Patents Examined by Kambiz Zand
  • Patent number: 11190343
    Abstract: An electronic device including a key generator is disclosed. The key generator acquires a first affine map, a second affine map, and a third map, and generates a public key using the first affine map, the second affine map, and the third map, the third map is a system of multivariate quadratic polynomials having n variables and m equations, at least one of the multivariate quadratic polynomials has oil-oil quadratic terms with non-zero coefficients, and the third map includes at least one set for defining vinegar variables used in an Oil and Vinegar method and index sets for defining oil variables used in the Oil and Vinegar method, and each of the first affine map, the second affine map, and the third map is a finite field.
    Type: Grant
    Filed: November 26, 2018
    Date of Patent: November 30, 2021
    Assignee: INSTITUTE FOR BASIC SCIENCE
    Inventor: Kyung Ah Shim
  • Patent number: 11184371
    Abstract: Provided herein are identification of a distributed denial of service attack and automatic implementation of preventive measures to halt the distributed denial of service attack. At substantially the same time as the attack, valid users/customers (e.g., devices) are provided quality of service and continued access to a website experiencing the distributed denial of service attack. Further, service to temporary or unknown users (e.g., devices) with public access to the website is suspended during the duration of the distributed denial of service attack.
    Type: Grant
    Filed: June 5, 2020
    Date of Patent: November 23, 2021
    Assignee: WELLS FARGO BANK, N.A.
    Inventors: Ramanathan Ramanathan, Ajay K. Rentala, Rama Rao Yadlapalli, Vamsi K. Geda, Rameshchandra Bhaskar Ketharaju
  • Patent number: 11182504
    Abstract: Methods for speaker role determination and scrubbing identifying information are performed by systems and devices. In speaker role determination, data from an audio or text file is divided into respective portions related to speaking parties. Characteristics classifying the portions of the data for speaking party roles are identified in the portions to generate data sets from the portions corresponding to the speaking party roles and to assign speaking party roles for the data sets. For scrubbing identifying information in data, audio data for speaking parties is processed using speech recognition to generate a text-based representation. Text associated with identifying information is determined based on a set of key words/phrases, and a portion of the text-based representation that includes a part of the text is identified. A segment of audio data that corresponds to the identified portion is replaced with different audio data, and the portion is replaced with different text.
    Type: Grant
    Filed: April 29, 2019
    Date of Patent: November 23, 2021
    Assignee: MICROSOFT TECHNOLOGY LICENSING, LLC
    Inventors: Yun-Cheng Ju, Ashwarya Poddar, Royi Ronen, Oron Nir, Ami Turgman, Andreas Stolcke, Edan Hauon
  • Patent number: 11176278
    Abstract: Integrated circuits to compute a result of summing m values, rotating the sum by k bits, and adding a summation of n values Bi to Bn to the rotated sum. An embodiment includes: a first carry save adder to add up the m values to generate a first carry and a first sum; rotator circuitry to rotate both the first carry and the first sum by k bits to generate a second carry and a second sum; a second carry save adder to add up the second carry, the second sum, and the summation of values Bi to Bn to generate a third carry and a third sum; two parallel adders to generate a first intermediate result and a second intermediary result based on the third carry and the third sum; and a multiplexer to generate the result utilizing various portions of the first and second intermediate results.
    Type: Grant
    Filed: December 29, 2018
    Date of Patent: November 16, 2021
    Assignee: Intel Corporation
    Inventors: Amit Gradstein, Simon Rubanovich, Regev Shemy, Onkar P Desai, Jose Yallouz
  • Patent number: 11176060
    Abstract: Presented herein are methods and systems for adjusting code files to apply memory protection for dynamic memory regions supporting run-time dynamic allocation of memory blocks. The code file(s), comprising a plurality of routines, are created for execution by one or more processors using the dynamic memory. Adjusting the code file(s) comprises analyzing the code file(s) to identify exploitation vulnerable routine(s) and adding a memory integrity code segment configured to detect, upon execution completion of each vulnerable routine, a write operation exceeding from a memory space of one or more of a subset of most recently allocated blocks allocated in the dynamic memory to a memory space of an adjacent block using marker(s) inserted in the dynamic memory in the boundary(s) of each of the subset's blocks. In runtime, in case the write operation is detected, the memory integrity code segment causes the processor(s) to initiate one or more predefined actions.
    Type: Grant
    Filed: October 2, 2019
    Date of Patent: November 16, 2021
    Assignee: Sternum Ltd.
    Inventors: Natali Tshouva, Lian Granot
  • Patent number: 11171984
    Abstract: Embodiments are configured to receive metadata of a process intercepted on an end host when attempting to access a network. The metadata includes a hash of an application associated with the process and an endpoint reputation score of the application. Embodiments are configured to request a threat intelligence reputation score based on the hash of the application, to determine an action to be taken by the end host based, at least in part, on one or more policies and at least one of the threat intelligence reputation score and the endpoint reputation score, and to send a response indicating the action to be taken by the end host. Further embodiments request another threat intelligence reputation score based on another hash of a dynamic link library module loaded by the process on the end host, and the action is determined based, at least in part, on the other threat intelligence score.
    Type: Grant
    Filed: March 30, 2020
    Date of Patent: November 9, 2021
    Assignee: McAfee, LLC
    Inventors: Chandan CP, Srinivasan Narasimhan
  • Patent number: 11159506
    Abstract: An authentication method, includes: receiving an authentication request from a user, the authentication request including an identity identifier of the user; acquiring authentication data associated with the identity identifier from a blockchain network, a blockchain node of the blockchain network storing a mapping relationship between identity identifiers and authentication data; and performing identity authentication for the user according to the authentication data.
    Type: Grant
    Filed: August 27, 2019
    Date of Patent: October 26, 2021
    Assignee: Advanced New Technologies Co., Ltd.
    Inventor: Kejia Li
  • Patent number: 11151253
    Abstract: The innovation disclosed and claimed herein, in one aspect thereof, comprises systems and methods of credentialing an application in a cloud environment. The application is determined to be a trusted application type. The application is provided with a certificate service process dedicated to request and receive a certificate from a source outside the cloud environment. An integration component retrieves the secret and provides it to the application that is inside the cloud environment. The secret is verified within the cloud environment and the application is deployed as a trusted application instance inside the cloud environment.
    Type: Grant
    Filed: May 17, 2018
    Date of Patent: October 19, 2021
    Assignee: WELLS FARGO BANK, N.A.
    Inventors: Brian J. Hanafee, Phillip John Crump
  • Patent number: 11153299
    Abstract: A method, computer system, and a computer program product for secure transport of data is provided. The present invention may include defining a trust relationship based on a secret. The present invention may also include associating a trusted transport key identity (TTKI) based on the defined trust relationship. The present invention may then include receiving a trusted transport key (TTK), wherein the TTK is digitally signed and encrypted with the TTKI. The present invention may further include verifying the digitally signed TTK. The present invention may also include enveloping the secret with the TTK.
    Type: Grant
    Filed: March 11, 2019
    Date of Patent: October 19, 2021
    Assignee: International Business Machines Corporation
    Inventors: Michael W. Gray, Narayana A. Madineni, Simon D. McMahon, Leigh S. McLean, Luvita Burgess, Stephen J. McKenzie, Matthew Green, Peter T. Waltenberg
  • Patent number: 11153316
    Abstract: Aspects of the invention include a computer-implemented method including providing, by a processor, a computing cluster having a plurality of cluster nodes and services. The method provides, by the processor, a limited catalog of services and restricts, by the processor, access of an administrator of the computing cluster to use of a service deployer, wherein the service deployer restricts administrator access to installation and administration of clusters and deployment of only the limited catalog of services.
    Type: Grant
    Filed: August 30, 2019
    Date of Patent: October 19, 2021
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Preethi Polepalli Yeshwanth, Angel Nunez Mencias, James Robert Magowan
  • Patent number: 11146959
    Abstract: In some embodiments, a method receives address information for two or more paths between a first network device and a second network device. A connection is established between the first network device and the second network device to determine one or more security keys for the first network device and the second network device. Then, the method installs the one or more security keys with the address information for the two or more paths. The one or more security keys are used to provide a security service on one or more packets that are sent or received between the first network device and the second network device using the address information for the two or more paths.
    Type: Grant
    Filed: October 29, 2019
    Date of Patent: October 12, 2021
    Assignee: Arista Networks, Inc.
    Inventors: Adhip Gupta, Rajagopalan Ammanur, Sreedhar Ganjikunta, Uday Srinivasan
  • Patent number: 11146588
    Abstract: A network-based appliance includes a mechanism to set-up and selectively use an “out-of-band” encryption channel. The mechanism comprises a packet parser, and a packet dispatcher, and it is integrated with an existing network layer stack that typically is not visible to host applications. In lieu of simply encrypting all data it receives, the mechanism instead analyzes one or more attributes, e.g., protocol type, application type, current encryption strength, content payload, etc., associated with a packet transmission to determine whether further encryption is required. The evaluation may include a deep packet inspection (DPI) when the information at the network layer (e.g., IP address, port number, etc.) is not sufficient to determine if the payload in the packet needs to be further encrypted. Based on the result of the analysis, packets are dispatched to the encryption channel as and when necessary.
    Type: Grant
    Filed: June 29, 2019
    Date of Patent: October 12, 2021
    Assignee: International Business Machines Corporation
    Inventors: Cheng-Ta Lee, Chun-Shuo Lin, Wei-Shiau Suen, Ming-Hsun Wu
  • Patent number: 11140139
    Abstract: A method and apparatus for encrypting communications between two radio frequency (RF) transceivers selects a level of encryption based on device characteristics of the two RF transceivers. Each RF transceiver generates a common sequence having an integer, M, symbols based on the selected encryption level and on signals received from the other RF transceiver. Each RF transceiver then generates a cryptographic key based upon the common sequence, encrypts a message using the cryptographic key, and sends the encrypted message to the other RF transceiver. In one embodiment, the M symbols are selected from an alphabet where the value M and the size of the alphabet are selected based on the device characteristics of the two RF transceivers.
    Type: Grant
    Filed: November 21, 2018
    Date of Patent: October 5, 2021
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Amer A. Hassan, Bradford R. Clark
  • Patent number: 11140169
    Abstract: A system includes an interface, a tenant authentication processor, and an application routing processor. The interface is configured to receive a first request for access. The tenant authentication processor is configured to provide a tenant token request to a tenant process associated with the first request; receive a tenant token from the tenant process; determine a signed tenant token based on the tenant token and a key; and provide the signed tenant token for access to an application routing platform. The application routing processor of the application routing platform is configured to receive an API call comprising the signed tenant token; determine that the signed tenant token is valid; determine an application platform token; determine routing information to an application platform based on the API call; and provide the application platform the API call and the application platform token using the routing information to gain access to the application platform.
    Type: Grant
    Filed: October 31, 2018
    Date of Patent: October 5, 2021
    Assignee: Workday, Inc.
    Inventors: Bjorn Hamel, Dylan Owen, Jonathan David Ruggiero
  • Patent number: 11138295
    Abstract: The present disclosure provides a method for securely updating firmware components, which is used in connection with an electronic device including a universal serial bus human interface device interface. The method includes: downloading a deformed patch executable file by the electronic device, wherein the deformed patch executable file is deformed from a patch executable file including a plurality of binary files, and each of the binary files is configured with an address reference label; and executing the deformed patch executable file and verifying whether a digital signature of the deformed patch executable file is authorized or not. If the digital signature of the deformed patch executable file is authorized, providing an update tool for updating the corresponding firmware component. If the digital signature of the deformed patch executable file is not authorized, prompting that the digital signature is unauthorized.
    Type: Grant
    Filed: March 11, 2019
    Date of Patent: October 5, 2021
    Assignee: GOOD WAY TECHNOLOGY CO., LTD.
    Inventor: Chih-Ming Tsao
  • Patent number: 11128462
    Abstract: A matching apparatus generates a random number and transmits second encrypted data obtained by performing an operation of first encrypted data of each of first values related to a first binary vector encrypted and the random number to a matching request apparatus; transmits third encrypted data obtained by performing an operation of the second encrypted data and elements of a matching target second binary vector; based on a second value related to the first binary vector encrypted with the encryption key, the encrypted data and the random number, generates and transmits encrypted data and transmits the generated data to a verification apparatus as a query; and determines whether a count number of mismatched elements between the second binary vector and the first binary vector is less than or equal to a predetermined number based on values obtained by decrypting the encrypted data in the query.
    Type: Grant
    Filed: December 13, 2017
    Date of Patent: September 21, 2021
    Assignee: NEC CORPORATION
    Inventors: Haruna Higo, Toshiyuki Isshiki
  • Patent number: 11120140
    Abstract: Secure operations are performed on encrypted code. A processor in a first operating mode obtains encrypted code. The processor switches from the first operating mode to a second operating mode, and decrypts the encrypted code to obtain decrypted code. The decrypted code is executed, based on the processor being in the second operating mode, to provide a result. The result is encrypted, and the encrypted result is sent to a user, based on the processor switching back to the first operating mode.
    Type: Grant
    Filed: June 27, 2018
    Date of Patent: September 14, 2021
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Oliver Benke, Tobias U. Bergmann
  • Patent number: 11106765
    Abstract: Methods, apparatus, and articles of manufacture to encode auxiliary data into relational database keys and methods, apparatus, and articles of manufacture to obtain encoded data from relational database keys are disclosed. Example apparatus disclosed herein include a code determiner to divide a relational database key value into a first number of groups. Disclosed example apparatus also includes an encoded data determiner to determine remainders for respective ones of the groups based on corresponding incremental values, and modify the remainders to obtain the encoded data.
    Type: Grant
    Filed: May 7, 2018
    Date of Patent: August 31, 2021
    Assignee: The Nielsen Company (US), LLC
    Inventors: Leonid Ayzenshtat, Nikolay Georgiev, Kalyanaraman Rajamani
  • Patent number: 11106834
    Abstract: Example embodiments of the present invention relate to a method, an apparatus and a computer-program product for implementing digital disappearing ink. An example method includes receiving portions of a data stream transmitted from a source and analyzing the portions of the data stream. Based on the analysis, the method includes performing an action with respect to an object tag according to the analysis.
    Type: Grant
    Filed: June 28, 2012
    Date of Patent: August 31, 2021
    Assignee: EMC IP Holding Company LLC
    Inventors: Wayne A Pauley, Jr., Stephen J Todd, Michel F Fisher
  • Patent number: 11108771
    Abstract: Biometric authentication, decentralized learning frameworks, and adaptive security protocols and services for a network of distributed terminals are described. In some embodiments, the terminals may be hardware terminals, kiosks, or clients. In some embodiments, a security analysis may be performed, and security scores may be determined, for visitors requesting operations at terminals. Security scores may be determined by a vendor, in communication with the operator terminals, based on aggregation of a plurality of factors, wherein each factor may be weighted. The factors may incorporate operator settings or preferences. In one embodiment, the factors include one or more facial recognition factors. The one or more facial recognition factors may be used for biometric authentication. The vendor may use the security scores to determine user privileges or permissions for the operations. The vendor may deliver instructions or messages to the terminals based on the determinations.
    Type: Grant
    Filed: March 6, 2020
    Date of Patent: August 31, 2021
    Inventor: Evan Chase Rose