Patents Examined by Justin T. Darrow
  • Patent number: 9197608
    Abstract: According to one embodiment, a communication method including acquiring an application key from a key-sharing network, determining a key use of the application key, and performing encryption communication by using the application key according to the determined key use.
    Type: Grant
    Filed: August 21, 2013
    Date of Patent: November 24, 2015
    Assignee: KABUSHIKI KAISHA TOSHIBA
    Inventors: Yoshimichi Tanizawa, Shinichi Baba
  • Patent number: 9183389
    Abstract: Disclosed are various embodiments for inspecting malware with little or no user interruption. A first computing device may compare a source code of an application to a fingerprint stored locally on the first computing device. The first computing device may transmit the source code to a second computing device to determine whether the source code resides in a database comprising approved applications. If the source code does not reside in the database, a thorough scan of the source code may be conducted.
    Type: Grant
    Filed: August 19, 2013
    Date of Patent: November 10, 2015
    Assignee: Amazon Technologies, Inc.
    Inventors: Mekka Chibuisi Okereke, Peter Phan Han
  • Patent number: 9178860
    Abstract: A method in data storage involves receiving at a metadata server from a client device a BEGIN_WRITE request identifying data to be written by hashes, consulting, by the metadata server a deduplication table to determine historical nature of the data determined to be written, determining that the data was never previously written, was previously written by another client, or was previously written but failed a verification, sending to the client device write locations with tokens for the data, starting an authentication timer, and authorizing the client device to write directly to the data server using the authentication tokens and the authenticated write locations, determining that the data was previously written by the same client, or that the data was previously written and passed the verification test, notifying the client of this circumstance, and receiving from the client device an END_WRITE request.
    Type: Grant
    Filed: August 22, 2013
    Date of Patent: November 3, 2015
    Assignee: Maginatics, Inc.
    Inventors: Niraj Tolia, Diwaker Gupta, Andrew Gaul
  • Patent number: 9166957
    Abstract: This invention provides a means of authenticating digital files without the need for a central trusted authority. A message digest of one or more digital files is calculated, preferably using a cryptographic hash function and all or part of the digest value is implanted into one or more biometric information files produced by the originator of the digital files or a trusted third party. The recipient of the digital files and biometric information files is able to determine all or part of the digest value from the biometric information files, check that this corresponds to the calculated message digest of one or more digital files as well as check the identity of the originator or trusted third party. In further embodiments the biometric information files contain all or part of a digital signature generated by the originator of the digital files or a trusted third party. The invention may be used in many applications including the distribution of public encryption keys.
    Type: Grant
    Filed: April 18, 2013
    Date of Patent: October 20, 2015
    Inventors: Martin Tomlinson, Cen Jung Tjhai, Andersen Cheng
  • Patent number: 9165156
    Abstract: A role-based access control (RBAC) modeling and auditing system is described that enables a user to access and/or create security roles that can be applied to users of a first software application. When a security role having a particular set of permissions has been accessed or created, the system can present a simulated user interface (UI) that indicates information that can be viewed and/or actions that can be performed by a user to whom the security role has been assigned when interacting with the first software application. The system may further provide “run as” functionality that enables a simulated UI to be generated for a particular user and that can display the security role(s) associated with the particular user. The system may be embodied in a second software application, such as a tool that is associated with the first software application.
    Type: Grant
    Filed: December 3, 2012
    Date of Patent: October 20, 2015
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Jingcun Wang, Lin Tang, Yingchun Xuan
  • Patent number: 9160729
    Abstract: A device may collect environmental information surrounding the device. Based on the collected environmental information, the device may automatically identify a potentially secured location that has lower security risk. When a potentially secured location is identified, the device may prompt the user to setup a security profile having reduced security requirement for the secured location. The device may store and associate the security profile with the secured location. The device may activate the security profile with reduced security requirement when the device is in the secured area. Further, the security profile may require that certain features of the device be disabled when the device is in the secured location.
    Type: Grant
    Filed: August 20, 2013
    Date of Patent: October 13, 2015
    Assignee: PAYPAL, INC.
    Inventors: Nate L. Lyman, Roy L. Camp, Eric J. Farraro, John R. Tapley
  • Patent number: 9152822
    Abstract: Configuration data for a programmable integrated circuit device is at least partially encrypted according to at least one encryption scheme. A plurality of key stores store a plurality of decryption keys for the at least one encryption scheme. Control circuitry identifies a required key from the at least partially encrypted configuration data and generates a key selection signal. Key selection circuitry responsive to the key selection signal reads the plurality of key stores and provides the required key to the control circuitry. The control circuitry may include decryption circuitry that decrypts the at least partially encrypted configuration data using the required key. In some embodiments, different portions of the configuration data, which may represent separate partial reconfigurations of the device, require different decryption keys. Keys may be generated from combinations of the contents of the key stores.
    Type: Grant
    Filed: November 27, 2013
    Date of Patent: October 6, 2015
    Assignee: Altera Corporation
    Inventors: Dirk A. Reese, JuJu Joyce
  • Patent number: 9154950
    Abstract: The disclosure discloses a network access method, apparatus and system. The method includes: a network side determines that a first User Equipment (UE) requests to use the account of a second UE for access; the network side determines that the account of the second UE is successfully authenticated; the network determines that the user to which the second UE belongs allows the first UE to access the network side by the account of the second UE; and the first UE accesses the network side. The disclosure can ensure the security of the master user.
    Type: Grant
    Filed: March 4, 2011
    Date of Patent: October 6, 2015
    Assignee: ZTE CORPORATION
    Inventor: Xiaopin Yue
  • Patent number: 9154297
    Abstract: Method for granting a plurality of electronic communication devices access to a local area network (LAN) via an access point using a single cryptographic key to secure communications exchanged through the LAN. The method comprising an activation phase performed once at initialization of the LAN and an operating phase wherein the electronic communication devices accesses the LAN. The activation phase comprising: providing the cryptographic key in a digital form by the access point; transferring the cryptographic key to a master device, switching the access point into a secure mode in which any further communication with the access point is secured with the cryptographic key. The operating phase comprising: transferring the cryptographic key from the master device to the electronic communication devices. The cryptographic key is converted from its digital form into a graphic form and then transferred in the graphic form to the electronic communication devices during the operating phase.
    Type: Grant
    Filed: December 17, 2013
    Date of Patent: October 6, 2015
    Assignee: NAGRAVISION S.A.
    Inventor: Bertrand Wendling
  • Patent number: 9147195
    Abstract: A data custodian and curation system may store data from a data supplier in encrypted form and may allow users to consume the data when the consumers obtain access to the data through an agreement. The curation system may manage access to the data, even allowing a consumer to use the data as if it were their own, but may track each usage of the data to implement a payment scheme or various usage restrictions. The curation system may encrypt downstream uses of the data and operate as a digital rights management system for the data. The custodian and curation system may operate as a cloud service that may contain encrypted data from many data providers but where the data providers may individually control access to their data in a managed system at any granular level.
    Type: Grant
    Filed: June 14, 2011
    Date of Patent: September 29, 2015
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Hari Sivaramakrishnan, Roy Dsouza, Lev Novik, Nino Bice, David Robinson
  • Patent number: 9141810
    Abstract: A device supports the processing of multiple active applications in a processor through a mapping system that securely identifies and differentiates commands issued by clients. An entity selection signal is generated by the mapping system to signal the processor to process an algorithm and provide services for a specific client using the commands identified for that client and data permitted by a client tracking system for that client. Other data accesses and commands identified for other clients are restricted when processing the algorithm.
    Type: Grant
    Filed: July 1, 2013
    Date of Patent: September 22, 2015
    Assignee: Micron Technology, Inc.
    Inventors: Dennis M. O'Connor, John P Brizek
  • Patent number: 9143940
    Abstract: A generation unit generates the wireless network connection setting information from the first information based on the conversion rule. The encoding unit encodes the first information to generate a code image. A display unit displays the code image. An imaging unit captures the code image. A decoding unit decodes the code image captured by the imaging unit and acquires the first information. A second storage unit stores a conversion rule that is the same as the conversion rule stored in the storage unit. A second generation unit generates the wireless network connection setting information from the first information acquired by the decoding unit based on the conversion rule stored in the second storage unit. A communication unit connects to a wireless network using the wireless network connection setting information generated by the second generation unit.
    Type: Grant
    Filed: August 22, 2013
    Date of Patent: September 22, 2015
    Assignee: OLYMPUS CORPORATION
    Inventor: Keito Fukushima
  • Patent number: 9141801
    Abstract: An apparatus for analyzing a permission of an application for a mobile device, the apparatus comprising: an executable file acquisition unit; a file extraction module; and an execution permission analyzing module configured to detect a security risk which can be caused by the permission on the basis of the permission described in the extracted file, wherein the information related to the permission of the application includes information on permission that is declared in the application, permission that the application uses and a function that uses the permission of the application.
    Type: Grant
    Filed: August 22, 2013
    Date of Patent: September 22, 2015
    Assignee: Electronics and Telecommunications Research Institute
    Inventors: Jong Sik Moon, Seung Wan Han, Hyun Sook Cho
  • Patent number: 9137113
    Abstract: A computer network has a number of resources. One or more trusted localization provider certifies the location of the resources. Encrypted data is closely associated with a policy package defining privacy policies for the data and metapolicies for their selection. A trusted privacy service enforces the privacy policies. The trusted privacy service is arranged to supply a key to a resource to allow that resource to process data if the trusted privacy service determines from the trusted localization provider certifying the location and other contextual information of the resource that the privacy policy allows processing of the data on that resource in that location.
    Type: Grant
    Filed: January 20, 2006
    Date of Patent: September 15, 2015
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventors: Marco Casassa Mont, Siani Lynne Pearson
  • Patent number: 9137265
    Abstract: Generating role-based access control policies is provided. A user-permission relation is generated by extracting users and permissions assigned to each of the users from a stored access control policy. A user-attribute relation is generated by mapping the users to attributes describing the users. A permission-attribute relation is generated by mapping the permissions to attributes describing the permissions. The set of risk-averse roles, assignment of the set of risk-averse roles to the users, and assignment of the permissions to the set of risk-averse roles are determined based on applying a risk-optimization function to the generated user-permission relation, the generated user-attribute relation, and the generated permission-attribute relation. A role-based access control policy that minimizes a risk profile of the set of risk-averse roles, the assignment of the set of risk-averse roles to the users, and the assignment of the permissions to the set of risk-averse roles is generated.
    Type: Grant
    Filed: August 17, 2013
    Date of Patent: September 15, 2015
    Assignee: International Business Machines Corporation
    Inventors: Suresh N. Chari, Ian M. Molloy
  • Patent number: 9137263
    Abstract: Generating role-based access control policies is provided. A user-permission relation is generated by extracting users and permissions assigned to each of the users from a stored access control policy. A user-attribute relation is generated by mapping the users to attributes describing the users. A permission-attribute relation is generated by mapping the permissions to attributes describing the permissions. The set of risk-averse roles, assignment of the set of risk-averse roles to the users, and assignment of the permissions to the set of risk-averse roles are determined based on applying a risk-optimization function to the generated user-permission relation, the generated user-attribute relation, and the generated permission-attribute relation. A role-based access control policy that minimizes a risk profile of the set of risk-averse roles, the assignment of the set of risk-averse roles to the users, and the assignment of the permissions to the set of risk-averse roles is generated.
    Type: Grant
    Filed: March 13, 2013
    Date of Patent: September 15, 2015
    Assignee: International Business Machines Corporation
    Inventors: Suresh N. Chari, Ian M. Molloy
  • Patent number: 9130752
    Abstract: A system may include an integrated circuit and a coating at least partially encapsulating the integrated circuit. The coating may include an electrically insulating material at least partially encapsulating an analog circuit. The integrated circuit may be electrically connected to the analog circuit. Additionally, the integrated circuit may be configured to generate an analog electrical signal, transmit the analog electrical signal through the analog circuit to generate a modified analog electrical signal, receive the modified analog electrical signal, and in response to determining that the modified analog electrical signal is sufficiently similar to an expected analog electrical signal, use the modified analog electrical signal as an input to an algorithm performed by the integrated circuit.
    Type: Grant
    Filed: November 26, 2012
    Date of Patent: September 8, 2015
    Assignee: Honeywell International Inc.
    Inventors: Edwin David Cruzado, William J. Dalzell
  • Patent number: 9130755
    Abstract: A method provides cross enterprise communication in which intermediary communication components carry out cross enterprise communication. The method at a first sending enterprise includes: receiving a signed encrypted message from a sender within a first enterprise; validating the sender; decrypting the message; encrypting the message for receipt by a second enterprise; signing the encrypted message by the first enterprise; and sending the re-signed re-encrypted message to a second enterprise. The method at the second receiving enterprise includes: receiving a signed encrypted message from a first enterprise; validating that the first enterprise is the sender; decrypting the message; encrypting the message for receipt by one or more recipients at the second enterprise; signing the encrypted message by the second enterprise indicating that the message is from the first enterprise; and sending the re-signed re-encrypted message to the one or more recipients of the second enterprise.
    Type: Grant
    Filed: February 28, 2013
    Date of Patent: September 8, 2015
    Assignee: International Business Machines Corporation
    Inventors: Alan James Chatt, Christopher Colin Paice, Cyril Peter Stewart
  • Patent number: 9124563
    Abstract: A method to securely and asynchronously provisioning keys from one source secure device to a target secure device through a key provisioning server, in which the keys to be provisioned via the method remain unknown. The method includes the steps of, for the source secure device, encrypting a key to be transferred using a transport key so that only the target secure device can decrypt, and sending the encrypted key to the provisioning server and, for the target secure device, when available, getting the encrypted transferred key, and decrypting the transferred key using the transport key.
    Type: Grant
    Filed: August 19, 2013
    Date of Patent: September 1, 2015
    Assignee: GEMALTO SA
    Inventors: Laurent Castillo, HongQian Karen Lu, Asad Ali
  • Patent number: 9124573
    Abstract: A system that incorporates the subject disclosure may perform, for example, operations including receiving an encrypted secure token from a secure token application function that is remote from the communication device, storing the encrypted secure token in a secure element memory of the secure element, accessing user input requesting the encrypted secure token where the secure device processor is separate from the secure element and is in communication with the secure element, generating a modified secure token by adding identification information to the encrypted secure token and by performing a second encryption of the encrypted secure token with the identification information, receiving the modified secure token from the secure element, and providing the modified secure token to a receiving device. Other embodiments are disclosed.
    Type: Grant
    Filed: October 4, 2013
    Date of Patent: September 1, 2015
    Assignees: AT&T INTELLECTUAL PROPERTY I, LP, AT&T MOBILITY II, LLC
    Inventors: Walter Cooper Chastain, Stephen Emille Chin, Samuel King, Michael Suozzo, Nicholas Vondrak, Ismaila Wane