Patents Examined by Kambiz Zand
  • Patent number: 10694385
    Abstract: Security techniques for device assisted services are provided. In some embodiments, secure service measurement and/or control execution partition is provided. In some embodiments, implementing a service profile executed at least in part in a secure execution environment of a processor of a communications device for assisting control of the communications device use of a service on a wireless network, in which the service profile includes a plurality of service policy settings, and wherein the service profile is associated with a service plan that provides for access to the service on the wireless network; monitoring use of the service based on the service profile; and verifying the use of the service based on the monitored use of the service.
    Type: Grant
    Filed: July 13, 2018
    Date of Patent: June 23, 2020
    Assignee: Headwater Research LLC
    Inventor: Gregory G. Raleigh
  • Patent number: 10689760
    Abstract: An apparatus for processing a flexible substrate is provided including a vacuum chamber having a first chamber portion, second chamber portion and third chamber portion. The apparatus further includes an unwinding shaft supporting the flexible substrate to be processed and a winding shaft supporting the flexible substrate after processing, wherein the unwinding shaft and the winding shaft are disposed in the first chamber portion, a first wall separating the first chamber portion from the second chamber portion, wherein the first wall is inclined with respect to a vertical and horizontal orientation, a coating drum having a first portion disposed in the second chamber portion and a second portion disposed in the third chamber portion, and a plurality of processing stations disposed at least partially in the third chamber portion, wherein a majority of the plurality of the processing stations are disposed below a rotational axis of the coating drum.
    Type: Grant
    Filed: November 14, 2016
    Date of Patent: June 23, 2020
    Assignee: Applied Materials, Inc.
    Inventors: Jose Manuel Dieguez-Campo, Heike Landgraf, Tobias Stolley, Stefan Hein, Florian Ries, Morrison Neil
  • Patent number: 10693909
    Abstract: A computer network endpoint is secured to prevent information leak or other compromise by instantiating in memory first, second and third security zones. With respect to an authorized user, the first zone is readable and writable, the second zone is read-only, and the third zone is neither readable nor writable. System information (e.g., applications, libraries, policies, etc.) are deployed into the first zone from the second zone. When sensitive data is generated in the first zone, e.g., when a secure communication session is established using a cryptographic key, the sensitive data is transferred from the first zone to the third zone, wherein it is immune from information leak or other compromise. The sensitive information is transferable from the third zone to one or more external having a need to know that information. Because information does not pass directly from the first security zone to the external systems, the endpoint is secured against information leak or other attack.
    Type: Grant
    Filed: January 19, 2018
    Date of Patent: June 23, 2020
    Assignee: International Business Machines Corporation
    Inventors: Kuo-Chun Chen, Wei-Hsiang Hsiung, Sheng-Tung Hsu, Fadly Yahaya
  • Patent number: 10686805
    Abstract: Systems and methods are disclosed for computer network threat assessment. For example, methods may include receiving from client networks respective threat data and storing the respective threat data in a security event database; maintaining affiliations for groups of the client networks; detecting correlation between a network threat and one of the groups; identifying an indicator associated with the network threat, and, dependent on the affiliation for the group, identifying a client network and generating a message, which conveys an alert to the client network, comprising the indicator; responsive to the message, receiving, from the client network, a report of detected correlation between the indicator and security event data maintained by the client network; and updating the security event database responsive to the report of detected correlation.
    Type: Grant
    Filed: December 9, 2016
    Date of Patent: June 16, 2020
    Assignee: ServiceNow, Inc.
    Inventors: Richard Reybok, Jr., Jeffrey Rhines, Kurt Joseph Zettel, II, Henry Geddes
  • Patent number: 10686813
    Abstract: A similarity fingerprint for a data object such as a file can be automatically determined using one or more anchor values. The one or more anchor values can be provided or determined. For each anchor value, a set of distances between each instance of the anchor value in the data object is determined. The set of distances for the instance of the anchor value is aggregated into a single value. The single value is added as a component of the similarity fingerprint. Thus, if there are N anchor values, there can be N components of the similarity fingerprint. The similarity fingerprints of different data objects can be compared and the results of the comparison can be used to determine how similar the data objects are.
    Type: Grant
    Filed: March 24, 2017
    Date of Patent: June 16, 2020
    Assignee: Avast Software s.r.o.
    Inventors: Antonín K{hacek over (r)}í{hacek over (z)}, Libor Mo{hacek over (r)}kovský
  • Patent number: 10685815
    Abstract: The present invention provides a plasma processing apparatus which reduces damage from plasma generated in a discharge vessel and lengthens the replacement cycle of the discharge vessel. A plasma processing apparatus 1 is provided with a processing chamber 2 partitioning a processing space, a discharge vessel 3 whose one end opens facing inside the processing chamber 2 and the other end is closed, an antenna 4 which is disposed around the discharge vessel 3 and generates an induced electric field to generate plasma in the discharge vessel 3 under reduced pressure, and an electromagnet 9 which is arranged around the discharge vessel 3 and forms a divergent magnetic field in the discharge vessel 3. The discharge vessel 3 has at its closed end portion a protrusion 15 projecting toward the processing chamber 2.
    Type: Grant
    Filed: August 25, 2010
    Date of Patent: June 16, 2020
    Inventors: Ryo Matsuhashi, Hiroshi Akasaka, Yoshimitsu Kodaira, Atsushi Sekiguchi, Naoko Matsui
  • Patent number: 10686589
    Abstract: Example embodiments relate to combining hashes of data blocks. The examples disclosed herein calculate a hash value for each data block in a sequence of data blocks. The hash values are combined into a combined value, where the combined value has the same sequence as the sequence of data blocks. A master hash value is then calculated for the combined value.
    Type: Grant
    Filed: December 4, 2015
    Date of Patent: June 16, 2020
    Assignee: Hewlett Packard Enterprise Development LP
    Inventors: Brian Quentin Monahan, Liqun Chen
  • Patent number: 10685136
    Abstract: Systems and methods for providing for a personal data storage, retrieval, and sharing system are described. The system permits users to store important personal documents and personal information in a secure data storage system. The system can extract information from the stored documents. The user can then share stored documents themselves and/or the information extracted from the stored documents with other users.
    Type: Grant
    Filed: February 11, 2016
    Date of Patent: June 16, 2020
    Assignee: Wells Fargo Bank, N.A.
    Inventors: Alan W. Hecht, Javier S. Silva
  • Patent number: 10686774
    Abstract: An authentication system comprises a client device system associated with a session user, a data provider server system that stores user data, including user identification data, associated with the session user, a data provider interface system for displaying a data provider user interface on the client device system, an authentication server system that stores authentication data associated with the session user, and an authentication interface system for displaying an authentication user interface on the client device system.
    Type: Grant
    Filed: January 16, 2018
    Date of Patent: June 16, 2020
    Assignee: ASIGNIO INC.
    Inventors: Kyle Rutherford, Eric Dustrude, Erik Hodge, Benjamin MacKay, Calvin Rutherford, Kevin Boyd
  • Patent number: 10680810
    Abstract: A method is provided for generating an elliptic curve cryptography key pair that uses two topologically identical pseudo-random number generators operating in parallel and in step with each other. One generator operates in the scalar number domain and the other generator operates in the elliptic curve point domain. Parallel sequences of pseudo-random elliptic curve points aG and corresponding scalars a are generated in this manner. A scalar a becomes a private key and an elliptic curve point aG is a public key of a key pair. Each generator is advanced by one iteration successively, and the isomorphic relationship ensures that the point domain generator always contains values which are multiples of the system base point according to values contained in the corresponding position in the number domain generator. In one embodiment, the pseudo-random number generators are each characterized as being lagged Fibonacci generators.
    Type: Grant
    Filed: October 26, 2016
    Date of Patent: June 9, 2020
    Assignee: NXP B.V.
    Inventors: Joppe Willem Bos, Bjorn Fay, Bruce Murray
  • Patent number: 10673882
    Abstract: A method, apparatus and computer program product for use in monitoring and controlling network behavior of Internet of Things (IoT) devices connected to a network. According to this approach, a set of network characteristics of an IoT device (e.g., as published by the device manufacturer) are assigned various risk values and then monitored over an initial time period to generate a “fingerprint” of the device's network flow. This flow is then transformed into one or more flow control rules representing “normal” or abnormal behavior of the IoT device. Preferably, the rules are instantiated into a network boundary control system (NBCS), such as an enterprise router, gateway, or the like, and then enforced, e.g., to generate alerts or others actions when the rules are triggered. The approach enables dynamic and automated threat detection and prevention based on anomalous and/or known-bad behavior.
    Type: Grant
    Filed: January 15, 2018
    Date of Patent: June 2, 2020
    Assignee: International Business Machines Corporation
    Inventors: Charles K. Davis, III, Chris Dotson, Steven Lingafelt
  • Patent number: 10664587
    Abstract: An authorization level is set at enrollment. Initiation information for a user of a device is provided during enrollment to an entity for authentication. The entity can be associated with a class defined by an ability of the entity to verify user identity. Verification data is received from the entity associated with user authentication. An authorization level is selected based on the verification data. An enrollment token is then generated that includes the authorization level that defines security parameters for the device.
    Type: Grant
    Filed: April 8, 2019
    Date of Patent: May 26, 2020
    Assignee: WELLS FARGO BANK, N.A.
    Inventors: Adam Evans Vancini, Christopher Phillip Clausen, Darrell L. Suen
  • Patent number: 10664627
    Abstract: An end-user computing device can include a theft detector that maintains a registered host device list containing identifiers of at least one registered host device. The theft detector can have root access to operations of the end-user device and the theft detector can provides a secure reboot request in response to detecting a possible theft condition. The end-user computing device can also include a boot loader that executes a secure reboot of the end-user device in response to a secure reboot request from the theft detector. The secure reboot of the end-user device resets the end-user device to prevent access to the end-user device.
    Type: Grant
    Filed: December 9, 2016
    Date of Patent: May 26, 2020
    Inventor: Veeramanikandan Raju
  • Patent number: 10666627
    Abstract: An example method performed by one or more processing devices includes: generating encrypted content at a sender device using one or more first keys that are available from a key provider; and outputting the encrypted content to a recipient device over one or more channels; where the key provider enables access, following authorization, by the recipient device to one or more second keys for decrypting the encrypted content; and where an entity that enables the channel is unaffiliated with the key provider.
    Type: Grant
    Filed: January 16, 2019
    Date of Patent: May 26, 2020
    Assignee: BlueRISC, Inc.
    Inventor: Csaba Andras Moritz
  • Patent number: 10666688
    Abstract: A system may include a traffic interception module configured to intercept network traffic of a host device. A traffic virtualization module may be configured to generate a virtual file on the host device containing the intercepted network traffic. A security system interface module may be configured to provide the virtual file to a secure digital security system over a virtualized file interface coupling the host device to the secure digital security system, and to receive instructions to allow or to deny the network traffic from the secure digital security system over the virtualized file interface. A traffic access management module may be configured to allow or to deny the network traffic based on the instructions.
    Type: Grant
    Filed: March 11, 2019
    Date of Patent: May 26, 2020
    Assignee: CUPP Computing AS
    Inventor: Omar Nathaniel Ely
  • Patent number: 10666631
    Abstract: Systems, methods, and computer program products for distributed validation of credentials are described. Upon receiving a request to perform an action by a user, a system performs a multi-part authentication where in each part, only a portion of authentication information is passed. In a first stage, an application manager of the system receives a first token than specifies partial access rights. In a second stage, a cloud controller of the system requests and receives privileges of the user separately from the first token. An API is presented with a token that only contains the authorities that the API needs, while still allowing validation of cloud controller permissions without having to escalate the user's privileges.
    Type: Grant
    Filed: December 12, 2017
    Date of Patent: May 26, 2020
    Assignee: Pivotal Software, Inc.
    Inventors: Joseph Benjamin Hale, Sree Lekha Tummidi
  • Patent number: 10657232
    Abstract: A communication control device includes an authentication login information storage unit that stores therein authentication login information. When a terminal device connects to a first communication port among a plurality of communication ports, the communication control device compares login information received from the terminal device with the authentication login information, and if they match, the communication control device outputs a command received from the terminal device. A control device includes an authentication unique information storage unit that stores therein authentication unique information. When the communication control device outputs the command received from the terminal device, the control device compares the unique information of the terminal device with the authentication unique information, and if they match, causes a processor to perform only a process of reading control information according to the command received from the terminal device.
    Type: Grant
    Filed: April 30, 2018
    Date of Patent: May 19, 2020
    Inventors: Hiroyoshi Kodama, Shigeto Suzuki, Hiroyuki Fukuda
  • Patent number: 10659440
    Abstract: Certain embodiments described herein are generally directed to methods and apparatus for providing a security parameter index (SPI) value for use in establishing a security association between a source tunnel endpoint and a destination tunnel endpoint. In some embodiments, utilization of the SPI bit space is optimized to allow the scaling of key policies within a network. In some embodiment, using an SPI derivation formula, a server in the network is able to generate SPI values whose bit spaces are optimized to allow key policies to scale out.
    Type: Grant
    Filed: November 30, 2017
    Date of Patent: May 19, 2020
    Assignee: Nicira, Inc.
    Inventors: Dexiang Wang, Zhen Mo, Fang Peng, Bo Hu, Helen Liu
  • Patent number: 10659494
    Abstract: A method for implementing online anti-phishing, related to the field of information security, comprising: a browser loads an online anti-phishing control, the control acquires a blacklist and a whitelist, if a received URL of the browser is in the blacklist, the browser is stopped from loading, if the URL is in the whitelist, the browser is notified to load, and if the URL is neither in the blacklist nor in the whitelist, a determination is made on whether or not the URL of the browser satisfies a preset fuzzy match criterion, if same is satisfied, then a user is prompted of danger, when the user chooses to proceed, a preset account combination is acquired, when received keypress information is numerals and an input focus is an input box control, the keypress information is compared with the preset account combination, if both are identical then the user is prompted of danger, and either stop or load as chosen by the user.
    Type: Grant
    Filed: August 21, 2015
    Date of Patent: May 19, 2020
    Assignee: Feitian Technologies Co., Ltd.
    Inventors: Zhou Lu, Huazhang Yu
  • Patent number: 10657264
    Abstract: Methods, apparatus, and systems for characterizing vulnerabilities of an application source code are disclosed. Steps for characterizing vulnerabilities include traversing a representation of the application source code, generating a signature of a potential vulnerability of the application source code, and determining characteristics of the potential vulnerability based on a correlation between the generated signature of the potential vulnerability and previously stored signatures of potential vulnerabilities.
    Type: Grant
    Filed: November 27, 2017
    Date of Patent: May 19, 2020
    Inventor: Eric Sheridan