Type: Grant
    Filed: December 22, 2017
    Date of Patent: May 9, 2023
    Assignee: The Boeing Company
    Inventor: Laszlo Hars
  • Patent number: 11636187
    Abstract: Disclosed herein are systems and methods for continuous user authentication during access of a digital service. In an exemplary aspect, a continuous authentication module may receive, at a computing device, initial authentication credentials of the user. The initial authentication credentials enable access to a service via the computing device. While the service is being accessed, the continuous authentication module may continuously monitor whether an unauthorized user has replaced the user in accessing the service by comparing usage attributes of the service with historic usage attributes associated with the user. In response to determining that the unauthorized user has replaced the user, the continuous authentication module may cease the access to the service via the computing device.
    Type: Grant
    Filed: December 17, 2019
    Date of Patent: April 25, 2023
    Assignee: Acronis International GmbH
    Inventors: Oleg Melnikov, Alexander Tormasov, Serguei Beloussov, Stanislav Protasov
  • Patent number: 11570188
    Abstract: A dark web monitoring, analysis and alert system comprising a data receiving module configured to receive data collected from the dark web and structured; a Structured Data Database (SDD) connected with the data receiving module, the SDD configured to store the structured data; a Text Search and Analytic Engine (TSAE) connected with the SDD, the TSAE configured to enable advanced search and basic analysis in the structured data; a Knowledge Deduction Service (KDS) connected with the TSAE, the KDS configured to deeply analyze the collected data; the deep analysis comprises extracting insights regarding dark web surfers behavioral patterns and interactions; a Structured Knowledge Database (SKD) connected with the KDS, the SKD configured to store the deep analysis results; and an Alert Service connected with the TSAE and the SKD, the Alert Service configured to provide prioritized alerts based on the deep analysis.
    Type: Grant
    Filed: December 27, 2016
    Date of Patent: January 31, 2023
    Assignee: Sixgill Ltd.
    Inventors: Elad Lavi, Avi Kasztan
  • Patent number: 11537706
    Abstract: A service provider receives a set of credentials from a customer and a request to access one or more services provided by the service provider. An authentication service of the service provider receives the set of credentials and, based at least in part on the received set of credentials, one or more activities performed by the customer, the customer's user profile, and the system configuration of the customer's computing device, calculates a risk score. The authentication service subsequently utilizes the calculated risk score to determine a credential rotation schedule for the set of credentials. The authentication service updates one or more servers to enforce the new credential rotation schedule and enables the customer to utilize the set of credentials to access the one or more services.
    Type: Grant
    Filed: December 19, 2014
    Date of Patent: December 27, 2022
    Assignee: Amazon Technologies, Inc.
    Inventor: Nima Sharifi Mehr
  • Patent number: 11526620
    Abstract: Techniques for enabling impersonation without requiring an access manager (AM) controlling access to a computing resource to have direct access to user information. The AM receives an impersonation request for a first user to impersonate a second user, the request being received during a first session initiated by the first user. The second user has an access privilege that permits access to the computing resource. The AM causes information to be obtained from an identity provider, the information being stored in a location inaccessible to the AM and indicating whether the first user has been granted permission to impersonate the second user. An impersonation session is initiated based on determining, using the information obtained from the identity provider, that the first user has been granted permission to impersonate the second user. The initiating comprises switching a user associated with the first session from the first user to the second user.
    Type: Grant
    Filed: October 16, 2018
    Date of Patent: December 13, 2022
    Inventor: Ramya Kukehalli Subramanya
  • Patent number: 11516011
    Abstract: A blockchain integrated station initiates a ciphertext request to a server, where the ciphertext request includes first information associated with input data of an off-chain contract. The blockchain integrated station obtains, from the server, an execution result, where the execution result is obtained by the server by executing the off-chain contract using the input data.
    Type: Grant
    Filed: June 29, 2021
    Date of Patent: November 29, 2022
    Assignee: Alipay (Hangzhou) Information Technology Co., Ltd.
    Inventors: Changzheng Wei, Ying Yan, Hui Zhang
  • Patent number: 11483288
    Abstract: Distributed firewalls reside at different points across a network. Each distributed firewall can include one or more rules that govern traffic over and/or access to the network. The rules can be discovered, converted into a standardized format, and indexed at a centralized rule database. The rules or data of the rules can be verified. The rules can be certified at the centralized database. The certification process can be based on a direction of traffic to which the rule governs. The certification process may have different levels based on the direction of traffic.
    Type: Grant
    Filed: September 13, 2019
    Date of Patent: October 25, 2022
    Assignee: Wells Fargo Bank, N.A.
    Inventors: Justin Dunn, Artemio V. Meras, III, Brian Schlemmer, Shawn M. Craig, Duncan Molony, Christopher Houser, Michael Scott Hopkins, Kerrie Heller, Michael Dutilly, Christy K. Lewis Lester, Jonathan Louis Gabel
  • Patent number: 11470094
    Abstract: A content replication connector receives control data associated with replication of content data from a source system. Based on the control data, the content replication connector fetches the content data from the source system, converts the content data from a first data format to a second data format, and sends the content data to a content replication server. The content replication server replicates the content data, and a target system fetches the content data from the content replication server.
    Type: Grant
    Filed: December 16, 2016
    Date of Patent: October 11, 2022
    Assignee: SAP SE
    Inventors: Thomas Kunz, Omar-Alexander Al-Hujaj, Jens Baumgart, Harish Mehta, Florian Chrosziel, Marco Rodeck, Thorsten Menke
  • Patent number: 11429725
    Abstract: Systems and methods involve a database function of an ATM processor on which rules database records for positive transition flows of ATM hardware or software activities are stored, a security agent function of the ATM processor that extracts data points from a transition flow for every succeeding ATM activity, and an algorithm function of the ATM processor that generates a rules database record for the transition flows for succeeding ATM activity based on the extracted data points and discards any generated rules database record that is identical to a rules database record already stored on the rules database function. A discovery phase of the algorithm function stores new rules database records, rules database function, and a protection phase of the algorithm function selects a risk protocol, when a generated record is not identical to a record already stored.
    Type: Grant
    Filed: April 26, 2018
    Date of Patent: August 30, 2022
    Inventor: Ganesh Banerjee
  • Patent number: 11397804
    Abstract: A system and associated methods for authenticating an at least one tangible product are disclosed. In at least one embodiment, upon a user desiring to authenticate a given product via a user application on a user device, an authentication request is initiated with an authentication device attached to the product. A device variable count on the authentication device is incremented based on an underlying algorithm, and the authentication device generates a data set containing at least one of a unique device identifier, a unique device key and the device variable count. The authentication device provides the data set and the device identifier to the user application, which then transmits the data to an authentication server. If the authentication server locates the device identifier in an authentication table, and subsequently processes the data set successfully, the authentication server obtains from the authentication table a server variable count associated with the device identifier.
    Type: Grant
    Filed: October 9, 2019
    Date of Patent: July 26, 2022
    Inventors: Cynthia Fascenelli Kirkeby, Anthony Suk Ko