Patents Examined by Jung W Kim
  • Patent number: 10924512
    Abstract: Examples described herein include systems and methods for providing secure access to an email server. A gateway server can receive a request for email notification information from a notification server and parse the request to identify at least one user device associated with the request. The gateway server can then determine whether the identified devices comply with any applicable compliance rules, for example by requesting a compliance status from a management server at which the identified devices are enrolled. If at least one of the identified devices is in compliance, the gateway can pass the request through to the email server. The gateway can then receive a response from the email server and provide it to the notification server.
    Type: Grant
    Filed: March 7, 2018
    Date of Patent: February 16, 2021
    Assignee: VMware, Inc.
    Inventors: Ruben Nieves, Ian Ragsdale, Evan Hurst, Martin Kniffin, Manish Kumar
  • Patent number: 10915624
    Abstract: A method for determining behavior information corresponding to a dangerous file in a computer device includes running the dangerous file in a virtual environment of the computer device when detecting existence of the dangerous file, wherein the virtual environment comprises at least one virtual API identical to at least one real API in a real environment of the computer device; monitoring behavior(s) of the dangerous file in the virtual environment to obtain the behavior information corresponding to the dangerous file. According to the solution of the present disclosure, it does not need to analyze disruptive behaviors of a dangerous file manually, the behavior information of the dangerous file can be quickly obtained in a virtual environment, thereby quickly and comprehensively repair the real system of the computer device.
    Type: Grant
    Filed: June 25, 2015
    Date of Patent: February 9, 2021
    Assignee: Baidu Online Network Technology (Beijing) Co., Ltd.
    Inventors: Keming Qian, Mingqiang Guo
  • Patent number: 10909248
    Abstract: A secure boot mechanism is described. The secure boot mechanism can operate in environments not originally designed to support such a mechanism. Downstream boot components can be executed from an encrypted boot partition. A first stage boot loader (FSBL) can load a second stage boot loader (SSBL) from an encrypted disk partition. The FSBL can decrypt and load the SSBL. The FSBL can intercept all I/O initiated by the SSBL so that the SSBL can transparently operate on an encrypted disk partition as though the encrypted disk were unencrypted.
    Type: Grant
    Filed: June 29, 2017
    Date of Patent: February 2, 2021
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Michael Eugene Brasher, Nicholas Harvey Meier
  • Patent number: 10904017
    Abstract: Disclosed herein are methods, systems, and apparatus, including computer programs encoded on computer storage media, for managing blockchain-based centralized ledger systems. One of the methods includes transmitting a timestamp request for a to-be-timestamped block of a blockchain at a time point to a trust time server by a ledger server in a blockchain-based centralized ledger system that stores data in the blockchain, the trust time server being associated with a trust time authority and independent from the blockchain-based centralized ledger system, the blockchain including a plurality of blocks storing transaction data, and disregarding the timestamp request in response to determining that a predetermined time period has lapsed after the time point and that there has been no reply to the timestamp request from the trust time server.
    Type: Grant
    Filed: July 9, 2020
    Date of Patent: January 26, 2021
    Assignee: Advanced New Technologies Co., Ltd.
    Inventors: Yize Li, Yuan Zhang, Wenyuan Yan, Benquan Yu, Xinying Yang
  • Patent number: 10896029
    Abstract: The disclosure relates to a method for constructing a graph data structure as an intermediate representation of source code for a compiler configured for compiling the source code into executable machine code running on a processor of a computer system, wherein program operations of the source code are represented in an object-oriented programming language by objects of classes that form a hierarchy growing from a base node class of the graph data structure, the method comprising: producing new nodes of the graph data structure by calling factory methods associated with existing nodes of the graph data structure based on a factory method design pattern implemented in the nodes of the graph data structure, wherein the nodes of the graph data structure are identified by symbols; and using the symbols as proxies of the nodes of the graph data structure according to a proxy design pattern.
    Type: Grant
    Filed: January 22, 2016
    Date of Patent: January 19, 2021
    Assignee: HUAWEI TECHNOLOGIES CO., LTD.
    Inventors: Alexander Vladimirovich Slesarenko, Anton Yurievich Orlov, Hongbo Zhang
  • Patent number: 10891146
    Abstract: A data processing system operates in a plurality of modes including a first privilege mode and a second privilege mode with the first privilege mode giving rights of access that are not available in the second privilege mode. Application code executes in the second privilege mode and generates function calls to hypervisor code which executes in the first privilege mode. These function calls are to perform a secure function requiring the rights of access which are only available in the first privilege mode. Scheduling code which executes in the second privilege mode controls scheduling of both the application code and the hypervisor code. Memory protection circuitry operating with physical addresses serves to control access permissions required to access different regions within the memory address space using configuration data which is written by the hypervisor code.
    Type: Grant
    Filed: April 20, 2015
    Date of Patent: January 12, 2021
    Assignee: ARM IP Limited
    Inventors: Milosch Meriac, Hugo John Martin Vincent, James Crosby
  • Patent number: 10877816
    Abstract: A method includes obtaining a plurality of tasks, where certain tasks have a dependency relationship to other tasks. The method also includes arranging the tasks into multiple levels based on the dependency relationships between the tasks, each level having at least one task. The method further includes, for a particular level, determining a list of possible assignment scenarios of the at least one task of the level to multiple processing devices, determining a cost for each of the assignment scenarios, and selecting the assignment scenario having a lowest cost. Each assignment scenario includes an assignment of each of the at least one task of the level to one of the processing devices. The method includes also building a schedule by assigning the tasks to the processing devices based on the selected assignment scenarios.
    Type: Grant
    Filed: April 20, 2016
    Date of Patent: December 29, 2020
    Assignee: Samsung Electronics Co., Ltd.
    Inventor: Frank Z. Brill
  • Patent number: 10873450
    Abstract: The present disclosure relates to deriving cryptographic keys for use in encrypting data based on a plaintext to be encrypted. An example method generally includes receiving, from a querying device, a request for a cryptographic key. The request generally includes data derived from a plaintext value to be encrypted and an indication of a type of the plaintext value to be encrypted. A cryptographic key is generated based, at least in part, on the derived data and the type of the plaintext value to be encrypted. The key deriver transmits the generated cryptographic key to the querying device.
    Type: Grant
    Filed: November 16, 2017
    Date of Patent: December 22, 2020
    Assignee: INTUIT INC.
    Inventors: Gleb Keselman, Ernesto Nebel, Jeffery Weber, Noah Kauhane, Vinu Somayaji, Yaron Sheffer
  • Patent number: 10873569
    Abstract: A communication device of handling data transmission comprises instructions of configuring a first bearer and a second bearer according to at least one bearer configuration received from a network; encrypting a first packet of a first flow into a first encrypted packet according to an encryption key and a first bearer identity of the first bearer; receiving a second packet of the first flow from the network via the second bearer, before transmitting the first encrypted packet to the network successfully; transmitting the first encrypted packet to the network via the first bearer, after receiving the second packet; encrypting a third packet of the first flow into a second encrypted packet according to the encryption key and a second bearer identity of the second bearer in response to the second packet; and transmitting the second encrypted packet to the network via the second bearer.
    Type: Grant
    Filed: September 23, 2019
    Date of Patent: December 22, 2020
    Assignee: HTC Corporation
    Inventor: Chih-Hsiang Wu
  • Patent number: 10860352
    Abstract: Embodiments disclosed herein provide systems, methods, and computer readable media for managing data consumption rate in a virtual data processing environment. In a particular embodiment, a method provides, in a cache node of a host system, identifying read completions for one or more virtual machines instantiated in the host system, with the one or more virtual machines processing one or more processing jobs. The method further provides allocating the read completions to individual processing jobs of the one or more processing jobs and accumulating the read completions on a per-job basis, with the cache node determining a data consumption rate for each processing job of the one or more processing jobs.
    Type: Grant
    Filed: July 25, 2014
    Date of Patent: December 8, 2020
    Assignee: Hewlett Packard Enterprise Development LP
    Inventors: Thomas A. Phelan, Joel Baxter
  • Patent number: 10860354
    Abstract: A data processing system operates in a plurality of modes including a first privilege mode and a second privilege mode with the first privilege mode giving rights of access that are not available in the second privilege mode. Application code executes in the second privilege mode and generates function calls to hypervisor code which executes in the first privilege mode. These function calls are to perform a secure function requiring the rights of access which are only available in the first privilege mode. Scheduling code which executes in the second privilege mode controls scheduling of both the application code and the hypervisor code. Memory protection circuitry operating with physical addresses serves to control access permissions required to access different regions within the memory address space using configuration data which is written by the hypervisor code.
    Type: Grant
    Filed: April 20, 2015
    Date of Patent: December 8, 2020
    Assignee: ARM IP Limited
    Inventors: Milosch Meriac, Hugo John Martin Vincent, James Crosby
  • Patent number: 10860355
    Abstract: This disclosure relates to managing user density in a virtual desktop infrastructure. The method includes installing plurality of virtual machine agents on plurality of virtual machines and at least one hypervisor agent on at least one hypervisor host. The method includes configuring each of plurality of virtual machine agents and each of the at least one hypervisor agent to capture virtual machine management data from the plurality of virtual machines and the at least one hypervisor host. The method includes analyzing virtual machine management data to determine a plurality of sets of common applications. The method includes creating a plurality of dedicated virtual desktops and a plurality of session sharable virtual desktops. One of the plurality of sets of common applications is installed on one of the plurality of session sharable virtual desktops and at least one unique application is installed on one of the plurality of dedicated virtual desktops.
    Type: Grant
    Filed: March 13, 2017
    Date of Patent: December 8, 2020
    Assignee: Wipro Limited
    Inventor: Narasimha Sekhar Kakaraparthi
  • Patent number: 10862689
    Abstract: Disclosed embodiments relate to verifying identities based on identity-inherent data that is inaccessible to the system. Techniques include receiving, from a client, an encrypted token, the encrypted token having been encrypted at the client using a cryptographic key created at the client based on identity-inherent data of an identity of the client; wherein the identity-inherent data of the identity is not itself received by the system, and wherein the cryptographic key is accessible only to the client; and storing the encrypted token in association with a hash of a decrypted version of the encrypted token to allow for comparing the stored hash with a created hash and determining whether to verify the identity based on a result of the comparing.
    Type: Grant
    Filed: July 23, 2019
    Date of Patent: December 8, 2020
    Assignee: CYBERARK SOFTWARE LTD.
    Inventors: Evgeni Aizikovich, Boris Spivak, Michael Yavnilovich, Tal Kandel, Hadas Elkabir
  • Patent number: 10860460
    Abstract: Systems and methods for managing Application Programming Interfaces (APIs) are disclosed. Systems may involve automatically generating a honeypot. For example, the system may include one or more memory units storing instructions and one or more processors configured to execute the instructions to perform operations. The operations may include receiving, from a client device, a call to an API node and classifying the call as unauthorized. The operation may include sending the call to a node-imitating model associated with the API node and receiving, from the node-imitating model, synthetic node output data. The operations may include sending a notification based on the synthetic node output data to the client device.
    Type: Grant
    Filed: March 22, 2019
    Date of Patent: December 8, 2020
    Assignee: Capital One Services, LLC
    Inventors: Austin Walters, Jeremy Goodsitt, Vincent Pham, Kate Key
  • Patent number: 10860705
    Abstract: A human challenge can be presented in an augmented reality user interface. A user can use a camera of a smart device to capture a video stream of the user's surroundings, and the smart device can superimpose a representation of an object on the image or video stream being captured by the smart device. The smart device can display in the user interface the image or video stream and the object superimposed thereon. The user will be prompted to perform a task with respect to one or more of these augmented reality objects displayed in the user interface. If the user properly performs the task, e.g., selects the correct augmented reality objects, the application will validate the user as a person.
    Type: Grant
    Filed: May 16, 2019
    Date of Patent: December 8, 2020
    Assignee: CAPITAL ONE SERVICES, LLC
    Inventor: Jayaraman Ganeshmani
  • Patent number: 10853470
    Abstract: Some aspects of the disclosure provide a method comprising receiving, on a digital device, a selection of a first application state of a set of application states of an application, identifying and retrieving path instructions indicating a series of steps to navigate the application to the selected first application state of the set of application states, providing the path instructions to an accessibility module configured to provide accessibility services to a user of the digital device, and navigating, by the accessibility module, the application using the path instructions to configure the application to the selected first application state.
    Type: Grant
    Filed: December 29, 2014
    Date of Patent: December 1, 2020
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Manikandan Sankaranarasimhan, Kalyan Desineni
  • Patent number: 10848543
    Abstract: A system provides cloud-based identity and access management. The system receives a request from a client for obtaining an access token for a user to access a resource. The system determines, based on the request, a tenancy of the client, a tenancy of the user, and a tenancy of the resource. The system accesses a microservice based on the request, and performs an identity management service by the microservice based on the request, where the identity management service includes generating the access token that identifies the tenancy of the resource and the tenancy of the user.
    Type: Grant
    Filed: January 14, 2019
    Date of Patent: November 24, 2020
    Assignee: Oracle International Corporation
    Inventors: Vadim Lander, Ajay Sondhi
  • Patent number: 10841329
    Abstract: A mechanism is provided in a data processing system comprising at least one processor and at least one memory, the at least one memory comprising instructions which are executed by the at least one processor and configure the processor to implement a cognitive security system. The cognitive security system generates a violation array. Each entry of the violation array represents identification of a workflow activity that violates a security policy. Responsive to a new workflow orchestration being created by a user, the cognitive security system compares each activity of the new workflow orchestration to the violation array. Responsive to determining a given activity of the new workflow orchestration exists in the violation array, the cognitive security system recommends to the user to remove the given activity from the new workflow orchestration.
    Type: Grant
    Filed: August 23, 2017
    Date of Patent: November 17, 2020
    Assignee: International Business Machines Corporation
    Inventors: Vinod A. Valecha, Krzysztof A. Rudek, Markus Blohberger
  • Patent number: 10841315
    Abstract: An approach is provided that registers a wearable device in response to receiving a registration request that includes a set of acceptable user states and a corresponding set of acceptable times to perform a set of actions. When the approach receives a request from the user of the network-accessible site to perform a selected one of the set of actions, the approach transmits an inquiry to the wearable device registered to the user. Then, the approach receives a current state of the user from the wearable device responding to the transmitted state inquiry and determines a current time. In turn, the approach performs the selected action at the network-accessible site in response to determining that the received current state of the user matches one of the set of acceptable states and the current time matches one of the set of acceptable times.
    Type: Grant
    Filed: January 9, 2019
    Date of Patent: November 17, 2020
    Assignee: International Business Machines Corporation
    Inventors: Nataraj Nagaratnam, Pamela A. Nesbitt, Sandeep R. Patil, Sachin C. Punadikar
  • Patent number: 10831500
    Abstract: A multithreading system that performs elastic threading and dynamic patching is provided. The system receives a compiled object of a computing process, the compiled object comprising a set of locking instructions for ensuring exclusive access of a resource by the computing process. The system determines a thread count for the computing process. When the thread count indicates that a single thread is allocated to execute the computing process, the system patches the compiled object with a set of no-operation (NOP) instructions in place of the set of locking instructions. When the thread count indicates that two or more threads are allocated to execute the computing process, the system patches the compiled object with the set of locking instructions in place of the set of NOP instructions. The system executes the computing process according to the patched compiled object.
    Type: Grant
    Filed: June 10, 2018
    Date of Patent: November 10, 2020
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Xavier Rene Guérin, Scott Schneider, Xiang Ni